How does CADA open source relate to interoperability?

Summary As proposed, the Cloud and AI Development Act (CADA) explicitly ties open source to interoperability by obliging Union entities and Member States to encourage the use of open standards and open-source components in their cloud and AI ecosystems (Article 41). To ensure these solutions are findable and reusable, any software made available for reuse under an open-source licence must be published in a catalogue connected to the EU Open Source Solutions Catalogue, which is hosted on the Interoperable Europe portal (Article 43(2)). This framework, reinforced by Recital 81, aims to reduce vendor lock-in, foster a technically interoperable sovereign digital infrastructure, and align with the Interoperable Europe Act (Regulation (EU) 2024/903).

Detail

The Cloud and AI Development Act (CADA), as proposed in COM(2026) 502 final, establishes a structured approach to integrating open source into the EU's public sector and cloud infrastructure. While the Act covers a broad range of sovereignty and capacity issues, its provisions on open source are specifically designed to solve the interoperability crisis that often plagues public sector IT. The proposal recognises that the choice of software and cloud services has profound implications for security, interoperability, accountability, and technological autonomy. By mandating specific open-source practices, CADA seeks to ensure that public sector IT systems can communicate effectively, share data seamlessly, and avoid dependence on proprietary, closed ecosystems.

The "Open Source First" Imperative and Interoperability

The cornerstone of CADA's open-source strategy is Article 41, which establishes a principle of promoting open solutions. As proposed, Union entities and Member States must take measures to "encourage Union entities and public sector bodies to use and facilitate the reuse of open standards and components released under an open source licence when building their cloud and AI ecosystem or stack."

This obligation is not an absolute mandate to replace all proprietary software immediately; rather, it requires decision-makers to take into account "functionalities, including security, total cost, and other relevant, duly justified objective criteria." However, the explicit inclusion of interoperability in the recitals clarifies the policy intent: open source is viewed as a primary mechanism to ensure that different systems and services can work together. Recital 81 states that promoting open source is essential to support innovation, ensure better value for public expenditure, and strengthen the Union's digital autonomy. Crucially, it notes that the choice of cloud computing services or software has significant implications for "security, interoperability, accountability and technological autonomy."

By favouring open standards and open-source components, CADA aims to prevent vendor lock-in. When public bodies rely on proprietary, closed-source software, they are often bound to a single provider's ecosystem, making it difficult to integrate with other systems or migrate to alternative providers. Open standards, by definition, allow for interoperability between different implementations, ensuring that data and services can flow across boundaries without technical barriers. The Act thus positions open source not merely as a cost-saving measure, but as a strategic tool for maintaining control over the digital stack.

Centralised Discovery: The EU Open Source Solutions Catalogue

To make open-source interoperability practical, CADA introduces a centralised discovery mechanism. Article 43 establishes the "EU Open Source Solutions Catalogue" (EU OSS Catalogue). The Commission is required to provide and maintain this catalogue as a centralised hub to access software made available for reuse by Union entities and public sector bodies.

The link to interoperability is reinforced by Article 43(2), which mandates that the EU OSS Catalogue "shall be hosted on the Interoperable Europe portal referred to in Article 8 of Regulation (EU) 2024/903." This regulation is commonly known as the Interoperable Europe Act. By hosting the catalogue on this portal, CADA ensures that open-source software is not just a collection of code, but a discoverable, interoperable resource within the broader EU digital infrastructure. The catalogue is accessible electronically free of charge, allowing public administrations to search for and access software that meets their interoperability needs. This integration ensures that software solutions are not siloed but are part of a unified, cross-border ecosystem.

Mandatory Connection for Reused Software

CADA does not merely encourage the use of the catalogue; it mandates connection for any software being reused. Article 42 stipulates that when a Union entity or public sector body makes software available for reuse under an open-source licence, it "shall do so using a catalogue or repository that is connected to, and made accessible through, the EU OSS Catalogue."

This requirement ensures that open-source solutions developed by public bodies are not siloed in private or disconnected repositories. By forcing connection to the central catalogue, CADA promotes a federated yet interoperable network of open-source assets. This facilitates the "sharing and reuse of software" (Recital 83), which is expected to maximise the value of public expenditure, reduce duplication costs, and foster innovation across the Union. The mechanism effectively creates a "single market" for public sector software, where solutions developed in one Member State can be easily discovered and adopted by another, provided they meet the necessary interoperability standards.

