Summary The EuroCloud Federation is a voluntary network that would be established under the proposed Cloud and AI Development Act (CADA, COM(2026) 502 final) to let EU public bodies share their data centre and cloud computing services with one another. As proposed in Article 34, participation would be open to "Union entities and public sector bodies on a voluntary basis", and the European Commission would run a central platform with a service catalogue and a layer for exchanging and orchestrating computing, storage and network resources. Sharing would be governed by cost-recovery conditions in Articles 35 and 36, not by selling services for profit. Because CADA is only a proposal, nothing here is in force yet, and the operational detail would be filled in later by implementing acts.

Detail

CADA would create the European public sector cloud federation, commonly shortened to the EuroCloud Federation, as one of the ways the EU hopes to make better use of public-sector cloud and data centre capacity across Europe. The Federation would be formally established by Article 34 of the proposed regulation. It is worth stressing at the outset that CADA is a proposal and not yet law, so throughout this article the Federation is described in terms of what it "would" do "as proposed".

Voluntary participation and who can join

The Federation would not be mandatory. Article 34(1) provides that "The European public sector cloud federation (the 'EuroCloud Federation') is hereby established. The EuroCloud Federation shall be open for the participation of Union entities and public sector bodies on a voluntary basis. Union entities and public sector bodies may request the Commission to join the EuroCloud Federation." In other words, EU institutions and agencies, together with national, regional and local public authorities, could choose whether to take part, and would apply by asking the Commission to join.

The explanatory recitals describe the ambition behind this. Recital 69 says the Federation "should bring together national and European cloud initiatives that provide highly trusted and secure public-sector cloud capabilities", and notes that the Commission may later assess whether acceding or candidate countries and EU-headquartered international organisations could participate. As proposed, however, participation would be public-sector only: Recital 71 states that participation "should be limited to public entities, without direct participation of a private party."

What the Federation would do

The core purpose, set out in Article 34(2), is that the Federation "shall facilitate the sharing of public sector data centre services and cloud computing services between Union entities and public sector bodies under the conditions set out in Articles 35 and 36." So the Federation is essentially a framework for one public body to share its capacity with another, under defined rules.

The Commission-run platform

To make sharing practical, the Commission would build and maintain the underlying infrastructure. Article 34(3) requires that "The Commission shall establish a platform for the EuroCloud Federation providing at least: (a) a catalogue providing information on available public sector data centre services and cloud computing services; (b) a service platform for the exchange and orchestration of computing, storage and network resources and services." In plain terms, the platform would combine a directory of what capacity is on offer with a technical layer for actually exchanging and orchestrating workloads between participating public bodies.

How sharing would work

Article 35 sets the conditions for sharing. A "sharing entity" could share with a "using entity" only where it directly or indirectly (through a controlled intermediate legal entity) owns the hardware and provides the service (35(1)); it would have to put in place appropriate technical, operational and organisational measures for effective, secure and resilient provision (35(2)); and it would have to demonstrate to the Commission that it meets those requirements before sharing (35(3)), with the Commission assessing and allowing sharing where the conditions are met (35(4)).

On the question of intermediate entities, Recital 71 explains that "control" rests on three cumulative conditions: decisive influence over the entity's strategic objectives and significant decisions; no direct private capital participation; and more than 80% of the intermediate entity's activities performed in tasks entrusted by the sharing entity. The same recital notes that "hardware" takes the meaning given in Article 3(5) of Regulation (EU) 2024/2847 (the Cyber Resilience Act).

Fees and the procurement question

Sharing would be built around cost recovery rather than commercial supply. Under Article 35(5), a sharing entity "may charge a fee to the using entity. The amount of the fee shall be limited to the costs that the sharing entity incurs in relation to the sharing of the service and shall not constitute a pecuniary interest within the meaning of Article 2 of Directive 2014/24/EU and Regulation (EU, Euratom) 2024/2509."

The broader claim that this kind of sharing sits outside EU procurement law comes from a recital, not from the operative article. Recital 73 frames the sharing as public-sector cooperation governed solely by the public interest, says it "should be free of charge" apart from cost-recovery charges, and states that those cost-recovery fees "should not be deemed as a consideration for the provision of a service and should not constitute a pecuniary interest or public contract within the meaning of Directive 2014/24/EU ... and Regulation (EU, Euratom) 2024/2509"; under those conditions the sharing "should not fall under Union public procurement rules." The text of Article 35(5) itself is narrower: it addresses only that the fee "shall not constitute a pecuniary interest" within the meaning of those instruments.

Separately, Article 36 deals with the administrative costs of running the Federation. The costs of the Commission's activities under this Chapter "shall be jointly financed by the members of the EuroCloud Federation through fees levied by the Commission" (36(1)). Where costs are initially borne by the general Union budget, members would reimburse them within a maximum of three years (36(2)); the fee revenues would be internal assigned revenues (36(3)).

Governance and implementation

A good deal of the detail would be settled after CADA is adopted. Article 34(4) empowers the Commission to adopt implementing acts to specify the participation procedure and a request template, adopted under the examination procedure referred to in Article 46(2). Article 35(6) likewise allows implementing acts to specify the technical, operational and organisational measures for sharing, and Article 36(4) covers the detail of the fees. So the practical application forms, technical requirements and fee mechanics would all come through secondary legislation later.

More broadly, the Federation sits within CADA's wider aim of strengthening Europe's public-sector cloud capabilities, but Articles 34 to 36 do not themselves tie Federation membership to any specific assurance level or risk-assessment requirement.

What this means for you

For public-sector IT and procurement teams, the Federation would, if adopted, open a new way to obtain and offer cloud capacity. Bear in mind that none of this is yet in force.

A new channel for capacity. Rather than always running a fresh tender, a public body facing a capacity shortfall might be able to obtain capacity from another public body through the Commission's platform, where the sharing conditions in Article 35 are met.

Cost recovery, not profit. Any fee a sharing entity charges would be limited to the costs it incurs (Article 35(5)). Capturing and documenting those costs accurately would matter, because the fee cannot, as proposed, amount to a "pecuniary interest" within the meaning of the named instruments.

Watch the implementing acts. Because the joining procedure, request template, technical measures and fees would all be set by implementing acts (Articles 34(4), 35(6) and 36(4)), the concrete requirements for participating are not yet knowable from the regulation alone.

Decide early whether you have capacity to share or needs to fill. Since participation would be voluntary, organisations may wish to assess whether they have surplus capacity to offer or unmet needs others could meet.

Common misconceptions

Misconception 1: The EuroCloud Federation is a single, centralised EU cloud provider. Reality: It is described as a federation, not a single provider. The proposal does not envisage the Commission building one giant cloud for everyone; it would connect existing public-sector clouds and data centres so they can share resources, with each member retaining its own infrastructure.

Misconception 2: Any cloud provider can join the Federation. Reality: No. Article 34(1) limits participation to "Union entities and public sector bodies", and Recital 71 says participation "should be limited to public entities, without direct participation of a private party." It would be a public-sector arrangement.

Misconception 3: Sharing through the Federation would always be free. Reality: Recital 73 says sharing "should be free of charge" except for cost-recovery charges, and Article 35(5) allows a fee limited to the costs the sharing entity incurs. It is cost recovery, not a profit-making service.

Misconception 4: You must join the Federation to comply with CADA. Reality: Participation would be voluntary (Article 34(1)). The Federation is offered as an optional mechanism, not a mandatory obligation. Articles 34 to 36 do not condition Federation membership on meeting any particular assurance level.

Related

This is general information about a draft EU regulation, not legal advice.