The emergence of a European terroir for software

If an International Criminal Court judge can be cut off from the global banking system by executive order, so can you. And "where your software lives" is no longer just a privacy preference.

In January 2026, Trump threatened 25% tariffs on eight European countries unless Denmark ceded Greenland. The EU began discussing activation of its "anti-coercion instrument"-a tool it had never used. The same week, French ICC judge Nicolas Guillou, sanctioned by the US, explained to Le Monde what it means to be "effectively blacklisted by much of the world's banking system": he was doing his job; a foreign power decided he could no longer pay his bills.^[1]

I ran a script on my password manager the same week. A majority of my logins depend on Gmail. About 5% are critical: bank, taxes, domain. One suspended Google account and I'm locked out of my own identity. This was my version of letting it break on purpose-running the test before the crisis forced it. Bernard Stiegler would call the result proletarianization: "the loss of knowledge-savoir-faire, savoir-vivre, and theoretical knowledge-through its exteriorization in machines."^[2] I'd externalized my digital sovereignty to Google and lost the knowledge of how to operate without it.

My first instinct was to start a migration, my second to imagine how we can avoid getting into that trap. Both instincts lead to a question: if not US software, then where? And by looking at alternatives I started to realize how much geopolitics is affecting how software is built.

TikTok is the most vivid example. We already knew that TikTok and its Chinese counterpart Douyin were different products-different algorithms, different data collection, different content moderation.^[3] Same brand, different product. But now TikTok in the US is even more different. Since January 2026, TikTok US operates as a joint venture: Oracle, Silver Lake, and others hold the majority; ByteDance keeps ~20% and licenses the algorithm, which is being retrained on US-only data.^[4] Within days, users reported politically charged content moderation-throttling of ICE-critical posts, blocks on certain terms in DMs, a prominent Palestinian journalist banned then partially restored-and California launched an investigation into possible censorship of content critical of the president.^[5] A peer-reviewed study had already found that TikTok's algorithm showed measurable partisan asymmetry during the 2024 US election.^[6] Same app; different jurisdiction, different ownership, different product.

Same brand, same category, different product, shaped by where it's built and who controls it. That pattern reminded me of something from a completely different world: the idea of terroir.

In winemaking, terroir is the way local conditions (soil, climate, altitude, tradition) shape what gets produced. The same grape variety produces different wines in Burgundy and Napa. Software has terroir too: the same category produces different products depending on where it's built and where it runs. Chinese tech has lived under different rules for decades (state-backed super-apps, party oversight, the Great Firewall). Africa's mobile money infrastructure (M-Pesa, Orange Money) was shaped by the absence of traditional banking. Latin America's fintechs (Nubank, Mercado Pago) grew from bank-led regulation and mobile-first populations. India's UPI handles 15 billion transactions per month as public infrastructure. These are all terroirs. None of them are news.

What's news is the emergence of a European terroir for software: an alternative to US dominance that is already there and still forming, shaped by geopolitics, legal frameworks, culture, and a growing recognition that "where your software lives" is an operational requirement, not a preference. Google's search market share is higher in Europe (~91%) than in the US (~88%);^[7] Monopolistic US tech dominates Europe more than it dominates America. The European terroir is the emergence worth pushing.

That emergence extends The Software Meal Tier System: craftsmanship is the first axis; terroir is the second, and it's taking shape.^[8] What follows, and what can builders do?

European software is emerging with distinct features

European-founded companies are producing world-class software across major categories. The breadth is the argument: this is not a privacy niche.

Privacy and security. Proton (Switzerland, founded by CERN scientists) built its entire platform on zero-access encryption where even Proton engineers cannot access user data: email, calendar, file storage, documents, all end-to-end encrypted under Swiss privacy law.^[9] Tuta (Germany) implements quantum-resistant encryption as default, not optional.^[10] Wire (Switzerland) provides encrypted communications using the MLS protocol, with all data under Swiss jurisdiction.^[11]

Infrastructure and cloud. Hetzner (Germany) delivers EU-only hosting with transparent pricing and no lock-in, certified ISO 27001.^[12] Scaleway (France) markets itself as "a European alternative to hyperscalers," with nine availability zones across three EU regions, AI GPU services, and 100% renewable energy.^[13] Infomaniak (Switzerland) guarantees that customer data never transfers to subsidiaries outside Europe, a commitment US-based providers cannot make under the CLOUD Act.^[14]

