Is procurement the missing piece of the digital sovereignty puzzle?
By
Nighat Nighat, Vaishnavi Patil
7d agoen
Source
Internet Policy ReviewIs procurement the missing piece of the digital sovereignty puzzle?policyreview.infoWho owns the code? In June , Indian Prime Minister Narendra Modi visited France to negotiate a consequential defence procurement deal. India's proposed acquisition of 114 Rafale fighter jets , valued at nearly 3250 billion INR (approx. 30.1bn Euro), is expected to advance toward a framework agreement. While the broad contours are largely settled, the issue of the extent to which Indian engineers can independently integrate indigenous systems onto the platform remains unsettled. At first glance, this may appear to be a technical matter concerning weapons integration and intellectual property (IP) rights. But this dispute is not, at its core, about jets, or even defence as a whole. It unveils how, even when technology is transferred, power to control it can remain concentrated in dominant hands. A country can localise assembly and workforce and still find that the most decisive layer – the software architecture controlling the system’s functionality and future development – remains outside its reach . From jets to clouds: Similar challenges across domains The lesson is not exceptional. This dynamic of how acquisition determines the boundaries of future agency repeats across countries that did not build the underlying stack. How governments choose to address it at the point of procurement may matter more than any regulatory framework they put in place afterward. South Africa, for instance, by building its citizen engagement platform on WhatsApp’s API, effectively delegated a core function serving 13 million users to a platform it could not shape. When Meta threatened to offboard GovChat , Pretoria realised its ability to provide services during a pandemic was contingent on Silicon Valley’s goodwill. The pattern repeats in cloud infrastructure. Fragmented national approaches have enabled regulatory arbitrage that benefits hyperscalers like AWS, Azure, and Google. They now collectively control over 70% of the global cloud market , leaving governments with little leverage to shape their own digital economies. Similar lock-in appears in telecommunications, where countries that adopt Huawei infrastructure for 4G networks become dependent on Chinese technology when upgrading to 5G. It is also evident in payments. Before Pix , Brazil’s digital payments system was mediated by Visa and Mastercard, two profit-driven foreign actors that regulated the system through private terms. Such dependencies were not imposed – they were procured. Moving beyond regulation The dominant response has been regulation. Countries pass data localisation laws , digital sovereignty frameworks , and platform liability regimes . While critical, these instruments share a structural limitation that is especially acute for Global South countries – they operate after the dependency is in place and require leverage that some states may not possess. The EU illustrates this challenge. Despite comprehensive digital sovereignty legislation like the General Data Protection Regulation (GDPR) and the Digital Markets Act (DMA), and the bargaining power of a single market, the EU remains structurally dependent on American hyperscalers . For Global South countries, which often lack the equivalent institutional capacity or market size, regulation is even less capable of changing the underlying power relationship. Regulation can constrain how vendors access or use data, but it cannot retroactively redesign public systems built on foreign infrastructure. This is not to say that regulation and procurement are not linked. Regulation sets the terms within which procurement decisions are made. Data localisation mandates can reshape the vendor landscape while interoperability standards can feed directly into public tender specifications. Good regulatory design, thus, can predispose procurement towards choices that champion sovereignty. Likewise, procurement decisions at scale can generate valuable regulatory feedback. Brazil’s adoption of Pix helped develop successive regulatory layers that matched Pix’s interoperability with open finance . What this entails is that sequencing and strategic intent matter. Mission-oriented procurement , when deployed with consideration of innovation, interoperability, and strategic supply chain resilience , can act as the primary tool through which states can shape markets to pursue public interest goals. How states frame procurement to make consequential choices – what to buy, from whom, on what terms, and with what requirements – elevates procurement from a downstream function to a site of agency. For the Global South, where regulatory leverage is structurally thinner, this reframing is especially urgent. Digital sovereignty, under this framework, must be understood as the capacity to exercise state agency within the