Open Is Sovereign: Why Europe’s Digital Future Must Be Built on Global Open Source Ecosystems

By Gabriele Columbro, General Manager, Linux Foundation Europe

Across Europe, “digital sovereignty” has become a defining political and economic priority. The concern is real: in an age where code defines competitiveness, no nation or region can outsource its technological destiny. Yet too often, the debate around sovereignty is framed as a binary choice between global collaboration and regional control, essentially between openness and protectionism. That’s a false choice. True sovereignty is not about isolation; it’s about mastery of critical resources based on a full understanding of how modern software is built. And for the digital realm, the surest path to mastery runs through open source. So, the question is – how?

The False Dichotomy of Open Source vs Proprietary

In order to grasp how open source can productively lead to digital autonomy, it’s important to move past a common misconception: too often open source and proprietary software are positioned as polar opposites, as a hard partition of the modern tech landscape, whether it be in terms of security or quality. The reality is that most proprietary software is built on open source (from 80% to 95% of any given product depending on different research) and, on the flipside, that the most impactful and sustainable open source ecosystems (think Linux, Kubernetes, Pytorch) thrive because of a lively ecosystem of commercial product and service companies. These businesses are indivisibly based on those projects, and their incentives are therefore aligned to massively contribute sweat equity and funding that keep those upstream projects not only sustainable, but ever innovating. The numbers are staggering, as Harvard Business School estimated ~$7.7B of corporate contributions go into open source globally every year. 

Source: https://opensourcefundingsurvey2024.com/

This realization leads to two important consequences:

• Regional commercial solutions built on global open source pillar are not only viable, but should be something Europe encourages to sustain the circular nature of open source ecosystems
• The viability of a software product, e.g. its security, is a combination of that of its underlying components, whether proprietary or open source

Openness is Sovereignty

Now, there is widespread understanding that open source isn’t a threat to European sovereignty, rather, it’s the foundation of it. The transparency and auditability built into open source code ensures that no government or company, no matter how large, can unilaterally dictate the terms of Europe’s digital future. After all, open source has always been the prime insurance policy against vendor lock-in, because the fundamental rights OSS is built on – the legal ability to inspect, modify, and reuse code – provides a permanent safeguard against technological dependency. That is the ultimate check on foreign control: the freedom to adapt technology to European values, standards, and needs. However, the “right to fork” is insurance, not the baseline. 

Once the circular nature of the sustainable open source ecosystems is understood, it’s quite consequential to advocate for Europe’s active participation in - and ultimately to shape - the global open tech ecosystem, rather than create its own, isolated version of projects and structures of governance.

Choosing a “homegrown but closed” system over a globally developed, open one would be a paradox, akin to trading one kind of lock-in for another. Europe’s aim should not be to build digital walls around the continent, but to strengthen the open digital commons on which modern economies depend and improve the conditions for regional commercial open source players to emerge.

The Global Race for Sovereignty in the Age of AI

Europe is not alone in this realization. In the United States, open source AI models are increasingly recognized for their geostrategic value, with policymakers urging federal support for open ecosystems. In China, state-backed open initiatives like PaddlePaddle and OpenEuler are pillars of national self-sufficiency strategies. As Sam Altman recently remarked, “If we didn’t do it [“open source GPT5”], the world was going to be built on Chinese open source models.”

Europe must not sit this race out. While calls for “Buy European – from Eurostack to homegrown sovereign clouds – are more than understandable, calls for “European only open source” risk fragmenting the very ecosystem that gives Europe a vital chance to build viable local commercial alternatives based on global open source innovation. The alternative, i.e. missing out on those $7.7B / year contributions, is simply unsustainable, especially in the era of AI characterized by massive private and public technology investment.  

Fragmentation does not create resilience; it weakens it. The focus should be on creating fertile ground for Europe commercial solutions to flourish on the most healthy global open source projects. And Europe knows well how openness supports economic growth and progress. The very idea of the European project, along with its strategies such as the Digital Single Market and research programs, is based on collaboration and interoperability. It has changed the lives of millions of citizens and made it easier for companies in many sectors to do business. The idea of collectively working towards ambitious goals is well-known to Europeans.

