Summary Under the proposed Cloud and AI Development Act (CADA), financial penalties are not fixed at the EU level. Instead, Article 24 mandates that Member States establish their own rules for penalties, ensuring they are "effective, proportionate and dissuasive," while providing a specific list of criteria for their imposition. This stands in sharp contrast to the EU AI Act, which sets explicit maximum administrative fines (up to €35 million or 7% of global turnover under Article 99), and the GDPR, which maintains its own separate regime (up to €20 million or 4%). Because these three instruments regulate distinct layers of the digital ecosystem—sovereignty (CADA), system safety (AI Act), and data privacy (GDPR)—a single act of non-compliance could theoretically trigger penalties under all three regimes simultaneously.

Detail

The penalty landscape for cloud and AI providers is becoming increasingly complex as the EU layers new sovereignty requirements on top of existing data protection and AI safety rules. Understanding the structural differences between CADA, the AI Act, and the GDPR is critical for risk assessment and compliance strategy.

CADA Penalties: A Delegated Framework

The Cloud and AI Development Act (CADA), as proposed in COM(2026) 502 final, adopts a "framework" approach to penalties rather than a "harmonised amount" approach. This reflects the proposal's legal basis in Article 114 TFEU (internal market) and Article 173(3) TFEU (industrial competitiveness), aiming to harmonise the existence of penalties while allowing Member States to calibrate the severity based on national legal traditions.

Article 24 of the CADA proposal is the sole provision governing penalties and compensation. It establishes three key pillars:

  1. National Discretion on Amounts: Article 24(1) requires Member States to "lay down the rules on penalties applicable to infringements of this Chapter by cloud computing service providers within their competence." Crucially, the text does not specify a maximum fine percentage or a fixed euro cap. It only mandates that penalties must be "effective, proportionate and dissuasive." Member States must notify the Commission of these rules and any amendments.
  2. Mandatory Criteria for Imposition: While the amounts are national, the methodology for calculating them is harmonised. Article 24(2) lists a non-exhaustive set of criteria that national authorities must consider when imposing penalties:
    • The nature, gravity, scale, and duration of the infringement.
    • Any action taken by the infringing party to mitigate or remedy the damage.
    • Any previous infringements by the infringing party.
    • The financial benefits gained or losses avoided by the infringing party.
    • The infringing party's annual turnover in the preceding financial year in the Union.
  3. Civil Liability: Distinct from administrative fines, Article 24(3) creates a direct right of action for private parties. It states that "recipients of the cloud computing services shall have the right to seek... compensation from cloud computing service providers for any damage or loss suffered due to an infringement." This introduces a significant layer of financial risk beyond regulatory fines, particularly for public sector bodies that may suffer operational disruptions due to sovereignty breaches.

Note on Article 27: While the user prompt referenced Article 27, the corpus confirms that Article 27 of the CADA proposal concerns "Mutual assistance" between national competent authorities (information sharing and investigation), not penalties. The penalty regime is exclusively located in Article 24.

AI Act Fines: Explicit EU-Wide Caps

In contrast to CADA's delegated model, the EU AI Act (Regulation (EU) 2024/1689) establishes a rigid, harmonised penalty structure directly in the regulation. Article 99 defines three distinct tiers of administrative fines, which apply uniformly across all Member States:

  • Tier 1 (Prohibited Practices): Breaches of Article 5 (e.g., social scoring, certain biometric categorisation) carry fines of up to €35,000,000 or, for undertakings, up to 7% of total worldwide annual turnover for the preceding financial year, whichever is higher.
  • Tier 2 (Other Infringements): Breaches of other obligations (e.g., high-risk system requirements, transparency rules) carry fines of up to €15,000,000 or 3% of total worldwide annual turnover, whichever is higher.
  • Tier 3 (Incorrect Information): Supplying incorrect, incomplete, or misleading information to authorities carries fines of up to €7,500,000 or 1% of total worldwide annual turnover, whichever is higher.

The AI Act also includes a specific provision for SMEs and start-ups, stating that fines shall be up to the percentages or amounts referred to above, whichever is lower, to ensure proportionality.

GDPR Fines: The Data Protection Baseline

The General Data Protection Regulation (GDPR) operates as a separate, pre-existing regime. Governed by Article 83, it allows supervisory authorities to impose administrative fines of up to €20,000,000 or 4% of total worldwide annual turnover for the most serious infringements (e.g., violations of basic processing principles, conditions for consent, or data subject rights). Less severe infringements can result in fines up to €10,000,000 or 2% of turnover.

Unlike CADA, which focuses on the sovereignty of the infrastructure (who controls it, where it is located), GDPR fines are triggered by breaches of data protection principles (lawfulness, fairness, transparency, security).

The Risk of Cumulative Liability

A critical insight for legal counsel is that these regimes are not mutually exclusive. They regulate different legal interests, meaning a single operational failure can trigger penalties under all three frameworks simultaneously.

