Digital sovereignty is becoming a key criterion for deploying AI in regulated sectors, opening a strategic opportunity for European digital trust players.
For too long, digital sovereignty has been a theoretical debate. It existed, but had little weight compared to other trade-offs, notably the performance of the tools or their cost. The Internet, then the cloud, and more recently AI, have imposed themselves without thought on their ecosystem, establishing a lasting dependence on large American platforms like Microsoft, Amazon, Google and now OpenAI or Anthropic.
This overly pragmatic, perhaps naive, vision is evolving. The geopolitical context, the concentration of critical technologies and the rise of issues linked to data, an essential resource for AI and a determinant of competitive advantage, have profoundly changed the perception of risk. Sovereignty is no longer limited to a principle, it becomes an operational criterion. A shift that is still incomplete, but now tangible, to which the European AI Act also contributes, by laying the foundations for a more regulated use of artificial intelligence.
From theory to practice: sovereignty overtaken by reality
In the speeches, the desire to reduce dependence on foreign actors is widely shared. Companies and institutions alike are showing a growing preference for European solutions like Mistral AI.
In practice and like initiatives that remained short-lived, such as the “anti-Huawei” law on 5G, the reality remains more nuanced. The most efficient, most accessible and most integrated tools remain predominantly American. Sovereignty often remains relegated to the background, arbitrated on a case-by-case basis.
It only really becomes non-negotiable in the most sensitive environments. Defense, health, critical data: in these sectors, the priority question is no longer that of performance, but that of control. The Health Data Hub migration project to SecNumCloud labeled solutions is a recent illustration of this.
AI hits a wall: that of trust
This tension between tool performance and sovereignty requirements is particularly visible with artificial intelligence. Although uses are spreading rapidly, large-scale deployment remains limited in regulated sectors. According to the study “The State of Enterprise AI and Modern Data Architecture”, 74% of companies identify security and compliance as major obstacles to the adoption of AI in production. At the same time, the global cost of cybercrime could reach $10.5 trillion per year, the equivalent of the world’s third-largest economy.
The main obstacle to the controlled deployment of AI in companies is a persistent mistrust. First on the reliability of the models, in progress but still perceived as difficult to audit. Then on security, with serious concerns around the circulation of data. Finally, on sovereignty, in a context where the dominant infrastructures and models remain largely foreign.
These limits are reflected very concretely. Some organizations are restricting access to AI tools, while others are seeing unregulated uses emerge. The paradox is there: AI is already used, but it is not yet fully mastered.
In sectors such as health, where AI is already well established, particularly in image recognition or diagnostic assistance, uses linked to generative or agentic AI are only just emerging. The startup Parallel has just raised $20 million to deploy AI agents in hospitals, particularly for billing. An emblematic case of a market still under construction.
Regulated sectors, new laboratories of digital trust
The health sector is not an isolated case. Other highly regulated fields, such as the legal professions (notaries, lawyers, accountants, etc.), are faced with the same limits: AI cannot be deployed there according to the same logic as in less constrained environments.
These activities constitute a testing ground for AI where digital trust is a prerequisite. We are not talking here only about performance or productivity gains. It is a question of legal reliability, traceability of decisions, responsibility of stakeholders and compliance with regulatory frameworks.
It is precisely in these constrained environments that a new generation of AI is emerging.
This context thus opens up an opportunity. As trust becomes a condition of use, a new technological layer emerges, focused on the security, governance and control of AI systems. Cybersecurity of agents, identity management, control of data flows, more sovereign hosting: these bricks, still fragmented, respond to a very concrete need, that of supervising powerful technologies in constrained environments.
A strategic window for Europe, still fragile
Investments are starting to be structured around these issues. In France, the “Trust Tech” sector is progressing despite a generally declining venture capital market. The average size of rounds has increased from around 7 to 15 million euros in two years, with players like GitGuardian, Stoïk and Tomorro. These dynamics still remain dispersed, but they reflect an awareness: the value will not be located only in the models themselves.
After a first phase focused on models, then on infrastructures, a new layer is gradually imposed. One that makes it possible to make artificial intelligence usable in operational contexts, while guaranteeing its reliability, traceability and security. In other words, by making it deployable.
This shift is part of a broader movement. Artificial intelligence is finally seen as a strategic issue. As with nuclear power in its time, the United States has taken a decisive lead, but Europe is trying to structure a response. The signals are there: players like Mistral AI or AMI Labs have managed to raise several hundred million euros, a level that was still unthinkable a few years ago in France.
There remains a structural limit. If Europe manages to bring out players, it still struggles to compete with American financing power and to support these companies over the long term. The question is no longer just about launching initiatives, but about staying in the race. This is the space where the next phase of the market is playing out. Not by marginally improving the performance of models, but by making their use possible in demanding environments. And, this also implies, in the coming years, making digital trust one of the main areas of technological investment.
