 All right. Hello and welcome to another edition of Open InfraLive. This is a show that the Open InfraStructure Foundation puts on every week about an hour where we highlight all kinds of different things. It could be infrastructure, it's open source, of course, and lots of use cases, all kinds of interesting conversations and dialogues that we want to have. In an era when infrastructure and open source is certainly affecting everybody's life as we know it on a daily basis. My name is Johan Christensen. I'll be your host for the day. I just wanted to start by saying that this is a live stream, so we would love to get some questions from you and we'll certainly bring them up either in the conversation or we'll do that at the end of the conversation as well or at the end of the dialogue. We have two interesting topics. One topic, I guess, that will meld into each other, so to speak. So we'll talk today about digital sovereignty, something that I know at least in Europe is being talked about in a big way. There's a lot of current events that are happening that are highlighting that even more today. But we're also going to meld that in to say, how does open source play into digital sovereignty and what kind of role will open source play going forward for that and are there other possible ways for digital sovereignty outside of open source? And to discuss that, I have a panel, a great panel I would say, where three different people. We have Pierre Goliere, which is the CTO of Gaia X. We've got Kirk Garloff, who is the CTO of the sovereign cloud stack. And we have Linda Sieve, who is the Chief Commercial Officer at Bineo, which is a public cloud provider, using a lot of open source, I know. So I'll tell you what, we're going to start off here by allowing all of them to give a little bit more information, a little bit of personal introduction before we kick off some of the questions and dialogue. So why don't we start with you, Linda? Yeah, hi everyone. Great to be on this panel. I've been with Bineo for a bit more than a year now. Previously I worked a lot with the digitalization of companies. I work with the development of digital services. So this is the first time actually working with the core, the base, the actual infrastructure, enabling all of this innovation. So a great year and a half with Bineo and looking forward to working even closer together with you guys and the Open Infrastructure Foundation on these topics. Awesome, awesome. So Kirk, tell us more. Yeah, well, thanks, Johan, for inviting me. I got started in open source a long time ago. It was this point in my life when I realized IT will affect everything in our life and it's only becoming more and more important. So I said, well, I want to make sure I have some of those things under my control and then I was taking a bit broader view and said, well, actually it should be under the control of the users that are affected by it, right? So I started working on Linux, contributed to the Linux kernel, worked a long time for SUSE built up engineering teams there and then in 2011 I shifted my focus to cloud because I said, well, that's probably the next big thing where we need to make sure we have control and don't lose control to proprietary companies that may have slightly different interests than what is the best for every of the users. And that's what I'm doing now. I mean, I've built some clouds. I've been the chief architect for the Open Telecom cloud and now with sovereign clouds that we're trying to build an initiative where we kind of network some of the providers together to deliver cloud infrastructure together to build it together but also to build operational things together. Alright, thanks so much. Maybe to kind of hand over to Pierre. Alright, that sounds perfect. Pierre, jump in there. Thanks, Johan. Yeah, thanks, Claude. Well, my side, just a French guy living in the north of France. I've worked in many countries including India, Yemen. Last one was Estonia where I lived five years. At the core you have a software developer, work there in a real-time system, Skype for business, Greek computing when I was working at OVH cloud, so deployment of a lot of infrastructure, big fan of automation, probably because it's scale but also because I'm lazy. I used a lot of open source software. So I'm used to deep dive into large source code when required and otherwise to do reverse engineering. Super excited to be there. Yeah, I have John Geix as a journalist at CTO last March. Alright, fantastic. Yeah, we all hear a lot about GAI-X and I don't think everybody understands everything about it so I'm sure we'll dive into that a little bit here as well. Pierre, you'll get a chance to explain more about it. But why don't we start with one just overarching type of thing, which is digital sovereignty. I believe it means something different to a lot of people. So I would love to take two seconds in getting your take on digital sovereignty as in what your think the definition of that is and what does it mean to you. And I think it's kind of interesting. So we've got three people here, of course. We've got Kurt, German perspective. We've got Pierre, the French perspective. And Linda, I know you reside more north where the sun barely... I know the weather's not always great up there in Sweden. So we'll get the perspective. Pierre, why don't we take you to start? Digital sovereignty, what does that mean to you? And also, how do you define that? Yeah, so I mean to try to maybe put it short, I think there's two main aspects. One is, I think a lot of the IT systems we built today are really built around data processing data, having access to data, analyzing data, building business models on top of data you have available. So a very important question is, who controls access to that data? Is there a way to kind of manage that? And I would connect the second question to that. I mean, building the systems that work with the data, do you have the technological sovereignty to understand... So you can change those systems according to your needs. You can build them. You can create innovation to kind of build on that data and systems that do a better job, a different job in data processing. So those are, I guess, the things where I said, sovereignty is the ability to have control over the data and over the infrastructure systems that deal with the data. So that would be the summary. So are the different types of digital sovereignty, so to speak, you have a technical aspect, you have maybe higher levels of that, or is it all of it, the data, the processes, and the tech? I mean, ultimately, you would want to aspire to have all of that together. I don't think you can, on the long term, have maybe control over data but not have any control over the technology that works with the data, because I think that won't work on the long term. No, I would agree with that. All right, so