  • CADA vs. AI Act: The CADA proposal explicitly states in Recital 11 that it "reinforces key objectives of the AI Act" but notes that the AI Act "does not cover aspects of sovereignty."
    • Scenario: A provider deploys a high-risk AI system for law enforcement. If the system lacks proper risk management, the provider faces AI Act fines under Article 99. If the same provider hosts that system on infrastructure that fails to meet Union Assurance Level 3 (e.g., data is stored outside the EU or personnel are not Union citizens), the provider faces CADA penalties under Article 24 for breaching sovereignty rules.
  • CADA vs. GDPR: Recital 10 of the CADA proposal confirms it is "consistent with existing rules on the processing of personal data, including the GDPR." However, CADA introduces requirements that go beyond GDPR.
    • Scenario: A public body stores sensitive data in a cloud service. If the provider transfers that data to a third country without adequate safeguards, the provider faces GDPR fines under Article 83. If the transfer also violates CADA's data localisation rules for Union Assurance Level 2 (where data must remain exclusively in the Union unless explicitly required otherwise), the provider faces CADA penalties under Article 24.
  • The "Triple Hit" Risk: A single incident, such as a data breach caused by a third-country actor gaining access to EU infrastructure, could theoretically result in:
    1. GDPR fines for failing to ensure data security (Article 32).
    2. AI Act fines if the breach involved a high-risk AI system (e.g., lack of logging or robustness).
    3. CADA penalties for failing to prevent third-country control or disruption of service continuity (Annex II criteria).

What this means for you

For in-house counsel, compliance officers, and risk managers, the fragmented penalty landscape requires a multi-layered strategy. You cannot rely on GDPR compliance alone to shield your organisation from CADA or AI Act liabilities.

1. Monitor National Implementations for CADA

Since CADA penalties are set by Member States, the "effective, proportionate and dissuasive" standard will be interpreted differently across the EU.

  • Action: Monitor the national transposition laws in every jurisdiction where you operate. A penalty that is "dissuasive" in one Member State may differ significantly in another.
  • Risk: Ensure your internal risk assessments account for the highest potential penalty across all relevant jurisdictions, as CADA does not cap the fine amount at the EU level.

2. Maintain Distinct Compliance Tracks

You must manage three separate compliance frameworks, as the triggers for penalties differ:

  • For the AI Act: Focus on risk classification, technical documentation, and conformity assessments. Prepare for potential fines up to 7% of global turnover for prohibited practices.
  • For the GDPR: Focus on data subject rights, lawful bases for processing, and international transfer mechanisms. Prepare for fines up to 4% of global turnover.
  • For CADA (when adopted): Focus on Union Assurance Levels (1-4), audit readiness, and supply chain transparency. Prepare for penalties defined by national authorities, guided by the criteria in Article 24(2) (e.g., financial benefits gained, turnover in the Union).

3. Audit and Evidence Retention

CADA requires rigorous audit evidence (Article 21) and transparency (Article 23).

  • Action: Ensure your cloud services can demonstrate compliance with sovereignty criteria (e.g., data location, personnel status, software supply chain) to avoid penalties for inaccurate reporting.
  • Risk: Under CADA, providing incorrect information is a specific ground for penalty consideration under Article 24(2) (financial benefits/losses avoided) and could be an aggravating factor.

4. Prepare for Civil Liability

Unlike the AI Act and GDPR, which primarily focus on administrative fines imposed by regulators, CADA explicitly grants service recipients the right to seek compensation for damages (Article 24(3)).

  • Action: Review your contracts with public sector bodies.
  • Risk: This introduces a new layer of financial risk from private litigation. Public sector clients may sue for losses resulting from sovereignty breaches (e.g., service disruption due to third-country interference), independent of any regulatory fine.

Common misconceptions

"CADA fines are fixed at the EU level like the AI Act."

  • Reality: CADA leaves the determination of penalty amounts to Member States. While it mandates that penalties be "effective, proportionate and dissuasive" and lists criteria for their imposition (Article 24), it does not set a uniform maximum fine percentage or euro amount across the EU.

"Compliance with the GDPR ensures compliance with CADA."

  • Reality: GDPR focuses on data protection and privacy. CADA focuses on sovereignty, operational autonomy, and security. A service can be GDPR-compliant (e.g., having valid transfer mechanisms) but non-compliant with CADA (e.g., failing to meet Union Assurance Level 2 requirements for personnel citizenship or infrastructure location).

"Only one regulator can fine us for the same incident."

  • Reality: The principle of ne bis in idem (double jeopardy) generally applies within a single legal framework. However, because CADA, the AI Act, and the GDPR are separate legal instruments with different objectives, a single incident (e.g., a data breach involving unlawful cross-border transfer) could theoretically trigger administrative fines from data protection authorities (GDPR), AI regulators (AI Act, if high-risk AI is involved), and national competent authorities under CADA (if sovereignty rules are breached).

"CADA penalties are only for large hyperscalers."

  • Reality: CADA applies to all cloud computing service providers offering services to Union entities and public sector bodies. SMEs are subject to the same sovereignty requirements, though some procedural simplifications exist (e.g., automatic recognition of conformity statements for SMEs under Article 17(3)). Penalties will be proportionate, but small providers are not exempt.

Official sources

Related

This is general information about a draft EU regulation, not legal advice.