1 Introduction

Sovereignty means that states or countries have autonomyFootnote 1 in how they manage their internal affairs. Consequently, countries should respect each other’s sovereignty. This is, of course, only one and a highly simplified Platonic ideal image of sovereignty. We will go deeper into the multiplicity of perspectives on sovereignty and international relations.

When we say sovereignty, generally here we are talking about state sovereignty rather than the sovereignty of an individual person. However, the two are closely related. Sovereignty concerns the power arrangements in society, notably between the citizens and the “state.” A government or ruler who is systematically not accepted by the people is in trouble. People in a country who are not accepted by the government or the ruler are in trouble. One way to arrange for the allocation of power between citizens and state is democracy and respect for fundamental human rights. These are two relational notions that link state and individual sovereignty. They are also at the heart of what digital humanism stands for.

Why would we spend time on such a century-old concept? The reason is that in today’s geopoliticized digital age, sovereignty is under severe pressure. There is a sovereignty gap between the aspirations for state sovereignty and hard reality (Kello, 2017). The hard reality consists of the threats of geopolitical conflict, the pervasively disruptive nature of digital technologies and big tech, and global threats such as cyber-crime, pandemic, and climate change (see Fig. 1). These three forces are not halted by the human-created borders between countries; they do not respect sovereignty. The international system of states is being disrupted and perhaps fundamentally reshaped. No wonder that heads of states are very worried. Since 2017, sovereignty and the related notion of strategic autonomy have been Chefsache. But they are not sitting ducks and have come forward with a multitude of public policies to safeguard, defend, and even strengthen sovereignty.

Fig. 1
An illustration of the sovereignty gap between international tension, global threats, and digital transformation and dominance.

Sovereignty gap

Here we focus on public policies that address the interplay of digital technologies and sovereignty. That is, public policy that shapes sovereignty and the digital age fit for what we want.

The central problem is to develop public policy for sovereignty in the digital age.

What we need for this is to shed light and to understand: to shed light on the possible shapes of sovereignty in the digital age, and the desired ones, which is a political choice, and to understand the interplay of technology and society. This is not easy at all. However, not addressing the problem leaves us in the hands of unaccountable powers, undemocratic authoritarians, and uncontrollable technology development. This would precisely be counter to what digital humanism is about. Sovereignty and geopolitics are key aspects of the reality that digital humanism seeks to influence.

We now first give a brief introduction to perspectives on international relations, sovereignty, and strategic autonomy. That puts us in a position to discuss the impact of digital technologies. Then we can address the challenges of developing public policy for sovereignty in the digital age and illustrate these by concrete cases in two hot topics of cybersecurity and artificial intelligence (AI).

2 International Relations

Sovereignty of countries, or state sovereignty, is a key concept in political sciences, in particular in the study of the relations between countries, that is, international relations (IR). In IR thinking—grossly simplified—the main schools are realists, liberalists, and contingency thinkers. Realists consider that the international system of states is basically an anarchy of states. This does not mean that there is chaos but rather that the defining characteristic is that there is no overarching authority. Moreover, states are captured in the “security dilemma” which means that they must be ever mistrustful of the intentions of foreign states, having to rely on self-help, and likely preemptively having to arm themselves. This line also fits global or regional hegemon thinking (Mearsheimer, 1994; Waltz, 2010).

Liberalists consider that there is more than states to world order. International organizations and other actors (e.g., private sector, NGOs, the global tech community) also play a role in international relations. Collaboration between states is possibly and, in fact, quite likely based on self-interest rightly understood (de Tocqueville, 1864).

Contingency thinking considers that international relations between states depend on, or are contingent on history, the evolving identity of states and the “socialization” between states, as developed over years and in all forms of international relations. An illustration is the establishment of international institutions and governance post-1945 such as IMF and World Bank and the EU, all strongly influenced by the traumas of the two World Wars.

In addition, we mention mercantilist and Marxist thinking. Both see state relations as inherently conflictual (as do realists). For both the primary motivation is economic. For mercantilists, national wealth contributes to and should serve national power relative to other nations. For Marxists, capitalist profit-maximization inherently leads to conflicts, also between states (Art & Jervis, 2016, p. 277). These two ways of economics-based thinking are relevant for us when, for instance, we want to design an industrial policy for semiconductors that considers both global economics and geopolitics.

Although the interplay of international relations and technology has been researched, there is not yet a systematic corpus of academic knowledge, let alone established schools on this issue within either political or technology/innovation sciences. Technology has for a long time been seen as an exogenous factor by international relations scholars and mainly as a factor in warfare. Nevertheless, the writing was on the wall with the famous Declaration of the Independence of Cyberspace that stated “Governments of the Industrial World […] You have no sovereignty where we gather” (Barlow, 1996). Recently, perhaps belatedly, a new political sciences branch of “techno-politics” is emerging. It has grown out of science and technology studies and takes seriously a two-way interplay of technology and (international) politics (Eriksson & Newlove-Eriksson, 2021).

As stated in the introduction, digital humanism perspectives should relate to the international system of states. Realists will consider states as primary actors and likely take digital humanism into account only as far as it fits with friend/foe perceptions. Digital humanism as a movement can then very well impact alliances of like-minded states but become problematic when it reaches outside like-minded states. Digital humanism in the realist perspective would be expected to work in particular with state-related social constructs such as law, public education, and national democratic institutions.

