From Compliance to Digital Sovereignty

About the Event

A panel webinar that asks a question Europe has been circling for years and is now being forced to answer: when regulatory compliance and genuine digital sovereignty pull in different directions, which wins — and who decides?

The format is deliberately fast and debate-oriented. Each of the five speakers takes five minutes to make their argument, then the floor opens for structured discussion moderated by Gaëlle Le Gars and Rob van Kranenburg. No slide decks. No prepared keynotes. Just a room of people who know this territory deeply, disagreeing in a productive way.

The discussion spans law, technology infrastructure, IoT governance, and the geopolitics of data — with an underlying question about what “sovereignty” even means in a world built on interconnected, US-and-China-dominated infrastructure layers. With Vint Cerf, one of the architects of the internet itself, on the panel, this is not an abstract policy conversation.

Organised by Internet of Things Gent, hosted by Rob van Kranenburg.

The Debate

At what moment of the digital journey are we, and what is intrinsic to the internal dynamics of the internet and the Internet of Things?
What balance can be built between legislation and network effects?
Do different regions show different levels of strategic agency? Does the EU’s regulatory approach produce sovereignty or dependency?
Are the economic benefits of AI being invested in better infrastructure? Can we steer development away from humanoid robots toward physical AI that heals energy grids, water systems, and connectivity?
What does global governance look like from here? What have we learned from the web and IoT?
What will privacy and security look like in ten years? Will identity be handled at the chip or OS level? How do we operationalise ethical guidelines?

Speakers

Vinton Cerf Panellist

Vice President & Chief Internet Evangelist — Google · Co-inventor of TCP/IP

Vint Cerf is one of the people most directly responsible for the internet existing at all. In the early 1970s, he and Bob Kahn co-designed TCP/IP — the foundational protocol suite that allows different computer networks to communicate with each other and that underpins every networked device on the planet today. For this work, he and Kahn received the Turing Award (2004), the Presidential Medal of Freedom (2005), and the National Medal of Technology.

Since 2005 he has served as Vice President and Chief Internet Evangelist at Google, where his role is broadly about the future of the internet — its technical evolution, governance, accessibility, and the policy frameworks that surround it. He is a long-standing advocate for multi-stakeholder internet governance, has testified extensively before legislatures on internet policy, and is active in disability rights advocacy, in part motivated by his own experience with hearing loss.

His presence on this panel is significant: Cerf helped design a network that deliberately had no central authority, no sovereignty, and no built-in governance. The question of what “digital sovereignty” means for a system designed to route around control is one he is uniquely positioned to interrogate.

Internet Governance TCP/IP Digital Infrastructure Policy Accessibility

🌐 Wikipedia Google Research

Sophie Stalla-Bourdillon Panellist

Co-Director, Brussels Privacy Hub — Brussels Privacy Hub & University of Southampton (Visiting Professor) · Previously: Immuta

Sophie Stalla-Bourdillon works at the interface of law and technology, with a particular focus on data protection, privacy regulation, and the governance of AI systems. She is Co-Director of the Brussels Privacy Hub — an independent academic research centre at the Vrije Universiteit Brussel dedicated to privacy and data protection research at the EU level — and holds a visiting professorship at the University of Southampton.

Before her current roles she was at Immuta, a data security and access control platform, where she worked on the practical implementation of privacy principles in data infrastructure. Her work bridges the gap between what the law says and what technical systems actually do — a gap that is particularly acute in the AI Act and GDPR landscape, where legal obligations must be operationalised in real software systems by engineers who are not lawyers.

Privacy Law Data Protection GDPR AI Governance LawTech

🌐 Brussels Privacy Hub

Gérald Santucci Panellist

President, European Education New Society Association (ENSA) — Former Head of Unit “Knowledge Sharing” and “Networked Enterprise & RFID”, European Commission DG CONNECT (2006–2016)

Gérald Santucci brings a decade of seniority inside the European Commission to this panel. As Head of Unit at DG CONNECT — the Directorate-General for Communications Networks, Content and Technology — he oversaw both the “Networked Enterprise & RFID” unit (2006–2012), which dealt with early Internet of Things policy and RFID regulation in Europe, and the “Knowledge Sharing” unit (2012–2016).

He understands the machinery of European digital regulation from the inside: how directives are drafted, where industry lobbying shapes the text, and the gap between legislative intent and practical enforcement. Now working through ENSA on education and digital society, he brings a post-institutional perspective on what the EU’s decade of digital legislation has actually achieved — and what it has not.

EU Digital Policy IoT Governance European Commission RFID / Connected Devices

Rob Tiffany Panellist

Research Director, IoT & Digital Twins — IDC · Previously: Ericsson, Hitachi, Microsoft

Rob Tiffany is a Research Director at IDC, the global technology market research firm, where he specialises in cloud infrastructure, IoT, and Digital Twin strategies. He brings an unusually long view of connected systems: he held executive leadership positions at Ericsson (telecommunications infrastructure), Hitachi (industrial IoT), and Microsoft (enterprise cloud and IoT platforms) before moving to analyst work.

His lens on this panel is infrastructure-first. Digital sovereignty is not just about law or policy — it is about who owns and controls the physical and logical layers that data traverses: the cloud providers, the network equipment vendors, the chip manufacturers. The EU can legislate data residency and processing rules, but if the hyperscalers running that infrastructure are headquartered in Seattle and the network hardware is assembled in Shenzhen, the sovereignty question becomes structural.

Tiffany also hosts the IoT Coffee Talk Show, a regular podcast on connected systems and industrial AI.