Linda, what's your thinking there about digital sovereignty? Well, Kurt, you mentioned the word control, and I agree. I think it's a lot about control, and depending on what type of person you are, the word control can be either positive or negative. But if you see it as independence, perhaps, and the ability to do and act in a way that's good for you, it could be you as an individual, it could be a company, it could be a public authority, or an entire country even. So to me, sovereignty is really about being in full control, and obviously digitalization, it's about data, and you need to be able to be in control of your data, for me as an individual with data integrity, but also all of those layers that I spoke about earlier, the companies, the society in a whole. And it matters a lot because we can't be dependent on others. When it comes to technology, it's the core of our society. It's a matter of national security even, and today we can see that national security issues take place on sort of the cyber arena. So digital sovereignty is about being smart about who you give control to. And to me, sovereignty, if you want to sort of the other side of the coin or to turn the perhaps negative word of control, let's talk about collaboration, which I think is what this is about in the Open Infra Foundation. So control through collaboration, I'd say, is sort of key to achieving that digital sovereignty. All right, national security, yeah. It's broad and it's becoming something that's even broad, I would say, as we move forward. So Pierre, in your mind, what's the digital sovereignty and then how does it relate? I will define sovereignty as the other side, being able to take a decision, being able to take, to have the choice and to be able to choose what choice you want to have. I will abstract that not only to data, but also infrastructure licenses. We can recall what happened like, I think it was nine months ago when the last US administration said to a giant in China, Huawei, sorry, but you cannot use any more software being produced in America, Google. So Huawei basically lost any type of digital sovereignty. It's not about data, it's just being able to use one of the major license that can run on their mobile. You had the same thing during the Gulf War with Intel ships. So it happens regularly over time that we lose this ability to control what's happening within our ecosystem. So digital sovereignty, that means that it's broader than data. Okay, so now if we assume then that, yeah, so if we focus in on Europe, but I do believe this goes way beyond Europe, like does that mean we're going back to, for the last 20, 30, 40 years, it's been all about globalization, right? You have supply chains that if you call finacea, you get a cold in the US type thing. Your definition here, the control aspect, what does that mean going forward? Does that mean that all countries need to separate again completely? Or do you see this global world being able to continue and yet have that control? Or Linda, what are you saying? Yeah, definitely. So for me, really, I go back to the word collaboration, but I think it's about formalizing that collaboration where I think in the IT world or the digital world, I think collaboration has been from day one, the way of working, but I think now that needs to sort of formalize out into the broader society in terms of politics, regulations, et cetera, so that we don't get this perhaps naivety of technology or technology providers or anyone who's in that sphere, just to leave it up to them, to us, to solve everything. Everyone needs to work together. All of the layers of society need to work together to achieve this, so that's why I think the sort of more formal ways of collaborating in actual organizations or initiatives are crucial because we can't all go back and start playing defense too much on our own individually. That's not going to work. So we need to collaborate and also seeing now you touched upon the current events in Europe that at least affected Sweden a lot with cyberattacks and ransomware. Obviously, there are other powers and sources out there collaborating to do and not so great stuff, so we need to collaborate on the other end to achieve actual innovation and growth and prosper. That collaboration includes the politicians, right? We've got all these laws that's becoming a very complex world to do anything IT today and not break some law somewhere. All right, so listen, I think that sounds great. Control is the name of the game, I guess, for the good of control. Control doesn't necessarily in my mind sound great, but in this case, of course, it's a big deal. So I'll give all three of you guys a chance also to relate to what you do in your sense in asking what's important in what your work is, the work that you do and how that relates to digital sovereignty. So, Kurt, SES, Southern Cloud Stack, how does that help and relate to digital sovereignty? So, yeah, thanks for the question, Johan. A few thoughts on that, one of them, and maybe that also relates a bit to the question we just discussed. I mean, one great way of collaborating across borders, across the world, is to use open source software, you can work on that together and still give the consumers of that source code a lot of control. And it doesn't matter what country it comes from, so borders are not relevant if you're doing open source, and that's a really great aspect. Of course, open source helps with a lot of things, if you think about sovereignty. I mean, having access to source code gives you an ability to change it, to inspect it, to study it, to learn from it, to adjust it to your needs. You have this transparency thing that gives you control. So, this is something we heavily believe in. And when we say open source, it's not just kind of access to the source code, it's also access to the community that builds it, it's access to the processes, how you take decisions and make that open and transparent. So, I think that helps a lot with sovereignty. And then, of course, based on that code, you can create platforms, you can collaborate on building them, on operating them, and that creates choice. So, you have an ability to use that code yourself to build your own software stack to run it yourself, or you can go to many different companies that can do the same and choose which one does best fit your needs and provides the exact level of control that you need. Okay, and Southern Cloud Stack, so to speak, helps you put that together. And it's all open source, as I know it, of course, just like you're saying. And it makes it easier for anybody, really, who wants to start to provide services that are following certain rules, making sure that all the regulations are taken care of and so forth, and be able to do all the good things that you just said. So, Southern Cloud Stack, like that? I think that's a great summary. I