Weekly Backlog Week 23/2026

🧠 Editorial

Welcome to the Weekly Backlog Week 23/2026.

This week had a remarkably clear theme: Control.

Control over data. Control over infrastructure. Control over standards. And the uncomfortable realization that while many organizations talk about digital sovereignty, they still view their key dependencies as inevitable.

Microsoft is under pressure over OOXML, the Netherlands is discussing data access by US authorities, Kubernetes is saying goodbye to one of its most well-known projects, and a new supply chain worm impressively shows that attackers are no longer targeting servers—but the processes behind them.

In line with this, our guest contribution by Matthias Tinnemeier takes a look at the Sovereign Cloud Days 2026. Because digital sovereignty is not achieved through press releases or certificates alone, but where architects, administrators, developers, and decision-makers come together to exchange experiences and discuss alternatives to existing dependencies.

In short: This week is less about which technology we use. It’s about who controls it.

📰Tech-News:

Microsoft’s File Formats Are Not a Standard – They Are a Lock-in

Digital sovereignty often fails not because of spectacular technologies. It fails because of inconspicuous decisions made millions of times every day. One of them is the file format.

The Document Foundation accuses Microsoft of deliberately binding users to its ecosystem through the OOXML format. The criticism hits a sore spot: Those who create, exchange, and archive documents also decide on dependencies.

Microsoft has been presenting OOXML as an open standard for years. Formally, this may be true. Practically, the reality is different. The format now encompasses thousands of pages of technical specifications, exists in various versions, and is implemented differently within the Microsoft world than outside of it.

This is where the problem begins.

A standard only serves its purpose if different applications can interpret it the same way. As soon as one provider effectively retains interpretative sovereignty, no interoperability arises, but dependency.

The Document Foundation points out that the actually standardized variant “OOXML Strict” hardly plays a role in everyday life anymore, while proprietary detours dominate. The result: Those who want to be fully compatible must align with Microsoft. Not with an open standard.

This is not a technical footnote. It is a power instrument.

Europe has been discussing digital sovereignty, cloud dependencies, and the dominance of American platforms for years. At the same time, document formats are still used in authorities, companies, and educational institutions that cement exactly these dependencies.

Yet an alternative has long existed.

The Open Document Format (ODF) belongs to no company. No one can unilaterally change the rules. Documents remain readable in the long term, regardless of which manufacturer dominates the market tomorrow.

Those who take digital sovereignty seriously must therefore talk about more than clouds, chips, and AI models. Control over data begins with the basics. And that includes file formats.

The real question is not which office package seems more convenient today.

The question is whether public administrations, educational institutions, and companies want to store their documents in formats that belong to them—or in formats that belong to a corporation.

Digital sovereignty does not begin with infrastructure.

It begins with the file.

🔗https://www.golem.de/news/buerosoftware-scharfe-kritik-an-microsoft-wegen-ooxml-format-2605-208906.html#google_vignette

Netherlands

“In the Netherlands, serious allegations are being made against Microsoft. The company is said to have passed on personal data of officials to the US House of Representatives. Employees of two important regulatory authorities are affected.”

Can someone please explain to me again after this report why the discussion about digital sovereignty is supposedly exaggerated? This is proof that the Cloud Act not only exists but is exploited exactly for such cases. Or is it really a coincidence that the very people affected are those working on a law to regulate large US technology companies?

For years, Microsoft followers have been telling me the Cloud Act is not a real problem. For years, I hear the same pseudo-arguments. The data is supposedly in Europe. There are contracts. There are guarantees. There are “sovereign” cloud offerings. And yet information about European officials ends up with US authorities??

This is exactly what has been consciously discussed away in recent years. Instead of talking about legal control, political influence, and the Cloud Act, the debate was reduced to the location of servers. As if American law ends at the border of the European Union. That’s bullshit, I tell you!

The affected data was not within reach of American authorities because it was stored in the USA. It was within reach of American authorities because it was entrusted to an American company. THAT is the crucial difference that the hyperscaler followers either do not understand or do not want to admit to this day.

Whoever controls the digital infrastructure controls access. Whoever controls access controls dependency. And whoever controls dependency has political influence.

