CADA and cross-border research

Summary As proposed, the Cloud and AI Development Act (CADA) does not prohibit cross-border research collaborations, but it fundamentally reshapes the cloud infrastructure required to support them. If a collaboration involves public sector bodies or entities in sectors covered by the NIS2 Directive, Article 29 mandates a risk assessment to determine the required Union assurance level. While Recital 63 explicitly states that CADA criteria "should not affect obligations of cross-border cooperation provided by Union law," the practical effect is a requirement to host sensitive research data on sovereign, EU-based infrastructure. Furthermore, Recital 24 encourages leveraging European Digital Infrastructure Consortia (EDICs) and shared infrastructure to meet these sovereignty goals, offering a pathway for compliant, cross-border data sharing without relying on non-EU hyperscalers.

Detail

The proposed Cloud and AI Development Act (CADA) introduces a new regulatory layer for cross-border research collaborations, shifting the compliance focus from the research activity itself to the underlying cloud and AI infrastructure. For legal counsel and compliance officers in research institutions, the critical takeaway is that CADA creates a "sovereignty framework" that dictates which cloud computing services can be used for specific research activities, particularly those involving public sector bodies, critical infrastructure, or sensitive data.

The Sovereignty Framework and Assurance Levels

At the heart of CADA's impact on research is the Union cloud computing sovereignty framework, established under Article 16, which defines four "Union assurance levels." These levels determine the degree of trust, data localization, and independence from third-country control required for a cloud service to be used by public sector bodies.

For cross-border research, the primary compliance mechanism is the risk assessment mandated by Article 29. Member States and Union entities must carry out these assessments to identify public sector activities that contribute to the preservation of public order. This includes sectors falling under Annex I or II of Directive (EU) 2022/2555 (NIS2), as well as national security, defense, justice, and law enforcement.

If a research collaboration involves such entities, the risk assessment determines whether the cloud services used must meet Union assurance levels 2, 3, or 4.

• Union Assurance Level 1 serves as the baseline for public sector bodies not identified as contributing to public order. It requires the provider to be established in the Union, with infrastructure and assets located in the Union, and customer data remaining exclusively within the Union (unless the public sector body explicitly requires otherwise).
• Union Assurance Levels 2, 3, and 4 impose stricter criteria, including independent third-party audits, requirements for personnel to be Union citizens (Levels 3 and 4), and prohibitions on third-country control.

Crucially, Recital 63 clarifies that the criteria under the Union assurance levels "should not affect obligations of cross-border cooperation provided by Union law." This means that existing legal mandates for cross-border data sharing (e.g., for law enforcement cooperation, judicial assistance, or specific research mandates under Union law) remain valid. However, the technical implementation of that cooperation must still adhere to the sovereignty requirements if the data is hosted on cloud services procured by public authorities. In practice, this forces research collaborations involving sensitive data to migrate to cloud providers that have been recognized as meeting the appropriate assurance level, ensuring that cross-border data flows occur within a sovereign, audited environment.

Data Localization and Shared Research Data

For cross-border research, the handling of shared data is heavily constrained by the assurance levels. Under Annex II of the proposal, for Union assurance levels 1, 2, and 3, customer data (including metadata and telemetry) must remain "exclusively within the Union" unless the public sector body explicitly requires otherwise. This creates a significant hurdle for research collaborations that traditionally rely on global cloud providers with data centers outside the EU.

If a research project involves data that is classified as sensitive or critical (likely triggering Assurance Level 2 or higher via the Article 29 risk assessment), the cloud provider must demonstrate strict adherence to the following:

1. No Third-Country AI Training: The data generated by using the audited service must not be used to train or fine-tune any AI system operated by a third country or a legal entity established in a third country (Annex II, Level 2, criterion f).
2. Vulnerability Reporting: There must be no existing laws in a third country that require the provider to report software vulnerabilities to foreign authorities before they are publicly known (Annex II, Level 1, criterion g).
3. Control and Access: For Levels 2 and 3, the provider must ensure that third-country control does not restrict service delivery, allow unauthorized access to customer data, or compel the provider to comply with restrictive measures like sanctions (Annex II, Level 2, criterion g).

This framework effectively creates a "sovereign data boundary" for sensitive research. While data can technically move between Member States, it must remain within the Union's jurisdictional and physical boundaries, hosted on infrastructure that is free from third-country interference.

Leverage of EDICs and Shared Infrastructure

CADA actively encourages the consolidation of research infrastructure through European Digital Infrastructure Consortia (EDICs). Recital 24 states that the Cloud and AI Leadership Initiatives should "leverage the outcomes of relevant European digital infrastructure consortia ('EDICs'), including shared infrastructure, common standards and best practices."

