Home > Expertise > Sovereignty > Digital sovereignty

Digital sovereignty

Digital sovereingty Agency Consulting firm Experts Specialists Consultancy

The Alcimed team explores the challenges of digital sovereignty for multiple major actors in France and Europe with a view to helping them better understand the digital ecosystem in order to promote a transition towards more sovereign solutions.

    Tell us about your uncharted territory

    You have a project and want to discuss it with our explorers, write us!

    One of our explorers will contact you shortly.


    They trust us

    Logo_carre_APHP
    Logo_carre_Bayer
    Logo_carre_Boehringer_Ingelheim
    Logo_carre_Grand_Lyon
    Logo_carre_J&J
    Logo_carre_Loreal
    Logo_carre_Mars
    logo_carre_michelin
    Logo_carre_Moderna
    Logo_carre_Nesle
    Logo_carre_reseau_SATT
    Logo_carre_Roche
    Logo_carre_Saint_Gobin
    Logo_carre_Sanofi
    Logo_carre_Solvay
    Logo_carre_Suez
    Logo_carre_Thales

    The challenges related to digital sovereignty

    Today, the field of information and communication technologies is governed by the American giants: GAMAMs (Google, Apple, Meta, Amazon, Microsoft, etc.). These organisms have established a virtual monopoly of the global digital space. This monopoly, both technical and economic, sometimes threatens the integrity of our most sensitive data. In addition, events (Snowden affair in 2013 – Promulgation of the Cloud Act in 2018) that made it possible to turn these threats into reality have pushed European players to build a strategy in order to remove themselves from the hegemony of the GAMAMs and, in doing so, to regain digital sovereignty.

    Achieving this digital sovereignty is a national and European strategic objective in order to be able to better master digital technologies and ensure data integrity, on the internet and in cyberspace first and foremost. Many challenges remain for European industrial companies and institutional players seeking to regain their digital sovereignty:

    The need to migrate to the cloud is being felt. Working in the cloud makes it possible to increase the productivity of companies by making them more agile in the way they work, and by allowing them to use application services such as AI or big data. Many players are therefore becoming dependent on these solutions to remain competitive. However, when it comes to critical infrastructures such as an airport or a hospital, sensitive digital data cannot be handled on any cloud platform.

    Let’s take the example of the two American laws, the Patriot Act and the Cloud Act. These two laws allow the American government to request access to digital data for legal purposes, as long as it is operated by an American service provider, regardless of its location. And, to date, U.S. companies share nearly 70% of the global market for cloud solutions. At the same time, the services offered by the current French and European clouds are far from reaching the level of those offered by the Americans. It is therefore essential to develop compatible, high-performance solutions with the required level of security for this sensitive data in each territory.

    At the French level, many initiatives towards digital sovereignty are carried out by the National Agency for the Security of Information Systems (ANSSI). For example, in 2016, ANSSI launched the “SecNumCloud” or “Trusted cloud” certification to qualify cloud offers on digital sovereignty and security aspects. Several cloud offer providers such as OVH, OoDrive, and 3DSOutScale have already obtained this label certifying their compliance.

    What possibilities exist today to work on the cloud while keeping control of your digital data? What market is there for SecNumCloud platforms? What is the state of the art of these platforms?

    Despite a real desire to create more sovereign digital offers, the level of services and the resources offered by French and European solutions are often barriers to data migration for many companies. Indeed, American suppliers are clearly ahead, and often offer better scalability, availability, and performance. However, digital sovereignty also rests on the person who operates and secures his data.

    If we look at the case of France, associations between American suppliers and French players have recently emerged (Google & Thales or Microsoft & Orange). Their offers, aiming to obtain the “trusted cloud” label, could represent a fair balance between digital sovereignty and performance. The American partner would then provide its high-level service solution, that would be entirely operated and secured by the French player, and the data would be located in France. It should be noted that these offers would be built on an American infrastructure, which raises doubts as to whether they would obtain the SecNumCloud label.

