Summary The proposed Cloud and AI Development Act (CADA) explicitly anchors its public procurement restrictions in the World Trade Organization Agreement on Government Procurement (WTO GPA). As proposed, Recital 64 confirms that while the EU maintains an open and non-discriminatory framework, it retains the right under Article III:2(a) of the WTO GPA to adopt measures "necessary to protect public morals, order or safety." CADA would not impose blanket bans; instead, it would restrict access to public procurement procedures only where a risk assessment identifies a threat to public order. These restrictions are designed to be necessary and proportionate, balancing the EU's strategic autonomy goals with its international trade commitments by ensuring that non-EU providers can still access the market for lower-risk procurement (Union assurance level 1) and, potentially, level 3 if their home country is recognized.

Detail

The Cloud and AI Development Act (CADA), as proposed in COM(2026) 502 final, represents a significant shift in how the EU approaches cloud procurement. By establishing a "Union cloud computing sovereignty framework," the proposal introduces tiered assurance levels that dictate which cloud services public authorities may purchase. A critical legal question is whether these tiers, which effectively exclude providers subject to third-country control from sensitive sectors, violate the EU's obligations under the WTO GPA. The proposal addresses this directly through a specific legal architecture that leverages the public order exception.

The Legal Anchor: Recital 64 and the WTO GPA Exception

The compatibility of CADA with international trade law is not an afterthought but a foundational element of the proposal's design. Recital 64 serves as the explicit bridge between the regulation's sovereignty objectives and the WTO GPA.

The recital states that the Union maintains an "open and non-discriminatory framework for market access, in accordance with the TFEU and subject to international commitments." It specifically cites the WTO GPA as a key commitment. However, it immediately pivots to the exception clause: "Nevertheless, where necessary and in duly justified circumstances, the Union retains the right, in accordance with Article III:2(a) of the WTO GPA, to adopt or maintain measures necessary to protect public morals, order or safety, allowing for necessary and proportionate restrictions on access to public procurement procedures."

This recital is crucial because it frames the entire sovereignty framework not as a protectionist barrier, but as a security measure. It identifies the specific risks that justify the restrictions: "critical dependencies, unauthorised access to Union data, technology leakage, sabotage and espionage by third-country actors." The recital concludes that preserving public order "requires a prudent but firm political, legal and operational response." By explicitly invoking Article III:2(a), the proposal signals that any restriction on market access is intended to be a narrow, justified exception rather than a general rule.

The Operational Mechanism: Article 30 and Risk-Based Restrictions

The operationalization of this exception is found in Article 30, which governs public procurement. The article does not apply a uniform restriction across all public spending. Instead, it creates a bifurcated system based on the findings of risk assessments conducted under Article 29.

  1. Baseline Access (Union Assurance Level 1): Under Article 30(2), Union entities and public sector bodies whose activities are not identified as contributing to the preservation of public order must procure services recognized at Union assurance level 1. This level requires the provider to be established in the Union and ensures data residency and cybersecurity compliance, but it does not inherently exclude all third-country-controlled entities if they meet the criteria. This maintains the "open market" principle for the vast majority of public sector activities.
  2. Restricted Access (Union Assurance Levels 2, 3, or 4): Under Article 30(3), the stricter restrictions apply only where a risk assessment determines that the contracting authority's activities "contribute to the preservation of public order." This includes sectors listed in Annex I or II of the NIS2 Directive, as well as national security, internal security, border management, defence, justice, and law enforcement. For these specific activities, authorities "shall only procure and use services that have been recognised as offering Union assurance levels 2, 3, or 4."

This structure ensures that the "necessary and proportionate" test of the WTO GPA is met. The restriction is not applied to a bakery or a local library; it is applied only where the risk of "unauthorised access" or "service disruption" could undermine public order.

Ensuring Proportionality: Derogations and Third-Country Recognition

To further satisfy the proportionality requirement, CADA includes specific safeguards that prevent the measures from becoming disguised trade barriers.

Derogations (Article 30(4)): The proposal acknowledges that strict adherence to assurance levels might not always be feasible. Article 30(4) allows contracting authorities to derogate from the requirements if:

  • The subject matter cannot be supplied by recognized services and no adequate alternative exists (provided this is not the result of "artificial narrowing down of the parameters").
  • A similar procurement process in the previous year yielded no suitable tenders.
  • Applying the requirements would result in "disproportionate cost."

These derogations act as a safety valve, ensuring that the EU does not force public bodies into a situation where they cannot procure essential services, which would be disproportionate to the security goal.

Third-Country Recognition (Article 18): Perhaps the strongest evidence of the proposal's alignment with non-discrimination principles is Article 18. This article allows the Commission to adopt implementing acts recognizing specific third countries as providing "sufficient assurances" to allow cloud services controlled from that country to qualify for Union assurance level 3.

