TechFreedom
 

👋 Hello!

Thanks for joining us as we explore #TechFreedom together! We’ve recently finished running the pilot cohort which went really well and received great feedback from participants. One commented:

I thought the sessions were designed really well, and enjoyed talking to others going through the same process. Committing to these sessions really provided me with the motivation and framework to actually start implementing some of the migration plans we’d had for a long time.

We’re running a session at TechNExt soon, and then we’ll be sharing details in the next newsletter about the September cohort.

For now, though, here are some links that we’ve come across that we thought were worthy of your attention…

1. What does governable AI look like?

Tom used ChatGPT being seemingly unable to stop talking about "goblins" to reflect on the TechFreedom lenses as they relate to AI:

If governable AI requires the ability to edit, audit, and attest and if vendors structurally cannot, or will not, offer that, then the only path is to run models you can actually edit. Open weights, open training data. Infrastructure you control. The technical capacity to do the editing.

This is the TechFreedom argument applied directly to AI. The five lenses all bite. Jurisdiction: where does the model run, and whose laws apply? Business continuity: what happens when the vendor changes terms, or gets acquired, or sunsets the product? Surveillance: what’s being logged, and by whom? Lock-in: can you migrate, or are your prompts and workflows welded to one provider?

Link: There be goblins

2. Improving your organisational SEAL

In a similar way to TechFreedom, Sovereignty Score seeks to help organisations improve their SEAL ("Sovereignty Effectiveness Assurance Level"), as defined by the European Commission. These bands range from no sovereignty (SEAL 0) through to full digital sovereignty (SEAL 4). Worth having a look to see which providers score well, and which score badly (clue: Microsoft).

Cloud sovereignty is the most marketed and least proven category in enterprise IT. Vendors describe themselves as sovereign, residency is sold as sovereignty, customer-managed keys are sold as customer-controlled keys. This tool tests those claims, against the European Commission’s Cloud Sovereignty Framework v1.2.1 and ten plain-English objectives. It returns a weighted score, a SEAL minimum (the framework’s Sovereignty Effectiveness Assurance Level, the bottom band any objective falls into), the marketing claims your answers contradict, and the working that produced each. The methodology sits in the same file, every score is contestable, and nothing leaves your browser.

Link: Sovereignty Score

3. Can we trust AI agents to follow European law?

Probably unsurprisingly, but damning nonetheless. Another reason to be exploring open-weight models, either locally or in the cloud:

Some of the world’s most popular AI models are building agents that actively resist EU regulation to get what they want, according to new research.

Aithos, a Dutch non-profit researching AI alignment, developed a system called LARA to test 12 popular AI agent models to see whether they would follow key parts of the EU AI Act, which regulates how AI systems can be used, and the bloc’s data protection regulations (GDPR) in scenario-based questions.

[…]

Performance across all the models was poor, the study found. The most compliant model, Claude’s Opus 4.7, followed the law in 54% of the scenarios and the worst-performing, China’s Moonshot AI, in only 7%.

All the models in the scenarios agreed to monitor the emotional state of employees or exploit vulnerable to make a sale, the research said.

Mistral, the only homegrown European AI model tested, scored below 12%, which the researchers suggest means that even EU providers are “not equipped to comply with EU law.”

Link: AI agents actively ignore EU law to achieve goals, study finds

4. The power of defaults

This article is about design, but the central point is about the power of defaults. What’s our default ‘operating system’, tech stack, way of organising people? What should they be?

Changing a default requires two things most people avoid at the same time: forming a preference and acting on it. The pre-set option eliminates both requirements. People accept it without deliberating, often without noticing the choice was made. This is not a failure of attention, rather a rational response to cognitive load.

Link: Default Bias: Who chose your settings?

5. EU tech sovereignty through open source

The EU has just released it’s Open Source strategy, which has four objectives:

  • Objective 1 – Open Source for Tech Sovereignty
  • Objective 2 – Vibrant Open Source Ecosystem
  • Objective 3 – Open Source in Public Administration
  • Objective 4 – Reinforced Standards and International Outreach

It’s fully TechFreedom-aligned:

The EU Open Source Strategy places open source at the centre of the EU’s technological sovereignty by promoting European open alternatives to non-EU proprietary solutions in critical domains.

The EU Open Source Strategy aims to strengthen Europe’s open digital ecosystems by supporting the development, scaling, deployment and long-term sustainability of open source technologies across both the public and private sectors.

Link: The EU Open Source Strategy

Additional links

  • Every AI Subscription Is a Ticking Time Bomb for Enterprise
  • SubProcessors: Find vendors used by any company
  • ‘Millions’ of pounds saved by replacing Palantir tech in refugee system

That’s all for now!

Thanks for reading,

Doug :)
 
You're receiving this because you signed up at techfreedom.eu.
Unsubscribe  ·  View in browser  ·  Visit the site
CC BY TechFreedom