Data sovereignty is a component of digital sovereignty. Data sovereignty describes the freedom of an actor to influence which data is made available for use, and who has access to this data and when and under what conditions. Individuals as well as organizations and institutions such as companies, authorities and entire states can act as data sovereigns. On the one hand, this is made possible by creating data transparency and teaching data literacy. On the other hand, it is a technology issue: for example, initial digital tools enable full data sovereignty through automated monitoring of usage rules or targeted access restriction.
In contrast to the compartmentalization or privacy idea, data sovereignty is about enabling the data owner to act and make decisions in the digital space in a self-determined, sovereign manner, including complete sovereignty over their own data.
While the concept of data sovereignty is already reflected in the GDPR, at least in rudimentary form, its concrete design is still in its infancy. One core project for strengthening data sovereignty in the EU is Gaia-X. Gaia-X is intended to create a self-determined, high-performance European data infrastructure and reduce dependencies on non-European cloud platforms. The digital ecosystem is based on open source technologies and is intended as an alternative to large providers in the USA or China, for example.