Europe’s digital wake-up call

For years, Europe has been quietly outsourcing the digital foundations of its economy, public sector, and communication systems. Cloud infrastructure, data platforms, AI tooling, analytics, and collaboration software are overwhelmingly hosted or governed by companies headquartered outside the EU. Estimates regularly point to figures above 90%.

That may have looked like a reasonable efficiency choice a decade ago. Today, it looks like a strategic mistake. In a world shaped by geopolitical tension, AI acceleration, and hybrid warfare, digital infrastructure is no longer neutral plumbing. It is power.

Dependency is political

Europe has often treated digital infrastructure as something you can simply “buy” on the market. Cheaper, faster, more scalable usually won. But infrastructure shapes who sets the rules, who has access, and who absorbs risk when things go wrong.

The European Commission has been increasingly explicit about this in its work on digital sovereignty and strategic autonomy. The message is consistent: Europe generates enormous value through data, but relies on others to store it, process it, and increasingly to interpret it through AI.

The rulings of the European Court of Justice on international data transfers were another warning sign. They showed how fragile the legal foundations of this dependency really are. When infrastructure and jurisdiction don’t align, legal uncertainty is not a bug, it’s a symptom.

Why hyperscalers don’t fit Europe’s long-term needs

This is not about blaming large tech companies. Hyperscalers are doing exactly what their business models incentivize them to do: centralize, scale globally, and lock in ecosystems.

The problem is that those incentives don’t align well with what Europe actually needs. Europe needs resilience, competition, accountability, and systems that can survive political or economic shocks.

Institutions like the OECD and the IMF have warned about excessive concentration in digital markets and the systemic risks it creates. When infrastructure, AI layers, and data flows are vertically integrated, exit becomes almost impossible. Not just for companies, but for governments as well.

The recent Draghi report on European competitiveness makes this even clearer: if Europe continues on its current path, it risks becoming a permanent technology taker. Once core systems are deeply embedded in proprietary ecosystems, sovereignty becomes theoretical rather than practical.

Open-source AI is really about control and continuity

Open-source AI is often framed as an ethical or ideological choice. In reality, it’s much more pragmatic. Open systems allow inspection. They allow adaptation. They allow long-term maintenance even if vendors disappear, change strategy, or become politically inaccessible.

From a security perspective, this matters. The European Union Agency for Cybersecurity has repeatedly stressed that transparency and auditability are essential for digital resilience. Black-box AI systems embedded in critical workflows create risks that contracts alone cannot solve.

There’s also a continuity argument that doesn’t get enough attention. If access conditions change, licensing shifts, or geopolitical tensions escalate, Europe needs to be able to keep its systems running. Forkable, open systems make that possible. Closed ones don’t.

Data ownership is already part of modern conflict

Hybrid warfare isn’t a future scenario. It’s already here. Research from organisations like the RAND Corporation and assessments from NATO show how data, platforms, and information flows are used to influence societies without traditional military confrontation.

Countries like Russia and China don’t need to “hack everything”. They exploit asymmetries: who owns platforms, who controls narratives, who has long-term access to behavioural data.

If healthcare systems, logistics platforms, marketing tools, or public communication channels run on infrastructure Europe doesn’t control, strategic intelligence is continuously externalised. Often legally. Often invisibly. Always at scale. Data has become terrain.

Open, European tech stacks are about resilience, not isolation

Building open, European-first tech stacks does not mean cutting ties with the rest of the world. It means avoiding capture. Europe has done this before. Energy grids, rail networks, telecom standards, and scientific collaboration were built around openness, interoperability, and shared governance. Digital infrastructure should follow the same logic.

Initiatives like the European Open Science Cloud show that Europe already knows how to do this. Even projects that struggled, like GAIA-X, demonstrate that the problem is not technical feasibility but political and economic prioritisation.

Waiting makes the problem worse

Every year that passes increases lock-in, switching costs, and dependency on external platforms. AI accelerates this dynamic faster than any previous technology wave.

Europe cannot meaningfully regulate, secure, or shape systems it does not build or understand. Digital sovereignty is not protectionism. It is the minimum condition for democratic agency in a digital world. This isn’t about rejecting global cooperation. It’s about making sure Europe still has a choice.

And right now, that choice is narrowing faster than most people realise.