EU's international digital strategy: Towards… freedom?

On 5 June 2025 the European Commission launched its international digital strategy, which is composed by many different areas that go from regional connectivity aspects to cybersecurity, eID, digital public infrastructure and open source technologies.

The strategy is a joint communication by the European Commission (specifically, Commissioner Virkkunen) and the High Representative and the aim is to "set out a joint vision for the EU's external action for digital."

The Communication highlights the link between digital policies and external action. Building on the Draghi report, the Communication mentions how the EU is lagging behind the US in the tech sector and the risks of seeing its "technological and economic dependencies" used as a weapon against Europe. Although the example is not mentioned, the case of the ICC prosecutor (and other staff of the ICC) being cut off from Microsoft services is a direct evidence of the risks we face when depending on vendors that have a kill switch for critical digital services.

The International Digital Strategy focuses on 3 main objectives:

1. Increase EU's tech competitiveness, including a mention for the EU to "actively promote digital solutions enabling more energy- and resource-efficient manufacturing, services and other applications."

2. Ensure a high level of security for the EU "and its partners"

3. Shape global digital governance and standards with a network of partners, perhaps one of the most interesting parts for digital rights advocates, as it says that "the EU can be a driving force of responsibly guided technological advancement on the global stage."

Secure and trusted digital infrastructure

For the sake of brevity (and because it is my main interest), I will focus on this part of the strategy. The Commission says it will promote secure digital connectivity and sustainable infrastructure worldwide (including submarine cables) and calls to "diversify the integration of networks" (EU-speak for "we should not depend on Musk's satellites"). Important satellites initiatives are mentioned there, but the EU has a long way to go to achieve significant satellite connection; still, you need to start somewhere and any action to get away from Musk's products and services is always a healthy habit.

The strategy describes then forthcoming actions related to AI (AI Factories, EU Defence Innovation Scheme), cybersecurity (mutual recognition agreements, responsible state behaviour in cyber space under UN-endorsed framework) and, more interesting, it mentions digital public infrastructure.

Digital Public Infrastructure plus our beloved acronyms (DSA, DMA, GDPR)

The strategy calls the support of digital identity solutions (based on the EU Digital Identity Wallet specifications), and will support an interoperability-by-default in Digital Public Infrastructure (DPI). In addition to this, the EU will "continue to promote its regulatory approach and its underlying principles bilaterally and multilaterally and share its experience in implementing them", referencing DSA, DMA and GDPR as some of the core pieces of legislation they will be supporting (at least in theory).

There is very little yet in the Communication, but there is more in the Annexes, where two key ideas are mentioned:

1. Promote the Open Internet Stack: To better serve partner countries, the EU aims to bolster the Open Internet Stack internationally. This expansion will focus on the core protocols essential for internet communication and information exchange. The initiative aims to build trust, lower expenses, prevent reliance on single vendors, allow for customization and integration, and safeguard critical principles like privacy, security, and data protection. This idea, as initial as it is, can be the basis for the calls for the Eurostack or European Sovereignty Tech Fund, if the ideas are implemented correctly, that is.

2. Work towards an Open, Free and Sustainable Internet: The strategy pledges to foster accountability, robust monitoring, and the advancement of internet freedoms. They will empower civil society organizations (CSOs) that hold their respective governments accountable. Among the actions planned they include addressing internet shutdowns through diplomatic means, and policies that uphold an open and interconnected internet will be promoted. This, as vague as it may be as of today, may be taken as a mandate for DG CNECT and the EEAS to support initiatives such as a European Digital Rights Fund similar to the Open Tech Fund, as some of us have been supporting.

What's missing?

The immediate reactions have been diverse, from relative enthusiasm to mild-scepticism and other nuanced reactions. There are good reasons to support all of these reactions, as this Joint Communication opens as many readings as one can imagine, and the next steps of the Commission will be crucial to understand whether we will focus on breaking dependencies from Big Tech (or even breaking Big Tech). By the way, now that we are into breaking stuff- sign this petition to Break Big Tech now!

One thing is clear: The Commission will have to prioritise, especially having the current political scenario where Member States aim at running more aspects of the EU Budget. Whether the Commission will focus on submarine cables, supporting SMEs (and how it will ensure that benefits come back to the public), deploying satellites (run by whom, and for what?), creating AI applications for health or to run genocidal wars, or supporting internet freedoms will depend to a great extent on us.

You can read the Joint Communication here and the Annexes here