Hållbar digitalisering 2025 – referenser – Software Systems Research Group

Denna referenslista innehåller ett urval av de källor som behandlats under presentationer och diskussioner under konferensen.

ArsTechnica (2025) Microsoft to stop using China-based teams to support Department of Defense, ArsTechnica, 26 July. https://arstechnica.com/security/2025/07/microsoft-to-stop-using-china-based-teams-to-support-department-of-defense/

Badran, J. (2025) Bericht zu Zielen und Massnahmen zur Sicherstellung digitaler Unabhängigkeit und Souveränität der Schweiz, 7 May. https://www.parlament.ch/de/ratsbetrieb/suche-curia-vista/geschaeft?AffairId=20253506

bfh.ch (2024) Neue Studie zu digitaler Souveränität publiziert, 10 June. https://www.bfh.ch/de/aktuell/news/2024/neue-studie-digitale-souveraenitaet/

bfh.ch (2025a) Institut Public Sector Transformation.
https://www.bfh.ch/de/forschung/forschungsbereiche/public-sector-transformation/

bfh.ch (2025b) Open source software: added flexibility to gradually break free from vendor lock-in, 11 April, https://www.bfh.ch/en/news/stories/2025/open-source-vendor-lock-in/

bk.admin.ch (2025) Feasibility study PoC BOSS. https://www.bk.admin.ch/bk/en/home/digitale-transformation-ikt-lenkung/standarddienste/bueroautomation/poc-boss.html

Blind, K. & Böhm, M. (2019) The Relationship Between Open Source Software and Standard Setting, Thumm, N. (Ed.) EUR 29867 EN, JRC (Joint Research Centre) Science for Policy Report, Publications Office of the European Union, Luxembourg, 2019, ISBN 978-92-76-11593-9. https://doi.org/10.2760/163594

bouncycastle.org (2025a) Bouncy Castle – Open-source cryptographic APIs. https://www.bouncycastle.org/

bouncycastle.org (2025b) Bouncy Castle Joins the CVE Program as a Numbering Authority (CNA), 6 August. https://www.bouncycastle.org/resources/bouncy-castle-joins-the-cve-program-as-a-numbering-authority-cna/

brz.gv.at (2021) Offizielle App für den Grünen Pass ab sofort erhältlich, 2 July. https://www.brz.gv.at/presse/Gruener-Pass-App.html

Cagnin, C., Muench, S., Scapolo, F., Störmer, E. & Vesnic-Alujevic, L. (2021) Shaping and securing the EU’s open strategic autonomy by 2040 and beyond, Joint Research Centre, European Commission, Publications Office of the European Union, Luxembourg, ISBN: 978-92-76-40991-5, ISSN: 1831-9424. https://doi.org/10.2760/727114

caluma.io (2025) Caluma. https://caluma.io/

de la Chapelle, B. & Porciuncula, L. (2021) We Need to Talk About Data: Framing the Debate Around Free Flow of Data and Data Sovereignty, Internet and Jurisdiction Policy Network, 31 March. https://www.internetjurisdiction.net/uploads/pdfs/We-Need-to-Talk-About-Data-Framing-the-Debate-Around-the-Free-Flow-of-Data-and-Data-Sovereignty-Report-2021.pdf

ch-open.ch (2025) Verein zur Förderung von Open Source Software und offenen Standards in der Schweiz. https://www.ch-open.ch/

CICTAR (2022a) Amazon: The World’s Largest Company Is Subsidised By You, Centre for International Corporate Tax Accountability and Research, 24 May. https://cictar.org/s/CICTAR_AMAZON-FINAL-1.pdf

CICTAR (2022b) Microsoft: Gaming Global Taxes, Winning Government Contracts, Centre for International Corporate Tax Accountability and Research, 12 October. https://cictar.org/s/CICTAR_MICROSOFT-FINAL.pdf

CISA (2024) Review of the Summer 2023 Microsoft Exchange Online Intrusion, Cyber Safety Review Board, 20 mars. https://www.cisa.gov/sites/default/files/2025-03/CSRBReviewOfTheSummer2023MEOIntrusion508.pdf

Contreras, J. L. (2023/25) A Research Agenda for Standards-Essential Patents, In Bonadio, E. & Shemtov, N. (Eds.) A Research Agenda for Patent Law, Edward Elgar, Also available at: University of Utah College of Law Research Paper No. 531, 5 January 2023, SSRN: https://ssrn.com/abstract=4318208

Dagens Medicin (2025) Kommuner går samman i kritik och krav på Millennium, Dagens Medicin, 17 januari. https://www.dagensmedicin.se/vardens-styrning/digitalisering/kommuner-gar-samman-i-kritik-och-krav-pa-millennium/

digital.swiss (2025) Digital Switzerland Strategy – Open Source. https://digital.swiss/en/strategy/focus-topics/promoting-the-use-of-open-source-software-in-the-federal-administration

EC (2004) European Interoperability Framework for pan-European eGovernment Services, Version 1.0, European Commission, ISBN 92-894-8389-X. http://web.archive.org/web/20120710134922/https://ec.europa.eu/idabc/servlets/Docd552.pdf

EC (2012) Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions, Unleashing the Potential of Cloud Computing in Europe, COM(2012) 529 final, European Commission, 27 September. https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52012DC0529

EC (2013) Commission Staff Working Document: Guide for the procurement of standards-based ICT – Elements of Good Practice, SWD(2013) 224 final, Accompanying the document: Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of Regions, Against lock-in: building open ICT systems by making better use of standards in public procurement, COM(2013) 455 final, European Commission, 25 June. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex:52013SC0224

