Cooperation Without Dependency
“The greatest danger in times of turbulence is not the turbulence; it is to act with yesterday’s logic.”
— Peter Drucker
The institutional order built after 1945 is fraying. I did not expect to be writing in 2026 about digital infrastructure as a matter of national security. Yet here we are: the critical systems of Western democracies sit concentrated in foreign jurisdictions, vulnerable precisely when stability matters most.
Digital sovereignty has moved swiftly from legal abstraction to practical necessity. States, and the societies they serve, can no longer afford to ignore who controls their infrastructure.
The foundation: data sovereignty
At the core of digital sovereignty is data sovereignty: the principle that data is subject to the laws of the jurisdiction where it originates or is processed. This is distinct from physical location: a country can assert legal authority over its citizens’ data even if it sits on servers in Dublin or Virginia, as the EU does under the GDPR.
For decades, this arrangement rested on trust. Governments in Europe, Canada, and elsewhere accepted American technological dominance—assuming transatlantic partnerships would ensure reliability, stability, and legal alignment. The balance held as long as those partnerships remained durable.
How did we get here?
American technological dominance was not accidental. Silicon Valley emerged from decades of U.S. defense spending, public research funding, and a regulatory environment that favored rapid experimentation and massive scale. Over time, U.S. companies came to define global standards: operating systems, cloud infrastructure, productivity software.
The world adopted American technology out of pragmatism. It worked, was cheaper than domestic alternatives, and offered economies of scale impossible to match. Why spend billions recreating AWS when you could simply subscribe?
This made sense as long as Western democracies appeared permanently aligned.
Things fall apart
Those assumptions have weakened. Trade tensions, strained intelligence-sharing arrangements, withdrawal from multilateral frameworks, and rising volatility in U.S. politics and foreign policy have altered the landscape. 2026 began with military action in Venezuela and rhetoric over territorial claims in Greenland—events that highlight how quickly geopolitical assumptions can shift, even among long-standing partners.
We must build technological infrastructure that can withstand not only technical failure modes, but also rapid geopolitical change.
The vulnerability appears in two forms:
- Surveillance. Section 702 of FISA authorizes the NSA to access foreign data transiting U.S. infrastructure without a warrant. European data, government communications, and critical infrastructure information can be swept into a foreign intelligence apparatus whose authorities shift with each election cycle.
- Access limitations. The United States could compel American technology companies to stop serving specific nations. Gmail inaccessible. AWS shut down. Microsoft 365 suspended. A decision in Washington could disrupt government operations, healthcare systems, and private-sector activity within hours. Dependence on foreign infrastructure is leverage. What once seemed unthinkable now appears plausible.
Dependency != Collaboration
Cooperation between democracies remains essential, but dependency is not the same as collaboration. Strategic autonomy requires systems that function even when partners reverse course. Intelligence agencies must operate when diplomatic relations sour. Healthcare must continue when cloud providers receive conflicting directives. Fundamental rights cannot hinge on another nation’s political stability.
Lessons from recent history
COVID-19 exposed what happens when critical resources concentrate in a single jurisdiction. Western nations discovered their medical supply chains depended on Chinese manufacturing. Masks, ventilators, PPE—once abundant—became scarce overnight.
Russia’s weaponization of gas dependency revealed the same dynamic: economic interdependence repurposed as political leverage. Pipelines that once symbolized shared prosperity became instruments of coercion.
More recently, rumors that American military aircraft might contain remote “killswitches” prompted European governments to reconsider procurement plans. The rumors are almost certainly false, but plausibility alone was enough to raise strategic concern.
Digital infrastructure follows the same pattern. European healthcare systems run on AWS, intelligence workflows on Microsoft infrastructure, government services on Google Cloud—all exposed to surveillance and access denial.
The cost of inaction
Supply chains for N95 masks can be rebuilt in months. Energy suppliers can be diversified in years. Military procurement can redirect over a decade. Digital infrastructure is different—deeply layered, slow to replace, and growing harder to substitute with each passing year.
Legal frameworks help, but cannot substitute for direct control. The GDPR asserts European legal authority over data wherever it travels, strengthening privacy protections. The collapse of Privacy Shield reinforced those protections, but revealed a different reality: when critical systems sit outside domestic jurisdiction, legal safeguards cannot guarantee operational continuity.
Maintaining cooperation while preparing
Europe’s sovereign cloud initiatives—Gaia-X and various national projects—face the challenge of coordinating 27 member states with divergent priorities while remaining cost-competitive. Canada faces different constraints: trade agreements that restrict data localization, difficulty retaining high-skilled migrants, and deep economic integration.
The core problem is timing. Building resilient infrastructure requires sustained multi-year investment while global competitors offer immediate, cheaper solutions. Sovereignty costs manifest now; dependency costs remain theoretical until they materialize abruptly. Some countries, especially in Europe, are beginning to wake up to this realization, but they have a long way to go.
Designing for continuity
The age of naive optimism is over. Democratic nations must prepare for scenarios previously unthinkable: alliances fracturing, partners becoming unreliable, frameworks collapsing. Essential functions must remain operational even when cooperation falters.
For those of us in tech, the message is clear: build systems that respect sovereignty without sacrificing interoperability. Open standards, federated architectures, encryption, portability—these are the foundations for infrastructure that can withstand shifts in political alignment.