Home Consulting Products Open Source About Jobs Book a call

Sovereignty, from policy to practice

The technical layer between
policy and practice.

Independent advisory and tools for organisations that need to demonstrate control, not just claim it. AI governance, digital sovereignty, open source security.

We work with regulated organisations, public sector bodies, and technology companies that need technical depth, not policy translation.

Book a discovery call Run a free assessment
Linux Foundation Confidential Computing Consortium CHAOSS Data Science Working Group OpenUK International Ambassador · Top 100 Women in AI Ethics 2025 PhD University College London Author Code, Chips and Control
What we do

Three lines of work.
One point of view.

Most organisations have the policy. Few have the implementation. We work the gap between them.

Products

Technical tools for governance, compliance, and security observability. Built for regulated environments, designed for real deployment.

View products

Open Source

Public tooling and community contributions advancing the state of the art in supply chain security, SBOM, and AI governance tooling.

View projects

Consulting

Strategic and technical advisory for organisations navigating AI risk, regulatory complexity, and digital sovereignty at the executive level.

Our services
Track record
10+
Years in practice
Deployed across defence, government, and regulated industry, not observed from the outside
6
Foundation roles
Coordinating Microsoft, NVIDIA, and ARM at the Linux Foundation CCC, the standards that will govern AI systems
3
Practice areas
From silicon supply chain to EU AI Act compliance, the full range from policy to running system
Recent speaking & contributions
FOSDEM
Workload Identity & Digital Sovereignty
Brussels · 2026
CHAOSSCon
Open Source Community Health
2025
OPEN SOURCE DAY
Indigenous Data Sovereignty & AI Ethics
2025
LINUX FOUNDATION CCC
AI Confidential Computing - Technical WG
Ongoing
Who we work with

Regulated environments
where governance failures
have real consequences.

We don't work with organisations that need a policy document. We work with those that need someone who understands the actual systems.

Healthcare / NHS Financial Services Critical National Infrastructure Public Sector AI Companies Standards Bodies Academic & Research Defence

If your organisation has made sovereignty or governance commitments at the policy or procurement level and is now facing the question of whether the technical implementation delivers them, that's the conversation to have.

Where to start
01 - FREE

Run the sovereignty assessment

Map your organisation's posture across nine sovereignty domains in 15 minutes. Client-side only, nothing is stored or transmitted.

Start assessment
02 - 30 MIN

Book a discovery call

Discuss your situation and whether there's a fit. No pitch. We'll tell you directly if this isn't the right engagement.

Book a call
03 - ONGOING

The Clewline briefing

Monthly intelligence on AI governance, digital sovereignty, and open source security developments. No noise.

Subscribe

Ready to close the gap?

If your organisation is navigating EU AI Act compliance, digital sovereignty obligations, or supply chain security, and needs someone who has done the implementation work, not just the policy analysis.

Book a discovery call Free assessment