EC (2020) Open source software strategy 2020-2023: Think Open, Communication to the Commission, C(2020) 7149 final, European Commission, 21 October. https://commission.europa.eu/document/download/97e59978-42c0-4b4a-9406-8f1a86837530_en?filename=en_ec_open_source_strategy_2020-2023.pdf

EC (2021) Study about the impact of open source software and hardware on technological independence, competitiveness and innovation in the EU economy, European Commission, ISBN 978-92-76-30980-2. https://doi.org/10.2759/430161

EC (2024) Remarks by Executive Vice-President Vestager following the Court of Justice rulings on the Apple tax State aid and Google Shopping antitrust cases, European Commission, Speech/24/4624, 10 September. https://ec.europa.eu/commission/presscorner/detail/en%5E/speech_24_4624

EDPB (2023a) 2022 Coordinated Enforcement Action: Use of cloud-based services by the public sector, European Data Protection Board, Adopted on 17 January. https://edpb.europa.eu/system/files/2023-01/edpb_20230118_cef_cloud-basedservices_publicsector_en.pdf

EDPB (2023b) Annex: National Reports on the CEF cloud action, European Data Protection Board, Adopted on 17 January. https://www.edpb.europa.eu/system/files/2023-01/edpb_20230118_annex_national_reports_cef_cloud-basedservices_publicsector_en.pdf

EDPS (2024a) European Commission’s use of Microsoft 365 infringes data protection law for EU institutions and bodies, Press release, EDPS/2024/05, European Data Protection Supervisor, Brussels, 11 March. https://www.edps.europa.eu/system/files/2024-03/EDPS-2024-05-European-Commission_s-use-of-M365-infringes-data-protection-rules-for-EU-institutions-and-bodies_EN.pdf

EDPS (2024b) EDPS Investigation into use of Microsoft 365 by the European Commission (Case 2021-0518), Decision (8 March 2024), European Data Protection Supervisor, Brussels. https://www.edps.europa.eu/system/files/2024-03/24-03-08-edps-investigation-ec-microsoft365_en.pdf

EDPS (2025a) European Commission brings use of Microsoft 365 into compliance with data protection rules for EU institutions and bodies, Press release, EDPS/2025/07, European Data Protection Supervisor, Brussels, 28 July. https://www.edps.europa.eu/system/files/2025-07/2025-07-28_Press-Release_EDPS_Microsoft_EC_in_compliance_EN.pdf

EDPS (2025b) Subject: Closure of enforcement proceedings in the Commission’s use of Microsoft 365 (Case 2021-0518), Letter to the European Commission regarding the closure of enforcement proceedings in the Commission’s use of Microsoft 365, European Data Protection Supervisor, Brussels, 11 July. https://www.edps.europa.eu/system/files/2025-07/25-07-11_letter-to-commission_2021-0518_en.pdf

ENISA (2023) Threats 2030: Identifying Emerging Cyber Security Threats and Challenges for 2030, European Union Agency for Cybersecurity, 29 March. https://www.enisa.europa.eu/publications/enisa-foresight-cybersecurity-threats-for-2030

eSam (2018) Checklista inför beslut om molntjänster i offentlig sektor, 31 oktober. http://web.archive.org/web/20201028053344/www.esamverka.se/download/18.1d126bc174ad1e6c39c88c/1542008743030/Checklista%20om%20molntj%C3%A4nster_20181031%20(002).pdf

eSam (2022) Tekniska förutsättningar i molntjänster, ES 2022-05, eSam, juni. https://www.esamverka.se/download/18.1ec521a61817ffb56514fea9/1656598104185/Tekniska%20f%C3%B6ruts%C3%A4ttningar%20i%20molntj%C3%A4nster%202.0_2022.pdf

eSam (2023a) Adekvansbeslut och ny sekretessbrytande bestämmelse– grönt ljus för amerikanska molntjänster?, eSam, 9 juni. https://www.esamverka.se/download/18.43a3add4188b9f2345a2ffd0/1687333877690/ES2023-10%20Adekvansbeslut%20och%20ny%20sekretessbrytande%20best%C3%A4mmelse%20-%20%C3%84r%20det%20gr%C3%B6nt%20ljus.pdf

eSam (2023b) Vägledning: Utkontraktering – sekretess och dataskydd, ES2023-06, eSam, juli. https://www.esamverka.se/download/18.43a3add4188b9f2345a2fe78/1687332814480/ES2023-06%20V%C3%A4gledning%20Utkontraktering%20-%20sekretess%20och%20dataskydd.pdf

eSam (2025a) Digitalt bevarande av data – problemområden, ES2025-01, eSam, januari. https://www.esamverka.se/download/18.27851b24193defb8cc0a79e/1737108639541/ES2025-01%20Digitalt%20bevarande%20av%20data%20-%20problemomr%C3%A5den.pdf

eSam (2025b) Allmänna handlingar i AI-utveckling, ES2025-11, eSam, juni. https://www.esamverka.se/download/18.2c1061191975d5b3870ef6/1750145864554/ES2025-11%20Rapport%20Allm%C3%A4nna%20handlingar%20i%20AI-utveckling.pdf

ETSI (2013) Cloud Standards Coordination, Final Report, European Telecommunications Standards Institute, Sophia Antipolis, November, Version 1.0. https://ec.europa.eu/newsroom/dae/document.cfm?doc_id=3988

fedlex.admin.ch (2023) Bundesgesetz über den Einsatz elektronischer Mittel zur Erfüllung von Behördenaufgaben, 6 July. https://www.fedlex.admin.ch/eli/fga/2023/787/de

FedRAMP (2025) FedRAMP provides a standardized, reusable approach to security assessment and authorization for cloud service offerings. https://www.fedramp.gov/

