Dominic Jainy stands at the intersection of emerging technology and global policy, bringing years of experience in artificial intelligence, blockchain, and machine learning to the table. As an IT professional who has witnessed the rapid evolution of digital infrastructure, he possesses a unique vantage point on how software dictates the power dynamics between nations. Recently, the European Union released a monumental 29-page strategy within its Tech Sovereignty Package, signaling a massive shift toward open-source software as a defensive and economic necessity. In this conversation, Dominic breaks down why this policy is a watershed moment for digital independence and what it means for the future of global technology markets.
Digital independence often relies on treating software as public infrastructure. How does viewing code as a strategic asset change the way a government interacts with its own digital ecosystem?
When a government begins to view code as public infrastructure—no different from the physical bridges that span our rivers or the highways connecting our cities—the entire philosophy of procurement shifts from a transactional model to a stewardship model. In the past, agencies often felt like tenants in their own digital houses, paying rent to foreign proprietary vendors and having no right to see what was behind the walls. By dedicating 29 pages of strategy to open source, the EU is effectively saying they want to own the deed to their digital future. This means prioritizing software that allows for local hosting and redistribution, ensuring that critical data management and software supply chains aren’t at the mercy of a single provider’s whim or a foreign jurisdiction’s laws. It turns code into a common good that can be hardened, shared, and improved by the community rather than a “black box” that creates a dangerous, one-way dependency.
The EU policy package highlights a move away from external providers to reduce dependencies. What are the specific risks of staying with proprietary, non-regional vendors for critical digital infrastructure?
The risks are twofold: technical fragility and political vulnerability. When your essential services—from health records to electronic identification—are locked into a closed-source ecosystem, you are essentially gambling on the long-term stability and goodwill of a foreign entity. We’ve seen how geopolitical tensions or trade disputes can lead to sudden restrictions on technology access, leaving a nation’s digital heartbeat skipping a beat. There is also the sensory reality of “vendor lock-in,” where a government realizes that the cost of moving away from a proprietary system is so high that they are forced to keep paying for suboptimal, expensive tools. By embracing open source, the EU aims to insulate itself from these disruptions, ensuring that if a relationship with a vendor sours, the code remains within their borders, ready to be maintained by local talent.
Security is a recurring theme in this 29-page document. How does the “many eyes” approach of open source practically enhance the hardening of software against modern cyber threats?
There is a certain visceral comfort in knowing that any developer, from a student in a university to a high-level security auditor, can inspect every line of a library’s code for vulnerabilities. Proprietary systems rely on “security through obscurity,” which feels like locking your front door but having no idea if the back window is made of cardboard. The EU’s proposal for dedicated centers of excellence and regular security audits of widely deployed libraries, such as those used for cryptography or web serving, changes the game entirely. It moves us toward a proactive stance where weaknesses are identified and patched in the open, rather than discovered by malicious actors and exploited in secret. This collaborative hardening process is the only way to keep pace with the sheer volume of emerging threats we see today.
The document suggests a major overhaul in how the public sector buys software. How will a focus on “total cost of ownership” impact the competitiveness of local small and medium-sized enterprises (SMEs)?
Traditionally, procurement favors the “big guys” who have the massive sales teams and the 500-page compliance dossiers ready to go, often leading to a landscape where local innovators are squeezed out. By shifting the focus to the total cost of ownership—including the long-term expenses and risks associated with being unable to modify or host software locally—the playing field begins to level out. When two solutions offer the same features, the EU’s new framework explicitly prefers the one that allows for local modification and redistribution. This is a massive win for European SMEs that build on open platforms, as they can now compete based on their ability to provide specialized, local support and integration rather than just having the biggest brand name. It’s about creating an ecosystem where innovation isn’t bottled up by a few multinational giants but is allowed to flow through the local economy.
Funding for open-source maintainers has historically been a point of failure. How does the EU’s plan for multi-year support change the landscape for foundational projects like cryptography and container orchestration?
For too long, the digital world has been built on a “fragile foundation” where critical pieces of global infrastructure are maintained by a single, exhausted volunteer in their spare time. It’s a terrifying thought that the cryptography keeping our banking systems safe could fail because one person decided to take a different job or simply burned out. The EU’s strategy to move away from one-time grants and toward multi-year funding streams is a direct response to this systemic risk. By stabilizing the people and organizations behind foundational projects like container orchestration and cryptography, the bloc is ensuring that these “digital bricks” remain strong and reliable. This isn’t just charity; it’s a calculated investment in the durability of the entire European digital economy, recognizing that the health of the base affects everything built on top of it.
