CADA vs AI Act Sandboxes

Summary The proposed Cloud and AI Development Act (CADA) does not establish its own regulatory sandbox regime. Instead, it relies on the testing and experimentation frameworks already established by the EU AI Act (Regulation (EU) 2024/1689). Under CADA, testing for advanced capabilities like AI agents and frontier AI is channeled through the Cloud and AI Leadership Initiatives and the network of Experience and Acceleration Centres for AI, rather than standalone regulatory sandboxes. Crucially, participation in an AI Act sandbox does not waive CADA's sovereignty or assurance level requirements for public sector procurement. If a public body procures cloud services to host an AI system tested in a sandbox, the underlying infrastructure must still meet the relevant Union assurance level (1–4) as determined by a risk assessment.

Detail

To understand the interaction between the proposed CADA and the EU AI Act's regulatory sandboxes, one must distinguish between the regulatory testing of AI systems (governed by the AI Act) and the deployment, procurement, and sovereignty of cloud infrastructure (governed by CADA). These two instruments operate in parallel, addressing different layers of the digital stack.

The AI Act's Sandbox Regime: Testing AI Systems

The EU AI Act (Regulation (EU) 2024/1689) establishes a robust framework for AI regulatory sandboxes (Article 57). These sandboxes are designed to foster innovation by allowing providers to test innovative AI systems in a controlled environment under regulatory supervision before they are placed on the market. The primary goal is to ensure compliance with the AI Act's risk-based requirements, particularly for high-risk AI systems, by providing a safe space to validate safety, accuracy, and fundamental rights compliance.

Member States are required to establish at least one such sandbox by August 2026. The AI Act also permits testing in real-world conditions outside of sandboxes (Article 60), provided strict safeguards are met, such as informed consent and the ability to reverse decisions. These mechanisms are focused exclusively on the behavior, safety, and fundamental rights impact of the AI system itself. They do not regulate the location of the data centers, the citizenship of the personnel managing the infrastructure, or the ownership structure of the cloud provider.

CADA's Approach: Leadership Initiatives and Centres for AI

CADA does not duplicate this sandbox structure. Instead, it focuses on the ecosystem enablers required to develop and deploy cloud and AI technologies at scale. CADA establishes the Cloud and AI Leadership Initiatives (Article 3) to support research, development, and the deployment of cutting-edge technologies, including frontier AI, physical AI, and AI agents.

For practical testing and experimentation, CADA leverages the network of Experience and Acceleration Centres for AI (‘Centres for AI’) established under Article 5. These centres build on the existing European Digital Innovation Hubs (EDIHs). Their tasks include:

• Helping organizations accelerate digital transformation through access to AI technologies (Article 5(3)(a)).
• Facilitating the transfer of expertise and supporting the scaling of spin-offs (Article 5(3)(d)).
• Providing access to relevant infrastructure to accelerate the development and fine-tuning of AI models (Article 5(2)(c)).

While the AI Act sandboxes focus on regulatory compliance of specific AI systems, CADA's Centres for AI and Leadership Initiatives focus on technological acceleration, access to compute, and the adoption of sovereign cloud stacks. CADA explicitly supports the development of advanced platforms for the large-scale deployment of AI agents (Article 4(6)), but this support is operational and industrial, not a regulatory exemption mechanism.

The Critical Intersection: No Waiver of Sovereignty Requirements

A critical intersection point is public sector procurement. The AI Act's sandbox may allow a provider to test a high-risk AI system with relaxed administrative burdens during the testing phase. However, this does not exempt the underlying cloud infrastructure from CADA's sovereignty framework.

CADA introduces a Union cloud computing sovereignty framework with four assurance levels (Article 16). When public sector bodies procure cloud computing services, they must adhere to these levels based on risk assessments (Article 29).

• Minimum Requirement: All public sector bodies must use cloud services recognized as offering at least Union assurance level 1 (Article 30(2)).
• Higher Assurance: For activities contributing to the preservation of public order (e.g., national security, defense, justice), contracting authorities must procure services recognized as offering Union assurance levels 2, 3, or 4 (Article 30(3)).

If an AI system tested in an AI Act sandbox is later deployed in the public sector, the cloud infrastructure hosting it must still meet the relevant CADA assurance level. A sandbox certification under the AI Act does not equate to a CADA Union assurance level recognition. The CADA recognition process involves independent audits (for levels 2–4) or self-assessment (for level 1) against specific criteria in Annex II of CADA, such as data localization, personnel citizenship, and absence of third-country control.