Fischer, T., Lundell, B. & Gamalielsson, J. (2021) Achieving Conformance to Document Standards: Can PDF Files Conform to the PDF/A-1b Specification?, International Journal of Standardization Research (IJSR), Vol. 19(1), pp. 1-32. http://doi.org/10.4018/IJSR.288523

folketsai.se (2025a) Folkets AI-kommission. https://folketsai.se

folketsai.se (2025b) Remissvar över SOU 2025:12 AI-kommissionens Färdplan för Sverige, Folkets AI-kommission, 4 juni. https://folketsai.se/remissvar/

folketsai.se (2025c) Remissvar från Akademikerförbundet SSR, Folkets AI-kommission, 12 juni.
https://folketsai.se/akademikerforbundet-ssr/

folketsai.se (2025d) Remissvar från AI Policy Lab på Umeå universitet, Folkets AI-kommission, 23 juni. https://folketsai.se/ai-policy-lab/

folketsai.se (2025e) Remissvar från Björn Lundell, Folkets AI-kommissione, 17 juli. https://folketsai.se/remissvar-fran-bjorn-lundell/

Furberg, P. & Westberg, M. (2020/21) Måste myndigheter följa lagarna? Om utkontraktering och legalitet i digital miljö, Juridisk tidskrift 2, pp. 406–417.

FSF (2025a) What is Free Software?, Free Software Foundation. https://www.gnu.org/philosophy/free-sw.html.en

FSF (2025b) The Free Software Definition, Free Software Foundation.
https://www.gnu.org/philosophy/free-sw.html.en#fs-definition

FSF (2025c) Definitionen av fri programvara, Free Software Foundation. https://www.gnu.org/philosophy/free-sw.sv.html

Försäkringskassan (2019) Vitbok – Molntjänster i samhällsbärande verksamhet – risker, lämplighet och vägen framåt, Dnr. 013428-2019, Version 1.0, 18 november. https://www.forsakringskassan.se/download/18.7b234aa517b3a0b7f3734e/1629891143456/vitbok.pdf

Gamalielsson, J. & Lundell, B. (2017) On licensing and other conditions for contributing to widely used open source projects: an exploratory analysis, In Proceedings of the 13th International Symposium on Open Collaboration (OpenSym ‘17). ACM, New York, Article 9, 14p. http://doi.org/10.1145/3125433.3125456

Gamalielsson, J., Lundell, B., Brax, C., Persson, T., Mattsson, A., Gustavsson, T. & Feist, J. (2024) Open Source Software reference implementations for standards issued by different standards setting organisations: availability, perceptions and practices, Journal of Standardisation, Vol. 3(2). https://doi.org/10.59490/jos.2024.7140

Galizia, A. (2019). Stolpernd ins digitale Zeitalter, Die Wochenzeitung, Nr 44, 31 October, https://www.woz.ch/1944/schule/stolpernd-ins-digitale-zeitalter

Gartner (2024) Gartner Predicts 30% of Generative AI Projects Will Be Abandoned After Proof of Concept By End of 2025, Gartner, 29 July.
https://www.gartner.com/en/newsroom/press-releases/2024-07-29-gartner-predicts-30-percent-of-generative-ai-projects-will-be-abandoned-after-proof-of-concept-by-end-of-2025

Ghosh, R. A. (2005) Open Standards and Interoperability Report: An Economic Basis for Open Standards, FLOSSPOLS, Deliverable D4, MERIT, University of Maastricht, December.

Guardian (2015) NSA director defends plan to maintain ‘backdoors’ into technology companies, The Guardian, 23 February.
https://www.theguardian.com/us-news/2015/feb/23/nsa-director-defends-backdoors-into-technology-companies

Guardian (2023) Microsoft’s Irish subsidiary posted £220bn proﬁt in single year, 3 June. https://www.theguardian.com/world/2021/jun/03/microsoft-irish-subsidiary-paid-zero-corporate-tax-on-220bn-profit-last-year

Hilzinger, M. (2010) Schweizer Kanton trennt sich wegen Linux vom IT-Chef. https://www.linux-magazin.de/news/schweizer-kanton-trennt-sich-wegen-linux-vom-it-chef/

HIS (2025) Moln och myndigheter på digitaliseringskonferens, Högskolan i Skövde, 15 juli.
https://www.his.se/nyheter/2025/juli/moln-och-myndigheter-praglar-digitaliseringskonferens/

Hon, W. K., Millard, C. & Walden, I. (2012) Negotiating Cloud Contracts: Looking at Clouds from Both Sides Now, Stanford Technology Law Review, Vol. 16(1), pp. 79-129.

HSC (2024a) Committee on Homeland Security, U.S. House of Representatives, Washington. https://homeland.house.gov/

HSC (2024) A Cascade of Security Failures: Assessing Microsoft Corporation’s Cybersecurity Shortfalls and the Implications for Homeland Security, House Committee on Homeland Security, 13 June. https://homeland.house.gov/hearing/a-cascade-of-security-failures-assessing-microsoft-corporations-cybersecurity-shortfalls-and-the-implications-for-homeland-security/

Irion, K. (2012) Government Cloud Computing and National Data Sovereignty, Policy & Internet, Vol. 4(3-4), pp. 40-71. https://doi.org/10.1002/poi3.10

Irish (2023) Microsoft says IRS has demanded $28.9bn in back taxes, Irish Times, 12 October. https://www.irishtimes.com/business/2023/10/12/microsoft-says-irs-has-demanded-289bn-in-back-taxes/

inosca.ch (2025) inosca. https://inosca.ch/

Kalsi, M. (2024) NIST FIPS 203, 204, and 205 Finalized: An Important Step Towards a Quantum-Safe Future, 15 August, https://cloudsecurityalliance.org/blog/2024/08/15/nist-fips-203-204-and-205-finalized-an-important-step-towards-a-quantum-safe-future#

