💾 Archived View for wilw.capsule.town › log › 2021-05-05-data-sovereignty.gmi captured on 2023-04-19 at 23:05:16. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
The term 'data sovereignty' is something we hear much more about these days. Increasingly I've also heard it being mentioned in different contexts.
We've seen it more in the world of enterprise SaaS; particularly in the case of UK-based public sector organisations amid post-Brexit data flow policies. More and more organisations are getting stricter in the geographic location of their users' data. Whereas before most organisations would be happy as long as the data is stored somewhere within the EU, they would now require it to be stored onshore within the UK.
They call this _data sovereignty_. At our company we're lucky to be agile enough to adapt and change our service offering to enable UK-only data processing and storage. However I can imagine many larger organisations might experience more inertia. Interestingly though, finding a UK-only mail provider isn't as easy as it sounds - most such services offer "EU" or "US" servers, but stop there (potential SaaS service offering there: UK-based mail provider).
The other place I've been hearing the term is in the indie tech and self-hosted community. In this case the data sovereignty concept relates more to data _ownership_, where the individual maintains control over their own data, where it is stored, how it is processed, and often goes as far as to keep their own data at home (for example, self-hosted setups using home servers).
I'm definitely in this camp too; whilst I don't keep stuff stored at home, I do keep my own data - when possible - on private servers in a secure datacentre or on services I trust. Things just feel more in-control with this approach.
Without data sovereignty, people are at risk of losing data they think they "own". For example, someone recently lost access to their iCloud data [1] because of issues with an unrelated service.
There's not much more to this post. I just think it's interesting that we're hearing more and more of the same phrase being used in different contexts by different groups of people and organisations.