Liberalists, being more open to multistakeholder approaches, may see digital humanism acting through a wider set of channels or multistakeholder platforms and believe that it can make a difference in international relations, also beyond the existing configuration of states, whether democratic and likeminded or not. In particular, digital humanism may exert influence through technology-based collaborations and other social constructs (e.g., digital ethics and standards). However, not all liberalist thinking may be at peace with digital humanism. In particular, both extreme liberalism that seeks to minimize influence of the state and unconstrained economic liberalism can be argued to be incompatible with democracy (Francis Fukuyama, 2022) and other digital humanism principles as expressed in the Digital Humanism Manifesto (Digital Humanism Initiative DIGHUM, 2019).

Contingency thinkers in turn may stress the historically contingent context of both digital humanism and international relations. They may be taking into account a history of sovereignty from roots in the Treaties of Westphalia and late seventeenth-century Enlightenment to today’s philosophy about the relations between technology, humans, and society (see Learning Resources, below). They may also take into account that, while we are in a time of heightened geopolitical polarization, the perception of what “the state” is may well alter in a time span of decades or centuries due to long-term trends or major global forces, such as climate change, or indeed technology. For contingency thinkers, digital humanism and international relations are not absolute. They may be looking for long-term and profound trends and factors that transcend both. Digital humanists may well be wary of the economic-functionalist perspectives of both mercantilists and Marxists since digital humanism is likely seen as an instrument rather than an objective per se.

The “Discussion Questions” challenge to bring IR thinking and digital humanism ideas together.

3 Sovereignty

Sovereignty as one of our central themes turns out to be a hard to pin down concept. State sovereignty has emerged from at least three thinkers. Bodin (1529) came up with the concept of the sovereign as a person who exercises absolute and undivided power with impact both internal to the state and in the external affairs of the state. Hobbes (1588) developed the doctrine of supreme sovereignty based on a unitary body politic of rulers and rule, free from supreme accountability (except, perhaps to God). Jean-Jacques Rousseau (1762), an Enlightenment thinker, advocated popular sovereignty and a social contract which evolved into the thinking that the relationship citizen-state sovereignty is legitimized by choice of the citizens with corresponding obligations of the state toward citizens (Stanford University, n.d.).

In the second half of the sixteenth and first half of the seventeenth century, European kings, warlords, and the Holy Roman Empire almost continuously fought with each other. This brought devastation to Europe and millions of people died. In 1648, the Treaties of Westphalia were signed that set out to end the warring by recognizing states as the locus of sovereignty. It was the birth of the state-based system of relationships between sovereigns, which became the sovereign states-based system of international relations in much of the world.

Obviously, international relations have evolved over the centuries. Likewise, the concept of sovereignty is evolving and may well appear to be rather fuzzy. Perhaps we have to accept that sovereignty is an essentially contested concept, as is religion or art (Gallie, 1956).

Still, that does not stop us deepening our understanding and continuing the discourse on sovereignty and its future. Today, international relations have evolved from states into supranational organizations such as the UN and its agencies as well as regional law-based alliances of states such as the European Union (EU) that pool and share sovereignty. While countries and states do not have diminished in relevance, an important body of international law has emerged, and though frequently contested it is still ever-expanding along with global challenges (Klabbers, 2021).

In an age where power is linked to control of technology and where global challenges transcend the powers of any individual state, we must take into account international corporations—such as big tech—and their influence on geopolitics. Similarly of great importance are international collaborations such as civil society activism, standardization by the technology community and industrial alliances, as well as multistakeholder collaborations. These can be meeting places for common opinion building and voluntary action but can also have power, either de facto or sometimes also de jure under national, regional, or international law, to manage important assets of economy, society, justice, or democracy. An instructive case in the digital domain is ICANN (Internet Corporation for Assigned Names and Numbers). This is a private international multistakeholder organization that manages the Internet domain name system. ICANN is effective in achieving international compliance to global domain name management, not in the least thanks to its multistakeholder approach, yet it is not an organization under international law.Footnote 2

Sovereignty requires internal and external legitimacy (Biersteker, 2012). Internal legitimacy is acceptance of the authority of the government by the citizens. External legitimacy is the acceptance of the state by foreign countries. Sovereignty concerns three “assets” that need to be governed: (1) power, which is called foundational sovereignty; (2) physical and nowadays also digital assets which comprise above all territory and therefore is called territorial sovereignty; and (3) the institutional organization of economy, society, and democracy, which is called institutional sovereignty (Bickerton et al., 2022).

The key notions of internal and external legitimacy map onto foundational, territorial, and institutional sovereignty. For instance, where state sovereignty is about power arrangements, these need to be recognized internally and externally. To be effective the state needs to have authority in the organization of government and public services, and democracy needs to be an authoritative institution, for instance, with an organization to ensure free elections. “Territory” may be seen as any resources or assets that “belong to us” (i.e., not to “them”). These are of a geographic, natural, or digital origin and can also be taken to include the population, values, and culture. This territorial view clearly requires internal and external recognition and thereby legitimacy. Finally, the institutions of government need to be internally accepted, while their external legitimacy is a matter of—sometimes disputed—international relations, such as extraterritorial jurisdiction (Klabbers, 2021, pp. 106–108).