Klingensjö, S. & Sjöholm, U. (2017) Mellanhänder i offentlig upphandling, Uppdragsforskningsrapport 2017:1, Konkurrensverket, ISSN: 1401-8438.
https://www.upphandlingsmyndigheten.se/globalassets/dokument/publikationer/rapport_2017-1-002.pdf

Klingler, D. & Koch, R. (2025). Switzerland – Source Code Transparency through Public Procurement: The New Swiss Open Source Software Obligation, European Procurement & Public Private Partnership Law Review, Vol. 20(2), pp. 237-240. https://doi.org/10.21552/epppl/2025/2/14

KPMG (2025a) Granskning: Införande av Millennium, KPMG, 18 mars.
https://mellanarkiv-offentlig.vgregion.se/alfresco/s/archive/stream/public/v1/source/available/sofia/rs16764-1976783462-407/surrogate/2025-03-18%20Granskning%20Millennium%20-%20Rapport%20KPMG.pdf

KPMG (2025b) Tidslinje Millennium (2013-05-14 – 2024-12-31), KPMG. https://mellanarkiv-offentlig.vgregion.se/alfresco/s/archive/stream/public/v1/source/available/sofia/rs16764-1976783462-409/surrogate/2025-03-18%2bGranskning%2bMillennium%2b-%2bTidslinje.PDF

Kristiansson, S. (2022) Försvaret av den svagaste länken, In Liljeberg, J. & Oksanen, P. (Eds.) Sveket mot cybersäkerheten, Fores, Stockholm, ISBN: 978-91-87379-87-1.
https://fores.se/wp-content/uploads/2022/10/Online_Version_110x178_Cybersa%CC%88kerhet.pdf

van der Linden, F, Lundell, B. and Marttiin, P. (2009) Commodification of Industrial Software: A Case for Open Source, IEEE Software, Vol. 26(4), pp. 77-83. https://doi.org/10.1109/MS.2009.88

Lundell, B. (2011) e-Governance in public sector ICT procurement: what is shaping practice in Sweden?, European Journal of ePractice, Vol. 12(6), pp. 66-78.
http://web.archive.org/web/20110429011729/http://www.epractice.eu/files/European%20Journal%20epractice%20Volume%2012_6.pdf

Lundell, B. (2020) Analys av DIGG:s policy för utveckling av programvara, version 1.0, 20 maj, Skövde University Studies in Informatics 2020:1, ISSN 1653-2325, ISBN: 978-91-983667-6-1, University of Skövde, Skövde, Sweden. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-18895

Lundell, B. (2022) Förutsättningar för datadelning genom öppnaekosystem: ett perspektiv på möjligheter och hinder, Dnr. FP 2021/87, 14 Feb. 2022, Högskolan i Skövde, Inkluderad i Vinnovas slutrapport ”Uppdrag att kartlägga behov av utvecklingsinsatser för datadelning”från regeringsuppdrag (Dnr. I2021/02737). https://www.vinnova.se/contentassets/41641cacf8a24d0782c88fb18259fd3b/2021-04320-slutrapport.pdf

Lundell, B., Butler, S., Fischer, T., Gamalielsson, J., Brax, C., Feist, J., Gustavsson, T., Katz, A., Kvarnström, B., Lönroth, E. & Mattsson, A. (2022a) Effective Strategies for Using Open Source Software and Open Standards in Organizational Contexts – Experiences From the Primary and Secondary Software Sectors, IEEE Software, Vol. 39(1), pp. 84-92. https://doi.org/10.1109/MS.2021.3059036

Lundell B., Gamalielsson, J., Butler, S., Brax, C., Persson, T., Mattsson, A., Gustavsson, T., Feist, J. & Öberg, J. (2021a) Enabling OSS usage through procurement projects: How can lock-in effects be avoided?, In Taibi, D. et al. (Eds.), The 13th International Conference on Open Source Systems (OSS 2021), IFIP AICT 624, Springer, pp. 1-12. https://doi.org/10.1007/978-3-030-75251-4_2

Lundell, B., Gamalielsson, J. & Katz, A. (2015) On implementation of Open Standards in software: To what extent can ISO standards be implemented in open source software?, International Journal of Standardization Research, Vol. 13(1), pp. 47-73. https://doi.org/10.4018/IJSR.2015010103

Lundell, B., Gamalielsson, J. & Katz, A. (2018) On Challenges for Implementing ISO Standards in Software: Can Both Open and Closed Standards Be Implemented in Open Source Software?, In Jakobs, K. (Ed.) Corporate and Global Standardization Initiatives in Contemporary Society, IGI Global, Hershey, ISBN 9781522553205, pp. 219-251. https://doi.org/10.4018/978-1-7998-9158-1.ch004

Lundell, B., Gamalielsson, J. & Katz, A. (2019) Implementing IT Standards in Software: challenges and recommendations for organisations planning software development covering IT standards, European Journal of Law and Technology, Vol. 10(2). https://ejlt.org/index.php/ejlt/article/view/709/

Lundell, B., Gamalielsson, J. & Katz, A. (2023a) Implementing the HEVC standard in software: Challenges and Recommendations for organisations planning development and deployment of software, Journal of Standardisation, Vol. 2. https://journals.open.tudelft.nl/jos/article/view/6695

Lundell, B., Gamalielsson, J., Katz, A. & Lindroth, M. (2021b) Perceived and Actual Lock-in Effects Amongst Swedish Public Sector Organisations when Using a SaaS Solution, In Scholl, H. J. et al. (Eds.) EGOV 2021: Electronic Government, Lecture Notes in Computer Science, Vol. 12850, Springer, Cham, pp. 59-72. https://doi.org/10.1007/978-3-030-84789-0_5

