Pursuing digital autonomy remains elusive
In a bid to achieve digital independence and reduce technological dependencies, Germany is embarking on a multi-faceted strategy. This approach aims to create a robust, interoperable, and innovation-friendly European technology ecosystem, with a significant focus on artificial intelligence (AI) and cloud infrastructure.
At the heart of this effort is the newly established Federal Ministry for Digitalization and Government Modernization. Its mandate includes modernizing procurement and public digital services, positioning Germany as a beacon of digital sovereignty and interoperability within Europe.
The German government has committed substantial funds to AI initiatives, including the construction of at least one European AI gigafactory in the country. The regulatory environment is aligned with the EU’s AI Act but is designed to foster flexibility, avoiding stifling innovation.
Germany is also advancing sovereign cloud infrastructures, such as those under Gaia-X and European Sovereign Cloud projects. These initiatives aim to keep data handling within the EU jurisdiction, reducing reliance on foreign providers like Amazon Web Services. This strategy also addresses risks posed by extraterritorial laws, such as the U.S. Cloud Act.
Cybersecurity and interoperability are top priorities. Public sector IT is increasingly mandated to adopt open standards to ensure resilience and European control over digital assets. Germany targets widespread fiber optic connectivity and high-capacity networks as foundational for digital sovereignty, although urban-rural disparities in internet quality remain.
Claudia Plattner, President of the Federal Office for Information Security (BSI), acknowledges that large US companies have a decade-long head start in tech investments, leading to technological dependencies for German authorities and companies. To address this, the BSI, in cooperation with Google, is working towards the development and provision of secure cloud solutions for authorities at all levels.
In spring 2024, the German cloud provider Ionos received an order from the federal administration to build a particularly secure computer cloud solution. The focus of this cooperation is on ensuring data sovereignty.
For companies in critical infrastructures such as energy, health, telecommunications, and transport, certain BSI guidelines are legally prescribed. The BSI, which is headquartered in Bonn and supports federal authorities in securing their IT systems, warns of risks and develops security standards relevant to companies. Plattner emphasizes the need to build control mechanisms into digital systems and data, as they cannot currently function without outside European input.
A strategy is needed on the government side to decide which technologies to buy from abroad and how to gain control over them. The "private enterprise cloud," certified by the BSI, is to be operated in the data centers of the Federal Information Technology Center. For companies in critical infrastructures, the BSI's roles in relation to AI rules are not yet fully clear. However, EU-wide rules for AI models, including ChatGPT and others, aim to make artificial intelligence more transparent and secure, effective from August 2.
In summary, Germany’s current strategy to achieve digital sovereignty revolves around developing a secure, interoperable, and innovation-friendly European technology ecosystem, focusing heavily on AI and cloud infrastructure, backed by regulatory and investment commitments.
- The German government, through the Federal Ministry for Digitalization and Government Modernization, is focusing on policy-and-legislation to foster a technology ecosystem that prioritizes cybersecurity and data-and-cloud-computing, with a significant emphasis on AI and cloud infrastructure.
- As part of its strategy to reduce technological dependencies, Germany is working towards establishing secure cloud solutions, such as those under Gaia-X and European Sovereign Cloud projects, to keep data handling within the EU jurisdiction and avoid reliance on foreign providers like Amazon Web Services.
- To ensure data sovereignty in critical infrastructures such as energy, health, telecommunications, and transport, the German government is developing security standards and guidelines in collaboration with private enterprises, as explained by the President of the Federal Office for Information Security (BSI), Claudia Plattner.