mean, operating a cloud container infrastructure stack is a difficult task to do. And if you want to do that, you need to build a significant team that has all those skills. If you do it alone, you need to be a significant company in order to do a reasonable job. If you do it together with others, and we're trying to kind of organize that network, you can do it with a reasonably-sized team, and you can then concentrate on some of the innovative special things that you want to do, and you don't need to solve all those problems yourself. Sounds good. So, Linda, Bineo, you guys are a public cloud provider in Scandinavia, and how do you see it? So, from a supplier and customer perspective, digital sovereignty, are you getting questions around there from customers? Is it a thing out there in the market, or how do you see it? Not really. Obviously, I mean, today, mostly what it's about is just bridging the gap between the expectations on innovation and speed and existing IT. That's what it's about for most people that we talk to. They just want to know how they can develop faster and better. And so, obviously, digital sovereignty is not on their agenda. But I think awareness is increasing, especially connected to recent cyber security attacks and ransomware, at least here in Sweden, where I think people are beginning to connect the dots, perhaps, that it's not really that great to depend on too few suppliers. It's not really that great to depend on suppliers and providers that are not local, if I want to use that word on Europe, to our legislation, to our way of doing business, et cetera. So, obviously, people working in IT, they've been in a global community for a long time, so they know that it's vulnerable, that there are vulnerabilities, obviously. But I think the speed of innovation is so... Everything is happening so quickly now that I think if they don't have to think about it, they prefer to sort of just... They just have to keep on running. So, I think that's why it's so important for us as a provider to be the ones taking that responsibility because we're providing them with the services. We have to make sure that we think about it, because it shouldn't really have to be for the customers to really dwell too much on that. So, in your mind, is digital sovereignty maybe something that nations are thinking more about right now on a grander scale, a bigger level, or your customers are more like, listen, GDPR, the laws, there's certain things I've got to take care of here and now digital sovereignty is a little further away from my agenda, so to speak. Is that right? Yeah, I'd say that until perhaps it's something that comes closer to home. They're thinking of using a system or a provider that's been affected or anything. But I mean, obviously, we have a big span of customers, everything from the sort of startup scale-up to public authorities, et cetera. So, there's a huge difference, obviously, public authorities and the public sector in general. They have a lot of concerns about this. So, at Pinero, we have a big, a large span. So, but I'd say the more sort of startup scale-up, the really sort of digital scalers, they most often do not think about this. Okay, okay, gotcha. All right, Pierre. So, from a GAIAX, GAIAX, of course, being the talk of the town in Europe, at least if you're in the industry, a lot of people have heard about it now, started in Germany and France has taken off in a big way as well. I know several countries are at least looking into it and wondering what the heck is that and what's going on down there, so to speak. So, maybe just two seconds around GAIAX. I think it's something that's important for everybody to understand. And then also, GAIAX, then, is that all playing into this digital sovereignty or tell me a little bit more how you see it? So, for the first question about quick presentation about GAIAX, we went, as you said, from 22 members at the beginning of this year to more than 270, if I remember correctly, and I have the latest members. We do have companies from European, most of the all-European company, we have 14 national hubs, so more than half of all the European countries. And we have also companies that are not all European members. However, 95% of our members do have the headquarters in Europe. So, even if we have non-European members, 95% of them are based in Europe, so we still have these strong principles on European values. Speaking of European values, when you ask the second question about this digital sovereignty and how we translate that, how we will translate that, it's this will to have more autonomy in the choice we can make. And I believe that there are several ways to answer that. Open source is definitely one way to answer that because you can basically dissect the software, expand it, add your own set of features. You can operate it yourself because you might be able to do that. There is another way to also gain more autonomy is through interoperability. And that doesn't require to have open source. So, interoperability between two property stacks, two proprietary stacks can also bring you more autonomy. And that's an answer to digital sovereignty. We have these regular meetings with customers, with members that ask, I want to keep using my own proprietary stack I have. I don't want to change because I have capitalized, I have invested maybe for the last 10 years on it. I have trained my employee on that. So, I don't want to do that. But I want to make sure that in case something happens, I can migrate that workload to another place. I can change cloud providers. And this interoperability and the ability to move workload, to move your data with that, that's a way to gain digital sovereignty without open source. Yeah. Yeah, because of course digital sovereignty is not just technology, right? I think GAI-X puts it nicely in the sense that GAI-X is in the middle. You have players above, players underneath. And technology is one piece of it, of course, as you said, right? There is one, if I may add something also on this, if we look back like what we had 40 years ago, 50 years ago, it was Web 1.0, if I may call it, very centralized with few servers. Then we had this full revolution with peer-to-peer, completely distributed. Then we went back to Web.2 with the cloud and now we centralized everything back. And we are, I think, at the beginning of a new era where we are decentralized things again. And it looks like every 20 years we are going back and forth. Yeah, going back and forth, thank you, between those two modes. And then we have to kickstart about this decentralized one. Yeah, yeah, for sure, for sure. All right, so last thing on digital sovereignty, but a lot of things are happening around us, like in a crazy way, right? Not only is the technology moving at a pace that is mind-boggling, right? There are events also that are happening. And in particular