State sovereignty is quite different from sovereignty of the individual, but nevertheless, they are related through the internal legitimacy dimension of sovereignty. Control over what belongs to us as individuals (our body and life, our thoughts, our preferences, our choices in social relations and democracy) will likely lead to tensions in the relationship between state and individual when the state also seeks control. Such tensions manifest themselves in authoritarian regimes where there is suppression of free speech. They also show up when national security or safety or public health is at stake. Some felt that their personal freedom was unjustly curtailed during the COVID-19 pandemic and for some the state lost legitimacy.

A difficult question is also who exercises control over what is shared between citizens and the state. The canonical example is citizen identity (or eID for its digital form). Does it belong to you or to the state? Clearly, it is a sovereign asset and issuing the citizen ID is a function of the sovereign (i.e., the state), a fonction régalienne. However, many of our electronic identities are issued by Internet companies, and some we use over and over, including for public services such as Facebook or Google or Apple ID. Can our eID also belong to a corporation rather than the state? The EU seeks to answer such questions in its EU Digital Wallet law. Such a digital wallet includes the national eID, which is issued and recognized by the state, and furthermore contains personal attributes that are under self-sovereign, that is, exclusive citizen control. Moreover, with the EU Digital Markets Act, the big tech platforms (so-called gatekeepers) have to accept identification with the nationally recognized ID. Therefore, a citizen eID or enriched citizen eID such as a digital wallet in Europe is unlikely to come under exclusive corporate control.Footnote 3

4 Strategic Autonomy

Much ink has been spilled in the last few years on the notion of strategic autonomy, certainly in European debates. While some would argue that this is yet another essentially contested concept (General Secretariat, 2021), research reveals that this is actually not the case. There are at least two origins of the notion of strategic autonomy (Timmers, 2019). One is in the French defense/military doctrine that considers it as the capacities and capabilities to defend sovereignty. After WWII, this was also translated by France to the ability to project military power wherever necessary in the world (force de frappe) and the need to have the atomic bomb. The other origin is in Indian diplomacy, again especially after WWII, which was the doctrine that India should have independence from either Beijing, Moscow, or Washington, which also has strong defense/military undertones, that is, non-alignment.

Clearly, both tell us that strategic autonomy is seen as a means to an end, the end being sovereignty. The means consist of capabilities and capacities and control. Also, clearly, today the notion of strategic autonomy goes beyond the military domain, since sovereignty in the geopolitical digital age is threatened across economy, society, and democracy—national defense included. In the USA, economic security is equated to national security. In China, economic geo-competition is translated into a competition (with the West) for global system dominance and US hegemony is no longer accepted.

This leads us to the following definition: strategic autonomy consists of the capabilities, capacities, and control to decide and act on essential aspects of our economy, society, and democracy.

Is this a clear and operational definition? One could criticize that “essential” and “our” are not defined. Indeed, these terms link to what is meant by “our” sovereignty. They have to be interpreted in the discourse on who “we” are and how we interpret sovereignty, which is not a matter of definition but rather of assessment and judgment.

The other terms are clearer: capabilities are what we know, capacities are how much we can do, and control is the say we have over capabilities and capacities, decisions and actions. This makes the definition quite operational: we can identify and even often measure capabilities and capacities and control or at least use proxies for these. Examples—far from an exhaustive list—of such proxies are patents and skilled professionals (capabilities), investments and market share (capacities), shareholding, and security scrutiny requirements (control).

Furthermore, by having such an operational definition, we become aware that often in many aspects strategic autonomy will not be absolute but only relative to other countries. It will also only be partial. It is unlikely, except perhaps for the superpowers USA and China, to have total control and have all necessary capabilities and capacities, in other words, to have autarky. Economically, this is actually undesirable because, even for the superpowers, lack of scale leads to inefficiencies compared to division of roles across countries, i.e., specialization and global supply chains. An illustration is that for the semiconductor industry, a global industrial ecosystem costs in the order of one trillion dollars less than fully localized “self-sufficient” supply chains (Boston Consulting Group and Semiconductor Industry Association, 2021). How else to address strategic autonomy? There are essentially four ways (see Fig. 2).

Fig. 2
A Venn diagram of 4 circles. The overlapping circles represent risk management, global collaboration, and strategic partnerships. Autarky has no relationship with the other circles.

Four ways to address strategic autonomy

First, we already mentioned autarky. Second, countries can impose a risk management approach to strategic autonomy, that is, doing the best possible according to the state of the art, but otherwise accepting vulnerabilities as an unavoidable risk. Hopefully that residual risk is not disastrous, i.e., one can bounce back, one has resilience. Risk management may not seem wise (do you want to put the state at risk?), but it is actually the approach that many countries have followed from the 1970s until recently. They were encouraged that globalization would reduce supply risks and have resilience as a by-product. Indeed, globalization increased fairly consistently year upon year [see Fig. 3, with global trade as a proxy for globalization (World Bank, 2021)], until 2021. Already earlier, there were doubts about the risks of critical foreign dependencies, but COVID-19 brought home that message loud and clear. Risk management is no longer the most-favored approach.

