Digital Sovereignty – Trust in the Internet of People, Places and Things

“In God we trust. All others must bring data.”

— W. Edwards Deming

The transformation of industry and society is leading to the proliferation of “digital twins”— i.e., virtual representations of physical objects. As this technology impacts more of our day-to-day life, it becomes increasingly important to trust the data that lies at the heart of these virtual objects. Governments will inevitably be forced to adapt to a new reality of what it means to maintain sovereignty in a digitally transformed world. The first step is exercising authority and control over the digital threads that connect people, places and things.

1. Technology

The next wave of computing places the user at the center of a new type of experience where digital and the physical realities converge. Users interact with these environments via “low-friction” interfaces where the path from thought to action is as short and intuitive as possible. This enables the user to remain completely present in the real world while attention is focused on digital experiences. Inward-facing sensors gather data about the user’s physiology, non-verbal behavior and attention and contextualize this data for a variety of uses. Outward-facing sensors capture “geo-specific” data from the user’s physical world. As immersive computing provides new modes of social interaction between people and places, digitalization also continues to transform enterprises, industries and the things they create. Collectively, these digital transformations are resulting in the proliferation of virtual representations of physical objects in our society— i.e., “digital twins” of people, places and things.

2. Policy

As human-centric computing scales and transforms industry and society, governments will be forced to adapt to the new realities of maintaining sovereignty in the interest of national security and the common good. These policies will seek to ensure an ordered, value-driven, regulated and secure digitally enhanced society. These policies will inevitably focus on the integrity of digital twins as they move across environments. This is known as the “digital thread,” which is the bundle of standards and requirements that maintain the integrity of data that feed digital twins. Stated another way, the digital transformation of society will require sovereigns to adopt policies that ensure the integrity of the digital threads that connect people, places and things.

3. Law

These challenges have already led to laws addressing surveillance, censorship, filtering, data localization and intellectual property, as well as regulations to prevent disinformation and to protect privacy. Concerns regarding digital sovereignty will continue to manifest though proposals for data localization that restricts the storage, movement and/or processing of data to specific jurisdictions. To maintain authority for digitized people, places and things within its borders, the digital sovereign may eventually be forced to delegate some measure of responsibility and accountability to private actors for maintaining trust in digital threads.

4. Governance

Governance within a digitally transformed society requires the formal exercise of authority and control at multiple levels. To maintain the integrity of the digital threads that connect people, places and things, sovereigns will have no choice but to impose standards and requirements on the platforms that enable digital twins at scale. Organizations will need a legally defensible governance model for establishing and maintaining trust so that digital societies can safely leverage sensitive data that enable new capabilities while mitigating foreseeable risks. This need will increase as the boundaries between the physical and digital worlds blur.

For Next Time

The human-centric extension of digital reality requires that technology move from the periphery (e.g., off the desktop and out of the palm) to the user’s body. This is necessary to interpret users’ actions, augment users’ senses and provide a holistic digital view of the user’s experience in the physical world. Inward-facing sensors will gather data about the user’s physiology, non-verbal behavior, attention and arousal and contextualize this data for a variety of uses. This biometric data will eventually enable digital profiles of individuals on a level of detail we are only beginning to understand. This data will inevitably be gathered on platforms where users interact with virtual representations of each other, resulting in an “Internet of People.” At the same time, outward-facing sensors will capture geo-specific data from the user’s physical world. This data will also be collected and processed on platforms, establishing an “Internet of Places” that makes the geometry, semantics and context of the world machine-readable in real time. The user’s experience will eventually be curated by Artificial Intelligence (AI) that understands both the physical environment based on wearable sensor data and the user’s intentions based on what is learns from the user interface. This will allow the AI to present options tailored to the user’s specific needs at that moment. As Artificial Intelligence contextualizes biometric data to understand individual’s intentions in larger populations and platforms generate spatial computing capabilities to digitally enhance user experiences in larger communities, we may eventually achieve human-centric computing at a global scale— i.e., the “Metaverse”. For the purposes of this paper, I refer to “Digital Sovereignty” as the ability to establish and enforce policy in such environments.

Share this post

Mark Milone

Mark Milone

Mark Milone is an attorney and data strategist who establishes governance programs at large, global companies. As a subject matter expert in data strategy, he partners with clients to accelerate speed to value through effective data management. As an attorney, he advises on matters relating to cyber security, privacy and intellectual property. These two practices provide Mark with a unique, holistic view of data and data-driven organizations. Mark enjoys writing about the intersection of technology, law and public policy and he wrote the first comprehensive book on cyber law titled Information Security Law: Control of Digital Assets (Law Journal Press, 2006). Mark can be reached at, or

scroll to top