On Wednesday 22 March CIONET hosted the international conference CIOFEST on the critical theme of “Digital Sovereignty”. The event was staged online at the international level, and locally during physical events in nine countries, i.e. in Poland, Germany, The Netherlands, Belgium, France, Italy, Spain, Portugal, and in the UK.
Our international panel involved:
During the opening, we connected to Munich where Hendrik Deckers, founder of CIONET and Hans Roth, Sr VP and GM Red Hat EMEA, introduced the subject of Digital Sovereignty, with a specific focus on the role of the Open Source community in this matter.
Hans and Hendrik also seized the opportunity to launch the CIONET COOKBOOK N°2 — the new CIONET publication that gathers recipes for digital success from 20 leaders as well as their innovation playbooks. In short, an indispensable guide for the modern CIO.
Following this brief introduction, the scene moved to the Data Spaces Symposium in The Hague, where Claire Stolwijk, Senior Researcher at TNO, the leading Research and Technology Organisation in the Netherlands, took the floor to present the results of a joint CIONET - TNO research on the topic of Digital Sovereignty, realised in the last 6 months. The research was based on interviews with twenty CIOs from across Europe.
Claire revealed that for the CIOs the strategy for Digital Sovereignty is primarily driven by the wish to secure the value of their data and data sharing. And as most companies are already intensively using public cloud, they become concerned with digital sovereignty as soon as it relates to business critical or sensitive data. In this context it is rather surprising to notice that only a few CIOs indicated they performed in-depth assessments of the new data-related European legislations.
The research showed that the main concerns of the CIOs with regard to (the lack of) Digital Sovereignty is linked to their lack of control of a complex digital landscape, the fear of missing business opportunities due to a lack of global reach of smaller (European) cloud and data sharing offerings, and lock-in effects of existing digital infrastructures.
The CIOs expressed regret that there are no European alternatives with scale for the use of the services of hyperscalers. They also indicated a way forward with the aims of developing the necessary technology, standards and building a leading legislative framework.
Two paths, for CIOs and policy makers, were singled out. The first one involves the creation of Digital Sovereignty strategies, complexity management and a balanced cloud strategy highlighted by the opportunities of new European legislation. Strengthening Digital Sovereignty by policy makers is a balancing act since the open economy needs to be taken into account as well.
This could be an opportunity for Europe to become “the Switzerland of data”! This was the final note struck during Claire’s presentation, before the action moved to the virtual space and the international panel was started.
In the international panel, Daniel Eycken moderated a free-flowing discussion on the basic aspects of Digital Sovereignty.
First question was addressed to José Senra, Senior Director at PepsiCo. Daniel asked about the relevancy of Digital Sovereignty to a digital leader in an organisation. From José’s answer we learned that the CIO has a new mission in the current data economy, where it is crucial to treat data as an asset, as a key value for the company. Six aspects remain important in this context: velocity of data access, data fluidity (localisation aspect), agility (option to scale up), security, data quality, and finally sustainability. Today, Digital Sovereignty is a burning platform, because the world is changing rapidly in terms of technological evolutions, geopolitical pressure, growing awareness of the consumers, and the pace of legislative initiatives. We are today witnessing an AI battle, engaging on the front of security and modelling new legislations accordingly.
The second question, for Matthijs Punter of TNO, took us to focus on the main constraints for the CIO to realise his new mission, as described earlier. Among these hurdles is the lack of control of the data. 92% of Europe’s data are being stored outside of Europe, mainly in the US. A few global Big Tech players dominate the digital landscape. There is no level playing field whilst they hold most of the infrastructure. Digital Sovereignty remains a question of high complexity and many uncertainties as countries legislate independently and the EU Tribunal adjudicates on data protection cases such as Schrems II. Risks come from the lack of transparency on data processing, the lack of standards for interoperability between current players, and increasing cyber threats.
Pierre Chastanet of the European Commission, commented that things might have gone wrong a few years ago. From a plethora of cloud providers, the market integrated quickly and not without influence from public procurement (Chinese government, American Ministry of Defense).
Europe always had a very open economy which is great as long as all trading partners play the game by the same rules. The EU is creating common legislation to set or clarify the rules. The Data Governance Act and the Data Act build a framework for the sharing and use of data by businesses and governments across the EU. The focus of the legislators is on interoperability and security.
Also, the European Commission has dedicated almost 70% of its funds in the post-covid recuperation programs to digital transformation. The investments will go, among others, to initiatives such as the Industrial Data Cloud and Data Spaces, thus creating the right environment for Europe, that should even become an example for the world to follow.
Francesco Bonfiglio, CEO of Gaia-X explained the role of his organisation in the future of Digital Sovereignty for Europe and beyond. Gaia-x is a European-wide advocate of Digital Sovereignty and an accelerator of innovation elaborating spaces for secure data sharing in a decentralised way. It is a multitude of individual platforms complying to common standards and frameworks.
