Digital Sovereignty

State control over data, networks, and technology

23 min read 4,614 words 0% read

In the contemporary era, sovereignty no longer ends at physical borders. The ability to control data, regulate digital platforms, and secure critical technology has become as essential to statecraft as maintaining an army or managing a currency. Digital sovereignty—the assertion of national authority over the digital domain—has emerged as a central concern for governments navigating a world where American technology giants hold market capitalizations exceeding the GDP of most nations, where Chinese manufacturing dominates global electronics production, and where data flows across borders at 700 terabits per second—traffic that would have been unimaginable a generation ago.

Consider the stakes: the five largest American technology companies (Apple, Microsoft, Alphabet, Amazon, Meta) have a combined market capitalization exceeding $10 trillion—larger than the GDP of any country except the united-states and China. Amazon Web Services alone controls approximately 32% of the global cloud infrastructure market, storing data for millions of organizations including government agencies. A single decision in Seattle about terms of service or data handling practices can affect billions of users worldwide. This concentration of power in private hands, largely immune to democratic accountability, represents a novel challenge to traditional notions of sovereign control.

The Stakes of Digital Control

Three interconnected layers define the digital sovereignty challenge, each presenting distinct policy questions:

Infrastructure encompasses the physical and cloud-based systems that process and store information—data centers, undersea cables, telecommunications networks, and the servers hosting cloud services. Approximately 95% of intercontinental internet traffic travels through 400+ submarine cables; the largest (the 2Africa cable, 45,000 kilometers) connects Europe, Africa, and Asia. Control over these physical chokepoints matters: the United States and United Kingdom historically dominated undersea cable landing points, enabling intelligence collection that the Snowden revelations exposed.

Cloud computing has concentrated data processing in facilities owned by a handful of companies. Amazon Web Services, Microsoft Azure, and Google Cloud together control approximately 65% of the global cloud market; Chinese providers (Alibaba Cloud, Huawei, Tencent) dominate their domestic market and expand abroad. A government whose data resides on foreign servers, processed by foreign companies subject to foreign legal demands, faces vulnerabilities that physical sovereignty cannot address.

Software and standards include the operating systems (Google’s Android runs on approximately 70% of smartphones globally; Apple’s iOS most of the rest), protocols (TCP/IP, HTTP, 5G standards), artificial intelligence models, and encryption standards that determine how digital systems function. Control over these standards confers enormous influence: whoever writes the code writes the rules by which the digital world operates.

The contest over 5G telecommunications standards illustrates the stakes. Chinese companies, particularly Huawei, developed 5G technology with significant state support, offering equipment 20-30% cheaper than Western competitors. American pressure to exclude Huawei from allied networks reflected fears that Chinese equipment might enable surveillance or sabotage—fears that China dismisses as protectionism disguised as security concern. The outcome shapes not only 5G deployment but the technological foundations of the next generation of digital infrastructure.

Data is often called the new oil, but this metaphor understates its significance. Oil can be extracted once and burned; data can be copied infinitely, analyzed repeatedly, and combined with other data to yield insights its original collectors never imagined. The same dataset might reveal consumer preferences, political opinions, health vulnerabilities, and security-relevant patterns—value that multiplies with analytical sophistication.

Global data creation is projected to reach 180 zettabytes annually by 2025 (for comparison, all human knowledge created before 2000 amounted to perhaps 12 exabytes—one zettabyte is a billion terabytes). Where this data resides, who can access it, and under what legal frameworks it operates have become matters of high strategy. The United States CLOUD Act asserts authority to compel American companies to produce data regardless of where it is stored; the European GDPR asserts that EU citizens’ data must be protected according to European standards wherever it resides. These claims conflict in ways that international law has not resolved.

Why Nations Seek Digital Sovereignty

Governments pursue digital sovereignty for overlapping reasons, ranging from legitimate security concerns to authoritarian control:

National security motivates concern about foreign surveillance, cyber attacks, and infrastructure vulnerability. The Snowden revelations of 2013 demonstrated the extent of American intelligence access to global communications: programs like PRISM collected data from major internet companies; UPSTREAM tapped fiber optic cables; MUSCULAR accessed the private links connecting Google and Yahoo data centers. These revelations shocked allies (Germany’s Chancellor Merkel, whose personal phone was reportedly monitored, expressed outrage) and vindicated adversaries’ suspicions.

