Summary As proposed, the Cloud and AI Development Act (CADA) would mandate that public-sector bodies, including intelligence and law-enforcement authorities, procure cloud computing services based on a risk-assessed "Union assurance level" to safeguard the Union's public order. While activities strictly for national security, defence, or military purposes are excluded from the EU AI Act's scope, CADA's infrastructure framework applies broadly to any activity contributing to public order. Under Article 29, Member States must conduct risk assessments to determine if law-enforcement and justice activities require Union assurance levels 2, 3, or 4. If so, procurement is restricted to services meeting those specific sovereignty criteria, effectively barring non-compliant third-country providers for sensitive workloads.

Detail

The proposed Cloud and AI Development Act (CADA), COM(2026) 502 final, introduces a rigorous framework for cloud sovereignty that directly impacts how intelligence, law-enforcement, and public-security bodies procure and use cloud services. Unlike the EU AI Act, which regulates the software algorithms, CADA targets the underlying infrastructure and market structure. For agencies handling sensitive data, the distinction between "national security" exclusions and "public order" mandates is critical.

Scope and the National Security Carve-Out

Article 1(1) establishes the subject matter of CADA as a framework to strengthen the EU's cloud and AI ecosystem, with a specific measure to "enable the availability of a sovereign cloud and artificial intelligence (AI) offer to safeguard the Union's public order."

It is essential to distinguish CADA's scope from the EU AI Act (Regulation (EU) 2024/1689). The AI Act explicitly excludes AI systems used exclusively for military, defence, or national security purposes from its scope. However, CADA operates as a complementary instrument focused on the infrastructure (cloud computing services) rather than the specific AI systems.

Recital 46 of the CADA explanatory memorandum clarifies this interplay. It notes that while the AI Act excludes national security, CADA's sovereignty framework is designed to mitigate risks related to "operational discontinuity" and "third-country access to data." The proposal complements the Cybersecurity Act by addressing sovereignty concerns that go beyond technical cybersecurity. Therefore, even if a specific intelligence tool is excluded from the AI Act, the cloud infrastructure hosting that tool may still be subject to CADA's sovereignty requirements if the activity is classified as contributing to the preservation of public order rather than pure national security.

Public Safety Activities and Assurance Levels

CADA establishes a four-tier "Union assurance level" system for cloud computing services, detailed in Annex II. These levels dictate the degree of sovereignty, data localisation, and personnel citizenship required.

  • Union Assurance Level 1: The baseline for general public-sector activities.
  • Union Assurance Levels 2, 3, and 4: Required for activities identified as contributing to the preservation of public order.

Recital 52 emphasizes that the framework is proportionate: "Most public services would not require the highest levels of assurance. In some specific cases Union assurance levels 3 or 4 may be considered necessary and proportionate in preserving public order."

For law-enforcement and intelligence bodies, the key distinction lies in whether the cloud service supports activities that, if disrupted or accessed by third countries, would undermine public order. Recital 62 explicitly states that "Union assurance levels 3 and 4 should allow for the secure hosting of EU classified information," ensuring that the highest tiers of sovereignty can support the most sensitive intelligence workloads.

The Article 29 Risk Assessment Obligation

Article 29 is the cornerstone of CADA's demand-side measures for sensitive public-sector activities. It obliges Member States and Union entities to conduct risk assessments to determine the appropriate Union assurance level for their cloud computing services.

  1. Identification of Activities: Under Article 29(1)(a), Member States must identify public sector activities that use cloud computing services and contribute to the preservation of public order. This explicitly includes sectors falling under Annex I or II of the NIS2 Directive, as well as areas of "national security, internal security, external border management, defence, justice or law enforcement, including the prevention, investigation, detection and prosecution of criminal offence."
  2. Determination of Assurance Level: The risk assessment must determine which Union assurance level (2, 3, or 4) is appropriate for these activities.
  3. Risk Factors: Under Article 29(2), the assessment must consider:
    • The sensitivity, criticality, and magnitude of non-personal and personal data processed.
    • The risk of unlawful access by a third country or a legal entity established in a third country.
    • The risk of service disruption.

If a risk assessment concludes that a law-enforcement or intelligence activity contributes to public order, Article 30(3) mandates that contracting authorities "shall only procure cloud computing services that have been recognised as having a Union assurance level 2, 3 or 4." This effectively bars the use of non-compliant third-country cloud providers for those specific sensitive workloads.

