The Compass without North: How the NFP-77 Synthesis Report Relegates Digital Sovereignty to the Epilogue

Blog (EN)

clarus.news | Analysis | June 4, 2026

Thirty million francs, five years, 46 research projects: The synthesis report of the National Research Programme "Digital Transformation" (NFP 77), published in May 2026, claims to be a "compass" for politics, administration and business. Yet on the key digital policy question of 2026 – dependence on American and Chinese hyperscalers, the Cloud Act, digital sovereignty – the report provides no direction. It names Google, Amazon and Microsoft, but only in the epilogue, as developments "beyond the scope of the programme". Precisely those NFP-77 projects on which the ongoing Swiss sovereignty debate is based – the democracy factory, hospital digitisation – lie in the middle of the report. They were simply misclassified.

What the report is – and what it claims to be

The mandate dates back to 2017: The Federal Council commissioned the Swiss National Science Foundation to research digital transformation in three fields – Education and Learning, Trustworthiness and Governance (democratic institutions and media), and Economy and Labour Market. The Federal Council approved the programme concept in September 2018, funding of 30 million francs ran until December 2024, with research conducted between 2020 and 2025.

From 46 projects, the internationally composed steering group under Abraham Bernstein distils twelve impulses: four cross-modular and eight module-specific ones. The report explicitly understands itself as "evidence-based orientation" and a "compass" to ensure that digital transformation proceeds in a manner that is "socially just, democratically legitimised and economically productive". It must be measured against this self-proclaimed standard.

Sovereignty, squeezed between epilogue and glossary

Anyone searching the report for the pressing issues of 2026 finds a clear pattern. The term digital sovereignty appears substantively exactly once: in the epilogue, section 5.1, on page 47. There it states that concerns regarding Switzerland's digital sovereignty have grown – due to the "dominance of large technology corporations outside Europe". Only here are the corporations named: Google, Amazon, Microsoft, Meta, Apple in the US, Baidu, Alibaba, Tencent, Xiaomi, Huawei in China.

The Cloud Act – the US law that triggered the Swiss sovereignty dispute over health and administrative data in the first place – does not appear a single time in the entire 64-page report. Neither does the word "hyperscaler". And the naming of the corporations occurs with the explicit caveat that these developments go "beyond the scope of the five-year programme".

This is the first contradiction. A report that presents itself as a compass banishes the one cardinal direction in which Switzerland is currently losing its orientation to the afterword and declares it outside the scope. Digital sovereignty does not appear as an impulse, not as a design approach, not as a recommendation for action – but as a footnote to contemporary history.

The tools were ready – they were not used

The reproach would be cheap if the report had no conceptual means for the topic. It has them – and only applies them elsewhere.

First, impulse 9 provides perhaps the sharpest tool: The report adopts from NFP-77 philosophical research (Budnik) the principle that one should not "trust" technology, but judge it according to reliability and controllability. Trust is a concept for social relationships, not for machines. This is precisely the sovereignty argument in pure form: Can Switzerland control a provider? For a US corporation under Cloud Act access, the answer is no. The report applies the criterion – but only to diagnostic algorithms in clinical practice, never to the infrastructure providers on which the entire administration depends. The measuring instrument was there; the measurement of the greatest dependency was omitted.

Second, the report knows the lock-in problem – and quarantines it. Impulse 7 recommends "strategic investments in open-source and compatible technologies" to reduce "risks of obsolescence and restrictions associated with property rights". This is exactly the logic with which Matthias Stürmer demands a source code escrow test in the dispute over Epic and DigiSanté and with which National Councillor Gerhard Andrey justifies the army's Microsoft replacement. Only: In the report, this logic applies solely to EdTech school software. It is never elevated to an infrastructure maxim, although the argument is identical for office suites, cloud platforms and clinical information systems.

Third, impulse 4 explicitly worries about the "growing power of private platforms". But the report's response is narrow: mandatory data access for research and a DSA-like law on communication platforms. Platform power is treated as a research data access problem – not as a question of who controls the state's infrastructure.

Healthcare: the right evidence, filed incorrectly

The missed connection is most evident where the report possesses its own Swiss evidence. The NFP-77 project Digi-Care (Bürkle et al.) is cited several times: In healthcare, "fragmented systems and usability problems" hindered smooth information exchange; well-integrated hospital systems reduced patient-critical incidents.

This is – word for word – the problem of the electronic patient record and DigiSanté. Family doctor Sven Streit puts it succinctly in the NZZ: "We send PDF files by email. We have no standards." The report had the empirical finding in hand. However, it filed it under co-creation (impulse 1) and human-machine interaction (impulse 3) – as a question of participatory design and user-friendliness. The actual diagnosis, which the Federal Audit Office has coined with the formula "implementation responsibility without enforcement competence", is missing. The report describes the symptom at the micro-level of the hospital and overlooks the governance level where federalism undermines the sovereignty claim.

Participation: half the truth

The report possesses its strongest material on the topic of participation – and here too it stops halfway. Impulse 8 relies on the Democracy Factory (Gianola, Bächtiger) and on experiments in participatory budgeting (Hänggli, Helbing): Participation can increase legitimacy and fairness of digital processes.

This is the empirical foundation of two arguments that clarus.news has already documented. Federal Chancellor Viktor Rossi interprets the narrow E-ID approval of 2025 as trust gained through demonstrability and federal pilot projects – and explicitly refers to the Democracy Factory. Andrey, in turn, invokes the sociocratic consent model with which "organised Switzerland" pushed through the E-ID. The report provides evidence that this path works – but does not link it to the concrete sovereignty and procurement battles in which participation made the difference. It remains abstract and warns that participation is "resource-intensive" and should only be used "in selected cases".

