Building trust at scale: Why digital sovereignty needs a rethink

Viewpoints

The future is federated sovereignty, says Aaron Boasman-Patel of TM Forum. Learn what that means for you, from concept to architecture.

By Aaron Boasman-Patel, VP, Innovation, TM Forum

Over the years, digital sovereignty was defined by borders. That mindset increasingly feels outdated and is being challenged as perceptions evolve behind how it is understood and exercised.

Across Europe, narratives of a “failing concept” and “falling behind” are gaining traction, signaling the need for organizations to move faster and strengthen the strategic position on how they manage and organize data.

It’s no longer feasible for every country to build a fully autonomous digital stack as the economics don’t add up and operational risks are high. And today’s networks, cloud, and AI systems are designed to interconnect, not isolate. These realities are forcing us to rethink what sovereignty means in a hyper-connected world. Europe is already moving in this direction with initiatives like Gaia‑X and the EU Digital Networks Act, signaling a shift from isolation to interoperability and system‑level coordination.

The future is federated sovereignty. This is where connectivity is organized around regional alliances, common standards, and shared trust frameworks that enable interoperability while keeping control of critical assets local.

From concept to architecture

Federated sovereignty means evolving into a framework of collaboration and shared responsibility rather than nationally isolated control. Initiatives such as Gaia‑X signal this shift at a policy and framework level, setting common rules for interoperability and trust across borders and moving sovereignty away from isolation and toward system‑level coordination.

Increasingly, federated sovereignty is being expressed through technical architecture. Sovereign cloud implementations such as the AWS European Sovereign Cloud illustrate how sovereignty can be enforced through technical controls, operational separation, and European governance while still participating in global cloud and AI ecosystems. Rather than fragmenting infrastructure, this approach enables interoperability by design while keeping control of critical assets local.

For telecom operators, this evolution brings both responsibility and opportunity. When sovereignty is no longer just about ownership, it becomes an issue of control, assurance, and verifiability in a world of disaggregated networks, cloud‑native infrastructure, and AI‑driven operation. Operators must answer fundamental questions in real time: Where is data processed and trained? Who controls decision-making systems? How are policies enforced? And how can outcomes be audited?

Governance and leadership in a federated world

Artificial intelligence accelerates the challenge. As networks move toward intent‑driven and autonomous operation, sovereignty shifts from physical hardware to adaptive software, policy, and model governance from manual configuration to cognitive automation.

To manage this, leadership models must evolve. Sovereignty spans networks, IT, AI, cloud, data, security, and regulation; it cannot sit solely within compliance or legal. It requires ongoing oversight, clear decision rights, and joined‑up leadership across technology, policy, and operations. Many organizations are formalizing this through introduction of a ‘Chief Sovereignty Officer’ function or equivalent operating model that unites governance, architecture, and operational assurance.

Telcos as architects of cloud sovereignty

What do telcos need to do, to ensure they are serving the needs of customers prioritizing sovereignty? Primarily, collaboration between telcos and cloud providers is essential to deliver secure, compliant, and innovative services. Telcos bring unique strengths to this partnership: trusted relationships with governments and enterprises, operation of critical infrastructure, and deep regulatory expertise.

Meanwhile, hyperscale cloud providers offer advanced technology and scalability. Together, they can create interoperable solutions that meet stringent security and compliance requirements while opening new market opportunities.

Real-world progress is underway, and multi‑cloud resilience practices reduce single‑provider risk. TM Forum’s Open Digital Architecture (ODA) and Level‑4 autonomous network capabilities advance observability, automation, and componentized networks, the essential foundation for sovereignty by design. Across geographies, operators and network infrastructure providers are recognizing that investment in autonomous network capabilities is key to control now and into the future. Which is why ODA and Level 4 autonomy play a pivotal role, providing operators the foundation to scale intelligent and sovereign networks.

Designed trust at scale

This year, those who lead the way will be those who embed sovereignty into architectures through policy-driven control, certification, continuous testing, and clear accountability. Something this critical should never be an afterthought. Risk-based resilience will be critical, including diversified routes and mediums such as fiber, subsea, and satellite networks, and tiered service continuity for emergency traffic.

The future of digital sovereignty is not fragmentation but designed trust at scale. Telecom operators sit at the center of that future, not just as connectivity providers but as custodians of controlled digital resilience.

Building sovereignty through collaboration

The path forward is shared. It is a commitment to federated sovereignty architectures rooted in open standards and shared assurance. It is an imperative to operationalize sovereignty with joint governance and runtime verification across multi‑cloud and multi‑network domains. It requires investment in observability, automation, auditability, and sovereign key management as core capabilities, not add‑ons.

By the end of this year, we expect to see those that lead on sovereignty to have made headway on four key milestones. These are:

Establishing a cross‑functional sovereignty council that brings together technology, legal, security, policy within the organization;
Defining and publishing sovereignty Service Level Objectives (SLOs) for data residency, model lineage, policy enforcement latency, auditability KPIs;
Completing pilot sovereign cloud landing zones with route diversity and traffic tiering;
And certifying model and data provenance for critical AI workflows.

Sovereignty built this way is verifiable, interoperable, and investable. It brings structure, clarity and control to an increasingly sensitive and mission critical organizational defense. Those who move first will define the standards, architectures, and trust models that others will follow.

Get this news in your inbox. Subscribe to the Broadband Communities newsletter!