Initiatives from the business sector
Similar efforts are underway in other European countries. For instance, the Austrian Armed Forces have moved away from Microsoft Office and switched to the open-source solution LibreOffice. The Austrian Federal Ministry for Economy, Energy and Tourism recently completed the migration of 1,200 employees to the European open-source cloud platform Nextcloud. The French Gendarmerie has been using Collabora Online for years, another alternative to mainstream Office products. The French Mistral AI is a European Large Language Model (LLM) that aims to compete with major US rivals such as ChatGPT. The AI system has been very well received and is now expanding into other European countries such as Germany.
Meanwhile, several initiatives are also focusing on the topic. Leading the way is the “Federal Association for Digital Sovereignty – Open Source Business Alliance” (OSBA). According to its own statement, the association is the largest alliance in Europe’s open-source industry and represents over 260 member companies.
Major AI projects aim to strengthen Europe’s cloud providers
Meanwhile, European providers such as IONOS, Deutsche Telekom and the Schwarz Group are attempting to capture market share with their own hyperscalers (StackIT). However, according to the statistics mentioned at the outset, these remain largely niche players for the time being.
Deutsche Telekom and the Schwarz Group are also planning a joint large-scale AI project. The focus of this initiative is on establishing a high-performance European AI infrastructure, specifically targeting training and inference capacities for large language models and industrial applications.
The aim is to integrate data centres, cloud platforms and data ecosystems in such a way that businesses and public institutions gain access to high-performance AI services that also comply with data protection regulations.
Another key aspect is ensuring data sovereignty and IT security, for example through high-performance computers operated in Europe, clear governance structures and controlled data spaces.
To the session: Resilience & Sovereignty in an Era of Cloud: Crafting a Vision for What’s Next
More than just the cloud: EuroStack as the foundation of digital sovereignty
US hyperscalers are responding to this by setting up data centres on European soil or through partnerships with local operators.
Representatives from politics, business and academia are calling for a more far-reaching approach. They advocate the development of EuroStack as an independent tech infrastructure in Europe. This is not merely an industrial policy project; EuroStack can be understood as a multi-layered reference architecture spanning everything from semiconductors and cloud infrastructures to platform services and applications.
The aim is to systematically reduce critical dependencies whilst simultaneously embedding European values such as data protection, transparency and interoperability at a technical level. From a security perspective, this includes, amongst other things, end-to-end encryption concepts, trustworthy identity and access models based on the zero-trust principle, and the consistent use of open standards to avoid vendor lock-ins. This is complemented by requirements for traceable supply chains (supply chain security), certified hardware and software components, and compliance with European regulations such as NIS2 or the Cyber Resilience Act.
Initiatives such as Gaia-X and European cloud and edge consortia are also incorporated into this concept, which is designed to strengthen both Europe’s economic competitiveness and its strategic autonomy.
To the article: From SBOM to PBOM: Defending Against Supply Chain Attacks
To the article: IT Regulations: 4 IT Laws You Should Be Aware of in 2026
From ambition to implementation
Awareness of the importance of digital sovereignty in Europe has grown, particularly in recent years, and initiatives such as EuroStack demonstrate that this can lead to concrete outcomes. As Secretary General of the European Cyber Security Organisation (ECSO), Joanna Świątkowska is committed to strengthening Europe’s cyber security resilience and strategic autonomy.
She believes this must be driven forward jointly by all stakeholders: ‘Europe is entering a decisive phase where digital sovereignty must move from ambition to implementation. At its core, technological sovereignty is about Europe’s ability to develop, control and scale its critical technologies, infrastructures, services and data. Delivering on this vision requires aligning industrial policy, regulatory frameworks and cybersecurity into a coherent approach that builds real capabilities.
The objective is clear: a secure, competitive and resilient digital ecosystem grounded in trust and assurance.’
To the session: Digital sovereignty in reality check: opportunities, risks, feasibility
Debate at the it-sa Expo&Congress
The relevance of the various efforts to achieve greater autonomy within Europe to the issue of cybersecurity (report on the topic) was also discussed recently at the it-sa Expo&Congress. The topic is set to be a key talking point again at the next event, which will take place from 27 to 29 October 2026 at the Nuremberg Exhibition Centre.