While the European Union is calling for more Digital Sovereignty (DS) in their 2030 agenda, there is no common understanding on what DS actually means or how best to achieve it. Researchers are currently discussing on political, individual and economical levels about DS. The main objective of our research is to contribute to the economic level of the discussion. We offer an understanding based on three case studies, through the lens of IT consultants and professors in Computer Science, Information Systems and Business Administration. Furthermore, we develop recommendations for companies based on two successfully published papers. Three further publications will follow (one have already been submitted). Our key findings are: (1) our definition include many points from publications between 2013 and 2023 in the context of DS but it also provides new insights, (2) key technologies (such as AI, especially federated learning, and blockchain) and the orientation towards affordances can help companies to successfully deal with DS The findings suggest that there is a need for a reference model with regard to DS for companies. Our next research step include the development of such a reference model.
The CrowdStrike incident demonstrates how a software update can affect 8.5 million Windows computers globally, particularly impacting airports, banks, and emergency services in Germany [7]. A dependency is becoming clear. If we look specifically at Germany's imports, we can see that chips, software and hardware are among the top digital imports to Germany and that over 65% of the 604 companies surveyed are concerned about the growing partner China [3]. Another dependency lies in the use of foreign software products. The digital workday for many Germans relies on foreign software products such as Skype, Zoom, and Microsoft Teams, originating in particular from the US [9]. Germany’s dependence on digital products is growing [18]. As a result, German and European politicians are calling for more DS in their 2030 agenda [21]. More and more researchers are now questioning how Germany can become more sovereign, which potential innovation fields should be promoted, and how the European Union can contribute to strengthening sovereignty [11, 1, 4]. But what does it actually mean to be "digitally sovereign“? In its most extreme sense, DScould mean self-developed software and domestically produced hardware, thus achieving more autarky [11, 14]. This perspective would lead to disadvantages, as it would limit innovation, quality, and international procurement [8]. A political view of DS, according to Pohle and Thiel [22] could mean collaborating with other nations while having alternatives if, for instance, a politician like Donald Trump imposes tariffs on German goods or blocks deliveries to Germany. A balance act between more autonomy and collaboration. From a technical-economic standpoint, the idea of developing open-source software is increasing discussed [2, 19, 6]. Diversified structures could enable a fast adaptation. However, a major challenge of open source is that security measures must be handled by companies alone, skilled human resources are needed, whereas software companies with proprietary software offer operation, scaling and security updates for companies [4]. 1The 15th International Conference on Software Business (ICSOB 2024), November 18-20, 2024, Utrecht, the Netherlands ∗ Corresponding author.
martha.klare@unibw.de (M. Klare); ulrike.lechner@unibw.de (U. Lechner) 0000−0001−6098−7917 (M. Klare); 0000−0002−4286−3184 (U. Lechner)
© 2024 Copyright for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).
These varying interpretations of DS indicate that we still do not have a clear understanding of what DS actually means or how best to achieve it. Pohle and Thiel [22] is the most cited paper in this field, describing that DS is understood differently depending on whether it is required by government institutions, companies, or citizens.
As already described in the introduction, we note that the understanding of the term 'digital sovereignty' differs widely [6, 10, 11]. While we cannot fully solve this problem, we can provide a definition from our perspective, as well as vocabulary and factors that are important for German companies to address DS.
Thus, we will first answer research question RQ1 by presenting an understanding of the term 'digital sovereignty', which is based on the perspectives of IT consultants and professors (in Computer Science, Information Systems, and Business Administration) in Germany. We will answer research question RQ2 by conducting various studies (see section 5.4 To 6.1). We want to show what opportunities exist for German companies to achieve DS. To this end, we will analyze key factors that emerged from RQ1. It should be emphasized that although the European Union hopes to increase the competitiveness of European companies through economic and industrial policy, researchers are arguing that DS is something software companies lead [22, 12, 16]. How companies successfully master this change is the subject of intense debate [23, 5, 20].
Methodologically, we initially rely on Yin [25], who provides analytic techniques and discussions on case study designs in his work. The case study, as an empirical research method, helps us achieve progress in knowledge by allowing us to test theories, such as the one on DS. Using three case studies, we offer a definition of DS (see Figure 1).
The second part of the thesis, as shown in Table 1, focuses on so-called deep dives. Here, we analyze several factors of the previously provided definition. Various publications are presented. For every paper, the publication, the research method is outlined separately. We first decided to conduct a survey to find out what the status of DS is in German companies. We then established that the main driver of DS is open source. Using an affordance analysis, we believe we can show how companies can close gaps in open source projects and drive sovereign software development. Finally, we realize that the purchasing department in companies procures software and hardware in particular. We decided to use the Soft Design Science Methodology (SDSM) to design an artifact that provides companies with procedural guidelines for the purchasing process. In our research, we ensure a high level of reliability by using similar measurement instruments (interview studies) across the case studies. Additionally, we aim to ensure interpretative objectivity by forming research groups with two or more persons for all papers, in order to achieve similar or identical interpretations of measurement results. Finally, we uncover new factors of DS that had not been previously revealed in this context. With our model, we ensure that all content elements we consider as important for DS are discussed.
Figure 2: Expected timeline until the thesis is completed (Martha Klare)
This work contributes to the resolution of proposing a new model for DS from the perspective of IT
consultancy (see Figure 3).
