Transcript
Renato Losio: Hi, everyone. Thanks for joining this podcast today. My name is Renato Losio. I’m an editor at InfoQ and the chair of the InfoQ Dev Summit next October in Munich. Today, we are going to have a session discussion with four amazing panelists about what it is like to build software in Europe at the moment.
I think if you haven’t lived in a cave in the last few months, few years, there’s been a lot of discussion about the challenges to build something in Europe and what that means, what’s different. If Europe is in any way better or worse, what the challenge are for big provider, what the challenges are in the AI space.
Introduction to the Panel [00:45]
Renato Losio: Before we start our discussion, I would like to give a chance to every single panelist to introduce themselves in 30 seconds. Let’s start with Elena.
Elena van Engelen: I’m Elena Van Engelen. I’m a senior software engineer specializing in Kotlin and cloud-native solutions. I currently work as a lead engineer at AZL, the life and pensions of the NN Group. I’m also an AWS Community Builder in the serverless category, author of the Kotlin Crash Course book, and a blogger on Kotlin and cloud topics.
Renato Losio: Thank you so much, Elena. Erik?
Erik Steiger: My name is Erik Steiger. I’m a serial technical founder with engineering expertise in AI, energy, and industrial automation. Currently, I’m a self-employed AI consultant, specializing in industrial applications and the energy sector.
Renato Losio: Thank you, Erik. Markus?
Markus Ostertag: My name is Markus Ostertag. I am the chief AWS technologist at adesso, one of the leading German IT service providers, and I’m also one of the 260 AWS Heroes worldwide.
Renato Losio: Thank you, Markus. And then finally, our keynote speaker in Munich.
Katharine Jarmul: Thank you. I’m Katharine Jarmul. I am a privacy and security expert in machine learning and data systems, what we today call AI systems. I’ve been working on deep learning for more than 10 years, and I’ve been working in the privacy and security and deep learning space for the past about eight years. I have a book called Practical Data Privacy that’s available in three languages from O’Reilly, and I’m very excited to talk about how we could design systems differently if we build privacy and security in.
Today’s Challenges for European Tech Professionals [02:25]
Renato Losio: Thank you so much. Now we can begin our discussion about what’s going on in the tech sector in Europe at the moment. We all want to build a resilient and compliant system in Europe. Maybe things on a practical level haven’t changed so much, but definitely the attention in the last few years or almost few months, probably even few weeks, about the difference we are facing, the challenge you’re facing in Europe, is probably going up quite a lot.
We have read news about how scary it is to depend on provider based abroad, what the challenges are, some myths. I would like today to have a chat about what your experience are and what really practitioners should care about and what should probably just think, “oh well, nice to think about that, but it’s not that important.” I would like just to kick off the discussion, thinking about last week. I think if I look at my LinkedIn feed, we are all now experts on data privacy. We are all experts on EU rules. We are all experts on why we should not use US-based providers.
My question is: as a developer and a cloud architect, mostly using US-based cloud providers, should I be worried? Should I care about that? Should I change anything tomorrow? I don’t know who wants to go first. Markus, maybe?
Markus Ostertag: Okay. To me personally, it comes down to not overreacting to everything that is happening. I don’t want to say ‘don’t do anything and don’t care,’ because I think that’s also not good, but it needs to be a balanced approach. To me, there is no one-size-fits-all solution. You need to differentiate between what kind of concerns you really have, what kind of data you really, actually work with, how sensitive that data is, and then balance those kinds of things for each different workload that you’re having, and then place it accordingly.
There might be solutions where you need the innovation and the drive that the big US hyperscalers are bringing or helping you. Still, there definitely might also be workloads where you say, “They are so sensitive. I will have such a headache with all the regulations that are in place”., and they are in place for a reason, so maybe want to be willing to put that on a European-based cloud provider, for example. But I think the important part is that it needs to be a balance. You always need to be aware that you are also giving up something if you don’t use the big US hyperscalers, because they have decades of experience and are far ahead of what we’re seeing in Europe.
Nevertheless, in my personal opinion, it’s good that we, as Europe, are finding the way we need to build our own thing here, but it’s just not there yet.
Renato Losio: Thank you, Markus. Katharine?
