The key to digital sovereignty starts with procurement: how to set requirements for control and independence

The key to digital sovereignty starts with procurement: how to set requirements for control and independence

In our previous post, we discussed the growing need for digital control, digital sovereignty, and data sovereignty – why it is crucial to have a plan for managing or leaving digital dependencies through strategic exit strategies. But understanding why is not enough. To build a digital future based on independence and control, the work must begin long before an exit becomes necessary. It starts at the very foundation of how we acquire digital solutions: procurement.

For the public sector in Sweden, this is governed by the Public Procurement Act (LOU - Lagen om Offentlig Upphandling) and often takes place through call-offs under framework agreements. These processes are designed to ensure competition, transparency, and efficiency. However, if procurement focuses solely on functionality and initial cost – without considering the long-term strategic consequences for control and independence – we risk inadvertently cementing new, problematic dependencies.

Procurement should be viewed as one of the most powerful strategic tools for shaping an organization’s digital ecosystem. It is here that we define the terms for future collaboration, data sharing, and the ability to replace components in our digital architecture without tearing everything down. It is here that we build in – or lose – our future freedom to act.

So, how can we use procurement strategically to secure digital control, sovereignty, and data ownership? By setting the right requirements. Here are some key areas:

1. Require open standards – The Foundation for Portability

Proprietary data formats and locked-in interfaces are the digital walls that create vendor lock-in. By requiring that the solution is based on and supports open standards, you ensure that data and functionality become portable. This enables:

  • Easier data migration: Data can be exported and imported in formats that are documented and not tied to a specific vendor’s software (e.g., ODF instead of proprietary document formats, standardized geodata formats, etc.).
  • Broader compatibility: The system can more easily communicate with other systems, both existing and future.
  • Increased competition: By not locking yourself into a specific ecosystem, you open the door for more potential suppliers in the future, which promotes innovation and drives down costs in the long run.

2. Set requirements for interoperability – build for collaboration (According to EIF)

Digital sovereignty is about being able to integrate different solutions to meet your own needs. This requires interoperability – the ability of different systems to work together seamlessly. The European Interoperability Framework (EIF) provides an excellent model to follow, with its four levels:

  • Legal interoperability: Ensuring legislation does not hinder data sharing.
  • Organisational interoperability: Harmonizing processes and data between organizations.
  • Semantic interoperability: Ensuring the meaning of data is common and clear (e.g., through standardized data models).
  • Technical interoperability: Ensuring systems can be technically linked (via networks, interfaces, etc.).

By requiring in the procurement process that the solution meets the principles of interoperability, preferably based on the EIF’s recommendations, you build a digital ecosystem where you determine how the parts should interact, rather than being dependent on a single vendor’s integration strategy. Demand clear and documented APIs based on open standards!

3. Evaluate the Benefits of Open Source – Transparency and Flexibility

The choice of technology has a major impact on control and sovereignty. Actively evaluating and prioritizing Open Source Software (OSS) in procurement offers several strategic advantages:

  • Transparency: The source code is open for review. This increases security (vulnerabilities are discovered faster) and provides full insight into how the system actually works. No “black boxes.”
  • Flexibility and adaptability: You are not tied to one vendor for further development. The organization can adapt, build upon, or integrate the solution itself (or with the help of any chosen vendor).
  • No license lock-in: Basic usage of open source code with permissive licenses often entails no per-user licensing costs, providing cost control over time. Support and maintenance are procured separately, often with the opportunity to choose among multiple actors.
  • Community and innovation: Many prominent digital solutions are developed within vibrant open source communities, which drives rapid innovation and high quality.

Choosing open source is a conscious decision to own the solution (or the ability to manage it), not just rent it. LOU does not prevent the choice of open source – it’s about evaluating it based on all stated requirements and strategic goals, just like any other software.

Procurement as a strategic activity

Setting the right requirements in procurement, looking beyond the initial price tag, and including long-term strategic goals for digital control, sovereignty, and data ownership is crucial. It requires expertise – knowing which requirements to set and how to formulate them within the framework of LOU and framework agreements. It also requires the courage to prioritize long-term strategy over short-term convenience.

Investing in a procurement process that focuses on open standards, interoperability according to frameworks like EIF, and the potential of open source is not just a technical matter. It is a strategic decision to ensure the organization’s ability to make its own digital decisions, protect its data, and retain its freedom to act in an increasingly complex digital world.

View your next procurement not just as an opportunity to buy a solution, but to actively build the foundation for your digital sovereignty. It’s time to take control at the source.