In an unstable political context where the Digital portfolio has already changed holders four times, the exercise could have been nothing more than an agreed passage before the Economic Affairs Committee. However, it turned out to be more informative than expected.
Behind the presentation by Anne Le Hénanff, Minister responsible for Digital and Artificial Intelligence, of a strategy organized into four pillars (digital foundations, support for supply, regulation and protection of citizens) the deputies gradually shifted the center of gravity of the session. Not towards a debate of intentions, which are widely shared, but towards a testing of their robustness in the face of technical, legal, industrial and political constraints.
Three fault lines thus structured the exchanges, revealing what it now means to govern digital technology.
Sovereignty put to the test of extraterritoriality
From the introduction, the minister establishes the framework: sovereignty no longer means self-sufficiency, but the ability to choose, qualify, secure and govern. Data centers located in France, SecNumCloud qualification, public procurement oriented towards trusted offers constitute the central instruments of this approach. It is precisely this definition that is contested throughout the hearing.
All sensitivities combined, the deputies bring the debate back to a more frontal area. Aurélien Lopez-Ligori (National Rally) directly questions the value of trust labels when infrastructures are based on technologies or capital subject to extraterritorial laws. In his eyes, sovereignty cannot be compatible with persistent legal dependence on American executives.
Geographic location is no longer enough. Can a data center located in France, financed by foreign capital or operated with uncontrolled technological bricks, still be considered sovereign?
The minister’s response is constant: distinguish the investor from the operator and think by levels of protection and risks. Sovereignty then becomes a continuum, and not a binary status.
This approach, assumed to be pragmatic, nevertheless produces an immediate political effect: it shifts responsibility towards users and public buyers. It’s up to them to decide on the right level of qualification, in the right place, for the right data. Sovereignty is no longer an absolute guaranteed by the State, but a conditional architecture, dependent on technical and contractual arbitrations.
Strategy versus execution
The second point of tension is less ideological, but more formidable: that of implementation.
On paper, the tools exist: transposition of NIS2 via the Resilience law, SREN law, cybersecurity benchmarks, anti-fraud filter, platform supervision, digital public order doctrine. But, within the commission, the questions converge towards the same irritant: decrees are missing, timetables remain unclear, operational capacities are slow to materialize.
The case of article 31 of the SREN law crystallizes this tension. Designed as a strategic lock to define sovereignty criteria, particularly capital-related, applicable to clouds hosting sensitive State data, it is still awaiting its implementing decree. Here again, Aurélien Lopez-Ligori reminds us that sovereignty is less about intentions than about the capacity to produce enforceable standards.
The minister announces an imminent publication. This is one of the rare moments in the audition where a concrete deliverable seems within reach.
Same logic for the anti-fraud filter: the principle is established, the urgency recognized, but the designated operator and human resources are still the subject of arbitration. Sovereignty is played out here in administrative details: budget lines, available skills, decision-making chains. The difficulty is no longer to legislate, but to maintain the pace of execution in the face of rapid, global and technically integrated private actors.
Citizen confidence in real uses
The third lesson from this hearing relates to the societal field and undoubtedly constitutes the most politically sensitive area.
Deepfakes of a sexual nature, training of AI on content collected by default, massive scams, early exposure of minors to screens and platforms: the deputies are moving the debate towards the digital experience of citizens.
On this ground, Lisa Belluco (Les Écologues) warns of the concrete effects of digital technology on children and education, pointing out a persistent tension between speeches of protection and industrial logic at work in EdTech. For his part, Karim Ben Brahim (Socialists) broadens the focus to everyday infrastructures, warning of the planned extinction of 2G and 3G networks and its potential consequences on critical security and assistance services.
Where the strategy highlights infrastructure and competitiveness, the questions relate to consent, protection and the real capacity of the State to enforce the rules.
The minister invokes an existing legal arsenal (GDPR, DSA, criminal law) and a logic of immediate reaction: referrals, withdrawals of content, possible sanctions. It is also based on reports and texts in preparation, outlining a progressive trajectory.
But the discomfort remains. The framework exists, yet it is constantly tested, circumvented, pushed back by the platforms. The issue is no longer just normative, it is systemic: how to impose design constraints, explicit consent mechanisms and clear responsibilities on systems designed for scale and speed?
On the protection of minors and the fight against scams, there is broad consensus on the urgency. What is still lacking is evidence of impact and visible deterrent tools. Here again, the strategy comes up against the test of the field.
What the hearing reveals, beyond the exchanges
Despite perceptible excitement among several speakers, including the minister, this hearing shows that digital technology is no longer treated as one sector among others, but as a fragmented sovereign field, at the crossroads of issues of sovereignty, security, competitiveness and social trust.
The minister defends a coherent line: reducing dependencies rather than promising total independence; govern through qualification, public procurement and the European framework; assume a graduated, equipped, pragmatic sovereignty.
The deputies ask a more political question, now central: how far is the state willing to go to regain controlincluding when this involves giving up certain industrial facilities or dominant partnerships?
