As Europe navigates growing geopolitical uncertainty and shifting technology dynamics, digital sovereignty has become a critical priority for governments and enterprises alike. In this exclusive conversation, Thierry Carrez, General Manager of the OpenInfra Foundation and Linux Foundation Europe, shares insights on the role of open source infrastructure in strengthening resilience, reducing dependency risks, and shaping the future of sovereign cloud strategies across Europe.

1. Why is digital sovereignty becoming increasingly urgent in Europe?

Digital sovereignty has moved to the top of the agenda in Europe because of growing geopolitical and economic uncertainty. We’re seeing long-standing alliances being questioned, and the terms of global technology and trade shifting more quickly than many organizations are comfortable with.

But it’s not just geopolitics. There’s also a growing awareness of dependency risks—whether that’s pricing changes, licensing shifts, or strategic pivots from large vendors. When critical infrastructure depends too heavily on a single provider, organizations have limited options when those changes happen.

Governments and organizations need to assess their digital dependencies, understand the risk they are exposing themselves to, and think about ways to increase their resilience.

2. How does OpenInfra support sovereign cloud deployments?

OpenInfra provides software that organizations can use today to build and operate local infrastructure. It’s mature, it is widely deployed. There is no need to reinvent the wheel.

What makes it particularly powerful is how it’s built. This is not software controlled by a single vendor. It’s developed through open collaboration across a broad ecosystem of companies. That means organizations are not tied to one provider’s roadmap or business decisions. This is the best technical solution to achieve sovereignty.

We also complement that global model with regional engagement. Through initiatives like OpenInfra Europe and OpenInfra Asia, we work directly with local stakeholders to address specific challenges—whether that’s talent development, regulatory alignment, or ecosystem gaps—while keeping the underlying technology global and interoperable.

3. What role does OpenStack play in European digital infrastructure strategy?

OpenStack is already at the core of many sovereign cloud initiatives across Europe. It enables organizations to run cloud infrastructure under their own control, while still benefiting from the innovation of a global community.

You can see this in real-world deployments. Major European providers like Deutsche Telekom, OVH, and others rely on OpenStack to power their public cloud offerings. Public sector private cloud initiatives—such as France’s NUBO project—are using it to support sensitive workloads. And as presented in KubeCon keynotes, SNCF leverages an OpenStack private cloud to achieve strategic autonomy.

We’re also seeing organizations reassess their infrastructure choices more broadly, particularly in response to pricing and licensing changes in the market. In many cases, that’s accelerating adoption of open, community-driven platforms like OpenStack.

At a strategic level, it gives organizations something very simple yet very important: control over their infrastructure, without giving up the benefits of global collaboration.

4. How can open source infrastructure help organisations meet regulatory requirements?

Open source aligns naturally with many regulatory requirements, particularly around transparency and accountability.

Because the code is open, organizations can inspect it, audit it, and verify how it behaves. That’s increasingly important as compliance expectations grow.

At the same time, regulation itself is evolving. Frameworks like the Cyber Resilience Act are pushing companies to take more responsibility for the software they use, including open source. That means understanding dependencies, engaging with upstream communities, and contributing to maintenance and security.

If approached correctly, that’s a positive shift. It strengthens the overall ecosystem by encouraging more active participation and better security practices across the board.

5. What trends are shaping the intersection of open source and compliance?

The biggest shift is simple: open source is now part of mainstream regulation. It’s no longer something legislators overlook; it’s something they actively address.

Two broader trends stand out.

First, there’s a move toward more sustainable, collaboratively developed projects under neutral governance. Organizations are gravitating toward software that isn’t dependent on a single vendor or small group of maintainers.

Second, we’re seeing a rebalancing of where value sits in the software stack. As new technologies—particularly AI—change how applications are built, there’s more focus on the underlying infrastructure layer. That’s where long-term stability and control really matter.

6. How do you see OpenInfra evolving under your leadership in Europe?

Our focus is increasingly on two areas: strengthening ecosystems and engaging on policy.

On the ecosystem side, one of the biggest challenges we see is talent. There’s strong demand for people who know how to operate infrastructure using open source technologies, and that’s why we’re building closer partnerships with universities and educational institutions.

On the policy side, open source is now part of the regulatory conversation, so we need to be actively involved. That’s a key focus of our work with the Linux Foundation—to ensure that policymakers understand how open source is built and how to engage with it effectively.

At the same time, we remain focused on the long term. Our goal is to ensure that open infrastructure continues to provide a stable foundation for whatever workloads come next, whether that’s AI, containers, or something we haven’t yet anticipated.

7. What opportunities exist for enterprises leveraging open source to strengthen digital sovereignty?

There’s a very practical starting point: understanding your dependencies. Organizations should take a close look at how they consume software and where they rely on externally controlled services.

If they already use open source software, the opportunity is to move from passive consumption to active participation—engaging with the communities behind the software, contributing where it makes sense, and building internal expertise. Participation is key in achieving sovereignty.

The broader opportunity is that open source addresses several challenges at once. It reduces vendor lock-in, supports compliance efforts, and provides resilience against both market and geopolitical shifts.

Ultimately, it allows organizations to maintain control while still benefiting from global innovation, which is exactly the balance that digital sovereignty requires.