A nation whose data transits foreign servers, whose networks run on foreign equipment, and whose platforms are controlled from abroad is vulnerable in ways that military strength cannot remedy. The SolarWinds hack (discovered December 2020) demonstrated how supply chain compromises could penetrate even highly secured networks: Russian intelligence accessed systems at the U.S. Treasury, Commerce Department, and major corporations through a routine software update. Vulnerability is not hypothetical.

Dependence on foreign-controlled platforms creates leverage that can be exercised at will. When the United States sanctioned Huawei in 2019, it prohibited American companies from providing software to the Chinese firm—suddenly rendering Huawei phones unable to use Google services. This demonstration of “weaponized-interdependence” clarified that digital dependencies have geopolitical consequences.

Economic independence drives efforts to prevent foreign monopolization of essential digital services. When a handful of American platforms dominate cloud computing, e-commerce, and digital advertising, value extraction flows outward and domestic competitors struggle to emerge. Google’s search market share exceeds 90% in Europe; Amazon captures approximately 40% of U.S. e-commerce; Meta’s platforms (Facebook, Instagram, WhatsApp) reach billions of users globally. The advertising revenue, the data, and the economic value these platforms generate flows largely to American shareholders.

China’s success in building domestic alternatives—Baidu for search (65% domestic market share), Alibaba for e-commerce (50%+ market share), Tencent for social media (WeChat has 1.3 billion users), Huawei and Xiaomi for hardware—offers one model of digital sovereignty through indigenous capability. These firms emerged partly because China’s firewall blocked American competitors, creating protected space for domestic development. Whether this model can be replicated elsewhere—without China’s scale, without accepting its authoritarianism—remains uncertain.

Europe’s regulatory approach offers an alternative: lacking tech giants of its own, the EU uses regulatory power to shape how foreign platforms operate within its jurisdiction. This approach has influenced global standards but has not produced European competitors capable of challenging American or Chinese dominance.

Legal and political control reflects the desire to enforce national laws within national territory—a core attribute of traditional sovereignty. If a European citizen’s data is stored on American servers, which jurisdiction’s privacy laws apply? If a government wants to compel a foreign platform to remove content (terrorist propaganda, copyright violations, defamation), what leverage does it possess? If law enforcement seeks evidence stored abroad, whose legal process governs?

The clash between the American CLOUD Act (2018) and the European GDPR (2018) exemplifies these conflicts. The CLOUD Act authorizes U.S. law enforcement to demand data from American companies regardless of where it is stored—asserting extraterritorial authority that European courts have not recognized. GDPR restricts transfers of European personal data to jurisdictions without “adequate” data protection—potentially prohibiting compliance with American legal demands. Microsoft, caught between conflicting legal requirements, litigated for years over an email stored in Ireland demanded by American prosecutors.

Cultural and information integrity concerns motivate some governments’ desire to limit foreign influence over public discourse. This concern spans a spectrum from legitimate to authoritarian. On one end: the desire to combat foreign disinformation operations, protect elections from manipulation, and ensure that public discourse is not dominated by algorithms optimized for engagement regardless of social cost. On the other end: suppression of political dissent, censorship of content that authoritarian regimes find threatening, and control of information flows to maintain regime power.

The line between protecting society and controlling it often blurs in practice. Russia’s “sovereign internet” law (2019) ostensibly protects against foreign cyber attacks but enables disconnection from the global internet and centralized content filtering. China’s Great Firewall blocks foreign platforms but also surveils and censors domestic dissent. Even democratic governments face temptations: content moderation rules designed to address hate speech can be weaponized against political opponents; disinformation countermeasures can become tools of official narrative control.

Global Approaches

Different powers have adopted distinct strategies reflecting their values, capabilities, and strategic positions:

The European Union leads in regulatory sovereignty, using legal power to shape digital governance despite lacking indigenous technology giants. The General Data Protection Regulation (GDPR), effective May 2018, established the world’s most comprehensive data protection framework. GDPR asserts that EU citizens’ personal data must be processed according to European standards wherever it is located—an extraterritorial claim that companies ignore at their peril. Fines can reach 4% of global annual revenue; Meta was fined $1.3 billion in 2023 for transferring European data to the United States.

The Digital Markets Act (DMA, 2022) and Digital Services Act (DSA, 2022) impose specific obligations on large platforms (“gatekeepers”) operating in Europe, regardless of where they are headquartered. The DMA requires interoperability, prohibits certain self-preferencing practices, and mandates data portability; the DSA establishes content moderation requirements, transparency obligations, and liability rules. Non-compliance risks fines up to 6% of global turnover or, ultimately, being banned from the European market.

