Digital Sovereignty, European Strength and the Data and Cloud Economy – in varietate concordia

Introduction

The journey towards the emergence of a strong Europe (or, to use the well-known French expression, of a Europe-puissance), is understood to be a critical topic by the Member States, the European Commission and the European Parliament. In this context, the European strength in the digital sphere is of utmost importance. Indeed, at a time when the European Commission proposes a new round of regulations on “contestable and fair markets in the digital sector” and publishes its 2030 Digital Compass ¹ on the European way for the Digital Decade, which recommends engaging in multiple multi-country projects (e.g., on a pan-European data processing infrastructure), European digital sovereignty will be a major issue for the upcoming French Presidency of the European Council.

Admittedly, there are major discrepancies in the way in which the concept of European digital sovereignty is understood across the EU, including in France and Germany. Against this background, this article, written jointly by a German academic and a French IT professional, will aim to propose a new path forward towards the consolidation of European strength in the digital sphere, based on the example of the successful launch of the Gaia-X European Association for Data and Cloud AISBL. ²

In the last two years a Franco-German team, supported mainly by the two Ministers of Economy, was able to set up an association which counts today more than 300 members, including large European users and all significant European, American and Chinese cloud service providers. Its governance system is built in compliance with the DG Competition requirements, while the composition of its board of directors is restricted to companies that are headquartered in Europe, association and academic institutions. Gaia-X is open to all those who share its basic values and underlying principles.

This successful experience can prove to be useful, considering the new EU-wide initiatives. Indeed, the European Recovery and Resilience Plan dedicates 20 percent of its overall budget of 750 billion euros to Digital Transformation and proposes a new tool to pilot the Digital Decade, the so-called Digital Compass, including a new governance structure and “a mechanism to organize with Member States those Multi-Country Projects that are necessary for building Europe’s digital transition in critical areas”. In this context, the setup of the Gaia-X Association can be seen as an inspiration, perhaps even a blueprint, for a mechanism enabling Member States to successfully select the strategic projects to be financed, relating both to data spaces and to infrastructure.

1) Digital Sovereignty vs Strategic Autonomy

The Gaia-X project has its roots in Industrie 4.0, i.e., the intelligent networking of machines and processes for industry with the help of information and communication technologies. Indeed, it quickly became clear that data sovereignty and trusted data sharing based on cloud services was needed to seize the innovation potential that Industrie 4.0 brings about. Gaia-X was initiated as a response to the massive shift of the German automotive industry, amongst others, towards the storage of data on US-based cloud platforms provided in particular by Amazon, Microsoft, and Google, which was always accompanied by a certain anxiety about data and cloud sovereignty.

Cloud platforms enable business growth, both through data-driven innovation scenarios and due to the flexibility gains and cost reductions compared to traditional data centers. But, looking beyond the automotive sector, the situation in Europe, when it comes to cloud computing, is characterized by two series of figures.

First, only 26% of European companies are using the cloud, with respectively 21% in France and 20% in Germany. These figures compare to more than 60% adoption of cloud services in Scandinavia and more than 50 % in the US. Not using cloud computing bears the risk of undermining the competitiveness of the European industry, from a costs perspective as well as in terms of a more limited flexibility and agility when it comes to leveraging innovative business models. Doctolib ³ , a startup setting up a platform between patients and doctors, for example, would not have been able to organize 15 million appointments in January 2021 without relying extensively on cloud services. Indeed, cloud platforms enable data sharing between several partners of a value chain and help overcoming the traditional company-specific silos data are typically buried in.

The second figure reflects the origin of cloud service providers, which are for more than 70% American and Chinese companies, with only one European company in the national top 3 of a country, i.e., OVH in France.

The main reasons inhibiting a faster adoption of cloud computing in Europe have been identified: portability, interoperability, and data sovereignty. Portability means the ability to switch from one cloud service provider to another at a minimum cost for applications, data, and infrastructure. Interoperability targets the ability to exchange data between companies using different cloud service providers. Data sovereignty refers to the self-determination of data holders with respect to their data, i.e., their ability to share data together with “terms and conditions” specifying and limiting the authorized uses of the data.