Lundell, B., Gamalielsson, J., Katz, A. & Lindroth, M. (2022b) Use of Commercial SaaS Solutions in Swedish Public Sector Organisations under Unknown Contract Terms, In Janssen, M. et al. (Eds.) EGOV 2022: Electronic Government, Lecture Notes in Computer Science, Vol 13391, Springer, Cham, pp. 73-92. https://doi.org/10.1007/978-3-031-15086-9_6

Lundell, B., Gamalielsson, J., Katz, A. & Lindroth, M. (2022c) Data Processing and Maintenance in Different Jurisdictions When Using a SaaS Solution in a Public Sector Organisation, JeDEM – eJournal of eDemocracy and Open Government, Vol. 14(2), pp. 214–234. https://doi.org/10.29379/jedem.v14i2.749

Lundell, B., Gamalielsson, J., Katz, A. & Lindroth, M. (2023b) Avoiding lock-in effects through obtaining all necessary licences before use of a SaaS solution in a public sector organisation: a case study, European Journal of Law and Technology, Vol. 14(1). https://ejlt.org/index.php/ejlt/article/view/861

Lundell, B., Gamalielsson, J. & Tengblad, S. (2016) IT-standarder, inlåsning och konkurrens: En analys av policy och praktik inom svensk förvaltning, Uppdragsforskningsrapport 2016:2, Konkurrensverket, ISSN: 1652-8089. http://www.konkurrensverket.se/globalassets/publikationer/uppdragsforskning/forsk_rapport_2016-2.pdf

Lundell, B. & van der Linden, F. (2013) Open Source Software as Open Innovation: Experiences from the Medical Domain, In Eriksson Lundström et al. (Eds.) Managing open innovation technologies, Springer, Heidelberg, pp. 3-16. https://doi.org/10.1007/978-3-642-31650-0_1

Lundell, B., Lindroth, M., Gamalielsson, J., Katz, A., Brax, C., Persson, T., Mattsson, A., Gustavsson, T., Feist, J. & Öberg, J. (2025) Half a step behind – bulk disclosure of confidential data in third-party GenAI solutions under the Swedish Public Access to Information and Secrecy Act, Digital Government: Research and Practice, Vol. 6(2), Article No. 25, pp. 1-9. http://doi.org/10.1145/3673659

Meyer, F. & Anchisi, M. (2025) A language model built for the public good, 9 July. https://ethz.ch/en/news-and-events/eth-news/news/2025/07/a-language-model-built-for-the-public-good.html

Miller, G. (2024) TRANSCRIPT: House Committee Hearing to Assess Microsoft’s Cybersecurity Shortfalls, Tech Policy Press, 15 June. https://www.techpolicy.press/transcript-house-of-homeland-security-hearing-on-assessing-microsofts-cybersecurity-shortfalls/

netzwerksds.ch (2025) Das Netzwerk für eine souveräne digitale Schweiz. https://netzwerksds.ch/

netzwoche.ch (2014) Solothurn versetzt Pinguin den Todesstoss. https://www.netzwoche.ch/news/2014-01-31/solothurn-versetzt-pinguin-den-todesstoss

news.admin.ch (2022) Digital sovereignty: President Cassis wants to strengthen Switzerland’s capacity to act in the digital space, 1 November, https://www.news.admin.ch/en/nsb?id=91033

NIST (2011) The NIST Definition of Cloud Computing, Special Publication 800-145, National Institute of Standards and Technology, Gaithersburg, September. https://doi.org/10.6028/NIST.SP.800-145

NPS (2016) Open IT-standards, National Procurement Services, Kammarkollegiet, 7 mars, Dnr 96-38-2014, https://www.avropa.se/globalassets/dokument/open-it-standards.pdf

Omni (2025) Kristersson vill stoppa EU:s ”förvirrande” AI-lag, 27 juni. https://omni.se/kristersson-vill-stoppa-eu-s-forvirrande-ai-lag/a/RzMoXd

openrailassociation.org (2025) OpenRail Association. https://openrailassociation.org/

opensource.web.cern.ch (2025) Welcome to CERN’s Open Source Program Office. https://opensource.web.cern.ch/

OSD (2007) The Open Source Definition, Open Source Initiative, Version 1.9, Last modified: 22 March. https://opensource.org/osd/

OSI (2025) Open Source Initiative. https://opensource.org/

OSR (2006) Open Standards Requirement for Software, Open Source Initiative, 24 July. https://opensource.org/osr/

ossbenchmark.com (2025) Ranking of 228 Swiss Institutions Releasing Open Source Software. https://ossbenchmark.com/institutions

ossdirectory.com (2025a) OSS Directory. https://www.ossdirectory.com/de/home

ossdirectory.com (2025b) Loom. https://www.ossdirectory.com/de/products/details/loom

oss-studie.ch (2024) Open Source Studie Schweiz 2024. https://www.oss-studie.ch/

parldigi.ch (2025) Über Parldigi. https://parldigi.ch/de/ueber-parldigi/

Pensionsmyndigheten (2015) Molntjänster i staten: en ny generation av outsourcing, Pensionsmyndigheten, Version 1.0, 28 december. https://www.pensionsmyndigheten.se/content/dam/pensionsmyndigheten/blanketter—broschyrer—faktablad/publikationer/svar-p%C3%A5-regeringsuppdrag/2016/Uppdrag%20att%20analysera%20potentialen%20f%C3%B6r%20anv%C3%A4ndning%20av%20molntj%C3%A4nster%20i%20staten%20.pdf

Privacy (2025) EDPS Closes Microsoft 365 Investigation, But Legal and Political Challenges Remain, Privacy Craft, 4 August. https://www.privacycraft.pro/post/edps-closes-microsoft-365-investigation-but-legal-and-political-challenges-remain

