ADVERTORIAL
Instructions for failure:
How Europe systematically undermines its own digital sovereignty
“Digital sovereignty” in Europe has long ceased to be a political objective and has instead become a ritual incantation. Hardly a summit passes without the term appearing. Barely a government statement is issued without promises of greater independence. And scarcely a procurement decision is made that does not reliably undermine this very goal.
Strategy papers are produced and then left to gather dust in PPP drawers. Summits are held in numbers that almost rival the Alps. New funding programmes are launched that produce no tangible change. The narrative suggests momentum. Practice preserves the status quo. While Europe talks about catching up, it is in fact extending its dependencies.
Digital sovereignty is an ambitious goal, and that is precisely the problem: ambition demands consequence. Consequence creates friction. Friction is avoided. What emerges instead is a system that simulates progress while organising stagnation. What follows is, deliberately sharpened, an instruction manual for failure. Based on established patterns, it provides a practical guide for ensuring that digital sovereignty in Germany and Europe remains a distant dream.
Comfort wins: systematically
In recent years, several German federal states have extended or renegotiated framework contracts with US hyperscalers, in some cases worth billions. And rightly so, from a certain perspective. It is easy to justify: operational reliability, scalability, and a proven partnership. Economically rational, strategically sufficient. A renewal is a strategy too. Or is it not?
The much-cited lock-in effect is treated as a theoretical risk. In return, organisations receive highly integrated cloud ecosystems where everything blends seamlessly: proprietary APIs, embedded AI services, identity management, compliance stacks. Once this rabbit hole is built, migration is no longer something you do “when convenient”. It also avoids further friction: no tedious procurement cycles, no risky migrations, no uncomfortable strategic questions.
Just look at the debate around Schleswig-Holstein. Around 80 percent of workplaces were migrated to LibreOffice. More than 44,000 mailboxes were moved from Microsoft to Open-Xchange. Countless training sessions were required to familiarise employees with the new systems. All this just to save licensing costs and prevent external access to data? How sensitive can that data really be? After all, it is called “Public Sector”, not “Secret Sector”. Better to avoid the stress and simply extend the contracts.
“Made in Europe” sounds appealing, but in most categories US tech companies remain more established
Funding logic: subsidise, but do not scale
When it comes to procurement decisions, the “origin of the vendor” tends to rank somewhere between the quality of the coffee machine and the parking situation at headquarters. “Made in Europe” sounds appealing, but in most categories US tech companies remain more established. It is no coincidence that only about one third of 1,500 IT decision-makers in Germany are even aware of European cybersecurity solutions, and only 20.5 percent actually use them. Accordingly, adoption in large enterprises remains low. The rational conclusion: continue investing in dominant US providers such as Palo Alto Networks or CrowdStrike.
At the same time, domestic start-ups should not complain about lack of funding. With “Horizon Europe”, around €95 billion is available for research and innovation until 2027. National programmes complement these sums, funding flows into AI, cybersecurity, cloud, and semiconductor design. Given this level of support, there is no need for a guilty conscience when taking promotional photos at innovation fairs. Operational IT budgets, however, continue to flow to Seattle, Redmond, or Mountain View. Europe finances prototypes, the market chooses platforms with global distribution. An efficient system.
As for those prototypes: while founders improve their technologies through subsidies, the public sector should probably wait anyway. Start-ups must first prove themselves, especially without major public references that would instantly grant them competitiveness. Better not to jump too early.
A wonderful system of subsidies: de facto indulgence payments for a guilty sovereignty conscience that never actually forces action.
Regulating what one does not control
Nine out of ten companies in Germany depend on digital imports. Half of them could barely survive a year without them. It hardly matters. Europe, however, excels at regulation: GDPR, NIS2, Digital Services Act, AI Act, Data Act, and more. There is nothing quite like designing rules for a game in which you barely participate. It produces the most refined version of governance imaginable. Anyone who does not understand this simply has not recognised its brilliance.
AI talent such as Peter Steinberger chooses to move to OpenAI in the United States? So be it. In Europe, it is not about money, but about principles. What matters is insisting that Europe defines the “true rules”. Regardless of how often others talk about American cloud empires or new Chinese semiconductor fabs. Software and hardware must obey legislation, and no one writes legislation better than Europeans. If talent fails to recognise this and goes elsewhere, that is acceptable. At least it proves the education system is working.
Europe does not fail to achieve digital sovereignty because it cannot, but because it prefers not to
Industrial policy: ambition in fragments
A common misunderstanding is that the difference between the US or parts of Asia and Europe lies primarily in investment volume. In reality, it is market dynamics. The US has companies like NVIDIA or Intel that act as global pace-setters. Asia is dominated by giants such as TSMC. Europe, by contrast, has excellent niche players, for instance in lithography machinery. Niche excellence is like panel gaps in cars: it signals quality. Building vertically integrated platform companies with global reach is simply more difficult.
Europe’s beautifully fragmented internal market, with its multitude of funding schemes, permitting procedures, certification standards, and national industrial interests, quickly separates the wheat from the chaff. Technologically excellent, but rarely scalable.
Still, there are targets within the EU. Not just one target, but 27 different interpretations of it. This makes implementation more complex, but surely one of the 27 versions will be correct. And if not, it provides an excellent reason to organise yet another summit.
Communication instead of transformation
Politically, “digital transformation” is firmly established. Operationally, risk aversion dominates, for understandable reasons. Communication therefore becomes critical.
Procurement bodies prioritise references over innovation potential, entirely rational. Compliance departments favour established vendors with global certification portfolios, difficult to dispute. Internal IT teams argue convincingly for stability and workload management, staff are already stretched.
Thus a perfect loop emerges: European vendors do not receive large contracts because they lack large references. They lack large references because they do not receive large contracts. The system stabilises itself without malicious intent. Simply continuing as before is enough.
Yet every speech still deserves to be decorated with epochal terms such as “breakthrough”, “digital transformation”, “new era”, or “turning point”. Procurement processes, however, do not need to change.
If someone suggests this is not a strategy at all, the answer is simple: strategy is a matter for leadership, and leadership is currently at a summit.
What remains
Digital sovereignty is currently a well-polished filler phrase for Sunday speeches. It fails in Monday reality inside sector committees. Europe’s dependency is not a technological inevitability; it is the result of political, administrative, and economic choices: extending hyperscaler contracts out of convenience, funding policies without binding demand, regulation without corresponding industrial policy, and procurement processes in which sovereignty plays no meaningful role.
The cynical truth is this: Europe does not fail to achieve digital sovereignty because it cannot, but because it prefers not to, due to convenience and structural risk aversion. The hopeful truth is equally clear: precisely because of this, the situation is changeable. Every decision is reversible.
If the steps in this instruction manual are inverted, demand instead of symbolism, scaling instead of fragmentation, strategic procurement instead of short-term efficiency, then an instruction manual for failure becomes an instruction manual for sovereignty in Europe.