The GAIA-X initiative seeks to create a federated European cloud infrastructure reducing dependence on American hyperscalers. Progress has been slow—the project faces both technical challenges and the reality that American cloud providers have invested tens of billions in infrastructure that European alternatives cannot quickly match. But the aspiration reflects European concern about digital dependence.

The EU approach emphasizes rule-setting rather than technological autarky. Brussels lacks its own tech giants—no European company appears among the world’s 20 largest by market capitalization—but wields regulatory power that shapes global standards. The “Brussels effect” whereby companies adopt EU standards worldwide rather than maintain separate systems extends European influence far beyond its borders. Apple redesigned its charging cables globally to comply with EU requirements; GDPR-style privacy rules have been adopted from Brazil to Japan.

China pursues comprehensive technological self-reliance through a strategy combining protectionism, industrial policy, and political control:

The Cybersecurity Law (2017), Data Security Law (2021), and Personal Information Protection Law (2021) establish extensive state control over data processing. “Important data” and “personal information” of Chinese citizens must be stored domestically; cross-border transfers require security assessments and government approval. Companies must cooperate with national security investigations and provide decryption capabilities.

The “Great Firewall” blocks foreign platforms—Google, Facebook, Twitter, YouTube, WhatsApp, and thousands of other sites are inaccessible from mainland China—enabling domestic alternatives to flourish without competition. This digital isolation has costs (Chinese researchers, for example, cannot easily access Western academic resources) but has enabled Baidu, Alibaba, Tencent, and ByteDance to become global technology powers.

The Made in China 2025 initiative targets semiconductor independence and AI leadership. China imports over $400 billion in semiconductors annually—its largest import category, more than oil. American export controls on advanced chips and chip-making equipment have intensified efforts at indigenous production: SMIC (Semiconductor Manufacturing International Corporation) has achieved 7-nanometer chips despite sanctions, though it remains years behind TSMC and Samsung. Massive state investment (the National Integrated Circuit Industry Investment Fund has deployed over $50 billion) aims to close this gap.

Beijing’s approach enables both economic development and surveillance capabilities that liberal democracies cannot replicate. The same systems that track consumer behavior enable tracking of dissidents; the data that trains commercial AI can also train models for “social credit” scoring. Digital sovereignty in the Chinese model is inseparable from digital control.

The United States has historically favored open data flows and resisted data localization, viewing American tech dominance as a national asset and free information flows as ideologically virtuous. This posture reflected both interest (American companies benefit from open global markets) and ideology (the internet would spread democracy and American values).

But recent years have seen a marked shift toward techno-nationalism:

The CHIPS and Science Act (2022) commits $280 billion over ten years, including $52 billion in direct subsidies for domestic semiconductor production. Intel, TSMC, and Samsung have announced fab projects in Arizona, Ohio, and Texas, partly driven by these incentives. The goal is to reshore semiconductor manufacturing that has migrated to Asia over decades.

Export controls on advanced chips and chip-making equipment to China, implemented October 2022 and expanded since, aim to restrict Chinese access to cutting-edge semiconductor technology. These controls, which the Netherlands and Japan have joined, represent the most significant technology restrictions since Cold War-era COCOM controls.

TikTok faces potential ban or forced divestiture over security concerns that its Chinese parent company (ByteDance) might share American user data with Beijing or manipulate content algorithms for political purposes. The debate illustrates how digital sovereignty concerns have entered American political consciousness.

Committee on Foreign Investment in the United States (CFIUS) reviews increasingly block Chinese technology acquisitions. What was once a routine national security check has become a significant barrier to Chinese investment in American technology companies.

Washington’s belated conversion to techno-nationalism reflects recognition that digital infrastructure is strategic infrastructure—but the tension between American openness ideology and security imperatives remains unresolved. Can the United States maintain technological leadership while restricting the flows of people, capital, and ideas that enabled that leadership? The question has no easy answer.

India has emerged as a significant actor pursuing digital sovereignty that balances multiple dependencies:

Data localization requirements mandate that payment data be stored domestically (since 2018); broader restrictions on cross-border data flows have been proposed and debated. India’s Digital Personal Data Protection Act (2023) establishes data protection rules that, while less stringent than GDPR, assert Indian authority over data concerning Indian citizens.

The 2020 ban on 59 Chinese applications—including TikTok, WeChat, and popular games—following border clashes demonstrated willingness to use digital policy for geopolitical purposes. The ban, since expanded to over 300 Chinese apps, created space for Indian and American alternatives.