Open-source tools. Penpot (Spain) challenges Figma's dominance with an open-source design tool that expresses designs natively as CSS, SVG, and HTML: teams fully own their work and can self-host.^[15] Nextcloud (Germany) provides self-hosted file sync and collaboration as an alternative to Google Workspace, monetizing through support rather than data extraction.^[16] Odoo (Belgium) offers modular open-source ERP competing with SAP and Oracle; the community edition is free forever, with thirteen million users choosing transparency over vendor lock-in.^[17]

AI. Mistral (France) releases open-weights models, allowing researchers and developers to audit, modify, and deploy without proprietary API dependency, a structural choice reflecting European open-source culture.^[18]

Communication. Matrix provides a federated communication protocol where organizations run their own servers while maintaining interoperability: no single company owns the network.^[19] Zulip offers open-source team chat with full self-hosting, avoiding the surveillance-driven models of proprietary platforms.

• Open source / open weights as default rather than closed-source moats. European companies monetize through support, hosting, and features, not data extraction or vendor lock-in.
• GDPR and DMA as product architecture, not compliance burden. Privacy-by-design, data portability, and encryption are foundational, not bolted on.
• Compliance-first design: on-prem options, EU hosting, self-hosting capability. Regulated industries (healthcare, finance, government) find European products architecturally aligned with their requirements.
• Different growth expectations. Sustainable growth and long-term customer relationships over blitzscaling and rapid exits. Odoo's thirteen million users came from methodical improvement, not aggressive burn.
• Deep engineering tradition. Europe's world-class engineering schools (ETH Zurich, Polytechnique, TU Munich, KTH, Delft, Imperial) and precision-engineering culture (from watchmaking to automotive to industrial machinery) shape software toward reliability over speed, correctness over growth hacks.

These characteristics aren't random. Jacques Ellul argued that technique-the totality of methods for achieving efficiency-follows its own autonomous logic: "Technique has become autonomous; it has fashioned an omnivorous world which obeys its own laws and which has renounced all tradition."^[20] US-terroir software follows technique's logic: efficiency demands data extraction, extraction funds scale, scale demands more extraction. European legal and cultural conditions-GDPR, open-source tradition, different growth expectations-create friction against that autonomy. The EU terroir is, in part, a resistance to technique.

Philosopher Yuk Hui gives this a theoretical frame. He argues there is no universal "technology": only technologies embedded in specific cosmologies:

"The globalization of technology is also the globalization of a particular cosmotechnics, that of the West."

• Yuk Hui, The Question Concerning Technology in China (2016)^[21]

Silicon Valley universalism assumes its approach is the only approach. The European terroir reveals that assumption as both culturally parochial and operationally risky.

Yes, but still US-dependent

These same companies run on AWS, raise from Andreessen Horowitz, write documentation in English, and benchmark against US products. The spectrum is the point:

• GitLab: Dutch and Ukrainian founders, open-source DevSecOps platform, now US-incorporated, headquartered in San Francisco. European DNA, US soil.
• ElevenLabs: UK/Polish engineering, world-class voice AI, funded heavily by Andreessen Horowitz and US VCs. European talent, American capital.
• Mistral: French, open weights, but the public API terminates TLS via Cloudflare and stores data on Azure. Sovereignty depends on how you use it.^[18:1]
• Wise: UK/Estonian, listed on the London Stock Exchange, but increasingly global, with regulatory scrutiny from UAE to UK over AML controls. European origin, global complexity.
• ClickHouse: Originally developed at Yandex (Russia), engineering relocated to Amsterdam, headquarters now in San Francisco. Which terroir is that?

"EU software" can mean mixed terroir. These companies sit on a spectrum from "fully European" to "European-founded but US-terroir." The label is not self-evident.

