A software decision with geopolitical weight
The next sovereignty crisis may not begin at the border. It may begin inside the stack. France’s move away from Windows is an early signal that states are starting to recognize what the AI age makes unavoidable: digital dependence is no longer just an IT issue. It is a geopolitical condition. On 8 April 2026, the French government launched an interministerial drive to reduce “extra-European” digital dependencies, with DINUM—the state’s interministerial digital directorate—announcing its own shift from Windows to Linux and requiring ministries to submit reduction plans by autumn across workstations, collaboration tools, antivirus, artificial intelligence, databases, virtualization, and network equipment. Finance minister David Amiel cast the effort in blunt strategic terms: France must “regain control of our digital destiny.”
This shift, bureaucratic on the surface, carries more weight than it first appears. France is not simply choosing one operating system over another. It is making a statecraft argument through procurement: that control over public systems now depends not only on law and territory but also on who sets the rules for software, cloud, AI models, updates, pricing, and interoperability. In other words, sovereignty has not disappeared. It has moved into the stack.
Why this is not a frictionless sovereignty story
That does not make France’s choice costless or simple. Large open-source transitions come with real frictions: migration spending, employee retraining, software compatibility problems, and the slow excavation of legacy dependencies hidden across ministries. The European Commission’s own study on open-source software governance notes that adoption requires investment in system migration and staff training, while the EU OS project says large Linux migrations may require years of preparation because business software must first be made compatible. France’s move may be strategically sound and still be administratively painful. That realism helps the argument, not weakens it. Sovereignty is rarely free.
That realism matters because the world in which France is making this choice is growing harsher. In April, Reuters reported that Iranian-linked cyber activity targeting U.S. critical infrastructure had escalated since the war began, including attacks involving programmable logic controllers and supervisory control and data acquisition systems used in government services, water, wastewater, and energy. The World Economic Forum’s Global Cybersecurity Outlook 2026 says geopolitics remains the top factor shaping cyber-risk strategy and that 64% of organizations now factor in geopolitically motivated cyberattacks such as critical-infrastructure disruption or espionage.
Put those developments together, and the French move stops looking parochial. As AI systems, cloud services, and digital public infrastructure become more central to public administration, finance, logistics, health, and welfare, the stack becomes both an engine of growth and a more attractive target in moments of conflict, coercion, or cyber escalation. In the coming decade, critical systems will increasingly be digital systems. That means dependence on external digital layers will carry not only efficiency risks but security risks as well.
Why the warning lands harder in the Global South
For the Global South, the problem is not digital modernization itself. The problem is modernization under asymmetry. Many countries are being pushed to digitize quickly to stay competitive in an economy increasingly shaped by AI, cloud infrastructure, and digital public systems. But they are doing so with weaker bargaining power, thinner buffers, and fewer fallback options than wealthier states. If France — a major European power with stronger industrial and regulatory depth — now feels compelled to reduce strategic digital dependence, the stakes are higher still for countries whose room for error is smaller.
This is why the French trigger matters well beyond Europe. The lesson is not that Jakarta, Brasília, or Nairobi should copy Paris line by line. The lesson is that sovereignty has become an infrastructure question. What looks like a technical choice can quickly become a constraint on continuity, resilience, and room to govern once the external environment turns hostile. Across the Global South, the strategic question is not whether every layer must be localized. It is narrower and harder: which dependencies are tolerable, which are risky, and which become dangerous once crisis enters the picture? That is the question too many digital modernization debates still avoid.
Other countries are already navigating the same anxiety through different instruments. Brazil’s AI plan was explicitly framed around technological autonomy and reducing dependence on imported AI tools. ASEAN reached the substantial conclusion of negotiations on its Digital Economy Framework Agreement, or DEFA, in October 2025, giving Southeast Asia a more concrete regional vehicle for standards, interoperability, and digital governance cooperation. The African Union’s Digital Transformation Strategy for Africa 2020–2030 similarly ties digital transformation to coordination, integration, and a stronger African role in the digital economy. These are not identical models. But they point to the same recognition: AI capacity and digital infrastructure now shape strategic positioning, not just economic modernization.
Why Digital NAM deserves to be taken seriously
This is where the Digital NAM idea becomes more than branding. The Non-Aligned Movement is not a stronger technical machine than ASEAN or the African Union, and it should not pretend to be. But it does offer something more politically distinctive: a platform rooted in shared asymmetry. Its science and technology center already carries a mandate around technological cooperation, institutional linkages, expert exchange, and technology transfer among developing countries. That makes it a plausible umbrella for a South-South coalition on AI dependence, digital public infrastructure, and strategic preparedness.
That is also why Digital NAM may be more useful here than waiting for a universal forum to deliver clarity. This is not because the United Nations is irrelevant. It is because universal multilateralism often moves at the speed of its deepest divisions. Reuters reported in February that the UN Security Council remained deadlocked on Ukraine because Russia holds a veto and in April that China and Russia vetoed a resolution on the Strait of Hormuz. In such an environment, a digital NAM would not replace the UN. It would serve a different purpose: giving developing countries a caucus built from shared exposure to digital dependence rather than from the fiction that all states enter the AI era on equal terms.
That still leaves a division of labor. Regional organizations remain the most credible engines for operational work because they are closer to harmonization, implementation, and trust-building. ASEAN and the African Union are better placed to move from rhetoric to practical work on standards, interoperability, payments, resilience, and dependency mapping. BRICS is useful in another way: as an amplifier. Its 2025 AI governance statement already speaks in the language of equitable development, risk mitigation, and digital public infrastructure. But BRICS remains a narrower grouping with its own internal asymmetries. It is better as a megaphone than as the sole operating platform for the wider South.
So the smarter path is not to romanticize one forum. It is to assign roles clearly. Regional bodies can do the technical and regulatory work. BRICS can push the issue into global agenda-setting. Digital NAM can supply the broader political language of agency, bargaining, and solidarity across the South. In a harder AI-geopolitics era, sovereignty will be protected less by one grand institution than by a layered diplomatic architecture.
Preparedness, not posturing
France’s Linux turn is therefore worth taking seriously, but not as a morality play in favor of open source. It is better read as a reminder that sovereignty in the AI age will depend on preparedness. Governments and critical institutions need dependency mapping across clouds, models, APIs, software ecosystems, and public digital infrastructure. They need scenario planning that treats geopolitical fragmentation and cyber escalation as real operating conditions, not distant hypotheticals. And they need stress tests for what happens when a provider changes terms, a critical service becomes unavailable, or a system becomes politically impossible to audit. France’s own press release is revealing on this point: the exercise is not only about replacing Windows but also about mapping dependencies and reducing them through a coordinated interministerial plan.
That is the deeper lesson for the Global South. Digital sovereignty is no longer only about data. It is about the governability of the systems on which states and economies increasingly run. The uncomfortable question is no longer whether countries are adopting digital infrastructure. It is whether they will still control enough of it when the next geopolitical shock hits.
