How FACIS Is Codifying European Sovereignty for the AI Era
Andreas Weiss, Managing Director of the eco Association, shows how the FACIS project translates European values into practical tools that enable digital sovereignty across federated cloud-edge ecosystems.
© jiande wu | istockphoto.com
Andreas Weiss
Europe’s debate about digital sovereignty is no longer theoretical. In my view, the real risk is not that Europe lacks regulation, but rather, that it fails to operationalize its own values and policy goals at scale. As artificial intelligence, data sharing, and cloud-edge infrastructures become the backbone of economic growth, federation must become Europe’s default operating model, not centralized platforms. This article takes a clear position: digital sovereignty can be achieved through resilience and only matters if it is implemented in code.
Using the Federation Architecture for Composed Infrastructure Services (FACIS) project as an example, it shows how European values such as trust, accountability, and interoperability can be translated into concrete technical and contractual mechanisms that work in practice, not just on paper.
Europe is at a critical crossroads. Data is becoming the primary driver of innovation, competitiveness, and societal resilience, with global economic potential estimated to reach up to USD 12.6 trillion by 2030. Yet the dominant digital model remains highly centralized, dominated by a small number of global platforms. While this concentration creates efficiency, it also generates dependencies, lock-in effects, and systemic risks that run counter to Europe’s ambitions for autonomy and resilience.
Digital sovereignty can no longer remain an abstract political aspiration for Europe. It must become a concept that engineers, lawyers, and managers can apply to their daily operations. In other words, sovereignty must be translated into architecture, processes, and code.
This operational perspective reflects the eco Association’s broader position on digital trust, where infrastructure, governance, and workable policy form the foundation for trust at scale, as discussed by Alexander Rabe in his article Digital Trust Is Built on Infrastructure, Governance, and Clear Policy.
From "ego-systems" to ecosystems
The current platform model has achieved significant scale, but it is becoming increasingly difficult to collaborate with it. Proprietary interfaces, opaque governance structures, and unilateral rule-setting discourage organizations from sharing data or building joint services. When one provider captures the majority of the value, it creates a scenario where other providers may be reluctant to invest in collaborative efforts. The result is an "ego-system" that is optimized for individual dominance rather than collective innovation.
A federated ecosystem operates on a fundamentally different logic. This perspective aligns with eco’s understanding of digital sovereignty as the ability to act and choose strategically rather than isolate, a perspective examined in more detail by Philipp Ehmann in Building European Digital Sovereignty.
Instead of centralizing data and control, federation enables independent partners to collaborate as equals under a shared governance framework. Each participant retains control over its data, infrastructure, and business model, while enjoying the advantages of interoperability and scale.
This vision is the foundation of Europe’s emerging cloud-edge continuum, the Super Cloud. Infrastructure initiatives can connect hyperscale clouds, regional providers, and edge devices into a single, sovereign network. But infrastructure alone does not create trust. What is missing is a practical layer that allows organizations to work together securely, legally, and efficiently. This is where FACIS comes in.
The FACIS user layer: Turning policy into operations
European regulation, from data protection to cybersecurity and artificial intelligence, expresses shared values. However, these values can be challenging to implement in practice due to the complexity of the systems involved. Legal requirements are written for humans, while digital systems operate on machine logic. FACIS addresses this gap by implementing a “law as code” approach that makes European rules executable.
FACIS develops practical tools.
- Federation Architecture Patterns (FAPs) provide standardized, reusable blueprints for building federated services. Instead of designing complex architectures from scratch, organizations can rely on proven construction plans that define roles, interfaces, and trust relationships.
- Machine-readable service level agreements replace static, text-based contracts with structured, JSON-based templates. These agreements can be monitored automatically, ensuring that service guarantees, compliance obligations, and responsibilities are transparent and enforceable across multiple providers.
- Digital contracting and identity integration are key to automating trust. By linking digital contracts to European digital identity mechanisms, FACIS facilitates legally binding, cross-border agreements without lengthy manual processes. Identity verification and signatures become an integral part of the technical workflow, not an external formality.
Collectively, these elements form a user layer that makes federation usable for businesses, public administrations, and research organizations.
Pairing European values with practical tools
The FACIS project was designed with a clear conviction: European values and policy goals can only be effectively implemented when they are integrated directly into technical and contractual mechanisms. Operational accountability at the service level is a key component of a comprehensive public oversight and enforcement framework, which includes complaint mechanisms and supervisory authorities, as Alexandra Koch-Skiba discusses in her article on digital trust and user protection. Abstract principles do not scale. Standardized tools do.
How FACIS operationalizes European values with practical tools - click here for more details
Digital sovereignty and accountability → SLA Governance Framework (Taxonomy and Playbook)
While the concept of digital sovereignty is frequently associated with data location, its true essence lies in agency and accountability. Organizations must be able to choose partners freely and understand who is responsible for what in complex service chains. FACIS addresses this through a shared SLA Taxonomy that creates a common language across technical, legal, and business teams. The accompanying SLA Governance Playbook translates sovereign requirements into concrete, measurable obligations and assigns clear ownership, preventing responsibility gaps and blame chains in multi-provider environments.
Trust and legal recognition → Digital Contracting Service with European digital identity integration
Federated ecosystems cannot rely on personal trust networks; they simply do not scale. FACIS replaces informal trust with technical trust by automating contract creation, negotiation, and signature. By integrating European digital identity mechanisms, identity verification and legally binding signatures become part of the workflow. The result is a secure digital handshake that works across borders and jurisdictions.
Interoperability and openness → Federation Architecture Patterns (FAPs)
Interoperability is not an accident; it is a deliberate and intentional aspect of design. FACIS provides federation architecture patterns as reusable construction plans that define roles, interfaces, and trust relationships. These patterns are built on open standards and open-source components, which prevent vendor lock-in and allow participants to inspect, adapt, and extend the architecture as their needs evolve.
