What Is Digital Sovereignty? SAP CEO Christian Klein on Cloud, AI, and Enterprise Control

In an increasingly fragmented geopolitical and technological landscape, digital sovereignty has moved from a policy slogan to a strategic enterprise imperative.

In a recent interview with IT-Online, SAP CEO Christian Klein reframed the debate: sovereignty isn’t simply about where infrastructure is located or limiting partner ecosystems, it’s about choice, governance, and trust across data, operational, technical, and legal dimensions.

Klein said that digital sovereignty isn’t just political rhetoric. It is a business foundation for cloud, regulated workloads, and AI, as long as it is built on clear governance and interoperability.

“Across Europe, and increasingly across the global technology landscape, digital sovereignty is interpreted in different and sometimes conflicting ways. This lack of alignment creates uncertainty for public authorities, regulated industries and technology providers. It directly undermines the adoption of cloud, AI and mission-critical digital services,” Klein said.

What Does Digital Sovereignty Actually Mean for Enterprises?

For enterprises, digital sovereignty means enforceable control over how data, systems, and digital operations are governed across jurisdictions. It is less about where infrastructure sits and more about who controls access, accountability, technology choices, and legal oversight.

Public debate still tends to fixate on data center location or domestic ownership. But physical location alone does not guarantee operational or legal control – and reducing sovereignty to geography risks turning it into a barrier rather than a driver of digital transformation.

Klein articulates sovereignty in four practical aspects:

1. Data — who controls and has access to data
2. Operational — who runs and is accountable for systems
3. Technical — what technologies and architectures are employed
4. Legal — what laws and compliance frameworks apply

The challenge, Klein notes, is that countries and regulators define these dimensions differently. That lack of alignment creates uncertainty for enterprises trying to deploy cloud and AI systems at scale.

Klein emphasizes that integrating global technologies within European legal and operational frameworks can boost AI adoption while strengthening Europe’s position in responsible, competitive, and compliant innovation.

How Does Digital Sovereignty Build Trust in Cloud and AI Governance?

Klein’s central insight is that sovereignty should be about verifiable governance: clarity about where data is processed, who operates critical systems, what legal frameworks apply, and which parties are accountable. Without that clarity, complex regulations can delay digital projects, particularly for mission-critical systems in government and highly regulated industries.

Importantly, this approach does not advocate technological isolation.

“This is not about technological isolation or excluding global partners. Europe must remain open to innovation and international cooperation,” Klein says.

“However, openness must be anchored in enforceable European law, clear accountability and auditable operational control. In practical terms, credible sovereignty means public authorities can verify where data is processed, who operates critical systems, which legal framework applies and who is accountable at every level.”

Without this clarity, Klein warns, “sovereignty risks remaining a political concept rather than a reliable basis for trust, compliance and innovation, especially for AI-driven solutions.”

Global technology partnerships and interoperable frameworks can coexist with sovereignty if they are governed with transparency and accountability.

This reflects a broader shift in sovereignty debates toward outcomes over ideology, focusing on control and risk management without sacrificing access to innovation ecosystems.

Where Does SAP Fit into Europe’s Digital Sovereignty Strategy?

Europe’s competitive edge, Klein argues, lies in applied innovation — not in attempting to replicate global hyperscale infrastructure within its own borders. Rebuilding entire technology stacks domestically would be costly, inefficient, and likely to slow digital transformation.

A more pragmatic approach is to integrate global technologies within European legal, operational, and accountability frameworks. That model allows Europe to benefit from global innovation while maintaining control under EU law.

“At SAP, we support interoperable, partnership-based approaches governed by clear rules and accountability. These models enable faster adoption, reduce fragmentation and enhance resilience. For policymakers, fostering such ecosystems is more effective than prescribing specific technologies,” Klein said.

Public institutions and regulated organizations are operating amid geopolitical uncertainty, rising cyber risk, and rapid technological change. They require partners that combine global scale with regulatory expertise and long‑term stability.

“SAP contributes to this shift by delivering sovereignty across data, operational, technical and legal dimensions. We support public administrations and regulated industries in modernizing core systems, migrating securely to the cloud and deploying AI responsibly,” Klein said.

“This includes clear audit trails, operational transparency, and contractual safeguards that give customers confidence in who controls their systems and data.”

Because SAP underpins many of Europe’s critical public- and private‑sector processes, sovereignty, he argues, cannot be retrofitted. It must be designed into digital systems from the outset.

Klein maintains that openness and control are not mutually exclusive, advocating partnership‑based models that accelerate adoption, reduce fragmentation, and strengthen long‑term resilience.

What This Means for SAPinsiders

Why should SAPinsiders care about digital sovereignty? Digital sovereignty now shapes board‑level decisions that directly affect SAP roadmaps, cloud migrations, AI deployment, and vendor strategy. If sovereignty requirements influence where data can reside, who operates systems, and which laws apply, they will impact SAP S/4HANA transformations, SAP Cloud ERP journeys, and integration architecture.

European governance expectations will shape SAP deployment models. As European regulators place greater emphasis on auditability, accountability, and legal clarity, enterprise ERP and digital transformation programs must be designed with built‑in compliance controls rather than retrofitted safeguards. For SAPinsiders, the message is clear: vendors and platforms with deep experience operating within European regulatory frameworks may be better positioned to support compliant cloud, ERP, and AI deployments. SAP’s longstanding footprint across European public and regulated sectors gives it institutional familiarity that aligns naturally with sovereignty-driven policy priorities.

AI deployment must align with European control standards. For SAP practitioners implementing Business AI or advanced analytics, demonstrating where data is processed, who has access, and which legal framework governs it is increasingly required by European public authorities and regulators. Aligning SAP AI use cases with these national and EU sovereignty expectations can accelerate adoption and build institutional trust.