Does CADA require defence procurement to use EU-only cloud providers?

Summary No, the proposed Cloud and AI Development Act (CADA) does not mandate that defence procurement exclusively use "EU-only" cloud providers in the sense of a blanket geographic ban. Instead, as proposed, it requires contracting authorities whose activities are identified as contributing to the preservation of public order—including defence—to procure cloud services recognised at Union assurance levels 2, 3, or 4. While these higher assurance levels impose strict criteria regarding third-country control, personnel citizenship, and data localisation, they do not inherently exclude all non-EU providers if specific conditions are met (e.g., establishment in the Union or a Commission decision under Article 18). The obligation is driven by a mandatory risk assessment under Article 29, not a rigid geographic restriction.

Detail

To determine whether CADA imposes an "EU-only" requirement for defence procurement, one must analyse the interplay between the Union cloud computing sovereignty framework, the risk assessment mechanism, and the specific procurement obligations. The proposal establishes a framework comprising four Union assurance levels, with criteria detailed in Annex II. The core procurement obligation is found in Article 30, which dictates the minimum assurance levels contracting authorities must utilise.

The Trigger: Risk Assessment under Article 29

The requirement to procure specific assurance levels is not automatic for all public sector bodies; it is strictly triggered by a risk assessment. Article 29(1) obliges Member States and Union entities to carry out risk assessments within one year of the Regulation's entry into force, and thereafter every two years or whenever necessary.

These assessments must:

1. Identify public sector activities that contribute to the preservation of public order in sectors falling under Annex I or II of Directive (EU) 2022/2555 (NIS2), and specifically in the areas of national security, internal security, external border management, defence, justice, or law enforcement.
2. Determine which Union assurance level (2, 3, or 4) is appropriate for those identified activities.

Recital 52 clarifies that the Union assurance levels provide a proportionate framework to ensure public order is preserved. It notes that "in some specific cases Union assurance levels 3 or 4 may be considered necessary and proportionate in preserving public order." The risk assessment ensures that the principles of proportionality and subsidiarity are complied with by assessing specific cases where the protection of public order requires the highest level of assurance. Consequently, if a Member State's risk assessment identifies a specific defence activity as critical to public order, the procurement for that activity is legally bound to the higher assurance tiers.

Procurement Obligations for Defence (Article 30)

Article 30(3) explicitly states that contracting authorities, including entities acting on their behalf, whose activities have been identified as contributing to the preservation of public order under Article 29(1) in sectors such as defence, "shall only procure cloud computing services that have been recognised as having a Union assurance level 2, 3 or 4."

This means that for defence-related cloud procurement, the baseline of Union assurance level 1 (which allows for more flexibility regarding third-country control and personnel) is insufficient. The procurement must target services that have undergone independent third-party audits and met the stricter criteria of levels 2, 3, or 4.

What "EU-Only" Means in Practice: The Assurance Level Criteria

The question of whether this translates to "EU-only" providers depends entirely on the specific criteria for Union assurance levels 2, 3, and 4 set out in Annex II.

• Union Assurance Level 2: Requires that the audited provider and subcontractors involved in the service are established in the Union. It also requires that infrastructure, assets, and personnel are located in the Union. However, Annex II, Section 2.1(g) allows for providers subject to third-country control if they demonstrate that necessary legal, technical, and organisational measures are in place to prevent third-country access to data or disruption of service. Thus, a provider established in the EU but controlled by a non-EU entity could theoretically qualify for Level 2, provided safeguards are met.
• Union Assurance Level 3: This level is stricter. Annex II, Section 3.1(g) states that the audited provider and subcontractors "are not subject to the control of a third country or a legal entity established in a third-country." However, there is a critical derogation: a provider subject to third-country control may be audited for Union assurance level 3 if the Commission has adopted an implementing act under Article 18 recognising that third country as providing sufficient assurances. Article 18 allows the Commission to identify third countries for which providers subject to their control may be audited against level 3 criteria, provided the third country meets cumulative criteria such as having an adequacy decision under the GDPR and no measures enabling control over the provider that conflicts with EU law.
• Union Assurance Level 4: This is the highest level. Annex II, Section 4.1(g) strictly states that the audited provider and subcontractors "are not subject to the control of a third country or a legal entity established in a third-country." There is no derogation for third-country control at this level. Additionally, personnel involved must be Union citizens (Annex II, Section 4.1(d)).

Therefore, for Union assurance level 4, the provider must effectively be free from third-country control, which in practice often aligns with "EU-only" or at least "non-third-country-controlled" entities. For levels 2 and 3, non-EU providers may potentially qualify if they are established in the EU or if their home country has a specific Commission decision under Article 18.