The dependency goes deeper than individual companies. A Rails monolith on AWS is technically transparent (you can read the code, fix bugs) but jurisdictionally opaque: your transparency stops at the edge of American law.^[22] Albert Borgmann called this the device paradigm: "The device paradigm is the tendency to see technology as the progressive availability of ever more sophisticated commodities concealed by ever more opaque machinery."^[23] Jurisdictional opacity is a form of the device paradigm. The commodity (email, hosting, compute) arrives seamlessly; the machinery (CLOUD Act, sanctions leverage, data flows to US intelligence) is deliberately concealed. Even "European" companies are often jurisdictionally American. A majority of European startups run on AWS, GitHub, Stripe, all US-incorporated, all subject to CLOUD Act. Convenient; also a single point of failure when the jurisdiction shifts.

Ivan Illich warned about "radical monopoly": when a type of tool becomes mandatory, not just a specific brand:

"A radical monopoly goes deeper than that of any one corporation or government. It can happen when tools are multiplied, and everyone is forced to use them."

• Ivan Illich, Tools for Conviviality (1973)^[24]

Two kinds of transparency matter here. Technological transparency: can you understand, inspect, and repair the tool? Jurisdictional transparency: can you see where decisions about your access are made, and are those decisions subject to laws you can influence? Jurisdiction alone doesn't guarantee conviviality-swapping AWS for Scaleway shifts the jurisdiction but not necessarily the relationship. The strongest European alternatives (Penpot, Nextcloud, Odoo, Mistral via open weights) pass both tests. Others pass one. The question is always both: where does it live? and can you see into it?

Shoshana Zuboff named the business model that drives US-terroir software: "Surveillance capitalism unilaterally claims human experience as free raw material for translation into behavioral data."^[25] Free services in exchange for behavioral data, ad-funded scale, "move fast and break things": this is the US terroir, and European companies still compete within it even when they reject its premises.

Who benefits from this dominance? US hyperscalers (AWS, Azure, GCP) generate switching costs and data gravity that make leaving expensive. US platform companies (Google, Stripe, GitHub) entrench dominance through network effects and ecosystem gravity. The US government gains extraterritorial reach through the CLOUD Act, FISA 702, and sanctions regimes. US VCs push European founders toward US incorporation and US infrastructure because regional fragmentation reduces addressable market.

This dominance isn't accidental-it's defended. US tech lobbies against interoperability mandates, right-to-repair legislation, and GDPR enforcement. Opacity has lobbyists.

Who should resist but doesn't? European startups, because AWS and Stripe are genuinely better products with more documentation and larger ecosystems-convenience lock-in is individually rational. European enterprise procurement, because nobody gets fired for buying Microsoft. European users, because migration friction is high and the threat feels abstract until it becomes personal-until the judge's story becomes yours.

Andrew Feenberg puts it in action terms:

"Technology is not a destiny but a scene of struggle."

• Andrew Feenberg, Questioning Technology (1999)^[26]

The struggle is no longer just between users and corporations. It's between jurisdictions.

Emergence as decoupling

The European terroir is emerging as a decoupling: not a clean break but a progressive separation driven by a virtuous circle:

Pressure (sanctions, CLOUD Act, geopolitical tension) creates demand for new tools (EU cloud, open-source alternatives, EU-hosted services). Migrations follow (companies and institutions switching). Competition intensifies (EU alternatives mature, attract users). That maturation creates more pressure (US platforms lose leverage, EU regulation strengthens). The cycle continues.

GDPR, DMA, and DSA are the legal terroir that shapes products even when the infrastructure is American, the regulatory pressure that starts the cycle. The EU's anti-coercion instrument is the political expression of the same decoupling. Each turn of the cycle makes the European terroir more distinct, more viable, and harder to reverse.

Langdon Winner put it bluntly: "What matters is not technology itself, but the social or economic system in which it is embedded."^[27] The system is changing. The embedding is shifting. The terroir is forming.

Building for a world of terroir

Builders face three strategic paths.

Cross craftsmanship with terroir and you get a matrix. In The Software Meal Tier System, the first axis runs from Microwave Meal to Michelin Star; the second is where the product is built and run.^[8:1]

For something like a productivity suite:

Tier	US terroir	EU terroir
Microwave Meal	Google Workspace (free tier)	US platforms dominate
Chain Restaurant	Microsoft 365, Notion	Infomaniak kSuite
Fine Dining	Linear	Filling up

The "EU Fine Dining" quadrant used to be mostly empty. I predict it will be filling up in the future. That's the opportunity.