To qualify, a third country must:

  • Be subject to a relevant adequacy decision under GDPR (Article 45).
  • Have no measures enabling control over providers that conflict with EU data laws.
  • Have no measures compelling providers to degrade service or comply with restrictive measures (sanctions/embargoes) unless legitimate under EU law.
  • Maintain an open market to Union cloud services.
  • Grant equivalent access to its own public procurement to Union entities.

This mechanism demonstrates that the restriction is not based on nationality per se, but on the legal and operational environment of the provider. If a third country meets these rigorous criteria, its providers can access the market, satisfying the non-discrimination spirit of the WTO GPA.

The Balance: Sovereignty vs. Open Access

The proposal's design reflects a deliberate balance. Recital 64 emphasizes that identifying and addressing risks is "fundamental for preserving Union public order." It argues that the current dependence on a limited pool of third-country providers exposes the Union to risks of "misuse," "access to information," and "dependency vulnerabilities."

By limiting the strictest procurement rules (levels 2-4) to activities with a direct link to public order, and by providing a pathway for third-country providers to qualify (via Article 18 or Level 1), CADA attempts to navigate the narrow path between strategic autonomy and trade compliance. The measures are "necessary" because the risks (sabotage, espionage) are real and significant, and they are "proportionate" because they are targeted at specific high-risk sectors rather than the entire public sector.

What this means for you

For legal counsel, procurement officers, and cloud service providers, the interaction between CADA and the WTO GPA defines the boundaries of market access.

1. For Cloud Service Providers (Especially Third-Country)

  • Tiered Strategy: You cannot assume a blanket ban. If you serve the general public sector (non-critical), you only need to meet Union assurance level 1. This requires establishment in the EU and data residency, but does not necessarily require the absence of third-country control if the public body explicitly allows otherwise (though Level 1 criteria generally favor EU establishment).
  • The Level 3 Pathway: If you are controlled by a third country, your primary route to serving critical sectors (defence, justice) is to lobby your home government to meet the criteria for Article 18 recognition. Without this, you are effectively barred from Level 2 and 4 procurement, and Level 3 is inaccessible unless your country is recognized.
  • Audit Readiness: To access Levels 2-4, you must undergo independent audits (Article 20) proving your infrastructure, personnel, and data flows are secure from third-country interference. This is a high bar, but it is the price of entry for the "public order" market.

2. For Public Sector Buyers (Contracting Authorities)

  • Risk Assessment is Mandatory: You cannot simply decide to buy "sovereign" cloud. You must first conduct a risk assessment under Article 29 to determine if your activities contribute to public order. If they do not, you are legally bound to use Level 1 services, and applying Level 2-4 criteria could be challenged as disproportionate.
  • Documenting Derogations: If you cannot find a recognized provider, you must rigorously document why under Article 30(4). You must prove the lack of supply is not due to your own "artificial narrowing" of the tender and that the cost of compliance is truly disproportionate.
  • Monitoring Article 18: Keep an eye on the Commission's list of recognized third countries. If your country is added, your local providers may suddenly become eligible for Level 3 contracts.

3. For Trade Policy Analysts

  • The "Necessary" Test: The legal robustness of CADA hinges on the definition of "public order." The proposal explicitly links this to NIS2 sectors and law enforcement. If the EU expands this definition to include non-critical sectors without a specific risk assessment, it risks violating the "necessary" test of the WTO GPA.
  • Proportionality via Level 1: The existence of Level 1 is a key defense. It proves the EU is not excluding all non-EU providers, only those that cannot meet the specific security criteria for high-risk activities.

Common misconceptions

"CADA is a protectionist ban on US and Chinese cloud providers." This is an oversimplification. While CADA restricts access to sensitive public procurement for providers subject to third-country control, it does not ban them from the entire market. Providers can still serve the general public sector under Union assurance level 1. Furthermore, providers from countries recognized under Article 18 can access Level 3. The restriction is targeted at specific risks, not nationality.

"The WTO GPA exception gives the EU a free pass to restrict trade." No. The exception under Article III:2(a) is narrow. Measures must be "necessary" and "proportionate." CADA's design—tying restrictions to specific risk assessments, providing derogations, and offering a recognition pathway for third countries—is specifically engineered to meet this legal threshold. A blanket ban without these safeguards would likely fail a WTO dispute settlement challenge.

"Union assurance level 1 is open to any global provider." Not exactly. Union assurance level 1 requires the provider to be "established in the Union" and for infrastructure and data to remain "exclusively within the Union" (unless the public body explicitly requires otherwise). While it does not require the absence of third-country control in the same way as Level 3, it still imposes significant localization and establishment requirements that many global hyperscalers may find challenging to meet without establishing a distinct EU entity.

"CADA overrides the WTO GPA." No. Recital 64 explicitly states that the proposal is "subject to international commitments." CADA does not override the WTO GPA; it operates within it by invoking the specific public order exception provided in Article III:2(a).

Official sources

Related

This is general information about a draft EU regulation, not legal advice.