Summary Under the proposed Cloud and AI Development Act (CADA), there is no single "approved list" of sovereign cloud providers specific to the Netherlands. Instead, the Act establishes a harmonised Union cloud computing sovereignty framework with four assurance levels (Article 16). Dutch public bodies and private entities identify recognised providers via a central repository maintained by the European Commission (Article 22). Crucially, higher assurance levels (3 and 4) generally prohibit providers subject to third-country control, meaning many non-EU hyperscalers would be excluded from sensitive Dutch public sector workloads unless their home country receives a specific Commission recognition under Article 18.

Detail

The Cloud and AI Development Act (CADA), as proposed in COM(2026) 502 final, fundamentally shifts the landscape for cloud procurement in the Netherlands. It moves away from fragmented national sovereignty standards toward a unified, EU-wide framework. For cloud service providers (CSPs) and data centre operators targeting the Dutch marketβ€”particularly the public sectorβ€”understanding the mechanics of the Union assurance levels and the verification process is critical for market access.

The Union Cloud Computing Sovereignty Framework (Article 16)

As established in Article 16, CADA creates a framework comprising four distinct assurance levels. These levels are not voluntary marketing labels but legally defined tiers of sovereignty, security, and operational autonomy. To be recognised at any level, a provider must meet cumulative criteria set out in Annex II of the proposal.

  1. Union Assurance Level 1 (Baseline): This is the minimum requirement for public sector procurement under Article 30(2). Providers must be established in the Union, and their infrastructure and assets must be located in the Union unless a public sector body explicitly requires otherwise. Customer data must remain exclusively within the Union. A key requirement for providers subject to third-country control is a guarantee that no laws in that third country require them to report software vulnerabilities to foreign authorities before those vulnerabilities are publicly known. This level relies on a conformity self-assessment and an EU statement of conformity issued by the provider (Article 19).

  2. Union Assurance Level 2 (Enhanced Security): This level introduces mandatory independent third-party audits (Article 20). Infrastructure, assets, and personnel must be located in the Union. Data generated by the service cannot be used to train or fine-tune AI systems operated by third-country entities. Providers must demonstrate robust software supply chain measures, including a complete software bill of materials (SBOM) and controls to block remote features that could disrupt service. Crucially, while providers subject to third-country control are not automatically excluded, they must prove effective legal, technical, and organisational separation between their Union entity and any third-country subsidiary.

  3. Union Assurance Level 3 (Public Order): Designed for activities contributing to the preservation of public order (e.g., law enforcement, justice, internal security), this level imposes stricter personnel and control requirements.

    • Personnel: All personnel involved in the provision of the service, including those of subcontractors, must be Union citizens (Annex II, 3.1(d)). If a public sector body requires additional screening, the provider must ensure personnel meet those requirements.
    • Cybersecurity: The service must obtain a European cybersecurity certificate of at least assurance level 'substantial' (Annex II, 3.1(e)).
    • Third-Country Control: Providers and subcontractors must not be subject to the control of a third country or a legal entity established in a third country.
    • The Derogation: There is a specific exception: a provider subject to third-country control may be audited for Level 3 if the Commission has adopted an implementing act under Article 18 recognising that third country as providing sufficient assurances. This requires the third country to have no laws enabling unauthorised data access, no measures to disrupt service continuity, and an open market for EU services.

  4. Union Assurance Level 4 (Highest Sovereignty): Intended for the most sensitive public order activities (e.g., defence, national security), this level represents the peak of sovereignty.

    • Personnel: All relevant personnel must be Union citizens and, where appropriate, hold necessary national security clearances (Annex II, 4.1(d)).
    • Cybersecurity: The service must obtain a European cybersecurity certificate of at least assurance level 'high' (Annex II, 4.1(e)). Note the distinction: Level 3 requires 'substantial', while Level 4 requires 'high'.
    • Third-Country Control: Unlike Level 3, Annex II, Section 4 does not contain the derogation clause for third-country control. Providers and subcontractors must not be subject to the control of a third country or a legal entity established in a third country. This effectively bars non-EU controlled providers from Level 4, regardless of any third-country recognition.

Distinguishing EU/EEA-Controlled Offerings from Non-EU Providers

A critical distinction in CADA is between providers that are genuinely EU-controlled and those that are merely "EU-established" but controlled by third-country entities.

  • EU/EEA-Controlled Providers: Providers established in the EU with no controlling interest from third-country entities are best positioned to qualify for Levels 2, 3, and 4. They must still demonstrate compliance with data localisation, personnel citizenship (for Levels 3 and 4), and the relevant cybersecurity certification levels.
  • Non-EU Controlled Providers: Providers subject to the control of a third country (e.g., US-based hyperscalers) face significant hurdles.
    • Level 1 & 2: They can qualify if they meet strict separation criteria, ensuring no remote access or control from outside the Union and preventing data from being used to train third-country AI.
    • Level 3: They are generally excluded unless their home country receives a specific Article 18 implementing act from the Commission. This is a high bar, requiring the third country to demonstrate no conflicting laws and full reciprocity.
    • Level 4: They are effectively barred, as the text of Annex II, Section 4 explicitly excludes the Article 18 derogation found in Level 3.