Fig. 3
An area chart represents the global trade in percentage from 1970 to 2020. The area peaked at 60.5% in 2008. Data are estimated.

Global trade (% of GDP, CC-BY 4.0 license, World Bank)

Rather on the rise and this is the third way is a strategic partnership approach to strategic autonomy, meaning, to work together with like-minded countries or regions in order to, as much as possible, strengthen joint or shared capabilities and capacities and control. Strategic partnerships of the like-minded do not ignore that there can still be strategic dependencies on non-like-minded countries. Dependency policy identifies such critical dependencies and for each determines the appropriate policy action, such as import substitution, foreign M&A (mergers and acquisitions), building up domestic capacity, acquisition of intellectual property (IP), or, realistically, also IP theft and state-sponsored industrial espionage. The reverse approach is also part of such analysis, namely, to weaponize dependencies. On the latter, following early work on power and interdependence in international relations (Keohane & Nye Jr, 2011), further thinking is emerging that addresses how in today’s geopolitical and globally networked digital/technological world, dependencies actively get weaponized, which we see happening today, for instance, in semiconductors and critical raw materials (Farrell & Newman, 2019).

Finally, the fourth approach to strategic autonomy is to pursue global collaboration on global common goods. This may seem idealistic but is in fact a reality, even today. Examples in the digital world are the management of the Internet domain name system by ICANN, a multistakeholder global organization with authority over the allocation of domain names (from the country domain names such as “.cn” to thematic ones such as “.shop”) and to some extent safeguarding the security and stability of the domain name system globally. A successful past example is the 1987 Montreal Protocol to curb the emissions of CFK gases that destroy the ozone layer.

Paradoxically, while global collaboration seems to be about giving up control and thereby losing sovereignty, the opposite can be true as well. Sovereignty can be strengthened by jointly nurturing global commons. This holds true when the global threats surpass the power of any individual country—such as climate change, cyber-crime, or pandemics. It also holds true when there is a tragedy of the commons situation, that is, either free-riders egotistically destroy the beneficial source or going solo impedes the development of the much greater benefits of the common good, from which, in turn, sovereignty can be strengthened. The great political philosopher Alexis de Tocqueville observed this when studying democracy in America in the nineteenth century, finding that the motivation to collaborate and provide benefits to others is “self-interest rightly understood” (de Tocqueville, 1864).

The scale of collaboration does not necessarily have to be global. Regional collaboration as in the EU, which is legally based in the EU Treaties, may be seen by the EU member states as a win-lose situation as far as national sovereignty is concerned. It appears obvious that countries lose sovereignty by having to comply with EU laws, while the EU as a supranational entity gains sovereignty. But this is not always true. A case in point is the EU Digital COVID Pass which provides a triple win: it enabled EU member states to better deal within their own country with the pandemic and thus strengthened internal legitimacy of government vs citizens. It also built a European common good, an EU sovereign asset which increased the legitimacy of the EU in relation to European citizens. Finally, it increased the standing and influence of the EU in the world, i.e., its external legitimacy, as the EU COVID Pass has been recognized and copied by 65 countries and over 1 billion people across the world.

Strategic autonomy is a key concept for sovereignty in the digital age. It can take many shapes and degrees of realization. But the debate is sometimes confused by misunderstandings on terminology and fallacies. Often strategic autonomy in digital matters is—mistakenly—called digital sovereignty, whereas authors actually discuss capabilities, capacities, and control rather than sovereignty.

There are also fallacies about strategic autonomy. One is that authors equate strategic autonomy to autarky or self-sufficiency which has the smell of protectionism. But autarky is only one approach and actually the rarest. Moreover, protectionism may be a legitimate policy measure to strengthen strategic autonomy, but the converse may also be true. Moreover, strengthening mutual interdependencies can reduce the risk that the foreign country would be tempted to undermine its partner’s sovereignty.

There are two more fallacies on which we can be brief. One is the “we can have it all” fata morgana. Strategic autonomy does not come for free. The total investments for strong independence (such as in semiconductors, cloud, networks, AI, green industry, medicines, etc.) far surpass the resources of most countries. Another is the “let’s take back control” fallacy (the slogan of Brexit). As (Martin Wolf, 2019) convincingly and scathingly argued, you cannot take back control on something you never had. As an example, for the EU, cloud strategic autonomy is not about taking back control but rather about either building up an EU cloud industry that can compete with the big foreign cloud providers (who have 70% of the market in the EU), or accepting to play a value-added role to the big cloud providers in trust services and AI with as a consequence long-term geopolitical dependency on the USA, or changing the paradigm and building up strategic autonomy in edge-cloud, a new form of decentralized and distributed cloud.

Interludium: Technological and Social Construction of Reality

The underestimation of the power of technology to shape international relations has its mirror in the underestimation of the power of geopolitics to shape technology. There is a much closer interplay between technological constructs and social constructs such as international relations and government than we are often aware of. The same holds for sovereignty and its social constructs such as law, public services, justice, democracy, etc. More generally, Fig. 4 illustrates this (Timmers, 2022a).

