C4DT Conference on Trustworthy and Sovereign Cloud Computing
The concept of digital sovereignty gains increasing traction in political discourses across Europe, including in Switzerland. Digital sovereignty is referred to when speaking about AI development, cloud computing, data and data spaces, hard- and software development, the provision of digital services and platforms, to name but a few aspects. Against this backdrop, this event will explore secure and trustworthy cloud computing in the context of digital sovereignty.
As such, cloud computing is an interesting prism of several digital trust challenges and opportunities at once: As cloud adoption increases, great potential for efficiency, elasticity and scale emerges. Yet, the incentives for malicious actors to exploit vulnerabilities, be they related to access and identity, data security and privacy or to hard- and software security, will increase simultaneously. Adding the fact that two-thirds of the cloud market are in the hand of only three cloud infrastructure service providers, the so-called hyperscalers, the question of digital sovereignty is raised more and more in the context of cloud computing – including issues such as data localization and access, legal frameworks that apply, etc..
With a variety of public and private actors working on the issue of digital sovereignty specifically and a strong digital Trust Ecosystem overall, as well as with its unique political history and neutrality, Switzerland is uniquely positioned to explore and test new models and approaches to what digital sovereignty may mean in the 21st century; especially in the context of cloud computing which is a key enabling factor of the current and future digital economy.
This conference looks beyond addressing “typical” cloud challenges only – it embeds them in the specific Swiss context: It critically examines the political, legal and economic aspects of cloud computing in the context of digital sovereignty and what technological solutions might be at hand to solve some of the underlying concerns. Ultimately, the conference sets out to understand how the Swiss cloud computing space can pro-actively be shaped, alternatives be developed and opportunities from collaborating across the public and private sector, across local and international players can be harnessed.
Furthermore, by hosting this event in the Arc Lémanique and by inviting key actors from across Switzerland and Europe, the Center for Digital Trust aims to gather the experience and knowledge aggregated in the region’s unique digital trust ecosystem. It sets out to garner interest and support for a working group with the objective to identify, prototype and test concrete cloud- and digital-sovereignty-related solutions.
This event is organized by the Center for Digital Trust (C4DT).
Welcome & Initial Reflections on Digital Sovereignty and key Challenges to Secure and Trustworthy Cloud Computing
Prof. Jean-Pierre Hubaux, Academic Director, Center for Digital Trust, EPFL
Part 1: Understanding Different Perspectives on Digital Sovereignty in the Context of Cloud Computing
Survey on Digital Sovereignty: Approaching an Essentially Contested Concept
This opening session will help to understand the multitude of perspectives that different actors and stakeholders may have on digital sovereignty. Without getting lost in definitions and semantics, this session will help to distill the key elements and concerns that are subsumed under “digital sovereignty” in the context of cloud computing.
- For your organization, what key elements does digital sovereignty comprise of in the context of cloud computing?
- What are the key challenges digital sovereignty is supposed to solve?
Talk: Outlining the Federal Cloud Computing Strategy
by Erica Dubach, Digital Transformation and ICT Steering (DTI), Swiss Federal Chancellery
Talk: Concerted Action for more Digital Sovereignty: Exploring the Latin Cantons’ Approach
by Alexander Barclay, Cantonal Delegate for Digital Policy, Canton of Geneva
Panel: Understanding the Views of Different Stakeholders: Reactions to the Federal and Cantonal Approaches to Sovereign Cloud Computing – and how the End-Users seek to shape Future Solutions
This session will feature representatives from the defense and healthcare sectors, among others.
Moderated by: Imad Aad, C4DT
- Alice Crelier, Political and international affairs officer, NCSC
- Vincent Graf Narbel, Head of DPO Tech Hub, ICRC
- Thomas Roos, CEO, Genelook
Part 2: Exploring latest Technical Solutions
Separating the Best from the Buzz
What are the latest trends in cloud computing technology and which are likely to prove viable and valuable in the long-term? Especially in the context of digital sovereignty?
Expert Talk: Hybrid Cloud Architectures and Multi-Cloud Solutions
by Mathieu Verbaere, Head of Architecture, ELCA Informatique SA
Expert Talk: Open Source and Open Operations Solutions
by Manuela Urban, Chief Operating Officer, Sovereign Cloud Stack, Germany
Expert Talk: Sovereign in the Cloud: minimizing Data Sovereignty Risks with the Right Technical Solutions
As the move-to-cloud trend gains momentum, sovereignty becomes paramount for some critical use-cases. Overcoming compliance and business challenges requires a well-thought-out risk management strategy that involves deploying precise tailored controls and technical solutions. So how to choose the right technologies to minimize your data sovereignty risks?
