How does CADA affect the defence sector? Sovereign cloud and AI

Summary As proposed, the Cloud and AI Development Act (CADA) fundamentally reshapes defence procurement by mandating that Member States identify defence activities as contributing to "public order," thereby triggering a requirement to procure cloud services only at the highest Union assurance levels (2, 3, or 4). The proposal explicitly supports the development of "highly secured computing infrastructures" for defence-related AI training and deployment. Crucially, these measures are designed to operate "in full complementarity with, and without prejudice to" dedicated defence instruments like the European Defence Fund (EDF) and the European Defence Industry Programme (EDIP), ensuring CADA regulates the underlying digital sovereignty layer without duplicating existing defence funding mechanisms.

Detail

The proposed Cloud and AI Development Act (CADA), COM(2026) 502 final, establishes a regulatory framework to strengthen Europe's cloud and AI ecosystem. For the defence sector, the proposal introduces a rigorous sovereignty framework that directly impacts how cloud computing services and AI models are procured, deployed, and secured. The core mechanism is the Union cloud computing sovereignty framework, which categorises services into four assurance levels based on their ability to mitigate risks associated with third-country dependencies, data access, and operational continuity.

The Sovereignty Framework: Defence as a Public Order Priority

The pivotal link between CADA and the defence sector is established through the definition of "public order." Under Article 29(1), Member States and Union entities are required to carry out risk assessments to identify public sector activities that contribute to the preservation of public order. The text explicitly lists "defence" as one of the specific areas where such activities must be assessed, alongside national security, internal security, external border management, justice, and law enforcement.

Once an activity is identified as contributing to public order, Article 30(3) imposes a strict procurement obligation. Contracting authorities whose activities fall under this category "shall only procure cloud computing services that have been recognised as having a Union assurance level 2, 3 or 4." This effectively excludes services recognised only at Level 1 for core defence workloads.

Union Assurance Level 4 represents the highest standard of sovereignty under the proposal. According to Annex II, Section 4, to achieve Level 4, a cloud computing service provider must meet cumulative criteria that are particularly stringent for defence:

• No Third-Country Control: The provider and its subcontractors must not be subject to the control of a third country or a legal entity established in a third country.
• Personnel Requirements: All personnel involved in the provision of the service must be Union citizens. Furthermore, where appropriate, personnel must hold the necessary national security clearance issued by a Member State when handling classified information.
• Data Localisation: Customer data identified as sensitive following a risk assessment must remain exclusively within the Union at all times.
• Infrastructure Location: All infrastructure, assets, and personnel must be located within the Union.
• Cybersecurity Certification: The service must obtain a European cybersecurity certificate of at least assurance level "high" under a scheme established under Regulation (EU) 2019/881.

Union Assurance Level 3 also imposes strict requirements, including Union citizenship for personnel and a cybersecurity certificate of at least "substantial" assurance. While Level 3 allows for a derogation where a third country is deemed "associated" by the Commission under Article 18, Level 4 generally precludes any third-country control, making it the preferred tier for the most sensitive defence operations involving classified information.

Support for Defence AI and Secure Computing Infrastructures

The proposal explicitly acknowledges the strategic necessity of AI in defence. Recital 19 of the explanatory memorandum states that in the defence sector, "where AI has emerged as a disruptive technology with significant impact on security and defence, the Cloud and AI Leadership Initiatives could support the development of advanced capabilities."

Crucially, the proposal frames this support within a specific legal boundary. Recital 19 continues, noting that such support is provided "in full complementarity with, and without prejudice to, dedicated Union instruments in support of the defence industry, including the European defence fund ('EDF') and the European defence industry programme ('EDIP')." This ensures that CADA does not interfere with the specific funding mandates of the EDF and EDIP but rather creates the regulatory environment in which those funded capabilities can be securely hosted.

Recital 20 further reinforces this by stating: "The Union should also foster the availability of highly secured computing infrastructures for the training, testing and deployment of defence-related AI models and systems." This aligns with the broader objective of the Cloud and AI Leadership Initiatives (Title II) to advance Union capabilities in frontier AI and physical AI, ensuring that the computational resources required for defence AI are sovereign, resilient, and free from third-country interference.

The proposal also links these measures to the Preparedness Union Strategy. The explanatory memorandum notes that the sovereignty framework, and specifically the risk assessment mechanism in Article 29, contributes directly to the digital preparedness dimension of that Strategy. This ensures that cloud and AI services underpinning emergency management, civil protection coordination, and disaster response operations—which often involve defence assets—are provided at the appropriate Union assurance level.

Complementarity with Existing Defence Instruments

CADA is designed to be a horizontal regulatory framework that complements, rather than replaces, vertical defence instruments. The EDF and EDIP are the primary tools for financing defence research, development, and procurement of capabilities. CADA, conversely, regulates the infrastructure upon which these capabilities run.

The "without prejudice" clause in Recital 19 is significant. It clarifies that while CADA may support the development of advanced capabilities (e.g., through the Cloud and AI Leadership Initiatives), it does not alter the scope, rules, or funding mechanisms of the EDF or EDIP. This separation of concerns allows the EDF/EDIP to focus on the "what" (developing the weapon systems, sensors, and AI models) while CADA focuses on the "where" and "how" (ensuring the cloud infrastructure hosting these systems is sovereign, secure, and resilient).