Katharine Jarmul: As an American who now has lived in Germany for the past 10 years, I find the idea that the future of the next 10 years, let’s say, looking longer, that sovereignty doesn’t mean building systems differently. And I think embracing European ideals and the idea of human rights is a distinctly different approach than perhaps in other countries, and something that could also add a different way that we manage systems and technologies.
I think that in a long-term aspect, if European countries and companies wish to manage their own data in ways that are truly sovereign. Which we could say sovereign means it remains within EU borders, data or workflows, and other things like this. We could say sovereign means it remains under the control of EU companies. Or we could say sovereign means any number of other things. I don’t think it’s yet defined what we mean by sovereign when we say sovereign cloud. But certainly, if the investment and change don’t occur soon, it will continue the way it is.
As somebody who works in AI privacy, there are significant problems with data sharing within an AI training environment, where the training data can both be memorized and repeated, as well as other things can be, of course, extracted and learned from training data. So, if you’re a European or EU-based company that has sensitive or sensitive-to-your-business-processes data that you would like to train models on, I would actually advise or think about thinking differently about how you want that to go.
What we see already from the Trump AI strategy is that it will empower US businesses across the board. That’s the way it is. And if Europe or the EU doesn’t decide that they’d like to do things to empower EU businesses, then forever that will be the case, or at least for the foreseeable future.
Renato Losio: Thank you Katharine. I love the reference to really long-term as well to build for the future. One challenge I have today is that I sometimes don’t know the answer myself. I don’t know. For example, you, Erik, have already experienced that. I have a customer that comes and says, “I read the news. Is my data okay? Should I change something about what I’m doing?”. And the feeling I have some time is, okay, maybe the data is in a data center in the EU, Ireland, Frankfurt, Amsterdam, whatever, according to the cloud provider. However, it depends; I never really understand what the boundary of my analysis is.
I mean, you’re running everything on cheap, made in the US or anyway designed in the US, on a cloud designed in the US. Maybe we are having that conversation on Slack or using Zencastr. I have no idea where Zencastr is based, actually. But do we have to change something today? Or should I just assume what we do today is good enough? When should I worry? Or should I just accept that better tools, better innovation, are happening somewhere else, and we have to catch up first?
Elena van Engelen: How I look at it is, at the moment, because we don’t have very good cloud alternatives in Europe, currently most people go with AWS, Azure, and some go with Google Cloud and all kinds of US companies. Because of this, I think the immediate thing that we could look at is architecture. If we make sure that the way we use our cloud uses the architecture, which makes it easier to move to something else, then we already give ourselves a cushion to… If something happens, we could move to another place. In a really extreme situation, you could move to on-premise if something really exploded.
But even if we look at Europe, there’s Brexit, so even if we said, “Okay, we’ll go to a European country”., we cannot guarantee that that will always be the right move. Because if there’s more Brexits… I live in the Netherlands, if there will be a “Nexit,” and they will exit the European Union and have their own rules. If I go with a cloud provider based in Germany or whatever and it doesn’t give me the proper regulations that the Netherlands needs, then I’m still having a problem.
I think we need to look at the fact that we do need to deliver the software and our products fast to be able to be competitive. In order to do that, we also want to take advantage of the cloud providers and what they actually give us because of all the advanced features. We can’t just stop and say, “Oh, we’ll do everything on-premise because we’re just so afraid of the future, which we don’t know what going to happen”. I think the first step is just to make sure that we use the right architecture, especially when we look at things like serverless, which might get us locked in a bit more.
I’m currently working in finance, so life and pensions, where you have a lot of PII data. It needs to be located within Europe, so we always have to make sure that everything is correct in the cloud in terms of the location of the data. But I also worked at some companies which were related to government and they really avoided the cloud-specific features. They were running on AWS, but then they avoided everything possible and tried to put middleware on top of that so that they are not really attached to it. But actually, you are dependent on those things as well, so then you have this other kind of dependency.
Renato Losio: Thank you, Elena. Erik, I was thinking as well the fact that every cloud provider now is doing something. I don’t know if it’s a fact or the cause of the current discussion, the fact that I think all the US provider are now… I don’t want to use the word pretending, but they’re building their own sovereign cloud in Europe. For some, that’s the final solution, and that’s 100% great. For others, it is just marketing.