Industry actors have now launched major data spaces projects aiming to enable data sharing, for instance between the major automotive manufacturers, part manufacturers and equipment manufacturers in Germany with CATENA-X, or between aircraft manufacturers and airline companies with Skywise. The creation of data spaces is in progress in many other domains: smart farming, health, manufacturing, energy, finance, energy, mobility, smart city, all falling under a well-articulated plan regrouping the main stakeholders. ⁴

The European Digital Decade’s ambition of “75 percent of European enterprises having taken up cloud computing services, big data and Artificial Intelligence” by 2030 is but another way of saying that data and cloud in Europe should be properly used by 75% of European businesses in 2030.

The dilemma of digital sovereignty ⁵ vs strategic autonomy ⁶ can now be clearly stated: what is the best path for European businesses to benefit from the industrial data economy? Shall we create a European service provider able to compete with American hyperscalers? Or shall we achieve strategic autonomy in the most critical sectors such as automotive, health and energy, by following a multi-cloud strategy, using a combination of cloud service providers including non-European ones, provided they respect the rules in term of portability, interoperability, and data sovereignty?

France has tried the first option in 2012 with Numergy and Cloudwatt, launched by SFR and Orange with the support of the French government; the programs were terminated in early 2015 with no buy-in from users.

At the end of 2021 several countries (in particular France, Germany and Italy) initiated trusted cloud services for both the public sector and sensitive domains, where cloud penetration is given the highest priority and where non-European cloud technologies are accepted provided they are fully operated by European companies (e.g., Orange, Deutsche Telekom).

For the rest of the industry, the way forward is a combined push/pull scheme where pull is created by the incentives of data sharing within data spaces, and the push is a combination of cost and flexibility attractiveness, and the relaxation of obstacles with respect to portability, interoperability, and data sovereignty.

The pandemic has suddenly accelerated the digital transition by bringing an unprecedented amount of funding through a brand-new distribution mechanism relying on country recovery and resilience plans.

In this context, Gaia-X can be seen as pathway to leverage resources in Europe to strengthen its digital sovereignty and, at the same time, benefit from open collaboration in a multilateral innovation environment.

2) The Role of Recovery and Resilience Plans in the European Member States

The Recovery and Resilience Facility (RRF) provides grants of an aggregate amount of up to 338 billion euros and loans of an aggregate amount of up to 390 billion euros. EU countries have submitted national RRF Plans that describe the reforms and public investments projects they plan to implement with the support of RRF.

In each plan, countries have presented green and digital components which must reach at least 37% and 20%, respectively, of the overall amount. The major economies in Europe met this requirement. As a result, 25% of the funds received by France, i.e., 10.3 billion euros, are earmarked for digital projects, this figure being of 14.7 billion euros (52%) for Germany, 55.9 billion euros (29%) for Italy, 20.6 billion euros (29%) for Spain, 3.7 billion euros (22%) for Portugal, for a total of 136.6 billion euros (i.e., 28% of the total funding) at the EU level. ⁷ Most of the 136 billion euros will be spent on digital projects over the coming 5 years, with an overall industry priority on transportation, energy and construction.

This plan is entirely unprecedented, due to two factors. First, the amount of funding to be spent over the coming 5 years. Second, the plan has a peculiar governance system: each Member State has the responsibility of its strategic direction and execution, with the European Commission having defined the broad objective for the digital decade and taking a “checks and balances” responsibility for its implementation.

3) The case for a digital transformation with 150 billion euros of funding over the next five years

The target of 75% of European businesses using cloud services, big data and artificial intelligence by 2030 is leaving some flexibility for the intermediate milestone in 2025. We suggest setting the target at that date at 50%, which is already exceeded in Scandinavia and is estimated to be the level reached today in the US.

