A coalition of five major Dutch regulatory authorities has issued a joint call to the government, business community, and IT suppliers to accelerate the transition to greater digital autonomy. In their new report, “The Route to Digital Autonomy,” presented to State Secretary Aerdts for Digital Economy and Sovereignty, the supervisors warn that heavy reliance on a very small number of dominant, non-European IT providers poses severe risks to society.
The Authority for Consumers and Markets, the Authority for the Financial Markets, the Dutch Data Protection Authority, De Nederlandsche Bank, and the National Inspectorate for Digital Infrastructure jointly observe that concentrated IT dependence threatens the continuity of vital services. A single cyber incident, geopolitical disruption, or technical failure at a major provider could trigger massive consequences across both public and private sectors. Furthermore, this market concentration drastically limits freedom of choice, making switching IT vendors an expensive and complex ordeal.
The regulators clarify that digital autonomy does not demand total technological independence. Instead, it focuses on restoring control and building resilience. This can be achieved through more open IT architectures, enhanced interoperability, and choices that actively promote market competition and vendor flexibility.
To achieve this, the report outlines strategic roles for all market participants. The government is urged to leverage its massive buying power to drive demand for emerging European digital services. Similarly, both public and private entities should integrate autonomy into their procurement processes by mandating open standards and easy switching mechanisms.
Addressing potential antitrust concerns, the regulators emphasize that companies have ample room under existing competition rules to collaborate within their sectors and act as collective first-buyers for sector-specific IT solutions. Meanwhile, IT providers are encouraged to cooperate on developing strong European alternatives that offer true freedom of choice.
This collective push aligns with new European regulatory frameworks designed to manage digital supply chain risks, such as the Digital Operational Resilience Act and the updated Cybersecurity Act. By reducing unwanted dependencies, organizations can heavily fortify their resilience. The five regulators are inviting companies and public organizations to actively engage with them to implement these recommendations and foster a more secure, competitive digital landscape.
