Can Union added value criteria favour open-source solutions under CADA?

Summary As proposed in the Cloud and AI Development Act (CADA), contracting authorities must include non-price award criteria to evaluate a tenderer's contribution to the European cloud and AI ecosystem. While these "Union added value" criteria cannot be decisive in the award of a contract, they allow authorities to score providers higher for integrating technologies developed in the Union, including software, models, standards, and specifications. This framework aligns with CADA's broader "open-source first" policy, meaning that open-source tools developed or maintained in the EU can serve as positive evidence of Union added value, provided the criteria remain ancillary and strictly linked to the subject matter of the contract.

Detail

The Cloud and AI Development Act (CADA), as proposed in COM(2026) 502 final, introduces a structured mechanism for public procurement of cloud computing services and AI systems that explicitly rewards European technological sovereignty. Central to this is Article 32, which mandates that contracting authorities include non-price award criteria to evaluate the "Union added value" of tenders. This is not a blanket preference for EU-owned companies, but rather a nuanced evaluation of how a tender contributes to strengthening the EU's digital supply chain and innovation capacity.

The Legal Framework: Article 32(1) and (2)

Under Article 32(1), contracting authorities are required to include non-price award criteria as part of the quality evaluation of a tender. These criteria allow the authority to evaluate the tenderer's contribution to the development of a European cloud and AI ecosystem.

Crucially, Article 32(2) sets strict boundaries for these criteria to prevent market distortion:

• They must be linked to the subject matter of the contract.
• They must be expressly set out in the procurement documents or in the contract notice.
• They must not confer unrestricted freedom of choice on the contracting authority.
• Most importantly, they must be ancillary and not decisive in the award of the contract.

This ensures that technical performance and financial offer remain the primary drivers of the procurement decision, preventing protectionism while still incentivizing strategic European capabilities.

Specific Factors: Article 32(3) and the Open-Source Link

Article 32(3) details the specific elements contracting authorities may evaluate. These include:

• (a) The tenderer's contribution to strengthening the digital technology supply chain in the Union, including the use of software or hardware designed or manufactured in the Union.
• (b) The extent to which the tenderer has integrated technologies developed in the Union, including research and development results stemming from Union-funded research and development programmes, and makes use of tools, such as standards, specifications, software, models or other technology developed in the Union.
• (c) The contribution of the innovation required to deliver the service to strengthening the security of supply and the development of a European cloud and AI ecosystem.
• (d) The delivery of the service using critical computing, storage, and networking hardware components designed and/or manufactured in the Union.

Article 32(3)(b) is the critical provision for open-source solutions. It explicitly allows authorities to evaluate the use of "software, models... or other technology developed in the Union." Open-source software (OSS) is a key lever in the EU's digital sovereignty strategy. By using OSS that is developed, maintained, or significantly contributed to within the EU, a provider can demonstrate compliance with this criterion.

This aligns directly with Article 41 of CADA, which establishes an "open source first" approach for the Union and Member States. Article 41 requires the Union and Member States to take necessary measures to encourage Union entities and public sector bodies to use and facilitate the reuse of open standards and components released under an open source licence. The rationale is that open source reduces vendor lock-in, enhances security through auditability, and strengthens digital autonomy. Therefore, when a cloud provider builds their service on an open-source stack that is rooted in European development (e.g., software foundations supported by EU entities), they are simultaneously satisfying the spirit of Article 41 and providing concrete evidence for the Union added value criteria under Article 32.

Scoring and Weighting

The proposal suggests that these criteria should be proportionate. The explanatory memorandum (Recital 67) indicates that contracting authorities could consider a maximum weighting of 15 out of 120 points for Union added value within the overall evaluation methodology. This ensures that while European development is rewarded, it does not override the core technical and financial merits of the bid.

What this means for you

For cloud service providers and data centre operators, CADA's Article 32 changes the landscape of public procurement. You can no longer compete solely on price and generic technical specs; you must actively demonstrate your contribution to the EU's digital ecosystem.

1. Audit Your Tech Stack: Review the software, AI models, and standards you use. Identify which components were developed, maintained, or significantly contributed to within the EU. If you use open-source tools, verify their origin and development base.
2. Document Your Contribution: Be prepared to provide evidence for Article 32(3)(b). This might include documentation showing your use of EU-funded R&D results, adherence to European standards, or integration of EU-developed software. For open-source solutions, highlight your contributions to European open-source foundations or communities.
3. Highlight Sovereignty in Tenders: When bidding for public contracts, explicitly address the Union added value criteria. Explain how your use of open-source or EU-developed technologies strengthens the security of supply and reduces dependency on third-country providers.
4. Ensure Criteria Are Ancillary: Remember that these criteria are secondary. Your primary focus must remain on delivering a high-quality, compliant, and cost-effective service. Do not let the pursuit of Union added value points compromise the core technical requirements of the contract.

Common misconceptions

• "Union added value means only EU-owned companies win." This is incorrect. Article 32 focuses on the technology and innovation developed in the Union, not just the nationality of the provider. A non-EU provider could theoretically score well if they integrate significant EU-developed software or hardware, though this is less common. Conversely, an EU provider using entirely third-country proprietary software may score poorly.
• "Open source automatically guarantees a high score." Not necessarily. The criterion is about technology developed in the Union. Using open-source software developed entirely outside the EU (e.g., certain US-based foundations) may not contribute to the Union added value criterion under Article 32(3)(b). The provenance and development location of the open-source component matter.
• "These criteria can override technical performance." No. Article 32(2) explicitly states that these criteria must be "ancillary and not decisive." They are a tie-breaker or a quality differentiator, not a replacement for meeting the core technical and financial requirements of the procurement.

Related

• CADA Article 32: Can authorities add criteria beyond Union added value?
• Must Union added value criteria be published in tender documents? CADA Art. 32
• How should a bidder respond to Union added value criteria in a CADA tender?
• CADA Article 32: How much weight can Union added value carry?
• CADA Procurement & WTO GPA: How Union Added Value Criteria Work

This is general information about a draft EU regulation, not legal advice.