Summary As proposed, the Cloud and AI Development Act (CADA) would fundamentally reshape how EU public administrations build digital services by mandating an "open source first" approach. Article 41 requires Union entities and public sector bodies to prioritize "open standards and components released under an open source licence" when constructing their cloud and AI ecosystems. To prevent the creation of new isolated repositories, Article 43 mandates that any software made available for reuse must be published in a centralized EU Open Source Solutions Catalogue hosted on the Interoperable Europe portal. This framework is designed to dismantle administrative silos, ensuring that shared reusable components become the default, thereby enabling seamless data and service interoperability across borders and jurisdictions.

Detail

The Cloud and AI Development Act (CADA), proposed by the European Commission on 3 June 2026 (COM(2026) 502 final), introduces a structured, legally binding approach to open source that directly targets the chronic interoperability challenges faced by EU public administrations. The proposal recognizes that proprietary software and closed standards often create vendor lock-in and technical silos, hindering the ability of different administrations to share data and services efficiently. By mandating open standards and centralizing reusable software, CADA aims to create a unified technical foundation for the EU's public sector, moving away from fragmented national or local solutions toward a cohesive digital single market.

The "Open Source First" Principle and Open Standards

Article 41 of the proposal establishes a clear, actionable preference for open solutions. It states that the Union and Member States shall take the necessary measures to encourage Union entities and public sector bodies to "use and facilitate the reuse of open standards and components released under an open source licence when building their cloud and AI ecosystem or stack."

This provision is not merely aspirational; it requires decision-makers to weigh functionalities, security, total cost of ownership, and other "duly justified objective criteria" when selecting technologies. By prioritizing open standards, CADA ensures that different systems can communicate effectively regardless of the underlying vendor. For CTOs and architects, this means that future procurements and ecosystem builds will increasingly favor solutions that adhere to widely accepted, transparent protocols rather than proprietary, closed formats. This shift is critical for reducing dependency on single vendors and ensuring that systems remain adaptable and interoperable over time. The proposal explicitly links this requirement to the broader goal of strengthening technological sovereignty and enhancing the competitiveness of strategic European industries.

Centralized Discovery via the EU OSS Catalogue

A major barrier to interoperability is discoverability. Even when administrations develop compatible open-source tools, these often remain hidden in isolated, local repositories, leading to redundant development efforts and incompatible implementations. Article 43 addresses this critical gap by requiring the Commission to provide and maintain an "EU Open Source Solutions Catalogue" (EU OSS Catalogue).

This catalogue serves as a centralized hub to access software made available for reuse by Union entities and public sector bodies. Crucially, Article 43 specifies that this catalogue "shall be hosted on the Interoperable Europe portal referred to in Article 8 of Regulation (EU) 2024/903." By leveraging the existing Interoperable Europe portal, the proposal ensures that open-source solutions are integrated into a broader ecosystem of interoperability assets, including technical specifications, best practices, and training resources. This integration allows administrators to easily link solutions to relevant documentation, enhancing their usability and adoption. The portal acts as the single point of entry, ensuring that a solution developed in one Member State is findable and accessible to all others.

Reducing Silos Through Shared Reusable Components

The mechanism for sharing is further clarified in Article 42, which states that when Union entities or public sector bodies make software available for reuse under an open-source licence, they must do so using a catalogue or repository that is "connected to, and made accessible through, the EU OSS Catalogue." This requirement ensures that valuable public investments in software development are not lost to obscurity or trapped within a single administration.

For administrations, this creates a powerful feedback loop of innovation. Instead of each municipality or national agency building its own identity management, data processing, or case management tool from scratch, they can search the EU OSS Catalogue for existing, vetted solutions. By adopting shared reusable components, administrations reduce the risk of creating new silos. When multiple entities use the same open-source component, they inherently share a common technical baseline, which significantly lowers the friction for cross-administration data exchange and service integration. This shared baseline is the technical prerequisite for the "once-only" principle and other cross-border digital service initiatives.

Cross-Administration Interoperability

The ultimate goal of these provisions is to enhance cross-administration interoperability. By combining the mandate for open standards (Article 41) with the centralized repository for reusable code (Article 43), CADA creates a technical environment where interoperability is the default rather than the exception.

This approach supports the broader EU goal of a digital single market. When public services rely on open standards and shared components, it becomes easier to connect systems across borders. For example, a healthcare application developed in one Member State using open-source components from the catalogue can more easily integrate with systems in another Member State, provided both adhere to the same open standards. This reduces the need for custom, expensive integration layers and accelerates the deployment of cross-border digital services. The proposal explicitly notes that the catalogue will be hosted on the Interoperable Europe portal to ensure that solutions can be "easily linked to further relevant information and training," thereby fostering a culture of collaboration rather than competition between public bodies.

What this means for you

For CTOs, architects, and SMEs operating in the public sector space, the proposed CADA provisions signal a significant shift in procurement and development practices.

For Public Sector CTOs and Architects: You will need to adjust your technology selection criteria immediately. Future cloud and AI ecosystem builds will need to demonstrate compliance with the "open source first" principle. This means documenting why proprietary solutions were chosen over open alternatives, ensuring that any proprietary choices do not create long-term interoperability risks. Additionally, you should begin auditing your existing software assets to identify candidates for publication in the EU OSS Catalogue, turning internal tools into shared public goods. The proposal requires that any software made available for reuse be connected to the central catalogue, so your internal repositories must be capable of this integration.

For SMEs and Vendors: There is a growing market opportunity for open-source solutions that comply with EU standards. SMEs that develop robust, well-documented open-source components aligned with the Interoperable Europe portal's technical requirements will be better positioned to win public contracts. Furthermore, SMEs should monitor the EU OSS Catalogue for reusable components that can accelerate their own development cycles, reducing time-to-market for public sector clients. The proposal aims to create concrete opportunities for smaller EU-based providers by driving innovation through common procurement and shared assets.

For Developers: Contribution to open-source projects that align with CADA's goals will become increasingly valuable. Skills in maintaining and securing open-source infrastructure that meets public sector requirements will be in high demand. The proposal encourages the creation of a network of Open Source Programme Offices (OSPOs) to facilitate the exchange of information and best practices, creating new career paths in public sector open-source governance.

Common misconceptions

Misconception 1: CADA bans proprietary software. CADA does not prohibit the use of proprietary software. Article 41 encourages the use of open standards and open-source components but explicitly allows for the consideration of other objective criteria such as security, total cost, and functionalities. Proprietary solutions may still be used if they are justified by these criteria and do not undermine interoperability. The goal is to prioritize open solutions where they offer the best value and interoperability, not to eliminate proprietary options entirely.

Misconception 2: The EU OSS Catalogue is only for large governments. The catalogue is designed for all Union entities and public sector bodies, including local and regional authorities. The goal is to make software reusable across all levels of government, not just at the EU level. Article 42 applies to "Union entities and public sector bodies," ensuring that a small municipality can both contribute to and benefit from the shared pool of software.

Misconception 3: Interoperability is solely a technical issue. While CADA addresses technical interoperability through open standards and shared code, it also recognizes the importance of organizational and legal interoperability. The hosting of the catalogue on the Interoperable Europe portal ensures that technical solutions are linked to broader governance and legal frameworks. The proposal explicitly mentions that the catalogue will facilitate the sharing of software "in the public interest" and maximize the value of public expenditure, highlighting the strategic, not just technical, nature of the initiative.

Related

This is general information about a draft EU regulation, not legal advice.