How does sovereignty relate to AI model and compute access?

Summary Under the proposed Cloud and AI Development Act (CADA), sovereignty extends beyond simple data location to encompass the underlying AI models and the compute capacity required to develop them. The proposal explicitly identifies dependence on third-country providers for frontier AI capabilities as a strategic risk, mandating Union support for computing resources through Article 9 and establishing criteria for priority projects under Article 8. For technical leaders, this means that accessing sovereign AI services will increasingly require demonstrating that the underlying models and training infrastructure are insulated from extraterritorial legal risks and operational disruptions, with specific procurement and risk-assessment obligations driving demand for EU-based compute.

Detail

The relationship between sovereignty, AI models, and compute access in the proposed CADA represents a shift from passive data protection to active technological autonomy. The proposal recognizes that reliance on foreign cloud infrastructure and AI models creates strategic vulnerabilities, particularly regarding the extraterritorial application of third-country laws and the potential for service disruption.

The Problem of Foreign Dependence

The Explanatory Memorandum explicitly identifies the EU's "limited and geographically concentrated availability of computing capacity" and "dependence on a limited pool of third-country providers" as critical threats to the Union's economic security and sovereignty. It notes that three non-EU hyperscalers control over 70% of the European cloud market, and that the EU market share for domestic providers dropped from 29% in 2017 to 15% in 2022.

This dependence is not merely economic; it is a sovereignty risk. The Memorandum states that large market incumbents are subject to third-country jurisdictions where laws with an extraterritorial effect apply, including laws mandating data access and transfer that may conflict with EU fundamental rights. Furthermore, this reliance exposes European users to "operational discontinuity," particularly in scenarios where unilateral decisions by third-country actors could disrupt service provision. The proposal aims to address these concerns by establishing a "single EU-wide sovereignty framework" and supporting the development of "sovereign and secure AI platforms."

Sovereign AI Capabilities and the "Sovereign Cloud"

The proposal places a specific emphasis on open source and sovereign cloud stacks as levers for technological sovereignty. The Memorandum highlights the need for "autonomy across the cloud stack" and "advanced EU capabilities in advanced AI technologies such as frontier AI."

CADA proposes to foster the development of "sovereign and secure AI platforms dedicated to the large-scale deployment and orchestration of advanced AI agents." These platforms are intended to be supported by innovative orchestration frameworks that ensure transparency and accountability. By promoting open standards and open-source components, the proposal seeks to reduce vendor lock-in and ensure that EU entities retain control over their AI infrastructure. This is reinforced by the requirement for public sector bodies to encourage the use of open-source solutions over proprietary ones (Article 41), thereby fostering an ecosystem where AI models and their underlying code are auditable and not subject to unilateral modification by foreign vendors.

Frontier AI and Compute Access: Articles 8 and 9

A core mechanism for achieving sovereignty in AI model development is the targeted support for frontier AI projects. CADA introduces specific provisions to ensure that EU-based research and industry have access to the necessary computational resources, directly addressing the "capacity gap" that forces reliance on foreign infrastructure.

Article 8: Criteria for Frontier AI Priority Projects The Commission may recognize projects as "frontier AI priority projects" if they support "grand challenge 3" (developing next-generation multimodal frontier AI models). To qualify, a project must meet four cumulative criteria:

1. It must be a pioneering project focused on the support and scaling-up of frontier AI technologies.
2. It must be undertaken by a European digital infrastructure consortium established pursuant to Decision (EU) 2022/2481 or another legal entity eligible for funding under Union law.
3. It must involve the participation of at least three Member States.
4. The participating Member States must pool computing time and other relevant resources to support the implementation of the designated project.

Article 9: Computing Support for AI Projects This article operationalizes the compute access requirement, creating a binding obligation for resource allocation. It mandates that:

1. The Union and Member States shall ensure that sufficient AI computing resources from their compute capacities are allocated to support the development of frontier AI priority projects that fulfil the criteria set out in Article 8, within the limits of available capacity.
2. The Union shall "at least match the AI computing resources contributed by Member States to frontier AI priority projects" to the extent that sufficient AI computing capacity is available within the Union's share of European high-performance computing (EuroHPC) access time.
3. The Union and Member States shall endeavour to provide sufficient computing resources for AI industrial innovation, physical AI and public sector AI projects.