    At the European level, the GAIA-X project, which aims to build a cloud computing infrastructure operated and secured by European players, will launch its first data spaces in 2022. Unfortunately, GAIA-X is now sponsored by Huawei and Alibaba (Chinese players), as well as by Microsoft and AWS (American players), so some French players, such as the cloud host Scaleway, are dropping out of the project.

    What is the concrete impact of using a European versus American cloud solution? What are the trade-offs to be made between digital sovereignty and performance? What future solutions should be considered to meet all needs?

    Digital sovereignty is not just limited to cloud aspects, as there is also a desire for sovereignty in the production of chips and around geolocation and access to information, for example. Europe is moving in this direction: the first wish is supported in Europe by the Chips Act initiative, a 43-billion-euro plan aimed at doubling Europe’s market share (10% today) in semiconductors. The second is the Galileo project to create a fully European satellite positioning system.

    Nevertheless, it should be noted that the Chips Act did attract a major investor, in this case the American company Intel, which announced an investment plan of 33 billion euros to manufacture semiconductors in Europe.

    On what aspects of my operation as a company am I dependent on another country? How can we free ourselves from these dependencies?

      Tell us about your uncharted territory

      You have a project and want to discuss it with our explorers, write us!

      One of our explorers will contact you shortly.


      How we support you in your projects related to digital sovereignty 

      Alcimed has been supporting its clients for over 25 years with their innovation and new business development projects, among which digital sovereignty is a key issue. We support many industrial and institutional players, who work on different aspects of data management and French and European digital sovereignty (e.g. Thales, MBDA, CNES, etc.).

      The diversity of our clients, the geographic fields we explore and the types of projects we develop give us a global and in-depth understanding of the issues related to digital sovereignty.

      Our projects cover areas as diverse as digital transition, new technologies, new business models related to the digital world, the assessment of market opportunities, the launch of innovations, partner identification, as well as regulatory developments.

      Examples of recent projects carried out for our clients in digital sovereignty

      • Identification of priority use cases of critical data for a certified French cloud

        We supported an industrial actor in its desire to offer the French Defense Ministry a certified, sovereign private cloud allowing them to work in a cloud-type work environment, but with sensitive data, known as restricted distribution (RD). Our client wanted to identify the priority use cases for this platform and associated services.

        After a quick bibliographical analysis and an analysis of the competitive environment of the company, the heart of our intervention consisted of an exchange with players from the Defense universe (large groups, institutions, start-ups, etc.), in order to identify the priority interest applications for this platform.

        We were thus able to highlight a particular interest in services enabling collaborative work in the defense sector, but also to propose promising initial avenues outside of defense (OVI: Operators of Vital Importance or ESO: Essential Services Operator), a real uncharted territory for our client, which we continue to explore with him!

      • Development of a new cybersecurity platform for Defense and Information Systems Security

        Alcimed supported a leading security & digital industrial player through a coaching and consulting process for a product line to develop a cybersecurity offer in the form of a digital platform. It enables both the detection and the identification of cyber-attacks aimed at all types of players (industrial, public, governments, etc.) to achieve both security and digital sovereignty, while ensuring controlled risk management and optimal cyber resilience.

        To do this, our team carried out an analysis of the needs and expectations of the various players in the ecosystem (manufacturers, ministerial institutions, start-ups, states and governments, etc.) for this platform, as well as an analysis of the competition and a study of the cybersecurity market. Our investigation made it possible to define relevant usage cases for such a platform, to redefine the value proposition of the offer, and to identify the key success factors and potential barriers for its further development.

        The result for our client: the validation of the relevance of its platform with regard to the needs of the market and the client ecosystem, the definition of the most relevant value proposition and business model, and recommendations on its future positioning.

      • Development of a European digital innovation hub with a focus on AI and cybersecurity

        Alcimed supported the Grand Est region in France in building its regional EDIH, or European Digital Innovation Hubs. More specifically, this initiative aimed to support all regional SMEs and ETIs by enabling them to grasp the challenges of AI, cybersecurity and high-performance computing.

