The Sovereignty Stack

A stack is only as sovereign as its weakest layer.

What Compellability Means

On 10 June 2025, Anton Carniaux, Microsoft France’s Director of Public and Legal Affairs, testified under oath at the French Senate.

Asked whether Microsoft France could guarantee that European customer data would not be transmitted to United States authorities without French authorisation, he answered: “No, I cannot guarantee that.”

Microsoft’s own representative, in a European parliamentary chamber, under oath, confirmed the structural fact.

The Court of Justice of the European Union ruled in Schrems II that data transferred outside the European Union must enjoy protection essentially equivalent to that guaranteed within the Union.

The European Data Protection Board formalised the test as four Essential Guarantees: clear rules, necessity and proportionality, independent oversight, effective remedies.

The Court found that United States surveillance under FISA Section 702 and Executive Order 12333 does not meet the test.

The CLOUD Act requires American companies to produce data within their possession, custody, or control regardless of where that data sits.

Any entity subject to United States jurisdiction can be compelled to disclose European data without European judicial process.

Compellability is the binary test.

A layer passes the test if its operator is not compellable under non-European law. A layer fails if its operator is. Where the company is registered does not change the answer. Neither does the contract.

The Principle

Every Intel processor shipped since 2008 contains a subsystem called the Management Engine.

It has its own operating system, full access to memory, network, and screen, and runs when the computer is powered off.

In 2017, researchers found an undocumented kill switch buried in the firmware. The NSA had requested it for its own machines. No European government did. It still runs on every European government computer.

Twelve stacks of layered technology run beneath European critical infrastructure. We walk through one of them: the compute stack.

Firmware is one layer. The processor sits on a board. The board runs a hypervisor. The hypervisor hosts an operating system. The operating system reaches out through DNS. The connection is secured by a certificate. The application is assembled from a software supply chain.

Every one of those layers is a procurement decision. Every procurement decision is a sovereignty decision.

Data passes through every layer. Compelling any one layer compels the data. One Position 4 layer makes the whole stack Position 4.

Paper 1 carries the five-position framework.

We assess sovereignty layer by layer and count the passes. Six of seven layers compliant reads as ninety-four per cent in a compliance audit. The actual sovereignty position is whatever the failed layer was.

Procurement asks whether the technology is good. We need to start asking who controls each layer.

What Contamination Looks Like

An official at the European Commission opens her laptop.

American Megatrends firmware boots her machine. VMware, owned by Broadcom in Delaware, virtualises her desktop. DNS resolves through the global root zone published by an American non-profit in California. Let’s Encrypt issues her certificates. Microsoft 365 hosts her policy documents.

In March 2024, the European Data Protection Supervisor found the Commission’s use of Microsoft 365 incompatible with EU data protection law. The migration has been ongoing since.

Her authentication routes through Apple’s Secure Enclave or Google’s Tensor Security Core. The push notification depends on Apple Push or Google Firebase. The wallet on her phone is distributed by Apple’s App Store or Google’s Play Store.

Every procurement decision in this chain was made by European institutions, signed under European contracts, audited under European compliance regimes.

Each layer beneath the governance layer is American-compellable.

The Commission’s sovereignty position at this moment is determined by American Megatrends, Broadcom, ICANN, Let’s Encrypt, Microsoft, Apple, and Google.

The European decision was the contract. The American decisions are the operations.

Improvements within Position 4 are real and irrelevant. Operational autonomy, EU staffing, customer-managed encryption keys, European-resident data centres. Each is operationally meaningful.

None changes whether the data is compellable.

Our data sleeps in Europe. American law determines who can wake it up.

How Procurement Builds Capability

The laws to do this exist already. DORA, NIS2, GDPR under Schrems II, the public procurement directives. Read strictly, they require what this paper has been describing.

Europe is missing the mandate that activates them.

The mandate should apply to layers where European supply exists today. Layers without European supply should carry a documented exception. The exception should close when European supply emerges.

This works as an incentive to stimulate investment into each of these new suppliers. Whoever closes the exception first wins the mandated customer base.

The customer base is defined and mandated, which makes these companies and products highly investable for venture capital, member states, and any other party that sees the prize.

This is the first-movers advantage pattern at work.

