How do I choose the right CADA sovereignty tier for a workload?

Summary Under the proposed Cloud and AI Development Act (CADA), you cannot freely choose a sovereignty tier; it is dictated by a mandatory risk assessment of a workload's impact on public order. As proposed in Article 29, Member States and Union entities must determine which Union assurance level (1–4) is appropriate for specific activities, and Article 30 then sets the procurement obligation. Generally, only activities involving public order, such as national security, defence, justice or critical infrastructure, require the stricter levels 2, 3 or 4, while activities not identified as public-order-relevant default to level 1.

Detail

CADA would introduce a Union cloud computing sovereignty framework of four assurance levels (Article 16, with criteria in Annex II). Choosing the right tier would be a legal obligation derived from a risk-based assessment of your public-sector activity, not a commercial decision based on budget or vendor preference. The framework is designed to be proportionate, reserving the highest assurance for cases where it is strictly necessary to preserve public order.

The four Union assurance levels

The criteria are cumulative: a level 3 service must also meet all level 1 and level 2 requirements (Article 20(1)).

• Union assurance level 1 (baseline): Requires the provider to be established in the Union, with infrastructure, assets and customer data remaining within the Union unless the public-sector body explicitly requires otherwise. It mandates state-of-the-art cybersecurity and full subcontractor transparency (Annex II, point 1).
• Union assurance level 2: Adds that infrastructure, assets and personnel (including those of subcontractors) be located in the Union, and that customer data remain exclusively within the Union. It requires a European cybersecurity certificate of at least "substantial" assurance (or, until such a scheme exists, equivalent standards), prohibits using service-generated data to train or fine-tune third-country AI systems, and mandates software supply-chain measures including a Software Bill of Materials (SBOM) (Annex II, point 2).
• Union assurance level 3: Adds that personnel involved in the service be Union citizens, and that the provider and subcontractors not be subject to third-country control, unless the Commission has recognised the home country under Article 18 and specific safeguards against unauthorised access and disruption are in place (Annex II, point 3).
• Union assurance level 4 (highest): The most restrictive tier. The provider and subcontractors must not be subject to the control of any third country or third-country entity (with no Article 18 derogation), personnel must be Union citizens, and stricter controls apply to the software supply chain and to effective control over components (Annex II, point 4).

The decision mechanism: risk assessments (Article 29)

You do not choose the tier in a vacuum. Article 29 requires Member States and Union entities to conduct risk assessments to determine the appropriate assurance level.

1. Identify public-order relevance: First determine whether the service supports activities contributing to the preservation of public order. Under Article 29(1)(a), this covers sectors falling under Annex I or II of the NIS2 Directive (Directive (EU) 2022/2555), and the areas of national security, internal security, external border management, defence, justice or law enforcement.
2. Assess sensitivity and criticality: Article 29(2) requires considering at least the sensitivity, criticality and magnitude of the non-personal data (and the nature, scope, context and purpose of any personal-data processing and the risk to data subjects); the risk and impact of unlawful third-country access under Union law; and the risk and impact of service disruption.
3. Map to a tier: Article 29(1)(b) requires determining which Union assurance level (2, 3 or 4) is appropriate for the identified public-order activities.

Proportionality and the default position

A key principle is proportionality. Recital 52 states: "Most public services would not require the highest levels of assurance. In some specific cases Union assurance levels 3 or 4 may be considered necessary and proportionate in preserving public order."

Level 4 is therefore not the default. A municipal information website might require only level 1, while a defence ministry's strategic-planning system would likely require level 3 or 4.

Article 30 sets the resulting procurement rules:

• Entities whose activities have not been identified as contributing to public order must use services recognised at Union assurance level 1 (Article 30(2)).
• Contracting authorities whose activities have been identified as contributing to public order must procure services recognised at Union assurance level 2, 3 or 4, per the risk assessment (Article 30(3)).

Practical steps for selection

1. Conduct the risk assessment: Use the methodology, templates and elements the Commission will specify by implementing acts (Article 29(3)). Assessments are required by entry into force plus one year, then at least every two years, or whenever necessary (Article 29(1)).
2. Check national and EU guidance: Member States provide the results to the Commission, which may specify required levels if it finds a determination inadequate (Article 29(4)–(5)).
3. Evaluate vendor capabilities: Once the required level is known, search the central repository of recognised services (Article 22).
4. Consider multi-cloud strategies: Article 29(9) requires considering whether a multi-vendor or multi-cloud strategy is appropriate as part of procurement.

What this means for you

For CTOs and architects, this shifts cloud strategy from a cost-performance trade-off to a compliance-driven architecture.

• Architecture decoupling: Design systems that can be segmented by sovereignty tier. A monolithic environment may not suffice if different workloads require different levels.
• Vendor qualification: Your evaluation must verify a provider's Union assurance level recognition; you cannot assume a provider is "sovereign."
• Data classification: You need a robust classification framework. Without knowing data sensitivity and criticality you cannot perform the Article 29 assessment, and so cannot legally determine the procurement tier.
• Transition planning: If current workloads would not meet the required tier, Article 29(6) allows a transition period not exceeding 12 months.

Common misconceptions

• "Level 4 is the gold standard for all secure data." Recital 52 clarifies that most public services do not need it. Applying level 4 to low-risk workloads is disproportionate and may shrink your vendor pool unnecessarily.
• "I can choose the tier based on my budget." The tier is mandated by the public-order risk assessment. You cannot downgrade a determined requirement to save costs.
• "Third-country providers can never reach level 3." Generally level 3 requires Union establishment and Union-citizen personnel, but Article 18 lets the Commission recognise third countries that provide sufficient safeguards, after which their providers can be audited for level 3, subject to strict conditions. There is no equivalent route at level 4.
• "The AI Act's risk categories determine the CADA tier." They are related but distinct. The AI Act addresses fundamental-rights and safety risks of the AI system itself; CADA addresses sovereignty, data-access and operational-autonomy risks of the cloud. A high-risk AI system could run on a level 1 or 2 cloud if data sensitivity and public-order impact are low.

Official sources

• EU AI Act (Regulation (EU) 2024/1689)

Related

• Why most public services don't need the highest CADA sovereignty tier
• Which CADA sovereignty tier protects against the US CLOUD Act?
• CADA Level 4: Why EU Control is Mandatory for the Highest Sovereignty Tier
• Why is cloud sovereignty important for critical infrastructure? CADA
• Why is sovereignty described as layered or nuanced in CADA?

This is general information about a draft EU regulation, not legal advice.