Key Takeaways:
- The internet and digital infrastructure are vulnerable to disruptions, including technical failures, cyber-attacks, and natural disasters, which can have significant consequences for individuals, businesses, and governments.
- Europe is heavily reliant on US-based big tech companies for cloud computing infrastructure, which increases its vulnerability to disruptions and potential geopolitical disputes.
- The European Union is taking steps to promote digital independence, including the development of a cloud sovereignty framework and the promotion of open-source software.
- Individuals and organizations can contribute to digital resilience by making informed choices about the services they use and by prioritizing security, openness, and interoperability.
- Digital infrastructure should be treated with the same seriousness as physical infrastructure, with a focus on control, maintenance, and crisis preparedness.
Introduction to Digital Vulnerability
The scenario of a sudden internet blackout is not as far-fetched as it may seem. Technical failures, cyber-attacks, and natural disasters can all bring down key parts of the internet, with significant consequences for individuals, businesses, and governments. The European Union is particularly vulnerable to such disruptions, given its heavy reliance on US-based big tech companies for cloud computing infrastructure. The EU’s president, Ursula von der Leyen, has highlighted the need for Europe to build a new form of independence, including in its technological capacity and security. This is particularly important in light of the US government’s increasing demands on European leaders, which could potentially lead to Europe losing access to digital infrastructure provided by US firms.
The Risks of Cloud Computing
The concentration of cloud computing infrastructure in the hands of a few US-based companies, such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud, increases the risk of disruptions to Europe’s private and public sectors. Recent examples of technical failures, such as the AWS incident in October 2025 and the Cloudflare incident two months later, demonstrate the potential impact of such disruptions. These incidents, which were caused by technical failures, disrupted thousands of services, including banking apps and communication platforms, and highlight the need for Europe to reduce its reliance on these companies. Furthermore, the risk of geopolitical disputes and malicious activity also exists, and could have significant consequences for Europe’s digital infrastructure.
European Efforts to Promote Digital Independence
There are signs that Europe is starting to take the need for greater digital independence more seriously. In Sweden, a one-year project is testing how various public services would function in the scenario of a digital blackout. The project aims to quantify the full range of human, technical, and legal challenges that a collapse of technical services would create, and to understand what level of risk is acceptable in each sector. Elsewhere in Europe, other forerunners are taking action to strengthen their digital sovereignty by weaning themselves off reliance on global big tech companies. For example, the state of Schleswig-Holstein in northern Germany has replaced most of its Microsoft-powered computer systems with open-source alternatives, cancelling nearly 70% of its licenses. The state government’s target is to use big tech services only in exceptional cases by the end of the decade.
The Importance of Digital Resilience
For Europe to meaningfully address the risks posed by digital blackout and cloud collapse, digital infrastructure needs to be treated with the same seriousness as physical infrastructure such as ports, roads, and power grids. Control, maintenance, and crisis preparedness of digital infrastructure should be seen as core public responsibilities, rather than something to be outsourced to global big tech firms. The EU has developed a cloud sovereignty framework to guide procurement of cloud services, with the intention of keeping European data under European control. The upcoming Cloud and AI Development Act is expected to bring more focus and resources to this area. Additionally, governments and private companies should be encouraged to demand security, openness, and interoperability when seeking bids for provision of their cloud services, rather than just low prices.
Individual Choices Matter
Individuals and organizations can also contribute to digital resilience by making informed choices about the services they use. It is advisable to ensure that personal data, such as emails, photos, and conversations, are stored securely and can be easily backed up, retrieved, and transferred to another service. By being mindful of the services we use personally and professionally, we can reduce our reliance on big tech companies and promote digital independence. Furthermore, individuals can also support the development of open-source software and digital public goods, which can be treated as a digital public good that can be moved between different clouds and operated under sovereign conditions. By working together, Europe can ensure its digital systems remain accessible even in a crisis, just as is expected from its physical infrastructure. Ultimately, no country or continent will ever be completely digitally independent, but by prioritizing digital resilience and promoting digital independence, Europe can reduce its vulnerability to disruptions and ensure the continued functioning of its digital infrastructure.
