Skip to content

Digital sovereignty without the hype

It seems digital sovereignty is all the rage at the moment, but when we take current world events out of consideration, what does digital sovereignty mean and what benefits does it add to an organization?

So, when you ask the dictionary, sovereign means the following:

sovereign

/sŏv′ər-ĭn, sŏv′rĭn/

noun

  1. One that exercises supreme, permanent authority, especially in a nation or other governmental unit, as.
  2. A king, queen, or other noble person who serves as chief of state; a ruler or monarch.
  3. A national governing council or committee.
  4. A nation that governs territory outside its borders.

adjective

  1. Self-governing; independent. "a sovereign state."
  2. Having supreme rank or power. "a sovereign prince."
  3. Paramount; supreme. "Her sovereign virtue is compassion."
  4. Of superlative strength or efficacy. "a sovereign remedy."
  5. Unmitigated. "sovereign contempt."

One can conclude that based on the excerpt above, sovereignty has to do with who has absolute control. And in the case of digital sovereignty its about control of all digital systems within an organization.

Why sovereignty matters

Let's take an example: you are the CEO of a humble software company. You are market leader in the segment you're serving and you'd like it to stay that way.

What is the life-blood of your company? It's the people and the property, with the property being mostly code.

In this case I would state that:

Warning

If you don't pursue digital sovereignty in your company, you're not investing in your people and you're putting your property at (some) risk.

I'll explain:

A classic non-sovereign platform to place your code is GitHub. On GitHub there is very limited control of the infrastructure, security, resources and uptime. And as platforms usually do, it takes a away transparency and only shows you its proprietary interface in favor of automation, lock-in and time savings. In short: you're highly dependent on this platform and you have little freedom to choose how you'll interact with this platform.

So in this case, we introduce a risk on a platform that we don't control. We are at the mercy of this platform. We rely on them to keep our code safe, and furthermore we will be required to incorporate changes that the platform is imposing. Secondly, we keep our people in the dark of what is actually needed to host code in the proper manner because they would only know how to work with GitHub.

Now take in mind a code platform that is sovereign. For this example I'll use Forgejo. To move to this platform, we'll first need our own infrastructure. Creating this and keeping it up will result in added knowledge in our people, but also add in the feeling of ownership and therefore drive satisfaction among the employees dealing with this.

We now have the freedom to make choice like keeping our code platform within our network if we wanted to, or to add more compute if build pipelines are slow. The possibilities are endless. And if we don't like something our new Forgejo system is doing, we can change it. The open-source nature allow us to submit ideas to the developers and we could develop features ourselves to merge back upstream.

And I can hear you ask: when building your own platform, won't there be mistakes and added downtime? And the answer is yes... we're people, not robots. But this is a good thing. Any downtime on your own platform is time spent learning and fixing. Any downtime on a non-sovereign platform is spent waiting.

Using the newfound freedom wisely

Now that we know sovereignty is something that can be advantageous, we should evaluate where we need sovereignty the most and what the organization is able to handle.

My good friend and colleague Mike Beerman had written about the sovereignty scale on his blog. His blog outlines all the factors to think about when considering a more sovereign approach.

But let's be honest for a second, you can never be fully sovereign in the digital space. There will always be some dependency on vendors like who supply hardware or some specialty software.

Note

Sovereignty is not a checkmark, but a factor in making choices.

So this is my call to action to anyone who reads this: consider all digital systems in your surroundings carefully. Consider if these systems allow for any freedom of choice and if this could result in issues in the future. Some of the most obvious red flags are:

  • Planned obsolescence
  • Vendor lock-in
  • Refusing to implement open standards
  • History of actions in critical situations (don't trust the SLA, look at what actually happened)
  • Geopolitical climate

My last remark will be this:

Question

Would you rather rent a digital platform where you don't get to decide what happens like you rent a home?

Or would you rather invest the same money in your own company, people and technology that you actually own?