What does not appear at all

The gaps are as revealing as the impulses. Not covered are: the Cloud Act; the procurement dependence of the federal administration on Microsoft 365 and US hyperscalers; vendor lock-in at infrastructure level; the core tension between federal standards and cantonal procurement autonomy (the report only knows the cantonal level as a governance and participation space, not as procurement power); the geopolitical supply chain risk of software; and the missing enforcement competence, which is the actual EFC issue.

It is also noteworthy that in section 5.3, the steering group explicitly refrains from proposing future research directions. For a compass that explicitly claims to provide orientation to decision-makers, this is a striking self-limitation – especially where the report itself has identified the sovereignty gap.

Conclusion: a compass that does not speak of the storm

In fairness: The mandate of NFP 77 was set in 2017/2018, before the sovereignty shock. Infrastructure policy was never in the tender, and a synthesis report can only summarise what 46 completed projects have researched. The steering group notes that broader considerations belong to democratic processes, not to science.

But the report itself claims to have adapted its questions "as far as possible to major global changes" – it has done this for the pandemic and for generative AI. It names the sovereignty shock specifically, but as the only one does not operationalise it. This is no longer a mandate boundary, but a choice.

Thus the synthesis report repeats at the scientific level exactly that movement which clarus.news has diagnosed in the Federal Chancellor: celebrate open source where it is harmless – in school software, in the Apertus language model –, mention the structural problem in passing and then not tackle it. Andrey was right: The "bigger box" is not technology, but governance. The NFP-77 synthesis report confirms this thesis – through its silence. An internationally composed steering group has delivered a compass that works everywhere, except where Switzerland is looking for direction today.

Key findings

  • The NFP-77 synthesis report (May 2026, 30 million francs, 46 projects, 12 impulses) claims to be a "compass" for digital transformation.
  • Sovereignty appears substantively only in the epilogue (5.1, p. 47) and is declared there to be outside the programme framework; hyperscalers are named exclusively there; the Cloud Act does not appear at all.
  • The report possesses the concepts (controllability instead of trust, lock-in avoidance through open source), but only applies them to AI artefacts and EdTech – never to the infrastructure dependence of the administration.
  • Swiss evidence on hospital fragmentation (Digi-Care) is filed as a usability and co-creation problem, not as the standards and governance failure that slows down EPR and DigiSanté.
  • The findings on the Democracy Factory and participatory budgeting support the thesis of Rossi and Andrey, but remain disconnected from concrete sovereignty struggles in the report.

Critical questions

  1. On what evidence base does the report name hyperscaler dominance in the epilogue when none of the 46 NFP-77 projects examined infrastructure dependence – does the finding come from the programme or does it import it from the WEF risk report (reference 69)?
  2. How reliable is a synthesis report declared as a "compass" that readjusts for pandemic and GenAI but alone does not translate the self-named sovereignty shock into an impulse?
  3. Does the composition of the predominantly non-Swiss, SNF-financed steering group play a role in the restraint on a politically charged federal procurement topic – or is the "out-of-scope" classification solely due to the 2018 mandate boundary?
  4. Is the missing sovereignty recommendation causally a consequence of the 2018 mandate or an editorial decision, since the report according to its own statement adapted its questions to global changes?
  5. What would change if one consistently applied the report's own criterion "controllability instead of trust" (impulse 9) to US cloud providers under Cloud Act access instead of only to medical AI?
  6. Why does the lock-in warning (open source, "restrictions associated with property rights") apply only to EdTech and not to office suites, cloud platforms and clinical information systems, where dependence is incomparably greater?
  7. Should the report not have necessarily linked the hospital evidence from Digi-Care with the EFC finding "implementation responsibility without enforcement competence" instead of framing it as a user-friendliness question?
  8. What risk does the explicit renunciation of the steering group (5.3) to name future research directions pose for a programme that itself describes the sovereignty gap as growing?

References

Primary source:

  • NFP 77 Steering Group (2026): Education, Trustworthiness and Labour Market in Digital Transformation – Insights and Considerations from the National Research Programme "Digital Transformation" (NFP 77). Swiss National Science Foundation, Bern. ISBN 978-3-907087-83-1, DOI 10.46446/Publikation_nfp77.2026.1.de – nfp77.ch

Supplementary clarus.news analyses:

  1. clarus.news: "Digitalisation and federalism – is that even possible? How patient records, DigiSanté and 26 cantons undermine Switzerland's sovereignty claim", 01.06.2026 – clarus.news
  2. clarus.news: "Federal Chancellor Rossi talks about levers – and overlooks the biggest one: Open Source", 31.03.2026 – clarus.news
  3. clarus.news: "E-ID vote and digital trust: Federal Chancellor Rossi on governance in transformation", 04.06.2026 – clarus.news
  4. clarus.news: "Digital sovereignty: France tackles the bigger box", 14.04.2026 – clarus.news

Verification status: ✓ 2026-06-04

This text was created with the support of an AI model. Editorial responsibility: clarus.news | Fact-checking: 2026-06-04

Tags: #NFP77 #DigitalSovereignty #CloudAct #Hyperscaler #OpenSource #DigiSanté #EPR #DemocracyFactory #Governance #SNF #EFC #GerhardAndrey #ViktorRossi

Zurück zur Übersicht