Third-Country Control and Associated Countries

CADA addresses the reality that some intelligence and law-enforcement bodies currently rely on non-EU providers. Article 18 allows the Commission to adopt decisions identifying "associated third countries" whose providers may be audited for Union Assurance Level 3, provided they meet strict cumulative criteria. These include having an adequacy decision under the GDPR, no laws enabling control over the provider that conflicts with EU data access rules, and no measures to compel service disruption.

However, this is a derogation; the default expectation for high-assurance public-order activities is strict EU-based sovereignty. A notable drafting nuance exists in Annex II, Section 3.1(g), which references an implementing act under "Article 19" for this derogation. As Article 19 covers conformity self-assessment for Level 1, this is widely understood as a drafting slip referring to the mechanism in Article 18.

What this means for you

For public-sector and procurement officers in intelligence, law-enforcement, and national-security agencies, CADA introduces a new layer of compliance that sits alongside existing cybersecurity and data-protection obligations.

1. Conduct and Document Risk Assessments You must initiate or update risk assessments for all cloud computing services used in activities related to justice, law enforcement, and public order. These assessments must explicitly evaluate the risk of third-country access and service disruption. The outcome of this assessment will dictate the minimum Union Assurance Level you must specify in your procurement documents. Failure to conduct this assessment could lead to non-compliant procurement.

2. Audit Current Cloud Contracts Review existing contracts with cloud providers, particularly those headquartered in or controlled by third countries. If your current provider does not offer a recognized Union Assurance Level matching your risk assessment, you may be required to migrate. Article 29(6) notes that if a risk assessment requires migration, it must occur within a reasonable transition period that shall not exceed 12 months. Start planning your exit strategies and data portability measures now.

3. Leverage the EuroCloud Federation Consider participating in the EuroCloud Federation (Article 34), which facilitates the sharing of secure, sovereign cloud capacities among Union entities and public-sector bodies. This can provide access to high-assurance infrastructure without the need for individual agencies to build massive in-house data centres.

4. Distinguish National Security from Public Order Work with your legal and national-security advisors to clearly classify your activities. If an activity is strictly for national security or defence, it may fall outside the scope of CADA's procurement mandates, similar to the AI Act exclusion. However, if the activity overlaps with law enforcement or public order (e.g., counter-terrorism operations that involve cross-border data sharing with other EU agencies), it likely falls under CADA's risk-assessment requirements. Document this classification rigorously.

5. Prepare for Audits If you are a public-sector body procuring services, ensure that your chosen providers have undergone the necessary independent audits (for Levels 2-4) or self-assessments (for Level 1). You will be held accountable for procuring services that match the assurance level dictated by your risk assessment.

Common misconceptions

Misconception 1: CADA bans all non-EU cloud providers for intelligence agencies. Reality: CADA does not impose a blanket ban. It allows for the recognition of third-country providers at Union Assurance Level 3 if the Commission determines the third country meets strict sovereignty and legal safeguards criteria (Article 18). However, for Union Assurance Level 4, the provider and its subcontractors must not be subject to third-country control. Most current non-EU hyperscalers do not meet Level 3 or 4 criteria without significant structural changes.

Misconception 2: National security activities are completely exempt from CADA. Reality: While the AI Act excludes national security, CADA's scope is broader regarding infrastructure. If a national-security activity also involves data processing that, if compromised, would undermine public order, it may still require a risk assessment under Article 29. The exemption is not absolute for the underlying cloud infrastructure if public order is at stake.

Misconception 3: GDPR adequacy decisions are sufficient for CADA compliance. Reality: An adequacy decision under the GDPR ensures data protection standards but does not guarantee operational autonomy or protection against third-country laws that could compel service disruption or access to non-personal data. CADA's Union Assurance Levels require additional technical, operational, and legal safeguards beyond GDPR, such as data localisation, personnel citizenship, and software supply chain transparency.

Misconception 4: Only new procurements are affected. Reality: While new procurements must strictly adhere to the assurance levels determined by risk assessments, existing contracts may also be impacted. If a risk assessment determines that current services do not meet the required assurance level for public-order activities, migration is required within 12 months (Article 29(6)).

Official sources

Related

This is general information about a draft EU regulation, not legal advice.