The French strategy to move away from proprietary solutions is an industrial-scale operation, the centrepiece of which is the systemic dismantling of the Vendor Lock-in mechanism. Two key institutions are responsible for the architecture of this process: The Interministerial Directorate for Digitalisation (DINUM) and the National Agency for the Security of Information Systems (ANSSI). The manifesto they have developed is not limited to replacing Windows; it is a deep reconstruction of the entire state technology stack, based on full control of the source code.
At the core of this change are eight technical pillars to be implemented across all ministries by autumn 2026. The most prominent element is the operating systems layer. Although the directive does not impose one particular Linux distribution, it forces ministries to move out of the Microsoft monoculture. This deliberate flexibility allows the environment to be adapted to specific sectoral requirements – such as in defence or health – while maintaining the common denominator of an open standard.
A key implementation tool is La Suite Numérique. It is a proprietary ecosystem of productivity tools that has already covered more than 600,000 officials in its test phase. It includes:
- Tchap: an encrypted end-to-end communicator based on the Matrix protocol.
- Visio: a videoconferencing system using the Jitsi open code.
- Euro-Office: a sovereign office suite developed in European cooperation.
The choice of open source solutions here is not dictated solely by optimising licence costs. In the DINUM documentation, security is defined by ‘auditability’. Full code transparency allows French services to independently verify systems for the presence of vulnerabilities and undocumented functions (backdoors), which is impossible with closed source systems.
An important element of the French manifesto is the infrastructure layer. The state rejects the model of hosting data in the public clouds of US hyperscalers in favour of national solutions such as Outscale (Dassault Systèmes). With SecNumCloud certification, this infrastructure is legally and technically isolated from the influence of non-European jurisdictions, eliminating the risks associated with, for example, the US CLOUD Act.
To summarise the first stage of the transformation: France is redefining the concept of modern administration. Instead of a passive subscription to off-the-shelf products, the state is opting for a model of investing in the development of its own competences and the maintenance of systems over which it has full control. This approach puts an end to a situation in which the evolution of administrative tools, their price and operational risks are dictated by the business strategy of an external, foreign provider.
The geopolitical trigger, or Trump and the “Data Cold War”
France’s decision on systemic migration was not made in a technological vacuum, but is a direct reaction to the abrupt change in the balance of power on the Washington-Brussels axis between 2024 and 2025. The return of Donald Trump’s administration brought not only trade protectionism and tariffs, but above all regulatory unpredictability, which became an unacceptable risk for European public institutions. In this context, software has ceased to be regarded as an office tool and has become a strategic resource subject to a ‘digital tariff war’.
A key argument for abandoning US ecosystems has become a jurisdictional issue. Existing US laws, including the CLOUD Act, give US services theoretical and practical insight into data processed by homegrown corporations, regardless of the physical location of the servers. For France, which has been promoting a data sovereignty strategy since late 2024, keeping critical infrastructure on Microsoft or Azure solutions has become a structural weakness.
The ‘spirit of Munich’ is often invoked in the public debate. – the Bavarian capital’s high-profile but ultimately unsuccessful attempt to switch to Linux almost two decades ago. However, analysts point out that 2026 is a very different technological reality. Why is the project likely to succeed this time?
1 Maturity of the ecosystem: Today’s desktop Linux is stable and ready for the mass user, as evidenced by successful deployments in smaller government agencies across the EU.
2 Cloud architecture and SaaS: Most critical administrative applications have moved to the browser. The operating system has become merely an ‘access layer’, dramatically reducing the compatibility issues that buried the Munich project.
3 Containerisation and OpenStack: Modern virtualisation standards allow specific software to be isolated and run independently of the host, which solves the problem of so-called legacy software.
The effects of this shift can already be seen in the market data. The dominance of US cloud providers (85% of the EU market) is starting to get a real bite from local players. Companies such as Scaleway have seen record increases in the number of institutional customers in 2025. This is no coincidence – European players are actively seeking asylum from US jurisdiction.
It is estimated that spending on sovereign cloud infrastructure in Europe will more than triple, reaching a ceiling of €23 billion in 2027. France, by initiating this move, is positioning itself as the leader of a new digital order in which control over the algorithm and data is as important as control over physical borders. This appears to be the beginning of a ‘digital chill’ in which Europe chooses technological autarky as the only way to maintain political agility.
The Polish perspective: Between a national ‘Office’ and the trauma of major deployments
In February 2026, the Polish debate on digital sovereignty ceased to be theoretical. The Central Informatics Centre (COI) announced a plan to build a national office suite to break the dictates of Microsoft. This is in response to data from a report by the Instrat Foundation at the end of 2025, which exposed the scale of the vendor lock-in phenomenon in Poland: as much as 99% of public procurement of office software favours Redmond products. This phenomenon has ceased to be a technical problem and has become an economic barrier – when licence costs rise, the administration, trapped in closed standards, has no real escape route.
The Polish attempt is chasing French radicalism, but in Poland political optimism is clashing with historic business scepticism. The main inhibitor is trauma, of which the ZUS Comprehensive Information System (KSI ZUS) remains a symbol. Since the maintenance of a single system was able to consume PLN 2.8 billion over a six-year cycle, the IT industry is rightly asking whether the state is ready to build an ecosystem from scratch capable of competing with Microsoft 365. There is a real risk that the ‘national alternative’, rather than saving money, will generate a new billion-dollar ‘bottomless pit’.