I personally feel probably that reality is somewhere in the middle. There’s some benefits and some constraints. I’m pretty sure you don’t get the best of both worlds. But where do you see the direction? On your side, do you see any change recently in the customer you’re working on? Or do you see any long-term effect on this? I know you are pretty strong in your opinion about Europe.
Erik Steiger: Yes. What I definitely see is that… I work with a lot of AI startups which have industrial clients, so SMEs in Germany, for example. They get pressure from the SMEs that they push now. There seems to be this trend that they want their data to not even be in the European locations of the US providers, but be on European providers. This can be a bit hard, because we have this chicken-egg problem that selects the big enterprises which bring most of the revenue. They just sit on Azure, AWS and Google Cloud. Transferring would be a major cost for them. Not even that, many features they are relying on are not even available at the major European cloud providers.
For example, France with Scaleway, a new company, is coming up. But I talked to some colleagues in the consulting business, and they can’t really move because there are some features, like VPC, for example, and some industries that they just can’t do it currently. Like Elena mentioned, the architecture is just too deeply embedded into the existing AWS architecture. If you use something like Lambdas, there’s no equivalent that you can just port to.
But there’s definitely this trend. Especially now for younger startups I’m working with, they don’t know what to do. Because on the one hand, AWS is the industry standard, or these big clouds are the industry standards, so we don’t have the tools to initiate. Or at least there’s this movement, but here it’s problematic because the big revenue from the enterprises can’t move there, or at least not completely, and so it just slows it down.
For example, most startups will most likely just also use the existing US cloud providers now.
Markus Ostertag: But isn’t that an interesting… Just hearing from our discussion here, you mentioned, Erik, the chicken-and-egg problem. On the one hand, companies aren’t able to move to European cloud providers because of the lack of features, the lack of this deep integrations into this is what helps me being more productive, being faster, being more innovative. On the other hand, I personally think that it is good that the EU is now building up those things on their own. But the money isn’t there yet, because companies aren’t able to invest.
Closing the Gap with US Hyperscalers? [14:04]
Markus Ostertag: Looking at AWS, they’ve been on the market now for nearly 20 years. Obviously, we have to fill that gap,the EU cloud providers have to catch up on that gap first. And then what you mentioned, Elena, was interesting because that is very often something that I also hear, “Then we do things on an abstraction level. We build this mid-layer, we have this middle-tier thing”.
But in the end, it’s like, sure, I can run everything on Kubernetes, because I can do Kubernetes on AWS, Azure, STACKIT, OVH. Kubernetes is everywhere. And if really something bad happens, I can go on-prem and run my own Kubernetes stack. At the same time, if I just use Kubernetes and just push everything into containers, where is the productivity gain of using those heavily integrated services, like in AWS SQS, EventBridge, using those Software as a Service, using those Function as a Service, Lambda, those kinds of things?
I think a lot of organizations struggle with this decision: should we now go down the road of everything needs to work on all clouds? At the same time, my personal opinion is if you do that, and I would be interested in what your experience is Elena working in those areas, you do more work to bring those applications and work on that middle layer, which in the end gives you a lower lock-in effect. At the same time, it comes down to switching costs. There is no lock-in. It’s technology, it’s software. You can build every software differently; it just takes time, resources, and, in the end, money.
I can do that while I build it and slow my innovation down while I’m building it, or I can accept the lock-in effect, doing a good risk assessment on what is the scenario that I want to be aware of or that I want to circumvent, and then saying, “If this happens, I have three months, I need to rebuild, refactor that software to run it inside a Kubernetes container or a Kubernetes cluster, and then I can do it”. To me, the question very often is, should I slow my innovation down while I’m building it, and then do that afterwards when the scenario really happens? Or should I, in the end, do that as a whole while I’m building those kinds of things, it’s a problem?
Elena van Engelen: Yes. I agree. Basically, if we use middleware, we invest a lot of money into the middleware, like Kubernetes and Red Hat and all sorts of software, then we lock ourselves into that as well. And also, it’s not possible to just move our Kubernetes to another cloud. You have all sorts of things. With firewalls, you have all kinds of things, with the network. All of those things are still cloud-specific because you are on that cloud, so you still have to do that.
And then the question is: How much are you actually being cloud-independent with it? Not much.
