Imagine waking up one morning to find that the local council no longer knows who is entitled to social support. That the hospital can no longer access patient records. That the police have lost their communication systems. Not because of an attack, but simply because one American company somewhere far away has a technical outage, raises its prices, or suddenly refuses access.
Sounds far-fetched? Less than you might think. But this article is not about fear. It is about what becomes possible when you make conscious choices.
A concern that has found its name
The worries are not new. When Edward Snowden revealed in 2013 that the NSA was collecting data on citizens worldwide at an unprecedented scale through major American tech companies, the outrage was great. But then shoulders dropped again. Too technical, too far away, too hard to do anything about.
What has changed in recent years is not the facts. Those were already there. What has changed is the geopolitical context. The recent change of power in the US and the shift in course that followed made it painfully clear that trust in a distant ally is no substitute for a digital policy. And it goes beyond one country: from other parts of the world too, technological assertiveness is growing in ways that affect Europe.
The good news? More and more people, companies, and governments are starting to act.
A movement takes shape
Exactly one year ago, we founded BeLibre as a Belgian think tank on digital sovereignty: the question of who actually controls our digital infrastructure and data, and how we can reclaim that control.
We started as a small community of tech enthusiasts and experts. Today we have gathered 81 people in our community, we speak with journalists, policymakers, and businesses, we conduct civic research, and we support groups organising open source events. We were guests at events such as NewLine Ghent and at Beltug, and soon also at sustain.brussel. Our technical research via belibre.be/map mapped for the first time how deep the dependency runs across Belgian governments, hospitals, schools, and banks — and where the opportunities lie to do things differently.
The situation in Belgium
Nearly 85% of federal public institutions and over 91% of Flemish public services use Microsoft for their email. For cities and municipalities, that figure rises to almost 98%. Police, hospitals, fire services, schools, banks, newspapers: the same pattern everywhere. That is not an indictment of one company. Microsoft delivers solid products, and the choices are historically understandable. But putting all your eggs in one basket makes you vulnerable. The question is not whether it works well today. The question is whether we will still be in control tomorrow.
Cybersecurity expert Jan Guldentops recently illustrated just how concrete that vulnerability can be. He helped a couple of people who, after upgrading to Windows 11, suddenly lost access to their own computer because Microsoft had locked them out of their online account. They not only lost their email — their entire digital life came to a standstill. Guldentops was able to technically rescue the PC, but the email account remained blocked. His conclusion was sharp: “They are simultaneously forced to do everything digitally, yet are at the mercy of a vendor that is not interested in making their digital lives easier.” That is the human face of dependency. And what applies to vulnerable citizens applies to an even greater degree to governments that have built their entire operation on a single external platform.
Three dimensions deserve attention. Confidentiality: American companies fall under extraterritorial laws that oblige them in certain circumstances to share data with the government or intelligence services, even if that data is stored in Europe. Integrity: anyone who does not control their own software has no guarantee that the information they see is unmodified. AI systems integrated into office environments today can subtly shift with each update in how they filter or present information — without you noticing. Availability: a single cloud provider going down can trigger a cascade that cripples an entire country.
Beltug, the Belgian network of CIOs and digital leaders, sounded the alarm at the end of 2025 together with similar organisations from France, the Netherlands, and Germany. They estimate the cost of digital dependency for Europe at 264 billion euros per year, with the risk that without corrective action this could rise to 500 billion euros by 2032. When even the major IT decision-makers are sending this signal, it is time to listen.
“Sovereign cloud”: a promise with an asterisk
Microsoft and other large cloud providers are aware of European concerns. They therefore offer “sovereign cloud” solutions: European data centres, European administrators, contractual guarantees. It sounds reassuring.
But in June 2025, Microsoft France was questioned under oath by the French Senate, as part of an inquiry into public procurement and digital sovereignty. The question was direct: can Microsoft guarantee that data of French citizens will never be transferred to American authorities without the consent of the French government? The answer from the director of public and legal affairs was equally direct: “No, I cannot guarantee that.”
The reason is legal and structural. Under pressure from the American CLOUD Act, Microsoft can be compelled to transfer customer data to American authorities, even if it is stored in data centres within the European Union. Privacy experts warn that American providers cannot offer one hundred percent sovereignty, and according to the letter of the law, that is correct.