ProPublica (2025) Microsoft Used China-Based Engineers to Support Product Recently Hacked by China, ProPublica: Investigative Journalism in the Public Interest, 1 August. https://www.propublica.org/article/microsoft-sharepoint-hack-china-cybersecurity

Proton (2025) Europe’s tech sovereignty watch, Proton AG. https://proton.me/business/europe-tech-watch

Regeringen (2023) Sekretessgenombrott vid utlämnande för teknisk bearbetning eller teknisk lagring av uppgifter, Regeringens proposition 2022/23:97, Regeringen, Stockholm, 23 mars. https://www.regeringen.se/rattsliga-dokument/proposition/2023/03/prop.-20222397

Regeringskansliet (2025) Remiss SOU 2025:12 AI-kommissionens Färdplan för Sverige, Dnr. Fi2025/00457, Regeringskansliet.
https://www.regeringen.se/remisser/2025/03/remiss-sou-202512-ai-kommissionens-fardplan-for-sverige/

Register (2025) Microsoft admits it ‘cannot guarantee’ data sovereignty, The Register, 25 July. https://www.theregister.com/2025/07/25/microsoft_admits_it_cannot_guarantee/

Register (2025) Tested: Microsoft Recall can still capture credit cards and passwords, a treasure trove for crooks, The Register, 1 August. https://www.theregister.com/2025/08/01/microsoft_recall_captures_credit_card_info/

Schwendener, T. (2022) Das digitale Fiasko an den Berner Schulen. https://www.republik.ch/2022/10/10/das-digitale-fiasko-an-den-berner-schulen

SFS (2009) Offentlighets- och sekretesslag (2009:400), SFS nr: 2009:400, 20 maj. https://rkrattsbaser.gov.se/sfst?bet=2009:400

SFS (2018) Lag om informationssäkerhet för samhällsviktiga och digitala tjänster, SFS 2018:1174, utfärdad 20 juni 2018.
https://www.svenskforfattningssamling.se/sites/default/files/sfs/2018-06/SFS2018-1174.pdf

SFS (2020) Lag om tystnadsplikt vid utkontraktering av teknisk bearbetning eller lagring av uppgifter, Svensk författningssamling, SFS 2020:914, utfärdad 17 november 2020. https://svenskforfattningssamling.se/sites/default/files/sfs/2020-11/SFS2020-914.pdf

SFS (2023) Lag om ändring i offentlighets- och sekretesslagen (2009:400), Svensk författningssamling, SFS 2023:335, utfärdad 2 juni 2023. https://svenskforfattningssamling.se/sites/default/files/sfs/2023-06/SFS2023-335.pdf

Silberschmidt, A. (2025) Stärkung der digitalen Souveränität: Welche Massnahmen plant die Schweiz?, 19 June, https://www.parlament.ch/de/ratsbetrieb/suche-curia-vista/geschaeft?AffairId=20253704

SKV/KFM (2021) Promemoria om ersättning av Skype i Skatteverkets och Kronofogdens verksamhet, Beslut, Skatteverket, Dnr. (Skatteverket): 8-958696, Dnr. (Kronofogden): KFM 10419–2021, 3 maj. https://www.skatteverket.se/omoss/varverksamhet/rapporterremissvarochskrivelser/remissvar/2021/remissvar2021/8958696.5.3016b5d91791bf54679d41.html

Skatteverket (2024a) Inledande utredning avseende Microsoft 365, Promemoria, Skatteverket, It-avdelningen, Dnr. 8-2800157, 26 februari. https://skatteverket.se/download/18.2fb39afe18dabf1e4d21f8c/1709296907224/Promemoria%20Inledande%20utredning%20Microsoft%20365.pdf

Skatteverket (2024b) Analys av Microsoft Entra ID, Bilaga 1, Promemoria, Skatteverket, It-avdelningen, Dnr. 8-2800157, 26 februari. https://skatteverket.se/download/18.2fb39afe18dabf1e4d21f9c/1709298988941/Bilaga%201.%20Analys%20av%20Microsoft%20Entra%20ID.pdf

Skatteverket (2024c) Analys av Microsoft 365 Apps for Enterprise, Bilaga 2, Promemoria, Skatteverket, It-avdelningen, Dnr. 8-2800157, 26 februari. https://skatteverket.se/download/18.2fb39afe18dabf1e4d21f90/1709296950847/Bilaga%202.%20Analys%20av%20Microsoft%20365%20Apps%20for%20Enterprise.pdf

Skatteverket (2024d) Analys av Microsoft Teams, Bilaga 3, Promemoria, Skatteverket, It-avdelningen, Dnr. 8-2800157, 26 februari. https://skatteverket.se/download/18.2fb39afe18dabf1e4d21f92/1709296969305/Bilaga%203%20Analys%20av%20Microsoft%20Teams.pdf

SLA (2025) Björn Lundell riktar kritik mot AI-kommissionens betänkande: ”Blir knas”, Skaraborgs Allehanda, 1 augusti. https://www.sla.se/2025/08/01/bjorn-lundell-riktar-kritik-mot-ai-kommissionens-betankande-blir-knas-079a1/

Smith, B. (2024) Microsoft’s Work to Strengthen Cybersecurity Protection, Written Testimony of Brad Smith (Vice Chair and President, Microsoft Corporation), U.S. House Committee on Homeland Security, Submitted on June 11, 2024 for the Committee’s Hearing on June 13, 2024.
https://homeland.house.gov/wp-content/uploads/2024/06/2024-06-13-HRG-Testimony-Smith.pdf

Statskontoret (2023) Good administration in European countries, Statskontoret (he Swedish Agency for Public Management), OOS 47, 8 March. https://www.statskontoret.se/siteassets/rapporter-pdf/2023/oos-47-utskriftsversion.pdf

Stürmer, M. & Koch, R. (2024) The new Swiss Open Source Law: “Public Money Public Code” by default, FOSDEM 2024, 3 February. https://archive.fosdem.org/2024/schedule/event/fosdem-2024-3401-the-new-swiss-open-source-law-public-money-public-code-by-default/

Stockholm (2021) Underlag för inriktningsbeslut avseende Microsoft 365 och andra molntjänster, Dnr KS 2021/581, Stadsledningskontoret, Stockholm Stad, 9 december.