The Digital Compass, mentioned earlier, describes several multi-country projects currently under discussion under the RRF among which:

“Building a common and multipurpose pan-European interconnected data processing infrastructure, to be used in full compliance with fundamental rights, developing real-time (very low latency) edge capacities to serve end-user’s needs close to where data is generated (i.e. at the edge of telecom networks) designing secure, low power and interoperable middleware platform for sectoral uses, and enabling easy exchanges and sharing of data, notably for Common European Data Spaces”.

It is too early to have a precise picture of the articulation of the RRF country’s plan, but we can already see the major pillars of the action plan for data and cloud:

·         Infrastructural: a major effort dedicated to European cloud service providers to prepare the edge cloud era made possible by the proliferation of 5G. This endeavor among other topics is addressed by the Important Project of Common European Interest (IPCEI), currently under preparation.

·         Domain-specific business innovation: multiple industry specific data spaces efforts dedicated to the creation of several coordinated ecosystems in the major industries covered under the RRF: transportation, energy, construction, manufacturing, agriculture. The effort is threefold. First, creating the ecosystem ahead of evidencing the benefits of data sharing. Second, building the industrial data platforms by agreeing on data sharing mechanism. Third, preparing the methodology and process to build data spaces. These efforts have started with transportation – Skywise (Airbus and 130 airline companies) – and Automotive – Catena-X (BMW, Mercedes, Volkswagen, amongst others). Public funding as RRF will be useful only if the relevant industry is taking the lead while cloud adoption progresses. The success of data space endeavors is still difficult to measure, requiring better investigations of the economics and incentive systems of data sharing.

·         Regulation and Transparency: Removing the hurdles with respect to portability, interoperability and data sovereignty, while contributing to new digital regulations (Digital Service Act, Digital Market Act and Data Governance Act). The only way for this third effort is an articulated consensus between users, European cloud service providers and international service providers. The European Commission is intending to set up a European Cloud Rule Book, which can be inspired by policy rules that are already agreed upon.

The unprecedented challenge is to coordinate and implement this action plan with “many cooks in the kitchen”, i.e., the countries with their RFFs, the European Commission (monitoring and measuring), industrial partners (creating data spaces certainly not at country level but at least at European level), the European cloud service providers (investing jointly into the next generation edge cloud), the European Commission and the European Parliament (preparing the new round of regulations), and US and Chinese players (attracted by a doubling of the cloud market in Europe but not ready to give up easily the competitive advantages they have gained in the consumer market).

What makes the situation in Europe so special? In the US, for example, it seems to be commonly agreed that Google or Microsoft are legitimate to build the next generation of health platforms. This option seems impossible in Europe. Furthermore, in the US no one expects General Motors and Ford to form an Alliance to share data as we see it happening in CATENA-X. In China the jury is still out with the new round of regulations in preparation to favor the “Common Prosperity”.

4) Regulation vs innovation: finding the balance between protection and openness

In the Common Good Summit organized in May 2021 by Jean Tirole, a panel discussion included both the Economics Nobel Prize winner Bengt Holmström and Commissioner Thierry Breton. The MIT professor stated the opinion that because Europe is a collection of countries, it prefers to regulate instead of innovating, a view contested by the Commissioner.

Everyone in Europe agrees that the regulation of digital consumer markets came too late, after the GAFAM took an undisputed lead. Therefore, regulating industrial data sharing and cloud use is seen as urgent, before dominant positions are taken.

This endeavor will be challenging from a legal point of view. Establishing data spaces might be seen as creating a cartel in the two main cases of data sharing, i.e., sharing between competitors, like HERE ⁸ in automotive data collection (Audi, BMW and Daimler), and sharing between value chain partners, like Skywise (Airbus, Easyjet, United Arlines). Similarly, the setting up of common practices (leading to potential industry standards) in the use of clouds for portability, interoperability and digital sovereignty is severely regulated by DG Competition, which aims to ensure a fair competition for any provider operating legally in the common market.

To accelerate this process, a combination of regulatory sandboxes releasing temporarily restrictive regulations, plus the systematic use of ex-ante compliance mechanisms appears to be necessary. In other words, the best practices agreed upon during the sandbox period must be adopted by providers in their offerings at their initiative.

