Digital sovereignty isn't the same thing as digital isolation. Asia's governments should be careful | Fortune

Asia-Pacific governments are increasingly asserting control over data produced by their citizens, businesses, and public bodies. Geopolitical uncertainty, the rise of AI, and worries over foreign tech dependence have convinced many regulators that data is a core national asset.

And, as with physical items, they think the best way to secure that data is to keep it within their jurisdiction.

But that belief is based on a flawed assumption: that sovereignty is defined by where a server physically sits, rather than by who controls access to the data.

Regulators exercise digital sovereignty in many different ways.

South Korea’s Cloud Security Assurance Program (CSAP) requires public agencies to procure cloud services that store data locally, use domestically developed encryption algorithms, and have management and operations personnel reside in Korea.