C4DT Conference on Trustworthy and Sovereign Cloud Computing

September 13th, 2023, Starling Hotel, St.-Sulpice

Overview

The concept of digital sovereignty gains increasing traction in political discourses across Europe, including in Switzerland. Digital sovereignty is referred to when speaking about AI development, cloud computing, data and data spaces, hard- and software development, the provision of digital services and platforms, to name but a few aspects. Against this backdrop, this event will explore secure and trustworthy cloud computing in the context of digital sovereignty.

As such, cloud computing is an interesting prism of several digital trust challenges and opportunities at once: As cloud adoption increases, great potential for efficiency, elasticity and scale emerges. Yet, the incentives for malicious actors to exploit vulnerabilities, be they related to access and identity, data security and privacy or to hard- and software security, will increase simultaneously. Adding the fact that two-thirds of the cloud market are in the hand of only three cloud infrastructure service providers, the so-called hyperscalers, the question of digital sovereignty is raised more and more in the context of cloud computing – including issues such as data localization and access, legal frameworks that apply, etc..

With a variety of public and private actors working on the issue of digital sovereignty specifically and a strong digital Trust Ecosystem overall, as well as with its unique political history and neutrality, Switzerland is uniquely positioned to explore and test new models and approaches to what digital sovereignty may mean in the 21st century; especially in the context of cloud computing which is a key enabling factor of the current and future digital economy.


Purpose

This conference looks beyond addressing “typical” cloud challenges only – it embeds them in the specific Swiss context: It critically examines the political, legal and economic aspects of cloud computing in the context of digital sovereignty and what technological solutions might be at hand to solve some of the underlying concerns. Ultimately, the conference sets out to understand how the Swiss cloud computing space can pro-actively be shaped, alternatives be developed and opportunities from collaborating across the public and private sector, across local and international players can be harnessed.

Furthermore, by hosting this event in the Arc Lémanique and by inviting key actors from across Switzerland and Europe, the Center for Digital Trust aims to gather the experience and knowledge aggregated in the region’s unique digital trust ecosystem. It sets out to garner interest and support for a working group with the objective to identify, prototype and test concrete cloud- and digital-sovereignty-related solutions.

This event is organized by the Center for Digital Trust (C4DT).

Schedule

08h30

Welcome Coffee


09h00

Welcome & Initial Reflections on Digital Sovereignty and key Challenges to Secure and Trustworthy Cloud Computing

Prof. Jean-Pierre Hubaux, Academic Director, Center for Digital Trust, EPFL


Part 1: Understanding Different Perspectives on Digital Sovereignty in the Context of Cloud Computing

09h10

Survey on Digital Sovereignty: Approaching an Essentially Contested Concept

This opening session will help to understand the multitude of perspectives that different actors and stakeholders may have on digital sovereignty. Without getting lost in definitions and semantics, this session will help to distill the key elements and concerns that are subsumed under “digital sovereignty” in the context of cloud computing.

  • For your organization, what key elements does digital sovereignty comprise of in the context of cloud computing? 
  • What are the key challenges digital sovereignty is supposed to solve?

09h30

Talk: Outlining the Federal Cloud Computing Strategy

by Erica Dubach, Digital Transformation and ICT Steering (DTI), Swiss Federal Chancellery


09h45

Talk: Concerted Action for more Digital Sovereignty: Exploring the Latin Cantons’ Approach

by Alexander Barclay, Cantonal Delegate for Digital Policy, Canton of Geneva


10h00

Panel: Understanding the Views of Different Stakeholders: Reactions to the Federal and Cantonal Approaches to Sovereign Cloud Computing – and how the End-Users seek to shape Future Solutions

This session will feature representatives from the defense and healthcare sectors, among others.

Moderated by: Imad Aad, C4DT

Panelists

  • Alice Crelier, Political and international affairs officer, NCSC
  • Vincent Graf Narbel, Head of DPO Tech Hub, ICRC
  • Thomas Roos, CEO, Genelook

10h45

Networking Coffee


Part 2: Exploring latest Technical Solutions

Separating the Best from the Buzz

What are the latest trends in cloud computing technology and which are likely to prove viable and valuable in the long-term? Especially in the context of digital sovereignty?

11h15

Expert Talk: Hybrid Cloud Architectures and Multi-Cloud Solutions

by Mathieu Verbaere, Head of Architecture, ELCA Informatique SA


11h30

Expert Talk: Open Source and Open Operations Solutions

by Manuela Urban, Chief Operating Officer, Sovereign Cloud Stack, Germany


11h45

Expert Talk: Sovereign in the Cloud: minimizing Data Sovereignty Risks with the Right Technical Solutions

As the move-to-cloud trend gains momentum, sovereignty becomes paramount for some critical use-cases. Overcoming compliance and business challenges requires a well-thought-out risk management strategy that involves deploying precise tailored controls and technical solutions. So how to choose the right technologies to minimize your data sovereignty risks?

