Europe has been pursuing a digitally sovereign strategy for many years. The strategy entered the limelight back in 2019 when Ursula von der Leyen, European Commission President, called for Europe to “achieve technological sovereignty in some critical technology areas.”
With war on the edge of the EU, and an apparent breakdown of the rules-based international order, European governments are seeking full control of their technology with ever more urgency.
The definition we hear most often from our European government customers is “the ability to operate our technology even if we’re the last country we can rely on.” That means real digital sovereignty equates to ensuring a government has the decision-making power and technical flexibility to completely self-manage a solution, and having the ability to easily choose and switch between trusted vendors.
Governments must have agency over the technology they use
Genuine digital sovereignty goes far beyond a European government buying European software. It means a government not having to rely on a specific vendor - European or otherwise. A vendor can disappear, or go rogue, for a variety of reasons; from chasing profits to ending up with an HQ that is in a country that has become hostile.
In a world that can no longer trust interdependence, a government cannot leave itself vulnerable to the threat of critical digital services being withdrawn. So a government is left with the choice of developing and maintaining all its own technology - the antithesis of focusing on core competencies - or working with industry to build digitally sovereign technology that guards against vendor lock-in to ensure a government has autonomy over its technology.
Open source software and ideally open standards provide a large part of that model. The transparency of open source software makes it ideal for digital sovereignty. Even if governments use an upstream vendor for a particular solution, the majority of the underlying code is available as FOSS which gives governments the ability to bring the solution in-house or change vendor, which is even easier if the solution is based on an open standard, as it will encourage a vibrant ecosystem.
Europe, as a continent, already has a strong open source industry. EU countries account for 22% of GitHub repositories accounts, comparable to that of the United States (23%) and substantially higher than that of China (≈10%). It makes perfect sense for Europe to build on its open source strengths and work to super-charge its open source software projects and companies.
Europe is making good progress in supporting open source and open standards as a matter of public policy. The European Commission's DG DIGIT has an open source software strategy which is being renewed this year, Europe possesses three European Standards Organisations, including CEN, CENELEC (together CEN-CENELEC), and ETSI, and it has in the past experimented with open source funding through the Next Generation Internet programme.
Governments need to stoke the ecosystem, not compete with it
For all the positivity, there is still much more that could be done. European open source software is underfunded, and overly reliant on volunteer ecosystems and SMEs which have to fight to get paid. There should be more investment, better procurement mechanisms and institutional mechanisms to aid the development of durable open source products, companies, policies, and infrastructure.
Open source needs to be recognised for its transparency and sovereignty. The subscriptions that have been paid to US vendors should be redirected to European upstream vendors, rather than being allocated to in-house bespoke software development. That means integrating open technologies into industrial and public procurement policies, and aligning national strategies around open technologies that transform latent strength into increased sovereign capability.
If executed properly, the positive impact of open source strategies goes beyond sovereignty. Each euro invested in open source software multiplies its impact across the European economy, not only helping to ensure sovereignty but also driving economic growth and job creation.
Open source, AND open standard
The relationship between European governments and European open source software is symbiotic. It is hugely inefficient for governments to build and maintain their own software solutions from scratch. They need to work with software vendors. However, a European open source software vendor cannot promise genuine sovereignty if its product locks customers into that vendor. Being locked to a vendor, even if it’s European and open source, is not fully sovereign. Both sides need to commit to the principle of interoperability.
In the context of communications - Element builds on the Matrix open standard. Implementations of Matrix components are FOSS, as is the majority of Element. A government can take a Matrix-based solution in-house if circumstances dictate. The French government was an early adopter of Matrix and, with some support from Element, has created and now maintains Tchap (and LaSuite).
Other governments, including Germany and Sweden, subscribe to Element’s enterprise-grade product built for governments. That removes the maintenance burden, and ensures out-of-box enterprise-grade scalability, features and compliance - along with SLAs, technical support and all the rest of the benefits associated with traditional commercial software. That’s a standard buy or build decision.
The benefit of interoperability is that, should Element turn out to be problematic, a government can turn to any other vendor in the Matrix ecosystem rather than face the significant challenge of a ‘rip and replace’ solution. This is the power of choice that is so important within digital sovereignty. It doesn’t mean doing everything yourself, it means working with open source software vendors that are part of a competitive ecosystem built on a common standard.
Open discussions
We doubtless all wish that the drivers for digital sovereignty are less fundamental than national security. Never-the-less it is exciting to see European governments reappraise their use of technology and embrace open source software from European vendors. This is an opportunity to improve the resilience of our nations, and strengthen our ability to negotiate with other countries. It brings with it the opportunity to transform our ways of working, and perhaps be less vulnerable to huge centralised systems that have the power to destabilise. And every Euro of tax-payers’ money invested in European open source is also an investment in Europe’s economy.
Amandine Le Pape is Co-Founder and COO at Element and Co-Founder of the Matrix.org Foundation, as well as a founding member and the Head of the Business and Impact Section at the European Open Source Academy.