Fig. 4
A triangular illustration of interconnected nodes. The nodes are social construction, technological construction, and people.

Social and technological construction of reality

Therefore, when investigating which public policy for sovereignty in the digital age, we should ab initio take as degrees of freedom both the technological constructs and the social constructs of sovereignty. In the early 2000s, the term “code is law” was used to express that the technical architecture of the Internet conditioned and constrained legislative options to regulate the Internet (Lessig, Lawrence, 1999). Moving toward the 2020s, the awareness grew that the reverse also holds, that is, law is code. This means that technology has to be designed in order to fit with the norms and rules society wishes to have (De Filippi & Wright, 2019). Some terms that reflect this thinking are privacy-by-design and security-by-design. We are now entering an age of sovereignty-by-design, the combined social and technological (re-)construction of sovereignty. Cohen (2019) shows that large tech companies have often well understood that this is the case. They have worked for years closely with the government, while the government has adapted itself to these corporations (this process is called governmentalism). The aim was to get a regulatory environment and digital architectures that enabled profit maximization by such corporations, as was largely achieved at least in the USA.

5 Digital Technology and Sovereignty

Let’s zoom in on important changes in sovereignty due to digital technologies and vice versa. The most obvious is the territorial dimension of sovereignty. No longer are we talking only of physical assets and physical space. In the digital age, we also have digital assets such as the national digital identity, national and provincial and city domain names, national health data, or digital twins of nationally manufactured products or of smart cities. We also have the notion of cyberspace, which comprises a peculiar amalgam of digital equipment such servers and data centers and domestic digital networks that necessarily have a physical location and thereby fall under a sovereign jurisdiction, complemented by transnational networks (under which jurisdiction) as well as nonphysical rules and standards and digital services. These digital services generally are not bound to a physical location and, interestingly, some can actually undo the link to a sovereign jurisdiction by moving around in the cloud.

Territory therefore gets vastly expanded into the digital age. A country that has no concept of digital territory risks losing its riches. Take genetic and health data—it is just data, isn’t it? No, it is a national asset that “belongs to us.” Such data originate from the population itself as does to some extent its value added in products and services, from new medicines to healthy-living programs.

However, if states want to ensure that digital technology does not escape from the traditional notions of territorial sovereignty, they are tempted to impose data localization, which implies a technology architecture with built-in borders. Interestingly, the notion of “belong to us” can also be supported by requiring that access to and use of data come under control of the “our” jurisdiction rather than the data themselves—which would be adequate to safeguard sovereignty as long as there is a technology that enables this. Indeed, the emerging homomorphic encryption is such a technology.

The institutional dimension of sovereignty gets ever more influenced and even determined by digital technology. Modernizing public services with digital technology is far from value neutral. Digital technologies offer greatly expanded possibilities to get information about and interact with citizens. This goes from the beneficial with intelligent, non-bureaucratic, and efficient public services such as for child benefits, permits, and voting to, in extremis, malicious state surveillance and social scoring. Digital technologies can also bypass and invalidate the old models of institutionalized sovereignty. For instance, all institutionalized governance used to be centralized. Distributed ledger technologies (such as blockchain) make possible 100% trustworthy transactions without any centralized oversight. Centralized authorities such as for import/export reporting or food quality control can—in theory—be bypassed by much more efficient and reliable decentralized distributed controls. Centralized national currencies are bypassed by completely decentralized cryptocurrencies.

It is not only authorities as institutional constructs of sovereignty that change due to digital technologies. Some institutional constructs, notably law as we know it, can no longer function when we must rely upon autonomous AI, such as to counter cyber-attacks on critical infrastructures that evolve at millisecond timescale—themselves being AI-driven. The world of sovereignty used to be a world on a human scale, which is fundamentally incompatible with the world of machines.

Here too, in some cases the reverse can happen so that sovereignty-as-we-know-it can continue to function while technology gets adapted. Rather than open and global blockchain, there are now permissioned distributed ledger technologies that enable a limited group (say, the national customs administration) to continue exerting control while still largely gaining the efficiencies of open blockchain. However, we do not yet have a technological solution for the abovementioned autonomous AI problem such that humans stay in control and political accountability—a key aspect of internal legitimacy—is maintained. Note the conundrum: we may not be able to do any longer without such autonomous AI in order to rescue our sovereignty but doing so erodes our sovereignty in the long run.

Finally, with the rise of digital technologies, there is a need for new institutions that define and control these technologies. Numerous digital standard-setting bodies are arising, often driven by industry. For example, with ever more data, there is a need for secure data analysis, that is, secure computing. A global secure computing alliance has been created, largely driven by US and Chinese companies. They may determine the standards for securely handling information, making all other countries dependent on them, even for their most sensitive government information or most intimate citizen information. Again, a challenge to sovereignty.

Ultimately, we must conclude that the most profound impact of digital technologies is on the foundational dimension of sovereignty, that is, the arrangements of power and the perception of who “we” are. Digital technology gets instrumentalized to shift power—from states to a few companies, to big tech and even to a few individuals, from those states that do not master the technologies to those few who do, from states to non-state actors such as terrorists and (cyber-)criminals who have easy access to technology to undermine states with disinformation, cyber-disruption, and cyber-theft. In the digital world, we can no longer take for granted the social contract of Hobbes and the popular sovereignty of Rousseau. Upsetting these undermines legitimacy, internally and externally. At the same time, technology can also be shaped by us to shore up sovereignty—both of states and of human individuals.

