The F-35’s Hidden Dependence: Why Nations Are Building Firewalls Against US Data Control
Over $1.7 trillion. That’s the projected lifetime cost of the F-35 Lightning II, the most expensive weapons system in history. But the true cost isn’t just measured in dollars; it’s increasingly measured in data sovereignty. The F-35 isn’t simply a fighter jet; it’s a flying sensor and communications hub, and the vast amounts of data it generates flow primarily through networks controlled by the United States. This reliance, as revealed by investigations from RTS and confirmed by military officials, is prompting allies to seek ways to protect their most sensitive information – even if it means going it alone.
The ALIS System: A Centralized Data Hub
At the heart of the F-35’s operational network lies the Autonomic Logistics Information System (ALIS), now transitioning to the Operational Data Integrated Network (ODIN). Managed from Eglin Air Force Base in Florida by Lockheed Martin personnel, ALIS/ODIN is designed to streamline maintenance, manage flight schedules, and even support mission planning. However, this centralized system creates a significant vulnerability. As French Air Force General Jean-Marc Vigilant points out, “The F-35 is both a sensor and a communications node…This data passes through a network and this network is primarily American.” This means critical information about an aircraft’s performance, vulnerabilities, and even operational tactics could be accessible to the US.
Firewalls and the Quest for Data Sovereignty
Concerns over this data flow led to updates in 2019 allowing nations to filter data sent to the US. Norway, having received fifty F-35s, has implemented these firewalls, aiming to “filter sovereign data that Norway does not wish to share” and control the timing of critical data transmission, according to spokesperson Stine Barclay Gaasland. But a crucial detail remains: even these firewalls are supplied by an American entity – the F-35 Lightning II Joint Program Office – and require approval from the NSA before deployment. This raises questions about the true level of control partner nations possess.
The UK’s Independent Approach
The level of distrust is perhaps best illustrated by the United Kingdom. Since at least 2021, the UK has developed and maintained its own independent firewall, dubbed “Tiger Trap,” through a cybersecurity firm in southern England. This demonstrates a clear acknowledgement of technological dependence and a proactive attempt to safeguard data from American access. General Vigilant cautions, however, that the effectiveness of such firewalls remains unproven. The UK renewed its contract for this system in early 2025, signaling a long-term commitment to data protection.
Beyond Firewalls: Threat Identification and Data Processing
The data control issue extends beyond maintenance logistics. The F-35’s electromagnetic threat identification system also relies on US infrastructure. Signals from enemy radars, drones, and missiles are recorded at Eglin Air Force Base and disseminated to all F-35s. While partner nations can establish processing centers to analyze these threats, they are currently restricted to operating on American soil, within the Eglin facility. Norway, for example, has a center there, allowing them to integrate national intelligence data, but the fundamental control remains with the US. This arrangement, as Vigilant notes, allows the US to maintain “full control” over the strategic data generated by the system.
The ODIN Upgrade: A Partial Solution?
The US is investing over $200 million in ODIN, a new maintenance system designed with a more secure “cloud” architecture. While Norway anticipates the US-provided firewall will be compatible with ODIN, the underlying issue of data flow and control persists. A more secure architecture doesn’t necessarily equate to greater sovereignty.
The Future of F-35 Data Control: A Looming Fracture?
The current situation highlights a growing tension between interoperability and national security. As nations increasingly prioritize data sovereignty in an era of heightened geopolitical competition, we can expect to see further divergence in approaches to F-35 data management. The UK’s independent firewall is likely a precursor to other nations developing their own solutions, potentially leading to a fragmented ecosystem and increased costs. The long-term implications could include reduced data sharing, hindering the F-35’s effectiveness as a collaborative platform, or even prompting nations to explore alternative fighter programs that offer greater data control. The question isn’t just about maintaining a cutting-edge fighter jet; it’s about controlling the information that defines its capabilities and, ultimately, a nation’s strategic advantage.
What steps will other F-35 partner nations take to secure their data? Share your thoughts in the comments below!