Europe, I think we're, maybe Europeans feel a bit more vulnerable. We don't have any hyperscalers. Linda, you kind of touched on a few things and it becomes a little closer to home when things happen, so to speak. So as we move forward here, these events that are happening, we take one, we talked just before here about this case, I think, right? It's a point of sales software where a lot of customers around the world, literally hundreds and thousands of customers around the world rely on a piece of software that is great in many ways and allows for smooth purchasing. Let's keep it at that. It was hacked and ran somewhere and we've seen that over and over, the pipelines on the East Coast of the U.S. and so forth, JBS, the Brazilian meat company in Australia and they paid the ransom where it's happening all over the place. It's the easiest way, I would say, to get big money at this point. How do we see that effect, so to speak? How does that play into digital sovereignty? Is that part of digital sovereignty in one sense? Or is that just... No, it's playing security for everybody. How do you see that? Kurt, how do you see that? So I have a few thoughts on this. First of all, yes, it is a security issue. So somebody has not done the job properly to secure a service and then hackers have taken advantage of that. I think what we are observing, though, is that the scale in which it affected people reflects the fact that we have allowed our IT systems to become very centralized and that, of course, increases the risks tremendously. I could probably add that if you would use open-source software, you would have a better chance to kind of inspect code and fend off these security issues. I think there's been some research that shows some of that. But I think the main thing here is really decentralization, that kind of really exploded the scale in which this affected us. If you think about a more sovereign world, I would expect to have more distributed, more decentralized systems to be in place, which would help to contain such issues. I think they would still probably occur at some place, but not at that scale. But that's a bit speculative. The world we're trying to build, we don't have it, so we cannot prove it would be better. Well, it comes back to the whole central and decentralized. Pierre was talking about going back and forth. Now we're realizing, oh, we get efficiency from central, and then all of a sudden something happens, like maybe it wasn't smart from another different criteria. What do you think, Linda? Yeah, well, I think two things that really sort of created awareness around, or as a result of this happening. I think, as you say, the scale of things. And also I think because it was something that happened in sort of, not to a company, to private citizens, because it was a food chain, and it affected everyday life. And I think that's what makes it perhaps a bit more real for people. And I think perhaps that's why also people are now perhaps beginning to connect the dots that this actually has to do with national security. It actually has to do with the issue of digital sovereignty and being able to be in control, or to talk on the positive side to being able to act independently the way that we want to, to continue to live and have the society that we want to. So I think people working with this have always known that you can be targeted. And digital sovereignty, I think now people are aware that now you can target an entire country. So modern warfare, to use a very dramatic word, does not have to do with targeting commodities or targeting those types of stuff. It's about technology. So we are a target. So I think that both creates awareness that perhaps digital sovereignty is a good thing to be aiming for so that we're not dependent on other geographic areas to handle what's actually core to our modern society. But I think also again, it raises the question that we should do this together because if you close up, I mean, Sweden talking about digital sovereignty, I don't think anyone wants us to sort of do this on our own. It's about creating relationships and collaborating with others and to solve this. Kind of contrasting words, right? We're talking about some dramatic words on the one side and then somehow collaborating, right? So it seems like it could be a challenge. So let's take in a great question here from, sorry if I squashed his name, Antoinette. He's wondering if, so data privacy as we all know is of course a huge thing and we're all in, you know, the midst of both learning, it seems like there's a new law coming every month, at least if you live in Europe or every so often, I would say, and it's becoming a very complex world. And the question here is then how does that need and of course laws as far as around data privacy, how does that play into digital sovereignty? Like will it play nicely with digital sovereignty? Does digital sovereignty help that? Or do you play that in just like you would play in GDPR into your code today, so to speak? Pierre, what do you think about that? Like privacy versus digital sovereignty? Tough question. On the privacy side and I will say the data usage, right? That's a tricky question. I will give an example of the DSP2. That's a European regulation for allowing banks to tell about your bank's account data. You can use the very same data set, so in terms of CSV file that you extract, in terms of concrete words, to build a personal finance manager that helps you to take your, to do your accounting. And you can use the very same set of data to do targeted marketing, saying you buy two sandwiches in Subway every Sunday, so I'm going to send you ads for Subway. So data usage, right? It's very difficult to enforce and hence the ability to keep privacy. It's going to be as hard as the data use right enforcement. However, I do believe that the law will be always late compared to technology and we do have technical means to enforce privacy such as secure multi-party competition, federated learning, homomorphic encryption, trusted execution enclave. I mean, there are a full list of technical stacks that we can leverage that will ensure privacy way before we can have a law that will force any cloud provider to it. Okay, so technology will solve the data privacy issue. Technology and education. And education, let's add a few things there because I believe a lot of the countries are saying that there's lots of technology out there, right? And it's all great. And it all makes things more secure. It doesn't make it completely secure. I guess that's the question, right? So Kurt, same question to you. So data privacy, do you play that in digital sovereignty or is it completely two separate different things? I think digital sovereignty does help with data privacy because if you take digital sovereignty as a way to keep control over your infrastructure, over your data, it also allows