Summary Under the proposed Cloud and AI Development Act (CADA), Union Assurance Level 4 represents the absolute peak of the sovereignty framework, designed exclusively for the most critical public sector activities. For a CTO evaluating providers, this tier demands that the provider and all subcontractors are established in the Union, with all infrastructure, assets, and personnel located exclusively within the EU. Crucially, Level 4 strictly prohibits any third-country control over the provider or its software supply chain, requiring a European cybersecurity certificate at the 'high' assurance level. While this offers maximum protection against foreign interference and data access, it significantly narrows the field of eligible providers, potentially increasing costs and creating vendor lock-in risks that must be weighed against the need for the highest assurance.

Detail

The Cloud and AI Development Act (CADA), as proposed in COM(2026) 502 final, introduces a four-tiered "Union cloud computing sovereignty framework" to mitigate risks associated with dependence on non-European cloud providers. Article 16 establishes this framework, setting out four "Union assurance levels" with cumulative criteria detailed in Annex II.

Union Assurance Level 4 is the most stringent tier. It is not a default requirement for all public sector bodies; rather, it is reserved for activities identified through risk assessments as contributing to the preservation of public order in highly sensitive sectors, such as national security, defence, justice, or law enforcement (Article 29). For a CTO, understanding Level 4 means navigating a set of strict operational, legal, and technical constraints that go far beyond standard data residency requirements.

Strict Localisation and Personnel Requirements

At Level 4, the criteria for location and control are absolute. According to Annex II, Section 4.1, the audited provider and all subcontractors involved in the service must be established in the Union. Furthermore, all infrastructure, assets, and personnelβ€”including those of subcontractorsβ€”must be physically located in the Union.

Unlike lower levels which may allow for some flexibility regarding personnel citizenship (Level 2 allows it only if the public body requires it; Level 3 mandates it), Level 4 mandates that all personnel involved in the provision of the service are Union citizens. Additionally, where appropriate, these personnel must hold the necessary national security clearance issued by a Member State when handling classified information. This requirement ensures that human access to systems is restricted to individuals with a verifiable allegiance to the Union, reducing the risk of insider threats or coercion by foreign entities.

Prohibition of Third-Country Control

The defining feature of Level 4, and what distinguishes it from Level 3, is the absolute prohibition of third-country control. Annex II, Section 4.1(g) states that the audited provider and its subcontractors must not be subject to the control of a third country or a legal entity established in a third country.

This is a cumulative criterion with no derogation. In contrast, Level 3 allows for a derogation where the Commission has adopted an implementing act under Article 18 recognising a specific third country as providing sufficient assurances. For Level 4, no such flexibility exists. The provider must demonstrate effective legal, technical, and organisational separation from any third-country influence. This includes ensuring that no third country holds effective control over the design, development, maintenance, or evolution of software components used in the service (Annex II, Section 4.1(i)).

Software Supply Chain and Cybersecurity

Level 4 imposes rigorous requirements on the software supply chain. The provider must retain effective control over software components, demonstrating that no third country exercises control over their evolution or security remediation. This includes blocking remote features that could tamper with or disrupt systems and ensuring that security-relevant components from third-country manufacturers are subject to source code audits. A documented migration plan must exist in case a vendor fails or a third country imposes restrictions.

Furthermore, the service must obtain a European cybersecurity certificate of at least assurance level 'high' under a scheme established under the Cybersecurity Act (Regulation (EU) 2019/881). Until such a Union scheme is fully established and available, national cybersecurity certification schemes apply, or the provider must demonstrate compliance with the highest cybersecurity standards under applicable Union law. It is critical to note that while Level 2 and Level 3 require a 'substantial' assurance level, only Level 4 requires the 'high' level.

Data and AI Training Restrictions

Data generated by using the Level 4 service cannot be used to train or fine-tune any AI system operated by a third country or a legal entity established in a third country. Moreover, this data cannot be transferred outside the Union in any case. This ensures that operational data remains strictly within the EU's jurisdiction and cannot be leveraged to improve foreign AI capabilities.

What this means for you

For a CTO or architect evaluating providers for a high-criticality public sector contract, Level 4 presents a distinct set of challenges and considerations.

1. Drastically Reduced Provider Pool The requirement for no third-country control, combined with the 'high' cybersecurity assurance level, will filter out many major global hyperscalers, particularly those headquartered outside the EU or with significant foreign ownership structures. You may find yourself choosing from a narrower field of specialised, European-native providers or consortiums. This limits your options for innovation and scalability but ensures a high degree of operational autonomy.

2. Higher Costs and Potential Lock-In Sovereign services at Level 4 often come at a premium due to the compliance overhead, security clearances, and the need for dedicated EU-based infrastructure. Furthermore, the strict requirements for software supply chain control and migration plans may increase the complexity of switching providers. As a CTO, you must weigh the cost of compliance against the risk of dependency. While Level 4 protects against foreign coercion, it may increase dependency on a small number of EU providers. Multi-cloud strategies, encouraged by Article 29(9), become even more critical to mitigate this vendor lock-in risk.

3. Rigorous Due Diligence You cannot rely on marketing claims. Level 4 requires independent third-party audits (Article 20) and recognition by national competent authorities (Article 17). Your due diligence must verify that the provider's subcontractors also meet the Level 4 criteria, including citizenship and location. You should request the audit report and verify the provider's entry in the central repository of recognised services (Article 22).

4. Focus on Software Control Pay close attention to the software supply chain. Level 4 requires that you retain effective control over software components. If a provider uses third-party software, you must ensure there is a documented migration plan and that source code audits have been conducted for security-relevant components. This is crucial for long-term resilience, ensuring that you are not held hostage by foreign software vendors.

Common misconceptions

Misconception 1: Level 4 is required for all public sector cloud use. Incorrect. Level 4 is reserved for the most critical activities identified through a risk assessment as contributing to the preservation of public order in sectors like defence or national security (Article 29). Most public sector activities will only require Level 1 or Level 2. Using Level 4 for non-critical tasks is disproportionate and unnecessarily expensive.

Misconception 2: Data residency is the only requirement for Level 4. Incorrect. While data must remain in the Union, Level 4 goes much further. It requires personnel to be Union citizens with security clearances, prohibits any third-country control over the provider or software, and mandates a 'high' cybersecurity certificate. Data residency alone does not guarantee sovereignty against foreign legal access or operational disruption.

Misconception 3: A provider can be Level 4 if they are EU-based but owned by a foreign parent. Incorrect. Annex II, Section 4.1(g) explicitly states that the provider must not be subject to the control of a third country. Ownership structure is a key factor in determining control. If a foreign parent company can influence strategic decisions, access data, or disrupt service, the provider cannot achieve Level 4 status.

Misconception 4: Level 4 providers can use any open-source software. Incorrect. While open-source software is encouraged, Level 4 requires that the provider implements controls to prevent the use of remote features that could tamper with or disrupt the system. If the open-source component is maintained by a third-country entity, the provider must demonstrate effective control and have a migration plan. The provider must also ensure that the software supply chain is transparent and auditable.

Official sources

Related

This is general information about a draft EU regulation, not legal advice.