🧠 Editorial

If you’ve noticed: The Weekly Backlog looks a bit different. Now even more personal, colorful, louder, and with much more recognition value. Content-wise, everything remains the same: Cloud, power, security, open source, politics. Just served fresher.

And that’s necessary.

Because this week had a guiding theme that runs through almost all the reports: Digital infrastructure is power. Not metaphorically. Not academically. But very concretely – economically, security-politically, geopolitically.

Whoever controls the Cloud controls operational capability. Whoever controls payment flows controls data. Whoever controls platforms controls debates. And whoever defines encryption standards controls future security.

Welcome to the reality of 2026.

🚨 The Tech News of the Week

🇪🇺 Tech Oligarchs, Trump, and Europe’s Blind Spot

Marietje Schaake sums it up: Europe has treated technology as a market issue for too long – not as a power issue.

In an interview with Standard, the former EU parliamentarian describes a structural dependency on US tech companies that has grown over decades. Capital flows from Europe stabilize precisely those platforms from which political independence is desired. Dutch pension funds alone invest around 200 billion euros in US tech stocks.

The crucial point, however, is political: When CEOs and investors from Silicon Valley openly take political positions, relativize democratic institutions, and strategically align with Trump, it becomes clear – platforms are geopolitical tools.

Twitter/X under Musk is a prime example: economically questionable, politically maximally effective.

Digital infrastructure is not a neutral service. It is the foundation of administration, education, economy, and security. Whoever controls it shapes society.

“EuroStack” & Co. are a start. But strategy papers don’t build data centers and AI stacks.

Worth reading – sober, but explosive.

🔗 https://www.derstandard.at/story/3000000304005/tech-politik-muss-oberste-prioritaet-werden

🕵️ Google Transmits Data to ICE – Without Judicial Order

Google has transmitted personal and financial data of a student to the US agency ICE – based on an administrative subpoena, i.e., an administrative summons without judicial approval.

Transmitted were, among others:

• Addresses
• IP data
• Phone numbers
• Account metadata
• Credit card and bank information

Not the content of emails – but enough to create a complete profile.

Important: Companies do not have to respond to administrative subpoenas. They can object. They can demand judicial review. According to EFF, this apparently happens too rarely.

The case is not an isolated data protection incident. It is a lesson on:

• Metadata as a power instrument
• Platforms as an extended arm of state enforcement
• And the question of how much resistance Big Tech actually offers against political encroachments

For European Cloud strategies, this is not US domestic policy. This is risk analysis.

🔗 https://techcrunch.com/2026/02/10/google-sent-personal-and-financial-information-of-student-journalist-to-ice/

💳 Wero & Europe’s Payment Sovereignty

56% of all cashless payments in the EU run over US or Chinese infrastructure: Visa, Mastercard, Paypal, Alipay. Technically efficient, globally integrated – but strategically not European.

With Wero, Europe is seriously attempting for the first time to control the payment rails itself.

The platform has been live since July 2024, based on SEPA Instant Credit Transfer and enables real-time transfers via phone number or email. 47 million users in Belgium, France, and Germany are already connected, over 7.5 billion euros have been transferred. With the integration of Bancomat (IT), Bizum (ES), MB WAY (PT), and Vipps MobilePay (Nordics), the combined network reaches around 72% of the EU and Norway’s population.

This is more than a wallet app.

Why this is industrially relevant

1. Data Sovereignty Payment data is behavioral data. It shows consumption patterns, networks, creditworthiness, economic dynamics. Whoever operates the payment infrastructure controls not only transaction fees but also analytical power.
2. Sanction and Pressure Potential Payment networks are geopolitical levers. SWIFT exclusions, card blockades, compliance requirements – these are not theoretical scenarios.
3. Standards & Ecosystems Payment infrastructure defines API standards, identity models, fraud mechanisms, and integration costs for merchants. Whoever controls the rails determines the entry barriers.

Visa and Mastercard move around 24 trillion US dollars annually. These are not FinTech startups, but global infrastructure operators.

The Open Question: Adoption

Technically, Wero is based on SEPA Instant – so on existing infrastructure. The difference lies in the UX, integration, and merchant acceptance.

What will decide:

• Integration into banking apps
• Simple POS implementation
• E-commerce plugins
• Fee model
• Developer interfaces

If Wero is only politically desired but operationally cumbersome, it will fail. However, if it thinks API-first and creates real network effects, Europe could reclaim a critical base technology for the first time.

Digital sovereignty does not begin with AI – it begins with payment rails.

🔗 https://www.golem.de/news/wero-europa-will-raus-aus-us-zahlungsnetzwerken-2602-205256.html

☁️ SAP, Microsoft, and the Geopolitical Kill Switch

SAP is preparing for a potential outage of Microsoft Cloud services in Europe. Not a technical disaster scenario – but a geopolitical one.

