As governments accelerate their digital transformation journeys and navigate an increasingly complex geopolitical landscape, one issue is rapidly moving up the policy agenda: data sovereignty.
For years, the conversation around digital government has focused on efficiency, accessibility, interoperability, and innovation. More recently, AI seems to be the key talking point. While these remain critical priorities, recent global events have highlighted a more fundamental question:
Who ultimately controls your citizen’s data?
The answer has significant implications for national security, public trust, regulatory compliance, and the long-term resilience of government services.
Why Data Sovereignty Matters
At its core, data sovereignty means that data is governed by the laws and regulations of the country in which it is collected, stored, and processed.
For governments, this is about far more than compliance. It is about ensuring that critical information remains subject to national oversight, legal protections, democratic accountability, and the strategic interests of the country it serves.
The issue has become increasingly important as governments around the world reassess their reliance on foreign-owned digital infrastructure and technology platforms. Concerns about foreign jurisdiction, intelligence gathering, cross-border data access, and the extraterritorial reach of certain national laws have prompted many countries to take a closer look at who ultimately controls the systems that store and process their citizens' information.
These concerns have only intensified as the geopolitical landscape becomes more complex and uncertain. Rising tensions between major powers, increasing cyber threats, economic competition, and a growing focus on national resilience have led many governments to view data as a strategic national asset rather than simply an operational resource.
For registry operators and government agencies, this is particularly significant because registers often contain some of the most sensitive and strategically important information within a country.
Collectively, these datasets provide a detailed picture of a nation's economy, ownership structures, critical assets, and citizens. They underpin trust in markets, support regulatory oversight, enable economic activity, and form the foundation of many public services.
When governments lose visibility or control over how this information is stored, accessed, or governed, they risk more than regulatory challenges. They risk weakening the trust, resilience, and sovereignty that modern digital societies depend upon.
A Global Shift Towards Digital Sovereignty
Across Europe and beyond, governments are taking a much closer look at where citizen data is stored, who has access to it, and which legal jurisdictions govern that information.
A recent example emerged in the Netherlands, where the Dutch government blocked the proposed acquisition of Solvinity, a company that provides cloud services supporting critical government infrastructure, including the country's DigiD digital identity platform. The decision was driven by concerns about foreign ownership of technology supporting sensitive government services and citizen data. The move reflects a growing recognition that digital infrastructure is now as strategically important as physical infrastructure. Governments increasingly view control of citizen data and critical digital services as matters of national interest.
The push for digital sovereignty extends beyond cloud infrastructure and data hosting.
Recently, the European Parliament announced it would replace Google with European search engine Qwant as the default search engine for its internal browsers. The move was presented as part of a broader effort to reduce dependence on non-European technology providers and strengthen Europe's digital sovereignty. While changing a search engine may appear symbolic, it reflects a wider trend among governments and public institutions seeking greater control over the digital platforms and services that underpin daily operations.
Screenshot of French Search Engine Qwant.
Together, these developments highlight a broader shift in thinking. Sovereignty is no longer viewed solely through the lens of geography or infrastructure. Increasingly, it is about maintaining control over the digital systems, platforms, and data that support public services, economic activity, and democratic institutions.
The Sovereignty Challenge for Registers
For registry operators, data sovereignty is not simply a technology question. It is a governance question.
As governments modernise their registries and adopt cloud services, interoperability frameworks, artificial intelligence tools, and digital identity platforms, they must carefully consider how these decisions affect control over citizen and business data.
Registry leaders should be asking a number of important questions:
- Where is our data stored and processed?
- Which country's laws apply to that data?
- Who ultimately controls the infrastructure supporting our registry?
- Can external organisations gain access to registry data through foreign legislation or ownership structures?
- How easily could we move our data and services if circumstances changed?
- Do we maintain authority over how our data is accessed, shared, reused, and governed?
- How do we ensure that the register remains the authoritative source of truth as information is distributed across multiple systems and platforms?
These questions are becoming increasingly important as registry data is shared through APIs, integrated into digital ecosystems, consumed by third-party applications, and analysed by artificial intelligence tools.
Foster Moore's VP of Registry Solutions Europe & Special Projects, John Murray, recently highlighted this challenge in his reflections following the EBRA 2026 conference in Malta. He noted that registry operators must look beyond traditional objectives such as digitisation, automation, and service delivery, and consider their long-term role within an increasingly interconnected digital landscape.
As John observed, the key question is:
"What unique value do we provide in a world where trusted information can be created, verified, exchanged, and analysed anywhere?"
The answer begins with trust and control.
The most resilient registries will be those that embrace interoperability and innovation while retaining clear governance over their data, infrastructure, and operating models. Their role is not simply to store records, but to ensure that information remains accurate, authoritative, secure, and subject to appropriate national oversight.
In an increasingly connected world, data may flow across systems, organisations, and borders. But the responsibility for maintaining trust in that data must remain with the institutions accountable to citizens and businesses.
For modern registries, sovereignty is ultimately about ensuring that governments retain the ability to govern, protect, and derive value from their most important information assets while continuing to deliver the digital services that citizens expect.
Looking Ahead
From the Netherlands protecting infrastructure supporting its national digital identity platform to the European Parliament choosing a European alternative to Google, governments are sending a clear message: control matters.
For registries, the conversation extends beyond data residency and cloud hosting. It raises fundamental questions about authority, trust, and relevance in an increasingly connected world.
The future of digital government will be defined not only by innovation and connectivity, but by trust, resilience, and sovereignty.
Because in the digital age, sovereignty is not just about territory.
It is about data.
And for modern registries, it is about ensuring that the trusted source of truth remains trusted, even when the data itself is everywhere.