European-based SUSE devoted much of the annual SUSECON event to its sovereignty-focused pitch – even as reports swirl that its majority stakeholder is exploring a $6 billion sale which could land the Linux vendor in American hands.
In March, Swedish private equity biz EQT – which spun out SUSE from US group Micro Focus in 2018 for $2.5 billion – reportedly commissioned Arma Partners to examine the open source provider’s options. This is still at the early stages, but any sale to a US buyer would put a dent in SUSE’s European digital sovereignty credentials.
The Register asked SUSE CEO Dirk-Peter van Leeuwen at SUSECON what sovereignty means given the potential acquisition.
“SUSE, in its nature, is a European company. We are registered in Europe, everything is in Europe. If we get acquired by another shareholder, even if the shareholder would be American, we are still a European company with shareholders in America. But we are operating according to European laws. That’s all I can say about it other than it’s all speculation.”
Digital sovereignty is not a new notion but since the Trump administration returned to power in January last year, generating trade and geopolitical turbulence with its allies, European enterprises have accelerated efforts to reduce their dependence on US big tech.
The wrinkle for SUSE is that a sale to US owners would complicate its narrative considerably: American corporations can be compelled under the US CLOUD Act to hand over customer data held on servers located anywhere in the world.
SUSE’s Global Head of Sovereign Solutions, Andreas Prins – formerly CEO of StackState, which SUSE acquired in 2024 – acknowledged the nuance. “We’re a European company, but our customers are global customers, and that’s super important.”
He sees a meaningful difference in how US and European customers frame the problem. American customers, he says, focus on data security: who owns it, who has access, who controls the keys. Europeans, by contrast, are preoccupied with the vendor relationship itself – the contract, the jurisdiction, the question of who can ultimately reach in.
SUSE hammered home its Europeanness repeatedly throughout the event. The Reg lost count of how many times various company reps made the point. The company is surfing a genuine wave of interest in digital and AI sovereignty, even as countries and regions diverge on what sovereignty actually means in practice.
As regulations pile up, SUSE’s CTO Dr. Thomas Di Giacomo offered a weary quip in a briefing: “I’d rather have less!”
The scale of interest is real. In a survey of 309 IT leaders from countries including the US and Japan, SUSE found that 98 percent were prioritizing digital sovereignty, with more than half taking action, be that developing a strategy or having one in place.
Prins is clear that a wholesale exodus from the hyperscalers is highly unlikely. “We’ve seen that 70 percent of the respondents across the globe believe that the hyperscaler is part of the solution.”
What SUSE does see is a trend towards local workloads – though Prins is quick to add that this remains a small slice of what already runs in the cloud.
“We’re not saying that we will see an exodus of the hyperscaler in any region, and therefore hyperscalers die, right? I don’t believe that, not at all,” said Prins.
“What is much more interesting is the trend: how do people actually, from a strategic perspective, make a much more evaluated risk on how they … move away? So the trend we see is that they start to rank … their applications from a business criticality perspective, and say, hey, the most mission critical ones, let’s reassess where they need to be operated.”
Chip off the old block
SUSE is a software company, but hardware looms over any serious sovereignty conversation. Europe is relatively well-positioned in software; a truly sovereign hardware stack remains a distant prospect.
“Hardware is slightly different,” acknowledged Prins, “There’s a whole movement going on with regards to chip designs, and the more open, you could argue, the better it is.”
His view is that software carries the greater sovereignty risk. “If it’s an open source software and open architecture that runs there, technically speaking, everyone can pick it up until the chip physically breaks down and doesn’t do the job.
“What SUSE does is we try to certify on as much standards as possible. And if you take a look at datacenter providers, they will be stupid if they don’t have a variety of technologies in the rack, like the dual-vendor strategy we see happening in the software space. Yeah, if I [were to] host a datacenter, I [would] want to do similar from a hardware perspective.” ®