With Delos Cloud GmbH and the joint venture Bleu, an emergency architecture is being created in case US providers are forced to leave Europe or restrict services.

The problem: Hyperscalers are globally orchestrated systems. Without continuous updates, security patches, and engineering access, a static emergency cloud emerges.

Resilience here means: controlled stagnation.

This is strategically understandable – but it does not replace genuine infrastructure policy. A fallback is not an ecosystem.

🔗 https://www.computerwoche.de/article/4093583/sap-rustet-sich-fur-microsoft-ausfall-in-europa.html

🔐 BSI Announces the End of RSA & ECC

The Federal Office for Information Security (BSI) recommends the gradual phase-out of purely classical asymmetric procedures.

• From 2031: no longer solely using classical key agreement
• High protection needs: already from 2030
• Focus on hybrid procedures (classical + post-quantum)

Incidentally, TLS 1.2 is effectively being buried.

For those currently planning certificate lifetimes until 2032: Crypto-migration is not a 2029 project.

Technical guidelines with a recommendatory character develop surprisingly quickly into normative force in Germany. Those managing compliance topics should build roadmaps now.

🔗 https://www.heise.de/news/Neue-Verschluesselungs-Empfehlungen-des-BSI-Das-Ende-fuer-RSA-und-ECC-naht-11172624.html

🏛 Meta Marches Through EU Institutions

The appointment of Aura Salla as rapporteur for the Digital Omnibus is not a side event in parliamentary operations. It is a warning signal.

The role of the rapporteur is central: They formulate amendments, moderate compromises, structure the debate, and significantly influence the final legislative text.

Aura Salla led Meta’s Brussels lobbying office until 2023. In parallel, Dale Sunderland, a former Meta lobbyist, became head of the Irish Data Protection Authority – the authority responsible for GDPR enforcement against Meta.

One can argue that expertise from the industry is valuable. That’s true. The problem is not competence. The problem is concentration of power along the same axes of interest.

Why this is structurally relevant

The Digital Omnibus aims to “simplify” existing digital regulation – including GDPR, DMA, DSA. Simplification can:

• Reduce bureaucracy
• Lower compliance costs
• Reduce innovation barriers

Or it can weaken standards.

Especially the GDPR is one of the few globally effective instruments of European norm-setting. Many countries have adapted data protection laws following the European model. This is regulatory soft power.

When key roles in the reform are in the hands of former corporate representatives, at least a legitimacy problem arises. Trust in regulatory processes is a prerequisite for acceptance.

For companies, this means:

• Uncertainty about future compliance requirements
• Potential new interpretation leeway
• Political volatility in digital regulation

Europe claims digital sovereignty. This arises not only through infrastructure but through credible, consistent enforcement of its own rules.

Regulation is only as strong as the institutions that carry it.

🔗 https://digitalrechte.de/news/metas-marsch-durch-die-eu-institutionen

Advertisement

🔍 Strategy & Power Politics

🇪🇺 Trumps Against Trump

The think tank “Dezernat Zukunft” reminds us: Europe is not powerless.

• Uranium and turbine supply chains
• Trillions of investments in US markets
• Massive dependency of US tech companies on the EU market

A kill switch against Europe would shake US stock markets – including 401(k) retirement plans.

The problem is less about lacking power and more about lacking coherence. Without shared burden-sharing, geopolitical strength remains fragmented.

🔗 https://www.zdfheute.de/politik/ausland/europa-usa-donald-trump-europaeische-union-zoll-handel-wirtschaft-100.html

🛑 Palantir, Microsoft, and Operational Reality

Digital sovereignty is not decided in strategy papers but in the shopping cart of public procurement.

When police agencies rely on Palantir, administrations almost universally operate Microsoft stacks, and Cloud strategies are effectively Azure strategies, then dependency is not a theory – but the operating system of the state.

The problem is not the nationality of the providers. The problem is structural lock-in:

• Proprietary data models
• Tight license and subscription bindings
• Deep integration into core processes
• Hardly realistic exit scenarios

Especially in the security sector, this becomes delicate. Whoever sources analysis platforms or collaboration of central authorities as a black box from another legal space gives up technical and legal control. CLOUD Act, update cycles, support – all factors that are not sovereignly controlled.

There are counter-movements: Schleswig-Holstein is migrating away from Microsoft, ZenDiS is building alternatives with openDesk. But in parallel, new large contracts are growing.

Sovereignty does not arise from buzzwords but from open standards, modular architectures, and real switching options. Without exit capability, every digital strategy is only a comfort zone for a time.

🔗 https://www.blaetter.de/ausgabe/2026/februar/toxische-tech-abhaengigkeit

💬 LinkedIn Post of the Week

Breaking News: No! Yes! Ooooh!

Frank Hennemann