On the agenda:
- Data sovereignty risk-based approach for the move-to-cloud
- Insights from customers use cases and challenges
- Sovereignty toolbox for minimizing data sovereignty risks
- Introduction to privacy-enhancing technologies (PET) and their role in enhancing data sovereignty
by Pierre Brun-Murol, Cybersecurity Senior Expert, Eviden
Expert Talk: Making Sense of the latest technologies that are transforming privacy and data protection landscape in the cloud
by Juan Ramon Troncoso-Pastoriza, Co-Founder and CEO, Tune Insight
Expert Talk: Innovation in Cloud Computing – Kubernetes
by Sébastien Pittet, Exoscale
Expert Talk: Innovation in Cloud Computing – Chop Chop, an Infrastructure for Cyberthreat Resilient Cloud Computing
No single cloud actor is immune to bugs, crashes or cyberattacks, as demonstrated by the large record of ransomware attacks and data leaks of these last years, even on major actors like Gmail (2014), Microsoft Exchange (2021), Apple (2021) or various governments (Ukraine, Estonia, Finland, …)
Chop Chop is a middleware which aggregates many servers belonging to different actors and make them behave like a single server resilient to crashes or attacks, usable as a PaaS.
As long as at least two thirds of the aggregated servers behave correctly, the resulting server is immune to any form of cyberthreat.
Thanks to the recent “distillation” technology, a Chop Chop server is as fast as a regular cloud server and can be used for everyday applications such as payment, messaging, document server, etc…
by Gauthier Voron, Postdoctoral Researcher, Distributed Computing Laboratory, EPFL
Part 3: Moving towards Implementation
Panel: Feasibility and Economic Viability: Understanding the Implications of Greater Sovereignty in Cloud Computing
Greater independence from hyperscalers and the previously discussed technical solutions sound appealing and offer the possibility to shape innovative approaches to more sovereign and secure cloud computing. Yet, what concrete challenges still need overcoming to achieve that goal? What specific customer needs need addressing?
On the agenda:
- Managing market concentration, lock-in effects and competitiveness
- Handling infrastructure and reliability challenges
- Establishing risks-based approaches and understanding trade-offs
- Navigating geopolitical dynamics
Moderated by: Stefan Pabst, Think Tank W.I.R.E.
- Nagib Aouini, Founder and CEO, Duokey
- Markus Grossenbacher, Chief Security Officer, Swiss Federal Office of Information Technology, Systems and Telecommunication FOITT
- Lukas Hebeisen, Head of Product Line Cloud, Swisscom
- Florian Nöll, CEO, Phoenix Systems
Panel: Navigating the Legal and Regulatory Landscape
Subject to a variety of regulations and legal frameworks differing across jurisdictions and continuously evolving, cloud computing risks seeing an ever more fragmented market, posing challenges for both suppliers and customers. How can Switzerland navigate the legal and regulatory landscape, learn from other European countries, and position itself strongly in the international dynamics?
On the agenda:
- Latest and future developments of Swiss as well as international frameworks
- Different concepts of what a sovereign cloud may look like
- Role of legal frameworks for future AI and LLM development
Moderated by Michel Jaccard, Founder, id est avocats
- Simon Brunschwig, General Counsel & Head of Corporate Legal Affairs, ICRC
- Carmen De la Cruz, Head of Legal VE & VE CEE ICT, Axians
- Catherine Pugin, Cantonal Delegate for Digital Policy, Canton of Vaud
Part 4: Mobilizing Actors to Leverage Switzerland’s Trust Ecosystem
Keynote: Cloud Empires and the Geopolitics of Digital Infrastructure
Prof. Vili Lehdonvirta, Professor of Economic Sociology and Digital Social Research, University of Oxford
Closing Panel: Leveraging Switzerland’s Trust Ecosystem
With a great density of actors from the academic, public and private sectors, both locally anchored and international, Switzerland has a unique digital trust ecosystem. How might this ecosystem be put to work to identify, prototype and test concrete more sovereign solutions? And hence ensure both Switzerland’s values and competitiveness in a digital world?
On the agenda:
- Concrete industry collaboration examples
- Public-private-expert partnerships
- “Job description” for the C4DT Cloud Council
Moderated by Prof. Jean-Pierre Hubaux, Academic Director, Center for Digital Trust, EPFL
- Roger Dubach, Deputy Director, Directorate of International Law, Swiss Federal Department of Foreign Affairs
- Charlotte Lindsey, Chief Public Policy Officer, CyberPeace Institute
- Marc Holitscher, National Technology Officer and Member of the Board, Microsoft Switzerland
- Yves Pitton, Head of Business Solutions and Executive Board Member, ELCA