Sign in Subscribe
3 min read

A Blackout in Kyiv and a Warning for Europe

A Blackout in Kyiv and a Warning for Europe
Ceder Barnes / Zuma Press

Today, December 27th 2025, Kyiv is again without electricity after Russian attacks on Ukraine’s energy infrastructure. In the middle of winter, this means homes without heating, hospitals relying on generators, disrupted communications, and a society forced into emergency mode. For many people in Europe, this feels tragic but distant, something that belongs to a country at war.

That distance is misleading.

Kyiv’s blackout is not only about energy. It is about dependency. And Europe is far more dependent on critical infrastructure than it is comfortable admitting.

Infrastructure as dependency

Modern societies no longer collapse only when bombs fall. They collapse when systems stop coordinating. Electricity is one layer, but digital infrastructure is another, just as essential and often far more opaque. Cloud platforms, identity systems, data pipelines, software updates, and AI services form the invisible grid on which governments, hospitals, logistics chains, energy markets, and democratic institutions depend. In Europe, a large part of that digital grid is not under European control.

Even when data is physically stored inside the European Union, the control layers often are not. The software, the update mechanisms, the authentication systems, the legal jurisdiction, and the strategic decision-making power frequently sit with a small number of companies headquartered in the United States. This creates a structural asymmetry. Europe runs critical systems on infrastructure it does not fully govern.

The dangerous assumption is that this only becomes a problem in extreme scenarios. That assumption is wrong. Digital dependence does not need sabotage, cyberwar, or dramatic shutdowns to be weaponized. It only needs leverage.

Pressure can be applied quietly. Service guarantees can be reduced. Updates can be delayed. Legal uncertainty can be introduced. Export restrictions can be framed as security concerns. Compliance can become more expensive or more complex. None of this looks like an attack. All of it affects decision-making.

This is where regulation enters the picture.

When Europe regulates Big Tech, it is not regulating abstract platforms. It is regulating the very infrastructure that runs its economy and public sector. That creates an uncomfortable political dynamic. Strict regulation is easily reframed as a risk to innovation, competitiveness, reliability, or even security. The message does not have to be explicit. The implication alone is often enough.

Over time, this leads to a subtle form of self-restraint. Enforcement slows down. Rules are softened. Exceptions are made. Implementation is delayed. Not because policymakers are convinced by the arguments, but because the perceived cost of instability feels too high. Dependency becomes bargaining power.

This dynamic is precisely what The Tech Coup by Marietje Schaake lays bare. A book I had on my list to read during the holidays. Schaake documents how democratic governments have steadily outsourced power to technology companies without creating adequate democratic oversight in return. Decisions that shape societies, from speech and privacy to security and geopolitics, are increasingly made by private actors whose incentives are not aligned with the public interest. Her argument is not speculative. It is based on concrete cases where governments found themselves constrained by the very technologies they had come to rely on.

Kyiv shows us what dependency looks like when it is attacked directly. Schaake shows us what dependency looks like when it is normalized and ignored.

The lesson from Ukraine is not that Europe will face the same kind of physical attacks. The lesson is that critical systems fail gradually, under pressure, and often without a single dramatic moment. Europe’s real risk is not a sudden digital blackout. It is the quiet erosion of political autonomy, where decisions are shaped by what infrastructure can tolerate rather than by what democracy demands.

This is why the conversation about open source technology is so often misunderstood. Open source is not primarily about ideology, community spirit, or cost savings. It is about power.

Open source changes the balance because it removes the single point of control. It allows systems to be audited, adapted, forked, and governed locally. It creates real exit options. It ensures that no external actor can unilaterally switch off, degrade, or condition access to critical infrastructure. In geopolitical terms, it reduces leverage.

This does not mean Europe should unplug from existing systems overnight. That would be unrealistic and irresponsible. Resilience is built incrementally. Energy security was improved through diversification, redundancy, and local capacity. Digital security must follow the same path.

Public institutions adopting open standards and open-source-first strategies matter because they set norms. European hosting combined with open software matters because it aligns legal authority with technical control. A diverse ecosystem of suppliers matters because it prevents concentration of power.

Kyiv going dark today is not Europe’s future. But it is a warning. Not about war alone, but about dependency. In a world where infrastructure has become a geopolitical instrument, sovereignty is not something that can be declared in policy documents. It has to be built, layer by layer, in the systems societies rely on every day.

In the digital age, that foundation cannot be closed, opaque, or externally controlled. It has to be open.

Published by:

Koen Machielse