5) A Federated software and data infrastructure across Europe

When addressing Europe’s digital sovereignty at the “Digital Gipfel” 2019 in Dortmund, the German Chancellor Angela Merkel raised the point that Europe should have the ambition to be “capable of it all on its own”. Europe should strive to not only regulate, but, more importantly, to build the software and data infrastructure for the single European market by itself.

However, experience shows that a simple “follower strategy” might not be the wisest approach to achieve this goal. Europe must find its own architectural way when it comes to the design of a software and data infrastructure, because digital sovereignty – along with portability and interoperability requirements regarding data and services – is the embodiment of fundamental European values. A fair balance between the interest of the individual data holder and the legitimate interest of the community to make use of existing data (e.g., for healthcare purposes, not only in times of the current pandemic situation) is at the center of the debate about how to design Europe’s data economy. Balancing individual and common interests leads to an infrastructure design different from those currently proposed by private US or Chinese platform providers. The case for a more “democratic” design of cloud platforms is supported by recent developments regarding infrastructures for scientific and research data. For instance, the European Commission promotes the European Open Science Cloud, while the US is planning a “shared research infrastructure for Artificial Intelligence researchers and students”. ⁹

There is agreement among all stakeholders that Europe’s data and software infrastructure must prevent the emergence of centralized power with respect to data. This is remarkable, insofar as it requires blocking network effects from leading to a “winner takes all” situation. In fact, the infrastructure architecture must be designed in a way that prevents monopolistic effects from happening while at the same time utilizing network effects for maximum adoption of cloud services.

Europe’s infrastructure design is a federated one. It does not require central data storing, processing or distribution functionalities. Instead, the infrastructure is formed by distributed nodes in a data and service network. Nodes can either provide or use resources such as data. Providers remain independent and self-determined regarding their data and other resources; the network is open and non-discriminatory and both users and providers trust each other.

This is achieved through the establishment of four so-called ‘federation services’. First, a ‘federated catalog’ functions as a registry of all resources available in the network. Catalog entries comprise descriptions of the very resources (such as data and services) as well as policies to which the services adhere (e.g., GDPR) and conditions under which the resources can be used by other participants in the network. Second, ‘sovereign data exchange’ allows for the definition, exchange, processing and monitoring of data usage policies. These can be understood as the terms and conditions of the data economy. Examples are limitations to the number of read actions on the data, the prohibition to further distribute the data, the obligation to use the data only in a certain geographic area etc. Third, the ‘identity management’ ensures trust between providers and users in the network. Finally, ‘compliance services’ ensure the adherence of services to regulation as well as to self-defined claims as articulated, for instance, in their self-description.

The federation services facilitate the emergence and operations of data spaces. Data spaces are a data integration concept which does not require consolidation of data in one central place, nor the use of one single database schema. In contrast, data integration is achieved on a semantic level and data redundancies are possible. Thus, the natural design of data spaces effectively matches the federated nature of Europe’s approach to a data and software infrastructure.

Besides supporting data sovereignty and the interoperability and portability of data, a federated data and software infrastructure is also more flexible than central platform approaches. Nodes in the network can vary in scope, size, and function. They can be large cloud data centers, but also small edge cloud services which run on Internet of Things devices, next to an individual production line or also in a car, for example.

Such a multi-cloud landscape would also match varying requirements along the value chain. In precision medicine, for example, data would be collected at the ‘edge’ i.e., close to personal healthcare devices, then processed on large cloud platforms with more computing resources and, finally the data analysis results would be distributed back to the individual data and service consumer while adhering to trust and data sovereignty standards.

A compliance and labelling framework as envisioned by Gaia-X enables the control and governance of services that respect the federated software and data infrastructure principles. Compliance and labels are tightly interwoven. Labels are a means to achieve the desired level of trust without having to inspect lengthy and difficult to find service credentials, while compliance refers to the process of going through and validating the set of automatically enforceable rules to achieve the minimum level of self-description compatibility in terms of file format and syntax, cryptographic signature validation, attribute value consistency and attribute value verification. ¹⁰

6) Towards a roadmap for data and edge cloud in the context of the Recovery and Resilience Plan

Europe should create a vision that would render the topic of data sovereignty irrelevant in a decade, i.e., a plan that would enable data sovereignty to quickly become a reality for all cloud services which are offered and used in the single European market.

