Digital sovereignty – “True independence means having a choice.”
Prof. Dr Thomas Hess, an expert in the digital economy, on digital sovereignty, common misconceptions and practical ways to strengthen digital independence.
We hear a lot about digital sovereignty. What does it actually mean?
The term is still used quite differently depending on who you ask. That’s often the case with topics that are both complex and evolving – it takes time for a common understanding to emerge. But one thing is becoming clear: digital sovereignty is essentially about being able to act independently in the digital world. A practical way to think about it is in terms of choice, or, more specifically, the ability to switch. If a company can replace its office software quickly and without losing significant amounts of data, it’s digitally sovereign in that respect. The same applies to governments. If a public authority can replace a login or authentication system without citizens or employees losing access, and without disrupting essential services, that’s digital sovereignty in practice.
Prof. Dr Thomas Hess heads the Institute of Digital Management and New Media at Ludwig Maximilian University of Munich. He has served on Bechtle’s Supervisory Board since 2012. Prof. Hess was not involved in the development of the Sovereignty Index referenced in this interview.
Q: You emphasise the ability to act independently in the digital sphere. What about the technologies involved?
Technology obviously plays an important role. But one thing digital sovereignty is not – and this is a common misconception – is self-sufficiency. In a digital context, complete self-sufficiency would mean relying exclusively on IT components developed and manufactured domestically, or at least within your own economic area. That’s simply not a realistic goal, either in practical terms or in terms of cost.
Where should organisations start if they want to take meaningful action?
My advice is to begin by getting a clear picture of the components deployed across your organisation’s IT landscape. In large organisations, that’s often easier said than done given the complexity of today’s IT environments. Fortunately, there are now tools that can help, such as Bechtle’s Sovereignty Index. The next step is to identify the systems you couldn’t realistically replace at short notice and assess how critical they are. Once you understand those dependencies, you can decide whether you want to create alternatives – and what you’re prepared to invest in them.
One thing digital sovereignty is not – and this is a common misconception – is self-sufficiency.
Prof. Dr Thomas Hess
And that’s where many organisations hit a roadblock.
Exactly. That’s where many efforts to strengthen digital sovereignty in Germany have stalled in recent years. In the end, many organisations simply weren’t prepared to pay a premium, for example to host their data in Europe. Given the current geopolitical situation, though, I expect that attitude to change.
What does that mean for the public sector?
There are two dimensions to consider here. Much like private-sector organisations, public bodies need to ask themselves how easily they can replace critical systems and services. That applies across the board, from government agencies and universities to state-owned enterprises such as Deutsche Bahn. However, many of these organisations are part of the country’s critical infrastructure. As a result, they’ll often set a higher bar when defining their requirements than a commercial enterprise would.
But that’s not the whole picture, is it?
That’s right. Governments also play a key role in shaping the environment. Through regulation and incentives, they have a number of ways to influence developments. For example, governments could set requirements for private-sector companies that form part of the country’s critical infrastructure. Another lever would be requirements for data portability across different systems, ensuring organisations can move away from providers they regard as critical. A more innovative approach would be for governments to support companies in strategically important sectors in creating viable alternatives.
With open source as a guiding principle?
Open-source software is often presented as a cure-all for achieving greater digital sovereignty, both in the private sector and in public organisations. At a fundamental level, I think it’s an interesting idea. However, there’s a reason why open-source software is still mostly used in the lower layers of the technology stack, even after all these years.
What aspects of digital sovereignty are you currently working on?
At the Bavarian Research Institute for Digital Transformation in Munich, which I co-direct, we’re currently building a new research focus on digital policy. The reason is that, within academia, the field is still relatively underexplored and often reduced to a handful of questions, such as whether digital policy should have its own ministry. We’re taking a much broader and more interdisciplinary approach. Digital sovereignty is one of the topics we’re looking at. At the moment, we’re exploring how governments can do more to strengthen the digital sovereignty of businesses without creating additional bureaucracy.