Digital Sovereignty

Ten years ago, Nonprofit AF , in Weaponized data: How the obsession with data has been hurting marginalized communities, warned that nonprofits’ data obsession could dehumanise and harm marginalised communities—reducing lived experiences to reductive metrics, ignoring power dynamics, and prioritising funder dashboards. Now it’s 2025. Technology, AI, data regulation, and global politics have transformed—but many threats have only intensified. What changed? What has improved Stronger legal guardrails (sometimes) Since GDPR (2018), Europe and other jurisdictions have enacted data protections that at least nominally strengthen consent and individual’s rights. Data-sharing rules and transparency mandates force nonprofits to be somewhat more accountable. ...

The EuroStack initiative is Europe’s ambitious attempt to reclaim digital sovereignty by building its own federated, standards-based infrastructure. In the healthcare sector, this means enabling patients’ health data—much of it generated by Internet of Things (IoT) devices—to move securely and seamlessly across national borders. The goal is to make care more responsive, especially in emergencies or when people travel, without compromising privacy rights under the General Data Protection Regulation (GDPR). ...

Can Europe really build its own tech stack—or is EuroStack just another well-funded diagram waiting to happen? I sketched out a few thoughts on the EU’s latest moonshot over at NGI. It’s got funding figures, federated fantasies, and a healthy dose of dry scepticism. Have a peek at my sketch over at NGI