A roadmap towards this vision must rest on a set of strategic measures. First, it must be understood that Europe’s way in the platform economy stands in contrast to usual evolutionary paths. Platforms which are controlled by one keystone company (such as hyperscaler platforms) follow a path consisting of platform development, then adoption by various sides (providers, users, complementors) and finally scale-up. In the case of Europe’s federated data and software infrastructure the adoption of the idea comes first, prior to the development of the platform. Furthermore, the process is not managed by one single agent, but rather an entire ecosystem consisting of multiple stakeholders. That has enormous potential regarding cloud adoption but is slow when it comes to design and development. Thus, the infrastructure design should not only focus on developing software services, but also define a certifiable standard that can be adopted by third party developers. The deliverables of Europe’s journey to a federated data and software infrastructure must therefore be threefold and comprise a design specification, an open-source software implementation and a means to test and certify adherence of services to the specification.

Second, Europe should embrace the variety and diversity of the future cloud service landscape in the single European market, which will be characterized by large cloud data centers on one hand, and a higher number of small edge cloud services on the other. The former will also in future be dominated by large platform providers mainly from outside Europe, which is why Europe should have a strong interest that its certifiable cloud standard is adopted by those platform providers. The latter, i.e., edge cloud services, is a market segment where Europe has large potential to achieve significant market shares on its own. Europe is good when it comes to Industry 4.0, the Internet of Things and embedded systems – which are all closely related to edge cloud computing. Thus, strategic funding and investment measures (such as the IPCEI for Cloud Edge Infrastructure and Services) should focus on the edge. It is therefore important that Europe is open for collaboration with non-European partners when it comes to setting certifiable standards and focuses on European edge cloud service providers when it comes to investing money from the recovery plan.

Third, as mentioned briefly before, Europe should follow a clear open-source software (OSS) strategy regarding its data and software infrastructure. OSS is a trust anchor in itself, because the source code is open for everyone to read and contribute. Thus, “black boxes” are avoided. Furthermore, it allows the activation of the many which is an appropriate reaction to the fact that in Europe there is no one single agent which is both willing and capable of investing the resources required to build a competitive alternative to hyperscaling platforms. Apart from that, the “for all” nature of an infrastructure matches the fundamental governance and development principles of OSS. Moreover, the open approach to the data and software infrastructure contribute significantly to Europe’s overall OSS strategy, which embraces principles such as re-use, sharing, security and open innovation processes. ¹¹

Fourth, Europe must foster the adoption and scale-up of its federated data and software infrastructure. The federated nature prevents “centers of data gravity” from developing, but still the infrastructure follows network effect principles. The more demand for data resources is created, including by public agents as users of cloud services, the more attractive it will be for data providers.

Finally, Europe should not limit its efforts to the passing of new regulations,but should also embrace the notion of “compliance by design”. The federated software and data infrastructure must be designed in a way that it allows the automated testing and monitoring of service compliance to standards and regulations.

Europe sits on a treasure of data. A federated data and software infrastructure is a mandatory prerequisite to be able to leverage this data treasure for its own benefit and to make sure not to become a colony which will be exploited in the digital space.

7) The pioneering approach of Gaia-X: achieving legitimacy in formulating the need for a strategic autonomy

The Gaia-X project was initially announced at the aforementioned “Digital Gipfel” in Dortmund in October 2019. The first task of the Franco-German team was to agree on a common position paper (in line with the joint announcement of Peter Altmaier and Bruno Lemaire) describing the objectives of Gaia-X. The paper was published in February 2020 ¹² – exactly on the day before the publication by European Commission on the European Strategy for data. ¹³ The position paper identifies as key objectives the second and third pillars identified in section 3.