The Open Source Initiative has voiced concerns about “bureaucratic requirements” potentially stifling community projects. How do we balance the need for government-level certification with the voluntary, organic nature of open source?
This is a delicate dance between the need for quality assurance and the desire to keep the community’s creative fires burning. If the EU imposes overly complex certification schemes that require mountains of paperwork, they risk scaring away the very developers they want to support. A small, brilliant team of three developers might create a revolutionary tool but will never have the resources to hire a compliance officer to navigate Brussels’ bureaucracy. The key, as the strategy suggests, is to differentiate between commercial distributors who sell support and the pure volunteers who provide code as-is. We need to create a “fast lane” for community contributions while ensuring that when that code is used in a high-stakes government system, there are clear, non-burdensome guidelines for its implementation.
Data sovereignty is a significant part of this package. Why are European officials so concerned about foreign-hosted cloud services, and how does open source solve this?
The fear is not just about where the data sits, but who has the legal “skeleton key” to access it. European officials are acutely aware that cloud services hosted by foreign providers may be subject to the intelligence laws of other jurisdictions, potentially exposing sensitive citizen data to foreign surveillance or sudden policy shifts. When you use proprietary cloud tools, you are often forced to use their proprietary servers, creating a loop you can’t escape. Open-source alternatives break this loop by allowing governments to run identical software on local servers within EU borders, fully compliant with regional data protection regulations. It’s about the sensory peace of mind that comes with knowing your data is physically and legally within your reach, not floating in a digital cloud you don’t control.
Interoperability is mentioned alongside examples like the PEPPOL network. Why are open standards so essential for the average citizen’s experience with government services?
Without interoperability and open standards, the citizen’s experience with the state becomes a frustrating maze of incompatible logins and proprietary formats. If the government uses an open standard for something like health records or electronic IDs, it means the citizen can choose the tool or app that works best for them, rather than being forced into a specific vendor’s ecosystem. The PEPPOL network for electronic invoicing is the perfect example; it relies on openly documented specifications that any qualified supplier can use, which facilitates seamless trade and interaction. It’s the difference between being able to drive any brand of car on any road versus being told your car only works on roads built by the manufacturer. Open standards ensure that the digital interaction between a citizen and the state is a public right, not a private privilege.
Implementing this strategy across 27 different member states is a massive task. What role will the proposed EU-wide open source program office play in managing this complexity?
Coordination is the biggest hurdle when you are dealing with 27 different administrative traditions and varying levels of technical maturity. The proposed EU-wide open source program office (OSPO) acts as the central nervous system for this initiative, sharing best practices and maintaining a repository of approved, secure components. Many procurement officers in smaller regions currently lack the experience to evaluate an open-source project—they might default to a proprietary brand name simply because they don’t know how to assess community activity or license compatibility. The OSPO will provide the training and templates needed to empower these officials, ensuring that a procurement officer in a small town has the same resources and confidence as one in a major capital. It’s about building a collective intelligence that spans the entire continent.
Looking at the global stage, how do these measures act as a buffer against geopolitical tensions and trade disputes?
In recent years, we’ve seen how quickly global supply chains can fracture when political tensions rise, and technology is often the first thing to be “weaponized.” If you are 100% dependent on software from a region that suddenly becomes a trade adversary, your entire economy is at risk of a digital blackout. By investing in open-source capabilities that can be maintained and developed domestically, European nations are essentially building a digital “strategic reserve.” This approach doesn’t mean the EU is closing itself off from the world—collaboration is still the goal—but it ensures that the core digital infrastructure remains under local control. It’s a strategy of resilience, making sure that Europe can keep the lights on and the systems running, no matter what happens on the geopolitical chessboard.
What is your forecast for the future of digital sovereignty in Europe over the next decade?
I believe we are entering an era of “digital maturation” where the excitement over shiny, proprietary tools is being replaced by a sober realization that control over one’s infrastructure is non-negotiable. Over the next ten years, I expect to see the open-source program office become one of the most influential bodies in the EU, dictating a standard that the rest of the world will eventually have to follow. We will see a flourishing of local European tech clusters as SMEs capitalize on these new procurement rules, and the “black box” model of governance will begin to fade into obsolescence. Ultimately, this 29-page strategy is the first step toward a future where the code running our lives is as transparent and accountable as the laws that govern our societies, leading to a more stable, secure, and democratic digital world.