Summary As proposed in the Cloud and AI Development Act (CADA), the Network of Open Source Programme Offices (OSPO Network) and the EU Open Source Solutions Catalogue (EU OSS Catalogue) function as the human and technical pillars of the Regulation's open-source chapter. The EU OSS Catalogue serves as the centralized technical hub for discovering and accessing reusable software, while the OSPO Network provides the human coordination, best-practice exchange, and strategic alignment necessary to drive adoption. Crucially, Article 44(3)(b) explicitly tasks the OSPO Network with "promoting the sharing and reuse of open-source software," creating a direct operational flow where the network drives activity that populates and utilizes the catalogue. Together, they aim to reduce vendor lock-in and strengthen the Union's technological sovereignty.

Detail

The Cloud and AI Development Act (CADA), proposed by the European Commission on 3 June 2026 (COM(2026) 502 final), introduces a structured framework to promote the use of open-source software (OSS) within the EU public sector. This framework relies on two distinct but deeply interconnected mechanisms: the EU Open Source Solutions Catalogue and the Network of Open Source Programme Offices (OSPO Network). Understanding their relationship is critical for public-sector bodies tasked with implementing the Regulation's open-source obligations.

The EU OSS Catalogue: The Technical Hub

Under Article 43 of the proposed Regulation, the Commission is mandated to provide and maintain the EU OSS Catalogue. This catalogue serves as a centralized repository for software made available for reuse by Union entities and public sector bodies.

The primary function of the catalogue is discoverability and accessibility. Article 42 requires that when a Union entity or public sector body decides to make software (to which it holds intellectual property rights) available for reuse under an open-source licence, it must do so using a catalogue or repository that is connected to the EU OSS Catalogue. This ensures that solutions are not siloed in disparate local repositories but are aggregated into a single, searchable interface.

Key features of the EU OSS Catalogue include:

  • Centralization: It acts as a one-stop-shop for any public administration to search for and access software developed by or for Union entities and public sector bodies.
  • Interoperability: The catalogue will be hosted on the Interoperable Europe portal, ensuring that solutions can be easily linked to further relevant information, training, and interoperability standards.
  • Accessibility: It will be accessible electronically free of charge, lowering barriers for public bodies seeking to reuse existing solutions rather than developing new ones from scratch.
  • Decision-Making: The Commission decides on requests from entities to connect their existing catalogues to the central EU OSS Catalogue based on objective and relevant criteria.

The OSPO Network: The Human Coordination Layer

While the catalogue provides the technical infrastructure, the OSPO Network provides the governance and community structure. Established under Article 44, the Network brings together Open Source Programme Offices (OSPOs) from Member States, Union entities, and local/regional public bodies.

The relationship between the network and the catalogue is explicitly defined in Article 44(3)(b), which tasks the OSPO Network with "promoting the sharing and reuse of open-source software by public sector bodies." This provision highlights that the catalogue is not just a passive database; its effectiveness depends on the active promotion and coordination facilitated by the OSPO Network. The network ensures that the software listed is not only found but also understood, trusted, and adopted.

The OSPO Network supports the catalogue and broader open-source adoption through several key tasks outlined in Article 44(3):

  • Exchange of Best Practices: The network facilitates the exchange of information, experience, and best practices between Member States and the Commission. This includes discussing common technical, legal, and organizational challenges related to licensing, security, maintenance, and procurement (Article 44(3)(a)).
  • Guidance Development: OSPOs contribute, on a voluntary and non-binding basis, to the development of guidance, templates, and recommendations on sharing and reusing open-source software (Article 44(3)(c)). This guidance helps public bodies understand how to prepare software for the catalogue and how to effectively use software found there.
  • Collaboration on Projects: The network collaborates on open-source projects of common interest, fostering a collaborative environment that feeds into the catalogue with high-quality, vetted solutions (Article 44(3)(d)).