On June 4, 2020, a group of twenty-two companies (eleven French, eleven German) consisting of seven user companies, eleven cloud service providers, two academic institutions and 2 industry associations announced their intention to create a not-for-profit association under Belgian law to implement the objectives of Gaia-X. The summer of 2020 was then dedicated to establishing the article of associations and setting up the technical basis of the association, i.e., policy rules, architecture of standards and reference implementation. The main hurdle was to forge a consensus vis-à-vis the non-European cloud service providers: welcoming them as members but restricting the board to representatives of European companies. By mid-September the association was created as an AISBL under Belgian law, requiring a royal decree for the effective creation at the end of February 2021.

To gather the community that has formed around the shared vision of cloud and data sovereignty, a first Gaia-X summit was organized in November 2020, attracting more than 4500 participants. Users sent top executives to explain how they intended to create data spaces. Most of the European cloud service providers and all the major US service providers presented their expectations and positions. As from March 21, the board, composed of one representative per original member, was created and the CEO and CTO were recruited. By that time more than two hundred companies have declared their intention to become members of Gaia-X coming from around twenty countries.

It was also important to secure the buy-in from European countries. Thus, it was decided to create national hubs to regroup national players and, in particular, to build local ecosystems of users. At the end of 2021, there were already fourteen hubs in most of the large European countries, with a tight connection with the local governments; this proves to be essential in the multi-country approach chosen for the digital decade. Gaia-X is now taking up operations with a new board elected early June 2021, including representatives of seven European countries and a clear 5-year strategy endorsed by Member States through their participation in national hubs and the government advisory board. Non-European Hubs are also in preparation.

Gaia-X takes part in Member States’ strategy by contributing both to the creation of Platforms such Catena-X (which indicated that it intends to use and adhere to the Gaia-X standards), as well as well as for the launching of the aforementioned “trusted cloud” strategies.

The French Secnum cloud strategy announced in May 2021 makes explicit reference to Gaia-X. ¹⁴ This strategy authorizes the GAFAM to license their software to French suppliers, the latter being able to operate the software in their own sovereign clouds. Gaia-X supports this approach, which should be generalized at European level with the upcoming launch of EUCS (European Cybersecurity Certification Scheme for Cloud Services) aimed at harmonizing the certification principles of the different member states.

8) Gaia-X in the context of Europe’s AI strategy

The success of Gaia-X will hopefully help achieve the objective of having 50% of European businesses contributing to data spaces and using cloud services by 2025. This is a first necessary step, which needs to be complemented by a similar effort in data analytics and artificial intelligence for the industry sectors.

In this respect, France and Germany had two separate initiatives: “Grand défi” in France and “Plattform Lernende Systeme” in Germany. At the end of 2020, it was decided to join their efforts to produce a Franco-German position paper: “Speeding up Industrial AI and trustworthiness”, presented at a conference in March 2021. ¹⁵ The landscape has many similarities with the one of Gaia-X : difference between AI for consumers and industrial AI, necessary adoption by users, dominance of US and Chinese players , growing maturity of the topic giving a key role to academics. The multi-country scheme is in preparation and the RRF funding is also dedicated to AI.

Access to industrial data is critical for the development and adoption of AI in industrial domains. The creation of data spaces is a necessary first step, which enables multilateral cooperation between different ecosystem members. Many domains, such as healthcare or material science, require, in addition to that, the combination and integration of industrial with scientific data. Significant innovation potential can be realized through bridging these data domains, which so far often exist independently from each other. Gaia-X supports this endeavor by considering data usage requirements from both realms. This may well be one of the reasons why both industrial companies and academic organizations are widely represented in Gaia-X.

9) Towards a blueprint for European innovation ecosystems

The next four years are crucial for the Digital Transformation of the European industry. The importance of defining an industrial strategy has often been pointed, but there are contrasting approaches in different countries to the respective roles of industry actors and governments in its implementation.