This creates a direct link between sovereignty and compute access: by pooling resources and matching contributions, the EU aims to create a domestic supply of high-performance compute that is not dependent on third-country providers. This is crucial for training frontier models, which require massive computational power, and ensures that the resulting models can be deployed under EU jurisdictional control.

The Sovereignty Framework and Procurement

The proposal establishes a "Union cloud computing sovereignty framework" with four assurance levels (Article 16). While this framework primarily targets cloud services, its impact on AI models is significant because AI systems are increasingly delivered as services. Contracting authorities must conduct risk assessments (Article 29) to determine which assurance level is appropriate for their activities. For activities contributing to public order (e.g., national security, justice, defense), authorities must procure services recognized at Union assurance levels 2, 3, or 4.

These higher assurance levels impose strict criteria on the provider's infrastructure, personnel, and data localization. For AI models, this means that the compute used for training and inference, as well as the personnel managing the models, must often be located within the Union and free from third-country control. This directly impacts how CTOs and architects evaluate AI vendors: a model trained on foreign infrastructure may not meet the sovereignty requirements for sensitive public sector use cases.

What this means for you

For CTOs, architects, and SMEs evaluating the practical impact of CADA, the following considerations are critical:

1. Audit Your AI Supply Chain: If you provide AI services to the public sector or critical infrastructure, you must assess whether your underlying models and compute infrastructure meet the criteria for higher Union assurance levels. This includes verifying that training data, model weights, and inference processes are not subject to third-country control or extraterritorial access laws.
2. Leverage EuroHPC and Sovereign Compute: The proposal incentivizes the use of EU-based high-performance computing. SMEs and startups should explore partnerships with EuroHPC infrastructure and national compute facilities to access sovereign compute resources for training frontier or industrial AI models. This not only reduces dependence on foreign hyperscalers but may also qualify your projects for support under Article 9.
3. Prioritize Open Source and Auditable Models: The proposal favors open-source solutions and transparent AI platforms. Architects should design systems that allow for full auditability of model behavior and data flows. Using open-source models and tools can facilitate compliance with the transparency and security requirements of the sovereignty framework.
4. Prepare for Risk Assessments: Public sector clients will be required to conduct risk assessments to determine the appropriate sovereignty level for their AI use cases. Be prepared to provide detailed documentation on your infrastructure location, personnel citizenship, and data residency practices to demonstrate compliance with Union assurance levels 2-4.
5. Multi-Cloud and Multi-Provider Strategies: To mitigate operational continuity risks, consider adopting multi-cloud or multi-vendor strategies that include EU-based providers. This aligns with the proposal's goal of reducing dependence on a single provider and enhancing resilience.

Common misconceptions

• "Sovereignty only means data stays in the EU." While data localization is a key component, CADA's sovereignty framework extends to the control of the provider, the location of infrastructure and personnel, and the absence of third-country influence. A model trained in the EU but controlled by a third-country entity may not meet higher assurance levels.
• "Only large hyperscalers can offer sovereign AI." The proposal explicitly aims to support SMEs and smaller EU-based providers through measures like the EuroCloud Federation and common procurement. By leveraging open-source tools and shared compute resources, SMEs can offer sovereign AI solutions.
• "Frontier AI support is only for research institutions." Article 9 supports not just frontier AI priority projects but also "AI industrial innovation, physical AI and public sector AI projects." This means that industrial applications and public sector deployments can also benefit from allocated compute resources.
• "Sovereignty frameworks will block all foreign AI services." The proposal allows for third-country providers to be audited for Union assurance level 3 if the third country meets specific safeguards (Article 18). However, the bar is high, and the focus is on reducing dependence, not necessarily banning all foreign services outright.

Official sources

• Digital Decade Policy Programme (Decision (EU) 2022/2481)

Related

• What was Schrems II and how does it relate to cloud sovereignty under CADA?
• Lawful vs. Unlawful Access: Why 'Lawful' Foreign Orders Threaten EU Cloud Sovereignty under CADA
• Cloud vs AI Sovereignty: How CADA Distinguishes Control Over Data, Compute and Models
• What is Gaia-X and how does it relate to CADA sovereignty?
• How does CADA's sovereignty framework relate to NIS2 and DORA?

This is general information about a draft EU regulation, not legal advice.