Summary Under the proposed Cloud and AI Development Act (CADA), Finland would be obliged to designate one or more single information points (SIPs) to assist data centre operators with all authorisations required for projects located within designated data centre acceleration zones. As proposed in Article 12, these SIPs would coordinate the entire lifecycle of permitting, with the option to integrate existing structures established under the Gigabit Infrastructure Act (Regulation (EU) 2024/1309). Furthermore, Article 13 introduces an "aggregated baseline permit" for these zones, covering zone-level authorisations and establishing a strict 12-month cap on the permit-granting procedure for projects, though installation-specific permits remain excluded from this baseline.

Detail

The proposed Cloud and AI Development Act (CADA), COM(2026) 502 final, establishes a harmonised framework to accelerate the deployment of data centre capacity across the European Union. For Finland, as for all Member States, the provisions in Title III, Chapter I of the proposal would significantly restructure how data centre projects are permitted, particularly when located within designated "data centre acceleration zones." The core mechanisms driving this acceleration are the mandatory establishment of single information points (Article 12) and the introduction of aggregated baseline permits (Article 13).

These measures are designed to address the "limited and geographically concentrated availability of computing capacity" identified in the proposal's explanatory memorandum, which currently forces European enterprises to route critical workloads through foreign infrastructure due to bottlenecks in domestic deployment.

The Obligation to Designate Single Information Points (Article 12)

Article 12 of the CADA proposal establishes a mandatory requirement for Member States to designate one or more single information points for data centre operators working within acceleration zones. This provision is designed to eliminate administrative fragmentation by providing a single entry point for all regulatory interactions.

Scope of Assistance Under Article 12(1), the data centre operator has the right, upon request, to be assisted by the single information point throughout the entire lifecycle of the data centre project. This assistance covers all authorisations required for the deployment of the data centre within the acceleration zone. The role of the SIP is not merely informational; it involves active coordination and facilitation. The text explicitly states that the operator shall be assisted "with respect to all authorisations required for the deployment of the data centre."

Functions of the Single Information Point Article 12(2) outlines the specific functions the SIP may perform. These include, but are not limited to:

  • Coordinating, facilitating, monitoring, and sharing information on procedures related to spatial planning and building permits.
  • Managing environmental assessments, in accordance with the Regulation on speeding-up environmental assessments (referenced as Regulation (EU) 2026/XXXX in the proposal).
  • Handling authorisations regarding water abstraction, wastewater discharge, and heat utilisation and recovery.
  • Ensuring compliance with applicable administrative and reporting obligations.
  • Providing information to the public, with the aim of increasing public acceptance of the data centre project.
  • Processing applications for connection to electricity, heat, or communications networks, or to other relevant networks.

Integration with the Gigabit Infrastructure Act A critical aspect of Article 12(1) is its flexibility regarding existing administrative structures. The text states that Member States may designate for this purpose a single information point established under Regulation (EU) 2024/1309 (the Gigabit Infrastructure Act). This means Finland is not required to build a wholly new bureaucratic entity if it can adapt its existing Gigabit SIP to meet the specific needs of data centre operators.

The proposal clarifies that "The functions, procedures and mechanisms applicable to such single information points under Regulation (EU) 2024/1309, including those relating to digital access, administrative coordination and dispute settlement, shall also apply." This integration aims to reduce administrative overhead and leverage existing digital infrastructure for permit coordination, ensuring that the "single information point" is not a siloed addition but part of a broader digital governance framework.

Special Attention to SMEs Article 12(4) explicitly mandates that the single information point must pay particular attention to small and medium-sized enterprises (SMEs). Where appropriate, the SIP must establish a dedicated channel for communication with SMEs to provide guidance and respond to queries. This is a significant provision for smaller data centre operators or edge computing providers who may lack the extensive legal and regulatory teams of hyperscalers, ensuring they are not disadvantaged by the complexity of the new framework.

The Aggregated Baseline Permit and Accelerated Timelines (Article 13)

While Article 12 addresses the coordination of permits, Article 13 addresses the substance and speed of the permitting process itself. It introduces the concept of an "aggregated baseline permit" to streamline authorisations for projects in acceleration zones.

The Aggregated Baseline Permit Article 13(2) obliges Member States to prepare and issue an aggregated baseline permit authorising the deployment of data centres in each designated acceleration zone. This permit is distinct from individual project permits. It covers the permits and administrative authorisations commonly required for data centre projects located within that specific zone.

Crucially, Article 13(2) specifies that this aggregated baseline permit excludes installation-specific permits. This means that while zone-wide issues such as general environmental impact, spatial planning compatibility, and broad energy grid connections might be pre-approved or streamlined through the baseline permit, individual technical installations (such as specific building structures, unique cooling systems, or site-specific safety measures) still require separate, project-specific authorisations. The baseline permit serves as a "pre-clearance" for the zone's general conditions, not a blanket approval for every structure within it.

Pre-Approval of Assessments Article 13(3) requires that before issuing the aggregated baseline permit, Member States must carry out all necessary procedures and assessments. This includes any relevant environmental assessments, planning procedures and evaluations applicable at the level of the acceleration zone. By conducting these assessments at the zone level rather than the project level, CADA aims to remove a significant bottleneck from individual project timelines. The proposal notes that where these plans are subject to assessment under Directive 2001/42/EC (Strategic Environmental Assessment) and other directives, "those assessments shall be combined."

The 12-Month Cap Article 13(5) sets a strict timeline for the remaining administrative applications. It states that the permit-granting procedure for data centre projects deployed in acceleration zones shall not exceed 12 months from the moment a comprehensive application has been submitted. This time limit is without prejudice to any shorter time limits set by Member States.