What about Encryption? [17:11]
Renato Losio: That’s a good discussion, yes. That’s actually because as well, one of the things is you can have an API that matches on every single cloud provider, but doesn’t mean that every single cloud provider can provide you the infrastructure, the scalability. I can build myself some S3 API tomorrow, put it on my server, that doesn’t make me scalable and doesn’t make me in any way independent.
But one thing that I’m actually surprised by when I look at customers… That is a question for Katharine, actually: can it possible that customers actually think too much about moving data to a safe place, but often they don’t even take the strongest option in terms of encryption, keys, and privacy? I may have a customer who asks me where the data is that they are using, whether they are using the default encryption key. I will say that they’re trying to close the small hole while they have a big hole in front of the house. I don’t know how you teach people.
Katharine Jarmul: Yes, encryption is difficult, because most people don’t understand how encryption works, and most people haven’t ever had a chance to work with cryptographers, and so it’s a real problem. When we were building distributed encrypted learning as part of TF Encrypted, we had problems describing to customers the difference between SSL and TLS and homomorphic and multi-party computation encryption.
The customers are not stupid; it’s just that encryption is hard, and understanding encryption is hard and is very math-based. And comparing encryption has been filled with marketing cram, I would say, so marketing messages for decades. The promises of encryption have also been interlinked with things like state security and so forth. Encryption as itself is a hard thing to piece apart, and I think people are under-informed what their choices are when they think about encryption.
Going back, let’s think about encryption in Europe. We happen to have one of the coolest startups in the world in Europe. They’re based in Paris, they are called Zama. That’s where a lot of my cryptographer colleagues from prior now work: how do we accelerate homomorphic encryption, and where does other encryption mechanisms like multi-party computation, where do they fit in? That is a European-based company led by Europeans. I would argue that it is far more innovative than most of the companies that I see in the US in this space.
Are We Slowing Down Innovation? [19:43]
Katharine Jarmul: I go back to your question, Markus, which is, do we slow down innovation to build something different? I would argue that we make innovation when we build something different. When we look at what’s happening with the Schwarz Gruppe, with ITStack, as you mentioned, with Cleura, Aura. This new edge AI computing cloud initiative that, of course, has many, many different companies as part of it, but is a consortium to think about how do we build edge computing that can run AI workloads on edge devices in a distributed sense where we could certainly guarantee better privacy protections for the data at the edge. Then I say that, indeed, Europe or the EU is well positioned because we can think differently about how to build these services. And that, in and of itself, is innovation.
Of course, that’s not available to every company and that’s not available to every business. But I think for the businesses that is available to, and for the opportunity that exists now, which is how do we accelerate encryption workloads, how do we think through other hardware acceleration that hasn’t been prioritized because it’s not profitable for a large scale US business, and how do we think about things like building privacy by design workflows, by building distributed workloads, which if we look at Google Research are actually optimized when we think about data parallelism and so forth, this is something that we can actually do here and potentially prioritize here.
That again isn’t for every business, but for the businesses that it’s for would significantly contribute to what is the next Kubernetes, and not just how do I run my Kubernetes workflows in four different clouds.
Markus Ostertag: It’s interesting. I don’t disagree with you, Katharine, not at all. I totally get the point. I think the question comes down to if there is a big market. So in the end, it comes down to money, unfortunately, let’s be honest about that. It comes down to how much survivability companies that work in a market that is non-existent have? There is nearly no survivability. Which then poses a problem in terms of one definition of sovereignty or one dimension of sovereignty. Because if I’m using something from a company or that is powered by a company or built by a company, that is not survival. But because there is no market, that is a problem for me as a customer of that company at that very moment.
The question to me is, there is so much investment from the big US hyperscalers in several ways, very, very broad, all over the place in technology, how they drive innovation. While I agree with you that we still can be innovative, still the question is… And looking at Germany, for example, we are not really on the forefront of digitalization, let’s be honest about that. It’s about people need to have those Kubernetes clusters. Because for them that is already really innovative, to run on a Kubernetes cluster, and why I see the point of doing AI and doing those kinds of things in encryption and edge computing and those kinds of things… The question is, is the market or the society or the customers ready to really build those kinds of things?
You mentioned, Katharine, that there is a specific sort of companies and organizations that this is built for and that they are able to use. The question to me is, is this too early and do we need to have good fundamentals first to build on top of that, rather than now doing that leap jump to now being very innovative while not having those infrastructure fundamentals in the EU?
