🏛 Policymaker Edition Article 7 of 7

All editions · Policymaker Edition

A field of cosmos flowers under an open skyYour Community, Your AI — CC BY 4.0

The Horizon — What's Coming, and Why It Sharpens the Case for Sovereignty

The first five articles were about AI as it is today. This one looks a little further out — at a technology that is not yet part of daily administration but is close enough that a legislator making decisions about state and citizen data should understand it. This is not a set of predictions. It is a set of plain briefings, each following the same shape: what the thing is, why it matters to public data and national resilience, what actually changes, what a platform a jurisdiction controls does about it, what policy can do, and how certain any of it is. As new technologies come over the horizon, this article will grow. Today it carries one briefing. (Any unfamiliar term is defined in plain language in the glossary.)

Last reviewed: July 2026.

Briefing 1 — Quantum computing and the encryption question

What it is

A quantum computer is not a faster server. It is a different kind of machine that uses the physics of very small things to do a narrow set of calculations no ordinary computer can. For almost everything a government does, it is irrelevant. But for a few problems — including some of the mathematics that keeps information secret — a large enough quantum computer could, in principle, do in hours what would otherwise take longer than the age of the universe.

Why it matters (for public data and national resilience)

Almost everything confidential today rests on encryption: financial systems, secure communications, health and welfare records, tax and identity data, and the classified material a state holds. That protection depends on mathematical problems ordinary computers cannot solve in any reasonable time. A large enough quantum computer could unpick some of it. The machine capable of this does not yet exist at the scale required — and yet the issue is already a present one for a legislator, because the decisions that determine exposure are being made now, in the systems a government procures and the infrastructure it entrusts data to today.

The resilience framing is the useful one. This is not only a privacy question; it is a question of whether a state's long-lived, sensitive information remains under its own protection, or becomes vulnerable because it was encrypted, today, on infrastructure another jurisdiction controls.

The threat: harvest now, decrypt later

The reason is simple, and worth stating plainly. An adversary does not need the machine today. They can quietly record encrypted state and citizen data now and wait — decrypting it years later, once a capable quantum computer arrives. So information a government considers safely confidential today could be exposed retroactively. Anything that must stay protected for a decade or more — and a great deal of what a state holds falls into that category — is already within reach of this problem.

That is what turns a future technology into a present-tense national-resilience issue. Data encrypted today on foreign-controlled infrastructure could be exposed retroactively, and the window for that harvesting is open now, not at some point when the machine finally exists.

What a sovereign platform does about it

The defence is post-quantum cryptography: a new generation of encryption designed to resist a quantum attack, whose international standards (the NIST post-quantum cryptography standards) were finalised in 2024. The sovereignty point is the timeline. A platform whose infrastructure sits under domestic legal control can move to post-quantum protection on its own schedule, and evidence when it has; a public body renting space on foreign Big Tech infrastructure waits for a vendor whose priorities are not its own, and may never be told.

Village is built for exactly this kind of change. Its encryption records how each piece of information was protected — the method is stored alongside the data — so moving to post-quantum methods is a matter of configuration rather than rebuilding the system. That migration is planned, not yet switched on; today the platform uses strong, current encryption. What matters is that the design makes the change possible without re-engineering — the difference between a door you can open when the time comes and a wall you would have to knock down. The property has a name worth carrying into a procurement conversation: crypto-agility, the ability to change algorithms without re-engineering the system around them.

What policy can do

A policymaker does not need to master the cryptography to act well here. The levers are structural and non-partisan, and each reuses machinery a government already has:

Read together, these are the same move Article 3 argued for across the series: not a hope that systems will be secure, but a structural property a jurisdiction can require and verify.

Status and confidence

A quantum computer able to break today's encryption does not yet exist, and expert estimates of when one might range from several years to a couple of decades. What is not uncertain: the post-quantum standards exist now, finalised in 2024, and the harvest-now-decrypt-later logic means that preparing is a present decision, not a future one. This is preparedness, not alarm — the same argument the rest of this series makes about AI. The technology that is imminently of relevance to public data is worth understanding, and legislating around, before it arrives rather than after.


Want to use AI tools well, and safely? Our free courses — Working with Claude and Agents at Work — teach the practical skills. For the full technical architecture behind Village AI, see Village AI — Agentic Governance.

Useful? Share this article, or show a QR code to scan.