From Policy to Production: Inside UN Open Source Week and the OpenInfra Path to True Digital Sovereignty

By Kendall Nelson on 07/09/2026

Awesome. The word is often thrown around for things that don't really deserve it, but being at the UN Open Source Week alongside representatives from over a hundred countries was the literal definition of awesome. Walking the floor and listening to global delegates, public sector leaders, and community maintainers, it became incredibly clear that we are living through a massive structural shift being driven by not just AI, but also digital sovereignty.

Digital sovereignty is no longer just an abstract, high level ideal or a luxury line item for a rainy day. It is a baseline national security concern and a prerequisite for choice and resilience. As the representative from Tanzania beautifully put it: "When we open our solutions, we multiply them." But how do we actually make that happen? If there was one major takeaway from the week, it’s that we have to move past the high level policy talk. Governments and member states are hungry for digitally sovereign, open source based reference architectures. They are ready to bring back control by working directly with open source communities, and that is exactly why the OpenInfra community has been busy putting together two brand new whitepapers that are going live today.

But first, a few highlights from UN Open Source week: 

1. AI is Not Fit for the Real World (Yet)

We have to be careful of overestimating the value of AI in its current state. The reality check during day 3 of the event was sober and necessary. Current commercial LLMs are great at language and processing discrete sequences of symbols but that is entirely because there’s an exact, finite number of options for what comes next.

But the real world doesn't live in discrete symbols. Think about video or real world physical environments—there’s an infinite number of options for what’s in the next frame. For AI to actually work in critical infrastructure, it needs to start from a comprehensive world model and be given an action to guess what comes next. But how can we hope to have a data set that large when there is so much fragmentation and a lot of proprietary data sets being so tightly controlled? 

Beyond the technical limits, sustainability and environmental impacts, the massive concentration of AI power in a limited handful of countries is a huge geopolitical risk and also a risk of extinction (lack of examples of different cultures, training in different languages, all of that could be lost if not represented in the data being used to train the LLMs). True sovereignty means you cannot be locked into an economy of tokens for a particular AI tool, and it absolutely cannot depend on someone else's terms of service. We have to start asking the tough questions:

  • Which models can use our data?
  • Can we move our workloads seamlessly and replace the models entirely while everything keeps working?
  • What happens if commercial or political alignments shift?

If your architecture leaves you trapped when a vendor changes their terms, that isn't sovereignty. The goal has to be simple: bring the AI to the data instead of the data to the AI.

2. Redefining Sovereignty: Interoperability over Isolation

A major theme throughout the event was that real sovereignty does not mean isolation. This isn't about technical isolationism, and open source alone doesn’t automatically guarantee sovereignty. Sovereignty is about having the institutional capacity to govern the systems your country depends on, and, ultimately, it’s about having the structural capacity to make the decision to change.

Interoperability is a fundamental condition for freedom. You should be able to replace a system component without having to rebuild your entire service from scratch. Openness needs to happen across the whole system which means establishing that open standards = open source.

As consumers and operators, we need to hold vendors accountable to emerging standards (e.g. Model Context Protocol (MCP)) to ensure real interoperability while avoiding vendor lock-in. Interoperability is the ‘ultimate antidote’, as it was put during the event, to the highly interconnected nature of our industry and the reliance on a small number of providers. By requiring interoperability, it opens the door to more organizations providing similar services.

3. Treating Open Source as an Ecosystem, Not a Supply Chain

For a long time, the corporate world treated open source software like a commercial supply chain where you use the code for free and give nothing back. The Sovereign Tech Agency and global maintainers during Monday’s Maintain-a-thon day offered a fantastic correction to this mental model: open source has accidentally become the underpinning of the entire world. It is a delicate ecosystem, not a supply chain, and resilience and innovation come from treating it that way and organizations have to be active participants in the ecosystem instead of passive users.

Right now, that delicate ecosystem is under immense pressure. The explosion of unverified, AI generated code, automated pull requests, and flood of vulnerability reports is actively threatening human maintainer capacity, pulling core developers away from critical architecture and mentorship. We have to remember that "community over code" matters, and we cannot rely on charity for it all. We must invest.

The speed at which vulnerabilities are discovered and exploited is faster than any single organization can keep up with. Even a tech giant with ten thousand engineers cannot match the global mindshare in open source and the security that comes with that. Because the world runs on open source, public infrastructure should be publicly maintained. Governments are recognizing this. Ireland, for instance, has a clear plan for 2030 in this space, and there's a growing realization that we need public investment, private interest, and the community all working together to build a healthy future and ensure open sovereign AI.

Conclusion: Multiplying Solutions Together

The challenges of the coming decade are going to be securing global infrastructure against fast moving vulnerabilities, keeping human maintainers from burning out under AI noise, and guaranteeing true digital autonomy. None of which can be solved by an individual organization or a single country working in isolation. Even with a huge staff of engineers, no single organization can be completely unequivalent to the global mindshare of open source.

Every organization needs someone within that is committed to open source and is willing to lead the charge internally. By choosing open source systematically and leaning into deep cooperation, we can ensure a stable, fair, and trustworthy foundation for global innovation, not just for the AI era we are figuring out now, but for whatever is to come ten, fifty or one hundred years in the future.

On that note, we encourage you to read and share these new whitepapers put together through collaboration in the OpenInfra community. Look at the reference architecture, understand the requirements to be digitally sovereign, and join the OpenInfra community in building a responsive, reliable, and truly open future.