Building bridges to European Digital Sovereignty

Europe stands at a critical digital crossroads. As the European Commission shapes the European Open Digital Ecosystem Strategy, the conversation has shifted toward a vital objective: achieving true digital sovereignty while driving global competitiveness. 

For decades, Red Hat has catalyzed open source adoption across the European Union. We advocate for ‘default-to-open’ EU policies because they help unlock Europe’s full potential.  From improving citizen public services with the València City Council and ITZBund to modernizing IT for major European entities such as BBVA, Volkswagen and Airbus, our mission remains consistent: fostering open, borderless innovation. 

Redefining sovereignty through control and transparency

In our formal response to the EU’s call for evidence, we defend the core tenets of open source. True digital sovereignty is not defined by a vendor’s headquarters, regardless of the region or country. Indeed, a potential flag waving exercise within a global community risks obfuscating the underlying core fact of sovereignty: That it’s an organization's ability to exert control over its own digital infrastructure, data, and technology. This positions open source as the bedrock of any sovereignty by providing a clear exit path through open standards and protecting European entities from the constraints of a single proprietary stack. This transparency makes it well positioned for critical infrastructure. 

The Global Commons Over Geographic Silos 

Open source is, by definition, a global digital commons which celebrates inclusivity of ideas and meritocracy. It does not adhere to national borders. Geographic restrictions conflict with all open source licenses by definition, including established licenses like the GPL or Apache, and they ignore the reality of global innovation. Open source innovation is a collective global effort where the best ideas come from everywhere. 

The prospect of limiting code to geographic origins would force globally competitive European integrators and manufacturers to fork projects or wastefully reinvent projects where the original license prohibits imposition of downstream geographical restrictions, as in the case of the GPL. As recently recognised at the EU open source policy summit (30 January) a “Made In” mentality for open source would create unnecessary technical debt and sever ties with a global innovation ecosystem. Like our European customers, we also advocate for a "Contributed by" model that rewards those who actively contribute and sustain the global projects we all rely on.

Prioritize Contribution Over Cost in Procurement

Outdated procurement frameworks remain a significant barrier to European sovereignty. Many public sector managers still view software as a one-time purchase of code rather than a long-term subscription for security hardening, maintenance, and support. 

Europe must move beyond the "lowest cost" paradigm to the Best Price-Quality Ratio (BPQR). This quality metric must explicitly include upstream contribution. By prioritizing vendors that give back to the digital commons, the EU can support a more resilient infrastructure through collective auditability. We also recommend clear policies to encourage open source contributions from civil servants that do not imply personal liability. 

Democratizing AI inference

The upcoming EU Cloud and AI Development Act (CAIDA) offers a unique opportunity to repeat the success of Linux within the AI landscape. The future of European AI lies in the democratization of inference enabled by an ‘open source first’ posture which better understands and embraces this extraordinary global community. 

By way of example, Red Hat enables European organizations to run self-hosted models on any hardware or cloud environment. By contributing to open source projects like vLLM and llm-d, we provide the speed and orchestration required to run these models at scale on-premises. This approach makes high-performance AI economically viable without sending sensitive citizen data to third-party proprietary clouds, providing a path to compliance with EU regulatory requirements.  

For Red Hat, as the world' s leading open source company, compliance with local regulations such as GDPR and CRA in the European Union has always been a core pillar of both doing business as well as embracing EU values which in many ways reflect the four freedoms underpinning the open source community.

Open source is a gateway to global innovation, not an island of isolation. By focusing on transparency, upstream contribution, and open standards, the EU can build an ecosystem that is both globally competitive and truly sovereign. 

Read Red Hat’s full response on the EU Have Your Say platform.