Summary To determine the required Cloud and AI Development Act (CADA) assurance level for your public-sector workload, you must conduct a risk assessment under Article 29 of the proposal. As proposed, all public-sector bodies must use services recognised at Union assurance level 1 as a mandatory baseline. However, if your activities contribute to the preservation of public orderβ€”specifically in sectors listed in NIS2 Annex I or II, or in areas such as national security, defence, and law enforcementβ€”you must procure services recognised at Union assurance levels 2, 3, or 4. The specific higher level is determined by the sensitivity of the data, the criticality of the activity, and the risk of third-country interference, as defined in Annex II.

Detail

The proposed Cloud and AI Development Act (CADA) introduces a structured, risk-based framework to determine which cloud computing services public authorities can use. This framework is designed to reduce dependencies on third-country providers and ensure that critical public functions are supported by resilient, sovereign infrastructure. The core mechanism for determining the appropriate assurance level is found in Title IV of the proposal, specifically Articles 29 and 30.

The Mandatory Baseline: Union Assurance Level 1

Under Article 30(2) of the CADA proposal, there is a universal minimum standard for all public procurement of cloud computing services. Unless an activity is identified as contributing to the preservation of public order, Union entities and public sector bodies must use cloud computing services that have been recognised under Article 17 as having Union assurance level 1.

This baseline applies to the vast majority of administrative and non-critical public services. It ensures a consistent floor of trust across the EU, requiring providers to be established in the Union, keep infrastructure and assets within the Union, and ensure that customer data remains exclusively within the Union unless explicitly required otherwise by the public sector body. Crucially, Level 1 relies on a conformity self-assessment by the provider (Article 19), rather than an independent third-party audit.

Determining Higher Assurance Levels: The Article 29 Risk Assessment

For activities deemed critical to public order, the baseline is insufficient. Article 29 obliges Member States and Union entities to carry out risk assessments to identify these activities and determine the appropriate higher assurance level (2, 3, or 4).

1. Identifying Public Order Activities The first step in the Article 29 risk assessment is to identify which public sector activities contribute to the preservation of public order. The proposal explicitly links this to specific sectors and domains. You must assess activities that fall under:

  • NIS2 Annex I or II: These cover essential and important entities in sectors such as energy, transport, banking, financial market infrastructures, health, drinking water, digital infrastructure, and space.
  • National Security and Internal Security: This includes intelligence services, police, and emergency services.
  • External Border Management: Agencies and authorities managing EU borders.
  • Defence: Military and defence-related operations.
  • Justice and Law Enforcement: Including the prevention, investigation, detection, and prosecution of criminal offences.

If your workload supports any of these areas, it is subject to the higher assurance requirements.

2. Conducting the Risk Assessment Once a public order activity is identified, the risk assessment must determine which of the higher assurance levels (2, 3, or 4) is appropriate. According to Article 29(2), this assessment must consider at least three key factors:

  • Data Sensitivity and Criticality: The assessment must evaluate the sensitivity, criticality, and magnitude of both personal and non-personal data processed. This includes considering the nature, scope, context, and purpose of processing personal data, as well as the risk to the rights and freedoms of data subjects.
  • Risk of Unlawful Access: You must assess the risk and consequent impact on public order of unlawful access to such data by a third country or a legal entity established in a third country. This directly addresses sovereignty concerns regarding extraterritorial laws.
  • Risk of Service Disruption: The assessment must consider the risk and impact on public order of possible service disruption. This includes scenarios where a third-country provider might degrade or disrupt service continuity, potentially undermining public order.

3. Mapping to Assurance Levels The proposal does not provide a rigid, one-size-fits-all mapping table for every possible use case. Instead, it empowers the Commission to provide guidance and templates for these risk assessments (Article 29(3)). Member States must use this guidance to map their specific activities to Union assurance levels 2, 3, or 4. The criteria for these levels are detailed in Annex II:

  • Level 2 (Substantial Cybersecurity): Requires independent third-party audits. Key criteria include:

    • Personnel: If the public sector body determines that additional screening or Union citizenship requirements are necessary, the provider must ensure personnel meeting those requirements are available. This is a conditional requirement based on the public body's needs.
    • Cybersecurity: Requires a European cybersecurity certificate of at least assurance level 'substantial'.
    • Control: Prohibits third-country control unless specific safeguards are in place to prevent data access or service disruption.
    • Data: Data cannot be used to train third-country AI systems.