We have to add to this that digital technology can also be shaped and used to be shaped to empower global citizenship, free from geographic borders and state control. In the early days of the Internet, it was believed that the global Internet protocols and its fully decentralized implementation (intelligence distributed into all the network-connected computers) would create an independent de-territorialized cyberspace where “governments of the Industrial World, you wary giants of flesh and steel, […], you are not welcome among us. You have no sovereignty where we gather” (Barlow, 1996). A dream that has been shattered to the extent that nowadays we better talk of splinternet rather than Internet (O’Hara et al., 2021). Still, the dream of global citizenship, escaping from the shackles of state sovereignty and big tech, lives on the basis of new technologies such as self-sovereign identity and blockchain enabled Web3.

The examples above, to develop technologies that respect sovereignty (“law is code”), are always also about restoring the balance of power, back to the state and back to citizens, away from foreign states and away from private companies. But we have also shown that sovereignty-respecting technology architectures may not always be possible—let alone whether the power struggle can be won by sovereign states and their citizens.

Power in the digital age is qualitatively and quantitatively different from power in the nineteenth and first half of the twentieth century. The rise of artificial general intelligence (AGI) and concerns about fundamental erosion of human autonomy (digital slavery) and geopolitical disruption (tech war) are serious. While we can learn from the past and from human nature, it would be naïve and dangerous to assume that history repeats itself that “we have been here before.”

6 Policies for Sovereignty in the Digital Age

Policies for sovereignty in the digital age must take both geopolitics and technology into account. Ab initio these two must be on equal footing. Both shape and can be shaped by public policy.

Public policy can have many goals, which can include the safeguarding and strengthening of sovereignty in the digital age, i.e., we are looking for digital strategic autonomy policy. This is a new form of policy-making, different from the past, as it explicitly addresses strategic autonomy and responds to the nature of digital technologies.

Digital technologies are characterized by their speed of development, the scale of their impact, the systemic effect they have in economy or society, and the synchronicity that they enable, meaning that powerful actors can combine several technologies and gain huge competitive and financial advantages (Timmers, 2022b, pp. 13–15). That last point is somewhat abstract but well-illustrated by the development of large language models (LLMs) that enable generative AI such as OpenAI/Microsoft’s ChatGPT and Google’s Bard. The big tech companies that can afford the billions of investment for collecting and analyzing the data are not only AI companies but also cloud companies that possess huge computing capacity, as also raised by Digital Humanism Initiative (DIGHUM, 2023). They are also leaders in cybersecurity and in the next generation, quantum computing, and in the race toward artificial general intelligence (AGI). They are among the few that have the means to synchronize the research and development of several key technologies. If they can exercise unrestrained commercial behavior with this integrated suite of powerful technologies, they are bound to be seen by governments as posing a threat to sovereignty. For AI and AGI, see the related case study and Discussion Questions (#6).

We see several examples of digital strategic autonomy policy today, such as the 2022 USA Chips and Science Act, the broad-ranging China 2025 initiative, and the 2021 European Digital Single Market Act to combat illegal and dangerous content on the Internet and its 2022 EU Chips Act.

Industrial policies get increasingly focused on sovereignty in the digital age. Industrial policy is “a deliberate attempt by the government […] to orientate industrial development towards specific paths” (Bianchi & Labory, 2020). Traditionally, industrial policy would focus on an industrial ecosystem, where the interest is in national competitiveness, and the individual firm’s interests, which include business performance and business strategies for markets and alliances. When sovereignty is at stake, geopolitical interests must be given an equally key role in designing industrial policy. The three perspectives are (simplified) captured in Fig. 5.

Fig. 5
An illustration of an inverted frustum divided into 3 layers. The layers represent 3 perspectives. The perspectives from bottom to top are companies, an industrial ecosystem with competitiveness, and an international system of states with geopolitical interests.

Three perspectives on industrial policy

Combining these three perspectives is quite challenging. It requires understanding how to join up geopolitical interests, national competitiveness, and company interests. It also requires consistency joining up a wide variety of traditionally separate policy areas. These are, firstly, because of the geopolitical dimension foreign trade, foreign direct investment (FDI), export controls, and defense and security policies. Secondly, because of the industrial ecosystem dimension, we need to consider the producers (think of an area such as semiconductors or pharma); their suppliers; their inputs or “factor conditions” such as knowledge, capital, and raw materials; and the presence of the government as both a buyer and regulator. We then need to think of policy actions for general R&D, investment, standardization, market access, consumer protection, skills, and public procurement. Third, because of the interests of individual firms, we need to think of targeted innovation and investment and taxation policy, aimed at specific (classes of) firms and possible digital transition and employment policy to buffer the shock of digitalization.

