Summary As proposed, the Cloud and AI Development Act (CADA) would layer a single, harmonised EU framework — four Union assurance levels — over today's fragmented national sovereign cloud labels such as France's SecNumCloud. National labels would remain voluntary market signals, but CADA would require public-sector bodies and Union entities to procure cloud services by reference to these EU-wide levels, following mandatory risk assessments. The aim, as the proposal frames it, is to end the market fragmentation caused by divergent national sovereignty criteria and create a comparable, Union-wide measure of trust for cloud services.

Detail

The proposed Cloud and AI Development Act (CADA, COM(2026) 502 final) would change how cloud sovereignty is assessed in the European Union. Today the landscape is a patchwork of national initiatives: several Member States have developed their own sovereign-cloud labels or attestations with distinct, often incompatible criteria for what counts as a "sovereign" or "trusted" cloud service. France's SecNumCloud (operated by ANSSI) is the most prominent; Germany relies on the BSI's C5 cloud security attestation; other Member States have their own approaches. These schemes vary in scope and rigour.

The CADA proposal's recitals describe this fragmentation as a problem. Recital 47 notes that, while some Member States have developed national approaches to identifying sovereign services, "national measures do not adequately address the cross-border issues related to the Union's lack of sovereignty in the cloud computing ecosystem and risk fragmenting the Union internal market and undermining common goals of autonomy and sovereignty." The proposal argues that inconsistent sovereignty criteria leave public buyers unable to compare the trustworthiness of services across borders.

To address this, CADA would establish a harmonised Union cloud computing sovereignty framework. Under Article 16, that framework would comprise four "Union assurance levels" (Levels 1 to 4), the criteria for which are set out in Annex II, that cloud computing service providers would have to meet to provide their services to Union entities and public sector bodies. Recital 52 explains that the levels should provide "a proportionate framework to ensure that public order is preserved by maintaining control and agency by public-sector bodies," adding that most public services would not require the highest levels.

The four Union assurance levels

The criteria are set out in Annex II and are cumulative, rising from baseline establishment requirements to strict operational autonomy. The summary below reflects the proposal as drafted:

  • Union assurance level 1: The baseline for general public-sector procurement. The provider (and the subcontractors involved in the service) must be established in the Union. Customer data — including metadata and telemetry — must remain exclusively within the Union unless the public-sector body explicitly requires otherwise. Where the provider is subject to the control of a third country, it must guarantee that no existing third-country laws require it to report software vulnerabilities to that country's authorities before those vulnerabilities are known to have been exploited (Annex II, Section 1.1).
  • Union assurance level 2: Adds personnel-location and data-use requirements. The provider and relevant subcontractors must be established in the Union, with infrastructure, assets, and personnel located in the Union. Data generated by using the service must not be used to train or fine-tune any AI system operated by a third country (or a third-country legal entity) and must not be transferred outside the Union. The service must obtain a European cybersecurity certificate of at least "substantial" assurance under a cloud scheme adopted under the Cybersecurity Act (Regulation (EU) 2019/881) — or, until such a scheme exists, meet national schemes or the highest cybersecurity standards under applicable Union law. A software bill of materials (SBOM) and other supply-chain controls are required (Annex II, Section 2).
  • Union assurance level 3: Personnel involved in providing the service must be Union citizens and, where appropriate, hold the necessary national security clearance for classified information. The service must obtain a European cybersecurity certificate of at least "substantial" assurance (subject to the same transitional rules as Level 2). The provider and its subcontractors must not be subject to the control of a third country or of a third-country legal entity — unless, by way of derogation, the Commission has identified that third country as "associated" by implementing act under Article 18. Technical and operational support must be performed exclusively within the Union by Union residents (Annex II, Section 3).
  • Union assurance level 4: The highest level. Customer data identified as sensitive following a risk assessment must remain exclusively within the Union. Personnel must be Union citizens with, where appropriate, national security clearance, and the provider and subcontractors must not be subject to third-country control. The service must obtain a European cybersecurity certificate of at least "high" assurance, with the strictest software-supply-chain controls, including demonstrating that no third country holds or exercises effective control over the design, development, maintenance, and evolution of software components (Annex II, Section 4).

