Sovereign cloud vs trusted cloud

Summary Under the proposed Cloud and AI Development Act (CADA), "sovereign cloud" and "trusted cloud" do not mean the same thing. CADA would replace vague industry terminology with a legally defined, four-tier "Union cloud computing sovereignty framework" of Union assurance levels 1, 2, 3 and 4 (Article 16, as proposed). A vendor may market a service as "trusted," but under CADA public-sector bodies could procure only services formally recognised against these assurance levels, through self-assessment (level 1) or independent third-party audit (levels 2–4). For CTOs and architects, contractual "trust" would no longer be enough: technical and legal sovereignty must be demonstrable and auditable against the criteria in Annex II.

Detail

From marketing labels to legal assurance levels

The cloud market is saturated with terms like "sovereign," "trusted" and "compliant" that vary by vendor, region and certification scheme. A provider might call a service "sovereign" simply because data sits in an EU data centre, while another uses "trusted" to denote compliance with a national cybersecurity standard. That fragmentation creates uncertainty for public-sector buyers who need to guarantee confidentiality and operational autonomy.

CADA would address this with a harmonised, EU-wide framework. As proposed, Article 16 establishes a "Union cloud computing sovereignty framework comprising four Union assurance levels," with the criteria in Annex II. It is not a binary switch but a graded system that matches scrutiny and restriction to the sensitivity of the data and the criticality of the public service.

The four Union assurance levels

The detailed technical and legal criteria are set out in Annex II. They define what a cloud computing service provider must do to be recognised at each level.

1. Union assurance level 1. The baseline for ordinary public-sector use. The provider must be established in the Union; infrastructure and assets must be in the Union unless the public sector body explicitly requires otherwise; and customer data, including metadata and telemetry, must remain exclusively within the Union (again, unless the body explicitly requires otherwise). Providers demonstrate compliance through a conformity self-assessment and issue an EU statement of conformity (Article 19). For SMEs, that statement is directly and automatically recognised across all Member States (Article 17(3)).
2. Union assurance level 2. Stricter. Subcontractors involved in the service must also be established in the Union; infrastructure, assets and personnel must be located in the Union; and the service needs a European cybersecurity certificate of at least "substantial" level (or national/equivalent standards until a Union scheme exists). Data generated by the service may not be used to train or fine-tune AI operated by a third country or third-country entity, nor be transferred outside the Union. Compliance requires an independent third-party audit (Article 20).
3. Union assurance level 3. Adds personnel requirements. Personnel involved in the service, including subcontractor staff, must be Union citizens, with national security clearance where classified information is handled. Like level 2, it requires independent audit, strict data localisation and a cybersecurity certificate of at least "substantial." A provider subject to third-country control can qualify only where the Commission has recognised that country as "associated" by implementing act (Article 18) — and even then must prove the necessary legal, technical and organisational safeguards.
4. Union assurance level 4. The highest level. It retains the Union-citizen and clearance requirements of level 3 and adds a European cybersecurity certificate of at least "high" level, plus the strictest software-supply-chain controls — the provider must show that no third country or third-country entity holds effective control over the design, development, maintenance and evolution of the software components used. There is no Article 18 derogation at level 4.

Mapping "trusted" and "sovereign" to CADA

For architects and CTOs, the shift is from subjective trust to objective verification.

• "Sovereign cloud." Under CADA, a service is sovereign only if it meets the criteria of at least one assurance level. A provider cannot unilaterally claim sovereignty; it must apply for recognition to the national competent authority of establishment (Article 17). Once recognised, the service is entered in a central repository maintained by the Commission (Article 22) — a single source of truth for buyers.
• "Trusted cloud." This remains a vendor marketing construct unless it explicitly references a Union assurance level. CADA acknowledges that existing national or European cybersecurity certifications may serve as evidence for the technical criteria of levels 2–4, but "trust" based on contractual promises alone is insufficient. The framework relies on audit evidence (Article 21) and ongoing transparency: providers must notify any material change that could affect their recognition (Article 23).

The role of risk assessment

The choice of level is not arbitrary. Article 29 would oblige Member States and Union entities to carry out risk assessments identifying which public-sector activities contribute to the preservation of public order, and which assurance level (2, 3 or 4) is appropriate.

• Activities not identified as contributing to public order must use services recognised at level 1 (Article 30(2)).
• Activities identified as contributing to public order — for example national security, defence or justice — must be served only by services recognised at levels 2, 3 or 4 (Article 30(3)).

This links the strategic importance of the workload directly to the constraints on the provider.

What this means for you

For CTOs and architects:

• Audit your stack, not the brochure. Request the provider's EU statement of conformity (level 1) or its latest audit report and "positive" opinion (levels 2–4), and confirm the service appears in the central repository.
• Map data flows. For levels 2–4, no data — including telemetry and metadata — may leave the Union. That may mean disabling global hyperscaler features that replicate data or use it for AI training.
• Get subcontractor visibility. Subcontractors involved in the service must meet the same establishment and location criteria as the primary provider. Ask for a detailed, located list.
• Govern the software supply chain. For levels 2–4 you would need a complete SBOM and controls to block remote features that could tamper with or disrupt the service — key for mitigating third-country software risk.

For SMEs:

• Level 1 advantage. An SME's EU statement of conformity for level 1 is directly and automatically recognised across all Member States without prior recognition by a national competent authority (Article 17(3)), lowering the barrier to public-sector contracts.
• Back up "sovereign" claims. If you market a service as "sovereign," be ready to demonstrate compliance with the specific Annex II criteria. Vague claims would not satisfy the procurement rules in Article 30.

Common misconceptions

• "Sovereignty means data must never leave the EU."
  • Correction: Levels 1, 2 and 3 allow customer data to leave where the public sector body explicitly requires otherwise; the default is exclusive Union retention. At level 4, data identified as sensitive through a risk assessment must remain in the Union.
• "Any EU-based provider is automatically sovereign."
  • Correction: Establishment in the Union is one criterion, not the only one. Providers must also meet location, subcontractor, cybersecurity and (at higher levels) personnel and control requirements, and must complete the formal recognition process.
• "Trusted-cloud certifications like ISO 27001 are sufficient."
  • Correction: General cybersecurity certifications do not address sovereignty risks such as third-country legal access or operational control. CADA requires specific evidence tied to Union assurance levels, including checks on third-country control.
• "SMEs are exempt from sovereignty rules."
  • Correction: They are not. The recognition route for level 1 is streamlined for SMEs, but they must still meet the substantive Annex II criteria.

Related

• Sovereign cloud vs public cloud: what's the difference under CADA?
• Sovereign cloud vs private cloud under CADA: which gives more control?
• Is data stored in the EU automatically sovereign under CADA?
• Is a sovereign cloud just a public cloud hosted in the EU under CADA?
• Hyperscaler public cloud vs CADA-recognised sovereign cloud for public buyers

This is general information about a draft EU regulation, not legal advice.