Erik Steiger: You could say there are bare metal servers that we could use. There are good bare metal servers that we can use in the EU. The problem is all the services that are missed on top. But coming back to what you said, Markus, it’s obvious that… Azure alone, I think they have a CapEx investment of 7 billion in the Central European region, which is so massive that it doesn’t even compare to what we have.
Katharine, you mentioned STACKIT. They are actually growing now in Germany. And actually, they come from a region where I’m from, so it’s nice to see that something’s happening there. They try to capture all these healthcare and very sensitive industries inside Germany and the European Union. Also, it’s just about convenience. In the end, it’s what drives people to use existing services in the US, it’s convenience.
Why do we use operating systems like Mac or Windows? Why did we even start in the first place using Azure or Microsoft? Because we started with Windows. Our companies bought their Office suites to start writing documents, and then it’s just another step to buy the cloud storage, then buy the server there, because you get the same bill and stuff like that.
We had this in Germany, that Schleswig-Holstein, on the government level, they said, ” Now we are over with Windows, with Microsoft. We’re switching to Linux”. And I’m like, okay, that’s a good step. But I was a bit sad because the options we have are not nearly as comparable. Then you’re fighting in setting up your own stuff. I don’t know. Most of techies know that back then maybe you like to work or play around with some Linux distro, and at some point you’re like, no, it has to work, and then you switch to Mac.
It’s like this. We need good alternatives that are very convenient that have the privacy of the European Union built in. And this is lacking at the moment. And what I find a bit frightening is that… Katharine, you mentioned a good example of an innovative company that stayed in Europe. I see so many of my friends and founders who moved to Silicon Valley because it’s so much… You get easier funding and it’s easier to hire people. Even on this administrative stuff, it’s easier, and so they move away.
This is really painful, because you see the next generation of innovation flowing out of Europe. So it’s also on a government level, we should make stuff easier. It’s missing at the moment.
Elena van Engelen: Yes. And I think also you have a risk if you go to a European cloud and it’s very small, so if it goes bust because there are not many customers, then you are in a big problem. It’s really difficult to choose that, because then you take another risk. So, your data is good, in the right location, but because it’s a small cloud, they have other issues that might be affecting you later on.
Building European Data Centers [26:35]
Renato Losio: So, you’re basically saying we are all back to the old time: “you’re not going to get fired for buying IBM” or whatever the concept was. If you stick to the big cloud provider, you might not get the best option, but you are not taking the risk. And sometimes, we are risk-averse. I absolutely get that.
One thing I’m always worried, on my side of the list, is… I love to see that European stock building up. I love to see next decade thing happening, probably. But I don’t know what I can do today, because that is the feeling I have is when I look at the news.
For example, I still remember data centers built in Italy (I’m Italian), discussed a few years ago, “Oh, we are taking some old power plants, turning them into data center for new cloud providers, whatever”. It was a big investment from the government, regions, or whatever. They were all built, basically, using European mobile carriers. Joint venture with American cloud providers. All those are basically data centers for either Google, Microsoft or AWS.
And most of those are not open yet, so I wonder if we build something now, today in Europe, what’s the goal? It’s 2030? Above 2035? I’m not saying we shouldn’t do it, but I wonder what we can do today as a practitioner.
Katharine Jarmul: I am very close to numerous people who work in telecom and large-scale data center design. It’s not rocket science anymore. Facebook invested a lot of time into architecting what we would today call optimal data center design for most workflows. Most of this is public knowledge within the data center design space. You don’t have to build a new rocket ship. You could, if you wanted to, but you don’t have to.
But it is, going back to what Erik said, it’s about investment. Doing good data center design costs money. It also has a lot of power issues, so mainly now you need to think about latency against power and cooling. And these are all things that you have to work with the governments and with property owners to design properly.
And as Erik brings up from the startup investment perspective, if the EU doesn’t decide both on a country level, but also on a regional level to prioritize how do we expedite data center design clearance and funding, then, of course, the experts from AWS or Azure or whatever will come in. Most of Azure isn’t even run on Microsoft-run data centers. Most of it is run on large Equinix or other large-scale data center providers. Anyways, side rant on data centers. Apologies for that.