We present the results of expert interviews of IT consultants who have already dealt with the topic of
DS. Furthermore, we analyze the current state of the literature regarding DS models. Our key finding
is that DS from the perspective of IT consulting is not only a technological problem, but also a
strategic one that goes hand in hand with vocabularies like IT security, digital capabilities in
Germany and the EU, and suitable key technologies for companies. New factors compared to the
literature are (
We find that the professors, in contrast to the IT consultants, consider the following factors to be
important to strengthen DS: (
DS is an enabler for more sustainable actions in the digital space. We analyze affordances of DS by presenting two previously conducted open-source projects in Germany. Open source is a central element of DS because, in contrast to proprietary software, it can reduce vendor lock-in effects. Our primary data sources consist of online interviews with German project teams and literature on DS. By evaluating the project outputs based on affordance theory, we reveal structurally digital offerings. The analysis of the impact of these digital offerings showed that among other things the affordance `AI models' should be elevated to a strategic level. We suggest that companies consider basic, standardizing, controlling, organizational sensemaking, and integrating affordances when introducing DS to open source projects.
The goal of this paper was to generate guidance for public and private organizations along their Software Life Cycle. We investigated challenges and measures regarding Digital Transformation and DS to gain industry practice among the Software Life Cycle Process of organizations. We identified that the choice of options in the procurement of IT systems is limited. This is one of the biggest challenges to consider DS in the Software Life Cycle Process of organizations. To master the collected challenges, we develop recommendation blocks. Finally, we map these recommendation blocks to process groups by following ISO/IEC/IEEE 12207:2017 and thus create an extension for industrial practice-based Software Life Cycle process.
6.1. Paper: Sovereign Cloud and Digital Sovereignty (working title)
In this paper, we plan to present the awareness/ attitude towards technologies like sovereign clouds. We address the following research question: Can we achieve more DS through sovereign clouds? Based on our data, we can present three perspectives: 1) an architecture perspective, 2) a management perspective, and 3) a user perspective. Based on our interview study, we can offer these perspectives to describe how they can help to achieve more DS. In addition, we find constraints. Both, opportunities and constraints, can provide an interesting angle to enrich the ongoing debate on this topic. 6.2. Thesis: Suggesting a reference model with assessment guidelines of use at strategic and technological dimensions to strengthen Digital Sovereignty in companies
As already described in RQ3, my aim is to create a reference model for DS. For this paradigm, I use Design Science Research according to Hevner [13]. The Design Science Research method starts from a problem, which is application-oriented. Just like DS. Based on this problem, an artifact for a problem solution is created. This is then unleashed on the world in order to understand what this solution does. Hevner [13] speaks of design when an artifact is created. And finally 'design science research': the creation of an artifact to solve a problem and the subsequent analysis of this artifact. [3] Bitkom, Deutschlands Abhängigkeit von Digitalimporten wächst, 2023, URL: https://www.bitkom.org/Presse/Presseinformation/Souveraenitaet-Abhaengigkeit-Digitalimportenwaechst (Accessed on 24-12-02) [4] Butler, S., Gamalielsson, J., Lundell, B., Brax, C., Mattsson, A., Gustavsson, T., ... & Lönroth, E. (2022).
Considerations and challenges for the adoption of open source components in software-intensive businesses. Journal of Systems and Software, 186(111152), 1-12. [5] Calderao, A., Blumfelde, S. (2022). Artificial intelligence and EU security: the false promise of digital sovereignty? European Security, 31(3), pp. 415-434. [6] Couture, S., & Toupin, S. (2019). What does the notion of “sovereignty” mean when referring to the digital?. New media & society, 21(10), 2305-2322. [7] Delaney, B. (2024). Cybersecurity and all that: reflections on the Crowdstrike outage. British Journal of General Practice, 74(746), 418. [8] Edler, J., Blind, K., Kroll, H., & Schubert, T. (2023). Technology sovereignty as an emerging frame for innovation policy. Defining rationales, ends and means. Research Policy, 52(6), 1-13. [9] Engels, B., Mertens, A., & Scheufen, M. (2020). Corona: Neuerungen in der beruflichen
Kommunikation (No. 35/2020). IW-Kurzbericht. [10] Floridi, L. (2020). The Fight for Digital Sovereignty: What It Is, and Why It Matters, Especially for the
EU. Philosophy and Technology, 33(3), pp. 369-378. [11] Glasze, G., Cattaruzza, A., Douzet, F., Dammann, F., Bertran, M. G., Bômont, C., ... & Zanin, C. (2023).
Contested spatialities of digital sovereignty. Geopolitics, 28(
MIS quarterly, 75-105. [14] Kaloudis, M. (2022). Sovereignty in the Digital Age–How Can We Measure Digital Sovereignty and
Support the EU’s Action Plan?. New Global Studies, 16(3), 275-299. [15] Klare, M. & Lechner, U. (2024): German Digital Sovereignty Success Factors in a National Defense Scenario from the Standpoint of IT Consultancy. In: I.. Fries, M. Grabatin, M. Hofmeier (Hrsg.), Sovereign by Design. The LIONS Approach to Digital Sovereignty (pp.41-55). Logos Verlag Berlin. [16] Klare, M., & Lechner, U. (2023). Digital Sovereignty from the Perspective of IT Consultancy in
Germany: A Model. In ICSOB Companion. [17] Klare, M., Verlande, L., Greiner, M., & Lechner, U. (2022, December). How Blockchain and Artificial Intelligence influence Digital Sovereignty. In European, Mediterranean, and Middle Eastern Conference on Information Systems (pp. 3-16). Cham: Springer Nature Switzerland. [18] Lambach, D., & Oppermann, K. (2023). Narratives of digital sovereignty in German political discourse. Governance, 36(3), 693-709. [19] March, C., & Schieferdecker, I. (2023). Technological sovereignty as ability, not autarky. International
Studies Review, 25(