CADA vs the Digital Networks Act

Summary The proposed Cloud and AI Development Act (CADA) and the Digital Networks Act (DNA) address different layers of the digital infrastructure stack. As proposed, CADA covers the deployment, sustainability and sovereignty of data centre capacity and cloud computing services; the DNA supports the build-out of robust, fast, secure connectivity. The Commission says the CADA proposal "leverages the Digital Networks Act's advancements for connectivity and thus stays focused on the deployment of data centres capacities, not the prior or parallel build-out of the necessary connectivity infrastructure." In practice, CADA would require data centre siting to account for grid and network availability without itself regulating the network build-out.

Detail

The Cloud and AI Development Act (CADA, COM(2026) 502 final) and the Digital Networks Act (DNA) are framed by the Commission as complementary instruments for Europe's digital ecosystem, operating in different domains. For architects and CTOs planning infrastructure, CADA would target the compute layer while the DNA targets the connectivity layer.

CADA's scope: data centres and cloud sovereignty As proposed, CADA sets a framework for the accelerated deployment of data centres across the Union (Article 1) and introduces mechanisms such as data centre acceleration zones (Article 10) and single information points (Article 12) to streamline permitting and support sustainable deployment.

CADA would also establish a Union cloud computing sovereignty framework with four Union assurance levels. Under that framework, public-sector bodies and Union entities would procure cloud services according to a risk-based assessment (Article 29) of which activities contribute to the preservation of public order, with criteria addressing matters such as data localisation, personnel and protection against third-country control (detailed in the CADA Annexes).

The DNA's scope: connectivity infrastructure The Digital Networks Act, by contrast, supports — in the words of the CADA memorandum — "the development of a robust, fast, secure, cutting-edge digital networks." Its focus is the connectivity that is a prerequisite for data centre deployment, including gigabit and beyond. The DNA also addresses the convergence of network infrastructure, including scenarios where a cloud computing service provider operates an electronic communications network.

The boundary: leveraging, not duplicating The boundary is set out in the CADA proposal's explanatory memorandum. The Commission states that the proposal "complements the Digital Networks Act" and "leverages the Digital Networks Act's advancements for connectivity and thus stays focused on the deployment of data centres capacities, not the prior or parallel build-out of the necessary connectivity infrastructure."

This is operationalised in Article 10 of CADA, on the designation of data centre acceleration zones. When designating these zones, Member States must consider several aspects, including:

• (b) "the available and future power grid capacity and the possibility and conditions for on-site storage and clean energy generation;"
• (c) "the available and future network connectivity capacity;"
• (d) "the capacity of the zone to support the phasing out of legacy copper networks;"

Furthermore, Article 10(4) requires Member States, when designating acceleration zones, to ensure the involvement of and coordination among relevant authorities and entities, including "operators as defined in Article 2, point (29), of Directive (EU) 2018/1972" (the European Electronic Communications Code), alongside transmission and distribution system operators under Directive (EU) 2019/944. This coordinates data centre siting with network and grid planning, but it does not give CADA authority over the network build-out itself.

Complementarity in action The CADA memorandum notes the DNA also addresses scenarios where a cloud computing service provider operates an electronic communications network and has so far not been subject to obligations under the European Electronic Communications Code. CADA would build on the connectivity the DNA supports, focusing on getting data centres deployed efficiently, sustainably and securely. In short: the DNA would help ensure the connectivity is in place; CADA would govern how the data centres are deployed within it.

What this means for you

For CTOs, architects and SMEs weighing the practical impact, the split between CADA and the DNA has several implications:

1. Infrastructure planning: New data centre projects would engage two tracks. Under the DNA you would deal with connectivity, access and — if your facility includes an electronic communications network — possible obligations under the European Electronic Communications Code. Under CADA you would work within the acceleration-zone framework (Article 10), which requires coordination with electronic communications operators and grid operators.
2. Sovereignty compliance: If you are a cloud provider targeting public-sector contracts, CADA's sovereignty framework is the relevant concern. You would prepare for recognition against the Union assurance levels (1–4), demonstrating criteria on matters such as data localisation, personnel and third-country control. The DNA would not impose these sovereignty requirements.
3. Permitting and acceleration: CADA would give data centre operators in acceleration zones the right to assistance from a single information point across the project lifecycle (Article 12), streamlining permitting. This relies on the underlying connectivity the DNA supports being available.
4. SME participation: Under Article 33, Member States would monitor their procurement of innovation in cloud and AI and "pursue as objective that at least 25% of their procurement for cloud computing services and AI systems be awarded to innovative SMEs." Knowing which act applies to your offering helps you reach the right support mechanisms.

Common misconceptions

• Misconception 1: CADA regulates network build-out.
  • Correction: As proposed, CADA would not regulate the build-out of connectivity infrastructure. The Commission says it leverages the DNA's advancements in that area and stays focused on data centre capacity, cloud sovereignty and AI development.
• Misconception 2: The DNA imposes sovereignty requirements on cloud services.
  • Correction: Sovereignty requirements for cloud services — including data localisation and protection against third-country control — would sit within CADA's Union cloud computing sovereignty framework, not the DNA.
• Misconception 3: Data centre operators are exempt from connectivity-law obligations.
  • Correction: A data centre operator that also operates an electronic communications network may still owe obligations under the European Electronic Communications Code. CADA's Article 10(4) would require coordination with such operators; it would not exempt them from their own duties.

Official sources

• Data Act (Regulation (EU) 2023/2854)
• Data Governance Act (Regulation (EU) 2022/868)

Related

• CLOUD Act vs EU-US Data Privacy Framework vs CADA: which addresses sovereignty?
• Does CADA protect EU data from the US CLOUD Act?
• CADA vs the Digital Markets Act (DMA) for cloud: what is the difference?
• CADA vs the Data Governance Act (DGA): how do they compare?
• CADA vs the Data Act: what does each regulate for cloud?

This is general information about a draft EU regulation, not legal advice.