The twenty-third edition of FOSDEM takes place Saturday 4th and Sunday 5th
February 2023 in Brussels, Belgium.
For the first time there will be a DevRoom that focuses on the subject of Sovereign Cloud
and its practical aspect for digital sovereignty.

Key dates tl;dr:

• Conference dates 4-5 February, 2023 In person
• Sovereign Cloud DevRoom date: Saturday 4th February
• Submission deadline: Friday December 9th, 2022 - 23:59 UTC.
• Announcement of selected talks: Thursday 15th December
• You must be available in person to present your talk

About the Sovereign Cloud DevRoom

Overview

The Sovereign Cloud DevRoom is for discussing topics and issues of user privacy and
sovereignty and the intersection with the needs of infrastructure providers in the cloud
computing era.

A few topic examples to illustrate (a longer list is below):

• Can all operations be open, or may there be a need for a two+ tier openess (country specific laws or company secrets)?
• How can privacy relevant data be anonymized instead of being deleted, without losing the useful information?
• Open Operations is more than just sharing runbooks, how is knowledge shared and fostered best across organizations?
• Navigating our personal data lakes -- we're going to need better tools that are easier to use by more people for managing and curating encrypted data lakes
• The role of machine learning in conducting data science on anonymized information
• Countering the risks of integrated platforms

These are just a few example suggestions, we welcome proposals on any aspects around these topic.

More topic ideas and details on how to submit proposals is below.

Discussing the Sovereign Cloud

The recent EU focus on digital sovereignity has brought fresh attention and innovation to a problem
area many of us have been interested in and working on for a long time. This DevRoom focuses on
a practical aspect of digital sovereignty: how it affects user-oriented and
potentially privacy-containing infrastructure in the cloud computing era.

This aspect is the sovereign cloud, the intersection of digital sovereignty and a modern cloud-centric
way to create and sustain infrastructure, operations, and development to address the needs of
users (which may be other cloud services or actual, real people.)

With the rise of the Confidential Computing Consortium (https://confidentialcomputing.io/), some
people feel we are beginning to achieve "sovereign enough" where it comes to the balance of the
needs of the individual and the needs of tech companies et al. But there are just as many other voices
calling attention to potential problems and unfulfillable needs of staying on that path.

Looking at the entire landscape of the problem, it's clear that Confidential Computing also aligns with
usage on a sovereign cloud. It is a tool to ensure the least amount of provider trust, and it is still a good
idea until we've moved new processor architectures into the mainstream that are less impacted by
predictive execution vulnerabilities. So while it is not perfect, making it harder for an attacker is always
a good idea where feasible.

In looking for other paths to fill more needs, we naturally come to the intersection of Free/Open where
interests from different backgrounds pursuing different goals suddenly find themselves working together
in a common direction. Two of those groups are part of the organizing committee for this devroom:

As a way of addressing the holistic needs and supporting a truly balanced digital sovereignty, organizations
such as the overeign Cloud Stack (https://scs.community/) have come together to provide a complete
technology solution, standards as well as reference implementations, that can be proven and recognized
by everyone as a truly sovereign cloud.

In this area where the requirements of a sovereign cloud are being met is another intersection from the
ecosytem of Free and Open Source software development. The idea of Open Operations is essential to
projects such as Operate First that provide a developer-friendly post-CI/CD platform for running, testing,
and proving Open Source services.

Longer list of topic ideas - this is not an exclusive list, feel free to submit further ideas:

• Can all operations be open, or may there be a need for a two+ tier openess (country specific laws or company secrets)?
• How can privacy relevant data be anonymized instead of being deleted, without losing the useful information?
• Discussion: How open can software be called, if it relies on closed operations and closed infrastructure?
• Do we need to refine the definition of upstream in the idea of Open Operations?
• Is hybrid accelerating Open Operations or can it be a slow-downer/ separator? Or the solution to possible privacy issues?
• Interoperability, transparency, and independence are the go to goals, what can be accepted on our way until we are there?
• Open Operations is more than just sharing runbooks, how is knowledge shared and fostered best across organizations?
• Share experiences and stories on creating environments of psychological safety so that failures indeed make us experts
• Building communities of practice across organizations
• Navigating our personal data lakes -- we're going to need better tools that are easier to use by more people for managing and curating encrypted data lakes
• The role of machine learning in conducting data science on anonymized information
• Countering the risks of integrated platforms

Again, these are just suggestions. We welcome proposals on any aspects around these topic.

Format and lengths of submissions:

- Long (40 minutes, including Q&A)
- Short (20 minutes, including Q&A)
- Lightning (5 minutes, no Q&A)

Aside from Presentation also Meetings/Discussions are welcome for topics where a BoF-style (Birds of Feather) session
is appropriate.

HOW TO SUBMIT A TALK

• Head to the FOSDEM 2023 Pentabarf

https://penta.fosdem.org/submission/FOSDEM23 website.

• If you already have a Pentabarf account, please don’t create a new one.
• If you forgot your password, reset it.
• Otherwise, follow the instructions to create an account.
• Once logged in, select “New Event” and click on “Show All” in the top right corner to display the full form.

Your submission must include the following information:

• First and last name / Nickname (optional)/ Image

• Email address

• Mobile phone number (this is a very hard requirement as there will be no other reliable form of emergency communication on the day)

• Title and subtitle of your talk (please be descriptive, as titles will be listed with ~500 from other projects)

• Track: Select “Sovereign Cloud DevRoom” as the track

• Event type:

  • Lightning Talk OR
  • Meeting or Discussion OR
  • Presentation

• Persons: Add yourself as the speaker with your bio

• Description: Abstract (required)/ Full Description (optional)

• Links to related websites / blogs etc.

• Beyond giving us the above, let us know if there’s anything else you’d like to share as part of your submission – Twitter handle, GitHub activity

history – whatever works for you. We especially welcome videos of you speaking elsewhere, or even just a list of talks you have done previously.
First time speakers are, of course, welcome!

• For issues with Pentabarf, please contact

cloud-devroom-manager@fosdem.org. Feel free to send a notification of
your submission to that email.

If you need to get in touch with the organisers or program committee of the
Sovereign Cloud DevRoom, email us at cloud-devroom-manager@fosdem.org

FOSDEM website https://fosdem.org/2023/ / FOSDEM code of conduct https://fosdem.org/2023/practical/conduct/