Global discussions on data sovereignty often confuse technical ideals with operational realities. At the Interconnect World Forum 2025 in Tokyo, I highlighted a core truth: enforceability of national data localisation laws is limited in a global digital economy where data flows everywhere and no single jurisdiction can physically contain connectivity.

Data sovereignty rhetoric treats data as something that can be owned and controlled like territory. In practice, the internet’s architecture, protocols, and cross-border dependencies mean that data cannot be contained within artificial boundaries without severe fragmentation and inefficiency. The objective for any sovereign actor should be to influence data policy in ways that align with legal and constitutional frameworks, not to attempt technical containment that the network itself cannot enforce.

There is a distinction between *technical capability* and *legal authority*. Technology can localise a copy of data, encrypt it, or restrict access at network edges; but that does not equate to sovereign power over the global data ecosystem. Legal authority derives from enforceable law backed by jurisdictions and due process—not from network configuration, marketplace contracts, or regional policy declarations.

Practical governance must acknowledge the scale and diversity of the internet. Asia alone contains legal systems with fundamentally different notions of privacy, enforcement, liability, and data flow obligations. Expecting a single model of data control to fit all is unrealistic and risks creating jurisdictional conflict or unintended technical barriers to innovation.

The path forward lies not in asserting rigid notions of control but in building interoperable models where data flows subject to transparent legal standards that respect fundamental rights and economic realities. Sovereignty should mean *responsibility and compliance*, not technical containment. Any framework that treats data sovereignty as a technical problem rather than a socio-legal one misunderstands both technology and governance.

In sum: digital sovereignty is not achieved through isolation or localisation mandates alone—it requires harmonising law, policy, and infrastructure to support secure, lawful, and seamless data flows across borders while upholding accountability.