This is not a matter of bad faith. It is a structural problem: a company operating under American law simply cannot provide full European legal certainty, regardless of how many contractual guarantees it offers. Sovereignty is ultimately a legal concept, not a technical label you can stick on a product.
Not reinventing everything — but building together
BeLibre does not advocate digital isolationism. International cooperation is a cornerstone of our economy and society, and that applies to digital infrastructure too. The point is not that we must build everything ourselves, but that we must be able to choose who we work with — and on what terms.
That is precisely where free and open source software offers a key. Open source means that the source code of software is publicly available: anyone can read, inspect, modify, and reuse it. That sounds technical, but the consequences are very practical. A government using open source software is not dependent on the goodwill of a single vendor. It can switch without losing everything. It can collaborate with other governments to share costs. And it can have the code audited to ensure there are no hidden back doors.
That is also how it works in practice. Schleswig-Holstein migrated its entire email system to open source alternatives in six months — over 40,000 mailboxes including more than 100 million emails and calendar items. France is building “La Suite Numérique”, its own suite of open source tools to replace Microsoft and Google for millions of civil servants — and is doing so in collaboration with Germany and other European countries that reuse the same building blocks. Amsterdam voted unanimously for a plan to become more digitally independent and is now actively seeking an alternative to the Azure cloud platform.
Europe is moving, and it pays off
The business case has by now been proven. The savings for Schleswig-Holstein amount to more than 15 million euros per year for a one-time investment of 9 million. Payback period: less than a year. Public money staying in the local economy, instead of disappearing to a faraway shareholder. But it is not only northern Germany that is taking steps. The German government is mandating the open ODF file format as compulsory for all German public authorities.
The French minister stated the goal concisely: to end the use of non-European solutions and guarantee the security and confidentiality of public digital communications. The city of Lyon, the Danish government, and the International Criminal Court also chose open source this past year. A European movement is growing. Belgium can play a role in it.
If 20% of the cloud budget currently flowing to the US were to stay in Europe, European digital investment capacity would double. That is not only good for government. It is good for European entrepreneurship, for IT talent that can build a future here, and for a digital economy that reflects our own values.
When the US House of Representatives reminds its big-tech companies that the government retains the right to access their infrastructure… that is an open declaration of intent that we as Europe cannot afford to ignore. We also issued a press release on this with BeLibre.
NerdVote.be: are our politicians ready?
To find out whether the political will exists, we launched NerdVote.be. The concept: just as in the Netherlands digital experts managed to get elected through targeted voter mobilisation, we wanted to invite Belgian parties to put forward their digital frontrunners.
We contacted all major parties in November 2025 and again in February 2026, just after FOSDEM, the world’s largest open source event, held every year in Brussels. We followed up by phone. The question was simple: who is your expert on digital sovereignty, privacy, and cybersecurity?
Of all the parties represented in our parliament, one responded: CD&V MP Stijn De Roo took the time for a substantive conversation. The rest remained silent. Accidentally, we also bumped into the Mastodon account of Volt Europe
That is no reason for cynicism, but it is cause for vigilance. The topic is new to many, and BeLibre wants to help build precisely that bridge: between technical expertise and political decision-making. But for that we also need politicians who open the door.
Document Freedom Day: freedom begins with open formats
We celebrate this anniversary on Document Freedom Day, the annual day in honour of open file formats and open standards. That is no coincidence.
Digital freedom begins with concrete, everyday questions: can you read your own documents without depending on one specific paid programme? Can your municipality still access its archives in twenty years? Is your data stored in a format that no one holds hostage? Will the software you use daily soon also determine what you are allowed to write, share, or see?
Open source software offers an answer: transparent technology that can be controlled, improved, and reused by anyone. Not as an ideological stance, but as a concrete, workable choice that saves governments money, protects citizens, and makes Europe stronger.
What now?
BeLibre is one year old. Beltug observes that more and more CIOs are questioning their dependency on non-European service providers and are more actively seeking European alternatives. That awareness is growing, including in Belgium. It now also needs a voice and a face: in the media, in politics, in the municipal council, and in your organisation.
This is a story of hope. The technology exists. The examples exist. The community is growing. What matters now is the will to choose.
Join us. Think with us. Talk about it.
🕯️belibre.be 🕯️ Matrix chat 🕯️ Mastodon 🕯️