TheJakartaPost
Please Update your browser
Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.
Popular Reads
Top Results
No results found. Please check your search term and try again
Can't find what you're looking for?
View all search results
Popular Reads
Top Results
No results found. Please check your search term and try again
Can't find what you're looking for?
View all search resultsDigital sovereignty is in the fine print
Most countries rely on cloud infrastructure and software platforms owned by a handful of powerful tech firms, leaving governments at the mercy of foreign corporate behemoths.
Change text size
Gift Premium Articles
to Anyone
Share the best of The Jakarta Post with friends, family, or colleagues. As a subscriber, you can gift 3 to 5 articles each month that anyone can read—no subscription needed!
A customer scans a code of Japan's Unified QR Code (JPQR) to make a payment using the Quick Response Indonesia Standard (QRIS) on Aug. 25, 2025, at the World Expo 2025 in Osaka, Japan. (JP/ Ni Made Tasyarani)
M
any policymakers now recognize that digital sovereignty has become a precondition for democratic self-government in the 21st century. The problem is that most countries rely on cloud infrastructure and software platforms owned by a handful of powerful tech firms, largely based in the United States, leaving governments at the mercy of foreign corporate behemoths.
A dramatic example of this dependency came after Russia severely damaged Ukraine’s telecom infrastructure in 2022, forcing the country to use Starlink, the mobile satellite-internet system operated by Elon Musk’s SpaceX, for defense purposes. But later reporting revealed the risks inherent in entrusting sensitive state functions to tech billionaires: Musk rejected a request to extend connectivity over Crimea.
It’s not just defense. Big Tech’s increasingly dominant role in the provision of core government services extends from health care and education to banking supervision and tax administration. These firms control not only the servers but also the software stack, the identity layer and the encryption keys. And under the 2018 CLOUD Act, US authorities can compel American companies to hand over the data they hold, regardless of where it is located.
To address this vulnerability, the European Union, India, the Gulf countries, China and other governments have tried to build their own digital industries and infrastructure, though only China has successfully moved away from American tech. The EU has also tried to regulate the digital sphere. After the Court of Justice of the European Union found in its 2020 Schrems II ruling that EU citizens had no effective judicial remedy against US surveillance, the EU passed the Data Act with the aim of blocking this kind of access.
Still, the dependency deepens. Routine data leaks and service outages compound the costs of Big Tech’s continued dominance: democratic processes can be influenced, sensitive records can be exposed and essential services can be disrupted.
Given all this, the European Commission’s recent deal with OpenAI to access its frontier model for the purpose of detecting vulnerabilities in critical infrastructure is baffling. This arrangement effectively hands over to a prominent US defense contractor a systematic map of the weak points in European hospitals, universities, energy grids and transport systems — precisely the types of information that the Data Act, the General Data Protection Regulation and the NIS2 Directive were enacted to protect.
Aerificial intelligence has made it easier to detect and exploit security flaws, with IBM’s X-Force Threat Intelligence Index 2026 documenting a 44 percent year-on-year surge in attacks on public-facing applications. But a vulnerability map generated through a single system subject to the CLOUD Act does not shrink that attack surface; it concentrates exposure at one legally accessible point.