Data protection and regulatory compliance → Machine-readable SLAs
Compliance obligations are too important to remain buried in PDF documents. FACIS translates requirements from GDPR, NIS2, and related frameworks into machine-readable service objectives. Breach notification timelines, data location commitments, and security controls become technically enforceable parameters that can be monitored in real time rather than audited after the fact.
Fairness and inclusion → Low-code orchestration tools
If federation is to become Europe’s default model, it must be accessible beyond large enterprises. FACIS lowers the barrier to entry through low-code orchestration that allows organizations with limited resources to design and manage federated services. This approach enables small and medium-sized enterprises to participate on equal terms, reducing their reliance on hyperscale platforms.
Image generated by Gemini (Jan. 2026)
Real-world validation: Towards cloud roaming
The long-term vision behind FACIS is what can be described as “cloud roaming.” Just as cell phone users can move seamlessly across national networks within the European Union, digital services should be able to move across providers and borders without compromising trust, security, or compliance.
A recent proof of concept in the aviation industry demonstrates the potential of this technology. The concept involves aircraft serving as flying edge devices, securely exchanging real-time data with airlines, airports, and manufacturers. Federation enables the secure sharing of sensitive operational data among authorized entities without relinquishing control to a central platform. The result is greater efficiency, resilience, and safety.
Operational trust between providers represents one layer of digital trust, while user-facing protection, reporting structures, and enforcement remain essential once services reach the public. This perspective is explored more deeply in Strengthening Digital Trust in Europe by Alexandra Koch-Skiba.
The mindset shift Europe needs
These technical achievements reflect a deeper transformation outlined in the recent white paper on the mindset shift from centralized platforms to federation. The paper identifies structural shortcomings of today’s platform economy, including market concentration, vendor lock-in, and systemic resilience risks.
Federation offers an alternative model built on decentralized control, collaboration among equals, and neutral governance. Trust no longer depends on personal relationships, but on technical safeguards, digital identities, and transparent rules. Digital sovereignty is redefined as the practical ability to choose partners, technologies, and infrastructures freely.
A call to action: Get involved with FACIS
If Europe is serious about digital sovereignty, industry leaders must move beyond abstract alignment and start contributing to shared building blocks. FACIS is deliberately open and participatory, and there are several concrete ways to get involved.
- Organizations can apply and test FACIS tools by using federation architecture patterns, machine-readable SLAs, and digital contracting components in real projects later in 2026. Practical implementation feedback is essential to ensure these tools work under operational pressure.
- They can contribute requirements and use cases, particularly from regulated sectors such as critical infrastructures, manufacturing, mobility, and public administration. These inputs help refine SLA taxonomies, contract templates, and governance models so they reflect real-world constraints.
- Industry experts can participate in working groups and technical discussions, shaping how European values are encoded into standards, APIs, and reference implementations. Federation only works if those who operate digital services help define the rules.
- Finally, organizations can engage in demonstrations, pilots, and open-source contributions, strengthening the ecosystem and accelerating adoption across borders and sectors.
Europe is already investing heavily in digital infrastructure. The next step is to ensure that control, value creation, and trust remain with those who invest and innovate. FACIS is not a finished product; it is an invitation to co-build Europe’s federated digital future. The time for observation has passed. The time for participation is now.
📚 Citation:
Weiss, Andreas (January 2026). How FACIS Codifies European Sovereignty for AI. dotmagazine. https://www.dotmagazine.online/issues/digital-trust-policy/how-facis-is-codifying-european-sovereignty-for-the-ai-era
Andreas Weiss is Managing Director of eco – Association of the Internet Industry. He has been with the association since 1998 and headed the E-Commerce and Logistics Competence Group and later the E-Business Group. Since 2010, he has been Director of EuroCloud Deutschland_eco e.V. and since 2019 a member of the board of Trusted Cloud, where he has been responsible for the association's cloud activities. Weiss is also involved in projects related to artificial intelligence, data protection and the GDPR, as well as the security and compliance of digital services in eco's Digital Business Models division.
Andreas Weiss is involved in a number of initiatives related to designing digital ecosystems, applying sovereign digital identities, and building AI operating structures with cloud and edge concepts, all with a focus on supporting the EU's ability to shape digital innovations and processes.
He started his freelance software development career in 1984 while still studying natural sciences. He coordinated international projects in service management for Hewlett-Packard and worldwide installation services for Sun Microsystems servers.
FAQ
What does digital sovereignty mean in the context of FACIS?
In the FACIS context, digital sovereignty refers to the ability of organizations to act strategically and retain control within federated digital ecosystems.
It emphasizes accountability, interoperability, and enforceable governance rather than isolation.
Why does FACIS focus on federation instead of centralized platforms?
Federation allows independent actors to collaborate under shared rules while retaining control over their data and infrastructure.
This model reduces lock-in risks and supports resilience across complex service chains.
How does FACIS translate European regulation into practice?
FACIS applies a “law as code” approach by embedding regulatory requirements into machine-readable contracts and technical architectures.
This makes compliance enforceable and monitorable at runtime.
What role do machine-readable SLAs play in FACIS?
Machine-readable SLAs turn legal and policy obligations into structured, enforceable service parameters.
They enable transparency, accountability, and real-time monitoring across multiple providers.
How does FACIS support trust in cross-border digital ecosystems?
FACIS integrates digital contracting with European digital identity mechanisms, enabling legally binding agreements and automated trust workflows across jurisdictions.
Who can participate in the FACIS ecosystem?
FACIS is designed to be accessible to large enterprises, public administrations, and smaller organizations.
Low-code tools and open standards lower barriers to participation in federated services.
