Dutch public sector seeks digital sovereignty, a necessary shift

The debate around digital sovereignty has gained momentum in recent weeks. The House of Representatives wants a government cloud to become less dependent on American tech giants. The City of Amsterdam is taking steps toward digital independence, and more and more organizations are asking themselves how they can maintain control over their data. This is a positive development, but at the same time raises a fundamental question: is moving to a European cloud really the solution?

Digital sovereignty is about more than just choosing a cloud provider. The key question is not only where data is stored, but especially who has control over it. Security, accessibility and control over critical data can only be guaranteed if we make strategic choices about storage, infrastructure and data management. This does not mean that cloud does not play a role, quite the contrary. But standardly transferring all data to the cloud, without sound data classification and governance, is not a strategy.

The role of hybrid cloud and data classification

Cloud technology offers huge advantages: flexibility, scalability and accessibility. But not all data belongs in the cloud. A hybrid model, in which cloud and on-premise infrastructure complement each other, offers the best balance between security and control. Data classification plays a key role in this. What data is critical and should stay within the organization? What data can be safely stored in the cloud? A thoughtful strategy prevents vital information from becoming dependent on third parties and external legislation.

Amsterdam as an example, but who will follow?

The Amsterdam municipality demonstrates movement toward digital independence. Less dependence on closed software, more control over its own data and infrastructure. But who will follow? More and more municipalities and government agencies are wrestling with the same questions. How can the public sector ensure a solid IT strategy without sacrificing control and flexibility?

Individual initiatives are valuable, but without a government-wide (cloud) strategy, digital sovereignty remains a fragmented concept. VNG previously advocated collective purchasing agreements and broader cooperation between government agencies to strengthen digital sovereignty. This is a logical step: without a shared vision, each agency will continue to invent the wheel itself.

Digital autonomy affects everyone

Digital sovereignty is not a discussion limited to government agencies. Universities, healthcare institutions and private organizations must also consider their reliance on foreign tech giants. Academic institutions generate vast amounts of research data that are now often stored in commercial cloud environments. What happens when regulations change? How do we ensure that intellectual property remains in-house? The question is not whether digital autonomy is necessary, but how it can be achieved without getting in the way of innovation.

Conclusion: the right data, in the right place, according to the right principles

Digital sovereignty is not about doing everything yourself, but making smart choices about data and infrastructure. A hybrid approach, supported by clear data classification, provides the balance between security and control. Public and academic institutions are at a crossroads: do they choose true digital independence, or a new form of dependence?

With recent developments, now is the time to move on and make strategic choices. How do you think the public sector should deal with this in the coming years?