Identifying Recognised Providers: The Central Repository (Article 22)

Dutch organisations do not need to perform their own complex sovereignty audits. Instead, they rely on the central repository established by the Commission under Article 22.

  • Mandatory Registration: Once a cloud computing service provider receives recognition for a Union assurance level from a national competent authority (e.g., the Dutch authority designated under Article 25), that authority must register the service in the central repository.
  • Public Accessibility: The repository is publicly available and regularly updated on a dedicated website. It lists all recognised services, their assurance levels, and the competent authority that granted recognition.
  • Transparency and Revocation: If an auditing organisation or competent authority revokes a recognition (e.g., due to non-compliance or material changes), this revocation must be published in the repository and remain visible for five years (Article 22(3)). This ensures that Dutch buyers can instantly verify the current status of a provider's sovereignty claims and avoid services that have lost their recognition.

Implications for Buyers in the Netherlands

For Dutch public sector bodies, the risk assessments mandated by Article 29 will determine which assurance level is required for specific activities.

  • Risk Assessment: By one year after entry into force, and thereafter every two years, Dutch authorities must carry out risk assessments to identify public sector activities that contribute to the preservation of public order (Article 29(1)).
  • Procurement Obligations:
    • Non-Critical Activities: For activities not identified as contributing to public order, Dutch bodies must procure at least Level 1 services (Article 30(2)).
    • Public Order Relevance: For activities identified as contributing to public order (e.g., law enforcement, defence, critical infrastructure), Dutch contracting authorities shall only procure services recognised at Level 2, 3, or 4 (Article 30(3)).
  • Market Shift: This will likely shift procurement away from non-EU hyperscalers for sensitive workloads, favouring EU-native providers or those with fully ring-fenced EU operations that can meet the strict personnel and control criteria of Levels 3 and 4.
  • Migration: If a risk assessment requires migration to a higher assurance level, the Member State or Union entity must migrate within a reasonable transition period that shall not exceed 12 months (Article 29(6)).

What this means for you

For Cloud Service Providers and Data Centre Operators:

  1. Prepare for Audits: If you aim to serve the Dutch public sector at Level 2 or above, you must engage with independent auditing organisations (Article 20). Ensure your software supply chain (SBOMs, source code audits) and data localisation policies are robust.
  2. Assess Third-Country Control: If you are controlled by a non-EU entity, evaluate whether you can meet the strict separation requirements for Level 2. Be aware that you are likely barred from Levels 3 and 4 unless your home country receives an Article 18 recognition, which is a high bar and not guaranteed.
  3. Monitor the Central Repository: Your recognition status will be public. Ensure your transparency obligations (Article 23) are met, as any material change in your circumstances (e.g., a new third-country investor) must be reported immediately to avoid revocation.

For Dutch Public Sector Buyers:

  1. Rely on the Repository: Do not accept marketing claims of "sovereign cloud" at face value. Verify the provider's status in the Commission's central repository (Article 22) before procurement.
  2. Conduct Risk Assessments: Perform the risk assessments required by Article 29 to determine the necessary assurance level for your specific workloads. This will dictate whether you can use Level 1 providers or must seek Level 2–4 providers.
  3. Plan for Migration: If your current provider does not meet the required assurance level for your public order-relevant activities, begin planning migration strategies. CADA allows for a reasonable transition period (up to 12 months) for such migrations.

Common misconceptions

  • "Sovereign cloud means data must never leave the Netherlands." CADA requires data to remain within the Union (EU), not necessarily within the specific Member State. Cross-border data flows within the EU are permitted and encouraged, provided the provider is recognised at the appropriate assurance level.
  • "Non-EU providers are banned from the EU market." Non-EU controlled providers are not banned. They can offer services at Level 1 and potentially Level 2 if they meet strict separation criteria. They are primarily restricted from Levels 3 and 4, which are reserved for the most sensitive public order activities.
  • "The Netherlands will have its own national sovereignty list." CADA replaces national sovereignty schemes with a single EU-wide framework. Dutch competent authorities will recognise providers based on EU criteria, and the central repository will be the single source of truth, not a Dutch national list.
  • "Level 3 and Level 4 have the same cybersecurity requirements." They do not. Level 3 requires a cybersecurity certificate of at least 'substantial' assurance, while Level 4 requires a certificate of at least 'high' assurance (Annex II, 3.1(e) and 4.1(e)).

Related

This is general information about a draft EU regulation, not legal advice.