The key argument of the COI is that the structure of spending has changed. In the subscription model, capital goes directly to the US. Moving to open source solutions (LibreOffice, Nextcloud, OnlyOffice) does not mean that the system will be ‘free’, but it radically changes the Total Cost of Ownership (TCO):
- Instead of licences – services: Funds are redirected to local integrators for implementation, support and training.
- Investment in staff: the need to build strong in-country support teams instead of relying on the manufacturer’s external SLA.
- Hardware longevity: Open source software allows older workstations to last longer, which fits in with the sustainability policy.
The impetus that cut off discussions about the ‘convenience’ of the interface was an incident in May 2025, when the Attorney General of the International Criminal Court in The Hague temporarily lost access to Microsoft mail. It became clear to Warsaw that the SaaS (Software as a Service) model was not only about convenience, but also about exposure to US extraterritorial law (CLOUD Act).
However, Poland does not have to build the wheel ‘from scratch’. An opportunity for the COI is its role as an integrator of European standards, such as the German openDesk or the French La Suite Numérique. If the national suite is built on the basis of transparent public-private partnerships and not locked inside a single institution, it could become a flywheel for the domestic IT sector. After all, true sovereignty is not about using software because it is ‘national’, but about the ability to freely choose technology that does not make the state hostage to a single supplier.
Global impact and redefinition of the relationship with Big Tech
The French retreat from the Windows ecosystem is forcing a fundamental shift in the business strategy of global technology corporations. For decades, a model based on closed software and a monopolistic position on desktops has been the foundation of Microsoft’s stable public sector revenues. The Paris decision, backed by specific timeframes and budgets, ends the unconditional acceptance of the terms dictated by Redmond vendors.
The main impact for Microsoft and other giants (Google, AWS) is the loss not only of financial revenue – one country’s administration is a fraction of global revenue – but of its status as the ‘default standard’. If France proves that the modern state can operate on the basis of a proprietary technology stack (La Suite Numérique) and open systems, the ‘Vendor Lock-in’ model may begin to crumble in other regions of the world, from the European Union countries to the BRICS group countries also seeking technological emancipation.
Projected changes in Big Tech strategies:
- Forced transparency: Microsoft, in order to save its position in Europe, will be forced to offer so-called sovereign clouds with a much higher degree of transparency of source code and data location. Already we are seeing attempts to create partnerships (e.g. the Bleu project in France) that are supposed to be an ‘acceptable compromise’ between US technology and European security requirements.
- Shifting front on AI: As the operating system becomes a commodity, artificial intelligence models are the new battleground for dominance. The success of the French Mistral AI shows that Europe is taking the ‘open weights’ route, which stands in contrast to the closed ecosystems of OpenAI or Google.
- Consolidation of the European IT market: The French push is stimulating demand for the services of local infrastructure providers (OVHcloud, Scaleway, Dassault Systèmes). The estimated increase in sovereign cloud spending to €23 billion in 2027 represents capital that will be invested in European innovation instead of funding US R&D.
States will increasingly require the full auditability of software as a condition for admission to public procurement. As a result, technology giants will face a choice: either comply with sovereignty requirements and open up their systems to external scrutiny, or be pushed out of the most sensitive sectors of government.
The replacement of the dashboard layer in France is only the visible apex of change. Underneath is a deep reconfiguration of financial and decision-making flows. If this model proves effective, Microsoft could lose its role as the ‘operating system of states’, becoming just one of many providers in a pluralistic, open ecosystem.
Sovereignty as an investment, not a political cost
While the upfront costs of migrating 2.5 million civil servants to open source solutions are significant, they should be seen in the category of an investment in the national technology ecosystem rather than a one-off operational expense. Unlike the subscription model, where capital irretrievably leaves the local market, funds invested in the development of solutions such as La Suite Numérique build sustainable developer and infrastructure competencies within the state.
A key factor for success in 2026 is to move away from thinking of the operating system as an isolated island. France is proving that sovereignty is built in layers: from open code on desktops, to certified cloud (SecNumCloud), to independent AI models (Mistral). This approach solves the dilemma faced by previous projects – changing from Windows alone to Linux while remaining in the Microsoft or Google cloud would only be a facade change. Only control of the entire technology stack provides real resilience to geopolitical pressures and changes in the pricing policies of global corporations.
Lessons for Poland and decision-makers in the CEE region:
1 Audit of dependencies: The Polish administration needs to move beyond the role of a passive consumer of licences. A sound TCO (Total Cost of Ownership) analysis over a decade is required, taking into account the risk of sudden increases in subscription prices and the potential benefits of developing in-house tools.
2 Building an alternative pathway: The French example shows that migration does not have to be abrupt, but must be planned. Poland needs its own ‘plan B’ – an open source toolkit that can be implemented in parallel to proprietary systems, reducing the degree of dependency (so-called vendor lock-in).
3 Regional cooperation:*Digital sovereignty on the scale of one medium-sized country is difficult to achieve. An opportunity for Poland is active participation in projects such as the Euro-Office or a common European cloud, which will allow R&D costs to be spread over many member states.
Continuing to remain in Microsoft’s ‘licence well’ is a short-sighted strategy. And although full digital sovereignty is a utopia, moves to give more choice and independence from one key supplier are seen as necessary, especially in a tense geopolitical situation.