How They Work Together: A Synergy of Coordination and Infrastructure

The relationship between the OSPO Network and the EU OSS Catalogue can be understood as a synergy between coordination and infrastructure, where the network drives the activity that the catalogue hosts.

  1. Preparation and Onboarding: Public sector bodies often face legal and technical hurdles when releasing software. The OSPO Network provides the expertise and templates (via Article 44(3)(c)) to help these bodies navigate intellectual property rights, choose appropriate licenses, and ensure security standards are met. This preparation is a prerequisite for software to be successfully listed in the EU OSS Catalogue. Without the network's guidance, the catalogue might remain underpopulated or contain non-compliant entries.
  2. Promotion and Adoption: A catalogue is only useful if users know how to find and trust the software within it. The OSPO Network promotes the catalogue and the software it contains by sharing success stories, providing training, and addressing concerns about security and maintenance. This drives demand for the solutions listed in the catalogue, fulfilling the mandate of Article 44(3)(b) to promote sharing and reuse.
  3. Feedback Loop: The OSPO Network serves as a feedback mechanism for the catalogue. By discussing common challenges (e.g., licensing incompatibilities or security vulnerabilities) in Article 44(3)(a), OSPOs can inform the Commission and other stakeholders about necessary improvements to the catalogue's functionality or the quality of listed software.

In essence, the EU OSS Catalogue is the "marketplace" for public-sector open-source software, while the OSPO Network is the "community of practice" that ensures the marketplace is populated with high-quality, legally sound, and securely maintained software. Both are essential components of the open-source chapter (Title IV, Chapter V) of the proposed CADA.

What this means for you

For public-sector procurement officers, digital transformation leaders, and IT managers, the interplay between the OSPO Network and the EU OSS Catalogue offers both opportunities and responsibilities:

  • Mandatory Connection for Reuse: If your organization develops software that you intend to release under an open-source licence, you must ensure it is listed in a repository connected to the EU OSS Catalogue (Article 42). This is not optional if you wish to comply with the proposed Regulation.
  • Leveraging the OSPO Network: If your organization does not yet have an OSPO, consider establishing one or joining the Network. Participation allows you to access guidance on open-source procurement, licensing, and security (Article 44(3)). This can significantly reduce the legal and technical risks associated with adopting open-source solutions from the catalogue.
  • Procurement Strategy: When procuring cloud and AI services, remember that CADA encourages the use of open standards and components released under open-source licences (Article 41). The EU OSS Catalogue can serve as a resource for identifying pre-vetted, interoperable components that meet these criteria, potentially reducing costs and vendor lock-in.
  • Collaboration: Engage with the OSPO Network to share your organization's experiences. Your insights on challenges related to licensing or security can help shape the guidance and templates that benefit the entire public sector.

Common misconceptions

  • Misconception 1: The EU OSS Catalogue is a mandatory procurement list.
    • Reality: The catalogue is a repository for reuse of software developed by or for public bodies. It is not a procurement list for third-party commercial software. However, it can inform procurement decisions by highlighting available open-source alternatives.
  • Misconception 2: Joining the OSPO Network is mandatory for all public bodies.
    • Reality: Participation in the OSPO Network is voluntary. However, the obligations to promote open-source use (Article 41) and to make reused software available via connected catalogues (Article 42) are mandatory for Union entities and public sector bodies. The Network is the support mechanism to help fulfill these obligations.
  • Misconception 3: The OSPO Network makes binding decisions on software licensing.
    • Reality: The guidance and recommendations developed by the OSPO Network are non-binding (Article 44(3)(c)). They serve as best-practice tools to assist public bodies, but final decisions on licensing and security remain with the individual organizations.
  • Misconception 4: The Catalogue and Network are separate, unrelated initiatives.
    • Reality: They are intrinsically linked. The Network's specific task under Article 44(3)(b) is to promote the very sharing and reuse that the Catalogue facilitates. The Network drives the human activity that makes the Catalogue effective.

Related

This is general information about a draft EU regulation, not legal advice.