Digital sovereignty – is Europe going in the right direction to keep Internet infrastructure secure and open?

Event report

The session discussed the different ways in which ‘digital sovereignty’ has been embodied by governments and the intentions behind its usage. Panellists agreed that the European approach to digital sovereignty must fill technological infrastructure gaps by decreasing reliance on third-country suppliers and by building strategic partnerships with different stakeholders, including foreign players. 

Use of the term ‘digital sovereignty’ is gaining ground around the world, but countries seem to be using it in various ways and with different intentions. Most generally, digital sovereignty concerns the variegated mechanisms countries exercise to influence the internet and cyberspace. Moderator Mr David Frautschy (Senior Director, European Government and Regulatory Affairs, Internet Society) emphasised the importance of defining the idea of digital sovereignty and the objectives behind such a term to avoid harming the development of the internet. 

Ms Florence G’Sell (Professor of Private Law, Université de Lorraine) first expounded the multiple notions of sovereignty in cyberspace. Digital sovereignty, understood from the traditional perspective of state sovereignty, means authority over the virtual world, in the form of rulemaking and legislation. Other conflated terms include technological sovereignty, which refers to technical independence from foreign companies and nations; and data sovereignty, which refers to national attempts to subject data flows to national jurisdictions. Taken together, the EU attempt at digital sovereignty shows two concerns. First is concern over undue economic and social influence of non-EU technology companies, which threatens the integrity of European rules and fundamental values. The second concern is Europe’s dependency on foreign advanced technologies and the need to foster sectorial digitalisation. 

Ms Andrea García Rodríguez (Lead Digital Policy Analyst, European Policy Centre (EPC)) stressed two targets that European regulators must achieve through digital policy instruments. The first is to fill the gaps in digital infrastructure among European countries; the EU lags behind the USA and China. The second is to build bridges between the public and private industries, policymaking and academia, and between the EU and other significant countries. In particular, the EU must foster strategic partnerships and ease tensions with big players like China and the USA in order to safeguard the consequences of technology for fundamental rights. 

In contrast to the EU embodiment of digital sovereignty, other countries have developed variations to motivate their grip over the internet. Mr Johannes Thumfart (Senior and Postdoctoral Researcher, Law, Science, Technology & Society Research Group (LSTS)) mentioned two other alternatives – the Chinese and the Russian – in which states have interpreted sovereignty in cyberspace. In the 1990s, China framed its tighter grip on information circulation on the internet as ‘cyber or information sovereignty’, whereby the term took an anti-colonial tone and centred on the practice of censorship. The Russian notion of sovereignty was more aggressive in its efforts to localise data storage and propagate international campaigns, especially in its propaganda during Brexit and the recent US and French elections. Thumfart believes this to be the factor pushing EU policymakers to start thinking about taking back internet control. 

Speakers expressed concerns about the potential harm to small and medium enterprises (SMEs) of EU over-regulation and its negative consequences on overall internet development. G’Sell presented a long list of current legislation and warned against the risk of separating the EU from the rest of the world. Mr Jaromír Novák (Advisor to the Czech Minister of Industry and Trade, for digitalization, modern technologies and telecommunication) spoke about the Czech Republic experience. The most urgent goal, according to Novák, is to decrease reliance on critical infrastructure and to increase EU protection measures. By failure to focus on  varying competencies of different regions in Europe, EU regulations might shut out the rest of the world and become closed-door policies. Regulations might generate an excessive burden for SMEs to comply and further drive down innovation and growth. Thumfart also explained that US and Chinese technological companies can afford the costs of being heavily regulated when they enter EU markets. The SMEs do not have the same capacity and would, instead, suffer more than the initial regulation intended. 

When asked about whether EU policymakers understand the risks that might come with strides toward digital sovereignty through over-regulation, most experts stated that the regulators have their eyes on ensuring fundamental rights instead of mitigating unintended consequences. Fraustchy stressed that civil society groups should offer critical inputs and feedback to the policymakers to steer the discussion onto the right path. 

By Yung-Hsuan Wu