IoT Digital Twins Cloud Infrastructure Industrial AI Analyst

in LinkedIn

Elena Japundžić Panellist

Legal technologist & FOSS advocate

Elena Japundžić brings a legal background combined with long-term engagement in the Free and Open Source Software (FOSS) community. She works as a “bridge” between technical and legal worlds — helping translate between the language of software development and the language of regulation, rights, and compliance.

Her perspective on the sovereignty debate is grounded in open infrastructure: if digital sovereignty is the goal, then dependence on proprietary platforms controlled by non-EU entities is structurally at odds with it. Open-source software, open standards, and community governance are not just technical choices — they are political ones. This tension between the EU’s stated sovereignty ambitions and its continued procurement of US-headquartered cloud services is a thread she is well-placed to pull on.

Legal Tech Open Source FOSS Digital Rights

Rob van Kranenburg Moderator & Host

Founder, IoT Council · Host, Internet of Things Gent

Rob van Kranenburg is one of Europe’s most persistent thinkers on Internet of Things governance and the social implications of connected infrastructure. He is the founder of the IoT Council and the organiser behind the Internet of Things Gent meetup community. His work has long argued that IoT is not primarily a technology question but a governance one — about who controls the data, the devices, and the decisions that flow from them in everyday environments.

IoT Governance Community Organiser Digital Policy

IoT Gent Meetup

Gaëlle Le Gars Moderator

Co-moderator of the panel alongside Rob van Kranenburg.

Topics

Digital Sovereignty ↗

Digital sovereignty is the idea that a state, organisation, or individual should have meaningful control over the digital systems, data, and infrastructure they depend on. For the EU, this has become a geopolitical priority: European data processed by US cloud providers is subject to US law, including surveillance authorities like CLOUD Act requests. EU citizens' data routed through transatlantic cables, stored on AWS, Azure, or Google Cloud, and indexed by US-headquartered companies sits in a legal grey zone that GDPR cannot fully resolve. The EU’s response — GAIA-X cloud initiative, data residency mandates, the Data Governance Act — has produced significant friction with industry and mixed practical results. Meanwhile China pursues a very different model: sovereign infrastructure under explicit state control. The question for Europe is whether its third-way regulatory approach produces actual sovereignty or just compliant dependency.

Regulatory Compliance vs. Competitive Reality ↗

Europe leads the world in data protection regulation — GDPR, the AI Act, the Data Act, the Digital Services Act, the Digital Markets Act. The compliance burden for organisations operating in Europe is substantial and growing. The argument for this approach is that it protects citizens and sets global standards. The argument against is that it creates structural disadvantages for European companies competing against US and Chinese platforms that operate at scale under lighter regulatory regimes, and that compliance cost becomes a moat protecting incumbents rather than enabling new entrants. The tradeoff this panel examines is not whether regulation is good or bad — it is whether the specific form European regulation has taken produces the sovereignty it promises, or whether sovereignty requires something more fundamental: European-owned infrastructure, European-funded compute, and European-controlled protocol layers.

Internet of Things and Governance at the Edge ↗

The Internet of Things — billions of connected sensors, cameras, industrial controllers, medical devices, smart meters, and consumer gadgets — generates data at a scale and intimacy that makes earlier privacy debates look simple. IoT devices in homes know when you wake up, in hospitals they monitor vital signs, in factories they log every step of a production process. Who owns that data, who can access it, under what legal authority, and what happens when the device manufacturer goes bankrupt or gets acquired by a foreign entity, are governance questions that most current regulation has not adequately answered. The EU’s Cyber Resilience Act and upcoming IoT-specific legislation are attempts to address this, but the fundamental problem — that IoT devices are deployed for decades while their security and governance assumptions have shelf lives of months — remains unsolved.

Internet Governance ↗

The internet was designed without a central authority. The protocols are maintained by open standards bodies (IETF, W3C), the domain name system by ICANN (a US-incorporated non-profit under historical US oversight), and the physical infrastructure by a mix of private telecoms and hyperscalers. For most of the internet’s history this worked well enough. The rise of platform monopolies, state-level censorship and surveillance, AI-generated content at scale, and geopolitical fragmentation has put that informal governance model under severe stress. The debate about “internet fragmentation” — or “splinternet” — is no longer academic. Vint Cerf, who helped design the original architecture, has been consistent in opposing fragmentation while acknowledging that the internet’s original assumptions about the good faith of all participants were wrong.

Event Details

Date: Monday, 6 April 2026

Time: 16:00 – 17:00 CEST

Format: Panel webinar — 5-minute opening statements per speaker, then open debate

Location: Online (link visible after registration)

Organiser: Internet of Things Gent

Event type: Panel / Webinar

Target audience: Anyone working in or thinking about digital policy, IoT, privacy law, cloud infrastructure, or the politics of technology.

Attend

Price Free

Format Online webinar

Registration Required — link sent on signup

↗ Register on Meetup

Organised by

Internet of Things Gent

A Ghent-based community focused on Internet of Things, connectivity, governance, and the social and political implications of connected infrastructure. Founded and hosted by Rob van Kranenburg, one of Europe’s leading voices on IoT governance. The group brings together practitioners, policymakers, legal thinkers, and engineers — 4.6 stars across 75 reviews.

↗ meetup.com/internetofthings

IoT Council

The IoT Council is Rob van Kranenburg’s broader initiative for thinking about Internet of Things policy, standards, and governance at a European and global level. It connects researchers, policymakers and technologists working on the societal implications of connected devices — not just the technology, but the power structures it creates.

↗ theiotcouncil.eu