We have been talking and writing about the importance of digital sovereignty, technical independence, and secure data architectures for a long time. Now, former EU Commissioner Thierry Breton is also addressing these issues in his guest article in Handelsblatt entitled “We must not allow ourselves to become useful idiots” – with remarkable clarity.

Breton warns that Europe risks placing its digital future in the hands of a few global corporations whose interests do not necessarily align with European values of data protection, competition, and democratic control. His message is clear: if we allow our infrastructure, our data, and our key technologies to be operated outside Europe on a permanent basis, we will not only lose market power—we will lose self-determination.

This position hits the nail on the head in terms of what we at fragmentiX have been pointing out for years. Every day, we see in practice how critical dependencies on non-European cloud and software providers are becoming—whether due to legal access options such as the US CLOUD Act, geopolitical uncertainties, or simply economic concentration.

That is why we are taking up Breton’s appeal, because it creates a political awareness that was long overdue: Digital sovereignty is not an IT issue, but a foundation of European independence.

And it does not begin in Brussels or Strasbourg, but in every organization that decides today where and how its data is stored, processed, and secured.

Three steps to true digital sovereignty

In our view, three steps in particular will be crucial in the coming years if Europe is to master this challenge:

1. Secure European sovereignty.
Data processing, communication, and storage must take place under European legal supervision and in European infrastructures. This is the only way to guarantee data protection, innovation protection, and national security interests in the long term.

2. Strengthen independence from US service providers.
This is not about isolation, but about legal clarity. As long as laws such as the US CLOUD Act or the FISA Amendments Act allow access to European data, true sovereignty remains an illusion. Europe needs its own alternatives, its own clouds, and its own technology providers.

3. Consistently promote and use open-source technologies.
Transparency creates trust. Open standards and verifiable code are the foundation of a trustworthy, resilient IT landscape. Proprietary systems may seem convenient in the short term, but in the long term they lead to dependency, black box structures, and loss of control.

If we seriously pursue this path, it should not be as a political slogan, but as a strategic investment in Europe’s capacity to act.

Digital sovereignty is more than just data protection—it is a prerequisite for Europe to be able to shape its economic, scientific, and security interests in a self-determined manner.

The cloud is no longer a neutral space

For a long time, cloud computing was synonymous with innovation and efficiency. Today, we know that the cloud is not neutral. Jurisdiction, ownership structures, and vendor dependencies determine how freely European organizations can actually act.

• Jurisdiction as a risk: Even if data is physically located in Europe, it may be subject to foreign law via foreign parent companies. The CLOUD Act, for example, allows US authorities to access data controlled by US companies – even if it is stored in European data centers.
• Dependence on hyperscalers: Three US providers dominate over 70% of the European cloud market. (IT Pro, 2025) This creates economies of scale, but also strategic vulnerability.
• Competition and innovation: Proprietary ecosystems slow down open competition and make it difficult to develop European alternatives.

Initiatives such as GAIA-X and EU Cloud Certification (EUCS) show that Europe is asking the right questions – but implementation will determine whether we actually build independent digital infrastructures or simply create further managed dependency.

Companies bear responsibility

Digital sovereignty starts small—with the question of which cloud, which software, and which backup system to use. Many companies underestimate the fact that they themselves are responsible for data integrity and recoverability. The “shared responsibility” approach of many cloud providers does not mean that security is completely outsourced.

A modern security concept must therefore cover three levels:

• Technical control: Encryption, fragmentation, and object lock technologies must prevent data from being changed or deleted without notice.
• Legal control: The storage location and applicable law must be compatible with European data protection regulations.
• Operational control: In the event of a crisis, recovery must be possible without the consent or cooperation of the cloud provider.

Only those who understand and consciously design these levels can act with confidence.

Companies that want to design their storage and backup architecture with confidence will find a practical example of these principles in our Quantum Safe Backup solution. It shows how information-theoretical security, fragmentation, and European cloud locations together enable true data sovereignty.

fragmentiX’s perspective: trust through technology, not promises

fragmentiX stands for a European approach: Trust is created through verifiable technology, not mere marketing slogans.

Our mission is to design cloud usage and data storage in such a way that organizations retain their digital self-determination – regardless of whether they use cloud services, local servers, or hybrid infrastructures. This includes the conviction that the cloud is not the enemy, but a tool that must be designed with sovereignty in mind.

Techniques such as information-theoretic security (ITS), Secret Sharing, and distributed cloud storage locations can reduce dependency without sacrificing scalability or convenience.

Our goal is clear: data sovereignty should not be a theoretical ideal, but a practical reality – especially for European companies, public authorities, and research institutions.

If you would like to know how these principles can be implemented in your own IT environment, we would be happy to advise you individually. Contact us here – together we will develop a sovereign data security strategy that suits your organization.

Conclusion: Sovereignty is not a luxury, but a duty

Thierry Breton’s guest article is more than an appeal—it is a reminder that technological convenience can be costly in the long run. Anyone who stores their data in uncontrolled jurisdictions or blindly trusts cloud providers today risks more than just data loss. They risk their ability to act.

Digital sovereignty means retaining control over data, systems, and decisions – technically, legally, and strategically. This is no longer an option, but a prerequisite for a self-determined Europe.

We share Breton’s view: Europe must not allow itself to become “useful idiots” who relinquish control of their digital infrastructure. The path to a secure future lies in proprietary technology, transparent standards, and sovereign architectures – from the cloud to backup.

fragmentiX develops European security solutions for sovereign, verifiable, and quantum-safe data storage. Learn more about our products or contact us directly!

Sources:

Handelsblatt. Thierry Breton. 2025. Guest commentary: “We must not allow ourselves to become useful idiots.” https://www.handelsblatt.com/meinung/gastbeitraege/gastkommentar-wir-duerfen-uns-nicht-zu-nuetzlichen-idioten-machen/100175301.html

IT Pro, 2025. US companies dominate the European cloud market – regional players are left fighting for scraps. https://www.itpro.com/cloud/cloud-computing/us-companies-dominate-the-european-cloud-market-regional-players-are-left-fighting-for-scraps