Sveriges Läkarförbund (2025) ”Taligenkänning pressas igenom trots risken för allvarliga konsekvenser”, Västra Götalands läkarförening, 15 juli.
https://slf.se/vastra-gotalands-lakarforening/nyheter/taligenkanning-pressas-igenom-trots-allvarliga-brister/

SVK (2021) Öppen antagonistisk hotbild för elförsörjningen, Ärendenr: 2021/4367, Svenska kraftnät, Sundbyberg, 1 november. https://www.svk.se/siteassets/3.sakerhet-och-beredskap/sakerhetsskydd/dokument/oppen-antagonistisk-hotbild-for-elforsorjningen-2021.pdf

Säpo (2023) Säkerhetspolisen 2022 – 2023, Säkerhetspolisen, ISBN: 978-91-86661-23-6.
https://sakerhetspolisen.se/download/18.36cda2851868025da5b2b/1677241538918/SP_A%CC%8Arsbok_2022__Anpassad.pdf

Theo – t3.gg (2024) Switzerland is the first open source country (yes really), 20 August. https://www.youtube.com/watch?v=7zmfm9xOvD8

Thévenet, A. (2025) Switzerland mandates software source code disclosure for public sector: A legal milestone, Open Source Observatory (OSOR), 6 January. https://interoperable-europe.ec.europa.eu/collection/open-source-observatory-osor/news/new-open-source-law-switzerland

Trafikverket (2024) Den borttappade huvudnyckeln och dess konsekvenser: En avslöjande rapport som beskriver omfattande brister i säkerhetskultur, rutiner och arkitektur hos Microsoft, Dnr. TRV 2023/133263, Trafikverket, Borlänge, 5 maj. https://nikkasystems.com/wp-content/uploads/2024/05/1715697711849.pdf

Vaughan-Nichols, S. (2024) Switzerland federal government requires releasing its software as open source, ZDNET, 23 July. https://www.zdnet.com/article/switzerland-now-requires-all-government-software-to-be-open-source/

WEF (2021) What is digital sovereignty and why is Europe so interested in it?, World Economic Forum, 15 March. https://www.weforum.org/agenda/2021/03/europe-digital-sovereignty/

VGR (2024) Nuvarande it-stöd säkras i väntan på nytt vårdinformationssystem, Västra Götalandsregionen, 24 juni. https://www.vgregion.se/aktuellt/nyhetslista/nuvarande-it-stod-sakras-i-vantan-pa-nytt-vardinformationssystem/

VGR (2024) Regional rapport Millennium 2024, Västra Götalandsregionen, 10 oktober. https://mellanarkiv-offentlig.vgregion.se/alfresco/s/archive/stream/public/v1/source/available/sofia/rs16023-750877252-96/surrogate/241011%20Regional%20rapport%20Millenium%202024.pdf

VGR (2025) Pausöverenskommelse VGR-Orcale, Västra Götalandsregionen, 25 februari. https://www.vgregion.se/halsa-och-vard/vardgivarwebben/vardskiftet/aktuellt-vardskiftet/aktuellt-2025/overenskommelse/

VGR (2025) Delrapport Handlingsalternativ, Västra Götalandsregionen, 22 juni. https://mellanarkiv-offentlig.vgregion.se/alfresco/s/archive/stream/public/v1/source/available/sofia/rs16764-1976783462-698/surrogate/Delrapport%20Handlingsalternativ%20v%C3%A5rdinformationssystem.pdf

VGR (2025) Nytt möte mellan VGR och Oracle, Västra Götalandsregionen, 25 juni. https://www.vgregion.se/aktuellt/nyhetslista/nytt-mote-mellan-vgr-och-oracle/

VGRfokus (2024) Så märker du av att Millennium införs, Västra Götalandsregionen, 25 juni. https://vgrfokus.se/2024/06/sa-marker-du-av-att-millennium-infors/

VGRfokus (2024) Millenniumcoacher ska stötta kollegor – nu får de sin utbildning, Västra Götalandsregionen, 10 september. https://vgrfokus.se/2024/09/millenniumcoacher-ska-stotta-kollegor-nu-far-de-sin-utbildning/

VGRfokus (2024) ”Vi kommer att bli mer effektiva” – sjukhusdirektören om förändringen, Västra Götalandsregionen, 16 september. https://vgrfokus.se/2024/09/vi-kommer-att-bli-mer-effektiva-sjukhusdirektoren-om-forandringen/

VGRfokus (2024) Intensiv fas inför införandet av Millennium, Västra Götalandsregionen, 4 oktober. https://vgrfokus.se/2024/10/intensiv-fas-infor-inforandet-av-millennium/

VGRfokus (2024) Alla sjukhus hjälps åt när SÄS inför Millennium, Västra Götalandsregionen, 25 oktober. https://vgrfokus.se/2024/10/alla-sjukhus-hjalps-at-nar-sas-infor-millennium/

VGRfokus (2024) Så skyddar VGR dina patientuppgifter i Millennium, Västra Götalandsregionen, 28 oktober. https://vgrfokus.se/2024/10/sa-skyddar-vgr-dina-patientuppgifter-i-millennium/