Complementary Roles

The two frameworks are complementary. The AI Act ensures the AI system is safe, transparent, and compliant with fundamental rights. CADA ensures the underlying infrastructure is sovereign, resilient, and strategically autonomous.

• AI Act: Focuses on the application layer (the AI model/system).
• CADA: Focuses on the infrastructure layer (cloud, data centers, compute) and the ecosystem (skills, sovereignty, procurement).

CADA also encourages the use of open-source solutions (Article 41) and the sharing of software developed by public bodies (Article 42), which can be tested and validated within the broader ecosystem supported by the Leadership Initiatives. However, the legal obligations for sovereignty and data protection remain distinct from the AI Act's sandbox permissions.

What this means for you

For CTOs and Architects

• Dual Compliance Path: You must navigate two parallel tracks. Ensure your AI models comply with the AI Act's sandbox or testing rules for safety and rights. Simultaneously, ensure your cloud infrastructure meets CADA's assurance levels if you intend to serve public sector clients.
• Infrastructure Choice: If your target market includes EU public sector bodies, you cannot rely solely on AI Act compliance. You must select cloud providers that are recognized under CADA's Union assurance levels. An AI Act sandbox approval does not make a non-sovereign cloud provider eligible for public procurement of critical services.
• Leverage Centres for AI: Use the CADA-mandated Centres for AI (Article 5) to access compute resources, testing environments, and expertise. These centers can help you scale your AI agents and frontier models, complementing the regulatory testing done in AI Act sandboxes.

For SMEs

• Access to Support: The AI Act sandboxes offer priority access to SMEs (Article 58(2)(d) of the AI Act). CADA's Leadership Initiatives also aim to support SMEs and small mid-caps (SMCs) in adopting AI and cloud technologies. Look for national implementation of both frameworks to maximize support.
• Procurement Readiness: If you are an SME providing cloud services, start preparing for CADA's assurance levels early. The self-assessment for Level 1 is less burdensome, but Levels 2–4 require independent audits. Early alignment can position you for public procurement opportunities.
• Open Source Strategy: CADA encourages the use of open-source solutions (Article 41). Consider contributing to or leveraging open-source AI components, as CADA supports the creation of open-source software foundations and catalogues (Article 43).

Common misconceptions

Misconception 1: AI Act sandboxes exempt providers from CADA sovereignty rules.

• Reality: No. The AI Act sandbox is a tool for testing AI systems for compliance with the AI Act. It does not override CADA's procurement rules. Public sector bodies must still procure cloud services that meet the relevant Union assurance level, regardless of whether the AI system was tested in a sandbox.

Misconception 2: CADA creates its own regulatory sandbox for AI testing.

• Reality: No. CADA does not establish a regulatory sandbox regime. It relies on the AI Act's sandbox framework for regulatory testing. CADA's focus is on industrial acceleration, compute capacity, and sovereignty assurance, facilitated through Leadership Initiatives and Centres for AI.

Misconception 3: Testing in an AI Act sandbox guarantees public sector procurement eligibility.

• Reality: No. Procurement eligibility under CADA depends on the cloud service provider's recognition under the Union assurance levels. An AI system's compliance with the AI Act is a separate requirement. Both must be met: the AI system must be AI Act-compliant, and the cloud infrastructure must be CADA-assured.

Misconception 4: CADA's assurance levels apply to all AI systems.

• Reality: No. CADA's assurance levels apply to cloud computing services (Article 16). The AI Act applies to AI systems. While they often intersect (since AI systems run on cloud infrastructure), the regulations target different entities and layers. A provider of an AI system is subject to the AI Act; a provider of cloud infrastructure is subject to CADA.

Official sources

• EU AI Act (Regulation (EU) 2024/1689)
• Cybersecurity Act (Regulation (EU) 2019/881)
• Data Act (Regulation (EU) 2023/2854)

Related

• Why is CADA part of the EU tech sovereignty package with the Chips Act 2.0?
• Why a Cybersecurity Act certificate cannot prove cloud sovereignty under CADA
• CADA for SaaS Providers: How NIS2, Data Act and Sovereignty Tiers Stack
• CADA for CTOs: Mapping EU Compliance, Sovereignty Tiers & Procurement
• CADA vs the EU Cybersecurity Act: How the Sovereignty Layer Works

This is general information about a draft EU regulation, not legal advice.