It costs money at the end of the day. Also what Markus said, it costs money. If the EU wants sovereignty, first off, we got to define what sovereignty means. And then, got to invest, and currently, there is a push towards less investment. And to make Europe more competitive by taking investment away, that could work, I guess. In some world, maybe it will.
In other worlds we look at the example of DARPA. I have a chance to sit on one of the panels for SPRIND, which is the investment group of the German government that is trying to figure out how to expedite funding. So, when we look at the ways that US technology got to be decades ahead, it was at the end of the day in many ways backed by a lot of really good research funding from long ago, and then the continued investment of that in more research and innovation.
Of course, that doesn’t help you deploy your Kubernetes cluster tomorrow, but if we want whatever comes after that, the investment should start today.
Finding a Balance Today [30:19]
Markus Ostertag: But I think it comes back to your question, Renato, we should be… And with “we”, I mean the EU and all people in the EU and all people in the tech space. I think the whole discussion around digital sovereignty, as you mentioned, Katharine, whatever that means and whatever the definition is, comes down to… It’s a black and white discussion. Either you are on the side of US hyperscalers or you are on the side of this we need to be you first, or America first. It seems like there is no gray zone in between.
I don’t get that, to be honest, because why shouldn’t I be able to use the innovation of the US hyperscalers today, while building up the future for the EU? Because, as I think we all agree, this will take time. It’s not that, we have now 2025, that in 2026 we already close the gap to the US hyperscalers. This will not work. So, why not using the innovation of the US hyperscalers today, within legal boundaries, with all the data security and all the data protection that I think is a good thing in the EU, that we have that and that we need to comply with that, while we invest into, hey, in 2030 or 2035 or whatever the year is, we have closed that gap, and then we are able to use our own fundamentals.
Because to me, digital sovereignty doesn’t means autarky. It’s more about how I am as an organization resilient against specific scenarios, and there might be scenarios that I can’t be resilient against today, but then I need to work on building up that resilience while I have the other scenarios already fixed where I can be resilient again. And I think it’s not black and white. There are a lot of different scenarios that I can think of as an organization that I want to be resilient against.
That, to me, is the meaning of how can I be more sovereign, rather than it’s my data in Germany by a German company that is solely owned by only Germans. This is not what it really means.
Advice to Practitioners [32:42]
Renato Losio: We are running out of time, but I would like to give the chance to everyone to give a short suggestion. It’s always impossible. That’s why I ask you, and I’m not giving my own one. If you can give in 30 seconds, a suggestion to a practitioner today, what should be worried, should do something, should do nothing, should start to play with a new provider? I don’t know. Erik, what would you do? Would you care about? Would you do something today? Would you learn something new?
Erik Steiger: I think the first step is to start sensitizing yourself with what’s happening and understanding also the notions of CLOUD Act, what it means. So, understanding that if you have your data at a US provider, even in Europe, if there is something, the US government could actually access that.
Renato Losio: What are the implications?
Erik Steiger: Yes. But then the question is, as Markus said, “What’s the implication?” Is it hindering your clients or your business? If yes, then start playing around and see if maybe current European providers already have all the services that you need. And coming back to what Elena said, if you start something new, maybe think about how to be less reliant on the very provider-specific services that they provide.
And maybe, if you have the talent in your team, and it’s always an “if”, because you want to move fast and spend less money, get your solution maybe on a more agnostic architecture level that can switch providers. I think it’s just get your head out there, because there’s no one-size-fits-all solution.
Maybe for some finance institutions, it makes sense to think about moving back to on-prem servers, because there was also this hype in going into the cloud. But for some businesses that I work with, it doesn’t make sense when they have a load that’s stable, for example. So, it’s just stick your head out and see what’s out there.
Renato Losio: Thank you, Erik. Elena, any advice?
Elena van Engelen: Yes. I would recommend. Indeed, I agree with Eric. I would recommend making sure that you start with using the right architecture for your software, so that you separate your cloud-specific code or infrastructure code from your core business logic. But don’t avoid cloud’s features, because you don’t want to slow down your innovation. You still need to follow the regulations of your company and keep your PII data in the right locations and protect that as you always did.
But again, with the new cloud providers that are coming in, they might have the right locations for the EU and they’re owned by EU, but they don’t have as many features, especially security features. Private networks are maybe some security features that they’re missing, which will allow hackers to get your data. So, you could look at the other European providers, but I think that would slow down your progress, so you have to consider it carefully.