Recognition and procurement

Under Article 17, a provider seeking recognition would apply to the national competent authority of its place of establishment, which would act as the evaluating authority and, absent a reasoned objection from other Member States' authorities, recognise the service throughout the Union. For Level 1, recognition rests on a conformity self-assessment and an EU statement of conformity (Article 19); EU statements issued by SME providers would be recognised automatically across Member States. For Levels 2, 3, and 4, recognition requires an independent third-party audit (Article 20).

The proposal positions CADA as the operative reference for public procurement rather than a replacement for national labels as such. Under Article 30, Union entities and public-sector bodies whose activities are not identified as contributing to the preservation of public order in the risk assessment under Article 29 would have to use services recognised at Union assurance level 1. Contracting authorities whose activities are identified as contributing to the preservation of public order — in the sectors of Annex I or II of the NIS2 Directive (Directive (EU) 2022/2555) or in national security, internal security, external border management, defence, justice, or law enforcement — would have to procure only services recognised at Union assurance level 2, 3, or 4. A limited derogation applies where no recognised service can meet the need or where compliance would impose disproportionate cost.

Common misconceptions

  • "SecNumCloud would be banned." No. National labels would not be prohibited, but they would not, by themselves, satisfy CADA's procurement rules. A SecNumCloud-certified provider would not be automatically recognised at a Union assurance level; it would still have to go through CADA's recognition process under Article 17. CADA would harmonise the mandatory criteria for public-sector procurement, making national labels supplementary rather than the primary basis for compliance.

  • "CADA is just another cybersecurity certification." No. Although the assurance levels incorporate European cybersecurity certification (at "substantial" or "high" assurance under the Cybersecurity Act), CADA's scope is broader. It addresses sovereignty and operational autonomy — legal control, jurisdictional risk, data residency, and supply-chain control — which go beyond technical cybersecurity. The proposal states that certification under the Cybersecurity Act "can address technical cybersecurity criteria but is not suited for addressing sovereignty concerns that go beyond these technical elements." Note that the EU Cloud certification scheme (EUCS) referenced for this purpose has not yet been adopted.

  • "Providers could pick whichever national label they prefer for the EU public sector." Not for public procurement. To sell to the EU public sector under CADA, a provider would need recognition under the Union assurance levels. The framework is designed to give public buyers a single, comparable measure of trust and sovereignty, addressing what the proposal describes as a market failure of "imperfect information."

  • "Level 1 would be sufficient for all public-sector needs." No. Level 1 is the minimum for general public-sector activities. For activities identified as contributing to the preservation of public order, higher levels (2, 3, or 4) would be required based on the risk assessment under Article 29. The Commission would specify the risk-assessment methodology by implementing act.

What this means for you

For in-house counsel and compliance officers, the proposed assurance levels would call for a reassessment of cloud procurement and supplier compliance:

  1. Audit current contracts. Review existing cloud arrangements that rely on national sovereignty labels and identify gaps against Annex II. For example, confirm that data-residency clauses expressly cover metadata and telemetry, as Level 1 would require.
  2. Prepare for recognition. If you provide cloud services to the public sector, plan for the Article 17 route: a self-assessment and EU statement of conformity for Level 1 (Article 19), or independent third-party audit evidence for Levels 2 to 4 (Article 20).
  3. Integrate the risk assessment. Public-sector buyers would conduct risk assessments under Article 29 to set the required assurance level. Align tender documents accordingly, since procuring below the mandated level could breach the rules.
  4. Tighten supply-chain transparency. CADA would place heavy weight on subcontractor establishment, location, and control, plus SBOM and source-control measures — particularly from Level 2 upward. Ensure your supply-chain processes can evidence this.
  5. Monitor delegated and implementing acts. The Commission would be empowered to amend Annex II and to specify audit and risk-assessment detail; the framework would also have to be reviewed at least every 18 months. Track these as the technical requirements firm up.

Official sources

Related

This is general information about a draft EU regulation, not legal advice.