Comment | Press release

Is this what digital sovereignty is supposed to look like?

Spending by the German federal government on Microsoft products is still rising fast. If Germany is serious about digital sovereignty, it should set an example.
Tobias Gerlinger, CEO ownCloud, diatance learning solution by ownCloud and Auctores

When Germany took over the EU Council presidency last year, the German government announced a lofty goal: greater digital sovereignty. By creating a European digital ecosystem, the European single market was to be freed from dependence on the large US tech corporations. According to the figures currently making the rounds, however, this announcement seems like mere lip service. A question from a parliamentary inquiry to the German government revealed that federal spending on Microsoft products has almost quadrupled since 2015. The federal ministries transferred a whopping 178.5 million Euros to Microsoft in 2020.

US Cloud Act impedes Digital Sovereignty

This is despite the fact that the data protection problems associated with the use of US software have been known for a long time – and that the European Court of Justice determined in July 2020 that the US Cloud Act is not compatible with European data protection law. Europe’s highest court ruled that the EU-US Privacy Shield could no longer be used to justify the transfer of personal data to the US. The US Cloud Act, it was argued, allows US intelligence agencies virtually unrestricted access to data of EU citizens – even if the servers of the US providers are located in Europe. However, all of this evidently won’t stop the German federal government from lightheartedly purchasing Microsoft products.

Particularly problematic is the widespread use of the Microsoft cloud for storing and exchanging files in public administration. Since Microsoft cannot rule out the possibility of data being transferred to the USA, this simply violates applicable European data protection law. In addition, a so-called lock-in effect is quickly created. Since it is extremely time-consuming and costly to get large amounts of data out of the cloud again, the authorities are more and more trapped in it. They make themselves increasingly dependent on one of the major US players, which is impressively demonstrated by the sharp rise in federal government spending on Microsoft products. This is both incomprehensible and unnecessary, since fully-featured, digitally sovereign private cloud solutions are readily available. While the private sector more and more uses hybrid cloud infrastructures to avoid dependencies, public administrations seem to largely ignore this problem.

Open source offers secure solutions

If the German government is really serious about digital sovereignty, it must set a good example and also rely on sovereign alternatives itself. Otherwise, it will undermine its own goals and its Gaia-X project to create a trustworthy European data infrastructure. And there is certainly no lack of European alternatives. European solutions, particularly those coming out of the open source ecosystem, do not fall behind in terms of functionality and usability. We hope that they will be taken into consideration for future procurements, despite the huge lobbying and ad budgets of the US tech companies – actions speak louder than words.

Tobias Gerlinger

February 12, 2021

Read now:

Full digital sovereignty has 3 levels

Full digital sovereignty has 3 levels

Digital sovereignty is becoming increasingly important for public authorities and companies – and they already have the option of using fully sovereign software stacks. Content collaboration specialist ownCloud explains what sets them apart.

read more
ownCloud Appoints David Walter as CXO

ownCloud Appoints David Walter as CXO

ownCloud, provider of the open source content collaboration platform of the same name, is strengthening its strategic focus on customers and sending a clear signal: With the newly created position of Chief Experience Officer (CXO), the company aims to continuously improve the customer experience and promote consistent communication with all stakeholders.

read more