The Dutch government has blocked the acquisition of Solvinity by Kyndryl, a decision that goes beyond a business transaction and enters directly into the European debate on digital sovereignty, critical infrastructures, and control over public data.
The deal involved a company that is particularly sensitive for the Dutch state. Solvinity provides services related to the technology infrastructure underlying DigiD, the digital identity system used by millions of citizens in the Netherlands to access public and private services with official authorization. Through DigiD, processes related to taxes, pensions, healthcare, and other administrative procedures are conducted, so any change in control over its infrastructure has raised political and social concerns.
The decision was made by State Secretary for Economic Affairs and Climate, Willemijn Aerdts, following an analysis by the Bureau Toetsing Investeringen (BTI), the body responsible for reviewing certain investments and acquisitions that could affect the public interest. According to the communication sent to the Dutch Parliament, the BTI concluded that the operation could pose a risk to the public interest and recommended outright prohibition.
An uncommon veto with DigiD at the center
The blockade is based on the Law on Control of Unwanted Holdings in Telecommunications, known by its Dutch acronym WOZT. The Dutch government emphasizes that the analysis is neutral regarding the country of origin of the investor, based on risks and proportionality. Aerdts also highlighted that the Netherlands values the presence of foreign tech companies, including American ones, and their contribution to the country’s economy and digital infrastructure.
The nuance is important. The decision is not officially presented as a rejection of Kyndryl for being an American company, but as a protective measure for the public interest regarding a specific operation. Nonetheless, the political context is clear. In the Netherlands, there has been an intense debate about the risks of a key company for national digital identity falling under foreign legislation.
Activists, privacy experts, and various political parties had expressed concern that data or systems linked to DigiD could be exposed to legal pressures or requests from authorities outside the European Union. Although the government has not publicly detailed the concrete risks for confidentiality reasons, it has offered a technical session reserved for legislators to explain the scope of the decision.
European digital sovereignty in practice
The Solvinity-Kyndryl case reflects a growing trend across Europe. Digital sovereignty has ceased to be an abstract concept and is now a tangible criterion in public procurement, cloud contracts, data centers, managed services, and critical infrastructures.
For years, many European administrations and companies have depended on global providers to host, process, and protect sensitive information. That dependence isn’t always an immediate operational problem, but it raises legal, geopolitical, and strategic questions: Who controls the infrastructure? Under what laws does it operate? What happens if jurisdictions conflict? How much room does the state have to ensure continuity and confidentiality?
The Netherlands isn’t the only country reevaluating these issues, but the veto on Solvinity’s acquisition sets an important precedent. This is not about a generic cloud provider or just another IT service supplier. The deal involved a component tied to citizen digital identity — one of the most delicate assets of any modern administration.
Furthermore, the measure comes at a time when the European Union is strengthening its regulatory framework on data, cybersecurity, digital resilience, and artificial intelligence. Directives like NIS2, regulations such as DORA, and norms like the Data Act are prompting organizations to reassess where their data resides, how it is protected, who manages it, and how to ensure reversibility if the contractual relationship changes.
Kyndryl and Solvinity respond to the blockade
Kyndryl has expressed disappointment over the decision and argues it cooperated in good faith with Dutch authorities throughout the process. The company considers that politicization has overshadowed the benefits that, in its view, the acquisition would have brought to Solvinity’s clients and Dutch citizens.
Solvinity, for its part, has stated it will remain focused on providing secure, reliable, and high-quality IT services to its clients. The company maintains ongoing dialogue with authorities regarding concerns related to national security, digital autonomy, and critical infrastructure protection.
The Dutch government also indicated that it will continue to stay in touch with Solvinity and its current owner to monitor the company’s evolution after the deal’s block. The fundamental issues remain; DigiD will still need a robust, secure, and up-to-date infrastructure, and the Netherlands will have to decide how to balance technological capacity, national control, and private sector collaboration.
The message to the rest of Europe is clear: operations involving companies managing sensitive digital infrastructure are no longer evaluated solely on economic or competitive grounds. National security, data sovereignty, and the ability to maintain critical public services under control have become decisive factors.
Frequently Asked Questions
Why did the Netherlands block Kyndryl’s acquisition of Solvinity?
The Dutch government blocked the deal after concluding it could pose a risk to the public interest, especially because of Solvinity’s role in DigiD-related infrastructure.
What is DigiD?
DigiD is the digital identity system used by Dutch citizens to access public services and entities with government authorization, including processes related to taxes, healthcare, or pensions.
How does this case relate to digital sovereignty?
It illustrates how European governments are reviewing who controls cloud and data infrastructures considered critical, particularly when they impact essential public services and citizens’ sensitive information.