        A Europe-wide study revealed that only large groups were in a position to take up these challenges, which represented a significant risk for smaller structures. In response to these challenges, we helped our clients to develop the offer, model and organisation of this new regional hub, in conjunction with more than 80 regional entities.

        Thanks to this project, our team has contributed to reducing the digital gap between large companies and smaller structures, by promoting a local and integrated approach that fosters regional technological autonomy. In this way, Alcimed helped lay the foundations for a stronger, more resilient and more competitive regional economy.

      • Evaluation of the potential of a digital platform to promote the regional audiovisual content of a French region

        Alcimed supported the Grand Est region in France in evaluating the potential of a digital platform to promote regional audiovisual content. This project aimed to encourage the development of local digital platforms, thereby supporting the regional digital economy while promoting cultural and linguistic diversity in the face of the dominance of international content.

        To do this, we carried out a benchmark of another regional platform to understand its business model and the possibilities in terms of content offering. This initial analysis was supplemented by interviews with key players in the media ecosystem, such as producers and local television channels. Using this information, our team then conducted a workshop with several groups of stakeholders to define an editorial line and the ambitions of the digital platform under construction.

        Ultimately, our project enabled the Grand Est Region to identify the development potential of such a platform and to acquire a good understanding of the project’s funding and subsidy issues, thanks in particular to the production of a 5-year Business Plan.

      You have a project?

        Tell us about your uncharted territory

        You have a project and want to discuss it with our explorers, write us!

        One of our explorers will contact you shortly.


        To go further

        Founded in 1993, Alcimed is an innovation and new business consulting firm, specializing in innovation driven sectors: life sciences (healthcare, biotech, agrifood), energy, environment, mobility, chemicals, materials, cosmetics, aeronautics, space and defence.

        Our purpose? Helping both private and public decision-makers explore and develop their uncharted territories: new technologies, new offers, new geographies, possible futures, and new ways to innovate.

        Located across eight offices around the world (France, Europe, Singapore and the United States), our team is made up of 220 highly-qualified, multicultural and passionate explorers, with a blended science/technology and business culture.

        Our dream? To build a team of 1,000 explorers, to design tomorrow’s world hand in hand with our clients.

        Digital sovereignty is the capacity of a country or an organization to control and protect its own digital data, technologies and infrastructures. This can include, for example, the autonomous management of digital resources, the protection of online privacy, and the reduction of dependency on foreign players.

        Several regulatory measures have already been implemented by Europe:

        • The General Data Protection Regulation (GDPR) in particular is a vector of digital sovereignty. Entered into force in 2018, the idea behind this regulation is to grant users control over their digital data in the face of the American giants. Regarding American cloud solutions, these major companies seem to have complied with the GDPR. This is not always the case for major social networks (Facebook and Google were fined €60 and €150 million respectively in early 2022 for not providing an easy way to disable cookies).
        • The Digital Market Act (DMA) presented in 2020 will make it possible to overcome the problems of the GAMAM monopoly over digital matters by offering more control, protection and freedom to end users. Indeed, the DMA offers governments the possibility of sanctioning companies delivering a platform service in the event of an abusive situation.
        • Finally, following the DMA, the Digital Services Act (DSA) was also announced, aiming at regulating and moderating the content published on the platforms of the American giants.

        Digital sovereignty is based on 4 main pillars:

        • Establishing regulatory frameworks to govern the use of foreign digital technologies, and in particular ensuring data protection to guarantee the confidentiality of information.
        • Developing and adopting national (regional or local) technologies to reduce dependence on foreign players, starting with the tech giants (GAMAM – Google, Apple, Meta, Amazon and Microsoft).
        • Strengthening critical digital infrastructures to ensure their control and resilience.
        • Investing in education and training in digital skills to increase technological autonomy.