The package includes the Cloud and AI Development Act, the Chips Act 2.0, a roadmap for digitalisation and AI in the energy sector and an open source strategy. Before the legislative proposals can be adopted and enter into force, they still have to be negotiated in the European Parliament and the Council of the European Union.

Open source is no longer just seen as a technical option at European level, but as a strategic building block of digital sovereignty. Europe can only shape its digital infrastructure with sovereignty if open alternatives in key areas such as cloud, AI, internet technologies and cybersecurity are strengthened in a targeted manner.

Digital sovereignty begins with procurement

Digital sovereignty does not begin with the operation of a solution. It starts much earlier: in tenders, procurement processes, technical requirements and strategic IT decisions.

The public sector is one of the most important clients for digital solutions in Europe. Their procurement decisions influence which standards become established, which providers are given market opportunities and which digital ecosystems can grow in the long term.

When public funds are channelled primarily into closed, proprietary systems, dependencies are created that can only be resolved later with great effort. Data, identities, rights management, interfaces and work processes grow closely together with individual providers. What may seem convenient in the short term can restrict your own ability to act in the long term.

Open Source First belongs in practice

The Heinlein Group, which also includes the brands Heinlein Support, mailbox and OpenTalk, together with other European open source companies and organisations, signed an open letter to the EU Commission, the European Parliament and the governments of the EU member states. The central demand was: Open Source First.

In future, public authorities should check in a binding and comprehensible manner whether a suitable open source solution is available before procuring proprietary alternatives. This assessment should be documented, including the reasons if an open solution is not used.

Open source first does not mean excluding proprietary software across the board. It means that public digital infrastructure should normally be open, transparent, interoperable and sovereignly operable. If suitable open source solutions are available, they should be prioritised and used wherever possible.

Open source is more than a technical issue

Open source creates key prerequisites for digital sovereignty: transparency, security, flexibility, interoperability and long-term control.

Open source code enables independent testing and makes it possible to understand how software works. Open standards and documented interfaces facilitate integration into existing systems and reduce dependencies. Organisations can adapt solutions to their own requirements, develop them further together with others and retain more freedom of choice when it comes to operation, further development and the selection of service providers.

In this way, digital solutions are not created as closed systems, but as reusable building blocks of an open ecosystem. Where these options are lacking, dependencies arise: technically, economically and organisationally.

This is particularly important for public administrations. If software is verifiable, customisable and reusable, investments can have a more long-term effect and do not have to be repeatedly channelled into closed individual solutions.

Using existing solutions consistently

Europe already has an active open source community, innovative companies and tried-and-tested solutions. Open alternatives are also available for key areas of digital infrastructure.

What is often missing are reliable framework conditions, fair market opportunities and procurement procedures that systematically take open solutions into account. This requires binding criteria, clear responsibilities and measurable progress.

Practical support, advisory services and guidelines for authorities are just as important. Open source must not only be legally possible, it must also be realisable in day-to-day administration.

This is precisely where the EU Commission's open source strategy must start. It should promote the wider use of existing open source solutions in the public and private sectors, support European organisations in contributing to open source development themselves and strengthen the open source ecosystem in Europe.

This is not just about using individual solutions, but about building sustainable digital structures: using existing software, developing it together and creating European alternatives to proprietary solutions controlled by individual providers.

OpenCloud as part of an open digital ecosystem

Files, documents and collaboration are part of the basic digital infrastructure of organisations. This is where information is stored, shared, edited and archived. It is therefore important that this level remains secure, traceable and controllable in the long term.

OpenCloud is an open source platform for file management and collaboration. It helps organisations to manage, collaborate on and share files in a structured way. At the same time, it enables traceable control of access rights and workspaces.
Open interfaces, spaces and a transparent architecture create the basis for organising digital collaboration without tying organisations to a closed ecosystem.

This shows that European open source solutions for key areas of digital collaboration are available. It is now crucial that such solutions are consistently taken into account in procurement and practice.

Clear criteria for sovereign infrastructure

The open source strategy in the EU Tech Sovereignty Package sends an important political signal. It recognises that Europe's digital sovereignty cannot be achieved without open software, open standards and interoperable systems.

In order for this signal to have a practical impact, open source must be consistently taken into account in procurement decisions, funding programmes and infrastructure projects. This requires binding criteria:

• Will a suitable open source solution be tested?
• Are interfaces open and documented?
• Is it realistically possible to switch at a later date?
• Can data be exported portably?
• Who controls the software, operation and further development?
• Is the decision documented in a comprehensible manner?

Such criteria help authorities to not only formulate digital sovereignty as a goal, but to implement it in everyday life. They create transparency for providers, comparability for procurement organisations and better conditions for European open source solutions.

Many of the necessary solutions and technologies are already available. The important thing now is to utilise them systematically and turn open source from a special case into the standard.