Summary No, the EuroCloud Federation is not a procurement vehicle. As proposed in the Cloud and AI Development Act (CADA), it is a mechanism for Union entities and public sector bodies to share their own idle cloud and data centre capacity with other public entities, rather than to purchase services from the open market. Because the sharing is governed by public interest and limited to cost-recovery fees that do not constitute a "pecuniary interest," the arrangement explicitly falls outside the scope of EU public procurement rules. This stands in contrast to the Commission's separate common procurement framework (Articles 37–40), which is designed for acquiring new services from the market.

Detail

The Cloud and AI Development Act (CADA), as proposed in COM(2026) 502 final, establishes the EuroCloud Federation in Article 34 as a voluntary network for Union entities and public sector bodies to interconnect their cloud computing infrastructures. Its primary legislative purpose is to facilitate the sharing of secure, resilient, and trusted public-sector cloud capabilities to increase efficiency and sustainability, not to act as a central buying agency or a commercial marketplace.

The legal distinction between "sharing" and "procurement" is codified in Article 35, which governs the conditions for sharing public sector data centre and cloud computing services. Article 35(1) strictly limits the scope of the Federation: a "sharing entity" may share services with a "using entity" only where the sharing entity directly, or indirectly through an intermediate legal entity, owns the hardware through which the service is made available. This provision ensures that the Federation functions as a vehicle for pooling existing public assets, preventing it from becoming a conduit for contracting with third-party commercial providers.

A critical legal nuance lies in the financial arrangement, which determines whether a public contract exists. Article 35(5) states that while a sharing entity may charge a fee to the using entity, the amount must be limited strictly to the costs incurred in relation to the sharing of the service. The text explicitly clarifies that these fees "shall not constitute a pecuniary interest within the meaning of Article 2 of Directive 2014/24/EU and Regulation (EU, Euratom) 2024/2509." Under EU public procurement law, the existence of a "pecuniary interest" is a fundamental condition for a public contract. By statutorily excluding these cost-recovery fees from that definition, Article 35 ensures that the sharing of services within the EuroCloud Federation does not trigger Union public procurement rules.

This mechanism is legally distinct from the Commission's common procurement framework, established in Chapter IV (Articles 37–40). While the EuroCloud Federation allows public bodies to share what they already own, Article 37 empowers the Commission to act as a central purchasing body to procure data centre services, cloud computing services, software, and AI systems on behalf of Member States and Union entities. These are two separate legal instruments: one for internal public-sector capacity sharing (Articles 34–36) and the other for external market acquisition via the Commission (Articles 37–40).

What this means for you

For in-house counsel, procurement officers, and compliance teams in the public sector, understanding this distinction is vital for navigating CADA's implementation and avoiding legal missteps.

  1. Procurement Strategy and Channel Selection: If your authority seeks to acquire new cloud capacity from the market, the EuroCloud Federation is not the correct channel. You must look to the Commission's common procurement activities under Articles 37–40, which allow you to leverage collective buying power to purchase services from recognized providers. The EuroCloud Federation is only relevant if you have existing, idle capacity that you wish to share with other public bodies, or if you wish to access such shared capacity from another public entity. Using the Federation to bypass market procurement for new services would be a misapplication of the regulation.

  2. Fee Structuring and Risk of "Pecuniary Interest": If you participate in the EuroCloud Federation as a sharing entity, you must ensure that any fees charged to using entities are strictly cost-based. Under Article 35(5), fees can only cover additional costs incurred in sharing capacity, such as allocating and isolating resources, managing access, enabling integration and interoperability, and managing the sharing relationship. Charging a profit margin, a service fee that exceeds these direct costs, or any amount that could be construed as a commercial return could inadvertently create a "pecuniary interest." This would potentially pull the arrangement into the scope of public procurement law, triggering complex tendering obligations and potential legal challenges.

  3. Compliance with Sovereignty Levels: While the Federation itself is not a procurement tool, the services shared must still comply with CADA's sovereignty framework. Article 30 requires public sector bodies to procure (or use) cloud services that meet specific Union assurance levels based on risk assessments. Even when sharing via the EuroCloud Federation, the underlying infrastructure must meet the necessary assurance levels (Level 1, 2, 3, or 4) determined by the recipient's risk assessment under Article 29. The exemption from procurement rules does not exempt the service from the sovereignty criteria required for public-order-relevant activities.

  4. Governance and Participation: Participation in the Federation is voluntary and limited to public entities. Article 34 establishes that the Federation is open to Union entities and public sector bodies on a voluntary basis. Direct private participation is excluded where the sharing entity owns the hardware, ensuring the mechanism remains a public-sector cooperation tool rather than a public-private partnership.

Common misconceptions

Misconception: The EuroCloud Federation is a marketplace for buying cloud services. Many stakeholders assume the Federation acts like a central catalog where public bodies can purchase cloud services from various providers, including commercial hyperscalers. This is incorrect. Article 34 and Article 35 limit participation to public entities sharing their own hardware and services. It is a federation of public assets, not a commercial marketplace or a procurement portal.

Misconception: Sharing via the EuroCloud Federation triggers standard procurement procedures. Because money changes hands (in the form of cost-recovery fees), some assume a public contract is formed, requiring a tender. However, Article 35(5) explicitly removes these transactions from the definition of a public contract by stating the fees do not constitute a pecuniary interest. Therefore, you do not need to run a tender process to share capacity within the Federation, provided the cost-recovery conditions are strictly met and the sharing entity owns the hardware.

Misconception: The Commission's procurement role (Chapter IV) is part of the EuroCloud Federation. The EuroCloud Federation (Articles 34–36) and the Commission's procurement activities (Articles 37–40) are separate chapters with distinct legal bases and operational scopes. The Federation is for public-to-public sharing of existing assets. Chapter IV is for the Commission to act as a wholesaler or central purchasing body to buy new services from the open market on behalf of public entities. Confusing these two can lead to using the wrong legal framework for your cloud strategy, potentially resulting in non-compliance with procurement directives or the misuse of the Federation's exemption.

Misconception: The Federation allows public bodies to outsource their infrastructure to private providers. No. Article 35(1) requires the sharing entity to own the hardware. If a private provider owns the hardware, it cannot be a "sharing entity" within the Federation. The mechanism is designed to maximize the utility of publicly owned infrastructure, not to outsource public functions to private entities under the guise of sharing.

Related

This is general information about a draft EU regulation, not legal advice.