Niche in your terroir. Own it; create a moat. Build software that is shaped by your terroir's conditions (GDPR-native, EU-hosted, open-source), the way a Burgundy winemaker doesn't try to make Napa wine. The terroir IS the differentiation. Add terroir to the checklist: not "is it good?" but "where does it live, and who can turn it off?" For the 5 to 10% of services that are critical (bank, taxes, domain, identity), prefer a jurisdiction you can live with. Scaleway or Hetzner instead of AWS; Codeberg instead of GitHub; Mollie instead of Stripe. Accept risk on the rest, but know the risk is there.

Build bridges. Create flexible, geofenced software that works across terroirs. Multi-region hosting, jurisdiction-aware data handling, configurable compliance. But risk complexity, or "smallest denominator" reduction of features. Trying to be all terroirs at once may mean being none.

Cross-pollinate. The most interesting path. French entrepreneurs returning from Silicon Valley carry US terroir knowledge (scale, growth mechanics, fundraising, speed) back into European soil (GDPR, open-source, compliance-first, engineering depth). The result is neither fully European nor fully American; it's a new blend.

That model works wonders in winemaking. Take Drouhin Oregon or Nicolas-Jay: winemakers, behind some of Burgundy's most sought-after domaines (Drouhin & Meo-Camuzet), planting French Pinot Noir in Oregon's soil. Burgundy knowledge, Oregon soil—shaped by both terroirs. Software built by founders who've crossed terroirs carries that same hybrid character. It may be what makes the European terroir world-class rather than merely sovereign.

Conway's law applies here: "organizations which design systems are constrained to produce designs which are copies of the communication structures of those organizations."^[28] A European team will naturally build European-terroir software. A multinational team will build bridges. A team of terroir-crossers will build hybrids. The team structure is a product decision.

Every tool, every platform, every system we choose: Does it let me see into it, keep me hidden from it, and stay under a jurisdiction I can live with?

The French judge didn't choose to be cut off. He was doing his job. The same forces that make "where your software lives" a design question for you make it an existential one for him, and eventually for any of us when the geopolitical weather changes.

Jurisdiction is becoming terroir. The same grape; different soil, different wine, and in Europe, that vineyard is only now being planted. We get to choose whether to build in it.

---

1. Nicolas Guillou, cited in Le Monde / RFI coverage (January 2026). The EU's "anti-coercion instrument" allows retaliation against economic coercion; it had never been activated before the 2026 tariff threats. ↩︎

2. Bernard Stiegler, Automatic Society (2015), Introduction: "Proletarianization is the loss of knowledge-savoir-faire, savoir-vivre, and theoretical knowledge-through its exteriorization in machines." ↩︎

3. Citizen Lab, "TikTok and Douyin Explained": security and privacy analysis of TikTok vs. Douyin (data collection, content moderation, algorithm differences). https://citizenlab.ca/research/tiktok-vs-douyin-security-privacy-analysis/tiktok-and-douyin-explained/ ↩︎

4. TikTok USDS Joint Venture LLC announcement (January 2026). ByteDance retains 19.9% and licenses the algorithm; Oracle, Silver Lake, and MGX each hold 15%. https://newsroom.tiktok.com/announcement-from-the-new-tiktok-usds-joint-venture-llc ; see also ABC News, "TikTok finalizes deal to continue operating in the US" (2026). https://abcnews.go.com/Business/tiktok-finalizes-deal-operating-us/story?id=129475609 ↩︎

5. Post-acquisition content moderation reports: throttling of ICE-critical posts, "Epstein" blocked in DMs, Palestinian journalist Bisan Owda banned then partially restored; California Governor Newsom launched investigation into possible censorship. See Wikipedia, "Censorship by TikTok" and associated coverage. ↩︎

6. Peer-reviewed study finding Republican-conditioned accounts received ~11.8% more party-aligned content than Democratic-conditioned accounts on TikTok during the 2024 US election. arXiv 2501.17831 (2025). https://arxiv.org/html/2501.17831v1 ; see also Harvard Misinformation Review, "Toxic politics and TikTok engagement in the 2024 U.S. election." https://misinforeview.hks.harvard.edu/article/toxic-politics-and-tiktok-engagement-in-the-2024-u-s-election/ ↩︎