These mandates allow us to build the missing parts of our stacks without requiring centralised European funding for any one mega-project, such as a European AI champion.

The Post-Quantum Window

Everything captured by the owner of our dependencies pre-quantum will be readable post-quantum. All of our encryption will break. Our DORA vulnerability reports will be shared with these other states, who can decide whether to use them against us.

The migration to post-quantum primitives is underway, on timelines set by NIST in 2024 and codified into European compliance through DORA, NIS2, and Law 7. The full European migration is targeted for completion by 2033.

The migration touches firmware, certificates, DNS, protocols, and key management. The rebuild is happening regardless of any sovereignty mandate.

A lot of our stack is being rebuilt. We have a chance to build our sovereign solutions during this, while the comparative cost is lowest.

Procuring sovereignly during the migration costs marginally more than procuring non-sovereignly during it. Depending on other regions’ migration technology means our data is likely to still be compellable, or have backdoors built in at the rebuild.

How sovereignty and quantum intersect is explored fully in Paper 5.

The Compute Stack

US tech leads many parts of the compute stack today. American Megatrends dominates firmware. VMware dominates hypervisors. Let’s Encrypt anchors the loss-leader certificate tier. GitHub holds most of the software supply chain.

European candidates exist at most layers. Some are production-ready today. Volume is missing at others. At one layer, the infrastructure does not yet exist.

The mandate that follows applies only to in-scope regulated workloads: DORA-regulated entities, NIS2 essential and important entities, and public-sector procurement above threshold. Consumer commerce and general European business are not bound.

Layer 1: Firmware

Every server boots with firmware. The firmware establishes the trust chain that everything above it depends on.

A compromised firmware layer can execute arbitrary code with complete control over the hardware. Firmware rootkits survive operating system reinstalls.

The NSA’s Tailored Access Operations group, documented in the Snowden releases, used firmware as a primary vector for maintaining persistence on high-value targets.

Three American vendors hold the European enterprise UEFI firmware market. American Megatrends supplies roughly half of motherboards globally. Insyde Software supplies roughly forty per cent. Phoenix Technologies supplies most of the remainder.

All three are subject to the CLOUD Act.

European firmware capability exists, fragmented. OVHcloud uses Open Compute Project hardware with firmware audited or developed in-house. The coreboot project receives substantial European contributions.

The German Sovereign Tech Agency funds firmware-adjacent open-source projects. Bundesdruckerei operates secure-boot key infrastructure under European jurisdictional control.

The volume to consolidate the fragmented capability at production scale comes from public procurement and from regulated cloud services. Both already exist. Both currently buy American firmware by default.

We should mandate auditable firmware at this layer, open-source where possible, with a transparent supply chain from silicon to operating system, operated under European jurisdiction.

Layer 2: Hypervisors

The hypervisor abstracts hardware so multiple operating systems share the same physical machine. This layer is dominated in European enterprise by VMware, owned by Broadcom.

In November 2023, Broadcom completed its $61 billion acquisition of VMware. Within months, customers reported licensing cost increases of 800 to 1,500 per cent.

The sovereignty of every European cloud provider running VMware was determined by a single board meeting in Palo Alto.

Production-grade European hypervisor capability exists today. Proxmox VE, developed by Vienna-based Proxmox Server Solutions GmbH, runs institutional workloads at scale. XCP-ng, developed by French company Vates, provides a Xen-based alternative used in production.

Both are European-jurisdictional, open-source, and operationally mature for many workload classes.

The objection is that European hypervisors are not ready. They are ready for most workloads. Proxmox VE and XCP-ng run institutional workloads today. Feature gaps remain at the most demanding workload classes.

The mandate should accept what works now. The Stack Compliance Body should publish the feature deltas European candidates must close to clear the higher workload classes. Investors see the deltas. The prize is the mandated customer base for whoever certifies first.

We should mandate a hypervisor under European governance, with European control over development priorities, security disclosure, and licensing.

Layer 3: Domain Name System

DNS translates domain names into IP addresses. Every network connection a European institution makes depends on it.

The thirteen root server identities are mirrors of identical root zone data. Not thirteen distinct pieces of a system. They serve the same content, distributed globally via anycast across approximately 1,500 servers.