VGRfokus (2024) Så söker du vård när SÄS byter journalsystem, Västra Götalandsregionen, 1 november. https://vgrfokus.se/2024/11/sa-soker-du-vard-nar-sas-byter-journalsystem/

VGRfokus (2024) Kommunerna ansluter till Millennium i februari 2025, Västra Götalandsregionen, 1 november. https://vgrfokus.se/2024/11/kommunerna-ansluter-till-millennium-i-februari-2025/

VGRfokus (2024) Inga patientjournaler raderas när Millennium införs, Västra Götalandsregionen, 5 november. https://vgrfokus.se/2024/11/inga-patientjournaler-raderas-nar-millennium-infors/

VGRfokus (2024) Intensivt arbete in i det sista inför driftstarten av Millennium, Västra Götalandsregionen, 7 november. https://vgrfokus.se/2024/11/intensivt-arbete-in-i-det-sista-infor-driftstarten-av-millennium/

VGRfokus (2024) Nu byter SÄS journalsystem – så gör du om du behöver söka vård akut, Västra Götalandsregionen, 8 november. https://vgrfokus.se/2024/11/nu-byter-sas-journalsystem-sa-gor-du-om-du-behover-soka-vard-akut/

VGRfokus (2024) Millennium är igång – första steget mot ett gemensamt journalsystem i VGR, Västra Götalandsregionen, 12 november. https://vgrfokus.se/2024/11/millennium-ar-igang-forsta-steget-mot-ett-gemensamt-journalsystem-i-vgr/

VGRfokus (2024) Nya journalsystemet långsammare än förväntat, Västra Götalandsregionen, 13 november. https://vgrfokus.se/2024/11/dag-tva-med-nya-journalsystemet-langsammare-an-forvantat/

VGRfokus (2024) Tillfällig paus av breddinförande av Millennium, Västra Götalandsregionen, 15 november. https://vgrfokus.se/2024/11/tillfallig-paus-av-breddinforande-av-millennium/

VGRfokus (2024) Återgång till tidigare journalsystem i VGR, Västra Götalandsregionen, 17 november. https://vgrfokus.se/2024/11/atergang-till-tidigare-journalsystem-i-vgr/

VGRfokus (2024) Återgång till tidigare system igång – sjukhusen fortsätter avlasta SÄS, Västra Götalandsregionen, 18 november. https://vgrfokus.se/2024/11/atergang-till-tidigare-system-igang-sjukhusen-fortsatter-avlasta-sas/

VGRfokus (2024) Extern granskning av införandet av Millennium, Västra Götalandsregionen, 19 november. https://vgrfokus.se/2024/11/extern-granskning-av-inforandet-av-millennium/

VGRfokus (2024) När Millennium är pausat – detta händer nu, Västra Götalandsregionen, 21 november. https://vgrfokus.se/2024/11/nar-millennium-ar-pausat-detta-hander-nu/

VGRfokus (2024) Akutmottagningen på SÄS tar nu emot patienter som vanligt, Västra Götalandsregionen, 22 november. https://vgrfokus.se/2024/11/akutmottagningen-pa-sas-tar-nu-emot-patienter-som-vanligt/

VGRfokus (2024) ”Vi behöver samla in medarbetarnas erfarenheter” – regiondirektören efter att Millennium pausats, Västra Götalandsregionen, 28 november. https://vgrfokus.se/2024/11/vi-behover-samla-in-medarbetarnas-erfarenheter-regiondirektoren-efter-att-millennium-pausats/

VGRfokus (2024) Avtal tecknat: KPMG AB granskar införandet av Millennium, Västra Götalandsregionen, 13 december. https://vgrfokus.se/2024/12/avtal-tecknat-kpmg-ab-granskar-inforandet-av-millennium/

VGRfokus (2025) VGR sammanställer och analyserar avvikelser i samband med införandet av Millennium, Västra Götalandsregionen, 5 februari. https://vgrfokus.se/2025/02/vgr-sammanstaller-och-analyserar-avvikelser-i-samband-inforandet-av-millennium/

VGRfokus (2025) Så påverkade införandet av Millennium vården, Västra Götalandsregionen, 20 februari. https://vgrfokus.se/2025/02/sa-paverkade-inforandet-av-millennium-varden/

VGRfokus (2025) Medarbetares erfarenheter en viktig pusselbit om Millennium och införandeprocessen, Västra Götalandsregionen, 6 mars. https://vgrfokus.se/2025/03/medarbetares-erfarenheter-en-viktig-pusselbit-om-millennium-och-inforandeprocessen/

VGRfokus (2025) Regiondirektören om Millennium: ”Medarbetarna fick inte rätt förutsättningar”, Västra Götalandsregionen, 12 mars. https://vgrfokus.se/2025/03/regiondirektoren-om-millennium-medarbetarna-fick-inte-ratt-forutsattningar/

Woollacott, E. (2025) Microsoft Can’t Keep EU Data Safe From US Authorities, Forbes, 22 July. https://www.forbes.com/sites/emmawoollacott/2025/07/22/microsoft-cant-keep-eu-data-safe-from-us-authorities/

Västkom (2025a) VästKom – en politiskt styrd organisation, Västkom. https://www.vastkom.se/hem/om-vastkom/

Västkom (2025b) Kommunernas projektorganisation Millennium, Västkom. https://www.vastkom.se/vara-uppdrag/projekt-millennium/

Västkom (2025) Nyhetsbrev, Västkom https://www.vastkom.se/nyheter/nyhetsbrev/

x.com (2024) Switzerland now requires all government software to be open source. 24 July. https://x.com/jack/status/1816090745075372338

Z’graggen, H. (2022) Strategie Digitale Souveränität der Schweiz, 14 December, https://www.parlament.ch/de/ratsbetrieb/suche-curia-vista/geschaeft?AffairId=20224411