And if you’re already in a cloud provider, I would just say use the right architecture.
Renato Losio: Thank you. Markus, one advice?
Markus Ostertag: I agree with Erik and Elena already said. I think what I find an interesting aspect, especially for practitioners or developers, engineers, however you want to call them, it’s a great time to be alive. Because on the one hand, we have this vibe coding, everybody is saying, “We don’t need developers in the future anymore”., at the same time… And I think we see that in our discussion that we are having here… tech people need to understand the implications of things they’re doing, which, at least today, AI isn’t able to.
So, we are broadening our spectrum as tech people to understand the implications of what we need to build and how we need to build it. And that is a nuance that we haven’t seen so much in the past because the platform was very often just set. And now, this is a discussion again. And tech people need to be on that table, because tech people are the only ones who really, deeply understand the different implications of what Elena said, ” How fast can I move if I use this rather than this?”. Same way as what Erik said.
I think it’s great for practitioners today to understand those implications, to understand what digital sovereignty means for the product they are working on and for the project they’re working on. And I think there’s a huge benefit that practitioners get today if they understand that.
Renato Losio: Thank you, Markus. Katharine?
Katharine Jarmul: I think if you’re a practitioner, and obviously as a practitioner, most of these decisions are far above your pay grade and far above your decision level. So at the end of the day, you’re going to use AWS because somebody goes and plays golf with somebody or gets a good deal, you know, you’re going to use AWS. It is what it is.
But what I ask of you, as a practitioner, is to start to become curious about new design patterns. There’s a growing movement. And there’s also, mainly based on research groups in Germany, and then also reflects upon the work that I’ve done in distributed and federated learning in what we call local first design: local first design, local first software, local first AI.
We see that also with DeepSeek and with the amount of things that you can run on relatively small inference compute we start to think about what it would mean to run an AI model on personal compute. What would it mean to train AI models on smaller local compute and to distribute workloads differently? I just want you to be curious. You might try it once and decide that’s not so great, I don’t like it, it’s too much work, or this or that, whatever it is.
But become a bit curious about how we could design differently. Because I think the future of innovation isn’t playing catch-up and thinking acceleration, and thinking I have to get to where AWS is. The future of innovation is thinking about how we could do it smarter and differently than what was done before, because you will never innovate if you play catch-up.
An Overview of InfoQ Dev Summit Munich Talks [38:41]
Renato Losio: Thank you so much. I would like to close here. Thank you so much for the discussion. But before leaving, I would like to do a quick round with each one of you. Just give a short intro, a short teaser about your session in Munich next October. Erik, do you want to go first?
Erik Steiger: Yes. My talk in October will be about PDF rendering. I’ve worked in the past with institutions like financial and industry, and I saw that there’s very bad tooling around that. It’s either very slow or it’s not ergonomic enough, where you see in industrial where you build different certificates. It will be about high-performance and ergonomic PDF rendering built around Rust too.
Renato Losio: Thank you, Erik. Elena?
Elena van Engelen: Yes. I’ll be talking about clean architecture for services, business logic you can take anywhere. It’s a bit relevant to the current discussion. Basically, I will show how you can design your serverless applications so you can take your business logic to multiple cloud providers. I will be coding live and I’ll be deploying to AWS and Azure, and showing how the same application can run on both clouds.
Renato Losio: Thank you so much, Elena. Markus?
Markus Ostertag: Yes. I’m actually talking about exactly the topic that we were talking about. My talk will be about balancing innovation and control, in particular on the AWS European Sovereign Cloud. So, what does this mean? Why does AWS build a European Sovereign Cloud? How does it look? And also diving a bit into how to be prepared for what is coming at the end of 2025 when AWS launches the European Sovereign Cloud.
Renato Losio: Thank you. And Katharine?
Katharine Jarmul: Yes. I’ll be giving the opening keynote on day one, and we’ll be talking about myths and realities of AI security and privacy. So, what are the common myths that we reach? And then, what are the new realities that we can think about of private-by-design and secure-by-default AI systems?
Renato Losio: Thank you so much to all of you, thank you for all the listeners, and see you all in Munich. Thank you again. Have a nice rest of the day!
Mentioned:
.
From this page you also have access to our recorded show notes. They all have clickable links that will take you directly to that part of the audio.
