A follow on thought stimulated by my missive of yesterday on America’s AI Doctrine has me considering the connection and implications on digital sovereignty.
For organisations concerned with digital sovereignty, I feel the most challenging growing question is no longer simply one of residency, control or jurisdiction. It is who conditions the intelligence that thinks, decides and acts on their behalf..
Digital sovereignty to date has been largely argued in familiar terms like where data is stored, who operates the cloud, which law applies and whether a government or organisation can retain control over critical infrastructure. As I summarised in my assessment of the recent position taken by the European Union (EU) ‘The EU’s New Sovereignty Test – Control Without Isolation‘. I am suggesting now that AI changes that debate fundamentally. Sovereignty is no longer only about the location of data. It is about who provides the intelligence that interprets, acts on and increasingly automates decisions around that data. Digital Sovereignty now presents us with an intelligence conundrum.
This matters because AI models are becoming operational infrastructure. They summarise evidence, write code, assess risk, support cyber defence, triage customers, advise executives and are starting to orchestrate agents across business processes. If that capability is dependent on a foreign model, foreign API, foreign cloud or foreign policy decision, then sovereignty is conditional rather than real.
The US approach to AI regulation exposes the problem. It promotes light touch domestic regulation to accelerate innovation, while reserving national security discretion to restrict frontier models where strategic risk is perceived. China, meanwhile, is producing capable open weight models that may appear attractive to organisations wanting flexibility, control and cost efficiency. The result is not a simple choice between open and closed or American and Chinese. It is a sovereignty dilemma.
The deeper issue is that AI sovereignty is moving into cognitive infrastructure sovereignty. The question is not merely where the data sits. It is whose model interprets it, whose guardrails constrain it, whose government can intervene to politically condition and whose strategic interests are embedded in the operating model.
Organisations must now ask harder questions. Can the model be independently assured? Can it be hosted under trusted legal authority? Can access be withdrawn by another state? Is there a viable exit route? Are provenance, telemetry, updates and guardrails transparent enough to trust? Is there conditional bias being surreptitiously imposed?
The sovereign cloud debate asked where your data lives. The sovereign AI debate asks something more uncomfortable; whose machine is allowed to think, decide and act on your behalf?
Posted on July 5, 2026
0