The European Union’s growing technological dependence on software systems developed outside its borders represents an unprecedented strategic vulnerability. This paper analyses how software control has become an instrument of geopolitical influence, examining specific cases of critical dependence and their implications for European digital sovereignty. The analysis focuses on strategic systems such as ODIN for the F-35, the Chinese KylinOS operating system, the CrowdStrike incident, and the penetration of Microsoft, Apple, Android, and Huawei products into Europe’s digital fabric.
In the digital era, control over software technologies has become a geopolitical power tool comparable to the control of energy resources in the last century. Despite being a global economic power, the European Union finds itself in a position of strategic vulnerability due to its dependence on technologies predominantly developed in the United States and China.
Europe’s pervasive digitalisation has created a deeply interconnected technological ecosystem, but one controlled by external actors. This dependence is not merely technical; it represents a potential instrument of political and economic coercion, where software becomes a tool of diplomatic blackmail.
The Operational Data Integrated Network (ODIN) is one of the most emblematic examples of critical technological dependence. This information and logistics management system for the F-35 Lightning II fighter is entirely controlled by the United States, creating an operational subordination for all programme partner countries, including several EU members such as Italy, the Netherlands, and Denmark.
ODIN is not simply a logistics support system but represents the central nervous system of the F-35. Through this network, the United States maintains full control over:
The scale of European investments in the F-35 program makes the strategic vulnerability related to the ODIN system particularly evident. Major European countries have committed massive financial resources:
Italy - Level 2 Partner:
Belgium:
Netherlands:
Denmark:
United Kingdom - Level 1 Partner:
Norway:
Other European countries with confirmed orders:
Total estimated European investments: over 70 billion Euros
Turkey’s expulsion from the F-35 programme in 2019 demonstrates concretely how dependence on ODIN can be used as a tool of coercion. Despite planning to purchase 116 F-35A for USD 11 billion and having already invested significantly in the programme, the United States was able to completely block Turkey’s access to F-35 technology—highlighting the vulnerability of European allies who have invested tens of billions in the programme.
KylinOS represents China’s strategy to achieve technological autonomy in the operating systems sector. Initially developed for military and government purposes, KylinOS has progressively become the cornerstone of China’s “import substitution” strategy in the ICT sector.
KylinOS is based on the Linux kernel but incorporates numerous proprietary Chinese modifications, including:
The Chinese example shows how a coordinated strategic investment can lead to technological autonomy. However, it also highlights the risks of fragmentation in the global technological landscape and the need for Europe to develop a similar strategy to avoid being squeezed between digital superpowers.
The CrowdStrike incident of 19 July 2024 marked a watershed moment in the perception of global technological vulnerability. A single defective update of the CrowdStrike security software caused the simultaneous crash of millions of Windows systems worldwide, paralysing airports, hospitals, banks, and essential services.
Europe experienced massive disruptions across all critical sectors:
The incident showed that:
Microsoft holds a de facto monopolistic position in the European software landscape, with market shares exceeding 80% in many segments:
Enterprise sector:
Household sector:
The pervasiveness of Microsoft products creates multiple opportunities for influence:
Data control:
Technological dependence:
Regulatory influence:
Several episodes have shown Microsoft products used for intelligence purposes:
Apple has built an integrated ecosystem controlling the entire digital value chain:
Consumer market:
Professional market:
Apple’s ecosystem enforces pervasive control through:
Walled Garden Approach:
Selective encryption:
Dependence on cloud services:
Apple’s ecosystem provides multiple vectors of influence:
Passive surveillance:
Behavioural control:
Android holds 68% of the European smartphone market, making it the most widespread mobile operating system:
Country distribution:
Usage segmentation:
Although formally open source, Android implements sophisticated control mechanisms:
Google Play Services:
Pervasive data collection:
Google Mobile Services (GMS):
Android represents a soft power tool through:
Information control:
Economic surveillance:
Technological dependence:
Before the restrictions imposed in 2019, Huawei had reached dominant positions in several European market segments:
Network infrastructure:
Consumer market:
Huawei products implement architectures that could facilitate:
Privileged access:
Intelligence collection:
Geopolitical control:
Western intelligence has documented remote functions that could allow China to:
The analysis of the cases reveals structural vulnerabilities:
Critical dependence:
Operational risks:
Geopolitical threats:
Several scenarios could trigger the use of technological dependencies as weapons of blackmail:
Scenario 1 – Diplomatic crisis with the U.S.:
Scenario 2 – Escalation with China:
Scenario 3 – Information warfare:
Technological diversification:
Strengthened regulation:
Crisis response capabilities:
Integrated European ecosystem:
Technological diplomacy:
Education and skills:
Europe’s technological dependence on external actors represents an existential threat to the continent’s democratic sovereignty. The analysed cases show how software control has become a geopolitical power tool capable of influencing domestic policies, accessing strategic information, and potentially paralysing entire national economies.