7. Google search market share: ~91% in Europe vs. ~88% in North America (StatCounter, January 2026). In specific European markets, penetration is even higher: UK 94.4%, Spain 95.7%, Italy 92.9%. Sources: StatCounter Global Stats; Search Endurance, "Search Engine Market Share For 2026." https://searchendurance.com/search-engine-market-share/ ; Alphametic, "Global Search Engine Market Share" (2025). https://alphametic.com/global-search-engine-market-share ↩︎

8. See The Software Meal Tier System for the craftsmanship axis (Microwave Meal to Michelin Star). ↩︎ ↩︎

9. Proton: zero-access encryption across email, calendar, file storage, and documents, hosted in Switzerland. https://proton.me ↩︎

10. Tuta Mail: quantum-resistant encryption as default for email, calendars, contacts, and address books. Zero-knowledge architecture. https://tuta.com/blog/gdpr-compliant-email ↩︎

11. Wire: encrypted communications using the Messaging Layer Security (MLS) protocol, hosted in Switzerland under Swiss privacy law. https://wire.com ↩︎

12. Hetzner: EU-only cloud hosting, DIN ISO/IEC 27001:2022 certified, transparent hourly billing with no minimum contracts. https://www.hetzner.com/european-cloud ↩︎

13. Scaleway: "A European alternative to hyperscalers." Nine availability zones, three EU regions, GDPR-compliant, 100% renewable energy. https://www.scaleway.com ↩︎

14. Infomaniak: customer master data never transfers to subsidiaries outside Europe. Full GDPR compliance under Swiss legal foundation. https://www.infomaniak.com/en/support/faq/2820/comprendre-la-securite-des-donnees-rgpd-et-lpd ↩︎

15. Penpot: open-source design tool expressing designs as CSS, SVG, and HTML. Teams fully own their work; self-hosting available. https://penpot.app ↩︎

16. Nextcloud: open-source file sync and collaboration, self-hosted or managed. Nextcloud One hosted entirely in Germany. https://nextcloud.com ↩︎

17. Odoo: open-source modular ERP. Community edition free forever; thirteen million users. https://www.odoo.com ; see also peaknetworks, "Odoo ERP Open Source" (Odoo hosting from Switzerland, Germany, and Austria). https://www.peaknetworks.com/blog/odoo-erp-open-source ↩︎

18. Adrien Jussak, "Souveraineté des données et IA : ce que vous ignorez peut-être sur Mistral AI" (LinkedIn, February 2026), on Mistral's public API (Cloudflare TLS termination, Azure storage) vs. sovereign deployment via OpenWeights on Scaleway, OVHcloud, IONOS. https://www.linkedin.com/posts/ajussak_souverainetaeznumaezrique-ia-cloudact-activity-7425891098180382721-Sz8u ↩︎ ↩︎

19. Matrix: open, federated communication protocol. Organizations run their own servers while maintaining interoperability. https://matrix.org ↩︎

20. Jacques Ellul, The Technological Society (1954), Chapter 1: "Technique has become autonomous; it has fashioned an omnivorous world which obeys its own laws and which has renounced all tradition." ↩︎

21. Yuk Hui, The Question Concerning Technology in China (2016), Chapter 1. ↩︎

22. The CLOUD Act (Clarifying Lawful Overseas Use of Data Act, 2018) allows US law enforcement to compel US-based tech companies to produce data stored overseas, even when it conflicts with foreign data protection laws. ↩︎

23. Albert Borgmann, Technology and the Character of Contemporary Life (1984), Chapter 9: "The device paradigm is the tendency to see technology as the progressive availability of ever more sophisticated commodities concealed by ever more opaque machinery." ↩︎

24. Ivan Illich, Tools for Conviviality (1973), Chapter 3. ↩︎

25. Shoshana Zuboff, The Age of Surveillance Capitalism (2019), Introduction: "Surveillance capitalism unilaterally claims human experience as free raw material for translation into behavioral data." ↩︎

26. Andrew Feenberg, Questioning Technology (1999), Introduction. ↩︎

27. Langdon Winner, The Whale and the Reactor (1986), Chapter "Do Artifacts Have Politics?" ↩︎

28. Melvin Conway, "How Do Committees Invent?" Datamation (1968): "Organizations which design systems are constrained to produce designs which are copies of the communication structures of those organizations." https://en.wikipedia.org/wiki/Conway's_law ↩︎