Source: Open Source Summit Europe 2025 Keynote: Open is Sovereign - Gabriele Columbro

The Economics of Interdependence

Europe’s open source economy already rivals some of its most strategic sectors. According to the EU-commissioned study, open source contributes €65-95 billion to the EU’s GDP annually, and a modest 10% increase in contributions could add another €100 billion. A 2024 Harvard study valued the global open source commons at $8.8 trillion, an asset so large it would cost more than $4 trillion to rebuild from scratch.

To cut Europe off from this shared inheritance would be an act of self-sabotage. The goal should be to capture more of that value locally, and to grow and sustain European commercial open source companies that build products atop the commons. Per the State of Commercial Open Source 2025 Study, this is not just the right choice from a digital sovereignty angle, but a very smart one to build economic value. Commercial open source firms already outperform their closed source peers, with higher valuations at every funding stage and superior exits at IPO and M&A. Europe has more developers than the U.S., but 4x less venture funding for open source startups. Bridging that gap could turn sovereignty from slogan to a concrete strategy.

From Vision to Execution

My key message here is that Europe can and should do better at generating and capturing value out of the amazing open source talent pool it has, and that cannot be left only to the public sector to fund, but must come from creating a virtuous cycle based on the alignment of policy, public and private sector collaboration and investments. 

While initiatives like Germany’s Sovereign Tech Fund and emerging calls for an EU-level Sovereign Tech Agency are vital, as they aim to support the existing ecosystem and not to ‘rebuild’ what cannot really be rebuilt with one initiative or funding program, they can’t be the end all be all. 

Public and Private funding, like the ScaleUp fund, should make scaling (not rebuilding) commercial open source a center of their investment thesis. Traditional industries, like we’re seeing in FINOS, Sylva, LF Energy, Margo, should continue on doubling down on becoming leading supporters and influences of open source, not passive consumers.

Finally, public procurement should also favor open, interoperable systems, ensuring taxpayer euros build technology that remains accessible to all Europeans. Importantly, whether it means direct consumption of open source or commercial products and services which build on and truly support upstream projects.

Conclusion: Europe’s Strategic Opportunity

Europe’s advantage lies not in going it alone but in leading through openness. The continent’s tradition of individual-first and pluralism makes it uniquely capable of defining what human centric, transparent, and secure digital infrastructure could look like. 

If Europe invests in maintaining the open digital commons – from foundational security layers to AI models and data infrastructure – AND in scaling its engine for capturing value out of it, it will have the best chance to succeed in its worthy digital autonomy goals, while creating economic value and opportunities in the region.

And call me an optimist, but I think this is perfectly feasible by simply making open source front and center of existing EU initiatives which already have the highest level of visibility. It was very encouraging to see the EC President Ursula Von Der Leyden opening her address at Italian Tech Week with the story of the two Italian founders of Kong having to seek funding in the US to build what later became one of the leading API platforms in the world. Our job is to remind her of something that didn’t get mentioned: this is a commercial open source success story and the next one can and should happen in Europe.

Building Together

At Linux Foundation Europe, we see this every day – from the most successful open source ecosystems like Linux, Kubernetes and PyTorch, to industries like energy grids modernizing with LF Energy’s open platforms, financial institutions collaborating under FINOS and developing open AI governance frameworks, telecom and cloud providers aligning on truly sovereign architectures like NeoNephos and Sylva.

These are not European projects in isolation; they are European-led projects shaping global systems. This is what sovereignty looks like in the 21st century: shared governance, transparent code, and open collaboration that ensures no single entity, public or private, controls the digital future.

Europe’s digital sovereignty will not be built behind walls. It will be built in the open.

Linux Foundation Europe Annual 2025 State of Open Source in Europe Report