The urgency of developing an autonomous European technological ecosystem is no longer a matter of economic competitiveness but of political survival. Europe must learn from China’s import-substitution strategy and the U.S. approach to technological control to develop a third way that preserves European democratic values while ensuring strategic independence.
The time to act is limited. Each day of delay in implementing digital autonomy strategies increases Europe’s vulnerability and reduces the options available for the future. Investment in digital sovereignty is not a cost but an investment in Europe’s freedom and democracy in the 21st century.
The stakes are clear: either Europe rapidly develops its own autonomous technological capabilities, or it will remain permanently subordinate to external powers that do not necessarily share its values and interests. The choice is still possible, but the window of opportunity is rapidly closing.
This paper represents an analysis of the current situation of European technological dependence and its strategic implications. The proposed recommendations require further technical study and assessments of economic and political feasibility.
European Commission. (2024). Digital Europe Programme: Fostering Digital Autonomy. Brussels: Publications Office of the European Union.
European Defence Agency. (2023). Technological Dependencies in European Defence Capabilities. Luxembourg: Publications Office of the European Union.
European Parliament Research Service. (2023). European Digital Sovereignty: From Narrative to Policy. Brussels: EPRS.
NATO Cooperative Cyber Defence Centre of Excellence. (2024). Critical Infrastructure Dependencies on Foreign Software. Tallinn: CCDCOE.
U.S. Department of Defense. (2023). F-35 Joint Strike Fighter Program Status Report. Washington, DC: Government Printing Office.
White House. (2023). National Cybersecurity Strategy. Washington, DC: The White House.
Crémer, J., de Montjoye, Y.A., & Schweitzer, H. (2022). Competition Policy for the Digital Era. Oxford University Press.
Floridi, L. (2022). The Ethics of Digital Sovereignty: European Values for the Digital Age. Oxford University Press.
Freedberg, S. (2023). ODIN: The Secret Weapon of American Military Dominance. Naval Institute Press.
Hautala, J., & Isoaho, K. (2024). China's Digital Silk Road: Technology Governance and Geopolitical Strategy. Routledge.
Keohane, R., & Nye, J. (2021). Power and Interdependence in the Digital Age. Princeton University Press.
Sabbagh, D., & Hern, A. (2023). The Huawei Factor: Technology, Security and Global Politics. Polity Press.
Timmers, P., & Moerel, L. (2023). European Digital Sovereignty: Policy, Technology, and Market. Cambridge University Press.
Wright, N. (2022). Software as Power: Digital Infrastructure as a Political Weapon. MIT Press.
Bertolini, A. (2024). "European Military Capacity and Technological Dependence: The F-35 Case Study". Journal of European Defense Studies, 18(3), 215-238.
Brattberg, E., & Maurer, T. (2023). "The Digital Transatlantic Alliance: Navigating EU-US Tech Relations". Carnegie Endowment for International Peace, Policy Paper.
Clarke, R., & Knake, R. (2023). "Software Supply Chain as a National Security Threat". International Security, 47(2), 7-41.
Erixon, F., & Lamprecht, P. (2024). "Europe's Quest for Technology Sovereignty: Opportunities and Pitfalls". Journal of European Public Policy, 31(4), 589-610.
Jakobson, L., & Knox, D. (2023). "Kylin OS and China's Strategy for Technological Independence". The China Quarterly, 254, 335-357.
Larsen, H., & Fondahl, G. (2024). "The Geopolitics of Operating Systems: Android, iOS, and Digital Territory". Political Geography, 103, 102845.
Sharma, R., & Baweja, K. (2023). "Digital Coercion: Understanding Technological Dependencies as Geopolitical Leverage". International Studies Quarterly, 67(2), 315-329.
CEPS. (2024). The European Digital Infrastructure Market: Concentration and Dependencies. Brussels: Centre for European Policy Studies.
Digital Power Index. (2024). Global Digital Sovereignty Report 2024. Geneva: DPI Foundation.
Gartner. (2024). Market Guide for European Cloud Service Providers. Stamford: Gartner Research.
IISS. (2023). Military Balance 2023: Technology and Defense Capabilities. London: International Institute for Strategic Studies.
Kearney. (2024). European Software Sovereignty: From Vision to Implementation. Amsterdam: A.T. Kearney.
RUSI. (2024). Resilience of Critical Digital Infrastructure in Europe. London: Royal United Services Institute.
StatCounter. (2024). Mobile & Desktop Operating System Market Share Europe. Dublin: StatCounter Global Stats.
European Union Agency for Cybersecurity. (2024). Impact Analysis: CrowdStrike Incident July 2024. Athens: ENISA.
Financial Times. (July 22, 2024). "The CrowdStrike Crash: Anatomy of a Digital Catastrophe". Financial Times, Special Report.
Microsoft Security Response Center. (July 19, 2024). Technical Analysis of the 2024 CrowdStrike Update Incident. Redmond: Microsoft.
National Cyber Security Centre UK. (2024). After-Action Report: July 2024 Global IT Outage. London: NCSC.