India’s approach balances the desire for a domestic digital industry (the government promotes “Digital India” and indigenous platforms) against dependence on both American (whose cloud providers and platforms dominate) and Chinese technology (whose manufacturing produces most hardware). With 700+ million internet users and a rapidly growing digital economy, India’s policy choices will significantly shape global digital governance.

Russia has pursued digital sovereignty primarily through control rather than capability:

The “sovereign internet” law (2019) requires internet service providers to install equipment enabling the government to isolate the Russian internet from the global network. Tests of this capability have occurred; full deployment could create a “Runet” disconnected from global communications.

Roskomnadzor, the telecommunications regulator, blocks content deemed extremist, terrorist, or otherwise objectionable—including opposition political websites. Foreign platforms face requirements to store Russian user data domestically and remove content on government demand; non-compliance has led to fines and throttling.

Russia lacks China’s capacity to build indigenous alternatives to Western platforms; its digital sovereignty strategy depends more on restriction than replacement.

Key Policy Instruments

Governments deploy multiple tools to assert digital sovereignty, each with distinct mechanisms, costs, and limitations:

Data localization requirements mandate that certain categories of data be stored within national borders. Russia requires personal data of Russian citizens to be stored domestically (since 2015); China requires “important data” and critical information infrastructure data to remain within China; India mandates local storage of payment data. The European Data Protection Board has issued guidance that effectively requires certain data to remain within the EU to maintain adequate protection.

Localization serves multiple purposes: it enables government access to data for law enforcement and intelligence purposes; it supports domestic cloud and data center industries; it reduces vulnerability to foreign legal demands (an American subpoena cannot easily reach data physically located in Germany); and it keeps economic value within national borders.

But localization also imposes costs. Multinational companies must maintain multiple data centers rather than efficient centralized operations; cloud services that depend on global infrastructure may be degraded; and fragmentation of data may impair AI training that benefits from large, diverse datasets. The efficiency losses of localization must be weighed against the sovereignty gains.

Platform regulation imposes obligations on digital intermediaries regarding content moderation, algorithmic transparency, competition, and taxation. The EU’s Digital Services Act requires platforms to remove illegal content within 24-48 hours of notification, maintain transparency reports, and allow researchers access to algorithmic data. The German NetzDG (Network Enforcement Law, 2017) pioneered this approach with €50 million fines for failure to remove “obviously illegal” content.

Platform regulation has proliferated globally: Turkey, Indonesia, Nigeria, and dozens of other countries have adopted requirements (of varying stringency and intent) on content moderation and local representation. Some nations use such rules primarily to protect citizens from illegal content; others weaponize them against political opponents, journalists, and civil society. The same regulatory mechanism that removes terrorist propaganda can suppress legitimate political speech.

Technology standards represent a longer-term battleground whose outcomes will shape digital systems for decades. Control over 5G specifications, AI governance frameworks, encryption protocols, and data formatting standards confers enduring influence. Whoever writes the standards shapes the technology—and potentially embeds surveillance capabilities or excludes competitors.

China has dramatically increased participation in international standards bodies. Chinese representatives now lead four of 15 specialized agencies of the United Nations (none did in 2015). At the International Telecommunication Union (ITU), China has promoted “cyber sovereignty” concepts that would legitimize national control over internet content and reject the “multi-stakeholder” model favored by Western democracies. China’s “New IP” proposal would redesign internet architecture in ways critics argue would enable centralized control.

The contest over AI governance frameworks is just beginning. The EU’s AI Act (2024) establishes risk-based regulation of artificial intelligence, potentially setting global standards as GDPR did for privacy. Chinese AI regulations emphasize different priorities (content control, social stability). American AI governance remains largely industry self-regulation. Whose approach prevails will shape AI development worldwide.

Investment screening allows governments to block foreign acquisitions of sensitive technology companies. The United States has strengthened CFIUS (Committee on Foreign Investment in the United States) review, blocked numerous Chinese acquisitions (including semiconductor companies, dating apps with sensitive data, and proximity-to-infrastructure investments), and required divestiture of previous acquisitions like Grindr.

European countries have adopted similar screening mechanisms: Germany blocked Chinese acquisition of Aixtron (chip equipment) and Chinese investment in critical infrastructure; the united-kingdom strengthened its National Security and Investment Act; france expanded review of technology investments. The trend is toward more scrutiny, particularly of Chinese investment in strategic sectors.