It is quite a tall order to master all these policy instruments, let alone to make sure that they reinforce each other. We are also hampered by a lack of theoretical and academic understanding. Excellent models and theories exist for industrial and innovation ecosystems, even for economic networks and platform economies, as applied by, for instance, OECD and World Economic Forum, or by competition authorities. We also have a vast corpus of theoretical and practical knowledge about firms’ interests and strategies, as mostly taught at business schools. A very rich field, as shown above, exists in terms of theories of international relations. But there is a paucity in models and theories that connect and integrate the three perspectives.

7 Conclusions

The central problem is to develop public policy for sovereignty in the digital age.

We clearly do not have a simple recipe and not even a cookbook for public policy for sovereignty in the digital age, as we want it, which for digital humanism must include to “shape technologies in accordance with human values and needs.”

We saw that the challenges include to understand perspectives on international relations and sovereignty and to understand the nature of digital technologies and the digital technology ecosystem and the motivations of individual actors such as tech companies. We need to combine these perspectives in order to arrive at sensible public policy for sovereignty in the digital age, while there is neither a ready-made model nor does traditional education train the students who go on to work in government, business, civil society, or academia for such integrated policy-making. This chapter aims to give at least some handles to that extent.

The best current approach probably is to examine concrete cases that concern both sovereignty and digital technologies, come forward with policy interventions, and then examine their consistency, coherence, completeness, and impact. We need to add to this also flexibility, given our limited insight and the speed of development of technology and sometimes also the speed of developments in geopolitics (think of the war against Ukraine and global challenges such as COVID-19).

Traditional policy instruments such as regulation struggle to deliver in this respect, but that does not mean that they become irrelevant. Rather, the challenge is to adapt policy-making to the reality of geopolitics and technology.

Let’s then finish with two cases and with an invitation to the reader to come up with additional or alternative policy interventions and to then reflect on how these relate to digital humanism. The first case is on ICT supply chain security and the second on generative AI such as ChatGPT. The first is more mature, has already shown to lead to posing threats to sovereignty, and has already led to concrete policy action. The second is more recent with still many unknowns but evolving fast with potentially huge consequences for sovereignty.

Hopefully these cases provide the reader with a stepping stone and motivation to make a reality of integrated policy-making for sovereignty in the digital—Digital Humanistic—age.

Case: ICT Supply Chain Security

How can you trust digital technologies (ICTs) that are integrated from a complex supply chain of vendors and into solutions for government, banks, utility companies to run their operations, customer relations, and financial transactions? Bits and pieces of hardware and software, often from open source, and certainly from many suppliers are combined by third party integrators. Suppliers likely have remote updates and maintenance.

Such customer solutions have a large attack surface, that is, cybersecurity attacks can occur at many points. Open source-based vulnerabilities such as Log4jFootnote 4 have been exploited. The SolarWinds remote maintenance hack, traced to Russian state actors, led to the theft of confidential government data and it wasFootnote 5 the Kaseya ransomware attack that led to the closing down of Swedish supermarkets.Footnote 6

What are the core problems that enable sovereignty-threatening attacks? Firstly, software and hardware development has little “sovereignty-by-design.” This would mean with technical design to limit the effects of an attack. Technical architecture should aim to halt spillovers that might destabilize a whole system or compartmentalize the most-confidential systems. This also holds for processes to halt an attack. Generally, there is a lack of information exchange and collaboration between authorities in different countries. There are “sovereignty borders in cyberspace,” at least for cybersecurity information exchange. Secondly, in the open global market economy, security loses out against price. Market access conditions tend to address consumer protection but not security or resilience in the interest of sovereignty. Thirdly, governments are afraid that security restrictions stifle innovation and impair economic strength, which they believe to be essential for sovereignty.

How then to address these core problems? As for the first and second point, standards and related certification can help. President Biden issued an executive order to investigate and counter supply chain vulnerabilities, including by a software bill of materials, and instructed standards to be developed. The European Commission included supply chain vulnerability in its revised cybersecurity law (Network and Information Security Directive). Industry should learn about sovereignty-by-design from the painful 5G security experience when governments forced telecoms operators to swap out Chinese equipment due to perceived threats to national security (Timmers, 2020).

Moreover, the strategic autonomy approach of strategic partnership suggests collaborating with like-minded countries. Indeed, the USA and the EU do so in their trans-Atlantic collaboration. The EU’s 5G Security Recommendation showed that 27 member states can collaborate, even in national security. As for the third point, given the close interplay between social and technological construction, we need research on technological and organizational approaches that marry security and innovation, e.g., blockchain-based software updating is already being commercialized for industrial control systems. This is an example of combining technological innovation with social innovation, namely, distributed security controls.

Questions: design four scenarios for the future of ICT supply chain security taking two dimensions into account—(1) the degree of geopolitical tension (from a virtual state of war to global sovereignty-respecting collaboration of countries) and (2) the degree of openness of technology solutions (from fragmented closed solutions to fully interoperable and open). Which scenario do you consider most likely? Which scenario is desirable from a digital humanism point of view?

Case: Generative AI and Sovereignty

It is still early days but already the following sovereignty-threatening developments arise from generative AI.Footnote 7 Firstly, generative AI turns out to be a great assistant to set up misinformation campaigns in third countries or even in the own country as happened in 2023 in Venezuela (Joe Daniels & Madhumita Murgia, 2023). It can also help to program a cyber-attack. It is not clear whether technology-based countermeasures (e.g., watermarking) get priority by the commercial providers of generative AI, nor whether these are sufficient.