Francesco sees the role of Gaia-X above all as building the foundations in terms of technological framework, standards for the infrastructure and tools that can offer the trust needed for data sharing. He used the concrete example of the fragile value chains in the car manufacturing industry and the tools Gaia-x provides for its digitalisation. The different initiatives and projects set up by federations across Europe will, in a next phase, connect to each other and at the end form a new digital European landscape.
Matthijs Punter remarked that convergence is already happening at symposiums such as Data Spaces in The Hague where more tools and solutions according to the given standards are being set at CIOs’ disposal.
Francesco continued to show that setting standards can boost a market. He referred to the example of the GSM. Once the European standard was set, Nokia and Ericsson conquered the market and set an example for the rest of the world. Pierre Chastanet (European Commission) added that standardisation does not build walls around Europe but fosters cooperation and invites investment in green fields.
Dave Sloan of Microsoft, the American guest of the conference, pointed out that Microsoft’s position as a hyperscaler has changed dramatically in recent years. Today it can be described as an attitude of humility and sense of urgency. Microsoft is forging alliances with European players and adapting to the changing needs and regulations. The aim is to back the business in their activities and act as an enabler. Solutions are developed to allow for the Azure cloud to have new sovereign offerings.
In the later part of the international panel, the discussion turned back to the role of the Open Source Community, as introduced by Hans Roth during the interview with Hendrik, at the very beginning of the event. Francesco Bonfiglio and Pierre Chastanet stressed that the open source community remains a crucial constituent element of the solution but not necessarily the solution itself. Francesco touched on the example of Microsoft’s .NET environment (having become open after initial paid release) and described how open source can build trust.
The desired way forward towards Digital Sovereignty will be very much linked to the open source philosophy: it will be based on open competition between many players and possibilities for the federation of components and solutions freely available to everyone.
Daniel’s final question addressed the future. What are the recommendations for the CIOs of tomorrow?
This was answered by Jose Senra and Matthijs Punter: create awareness, build a digital sovereignty strategy, define roadmaps and, in the end, also assure sustainability both for the business and the planet. Dave Sloan added the remark that the world has changed rapidly and we all need to frequently re-examine assumptions. We might need to look anew at the role of the hyperscalers, like Microsoft, in the context of Europe’s way to digital sovereignty.
The international panel concluded with four questions from the audience. Davio Larnout, CEO of Radix in Belgium asked about data appropriation through AI tools such as ChatGPT. Would the emerging AI sector be an issue regarding Digital Sovereignty? Dave Sloan of Microsoft, in an attempt to answer from the active player’s point of view, noted that data internalisation by ChatGPT will be handled in the commercial version and pointed out that the engine started adding source attributions to its answers.
Pierre Chastanet and Francesco Bonfiglio reacted to a question regarding country differences within the EU, saying that different cloud readiness was indeed observed among the countries but that a strong will to cooperate as well as the EU funding and regulatory help might allay the problem. Pierre indicated that 75% of European enterprises are expected to use cloud solutions by 2030.
The next question from Ricardo Cruz Correia (Portugal) was double and referred to the alignment between the EU’s Data Spaces and the Gaia-x agenda. Ricardo approached the political side of Digital Sovereignty as well, asking whether a European alignment on health care requires a European “Federal” institution or approach. The answers from Pierre (EC) and Francesco (Gaia-X) stressed the importance of a federated model in data sharing, where a doctor has access to health data across Europe, but Francesco took a distance from the idea of a politically unified health system. The solution to be implemented in the EU will be more about ambitious interoperability, accessibility and standards but across nationally diverse systems.
From CIONET Spain came a question by Luisal de la Cruz who wondered if Data Sovereignty regulation is protectionism rather than free market.
The response from Gaia-x’s CEO, Francesco Bonfiglio, and the rest of the panellists was equivocal in stressing that the basic objective is to level the playing field. It would mean inviting everyone to build the foundations of an open data economy in which everyone can compete and thrive.
With the international CIOFEST conference on Digital Sovereignty, we hope we have been able to help clarify the question, and above all, raise awareness on what is really at stake for the CIO in Europe. Or as our Polish colleagues put it: “even the CIOs who originally claimed that the issue of Digital Sovereignty did not keep them awake at night, came back to us at the end of this conference, saying “maybe it should”.
Follow our social media and blog for more insights. We will be publishing a regular series of concise conclusions from CIOFEST together with an invitation to our next conference:
“CIONEXT: Digital Innovation Now” on 26 April, 15:00 CEST
Thank you for participating and sharing your interest in the global data economy. We are the largest community of digital leaders around. You can gain many insights and build your connections network by becoming a member. Join us now!