Export controls restrict the transfer of critical technologies to adversaries. American restrictions on advanced semiconductor equipment sales to China, announced October 2022, represent the most significant technology controls since the Cold War. These controls prohibit:

  • Sale of advanced chips (below 14/16nm process) to Chinese entities
  • Sale of equipment used to manufacture advanced chips, including equipment from Dutch firm ASML (whose EUV lithography machines are essential for cutting-edge production)
  • Service by American persons to Chinese semiconductor facilities
  • Sale of high-performance computing and AI chips

The Netherlands and Japan have joined these controls, creating a near-complete restriction on Chinese access to leading-edge semiconductor technology. China has responded with export restrictions on gallium and germanium (materials used in chip production) and accelerated domestic development programs. The long-term consequences—for technological leadership, global supply chains, and great power competition—are still unfolding.

Tensions and Trade-offs

Digital sovereignty creates genuine dilemmas that cannot be resolved through technical fixes or clever policy design:

Fragmentation versus openness. The more nations assert control over their digital domains, the more the global internet fractures into separate regulatory regimes. This “splinternet” reduces the efficiency gains of unified platforms—a company selling globally must navigate dozens of data protection regimes rather than operating under a single framework—but may better protect national interests and values.

The open internet that pioneers imagined—a borderless space where information flows freely regardless of national boundaries—is giving way to something more fragmented. China’s internet is already substantially separate; Russia is building similar capabilities; Europe’s regulatory distinctiveness creates friction with American practice; and scores of smaller nations impose their own requirements. Whether this fragmentation is tragedy (the loss of a universal commons) or progress (the assertion of legitimate diversity) depends on one’s values.

Innovation versus protection. Restrictions on data flows and foreign technology may shield domestic firms from competition but also limit their access to global talent, capital, and markets. China’s firewall protected Baidu from Google’s competition, enabling a domestic search giant to emerge; but Baidu’s search quality arguably lags Google’s, and Chinese internet users cannot access the global information commons. Was this trade-off worthwhile?

The semiconductor export controls raise similar questions. Restricting Chinese access to advanced chips may slow Chinese AI development and military modernization—but it also accelerates Chinese efforts to build indigenous capability, potentially creating a competitor that would not otherwise emerge. American semiconductor companies lose access to a massive market (China purchased $180 billion in chips annually before restrictions); Chinese companies face pressure to develop alternatives. The long-term effects are uncertain, but the trade-offs are real.

Security versus liberty. The same tools that protect against foreign surveillance enable domestic surveillance. The infrastructure that monitors for cyber attacks can monitor citizens; the authorities that require platforms to remove terrorist content can require removal of political dissent; the data localization that protects against foreign access enables domestic access.

Authoritarian governments instrumentalize digital sovereignty to control populations: China’s surveillance state tracks Uyghurs and monitors social credit; Russia’s sovereign internet law enables censorship and control; even India’s shutdown of internet access in Kashmir (lasting over 500 days) demonstrates how digital sovereignty tools can suppress rather than protect.

Democracies face temptations too. Post-9/11 surveillance programs in the United States collected data on millions of citizens with minimal oversight. Content moderation regimes, whatever their intent, risk government pressure to suppress disfavored speech. The line between security and liberty is contested, and digital sovereignty measures often push toward security at liberty’s expense.

Sovereignty versus interdependence. No nation can achieve complete digital self-sufficiency—not even the largest and most capable. Advanced semiconductors require global supply chains: ASML’s EUV lithography machines contain components from thousands of suppliers across dozens of countries; the chemicals, gasses, and materials that chip fabrication requires are globally sourced. Even China, with all its resources and determination, cannot replicate this supply chain domestically; American efforts to reshore semiconductor manufacturing depend on foreign-owned companies (TSMC, Samsung) building facilities in the United States.

AI models require vast data and computing resources that exceed any single nation’s capacity; cybersecurity requires international cooperation that digital sovereignty often impedes. strategic-autonomy is always a matter of degree—reducing critical dependencies rather than achieving autarky—and the costs of reducing dependence must be weighed against the costs of maintaining it.

The Emerging Landscape

The contest over digital sovereignty is reshaping geopolitics in ways that will define the twenty-first century:

Technology blocs are forming as nations align their digital infrastructure with trusted partners. The United States launched the “Clean Network” initiative (2020) seeking to exclude Chinese equipment from Western telecommunications, cloud services, and undersea cables. Over 50 countries and 180 telecom companies joined, creating a de facto Western technology bloc. Huawei, excluded from most Western 5G networks, has pivoted to markets in Asia, Africa, and Latin America where American pressure is less effective.

