What is supply-chain sovereignty for cloud and AI under CADA?

Summary Under the proposed Cloud and AI Development Act (CADA), supply-chain sovereignty extends far beyond simple data residency. It is a structural requirement ensuring that the hardware, software, and operational controls underpinning cloud services remain within the Union's jurisdiction and free from third-country coercion. As proposed in Article 16 and detailed in Annex II, the framework mandates strict separation from foreign control, requires Union-based personnel for critical support functions, and demands that software components lack remote tampering features. This approach directly addresses the EU's strategic dependence on non-European hyperscalers and critical technologies, aligning with the Chips Act and the Cybersecurity Act (CSA2) to secure the entire digital stack from the silicon layer up.

Detail

The proposed Cloud and AI Development Act (CADA) introduces a rigorous, four-tiered "Union cloud computing sovereignty framework" designed to mitigate the risks associated with the EU's heavy reliance on third-country cloud providers and critical technologies. The explanatory memorandum highlights a critical vulnerability: currently, three non-EU hyperscalers control over 70% of the European cloud market. This concentration creates dependencies that expose the Union to operational discontinuity, extraterritorial data access mandates, and potential sabotage. CADA aims to rectify this by establishing harmonised criteria for "Union assurance levels," which assess the sovereignty and trustworthiness of cloud services based on their entire supply chain, not just their data storage location.

The Core of Supply-Chain Sovereignty: Article 16 and Annex II

At the heart of CADA's sovereignty approach is Article 16, which establishes the Union cloud computing sovereignty framework consisting of four assurance levels. The criteria for these levels, detailed in Annex II, move beyond basic cybersecurity to address structural and supply-chain vulnerabilities.

For Union assurance level 1, the baseline requirement is that the cloud computing service provider must be established in the Union, and its infrastructure and assets (including those of subcontractors) must be located in the Union unless explicitly required otherwise by the public sector body. Crucially, customer data, including metadata and telemetry, must remain exclusively within the Union. If a provider is subject to the control of a third country, it must guarantee that no existing laws in that third country require the reporting of software vulnerabilities to foreign authorities before those vulnerabilities are known to have been exploited.

As the assurance levels rise to 2, 3, and 4, the supply-chain requirements become significantly more stringent. For Union assurance level 2 and above, the audited provider and its subcontractors must be established in the Union, with all infrastructure, assets, and personnel located within the Union. A critical supply-chain criterion at these levels is the prohibition of using data generated by the service to train or fine-tune any AI system operated by a third country. Furthermore, providers must demonstrate that if they are subject to third-country control, they have implemented legal, technical, and organisational measures to prevent that control from restricting their ability to perform the service, accessing customer data, or disrupting service continuity.

Union assurance level 3 introduces stricter personnel requirements: all personnel involved in the provision of the service, including subcontractors, must be Union citizens. Additionally, technical and operational support must be performed exclusively within the Union by personnel who are Union residents and not subject to third-country control. For Union assurance level 4, the highest tier, the provider and subcontractors must not be subject to the control of a third country at all. This level also requires effective control over software components, ensuring that no third country holds or exercises effective control over the design, development, maintenance, and evolution of those components.

Software and Hardware Supply-Chain Integrity

CADA explicitly addresses the risks embedded in software and hardware supply chains, targeting the "black box" nature of foreign-owned technology. Under Annex II, for assurance levels 2, 3, and 4, providers must maintain a complete and up-to-date software bill of materials (SBOM) and a list of identified dependencies. If software components are provided by a legal entity established in a third country, providers must implement controls to block any remote features that could materially tamper with or disrupt a device, system, or software. This includes ensuring that security-relevant components from third-country manufacturers are subject to source code audits and that a documented migration plan exists in case the vendor fails or a third country imposes restrictions.

For Union assurance level 4, the requirement extends to demonstrating that a third country does not hold or exercise effective control over the design, development, maintenance, and evolution of software components. Effective control includes the ability to materially influence technical evolution, maintenance priorities, and security remediation. This provision directly targets the risk of "kill switches" or backdoors embedded in foreign-owned software or hardware, ensuring that the EU retains ultimate control over its critical digital infrastructure.

Linkage to the Chips Act and Cybersecurity Act (CSA2)

CADA does not operate in isolation; it is designed to complement the Chips Act and the Cybersecurity Act (CSA2). The explanatory memorandum explicitly states that the proposal complements the CSA2's focus on cloud cybersecurity by adding sovereignty considerations. While the CSA2 addresses supply chain risks and technical cybersecurity criteria, CADA addresses the broader sovereignty concerns that go beyond these technical elements, such as operational autonomy and protection against foreign coercion.