Europe already operates two of the thirteen: I-root (Netnod, Sweden) and K-root (RIPE NCC, Netherlands). DENIC and AFNIC operate additional infrastructure. The server layer is largely solved.

The unsolved layer is the authority layer. The root zone data is produced under contract from ICANN, a US non-profit subject to US jurisdiction.

The realistic threat is compelled compliance. ICANN could be required by US court order or executive directive to instruct the European root operators to do something that compromises European sovereignty.

Compelled compliance is harder to detect than malicious code, and more important to defend against.

To escape our dependency at this layer, three pieces should work in parallel.

Continuity: a European alternative root zone authority should be pre-authorised across Netnod, RIPE NCC, DENIC, and AFNIC, ready to activate if ICANN or IANA is disrupted. The operational capability already exists. The political and legal framework is missing.

Default routing: NIS2, DORA, and public procurement should require European institutions to configure resolvers to prefer K-root and I-root. Same data served, same user experience, with European institutions as guaranteed customer base. DNS4EU, launched in June 2025, is a default-routing instrument at the recursive resolver layer.

Independent assurance: ENISA should review ICANN directives to the European-operated root servers before implementation. The review should be advisory, not binding. It catches quiet capture before it propagates.

Each piece addresses a different threat: disruption, default exposure, quiet capture.

Layer 4: Certificate Authorities

Certificate Authorities issue the digital certificates that secure encrypted web traffic. The CA’s public key is the trust anchor.

The European paid-tier CA infrastructure already exists. D-Trust (Bundesdruckerei subsidiary), Telesec (Deutsche Telekom), and national qualified trust service providers across member states issue paid certificates under eIDAS.

The paid tiers are commercially profitable. The market handles them.

The gap is at the loss-leader Domain Validation tier. The basic certificate that anchors HTTPS-by-default across the open web.

The dominant provider is Let’s Encrypt, operated by ISRG, a US 501(c)(3). It works well. It is donation-funded public infrastructure. It is also subject to US legal compulsion.

Europe needs an alternative already operating when an OFAC designation or executive directive arrives. Building it under pressure is the failure mode.

To close the gap at the DV tier, three pieces should work in parallel.

Parallel public infrastructure: a European DV CA should be built as parallel public infrastructure. ACME-protocol-based, free at point of use, funded as European public infrastructure, with open-source operational software.

Member states should retain the treaty-protected right to operate parallel infrastructure using the published architecture. The right to fork is the constitutional protection against capture.

Mandated paid-tier volume: the mandate should require European-issued certificates for in-scope workloads. The existing eIDAS QTSPs already operate; the mandate gives them guaranteed paid-tier volume.

European browser inclusion: Vivaldi, Mullvad Browser, GNOME Web, and downstream European Chromium and Firefox builds should ship with the European CA in their trust stores from day one. Major-browser inclusion (Mozilla, Chrome, Apple, Microsoft) follows through standard processes once volume justifies it.

Layer 5: Software Supply Chain

Most build tooling, package registries, code-hosting, and signing infrastructure runs on American-jurisdictional platforms today: GitHub (Microsoft), npm (Microsoft), PyPI (US PSF), Maven Central (US Sonatype).

Paper 24 carries the deep prescription: four-tier procurement architecture, a European platform foundation, and a distributed-national Sovereign Tech Agency model.

We should mandate European maintainers paid by European institutions, with commit access on the libraries Europe runs on.

Conclusion

Looking at sovereignty as a binary with multiple parts to each stack, we can actually begin to understand what needs to be built to get us to fully sovereign infrastructure.

Currently US tech leads in many parts of most stacks, and we pay for them to increase their lead and keep improving.

We prescribe a phased approach to allow us to fix the funding gap between ourselves and the US, by mandating public procurement and regulated entities (NIS2 critical infrastructure operators and DORA-regulated financial services) to use our stack where it is suitable.

Where it is not suitable then becomes a roadmap, which becomes highly investable, incentivising the free market to fund European companies, knowing that they have a lucrative opportunity to win mandated customers across these three verticals.

A stack is only as sovereign as its weakest layer and we need to start incentivising a sovereign stack to be built.