you to keep data private if you want to do so. So I think one of the challenges that we have is using this in a smart way. I mean, obviously the most private thing is not to share any data, not to use any data. And that, of course, will not be a successful strategy going forward because, I mean, a lot of the economy, a lot of the business models you have built on data. And that, by itself, is not a bad thing. But I think the discussion then is one, first of all, you need to have the technology to be in control. And then you need to build the culture, the legislation, the rules that govern that. Also maybe the education to add to what Pierre said that creates this understanding, OK, how can you use it? What are usage ways of using it that are of litigiment that do not violate this idea of data privacy? And which ones you need to be very careful of because you then quickly lose control and people do all kind of things you don't want. And I think there's just the beginning of this, to be honest. Yeah, I think that's one agreement. One of the key words would be transparency for that. Yeah. All right, I'll pose a little different to you, Linda. So privacy and then laws. How does that play with the new? Is that like the major sales pitch today? Or how does it work for Benio and other European companies? Yeah, well, as we touched upon previously, if digital sovereignty is really not on our customer's agenda, I'd say data integrity and privacy definitely is on the agenda, either because it comes from their sort of beliefs and corporate values, or it could be enforced upon them. Some of our customers deliver digital services to the public sector. And quite frankly, they're not allowed to continue to do so in Sweden right now. So they'd go out of business if they didn't move to a European or EU legislation cloud provider. So yes, it's very much on the agenda. And I think the common trait for all of our customers is the will to sort of move forward. That that's what they want to do. Some people perhaps are a bit annoyed with the whole as they perhaps see it debate over integrity and then data privacy. Some take it as just the way of the world and we just need to find a way to move forward and find other providers that can help us do that. So, yeah. Do you find the laws and the new laws that GDPR being, of course, one of a kind, right? But there's a lot of new laws. You know, we mentioned other requirement period, policy and PSE too, and it's just flying left and right. Our customers, are they overlawed? Are they getting too much? Are they understanding it? I think they're understanding it. I think the understanding comes from the fact that, I mean, the laws often reflect a sort of basic culture or a way of viewing the world. I mean, obviously, America has their legislation based on their belief on what makes their citizens most secure. And in Europe, we have a different way of what is security and integrity for our citizens. None of them necessarily, depending on which sort of side you're on, are good or bad. It's just different ways of viewing the world. So I think for some of our customers, it's just a way of sort of, this is the way that we do things. In Europe, they're used to it. A lot of them comes from sectors that are heavily regulated anyway, in terms of it could be... They're used to it. Services providers, banking, et cetera. So they're pretty much used to it. I think the ones that have previously perhaps not been so regulated, they're not working with sort of sensitive data in any way from beforehand. They might feel a bit restricted with... I can imagine, right? Because it's hard to do business today without any type of PII data or GDPR data, right? So listen, we've got a great... It's not just the technology. It's the entire thing. It's the governance model. It's everything. So it's all encompassing. So you have to change the way that you work. And that's always tough. I mean, I think that's one of the biggest things, right? I mean, you follow the laws, you have to make changes and making changes with all those difficulties. So we have a great question here from Manik Selina. Do you think that some policies or regulations should be drafted to push digital sovereignty? I find that very interesting, right? Because there's a fine balance. Europe is now kind of on this verge of like... Nobody wants protectionism, right? We all have seen great things come from the world that we've lived in, at least I've lived in, so to speak, right? And at the same time, I know Europe and I'm pretty sure a lot of companies or countries as well, along with Europe, feels very vulnerable in this new digital era where some companies control all of it. Have we come to the point, like Manik is saying there, have we come to the point that this should actually be a law that you have to have this, that the type of control that you guys have been talking about here, like a nation needs to be able to control the data. And I guess a follow up to that would be then, can you continue to innovate if those types of laws are being put to place? Like, I think we all say, oh, I got to go with Azure or something like that because I need to automate. Pierre, you want to automate your whole life away. And you do that, of course, to be able to innovate faster, right? Everything becomes a matter of time and how quickly can we get the next feature out or the next business case or model, whatever it might be. So should governments step in and push digital sovereignty? Is it that important? Kurt? Let me give you maybe two answers. I think regulation in general has like this, this con notion to it that people believe, well, things get very complex now and you regulate everything. There's not going to be competition and then this kind of stifles innovation and you cannot collaborate with others anymore because you're all buried under regulation. And I think there's a danger to do regulation in a bad way that this happens. I would argue actually that regulation done the right way, actually will enable competition. I mean, we have kind of a history of building cultural rules and laws around that that govern how private property is handled and those are well established and they actually enable a lot of competition and they have been behind the growth of our economies during the last few hundred years. So I think regulation done well is a very good thing and it helps competition. I think we need to have this thought that regulation is always bad because stifles competition is not a true thing. So it needs to be done the right way. I believe that antitrust would be another set of laws we have kind of learned to establish and I guess if you think about digital sovereignty, maybe some of that is actually inspired by antitrust. I mean, we have this big, big concentration right now going on in the way IT works and maybe we need to have some regulation that kind