“Digital sovereignty has become a marketing concept”

The interview was conducted before the Federal Council adopted the report on “Switzerland’s Digital Sovereignty” on November 26, 2025. 

Digitalization changes many things, but one thing remains the same: Everyday life goes on. And digitalization means using digital technology in everyday life. It is still true that you need to have a handle on what you are doing, whether it’s business continuity, the availability of systems, or the confidentiality of data. Businesses and individual offices remain responsible for risk management in the digital space. But networking has increased in the digital world. People can see dependencies. They are asking questions: Is the world still on an even keel? Can Switzerland retain its sovereignty in the digital world? These are good questions. And the latter is a legal one. The answer is perhaps more straightforward than you might think: We don’t use “sovereignty” to describe what motivates us in everyday life. Fifty years ago, nobody would have thought of asking about sovereignty when buying a car.

Are there any examples showing how sovereignty is affected in everyday life? Yes, there are. But these are the exception, not the rule. In the current Swiss system, the state only comes into play when the problems are too great for the individual or when Switzerland as a whole is affected – at institutional level, if you like. This would be the case, for example, if the control software of several pumped-storage power plants were hacked and you could only assume it was a systematic attack. Another would be if fake news made free elections impossible.

Geopolitically, Trump is probably more of a symptom than the cause. Europe did a lot of good things in the post-Second World War order, but it also accumulated “digital debt”. Europe feels left behind. And we need to encourage anyone who wants to do something positive here. The only question is who needs to step in to overcome this malaise? Businesses and government agencies, as before, or the state as an institution? I often hear people say that the state must provide the money for this. Anyone who sees the state as having such a duty must also answer the question of who should pay.

Sovereignty – a term created for international law – is being reinterpreted in the political debate and used politically as a wake-up call to further a large number of special interests. It seems to be working. But if the discussion were only about who should receive money from whom and why, wouldn’t it be more effective to address this openly? If digitalization is to work, businesses and government agencies need to “get their house in order”. That is a challenge. Much of what is being discussed today in terms of digital sovereignty, such as the reduction of dependencies, is what any industrial company must tackle.

I am also noticing how “digitally sovereign” has become a marketing term with an almost interchangeable meaning. It can mean anything from “made in Switzerland” to “hyperscalers have top products” to “100 % open source software”. That doesn’t exactly help the debate. You quickly get bogged down.

Reducing it to the location of the server does not really help us. Let’s assume that an Australian commits a crime in his home country. He saves incriminating information in a file and stores it on a server in Switzerland. Does that mean the case has to be judged according to Swiss law? Cyber attacks, too, show us that the location of the server is not the decisive factor. Whether a treaty is subject to Swiss law is not relevant to sovereignty either.

On the one hand, the digital sovereignty of a state is about its ability to defend itself against digital attacks. This might, for example, be when a third country influences the mood on social media before a vote. On the other hand, it’s also about a country actively shaping its own digitalization strategies, such as e-ID, data protection, ecosystems, and data spaces. It is essential to clarify at international level who has jurisdiction for what. Under international law, sovereignty also serves above all to define jurisdiction.

Yes, it is possible to be sovereign in a digital world. But the fact is that digital reality functions independently of national borders. Legislation, on the other hand, is still based on territorial principles. That’s where we need new approaches. Work is already being done on this, for example as part of the “E-Evidence” legislative package. It can be done.

You also mentioned data protection legislation. It is an expression of self-selected design. After all, improving living conditions is a core task of a sovereign state. It’s about a country actively shaping its own digitalization. One example of this is the electronic ID: We went through a political process to reach a decision on this, and we now have the tools we need for a digital trust ecosystem. Networks that require trust, such as data cooperation, data rooms, etc., can emerge within this ecosystem. This work contributes directly to sovereignty.

In a networked world like ours, you cannot live without being integrated into networks. That means you are always dependent. There is no such thing as life without dependencies. If dependencies are of a minor nature, this hardly ever makes someone incapable of acting. And that’s the point: What impairs Switzerland’s ability to act? From the perspective of everyday digital design, what impairs the government agency or company’s ability to act?

Total dependence from outside can make you incapable of acting. You need to take a realistic view of what you can achieve. If an individual agency uses the services of a particular IT provider, whether this is a Swiss company with market dominance or a foreign hyperscaler, it can become dependent and perhaps even lose its ability to act. Does this make Switzerland as a whole incapable of acting? No, of course not. But if a critical majority of such agencies are dependent on the same service provider, things can go awry. The failure of the service provider can then affect a large part of Switzerland. That would be a “sovereignty case”. Certain state measures might then also be justified. BACS and BABS are currently investigating possible critical developments for vital infrastructure. That is a positive and necessary step.

As you can see, you get concrete results when you start managing and mitigating dependencies. If, on the other hand, we talk about the hazier concept of independence, things quickly become blurred. That doesn’t help anyone.