international order – to procure, negotiate terms, build coalitions, and shape standards. New pathways to explore digital sovereignty Greater operational sovereignty through strategic procurement will help states build collaborative networks across the Global South. The countries best positioned to do this are the middle powers – India, Brazil, Canada, Indonesia, Saudi Arabia, and more. With sufficient market size, technical capacity, and geopolitical weight, they can protect themselves from vendor capture and resist the binary pressure of the US-China tech rivalry. As Chatham House notes, both Beijing and Washington assume countries will eventually align with one or the other. The middle powers are increasingly rejecting that assumption , building their own coalitions. Brazil’s Pix, for example, was lauded as a possible blueprint to create a SWIFT alternative at the 2025 BRICS summit. By doing so, middle powers get to build not only their own sovereign infrastructure but also interoperability norms for countries that adopt them. Procurement coordination among middle powers, then, is not merely a technical exercise in cost efficiency. The UNOSSC documents highlighted that Brazil and India are already collaborating on satellite technology for agriculture and deforestation monitoring. To create new transnational alignments, middle powers have to understand their innovation leverage and interdependencies. For instance, India has built sovereign yet adaptable Digital Public Infrastructures (DPIs) , which are a set of foundational digital systems built on open standards to deliver public and private services. It shared its innovation by signing MoUs with 23 countries. In April 2024, Namibia became the first African country to license Unified Payment Interface (UPI) – India’s indigenous mobile payments solution. Six African countries have now adopted elements of the India Stack framework. Each adoption deepens a bilateral relationship that signals affiliation and technical compatibility. Importantly, this method of strategic procurement for developing operational sovereignty is spilling over to the broader Global South. For example, to create bargaining power, break vendor lock-in, and ensure South-South interoperability, the African Union’s Digital Transformation Strategy (2020-2030) and Continental AI Strategy (2024) both lay out roadmaps for continent-wide infrastructural partnerships in digital sovereignty. A Carnegie Endowment proposal goes further by suggesting that India, Brazil, and SADC-linked African nations could develop shared procurement guidance and access frameworks, turning procurement into a structural feature of South-South cooperation. Filling the sovereignty gap France’s refusal to grant the Rafale source code access to India is not an isolated instance. It hinges on Paris’s fears that it would undermine its leverage over Egypt, Qatar, and Indonesia – all Rafale operators. This hesitation to share proprietary digital assets mirrors a logic seen across North-South procurement relationships . Naturally, this creates a vacuum for alternatives. The infrastructure wave accompanying AI, cloud computing, and digital identity deepens this vacuum, with dependencies of tomorrow being procured today. Middle powers are critically placed to take advantage of this moment. It is important to treat this as a strategic inflection point, lest we repeat the same patterns: physical ownership without operational sovereignty, adoption without agency, infrastructure without independence. Which raises the question – should procurement become the next frontier of digital sovereignty?
You might also wanna read
Europe's €2 Trillion Public Procurement as a Strategic Tool for Digital Sovereignty
The article argues that Europe's €2 trillion annual public procurement spending is a powerful but underutilized tool for asserting digital s
socialeurope.eu·1mo agoEU's proposed Cloud and AI Development Act could make data sovereignty a key procurement criterion
The article discusses how the European Commission's proposed Cloud and AI Development Act (CADA) could make data sovereignty a key factor in
Africa's AI infrastructure boom raises questions of digital sovereignty and foreign control
The article examines the growing tension between foreign investment in AI infrastructure across Africa and the continent's desire for digita
Sovereignty and European competitiveness: A partnership-led approach to AI growth
Google News·4mo ago
Europe's push for digital sovereignty requires a practical operating model, not just policy aspirations
Europe is grappling with the need to turn digital sovereignty from an abstract aspiration into a concrete operational model. Amid geopolitic
Europe’s digital sovereignty era may have ended before it ever began. The EU, Germany, the Netherlands and Greece have joined Pax Silica, the US-led initiative to secure the AI supply chain across chi
open.substack.com·14d ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.