The memorandum also notes the synergy with the Chips Act, which aims to promote investments in advanced semiconductors and increase supply chain resilience. CADA's demand-side measures, such as the preference for hardware designed or manufactured in the Union (supported by Article 32's EU added-value criteria in procurement), create a market pull for the domestic semiconductor and hardware industries fostered by the Chips Act. This integrated approach aims to build a resilient, sovereign tech infrastructure from the silicon up to the cloud service layer, reducing the EU's reliance on foreign hardware and software stacks.

Autonomy Across the Cloud Stack

The explanatory memorandum emphasises the need for "autonomy across the cloud stack." It states that the Cloud and AI Leadership Initiatives should foster the development of cloud computing stack alternatives for strategic sectors. This includes facilitating the development of AI-optimised servers and software based on processors and accelerators designed and manufactured in the Union. The goal is to close the capacity gap and strengthen technological autonomy by reducing reliance on foreign hardware and software stacks, thereby ensuring that the EU can maintain control over its critical digital infrastructure. The proposal seeks to integrate networks, cloud, AI, and software into coherent ecosystems to address future challenges across energy-efficient compute infrastructure and autonomy across the cloud stack.

What this means for you

For CTOs, architects, and SMEs, CADA's supply-chain sovereignty framework introduces new due diligence and compliance obligations, particularly if you provide services to the public sector or operate in critical sectors.

1. Audit Your Supply Chain: You must map your entire supply chain, including subcontractors and software dependencies. For higher assurance levels, you must demonstrate that no third country controls your infrastructure, personnel, or software evolution. This means reviewing ownership structures, board compositions, and source code controls.
2. Personnel and Support Localisation: If you aim for Union assurance levels 2–4, you must ensure that all personnel involved in service provision and technical support are Union citizens/residents and located within the Union. This may require restructuring your support operations and hiring locally.
3. Software Bill of Materials (SBOM): You will need to maintain a detailed SBOM and identify all dependencies. For third-country software components, you must implement controls to block remote tampering features and have migration plans ready. Source code audits for critical components may be required.
4. Data Localisation and AI Training: Ensure that all customer data, including metadata and telemetry, remains in the Union. Additionally, you must guarantee that data generated by your service is not used to train AI models operated by third countries.
5. Procurement Implications: As a buyer, you will be required to conduct risk assessments (under Article 29) to determine the appropriate Union assurance level for your cloud services. For activities contributing to public order, you must procure services recognised at Union assurance levels 2–4. This will likely drive demand for EU-based providers and influence your vendor selection.

Common misconceptions

• Misconception: Sovereignty only means data residency.
  • Reality: While data residency is a key component, CADA's sovereignty framework encompasses much more, including the location of infrastructure, personnel, and support, as well as the absence of third-country control over the provider, software, and hardware. It also includes protections against foreign laws that could mandate data access or service disruption.
• Misconception: CADA replaces the GDPR or AI Act.
  • Reality: CADA complements existing laws. The GDPR protects personal data, and the AI Act regulates AI systems' safety and fundamental rights. CADA focuses on the sovereignty and resilience of the cloud and AI infrastructure itself, addressing risks like foreign coercion and operational dependency that fall outside the scope of GDPR and the AI Act.
• Misconception: Only large hyperscalers are affected.
  • Reality: While large providers are the primary focus due to market share, CADA's provisions apply to all cloud computing service providers seeking recognition under the Union assurance levels. SMEs and smaller providers can also participate, especially if they can demonstrate compliance with the sovereignty criteria, potentially gaining a competitive advantage in public procurement.
• Misconception: Third-country providers are entirely banned.
  • Reality: CADA does not ban third-country providers outright. Instead, it creates a tiered system where providers subject to third-country control can still qualify for certain assurance levels (e.g., Level 1, and potentially Level 3 under strict conditions) if they can demonstrate sufficient safeguards against foreign interference and data access. However, the highest level of assurance (Level 4) excludes providers under third-country control.

Official sources

• EU AI Act (Regulation (EU) 2024/1689)
• GDPR (Regulation (EU) 2016/679)
• Cybersecurity Act (Regulation (EU) 2019/881)

Related

• Why is cloud sovereignty important for critical infrastructure? CADA
• Why is sovereignty described as layered or nuanced in CADA?
• CADA Sovereignty: Why Assessment is Per Service, Not Per Provider
• Why is sovereignty a competitiveness issue, not just a security one? | CADA
• Why data residency is not enough for cloud sovereignty under CADA

This is general information about a draft EU regulation, not legal advice.