of limits that and gives innovative companies a chance to compete and to have their place next to those large companies. So I believe it's the right time to think about regulation but it needs to be done in a clever way. Okay, okay. So Linda, what do you think? Is it time for Sweden to put laws in place so that this actually happens or will the market figure out its way? I guess I agree with you, Pierre, on legislation always sort of being behind the technology and behind the development. And as you mentioned, Kern, I mean, other important legislation and regulations that are actually part of everyday life and it's functionally well developed during a long time and the issue now is that technology and digital development is so fast happening that it's difficult to legislate in the same type of pace because it's a very special thing to regulate. So it's a double-sided coin, I think, spending a lot of time on regulations and then just completely missing the target. I think it's always, it could perhaps be naive and perhaps on being a bit too positive but I think the initiative needs to come from other important entities on the market. It could be type role model types of companies or perhaps organizations within the public sector or other significant players on a market that sort of lead the way and show how can you have sort of better control, how can you have a more aware, like digital sovereignty, aware way of evaluating your entire production chain, so to speak. So I think it has to come from both sides that I don't think things are not going to change if we people, companies, organizations that are actually using the infrastructure and developing upon that infrastructure change. And so I think it will be a combination, I guess, of legislation and sort of other initiatives. So it's a bit naive to depend on the good forces of society but I think we've come together before and done great things so I'm thinking that's going to happen again. I'm seeing a way of avoiding the questionnaire a little bit. This is clearly not a yes or a no type of thing. Let's do it or let's not do it. It's like, yeah, maybe it's done right. Then again, as we know, EU can take 10 years to come up with a law so to your point about technology moving a little faster and so forth. Pierre, I will skip you as far as that question goes. So we'll move into a little bit of open source, time flies when you're having fun so just want to make sure we move on. And I do want to ask you guys a little bit about the future as you see it, you guys represent some cool areas of your organization, so to speak. So we'll get into that as well. So Pierre, open source, what's your take there? Kurt clearly touched upon it. There's tons of good things we can talk about around open source and how it can help digital sovereignty. Open source could even be maybe the only way forward for whatever you do, so to speak. But how do you view open source and digital sovereignty and how does it help? How does it play along? And maybe even as far as GaiaX, I know it's not just code there, but how does it play along with GaiaX as well? For me, the evolution, first of all, yes, open source is really important. I value that a lot. And regulation only will not be so able to solve that. I believe that open source, as we've stated before, that's the way to gain autonomy. And that's transparency. You cannot have any type of control or any type of understanding of what's happening, for example, with your data, if you don't have transparency of who is going to use it, where it's managed, where it's hosted, and so on. So to have this, and when you add transparency, autonomy, and so on, basically you start to build something that we call trust. And we talk a lot in GaiaX about trust. But trust is not something that you can buy or decide from a technical point of view. And this is something that Linda, you said, that's the entire way of the governing model, the governance model that needs to change. And the way you think about how you will do business needs to change. If I have to summarize GaiaX in one technical sentence, that will be, at least for the version one, meaning the first year, that will be a transparent access to structured and verifiable service description. That's all. Transparent because you want to know what's happening. Structured because you want to be able to compare APLs and APLs. Otherwise you will have no way to have inter-probability, for example, and verifiable because if you claim that you are certified, you want to make sure that you are really certified by what you claim. And for me, the evolution of this open source thing will be the open source movement, will be how you, which governing model you put with software in general. And I believe that we need to be way more open and transparent than what we do right now. And that's what GaiaX will do. And so pitching a bit for myself. No, no, of course. But would you say that open source in and around infrastructure right now is even more important than open source in general, or I'm talking about digital sovereignty? Yeah. So digital sovereignty, as we said, there is several layer open source that could be your application. So your software, is it like the BIOS that you have on your motherboard? Is it the BIOS that you have on your hard drive? You can have everything which is open source until the OS. And then if you have private close source code BIOS or bootstrap binary code, basically you do. I mean, it's either all in or nothing. I mean, of course we cannot be so binary and black and white, but digital sovereignty will always need to put a cursor of where you want to stop. I mean, where you accept to delegate the trust to someone else. That's the notion of trust basically. As long as you don't trust, I think that open source is a great thing. And that at some point you need to delegate that trust to someone else. Okay. Kurt, what do you think open source? You kind of started your little bit there as in why open source is important. But I think it's worth while reiterating it. I think it was some great words. Kurt, would you just elaborate how you see open source to your sovereignty and the combination? Yeah, I kind of touched, great question, Johan, I kind of touched already on the aspect that you have transparency into the code. You can change it. You can investigate it. You can learn from it. I think that's important. If you look at the reality of large software projects, some of that is theoretical because there's so much code out there you will not be able to kind of do all of that yourself, right? So in the end, I think it's what you do is kind of you look at the people that do it. You can inspect some of the work they do. And then you know, okay, I can trust these people. So I don't need to inspect all of their source code. And you understand how those communities work. You see those communities out