This is where the conversation gets uncomfortable, because for all of the removing emotions, the structured risk models, and trade-offs we’ve discussed so far; sovereignty discussions are not just about facts. They are also about perception, and that perception is often shaped by how “Big Tech” is viewed. Organizations may try to stay grounded in risk models. The wider debate doesn’t. It runs on trust, headlines, and a general discomfort with centralized power.
There is a persistent narrative of hyperscalers as large, opaque organizations that collect data, operate beyond accountability, and prioritize their own interests over those of their customers. In that framing, control feels distant, transparency limited, and the balance of power uneven. Whether fully accurate or not, that perception matters as it ultimately comes down to trust.
At the same time, this is also where the conversation drifts away from reality.
Because terms, contracts, and operational models are not arbitrary. They exist within legal, regulatory, and commercial frameworks. They define how data is handled, who has access, what obligations providers have, and how customers (data) are protected.
Within this context, it is important to distinguish between consumer and enterprise services. Free or consumer-facing offerings often operate under different terms and conditions, including how data is used and monetized. These models shape perception. Enterprise services, are governed by fundamentally different contractual obligations. Data processing agreements, regulatory requirements, and explicit customer-provider contracts define how data can be accessed, processed, and protected. Mechanisms such as encryption, access controls, auditability, and strict operational boundaries are not optional, they are contractual and regulated commitments.
Preferences
You might not like Windows, prefer Android over Apple, or run a hardened Linux distro on your personal devices, but the reality is that most users don’t optimize for purity, they optimize for what works; something that is integrated, consistent, and easy to use. They don’t want to stitch together multiple tools, manage compatibility issues, or deal with fragmented experiences. There is a reason companies like Apple built a successful tightly integrated ecosystems across devices, applications, and services: People value that experience and take the trade-offs that come with it.
The hard truth is that these integrated experiences don’t exist in isolation. They are continuously developed, improved, and secured through feedback loops. And that means usage data needs to be collected. Usage patterns, telemetry, performance signals, and security insights are used to improve reliability, detect threats, and refine the experience over time. Without those feedback mechanisms, these platforms would not evolve at the pace and scale we see today.
Open-source and self-hosted solutions are highly capable and flexible. They can replicate functionality and often provide greater control. But they typically operate without the same scale of centralized feedback and coordinated evolution. Innovation happens, but it is distributed, fragmented, and dependent on community momentum. The same capabilities often exist like secure login, hardware-based authentication, file synchronization, identity integration, etc but they typically require manual setup, multiple tools, and operational effort to achieve a comparable experience. You decide how to assemble it, how to secure it, and how to maintain it. And here comes that always nasty trade-off, responsibility, effort, knowledge and time.
At the same time, it’s important to acknowledge that much of the innovation in these ecosystems does not stay contained. Many ideas, patterns, and standards, protocols, user experiences, interoperability models, eventually make their way into the broader technology landscape, including open-source communities (some better than others). You may not always agree with the origins or the business models behind them, but they have played a significant role in shaping the standards and expectations the industry builds upon today.
Geo political views
Another dimension that cannot be ignored is the geopolitical context in which these platforms operate. Many of the technologies and platforms shaping today’s digital landscape originate from specific regions, primarily the United States. Like any country, it operates under its own legal frameworks, policies, and worldview. The same is true for Europe, China, and every other region.
For some organizations, that creates a legitimate consideration. Not just about technology, but about alignment; whether they are comfortable depending on platforms that are part of a broader economic and political system they may not fully share or control.
In that context, moving to a different ecosystem can feel like a better fit. It may align more closely with local values, regulatory expectations, or broader political positioning. But that does not fully remove the underlying dynamic as even when alignment improves, the dependencies often remain. Technology stacks, supply chains, software components, and global ecosystems are still interconnected. The influence of external jurisdictions does not simply disappear, it becomes less direct, but not necessarily irrelevant.
This dynamic is also driving the push toward more localized or “sovereign” systems. as for some it is not just about risk mitigation, but about conviction: Wanting to distance from a specific ecosystem, its policies, or its broader political and economic influence, which is everyone’s right.
But it comes with a cost.
Building or adopting localized alternatives often means stepping away from the speed of global innovation, from highly integrated platforms, and from ecosystems that are continuously evolving at scale. The question then becomes whether that trade-off is acceptable. For individuals, that choice is often easier. You can decide to walk away, accept limitations, and prioritize alignment over convenience or capability. Switch to an open-source phone system, develop/run European Linux workstations and buy European.
For businesses, that decision is fundamentally different. Organizations operate under competitive pressure, time-to-market constraints, and the need to continuously innovate while maintaining cost efficiency. Slowing down has consequences: Missed opportunities, reduced agility, and, in some cases, loss of market position.
This is not a “join or drown” argument.
Most people choose to fly to travel. They accept the systems, infrastructure, and dependencies that come with it, because it allows them to move quickly and operate at scale. Others, based on belief, conviction, or preference, choose not to fly and instead drive, cycle, or sail. That choice is valid; but it changes what is possible. You move slower, operate within a smaller range, and rely more on your own capabilities rather than a global system designed for efficiency and scale.
The same applies here. Stepping away from global technology ecosystems may create better alignment with values, but it comes at the cost of speed, reach, and access to innovation. For individuals, that trade-off can be acceptable. For businesses, the question is more pragmatic: not whether you can choose a different path, but whether you can afford the limitations that come with it.
Conclusion
I hope I’m getting my message through. At its core, sovereignty is not a binary choice; it is a series of trade-offs.
Much of the current narrative frames sovereignty risks as overwhelmingly high, almost existential. The reality is more nuanced, as we understand that these risks exist, but they vary by context, by workload, and by the way organizations choose to interpret and prioritize them.
And that’s exactly what needs to happen. You reallocate risk; sometimes based on structured factors like regulatory exposure, threat models, and operational control. Sometimes based on conviction that Europe must build its own capabilities or simply based on a belief in a different technological future. And sometimes it’s simpler than that: a lack of trust in, or a dislike of, Big Tech.
Those are all valid drivers. But they do not exist in isolation.
The global ecosystem (in which enterprises exist) does not adjust itself to individual decisions or regional convictions. It is competitive by nature, and increasingly so. Across that ecosystem, other players are making different trade-offs; accepting external dependencies to move faster, operating under different constraints, and prioritizing speed of innovation over control.
That dynamic creates a clear distinction.
Public sector and critical industries often operate within protected environments, where control and compliance take priority over speed. But commercial enterprises compete globally. They don’t have the same level of insulation or the luxury of trading these risks. As time-to-market, cost efficiency, and innovation velocity are not abstract considerations, they directly impact competitiveness and survival.
Which leads to a simple but uncomfortable reality: while organizations can choose how they assess and allocate risk, they cannot choose the pace of the environment they operate in.
Sovereignty, then, is not about eliminating risk. It is about consciously deciding which risks to take, which risks to mitigate, and which opportunities to potentially give up in return.
And that is the real question at the center of this discussion – not whether sovereignty matters, but how much you are willing to trade for it.
Intro: Digital Sovereignty
Chapter 1. Sovereignty Risks
Chapter 2. Hyperscale advantages
Chapter 3. Sovereign Europe
Chapter 4. Mitigating risks
Chapter 5. Conversations
Chapter 6. Terms and Conditions
Chapter 7. Ai to aiaiai