This is particularly relevant for cross-border research because EDICs are designed to pool resources and reduce dependencies on non-European providers. By participating in an EDIC, research institutions can access shared, sovereign cloud infrastructure that is pre-vetted for compliance with CADA's assurance levels. This reduces the administrative burden on individual institutions to conduct separate risk assessments and procurement processes for compliant cloud services.

Additionally, the proposal supports the establishment of the EuroCloud Federation (Article 34), which facilitates the sharing of public sector data centre and cloud computing services between Union entities and public sector bodies. While primarily aimed at public sector bodies, the infrastructure developed under this federation could indirectly benefit research collaborations that partner with public institutions, providing a trusted, sovereign environment for data processing. The Cloud and AI Leadership Initiatives (Title II) further support this by fostering the development of open cloud computing stacks and AI tools that can be deployed across these shared infrastructures.

Deadlines and Penalties

• Risk Assessments: Member States and Union entities must carry out their initial risk assessments under Article 29 by the date of entry into force plus one year, and thereafter every two years.
• National Strategies: Member States must adopt national cloud and AI strategies by the same deadline (Article 7), which will outline how they intend to implement the sovereignty framework and support cross-border research infrastructure.
• Penalties: Under Article 24, Member States must lay down rules on penalties for infringements of the sovereignty framework. These penalties must be "effective, proportionate and dissuasive." While CADA does not set fixed fine amounts for cloud providers, it grants Member States the power to impose fines based on factors such as the nature, gravity, and duration of the infringement, as well as the financial benefits gained. For public sector bodies, non-compliance could result in the invalidation of procurement contracts or reputational damage, particularly if sensitive data is exposed due to non-compliant cloud usage.

What this means for you

For in-house counsel and compliance officers in research institutions, hospitals, or public sector bodies engaged in cross-border research, CADA introduces several immediate action items:

1. Audit Your Cloud Contracts: Review existing cloud computing agreements, especially those with non-EU providers. If your research involves data that may be classified as sensitive or critical under Article 29, you may need to migrate to a provider that has been recognized as meeting Union assurance levels 2, 3, or 4.
2. Participate in Risk Assessments: Engage with your national competent authorities and public sector partners to understand the outcomes of the Article 29 risk assessments. Determine which assurance level applies to your specific research activities.
3. Leverage EDICs: Explore opportunities to join or collaborate with European Digital Infrastructure Consortia (EDICs) as encouraged by Recital 24. This can provide access to pre-compliant, sovereign cloud infrastructure, reducing your compliance burden.
4. Update Data Sharing Agreements: Ensure that cross-border data sharing agreements explicitly address the new localization requirements. If data must remain in the Union, clarify the technical and legal mechanisms to prevent unauthorized transfer to third countries.
5. Monitor Procurement Rules: Be aware that public sector procurement of cloud services will increasingly favor providers with recognized assurance levels. If you are a private entity collaborating with public sector bodies, your ability to participate may depend on your use of compliant infrastructure.

Common misconceptions

"CADA bans all cross-border data transfers." No. CADA does not ban cross-border data transfers. Instead, it imposes strict conditions on the cloud services used to process and store data. Data can leave the Union if explicitly required by the public sector body, but the cloud provider must still meet the sovereignty criteria (e.g., no third-country control, no data used for training foreign AI models).

"Only public sector bodies are affected." While the mandatory risk assessments and procurement rules apply to public sector bodies, the spillover effect is significant. Private sector entities collaborating with public institutions or operating in NIS2-covered sectors (Article 31) may be required to conduct similar impact assessments. Additionally, the market shift toward sovereign cloud providers will affect all entities relying on cloud infrastructure.

"Existing GDPR adequacy decisions are sufficient." No. CADA goes beyond GDPR. While GDPR focuses on data protection, CADA focuses on operational autonomy and technological sovereignty. A cloud provider may be GDPR-compliant but still fail to meet CADA's assurance levels if it is subject to third-country control or if its infrastructure is not located in the Union.

Official sources

• GDPR (Regulation (EU) 2016/679)

Related

• When do CADA research-support measures take effect?
• What sovereign-cloud pressure does CADA create for research?
• CADA Defence Cloud: Sovereignty Pressure, Assurance Levels & Foreign Law Immunity
• CADA for Intelligence & Law Enforcement: Sovereign Cloud Rules Explained
• CADA and Data Centre Energy Efficiency: How the Proposal Aligns with EU Rules

This is general information about a draft EU regulation, not legal advice.