Because how independent can European legislation actually be if the companies affected by this legislation simultaneously operate the digital infrastructure on which authorities, administrations, and public institutions work? This question will be significantly harder to ignore after the current incident.

And that’s exactly why the entire discussion about the alleged “European Sovereign Cloud” of the US hyperscalers now seems like what it always was: #SovereignWashing

The current case from the Netherlands is really no longer a slip-up, I remind you of: “Sanctions by the US President against the chief prosecutor of the International Criminal Court (ICC) in The Hague, Karim Khan”. The current case is a reminder that European data remains under American control as long as European institutions build their digital future on American platforms. #microsoft #sovereignwashing #CloudAct

🔗https://www.wiwo.de/technologie/digitale-welt/sanktionen-gegen-internationalen-gerichtshof-microsoft-steckt-in-der-trump-falle/100129647.html & https://winfuture.de/news,159002.html#

Kubernetes Dashboard Discontinued: Headlamp to Become the Future of Cluster Management

After years as the standard interface for many Kubernetes users, the Kubernetes Dashboard is officially discontinued. The project has been archived and will no longer receive active development. The Kubernetes community instead recommends switching to Headlamp, a more modern management interface for Kubernetes clusters.

For many administrators and developers, the dashboard was the first entry into the Kubernetes world. The graphical interface allowed managing Pods, Deployments, Services, and Namespaces without a command line, making container orchestration significantly more accessible for many teams.

Headlamp is now set to take on this role while offering features that modern Kubernetes environments require. These include managing multiple clusters through a single interface, application-centric views, a plugin architecture, and the ability to run the solution both as a desktop application and directly in the cluster.

Companies with complex multi-cluster environments, in particular, are expected to benefit from the new architecture. While the previous dashboard was primarily designed for individual clusters, Headlamp allows parallel access to development, test, and production environments without constant tool switching.

Moreover, the project focuses on extensibility. For example, GitOps tools like Flux can be directly integrated via plugins. AI-powered assistants are also part of the concept and are intended to support administrators in analysis, troubleshooting, and operations.

For existing Kubernetes Dashboard users, the transition should be relatively straightforward. Headlamp uses established Kubernetes authentication mechanisms and respects existing RBAC permissions. A detailed migration guide has already been announced by the developers.

The discontinuation of the Kubernetes Dashboard marks the end of an important chapter in the Cloud-Native ecosystem. At the same time, the switch to Headlamp shows how much Kubernetes has evolved over the past years from a tool for individual clusters to a platform for complex, distributed infrastructures.

🔗https://kubernetes.io/blog/2026/06/01/dashboard-to-headlamp/

The Freiburg Data Theft Reveals the Biggest Cyber Risk for German Organizations

54,000 patients of the University Hospital Freiburg are affected by a data theft. Public attention is focused on the perpetrators, the methods, and the stolen data.

However, another figure raises a much more fundamental question: The affected service provider was last externally audited for IT security in 2013.

If this is confirmed, we are not talking about a technical failure. We are talking about a governance problem.

Those who process health data bear responsibility for some of the most sensitive information ever. In a time when supply chain attacks, ransomware, and AI-powered cyberattacks are commonplace, security cannot be based on assumptions, trust, or outdated evidence.

The case also shows how outdated many security strategies have become. The university hospital itself was not attacked. The attack occurred through a service provider. The data still leaked.

This is exactly why digital resilience is no longer decided solely in one’s own data centers. It is decided with the partners, service providers, and platforms to which organizations entrust their most critical data.

Anyone talking about cybersecurity today must therefore primarily talk about responsibility in the supply chain.

🔗https://www.drweb.de/datenklau-in-freiburg-geprueft-wurde-zuletzt-2013/

🔥Linkedin Post of the Week:

Mark Neufurth observed a discussion on digital sovereignty directly at Microsoft in Berlin—and formulated an observation that is currently preoccupying many in politics and IT.

While Europe discusses digital independence, resilience, and technological freedom of choice, Microsoft is actively promoting collaboration and trust. For Mark Neufurth, this is no coincidence. He interprets the high-level presence of the corporation as a political signal and describes the…