On June 5, 2026, Dutch Minister for the Digital Economy and Sovereignty Willemijn Aerdts framed a national "digital emergency kit" as the household-level answer to a country she says is over-dependent on a handful of American technology providers. The goal is concrete: citizens and government agencies should be able to function for 72 hours through a nationwide digital disruption — an internet outage, a downed mobile network, or a collapse of digital payments. The framing folds two very different policy questions into one announcement. The first — preparedness — is sensible and overdue. The second — "sovereignty" as de-Americanisation — is where proportionality starts to fray.
The case for the kit is strong
Start with the strongest version of the government's argument, because it is a good one. Modern Dutch life runs on always-on connectivity, and the failure modes are no longer hypothetical. Aerdts is the same minister who, on May 26, 2026, blocked US firm Kyndryl's acquisition of Solvinity — the cloud provider that operates DigiD, the identity system Dutch residents use to reach public services — citing a "risk to the public interest" (TechCrunch). Whatever one thinks of that intervention, it illustrates the underlying worry: single points of failure in critical digital infrastructure.
The preparedness layer answers that worry cheaply and without coercing anyone. It sits inside the existing Denk Vooruit ("Think Ahead") campaign, launched in November 2025 and coordinated by the National Coordinator for Security and Counterterrorism, which already tells residents to be ready to manage "without water, power, or internet for 72 hours" and explicitly names "a major blackout or cyberattack that takes down cash machines, the internet, or mobile networks" (Dutch Digital Government). The same campaign reports that only about 30% of residents consider themselves prepared. Closing that gap with leaflets, backup contact lists, some cash, and a battery radio is the definition of proportionate: low cost, no rights trade-offs, and it hardens society against shocks regardless of their cause.
The real shutdown risk is political, not infrastructural
Here the evidence cuts in an inconvenient direction for the "foreign dependence" framing. The overwhelming majority of internet shutdowns worldwide are not accidents of brittle private infrastructure — they are deliberate acts by governments. Access Now's #KeepItOn coalition documented 296 shutdowns across 54 countries in 2024, a record, with conflict and protests as the leading triggers (Access Now). The Electronic Frontier Foundation, writing in May 2026, counted 14 ongoing shutdowns at the time and tied them to repression — including Iran's January 2026 blackout, during which authorities reportedly executed hundreds of dissidents under cover of darkness (EFF).
That matters for the Netherlands in two ways. First, the country's actual exposure is to outages, cyberattacks, and physical accidents — not to a state-ordered kill switch — so the honest resilience answer is redundancy (multiple carriers, offline payment fallbacks, mesh and satellite options, mandated drills) rather than swapping the nationality of the vendor. Second, the tools that help citizens survive a shutdown — circumvention software, decentralised communications, the open internet — are exactly what an over-controlling state tends to restrict. A resilience agenda worth the name should be widening those options, not narrowing them.
Sovereignty-as-autarky is the part to watch
The weaker move is the slide from "more choice" to "buy European." Aerdts's stated remedy — that Dutch software "should no longer come from a single country, but from various European players" — is reasonable as a diversification goal and worrying as an industrial mandate. Diversification adds resilience; substitution-by-decree subtracts it. The Netherlands is already one of the EU's top-ranked states for connectivity, with market-led deployment targeting 1 Gbps and full 5G coverage by 2030 (European Commission). That progress came from open competition, not procurement nationalism.
The genuine grievance behind the sovereignty push — that the US CLOUD Act lets American authorities reach data held by US firms abroad — is real and legitimate. But the proportionate fixes are legal and technical: confidential and client-side encryption, EU-controlled key management, contractual and sovereign-cloud guarantees, and pressure for a durable transatlantic data framework. Those reduce the actual risk (foreign legal reach over data) without throwing away the price, security, and innovation gains that come from buying the best tools on a global market. Blocking acquisitions and steering public spending toward home-region vendors raises costs, fragments the single market, and — by shrinking the menu of suppliers — can leave the Netherlands less able to route around a failure, not more.
A clean split
The right read of June 5 is to separate the two announcements. The digital emergency kit deserves applause and faster rollout: it is cheap insurance that respects citizens' autonomy and prepares for the disruptions that genuinely threaten an advanced economy. The sovereignty agenda deserves scrutiny on its own terms, judged not by how European the supply chain looks but by whether each measure actually reduces concrete risk at a cost worth paying. Resilience is the goal. Autarky is a tax dressed up as one.