In our latest article dedicated to digital sovereignty, we introduced the first three families: the “autonomists”, the “centralizing colbertists”, and the “corsairs”. Four other approaches, complementary or radically opposed, can be added to them.

The Champions of Free Software (4) Within the state and the private ecosystem, there also exists a faction clearly in favor of free software to address the impossibility of developing 100% French solutions across the entire digital chain. Relying on the quality of contributions from the free software community, the Anssi, for example, recommends the use of the KeePassXC password vault. The national agency even designed its own operating system for sensitive administrations, CLIP OS, with a “security by design” approach. Built on a Linux base, it offers enhanced security through a segmented structure.

Within state services, proponents of free software continue to use Libre Office, challenged by Office 365. Microsoft’s offering indeed benefits from the “need for continuity for public agents between their workstation and their personal equipment,” a DINUM expert confided to us. However, the vulnerabilities of Office 365, highlighted by recent Russian hacks, could bring new arguments in favor of free software within the state.

More broadly, free software embodies for its proponents both the best way to ensure privacy and at the same time the best means to foster sovereignty across the entire digital chain, as argued for example by Gaël Duval, a pioneer of Linux in France. This ambition, for him, involves “emancipation from the GAFAM.” The undeniable successes of Mozilla, Brave, DuckDuckGo, or the Signal messaging app seem in any case to constitute a credible offer, capable of competing with the major champions of digital technology.

The Atlanticists, Allies of Uncle Sam (5) Acknowledging the weaknesses of France in digital matters, at the risk of succumbing to French Bashing, the family of Atlanticists has made a radically opposite decision from that of free software: to massively support American solutions. By adopting a vision of sovereignty on the scale of NATO, they have long had the wind in their sails by defending the performance of GAFAM, used by international groups and startups, within a Western market on the path to unification.

The Atlanticists today suffer from the limits of sometimes uncritical support for American solutions. The spying on its own allies by the USA through the NSA, the offensive use of the extraterritoriality of law to weaken the competitors of American champions, or even threats of NATO disengagement by Donald Trump, have indeed shattered the ideal of a “shared” sovereignty.

This is compounded by the extent of Chinese espionage in the United States, which for some constitutes “the most significant technological transfer” in history, enabled by the vulnerabilities of GAFAM, and weakening the image of an overwhelming American digital hegemony.

Unqualified Atlanticism today gives way to more balanced partnerships, like the S3NS clouds (Thales and Google Cloud) and Bleu (Orange, Microsoft, Capgemini). But also to a series of guarantees for users, like encryption solutions offered by AWS to its users to “escape” the extraterritoriality of American law.

The Europeanists, Promoters of an Expanded Sovereignty (6) Acknowledging the fact that France risks becoming “a colony of the digital world”, to use the words of Senator Catherine Morin-Dessailly, the Europeanists want to see the emergence of major European champions to “master their digital destiny according to their principles and interests”, as summarized by Bernard Benhamou. In this regard, the decision to host the health data of the Health Data Hub “is likely to significantly affect Europe. We are going to mourn this digital sovereignty for a while,” estimates Bertrand Leblanc-Barbedienne.

Not wanting to restrict themselves to a purely regulatory approach (letting some say that while Europe regulates, “America innovates and China copies”), the Europeanists want to achieve in Brussels what has worked in Washington. “Public procurement must be channeled towards European companies. The United States has a ‘buy American act’: we need a ‘buy European act'”, supported for example by Deputy Philippe Latombe, during the last InCyber Forum.

“We also need a ‘small business act’ to favor small enterprises, SMEs, and startups,” added the parliamentarian. A proposition long supported by Bernard Benhamou, who sees it as the best way to develop several strategic sectors: connected health, energy, environment, transportation, and fintech.

The Pragmatists, Advocates of a Hybrid Approach (7) This last “chapel” of digital sovereignty appears both as the most ecumenical and the least committed in terms of sovereignty. First defending the performance of economic actors, who are part of a globalized value chain, rather than a committed industrial policy, the pragmatists leave the issues of sovereignty to the state. For them, the opportunity of a “sovereign” offer must indeed be evaluated based on the needs of the concerned companies, without considering the negative externalities of the market, at the risk of underestimating the stakes of geopolitics and economic intelligence.

“Everything is a matter of use case: what do we want to protect? From what? Why? It is necessary to have a strategic approach based on the criticality of the data and compliance issues, not to put all eggs in one basket and to prioritize performance,” explained Johan Sciard, cloud architect at Ionos, during the InCyber Forum 2024. Participating in the same panel, Louis Naugès, CEO of DHASEL Innovation, supported this position by citing the case of Doctolib during the Covid-19 epidemic: “It is because Doctolib was on AWS that the company was able, in record time, to multiply by 1,000 the number of vaccination appointments. The same goes for BlaBlaCar, which was able to reduce its Cloud usage by 95%.”

Denis Yrieix ,  2024 May 7th
incyber.org