The European Commission is initiating a new scheme with the “Digital Compass”, leaving to Member States the responsibility of designing their recovery plans with (overall) ten years objectives. The data and cloud strategies are explicitly mentioned as an area where this “multi-stakeholder” picture will be applied. By design, a European strategy for data and cloud cannot be implemented separately in each country, since efficiency gains are linked to economies of scale and economies of scope.

Therefore a coordination between Member States is required, relying on certain agreed principles, i.e., (i) a combined approach of ”top-down” standard setting and support of “bottom-up” data spaces initiative, (ii) a multi-dimensional public-private partnership relying on the combined involvement of the European Commission / Member States, providers / users, European / international technologies, (iii) clear provisions that support from recovery plan can only be  received when the agreed standards are used and implemented.

At the initiative of industry actors, associations similar to Gaia-X AISBL should be formed to express “the voice of the industry” and orchestrate the multi-stakeholder process by establishing both a forum for each relevant industry (health, automotive, energy…) and national hubs.

The underlying rationale of our proposal is, we believe, a fundamental European value, i.e., the power of sharing. The sharing will be either organized by international companies ready to spend what it takes to pump-prime sharing (as it has happened in the consumer market) or industry actors themselves taking the unique opportunity of the recovery plan supported by European governments.

1. See European Commission (2021), 2030 Digital Compass: the European way for the Digital Decade, Brussels.
2. See https://www.gaia-x.eu/.
3. See https://www.doctolib.fr/.
4. See https://gaia-x.eu/sites/default/files/2021-08/Gaia-X_DSBC_PositionPaper.pdf
5. Digital sovereignty refers here to the application of the principles of sovereignty to the fields of information and communication technologies. It has often been understood through the lenses of the development and implementation of computer system alternatives to those governed by US laws (operating systems,messaging, search tools,…). Nowadays, the scope of concept is further increased by referring to ‘data’ sovereignty rather than digital sovereignty, thus pointing to the self-determination of the data holder regarding the use of personal and industrial data (rather than the nationality of the tools used to process data).
6. Following up on the conclusions of the European Council of December 2013, we propose to define strategic autonomy as the capacity of the European Union to defend Europe and act militarily in its neighborhood without being dependent on the US. Initially used in the context of the shaping of defense strategies, the concept of strategic autonomy today encompasses the economy, the energy sector and digital technology. In addition to ensuring a “level playing field”, which is the responsibility of DG Competition, the objective of strategic autonomy is to ensure that the EU is not heavily dependent on the US in strategic areas.
7. European Union countries’ recovery and resilience plans-Bruegel Institute July 14, 2021. Some countries have not submitted their RRF plans when these figures have been collected (as Nederland) explaining the gap between 136,6 B€ and the expected 150 B€ for Digital
8. Here is a company owned by the three major German automotive manufacturers and Intel that provides mapping and location data related services to individual and companies using data collected through connected cars of manufactured by the partners
9. See https://www.federalregister.gov/documents/2021/07/23/2021-15660/request-for-information-rfi-on-an-implementation-plan-for-a-national-artificial-intelligence.
10. See Gaia-X (2021), Gaia-X Architecture Document, 21.09 Release, Brussels, and Gaia-X (2021), Policy Rules Document, 21.04 Release, Brussels.
11. See European Commission (2020), Open Source Software Strategy 2020 – 2023 (Think Open), Brussels.
12. See https://www.bmwi.de/Redaktion/DE/Downloads/F/franco-german-position-on-gaia-x.pdf?__blob=publicationFile&v=4
13. See European Commission (2019), European Strategy on Data, Brussels.
14. The announcement states: “Why Gaia-X? The fluidity of the cloud market must not be hampered by technical difficulties linked to the change of supplier or to the vertical integration of solutions. As such the government fully supports the GAIA-X association and the architecture of standards that it will implement. Thus, European companies will be able ,thanks to GAIA-X, to compare, select and build cloud solutions with the assurance that their data will remain under their control by making possible to change cloud provider in a simplified way”
15. https://cris.vtt.fi/en/publications/franco-german-position-paper-on-speeding-up-industrial-ai-and-trustworthiness