The proposal further states: "Where such a status exists in national law, data centre projects shall be allocated the status of highest national significance possible and be treated as such in permit-granting processes." However, it explicitly notes that "This paragraph shall apply only where such status exists in national law and shall not create an obligation for Member States to introduce such status." Thus, while Finland would be required to apply its highest significance status to these projects if it already has one, CADA would not force Finland to create a new "highest significance" category if one does not exist.

Strategic Project Status Article 13(1) further accelerates the process by stating that data centre projects in acceleration zones shall be considered "strategic projects" within the meaning of the Regulation on speeding-up environmental assessments. This classification grants them access to a dedicated toolbox for faster environmental assessments, reinforcing the 12-month cap. The proposal clarifies that data centre projects deployed in acceleration zones "should be considered strategic projects within the meaning of Article 14 of Regulation (EU) 2026/XXX [on speeding-up environmental assessments] and shall benefit from the toolbox set out in the Annex to that Regulation."

Interaction with Finnish National Law

For Finland, the implementation of Articles 12 and 13 requires aligning national spatial planning, environmental, and building regulations with these EU-level mandates. Finland already has robust digital infrastructure and a history of efficient permitting, but the introduction of the aggregated baseline permit represents a structural shift.

The Finnish authorities would need to define which authorisations are "zone-level" (covered by the baseline permit) and which are "installation-specific" (requiring individual permits). The integration with the Gigabit Infrastructure Act's SIP offers a practical pathway for implementation, allowing Finland to potentially use its existing high-speed network permitting bodies to handle data centre coordination, provided they are equipped to manage the broader scope of data centre requirements (e.g., energy, water, heat).

The proposal also notes that Member States must designate these acceleration zones "by [date of entry into force plus 6 months]" (Article 10(1)), meaning Finland would have a tight window to identify suitable sites, conduct energy need analyses, and designate the zones before the permitting mechanisms could fully activate.

What this means for you

For CTOs, architects, and SMEs evaluating the practical impact of CADA in Finland, the changes to permitting and single information points represent a shift from fragmented, project-by-project negotiations to a more predictable, zone-based regulatory environment.

For CTOs and Architects:

  • Predictable Timelines: The 12-month cap on permit-granting procedures (Article 13(5)) provides a hard deadline for regulatory approval, assuming a comprehensive application is submitted. This allows for more accurate project scheduling and resource allocation, reducing the uncertainty that often plagues large infrastructure projects.
  • Zone-Level Due Diligence: Before committing to a specific site, you must verify that the location falls within a designated data centre acceleration zone. If it does, you benefit from the aggregated baseline permit. You should request the baseline permit documentation from the Finnish authorities to understand which environmental and planning assessments are already completed. This reduces the need for redundant studies, as the zone-level assessments are pre-approved.
  • Single Point of Contact: You no longer need to navigate multiple municipal, energy, and environmental agencies independently. The single information point (SIP) acts as your coordinator. However, you must still prepare comprehensive applications for installation-specific permits. The SIP facilitates the process but does not replace the need for technical compliance or the submission of specific project data.

For SMEs:

  • Dedicated Support: Article 12(4) mandates that SIPs establish dedicated channels for SMEs. If you are a smaller operator, you should proactively seek out this channel. It may provide tailored guidance on navigating the aggregated baseline permit and installation-specific requirements, reducing the legal and administrative costs that often disproportionately affect smaller firms.
  • Integration with Gigabit SIPs: If Finland integrates its data centre SIP with the Gigabit Infrastructure Act's SIP, SMEs already familiar with the digital network permitting process may find the transition smoother. Familiarity with the existing digital submission portals and dispute settlement mechanisms will be an asset, as the proposal states these mechanisms "shall also apply."

Strategic Recommendation: Engage with the Finnish national competent authority early in the site-selection process. Request clarity on which specific authorisations are covered by the aggregated baseline permit for your target acceleration zone. This will help you determine the scope of work required for your installation-specific permit application, ensuring you can meet the 12-month timeline. Furthermore, verify whether Finland intends to designate its existing Gigabit SIP as the data centre SIP, as this will determine the digital interface and procedural rules you will encounter.

Common misconceptions

Misconception 1: The Single Information Point approves the permits.

  • Reality: The SIP coordinates and facilitates the process. It does not replace the competent authorities responsible for granting permits. The SIP ensures that information is shared and procedures are monitored, but the final approval decisions remain with the relevant regulatory bodies. The text states the SIP "assists" and "coordinates," not that it "decides."

Misconception 2: The Aggregated Baseline Permit covers everything.

  • Reality: Article 13(2) explicitly excludes installation-specific permits. The baseline permit covers zone-level authorisations (e.g., general environmental impact, spatial planning compatibility). You still need to obtain specific permits for the physical construction, unique technical installations, and site-specific safety measures. The baseline permit is a "zone-level" tool, not a "project-level" waiver.

Misconception 3: All data centres in Finland are covered.

  • Reality: These streamlined processes apply only to data centres deployed within designated data centre acceleration zones. Projects outside these zones do not automatically benefit from the aggregated baseline permit or the strict 12-month cap, although national laws may provide other accelerations. The designation of these zones is a prerequisite for the application of Articles 12 and 13.

Misconception 4: The Gigabit SIP will automatically handle data centre permits.

  • Reality: Article 12(1) allows Member States to designate the Gigabit SIP for this purpose, but it is not mandatory. Finland must decide whether to integrate the functions. If they do not, a new or separate SIP may be designated. Operators should verify the current status of the designated SIP in Finland, as the proposal states Member States "may designate for this purpose a single information point established under Regulation (EU) 2024/1309."

Related

This is general information about a draft EU regulation, not legal advice.