Last week, a single government letter shut down two of the world's most capable AI models for everyone outside the United States. Overnight, the company disabled them for all customers, worldwide. The reaction was immediate — outrage, calls for sovereign AI, demands that India build its own.
Good. But here is the harder question: why just AI?
AI is the newest switch. It is not the only one, and it is nowhere near the most dangerous. The cloud our banks run on, the certificates securing our government portals, the platform hosting 21.9 million Indian developers, the navigation guiding our defense systems — every one of them sits on an off switch held in another country. We are not outraged about those because we cannot see them. That does not make them less real.
Consider the evidence hiding in plain sight. Microsoft suspended services to Nayara Energy — an Indian refinery handling 8% of the country's refining capacity — to comply with EU sanctions over its Russian shareholding. No Indian court ordered it. No Indian law required it. A foreign corporation reached into critical domestic infrastructure and pulled the plug. That was not a cyberattack. It was a kill switch, and India had no override.
The pattern repeats across geographies and sectors. Russia, cut off from Western cloud, ERP, and IT services between 2022 and 2024, then expelled from SWIFT — an economy frozen not by tanks but by terms of service. GitHub locked developers in Iran, Syria, and Crimea out of their own code overnight when sanctions hit. Foxconn quietly withdrew over 300 engineers from India's iPhone production lines in 2025 to throttle manufacturing momentum. The switch doesn't always say "off." Sometimes it simply says "we are leaving."
Now examine what remains invisible. Approximately 70% of India's cloud infrastructure runs on three American hyperscalers, with every byte reachable under the US CLOUD Act. India operates no DNS root server, meaning every query from Indian soil is resolved on infrastructure it neither owns nor audits. Since a 2014 breach, India has had no trusted sovereign Root Certificate Authority — leaving foreign corporations to determine what the Indian internet is permitted to trust. One coordinated certificate revocation, and every banking portal in the country would display a security warning.
"Why reinvent the wheel?" It is the line reflexively deployed to dismiss every indigenisation effort as wasteful. Why rebuild what the world already provides cheaply and well? The answer fits in seven words: a wheel you do not own can be taken away. The AI suspension is not a new category of risk — it is the same kill switch appearing on the newest layer of the stack, and it is simply the first one visible enough to generate public anger.
India learned this lesson once, and forgot it. The question now is whether this moment of visibility becomes the catalyst for building genuine digital sovereignty — across cloud, certificates, DNS, and AI simultaneously — or whether the outrage fades once access is restored and the deeper switches remain, unseen and unaddressed, in someone else's hands.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