  • Level 3 (High Sovereignty): Introduces stricter mandatory requirements:

    • Personnel: Personnel involved in service provision must be Union citizens. Where appropriate, they must also hold necessary national security clearances. Unlike Level 2, the citizenship requirement is mandatory, not conditional on the public body's request.
    • Cybersecurity: Requires a European cybersecurity certificate of at least assurance level 'substantial'.
    • Control: Prohibits control by third countries. A derogation is possible only if the Commission has adopted an implementing act under Article 18 identifying the third country as providing sufficient assurances.
    • Support: Technical and operational support must be initiated and performed exclusively within the Union by Union residents.

  • Level 4 (Maximum Sovereignty): Designed for the most sensitive classified information:

    • Personnel: Personnel must be Union citizens and, where appropriate, hold necessary national security clearances.
    • Cybersecurity: Requires a European cybersecurity certificate of at least assurance level 'high'.
    • Control: Absolute prohibition of third-country control; no derogations are provided for in the text for Level 4.
    • Data: Sensitive data identified in the risk assessment must remain exclusively within the Union.

The Procurement Obligation

The outcome of the Article 29 risk assessment directly dictates procurement behaviour under Article 30(3). Contracting authorities whose activities have been identified as contributing to the preservation of public order in the sectors listed above must only procure cloud computing services that have been recognised as having a Union assurance level 2, 3, or 4, depending on the specific level determined by the risk assessment.

This creates a closed loop: the risk assessment identifies the need for higher sovereignty, and the procurement rules enforce it. Article 30(4) allows for derogations in exceptional cases, such as when no adequate alternative exists in the central repository and the absence is not due to an artificial narrowing of parameters, but these are limited and require strict justification.

What this means for you

For public-sector procurement officers, IT strategists, and legal counsel, the CADA proposal shifts cloud procurement from a purely technical or cost-based decision to a sovereignty and risk-based mandate.

1. Conduct or Update Your Risk Assessments You cannot simply renew existing contracts without verifying the assurance level. By the date of entry into force plus one year, Member States and Union entities must have carried out their initial risk assessments (Article 29(1)). You must map your current cloud workloads against the NIS2 Annex I/II sectors and the specific public order domains (defence, justice, etc.). If your workload touches these areas, you must initiate the process to determine if Level 2, 3, or 4 is required. Note that these assessments must be repeated every two years or whenever necessary.

2. Check the Central Repository When issuing tenders for cloud services, you must verify that the proposed solutions are listed in the central repository of recognised services established under Article 22. You cannot accept a vendor's claim of sovereignty without formal recognition by a national competent authority. Ensure your tender documents explicitly require the specific Union assurance level identified in your risk assessment.

3. Plan for Migration If your current cloud provider does not meet the required assurance level, Article 29(6) mandates migration within a reasonable transition period, which shall not exceed 12 months. You must begin planning these migrations immediately, considering technical feasibility, service continuity, and data portability.

4. Engage with National Competent Authorities The risk assessment methodology and templates will be specified by the Commission via implementing acts. Stay engaged with your national competent authority for cloud sovereignty to access the latest guidance on mapping specific use cases to assurance levels.

Common misconceptions

Misconception 1: All public sector cloud must be Level 4. This is incorrect. Article 30(2) explicitly states that only activities contributing to public order require levels 2–4. Most administrative, educational, or general citizen-facing services that do not involve critical infrastructure, national security, or sensitive law enforcement data only require Level 1. Level 4 is reserved for the most sensitive classified information.

Misconception 2: The AI Act determines the cloud assurance level. The AI Act and CADA are distinct instruments. The AI Act regulates the safety and fundamental rights risks of AI systems themselves. CADA regulates the sovereignty and operational resilience of the cloud infrastructure hosting those systems. A high-risk AI system under the AI Act might still run on a Level 1 cloud if the underlying data and operational context do not impact public order as defined in CADA.

Misconception 3: Data localisation is the only requirement. While data localisation is a key component of all assurance levels, it is not sufficient. Higher levels require additional measures such as personnel citizenship checks (Levels 3–4), strict software supply chain audits, prohibitions on third-country control, and independent third-party certifications. A provider can localise data but still fail to meet Level 3 if its personnel are not Union citizens or if it is subject to third-country control.

Misconception 4: I can decide the assurance level internally without reference to NIS2. The proposal explicitly ties the definition of "public order" activities to sectors listed in NIS2 Annex I and II, as well as specific domains like defence and justice. You cannot arbitrarily classify a workload as non-critical if it falls within these statutory definitions. The risk assessment must consider these external legal frameworks.

Misconception 5: Level 3 citizenship requirements are optional. Unlike Level 2, where Union citizenship for personnel is conditional on the public sector body's request, Level 3 mandates that personnel are Union citizens. The "where appropriate" clause in Annex II, 3.1(d) applies only to the requirement for national security clearances, not to the citizenship itself.

Official sources

Related

This is general information about a draft EU regulation, not legal advice.