Summary of the Report on Digital Sovereignty & Dependence on US Tech
This report, referenced as “24-830-11.pdf,” highlights significant concerns about France and Europe’s dependence on US-based digital solutions, notably Microsoft, and the resulting risks to digital sovereignty and data security. Here’s a breakdown of the key points:
1.Data Vulnerability & US Law:
US Laws Allow Data Access: US laws permit American services to access and utilize data transmitted within the US, potentially sharing it with US competitors. A former senior official warned that French companies using exclusively US services like Microsoft are often unaware of this risk, even when it leads to legal setbacks.
Risk of Dependence: The report emphasizes the danger of becoming addicted to and dependent on foreign digital solutions, weakening European digital sovereignty.
Geopolitical Leverage: There’s a fear that foreign powers could leverage their control over these solutions to exert pressure on France and the EU, potentially disrupting public administration and economic life.
2. Gap Between policy & Practice:
Awareness is Growing: Some European states, like Denmark, are beginning to address the issue by exploring alternatives (e.g.,switching from Windows/Office to Linux/LibreOffice).
Existing Legislation: France has laws (dating back to 2016 and earlier) promoting the use of free software and open formats to ensure independence and sustainability of data systems.
contradictory Guidance: Despite the “Cloud at the Center” doctrine (aiming for data sovereignty), guidance allowed state services to continue using Microsoft office 365.
Persistent Lag: The report criticizes a “persistent lag between public speeches and concrete acts,” citing numerous examples of French public organizations ignoring official prescriptions and opting for foreign digital solutions.
3. National Education Case Study:
Massive Microsoft Renewal: The Ministry of National Education recently signed a framework agreement to renew Microsoft licenses for €75-152 million over four years.
Dinum Oversight Ignored: This deal was made without seeking the opinion of the Interministerial Directorate of Digital (Dinum), which is required to ensure compliance with the “cloud in the Center” policy.
Ministerial Reminder: This oversight prompted a reminder to order from the ministers of public action and artificial and digital intelligence.
In essence, the report paints a picture of a significant disconnect between France’s stated goals of digital sovereignty and its actual practices, particularly regarding reliance on US tech giants like microsoft.It highlights the need for stronger enforcement of existing regulations and a more proactive approach to developing and adopting European alternatives.