Governance and Coordination: The OSPO Network

To support the technical and organisational challenges of open-source interoperability, CADA establishes a network of Open Source Programme Offices (OSPOs) under Article 44. The OSPO Network is tasked with facilitating cooperation on the implementation of open-source obligations. Its specific tasks include facilitating the exchange of information on common technical, legal, and organisational challenges, including those related to the procurement of open-source software.

The OSPO Network will promote the sharing and reuse of open-source software and contribute to the development of guidance on sharing and reuse. This governance layer is critical for interoperability because it allows public bodies to share best practices on how to integrate open-source components into their existing stacks, ensuring that interoperability is achieved not just in theory, but in practice. By creating a dedicated network of experts, CADA ensures that the technical implementation of open-source strategies is consistent across the Union.

Linkage with the Interoperable Europe Act

The relationship between CADA and the Interoperable Europe Act (Regulation (EU) 2024/903) is symbiotic. The Interoperable Europe Act provides the legal and technical framework for interoperability across the public sector, mandating the sharing and reuse of interoperability solutions. CADA leverages this by hosting its open-source catalogue on the Interoperable Europe portal.

Recital 83 of CADA explicitly references this linkage, stating that hosting the EU OSS Catalogue on the Interoperable Europe portal "will ensure that solutions can be easily linked to further relevant information and training." This integration ensures that open-source software is not treated in isolation but is part of a broader interoperability strategy. The Interoperable Europe Act requires public bodies to share and reuse interoperability solutions, and CADA's open-source provisions provide a specific pathway for doing so with software components. This alignment ensures that CADA does not create a parallel, conflicting system but rather strengthens the existing EU digital governance framework.

What this means for you

For CTOs, architects, and SMEs evaluating the practical impact of CADA, the open-source and interoperability provisions signal a shift in public sector procurement and software development strategies.

1. Prioritise Open Standards: When bidding for public sector contracts or developing software for EU entities, ensure your solutions are based on open standards. CADA's Article 41 encourages the use of open standards, which can be a competitive advantage in public procurement.
2. Prepare for Catalogue Integration: If you are an SME developing open-source software for the public sector, be prepared to integrate your repositories with the EU OSS Catalogue. Article 42 requires that any software made available for reuse under an open-source licence by public bodies must be connected to this catalogue. This may require technical adjustments to your distribution channels.
3. Leverage the Interoperable Europe Portal: Familiarise yourself with the Interoperable Europe portal. As the host of the EU OSS Catalogue, it will become a key resource for discovering and integrating open-source solutions. Understanding its architecture and standards will help you ensure your software is interoperable with other EU public sector systems.
4. Engage with OSPO Networks: Consider engaging with the emerging network of Open Source Programme Offices. These bodies will facilitate the exchange of best practices on open-source interoperability, providing valuable insights into how public bodies are implementing CADA's requirements.
5. Document Interoperability Benefits: When proposing open-source solutions, explicitly document how they enhance interoperability, reduce vendor lock-in, and align with the EU's digital autonomy goals. This aligns with the policy intent behind Article 41 and Recital 81.

Common misconceptions

• Misconception: CADA forces all public sector software to be open source.
  • Reality: Article 41 uses the language "encourage" and "facilitate," not "mandate." It requires taking into account functionalities, security, and cost. Proprietary solutions are still permissible if they are justified by objective criteria.
• Misconception: The EU OSS Catalogue is a new, standalone platform.
  • Reality: Article 43(2) explicitly states that the catalogue will be hosted on the existing Interoperable Europe portal. It is an integration into an existing interoperability framework, not a siloed new system.
• Misconception: Only EU-level entities are affected by these open-source rules.
  • Reality: Article 41 applies to both Union entities and Member States, requiring them to encourage public sector bodies (which include national, regional, and local authorities) to use open standards and open-source components.
• Misconception: Interoperability is only a technical concern.
  • Reality: Recital 81 links interoperability to "technological autonomy" and "security." The policy goal is strategic, aiming to reduce dependence on non-EU providers and enhance the resilience of the EU's digital infrastructure.

Related

• How does CADA open source improve interoperability between administrations?
• Why does CADA promote open source for digital sovereignty?
• Who must promote open source under CADA? Article 41 explained
• Which licences count as open source for CADA purposes?
• CADA Open Source Chapter: Articles 41–44 Explained

This is general information about a draft EU regulation, not legal advice.