This complementarity is further evidenced in the consistency section of the proposal. The text notes that the proposal "complements the Cybersecurity Act's focus on cloud cybersecurity with sovereignty considerations." Similarly, it supports the objectives of the Preparedness Union Strategy by ensuring digital continuity in crisis scenarios. For the defence sector, this means that a project funded by the EDF to develop a new AI-driven surveillance system must, upon deployment, run on a cloud infrastructure that meets the CADA assurance levels mandated by Article 30(3).

Procurement Obligations and Risk Assessments

For defence procurement officers, the operational impact of CADA is immediate and mandatory. The process begins with the risk assessment required under Article 29. Member States must determine which defence activities contribute to public order and assign the appropriate Union assurance level.

The assessment must consider:

• The sensitivity, criticality, and magnitude of non-personal data processed.
• The risk of unlawful access by a third country.
• The risk of service disruption.

If a risk assessment determines that a defence activity requires Level 3 or 4, the contracting authority is legally bound to procure only from providers recognised at those levels. Article 29(6) mandates that if a migration to a different cloud service is required, it must be completed within a reasonable transition period not exceeding 12 months, taking into account technical feasibility and data portability.

To facilitate this, Article 22 requires the Commission to establish and maintain a central repository of cloud computing services recognised as offering Union assurance levels 1-4. Defence authorities must consult this repository to identify eligible providers. Additionally, Article 32 allows contracting authorities to include "Union added value" criteria in public procurement. This enables authorities to evaluate tenderers based on their contribution to strengthening the digital technology supply chain in the Union, such as using hardware designed or manufactured in the Union. While this criterion is ancillary and not decisive, it provides a strategic lever to favour providers that enhance EU autonomy.

Implementation and Transition

The proposal sets a clear timeline for implementation. Member States must designate national competent authorities by the date of entry into force plus one year (Article 25). These authorities will be responsible for recognising cloud services and enforcing the sovereignty framework. Defence authorities must integrate CADA requirements into their national defence procurement strategies.

The proposal also encourages resilience through diversification. Recital 65 notes that Union entities and Member States should consider whether a "multi-vendor or multi-cloud strategy may be appropriate" as part of their procurement procedures. For the defence sector, where redundancy and operational continuity are paramount, this recommendation supports the development of robust, non-single-point-of-failure architectures.

What this means for you

For defence ministries, procurement officers, and defence industry stakeholders, CADA introduces a new layer of compliance and strategic planning:

1. Mandatory Risk Assessments: You must participate in or align with national risk assessments under Article 29 to determine the required Union assurance level for your defence cloud workloads. Given the nature of defence, most core activities will likely require Level 3 or 4.
2. Verify Provider Recognition: When procuring cloud services for defence, ensure the provider is recognised in the central repository under Article 22 as offering the required assurance level. General cybersecurity certifications (like EUCS) are necessary but not sufficient; the specific CADA sovereignty recognition is mandatory.
3. Update Procurement Specifications: Incorporate CADA requirements into your tender documents. Specify the required Union assurance level (likely 3 or 4) and consider using "Union added value" criteria under Article 32 to favour providers that strengthen the EU digital supply chain.
4. Plan for Migration: If your current cloud provider does not meet the required assurance level, you must plan a migration within a reasonable transition period, not exceeding 12 months, as per Article 29(6). Ensure data portability and continuity of service are addressed in your migration strategy.
5. Coordinate with National Competent Authorities: Engage early with your national competent authority to understand how national defence classifications map to Union assurance levels. The Commission will provide guidance, but national implementation may vary regarding the specific mapping of classified data to assurance levels.
6. Leverage Complementary Funding: Recognise that CADA does not replace the EDF or EDIP. Continue to utilise these instruments for R&D funding while ensuring the resulting capabilities are deployed on CADA-compliant infrastructure.

Common misconceptions

"CADA replaces the EDF and EDIP." No. The proposal explicitly states in Recital 19 that its measures are "in full complementarity with, and without prejudice to" the EDF and EDIP. CADA regulates the cloud infrastructure layer, while the EDF and EDIP fund the development of defence capabilities. They are distinct but interdependent instruments.

"CADA prohibits all non-EU cloud providers for defence." Not entirely. While Union assurance level 4 generally requires that the provider is not subject to third-country control, Level 3 allows for a derogation where the Commission has adopted an implementing act under Article 18 identifying a third country as providing sufficient assurances. However, for the most sensitive defence workloads involving classified information, Level 4 is the expected standard, which effectively excludes providers subject to third-country control.

"CADA duplicates national security classifications." No. CADA complements national classifications. Annex II explicitly requires that personnel handling classified information must hold the necessary national security clearance. The Union assurance levels provide a baseline for sovereignty and third-country control, but national security rules and classifications remain fully in force.

"CADA only applies to the public sector." While the procurement obligations in Article 30 apply to contracting authorities (public bodies), the sovereignty framework and the requirement for providers to be recognised at specific levels affect the entire market. Private defence contractors supplying the public sector must also meet these standards to be eligible for contracts.

Official sources

• Cybersecurity Act (Regulation (EU) 2019/881)

Related

• When do CADA provisions affect the automotive sector?
• What sovereign-cloud pressure does CADA place on the public sector?
• What sovereign-cloud pressure does CADA create for the energy sector?
• Which CADA assurance level should defence workloads use?
• When do CADA obligations start for the telecom sector?

This is general information about a draft EU regulation, not legal advice.