transparent. So you have, you start trusting more in the process and the people that build it than just having the ability to look at all the code yourself. So I think that's the next level. You build kind of a system that produces something that can be inspected, that can be trusted, but you don't need to establish the trust all yourself. I think that is an important evolution. I mean, as the code base grows that we have. And then follow up to that then. So I mean, you know, one thing is the infrastructure. Okay, I'm putting my data in a certain location. I have, you know, to Pierre's point, technology all around it. It's encrypted. It's everything. How if it's proprietary, how do you guarantee that the software itself is not sending all kinds of data back? Like how do we get that transparency unless you can see or view code or audit it in some shape or form? Is that even possible? Kurt. You can do a lot of work to kind of establish trust that you cannot fully inspect. I mean, trust is not a binary thing, right? I mean, and I said, you will not read all of the code and understand it. So you will not get 200%. I think you can do a lot of work in order to establish some level of trust to non-open source things as well. I think you need to invest a lot more work and you need to trust a lot more people that are outside of something you can really inspect well. So I think it's a lot more difficult, but it's possible. I mean, it's just a lot of work. It's interesting questions, right? You go down one rabbit hole, you come out of another one that you just created, right? So it's interesting. And to your point, Pierre, you know, the stack includes hardware and so forth. So it's a challenging topic. So no doubt, I think we're in agreement with open source plays a huge role going forward. Digital sovereignty seems to be an awesome mix. I would say if I listen into all of you as far as that goes. So let me just ask a couple of questions here. So I guess every era you live in, so to speak, is very interesting. But I think from a digital perspective where we are today and some national things going on and all these current events that we talked about hacking, spying, you know, digital isn't its infancy yet. It's being used already in ways where we're just getting a taste for what might come. Linda, you used some dramatic words there. And who knows? I agree with you. I think that we're moving towards that direction. And I think digital sovereignty from a political perspective is probably moving up the agenda from that perspective. But how do you, and I'll give it to all three of you, is how do you see the future, so to speak? And when we start with you, Pierre, how do you see the future as far as digital sovereignty? And I'd love for you to touch on GaiaX as well in the sense of saying, will everybody embrace GaiaX? Will it be a truly European thing in your mind? Or will something else come along, so to speak, right? Like where will we stand in five years when it comes to digital sovereignty in Europe? Pierre, you go. My take will be on... So I will oscillate on the decentralized side of it where we have truly decentralized autonomous organization that are able to put the user back in the middle. And that will answer the privacy, the transparency. I mean, you cannot have trust with transparency. What we do as an example of people that complain about blockchain and so on, because decentralized autonomous organization are based sometimes on DLT, distributed ledger technology. People that don't understand the technology, today's when you have two companies have a contract, together a legal contract that you sign, that's basically a proof of stake. What you have in the contract is that if you breach a contract, you will pick me this lump sum in case you breach it. That's exactly the same thing that you have in a blockchain when you have proof of stake. And that's what the best we can do in the digital world and what we do right now. And I do believe that there is far better way to scale data extensions, to scale service deployment interoperability than just doing these kind of basic primitives. Do that, otherwise if you breach the contract, you will pay that amount of money. So to answer this need, decentralized autonomous organization for me will be the way forward combined with open source. A bit very extreme point of view. Of course, that will be that we need to go there in a smooth way. In your mind here, yes or no, will Europe in five years have digital sovereignty on a government level, at least some of the countries? Some of the countries, yes. All right, Kurt, you go. First question and then we do the second one. Kind of building on what Pierre said, I also have this vision that we will move to a much more decentralized world than we have in IT today. So I have this idea that we have lots of different infrastructure environments, clouds, container environments at the edge in data centers, somewhere in the middle between those in the continuum. And they're using some of the same open source software tools to be put together and they're built in a way that they interoperate. So you can actually move between them and use them as one large virtual infrastructure and you don't need to rely on a central entity to kind of provide all your needs from edge to global data centers. But you can actually consume that for many different sources, but those sources collaborate on how to build these stacks, how to operate them and on kind of making sure for the users it really works. It's compatible, it's interoperable and often really builds on very similar software or some of them, I mean, collaborate and build exactly the same base stacks and then put some differentiation maybe on top. Okay. And on the second question there, five years out, yes, no, will Europe, have we achieved digital sovereignty in the way you define it? I still, I think we will be in the middle on our way to get there. So we will not be at the end goal in five years. And before I move over to Linda, of course, I listened to this control thing, is blockchain going to be part of that decentralization? Kurt? Oh, sorry. I don't know. I think blockchain has a few very, very good properties like the ability to establish trust without having all the people come together and somehow have another way to establish the trust. So I think it's going to be part of it. It can help it. But I think right now, talking to people about blockchain, I think 95% of the people talking about it don't really understand it, including myself. So I think that's a problem we need to overcome before it can be used to really help. Yeah, that's interesting. Because it's a trust issue, right? And we mentioned that you've got to earn it over time. Well, maybe with blockchain, maybe we don't have to have that time, you know, again, in the essence of speed. All right, we'll leave that. So Linda, what