On the agenda:

  • Data sovereignty risk-based approach for the move-to-cloud
  • Insights from customers use cases and challenges
  • Sovereignty toolbox for minimizing data sovereignty risks
  • Introduction to privacy-enhancing technologies (PET) and their role in enhancing data sovereignty

by Pierre Brun-Murol, Cybersecurity Senior Expert, Eviden


12h00

Expert Talk: Making Sense of the latest technologies that are transforming privacy and data protection landscape in the cloud

by Juan Ramon Troncoso-Pastoriza, Co-Founder and CEO, Tune Insight


12h15

Expert Talk: Innovation in Cloud Computing – Kubernetes

by Sébastien Pittet, Exoscale


12h25

Expert Talk: Innovation in Cloud Computing – Chop Chop, an Infrastructure for Cyberthreat Resilient Cloud Computing

No single cloud actor is immune to bugs, crashes or cyberattacks, as demonstrated by the large record of ransomware attacks and data leaks of these last years, even on major actors like Gmail (2014), Microsoft Exchange (2021), Apple (2021) or various governments (Ukraine, Estonia, Finland, …)

Chop Chop is a middleware which aggregates many servers belonging to different actors and make them behave like a single server resilient to crashes or attacks, usable as a PaaS.
As long as at least two thirds of the aggregated servers behave correctly, the resulting server is immune to any form of cyberthreat.

Thanks to the recent “distillation” technology, a Chop Chop server is as fast as a regular cloud server and can be used for everyday applications such as payment, messaging, document server, etc…

by Gauthier Voron, Postdoctoral Researcher, Distributed Computing Laboratory, EPFL


12h35

Networking Lunch


Part 3: Moving towards Implementation

13h45

Panel: Feasibility and Economic Viability: Understanding the Implications of Greater Sovereignty in Cloud Computing

Greater independence from hyperscalers and the previously discussed technical solutions sound appealing and offer the possibility to shape innovative approaches to more sovereign and secure cloud computing. Yet, what concrete challenges still need overcoming to achieve that goal? What specific customer needs need addressing?

On the agenda:

  • Managing market concentration, lock-in effects and competitiveness
  • Handling infrastructure and reliability challenges
  • Establishing risks-based approaches and understanding trade-offs 
  • Navigating geopolitical dynamics

Moderated by: Stefan Pabst, Think Tank W.I.R.E.

Panelists

  • Nagib Aouini, Founder and CEO, Duokey
  • Markus Grossenbacher, Chief Security Officer, Swiss Federal Office of Information Technology, Systems and Telecommunication FOITT
  • Lukas Hebeisen, Head of Product Line Cloud, Swisscom
  • Florian Nöll, CEO, Phoenix Systems

14h40

Panel: Navigating the Legal and Regulatory Landscape

Subject to a variety of regulations and legal frameworks differing across jurisdictions and continuously evolving, cloud computing risks seeing an ever more fragmented market, posing challenges for both suppliers and customers. How can Switzerland navigate the legal and regulatory landscape, learn from other European countries, and position itself strongly in the international dynamics?

On the agenda:

  • Latest and future developments of Swiss as well as international frameworks
  • Different concepts of what a sovereign cloud may look like
  • Role of legal frameworks for future AI and LLM development

Moderated by Michel Jaccard, Founder, id est avocats

Panelists

  • Simon Brunschwig, General Counsel & Head of Corporate Legal Affairs, ICRC
  • Carmen De la Cruz, Head of Legal VE & VE CEE ICT, Axians
  • Catherine Pugin, Cantonal Delegate for Digital Policy, Canton of Vaud

15h20

Networking Coffee


Part 4: Mobilizing Actors to Leverage Switzerland’s Trust Ecosystem

15h50

Keynote: Cloud Empires and the Geopolitics of Digital Infrastructure

Prof. Vili Lehdonvirta, Professor of Economic Sociology and Digital Social Research, University of Oxford


16h20

Closing Panel: Leveraging Switzerland’s Trust Ecosystem

With a great density of actors from the academic, public and private sectors, both locally anchored and international, Switzerland has a unique digital trust ecosystem. How might this ecosystem be put to work to identify, prototype and test concrete more sovereign solutions? And hence ensure both Switzerland’s values and competitiveness in a digital world?

On the agenda:

  • Concrete industry collaboration examples
  • Public-private-expert partnerships
  • “Job description” for the C4DT Cloud Council

Moderated by Prof. Jean-Pierre Hubaux, Academic Director, Center for Digital Trust, EPFL

Panelists

  • Roger Dubach, Deputy Director, Directorate of International Law, Swiss Federal Department of Foreign Affairs
  • Charlotte Lindsey, Chief Public Policy Officer, CyberPeace Institute
  • Marc Holitscher, National Technology Officer and Member of the Board, Microsoft Switzerland
  • Yves Pitton, Head of Business Solutions and Executive Board Member, ELCA

17h10

Concluding Remarks and next Steps for the C4DT Cloud Council


17h15

Networking Apéro