Why digital sovereignty matters now
Digital sovereignty By 2026, IT will no longer be a technical detail, but a strategic issue directly related to continuity, compliance, and governance responsibility. This is evident from recent research by Uniserver among more than a thousand IT (co-)decision-makers in the Netherlands.
The research shows that organizations are increasingly aware of where their data is located, which laws apply to it, and which parties have access to their digital infrastructure. This combination increasingly determines how much control organizations actually have over their digital core. We'll delve into this in the next four articles in this series.
Balancing between innovation and control
The research results reveal a clear tension. Cloud and AI offer speed, scalability, and new possibilities, but control over data, security, and regulations consistently outweighs cost savings or time-to-market.
Many organizations want to innovate, but not at the expense of control. For example, a large proportion indicate that they first want to fully control over data and infrastructure to want, before AI is further scaled up. At the same time, AI is still deployed in a limited and fragmented way within many organizations, often without clear guidelines or policies.
Private and hybrid cloud dominate the landscape
The Uniserver study shows that the on-premises-only phase is over for most organizations. Private cloud is now the most widely used form of data storage, followed by hybrid environments that combine private and public cloud.
Fully public cloud and fully on-premise remain relevant, but they represent a clear minority. This split demonstrates that organizations are consciously seeking a middle ground: modernization and scalability, while maintaining control over data and infrastructure.
Data location and jurisdiction remain decisive
Physically, data is primarily located in the Netherlands and more broadly in Europe. At the same time, approximately one in ten organizations indicates that data is (partly) stored outside Europe, primarily in the United States.
That often seems like a practical choice, but it immediately raises questions about jurisdiction and foreign legislationThe research shows that this isn't always entirely clear. Data can be physically located in Europe, while foreign legislation still applies in certain situations. This means that data location isn't a matter of detail, but a strategic consideration.
Trust in cloud providers, but also concerns
Trust in cloud providers is high. IT decision-makers indicate they rely on their providers to ensure secure storage, proper access, and compliance with European legislation and industry standards. Many organizations also feel supported by their provider in addressing compliance issues.
At the same time, there are clear concerns about unauthorized access to data by foreign governments or intelligence agencies. This combination of trust, assumptions, and underlying concerns demonstrates that digital sovereignty is not just a technical issue, but also a governance and knowledge issue.
Digital autonomy on the strategic agenda
Within the Uniserver study, digital autonomy is defined as the ability of organizations to maintain control over their IT environment, data, and infrastructure. This includes decisions regarding data location, legislation, and partner selection.
A large majority of organizations indicate that digital autonomy is now an explicit part of their IT strategy. International and geopolitical developments are reinforcing this trend. Many organizations want to be less dependent on foreign providers and are willing to invest more to house critical data in a fully sovereign environment on Dutch or European soil.
Obstacles between ambition and implementation
While the ambition is clear, the path to digital sovereignty proves complex. Organizations cite complex laws and regulations, dependence on existing suppliers, and a lack of internal knowledge and capacity as major obstacles.
Legacy systems, fragmented data, and a limited sense of urgency at the board level also cause delays. This creates a gap between intention and implementation: the desire to gain more control is there, but the concrete steps aren't always clear.
Outlook: From cloud strategy to AI and sovereignty strategy
By 2026, the focus will shift from "moving to the cloud" to "choosing the right cloud under the right conditions." Organizations will seek infrastructure models that combine modernization and scalability with transparent control over data residency, jurisdiction, and access rights.
In the next blog in this series, Uniserver will delve deeper into AI. The research shows that today's infrastructure choices directly determine whether AI can be deployed securely, compliantly, and sovereignly tomorrow. especially in light of regulations such as the EU AI Act.
Digital sovereignty is thus developing into an integral part of the AI and data strategy for 2026.