WTO GPA and Public Order Exceptions

A critical legal context for these procurement restrictions is the World Trade Organization Agreement on Government Procurement (WTO GPA). Recital 64 addresses this directly, stating that the Union maintains an open and non-discriminatory framework for market access in accordance with the TFEU and subject to international commitments, including the WTO GPA.

However, Recital 64 also clarifies that "where necessary and in duly justified circumstances, the Union retains the right, in accordance with Article III:2(a) of the WTO GPA, to adopt or maintain measures necessary to protect public morals, order or safety, allowing for necessary and proportionate restrictions on access to public procurement procedures." The recital emphasises that identifying and addressing risks such as critical dependencies, unauthorised access to Union data, and espionage by third-country actors is fundamental for preserving Union public order. This provides the legal justification for restricting procurement to specific assurance levels, even if it limits access for some non-EU providers, framing it as a public order necessity rather than arbitrary protectionism.

Exemptions and Derogations

Article 30(4) provides derogations from the assurance level requirements in exceptional circumstances. Contracting authorities may decide not to procure recognised services if:

• The subject matter cannot be supplied by recognised services in the central repository, and no adequate alternative exists.
• A similar procurement process was launched within the previous year but received no suitable tenders.
• Applying the requirements would result in disproportionate costs.

These derogations allow for flexibility in defence procurement where sovereign cloud options may not yet be available or mature enough for specific niche applications, ensuring operational continuity is not compromised by rigid compliance requirements.

What this means for you

For in-house counsel, procurement officers, and compliance teams in the defence and security sectors, the key takeaways are:

1. Risk Assessment is the Trigger: You must participate in or align with your Member State's risk assessment under Article 29. If your activities are classified as contributing to the preservation of public order in defence, you are legally bound to procure cloud services at Union assurance levels 2, 3, or 4. This is not a voluntary choice but a statutory requirement driven by the assessment outcome.
2. Verify Assurance Levels: When procuring cloud services, you must verify that the provider has been formally recognised under Article 17 as offering the required assurance level. This recognition is recorded in the central repository established by the Commission under Article 22. Do not rely solely on vendor marketing claims of "sovereignty"; look for the formal EU recognition and the specific assurance level assigned.
3. Monitor Article 18 Decisions: If you are considering a provider subject to third-country control, monitor Commission decisions under Article 18. Only if the Commission has specifically recognised the third country for Union assurance level 3 can such a provider qualify for level 3 procurement. For level 4, third-country controlled providers are effectively excluded.
4. Document Derogations: If you cannot find a recognised provider for a specific defence need, document the justification carefully under Article 30(4) to use a derogation. This must be an exceptional, duly justified circumstance, not a routine bypass. Failure to document the lack of suitable tenders or disproportionate cost could render the procurement non-compliant.
5. Transition Planning: Be aware that Member States have one year from the Regulation's entry into force to designate national competent authorities and complete initial risk assessments. Plan your procurement cycles accordingly to ensure compliance by the time these assessments are finalised.

Common misconceptions

• Misconception: CADA bans all non-EU cloud providers for defence.
  • Reality: CADA does not ban non-EU providers outright. It bans services that do not meet the specific assurance levels determined by risk assessment. A non-EU provider established in the EU, or a third-country provider from a country recognised under Article 18, may still qualify for Union assurance levels 2 or 3. Only Union assurance level 4 strictly prohibits third-country control.
• Misconception: All public sector procurement must use sovereign cloud.
  • Reality: Only activities identified as contributing to the preservation of public order (e.g., defence, national security) require assurance levels 2, 3, or 4. Other public sector activities that do not involve public order risks may use services recognised at Union assurance level 1, which has less stringent requirements regarding third-country control and personnel.
• Misconception: The AI Act governs cloud procurement for defence.
  • Reality: The AI Act regulates AI systems, not cloud infrastructure procurement. CADA is the specific instrument governing cloud sovereignty and procurement. While the AI Act may apply to AI systems running on the cloud, the cloud service itself is governed by CADA's sovereignty framework.
• Misconception: WTO rules prevent these restrictions.
  • Reality: As clarified in Recital 64, the WTO GPA allows for exceptions to protect public order and safety. CADA's restrictions are framed as necessary and proportionate measures to protect public order, thus falling within these permitted exceptions.

Official sources

• EU AI Act (Regulation (EU) 2024/1689)
• GDPR (Regulation (EU) 2016/679)

Related

• Does CADA require banks to use EU sovereign cloud providers?
• Which CADA assurance level should defence workloads use?
• What procurement monitoring and reporting does CADA require of Member States?
• Does CADA require telecoms to use EU sovereign cloud?
• Does CADA require public hospitals to use sovereign cloud?

This is general information about a draft EU regulation, not legal advice.