do you say, as a public cloud provider, you know, the next five years, how do you view that? And I think from your perspective, you know, of course, it's digital sovereignty from a broader perspective. The laws and how that plays in, where will Europe be in five years? Well, I mean, I've touched upon it before, but the most sort of sought after what we encounter at Benito when we talk to different customers with market is their will to move forward. And I really do hope that with the emergence now of this entire new sort of industry, where organizations will actually be able to move forward and forward in the sense of modernizing their ways of working by moving, for example, to the cloud, it will be a real possibility. It is even now today, and I think the awareness is increasing out there that we can actually move forward if moving forward means going to the cloud with a local or EU compliant or regulatory accepted provider and other complementing infrastructure in different types of hybrid solutions. So I do believe if we will be entirely there in five years, I mean, things move fast, but I think in the speaking of this big project or task or goal, five years is probably a short time. But I do think that we will be on our way at least in more and more organizations being aware that it is actually possible. It is necessary, and it's not just about the negative side of things, the control or making things more secure. It's actually about becoming more innovative, being independent, deciding on your own journey, growing the way you'd like to, working closely together and doing so. I think that's a great addition there. In the midst of all this, and I realize it's super important, particularly from a national perspective and so forth, but let's not forget where this digital transformation that we talked so much about, where that came from, it's all about innovation, right? In a digital world, we need to be able to act faster and that's where that comes from. So question to you there also. So in five years, Linda, will Europe, do we have what we would call digital sovereignty in place? Close, I'd say. I'm not really the one to judge. I'm looking at other people here on this panel too and thinking that perhaps together we would be able to do it. But it's not really my expertise to say so. All right, so listen, we got a great question here. Before we end, I definitely want to just make sure we get this one in. So from an open source perspective, we got the question from Parthik Arlos, and he's asking that, you know, has it not become more and more difficult to get into open source? You know, the basis is that it's set very high. Will that make it even more difficult in the future? So only select few will be able to join and actually work on open source or how do you guys see that? I'll leave that for Pierre and Kurt to answer. Let's start with you, Pierre. No, I don't think that will be harder and harder. I think that and I used to deep dive in the source code of property software in the Linux scanner where I had patches also in VMware tools, in Cisco tools. Every time those are huge code base property or open source as long as you are motivated and you have a meaning for doing that, you will be able to deep dive there. Yeah, yeah, Kurt. Just agree to what you said, Pierre. I mean, you will not try to digest the whole code base at once. You will have your little corner that you're interested in. You'll start working on that, investigating, understanding. Maybe you have some ideas, some improvement and then you get into a discussion with the larger community and then from that you learn, you learn to trust people. You learn how the code is put together. You learn the practices and you get, you become part of it. You're sucked in. It's a good community actually. So that works and it works on small code bases as well as large ones. And I'll add to that, Kurt. I haven't been in open source my whole life but I can also add that there's so much more that comes from it. It's not just code. It's commuter in the sense of friends and getting to know other people and for me it's been an amazing world to get into in the sense of different nationalities where you know people today and it becomes a small world with great people. So I want to make sure that all of you get a chance also just to mention. So if anybody wants to get in touch with you, how do they do that best? So maybe Linda, how do I reach Benero? How do I reach you? Benero.com would be the way to approach us. We have a new website where you can find information on our public cloud. You can get in touch with us. Summer holidays in Sweden right now but Benero is always loud so someone will be there to say hi and answer your questions. Awesome, so Pierre. Gaiax website or my name, first name, last name in any search engine and you will find a way to contact me also. All right, Kurt. I have the same luxury that my name is not very... That's not occur very often in the world. We have a website, scs.community. We want to grow as a community. We are definitely looking for people. People we can actually hire into our little company which is actually part of the project in the open source business alliance in Germany. And then of course also building community at large. People that want to use the code, test it, contribute to it, work with us, understand it, come with suggestions, ideas. All of that is extremely welcome. All right, that sounds great. Listen, I want to say a huge thank you to all of you. I think we could spend 10 hours doing this and maybe we'll get a chance to wrap this up with maybe dive deeper into a couple of the areas. It's such a broad, combining digital sovereignty, of course, combining that with open source you can speak for hours, I would say, around it. So thanks so much for joining. I just want to plug also next week we have another very up episode coming up and it's a panel of users that are doing large production scale like Verizon Media, InMotion, Nectar, CERN, Citin Network and OpenTelecom Cloud. They'll discuss how you manage those open stack, very large, I should say, open stack clouds and the capacity in and around them. So you don't want to miss that. And also a reminder for everybody out there if there's anything in particular that you would like to discuss, something that we've missed. I think this is the 13th episode that we've been doing. Feel free to submit those and I think the deadline for the next one is July 16th. So feel free to shoot in any type of topic that you have and make sure you follow up and join us for the next one. So and the next one is on Thursday at 1400 UTC and I think that's four o'clock for PM Central European Time. So again, thanks so much, Linda, Pierre and Kurt. It's been awesome and I really, really hope we get a chance to do this again. Thanks so much and thanks everybody out there for watching. Thanks.