Secondly, generative AI is quickly entering into education. It is not yet understood by us how such AI will influence the capabilities and norms of young persons. Surely, old-school education will struggle to adapt to the speed of change. Nevertheless, education is the foundation of society, the foundation of the sovereignty we want. Thirdly, AI in general and generative AI in particular improve rapidly and get extended with abilities to monitor and act in the physical world. When it gets to near perfection, it will be relied upon without thinking. In fact, it must be relied upon in very fast-moving situations such as to prevent an ongoing cyber-incident having systemic effects and, for instance, crash electricity networks or payments systems. If this were to happen, it would massively undermine trust in government and its internal legitimacy (the USA got near to that with the Colonial pipeline ransomware attackFootnote 8). Governments have no choice but to rely on such powerful AI to act autonomously in order to maintain trust, provide essential services, and thereby keep up sovereignty, but at the same time they abdicate from sovereignty by handing over decision power to a fundamentally uncontrollable machine. Finally, generative AI is controlled by a few companies that are not subject to sovereignty-respecting oversight or conditions.

Generative AI is seen as a promising beginning of artificial general intelligence according to Bubeck et al. (2023) and Sam Altman (2023). AGI or general purpose AI (GPAI) is proposed by the European Parliament to be regulated, at least to some extent.

Questions: Does this mean that governments are not acting from a sovereignty-defending perspective, even if sovereignty may be fundamentally at risk as illustrated above? What would you do?Footnote 9

Discussion Questions for Students and Their Teachers

  1. 1.

    Let us focus on the first three core principles of digital humanism.Footnote 10 How would they be seen by realists, liberalists, and contingency thinkers in international relations?

  2. 2.

    What are the advantages and disadvantages of digital humanism, as a movement to “shape technologies in accordance with human values and needs” to include respect for sovereignty as one of the core principles?

  3. 3.

    What are some scenarios that suggest that classifier AI is a challenge to sovereignty? In classifier AI, data gets labeled according to certain classes, e.g., individuals get a credit score [suggestion: look up some cases where AI led to questions about the legitimacy of government, see (Waller & Timmers, 2022)].

  4. 4.

    Estonia, a small European country neighboring Russia, wants to safeguard its sovereignty in the digital age. Which digital policy would you recommend to them to strengthen their strategic autonomy in public e-services (e-government)? Which remaining risks do you see?

  5. 5.

    5G technology, and its successor 6G, will offer ubiquitous communications using a multitude of means, including satellites. Can satellite networks create a sovereignty gap? If so, which technological constructs can restore sovereignty?

  6. 6.

    Can AGI (artificial general intelligence) strengthen or undermine sovereignty? What would an authoritarian state do about AGI? A democratic state? What can a global collaboration to promote universal human values driven by academics and technologists do?

Learning Resources for Students

Most of the articles in the references are quite readable and recommended to at least glance through. In addition, here a few recommended books:

  1. 1.

    Art, R.J., Jervis, R., 2016. International Politics: Enduring Concepts and Contemporary Issues, 13th edition. ed. Pearson, Boston

    All you want to know about the various schools of international relations including contributions by the most authoritative scholars.

  2. 2.

    Carlsnaes, W., et al. (Eds.). (2012). Handbook of international relations. Sage Publications Ltd.

    Authoritative and showing the richness of the field.

  3. 3.

    Biersteker, T., 2012. State, Sovereignty and Territory, in: Handbook of International Relations. SAGE Publications Ltd.

    Especially recommended for the issue of sovereignty.

  4. 4.

    Klabbers, J., 2021. International Law, third edition. ed. Cambridge University Press, Cambridge

    Gives you a readable and sometimes even amusing introduction in international law. For sovereignty, read in particular the chapters on history and on jurisdiction.

  5. 5.

    Francis Fukuyama, 2022. Liberalism and Its Discontents. MacMillan

    Very readable and illustrating the extremes of economic and political liberalism, liberalism and democracy, and the future of liberalism in a polarized world.

  6. 6.

    Lessig, Lawrence, 1999. Code: And Other Laws Of Cyberspace. Basic Books.

    Making the compelling argument technology (the internet) or ‘code’ relates to the social construct of law.

  7. 7.

    Cohen, J.E., 2019. Between truth and power: the legal constructions of informational capitalism.

    Not the easiest book but provocatively insightful about the close interplay of corporate power and government.

  8. 8.

    Kello, L., 2017. The virtual weapon and international order

    The reference work to understand how digital technologies affect, undermine, and disrupt the international system of states.

  9. 9.

    Nowotny, H., 2021. In AI we trust: power, illusion and control of predictive algorithms

    A most readable personal journey into the world of AI with thoughtful reflection on the limits of what we can control.

  10. 10.

    Cohen, E., 2022. Souveraineté industrielle: Vers un nouveau modèle productif. Odile Jacob, Paris

    If you read French (hopefully the book will get a translation), providing an excellent overview of the development of industrial policy and the shape it may take when sovereignty concerns are on the rise.