China’s Digital Silk Road extends its standards and systems to partner nations. Huawei has built telecommunications infrastructure across Africa; Chinese companies have deployed smart city and surveillance systems from Ecuador to Zimbabwe; and China has signed digital economy agreements with over 20 countries. The Belt and Road Initiative’s digital component may create technological dependencies that parallel the infrastructure dependencies created by physical projects.

The European Union positions itself as a “third way”—neither American surveillance capitalism nor Chinese state control—but struggles to translate regulatory leadership into technological capability. GAIA-X, digital euro, and various autonomy initiatives face the fundamental challenge that Europe lacks indigenous tech giants.

Weaponized interdependence has become a tool of statecraft. The United States leverages its centrality in financial networks (SWIFT, dollar clearing) and technology supply chains (semiconductors, cloud services, software platforms) to impose sanctions on adversaries. The exclusion of Russia from SWIFT following the Ukraine invasion, American chip export controls on China, and sanctions on Huawei demonstrate how interconnection creates leverage.

Others seek to reduce such vulnerabilities. China’s CIPS (Cross-Border Interbank Payment System) offers an alternative to SWIFT; Russia has explored similar mechanisms. Central bank digital currencies, developed by China and under consideration elsewhere, might eventually reduce dependence on dollar-based financial infrastructure. The quest for “de-dollarization” and technology independence reflects recognition that interdependence enables coercion.

But weaponized interdependence has costs for those who wield it. Every exercise of American leverage over technology networks encourages adversaries and even allies to seek alternatives. The reliability that made American systems central is undermined by their use as geopolitical weapons. How far the United States can weaponize interdependence without undermining the interdependence itself remains uncertain.

The Global South faces difficult choices as digital sovereignty becomes a great power battleground. Many developing nations depend on Chinese infrastructure—affordable, available, and accompanied by financing—while also relying on American platforms and European markets. Huawei equipment is significantly cheaper than Ericsson or Nokia alternatives; Chinese development financing comes with fewer conditions than Western alternatives; and Chinese technology is available to countries that Western suppliers consider too risky or small.

Navigating between tech blocs without full alignment to either represents a new form of non-alignment. India bans Chinese apps while depending on Chinese hardware; Indonesia welcomes Chinese investment while joining American supply chain initiatives; African nations take Chinese infrastructure while their citizens use American platforms. Whether this balancing act remains sustainable as great power competition intensifies—whether the Global South will be forced to choose—is a defining question of the emerging digital order.

Artificial intelligence adds urgency to digital sovereignty concerns. AI systems require vast computing resources (increasingly American-controlled), massive datasets (whose location and access determine who can train models), and talent (concentrated in a few countries and companies). Leadership in AI may confer advantages in military capability, economic productivity, and technological innovation that compound over time.

The race for AI supremacy intensifies digital sovereignty competition. Export controls on AI chips aim to slow Chinese capability development; data localization affects who can train advanced models; and AI governance frameworks will shape what systems can be deployed and how. Whether AI development remains concentrated among a few global powers or diffuses more broadly will significantly affect the international order.

Whether the coming decades see a managed pluralism of digital systems—multiple centers of technology power coexisting through negotiated rules—or a fragmented world of competing technological empires—bloc-based systems with limited interoperability—remains uncertain. The early internet’s vision of borderless connectivity has given way to recognition that digital space is contested terrain. What is clear is that digital sovereignty has joined traditional concerns—territory, resources, military power—as a fundamental dimension of statecraft. Nations that cannot control their digital infrastructure, that depend on foreign platforms for essential services, that lack indigenous capability in critical technologies, will find their sovereignty constrained in ways that military strength cannot remedy.

The twenty-first century will be shaped by how this contest unfolds—by which nations achieve digital sovereignty, at what cost, and with what consequences for their citizens and the world.

Sources & Further Reading

  • Digital Empires: The Global Battle to Regulate Technology by Anu Bradford — Compares American, European, and Chinese approaches to digital governance, showing how different regulatory models reflect deeper values and interests.

  • The Great Firewall of China by James Griffiths — Detailed examination of how China built its system of internet control, essential for understanding one model of digital sovereignty.

  • Surveillance Capitalism by Shoshana Zuboff — Analysis of how tech platforms extract and monetize data, providing context for why governments seek to assert control over the digital domain.

  • The Brussels Effect by Anu Bradford — Demonstrates how the European Union exports its regulatory standards globally, explaining Europe’s distinctive approach to digital sovereignty through rule-setting rather than technology development.