Amid a tech landscape where most gatherings revolve around AI, one topic emerged as the secret star this week at OpenInfra Summit Europe in Paris: digital sovereignty.
From keynotes to hallway conversations, European policymakers and infrastructure bosses converged on a single lever for busting the grip of American cloud and software giants: open source.
- Why Sovereignty Is Suddenly So Urgent in Europe’s Tech Strategy
- Open Source as the Control Plane for Sovereign Cloud
- Moves in Public Sector Begin to Accelerate
- Cost, Contracts, and the Vendor Squeeze in Europe
- Catalysts: Security and Certification Drive Adoption
- What Comes Next for Europe’s Open Source Sovereignty
The premise is straightforward. If the code is open, the roadmap transparent and the stack deployable on European soil, then governments and businesses can decide where data resides, how systems interoperate and who gets access to what. And that shift is no longer hypothetical; it’s playing out in how the government buys tools and cloud platforms, not to mention national cloud programs.
Why Sovereignty Is Suddenly So Urgent in Europe’s Tech Strategy
Geopolitics and policy have slapped a clock on dependence. European leaders point to extraterritorial laws like the US CLOUD Act, necessity for scale of GDPR compliance, and the demand not to have, through price pressure, been locked in the cave by a proprietary vendor. The Digital Markets Act, the Data Act and the future EU cloud cybersecurity certification scheme are changing the way we source and secure critical digital functions.
This is not just ideology. According to a European Commission–supported study from Fraunhofer ISI and OpenForum Europe, open source drives €65–€95 billion worth of economic activity annually in the EU and could create hundreds of thousands of new job opportunities if adoption picks up. Those numbers provide political cover to invest in open tools and skills instead of just “buying more U.S. capacity.”
Open Source as the Control Plane for Sovereign Cloud
And the collection of Europe’s sovereign stack is increasingly being assembled upon OpenStack, Kubernetes, and open storage like Ceph — with eyes on components that can be audited, forked if necessary, and hosted locally.
France’s Ministry of Economics and Finance has been deploying NUBO (which translates to “cloud” in Esperanto), a private OpenStack cloud for sensitive workloads, with Kubernetes as the next layer. The ultimate target is a forked, sustainable distribution that can outlive any individual vendor contract.
And native European cloud providers are lining up behind that blueprint. OVHcloud runs national-security-qualified sovereign offerings, while Deutsche Telekom’s Open Telekom Cloud and STACKIT (from the Schwarz Group) are OpenStack-powered platforms hosted in EU data centers. Germany’s Sovereign Cloud Stack project is another effort to package up a fully open operator-ready cloud reference architecture that can help soften redundancy while raising computing skills across providers and public agencies.
This is not about isolation, but resilience. Infrastructure leaders highlight the need for workloads to operate across global environments — containers, confidential computing and AI tooling — all while offering a security domain without sacrificing operational control or legal jurisdiction.
Moves in Public Sector Begin to Accelerate
A number of governments and communities have had success going from pilots to production. The German state of Schleswig-Holstein will exchange Microsoft Exchange for an open-source-based groupware — part of a plan to become less dependent on proprietary vendors that include Microsoft and Oracle. Nextcloud met the Austrian Ministry of Defense’s needs for secure file sharing and collaboration, as well as data control and scalability.
Internally in the EU institutions, this has led to the setting up of a Commission Open Source Programme Office and an Open Source Strategy which aims to encourage greater reuse of code and make more software developed using public money available for publication.
And with new leadership portfolios, such as an executive for tech sovereignty, sourcing decisions are now strategic levers — no longer business shoes that IT people wear.
Cost, Contracts, and the Vendor Squeeze in Europe
Economics are buttressing the narrative of sovereignty. Market-leading productivity bundles having their prices hiked and then the licensing model changing following headline-grabbing acquisitions mean TCO alarm bells are ringing. There were steep price hikes for many European businesses around the time that VMware was bought out and, because of those, subscriptions surged to a pace with which they had not been coming in at, flowing customers into open virtualisation and OpenStack-based options.
Open tools like LibreOffice on the desktop and Collabora Online in the browser have thrived as a result of that climate. Feature parity with proprietary suites is still a case-by-case assessment, but the calculus now includes exit costs, legal exposure and freedom to scale on local infrastructure without renegotiating global terms.
Catalysts: Security and Certification Drive Adoption
Security standards are becoming market makers. National certifications such as SecNumCloud in France and fledgling EU-wide schemes are developing a top tier for operators demonstrating data residency, administrative independence from other legal jurisdictions and resistance to foreign legal access. Open source helps clear those bars by allowing for transparent audits and domestic supply chains when it comes to updates and patches.
Europe’s security community also cites the practicality of open systems: faster responses to vulnerabilities, broader peer review and the ability to keep forks alive when vendors lose interest. This is an appealing trade-off in critical infrastructure, for which lifecycle control can matter as much as feature velocity.
What Comes Next for Europe’s Open Source Sovereignty
The focus is moving away from policy statements to capacity development. Look for increased investment in regional cloud operators as well as university programs around cloud-native operations and more public–private partnerships to package sovereign-ready distributions. The Interoperable Europe Act, and the ongoing data-spaces initiatives across sectors from health to manufacturing will drive common standards encouraging open implementations.
Europe isn’t “ditching” U.S. tech so much as it is rewiring its dependence on it. Open source is the engine for that rewiring — one that allows European firms to maintain local data, escape single-vendor lock-in and yet still tap into global levels of innovation. The momentum is there, and this time it’s being made for all to see.
