EVENTS CALENDAR
Does the EU need a New European Standardisation Organisation?
Open Source and the European Union | Poland | OFE Capital Series
Save the Date: OpenForum Academy Symposium 2025
With the new European Commission and Parliament in place – as well as a dramatically different international outlook – the EU is increasingly focused on building independent digital alternatives, often framed through the lens of ‘digital sovereignty’. This has, for example, been made clear in the independent EuroStack Initiative, the efforts to create a report (and rival ‘shadow’ report) on digital sovereignty in the European Parliament, and the proposal for a sovereign Open Internet Stack from the European Commission’s Directorate-General for Communications Networks, Content and Technology’(DG-CNECT).
At OpenForum Europe (OFE), we believe that open source and open standards are key to any effort to increase the EU’s digital sovereignty. The proverbial penny has dropped and there is an increasing business case for open source to support Europe’s digital sovereignty. But while OFE has argued for the importance of user-centric, real choice in IT markets for decades, this is not a time to be confident or assured in the approach the European Commission will take to open source. We need to instead be proactive, intentional, and clear on what we want.
At a time when the political impulse is to build new, OFE will instead make the case for long-term maintenance of, and security-focused support for, the open source software that we already have. A few weeks ago, we submitted a response to the Multiannual Financial Framework (MFF) consultation, proposing that the European Commission should fund the establishment of an EU Sovereign Tech Fund (EU-STF). This proposal is modelled on the precedent of the German Sovereign Tech Fund, now Sovereign Tech Agency (STA).
[Download Our Consultation Input to the European Commission]
Such an initiative is designed to focus on the security and sustainability of open source software – a cornerstone of digital infrastructure in Europe – and fill the gaps in funding needed to make open-source dependent infrastructure more resilient and sustainable. A structured public funding mechanism is needed to direct public investment into these gaps, ensuring that:
Below, we will outline further detail the security, economic, and political cases for the European Commission to invest in an EU-STF.
While investing in the security and sustainability of open source infrastructure is paramount to Europe’s digital sovereignty and competitiveness, it is also important for its cyber resilience. By proactively investing in the auditing and maintenance of open source base technologies, the EU-STF will bolster cyber resilience in the European digital ecosystem. It will also reduce the need for heavy-handed regulation and increase trust in Europe’s digital ecosystem, thereby laying the foundation for a sovereign and competitive EU.
As proposed, this initiative directly addresses a need for strengthened cybersecurity measures. It emphasises the security of open source products that go to market and open source supply chains more broadly, helping to safeguard the security open source components make their way into almost all of Europe’s digital infrastructure. Im this way, it will aid with the implementation of the Cyber Resilience Act (CRA) and other EU cybersecurity measures. This approach not only fortifies our digital infrastructure but also contributes to the development of a more robust European cybersecurity framework, ensuring that the EU’s cybersecurity foundations are underpinned by strong open source fundamentals.
Furthermore, our proposal directly responds to the urgent need for enhanced cybersecurity and cyber resilience highlighted during the Warsaw Call at the Telecommunications and Information Society (TTE) Council in Warsaw on 5 March 2025. It will align with the Warsaw Call’s emphasis on cooperation, investment, and preparedness. This approach ensures that the EU takes the lead in cybersecurity in an ever-evolving threat landscape, reinforcing our commitment to a secure and resilient digital future.
Open source software serves both as the backbone of modern digital infrastructure and is of an infrastructure nature itself. Open source software enables innovation and economic growth across all sectors. However, it sometimes lacks the necessary support and investment, and if not maintained, like any infrastructure, it can pose significant risks to stability, competitiveness, and security. Open source technologies are chronically under-resourced, following the ‘tragedy of the commons’ model where a public good that benefits all is systematically underfunded.
This is not just theoretical, as studies have repeatedly shown the reach and value of open source. According to the Linux Foundation, an estimated 70-90% of any given software codebase – including those with huge societal applications, like the International Space Station – is made up of open source components. Without open source software and networks of open source software developers, firms would pay an estimated 3.5 times more to build the software and platforms that run their businesses, or roughly €8.8 trillion. In terms of Europe itself, open source is not just a technological asset – it is an essential pillar of Europe’s economy, including its independence, competitiveness, and innovation.
Our proposal for the EU-STF aims to address the critical funding gap by providing long-term public funding to strengthen foundational digital technologies. These technologies include programming libraries, package managers, communication protocols, developer tools, and encryption technologies. Investing in open source security might be the cybersecurity investments with the highest ROI imaginable. By investing in these core components, the EU-STF will help prevent digital infrastructure from being controlled by a few powerful entities, ensuring a balanced and resilient ecosystem. This investment will not only bolster our cybersecurity framework but also contribute to the development of a robust and competitive digital economy in Europe.
Achieving Europe’s sovereign cybersecurity by investing in the open source ecosystem is cross-cutting for the EU’s digital sovereignty, competitiveness, resilience, and economic stability. The EU-STF would provide a structured investment mechanism to support open source software projects that underpin the European economy, public services, and critical infrastructure. By ensuring that open source remains secure and well-maintained, the EU can enhance economic efficiency while helping European businesses meet cybersecurity compliance requirements (for example under the Cyber Resilience Act) without being overburdened with regulation.
The establishment of the EU-STF would address a structural gap in the EU’s technology and cybersecurity funding mechanisms. While the EU has made substantial investments in research and innovation, there is no dedicated instrument focused on the maintenance and security of open source-dependent infrastructure that underpins Europe’s digital economy and society at large. The fund would complement existing regulatory efforts, such as the CRA, by ensuring that security requirements placed on software providers are matched by public investment in key open source software projects that serve as foundational digital infrastructure.
The EU-STF would align with existing EU policy priorities, particularly:
To further our efforts, OFE is conducting a detailed feasibility study on the potential structure and impact of the EU-STF. We are doing so in collaboration with Professor Knut Blind and Dr. Carsten Schwäbe of Fraunhofer ISI and Professor Thomas Streinz of the European University Institute. This study, which will be released at the end of June, will feature both an economic and legal analysis. It will provide a comprehensive understanding of how the EU-STF can contribute to Europe’s digital sovereignty and competitiveness, evaluating the legal basis and governance of a potential fund and making a stronger and more detailed economic argument for its efficacy.
If you are interested in furthering this initiative or would like to learn more about our proposal and upcoming study, please do not hesitate to reach out to us. For more information, contact Astor Nummelin Carlberg (astor@openforumeurope.org) and Nicholas Gates (nicholas@openforumeurope.org). We are eager to engage in dialogue and collaboration to build a stronger digital future for Europe. It is only through your collaboration and inputs that we will help make this effort successful!