When was the Cloud and AI Development Act (CADA) proposed?

Summary The Cloud and AI Development Act (CADA) was proposed by the European Commission on 3 June 2026, under the reference COM(2026) 502 final (procedure 2026/0138 COD). It is a legislative proposal undergoing the ordinary legislative procedure and is not yet in force.

Detail

CADA is a proposal designed to strengthen the European Union's cloud and artificial intelligence ecosystem. The European Commission presented it on 3 June 2026 (the document is dated Brussels, 3.6.2026). Its official reference is COM(2026) 502 final, and its legislative procedure code is 2026/0138 (COD).

As of this writing, CADA remains a proposal. It has not been adopted as law. It is subject to the ordinary legislative procedure, meaning it must be examined, potentially amended, and jointly adopted by both the European Parliament and the Council before it becomes binding.

The proposal's scope and objectives

According to Article 1, the Regulation would establish a framework for strengthening the cloud and AI ecosystem at Union level, in particular through:

1. Cloud and AI Leadership Initiatives: establishing the Cloud Leadership Initiative and the AI Leadership Initiative (Article 1(1)(a)).
2. Data centre deployment: setting a framework for the accelerated deployment of data centres across the Union (Article 1(1)(b)).
3. Sovereign cloud offer: enabling the availability of a sovereign cloud and AI offer to safeguard the Union's public order (Article 1(1)(c)).
4. Reducing dependencies: reducing dependencies on critical technologies (Article 1(1)(d)).
5. Public-sector adoption: fostering the adoption of cloud computing services across the public sector (Article 1(1)(e)).

The proposal sets two general objectives. Under Article 1(2), the first is to ensure the conditions necessary for the competitiveness and innovation capacity of the Union's cloud and AI ecosystem. Under Article 1(3), the second — separate from and complementary to the first — is to improve the functioning of the single market by laying down a uniform Union legal framework for increasing the Union's resilience and strategic autonomy in cloud and AI technologies.

The legislative process

Because CADA is proposed as a Regulation, it would be binding in its entirety and directly applicable in all Member States once it applies. That status is not immediate: the ordinary legislative procedure involves the Parliament and the Council, and the text may change. Stakeholders, including public-sector bodies and industry, are encouraged to monitor the file, as the final adopted text may differ from the current proposal.

What this means for you

For public-sector procurement officers and IT managers, 3 June 2026 marks the start of the formal legislative timeline. You are not yet required to comply with CADA, but you can begin preparing.

1. Monitor procurement rules: As proposed, Article 30 would require contracting authorities and Union entities (procuring for their exclusive use) to use cloud services recognised at Union assurance level 1; for activities identified as contributing to the preservation of public order, levels 2, 3 or 4 would be required.
2. Assess current dependencies: The proposal aims to reduce reliance on non-European providers. Public bodies can start mapping current providers against the sovereignty criteria in Annex II, including data localisation and control by third countries.
3. Prepare for risk assessments: Article 29 would require Member States and Union entities to carry out risk assessments to determine the appropriate Union assurance level — as proposed, within one year of entry into force and thereafter every two years.
4. Stay informed: Because the text is still a proposal, details may change. Track procedure 2026/0138 COD for amendments by the Parliament and the Council.

Common misconceptions

• Misconception: CADA is already law.
  • Fact: CADA is a proposal, tabled on 3 June 2026. It must pass the European Parliament and the Council before becoming binding.
• Misconception: The proposal date is the application date.
  • Fact: 3 June 2026 is when the Commission submitted the text. As proposed, the Regulation would apply one year after its entry into force (Article 48), but the final timeline would be set in the adopted text.
• Misconception: CADA replaces the GDPR or the AI Act.
  • Fact: CADA is complementary to existing law such as the GDPR and the AI Act, focusing on cloud sovereignty, data centre deployment, and public procurement rather than data protection or AI safety.

Official sources

• EU AI Act (Regulation (EU) 2024/1689)
• GDPR (Regulation (EU) 2016/679)

Related

• Why was the Cloud and AI Development Act (CADA) proposed?
• Who does the Cloud and AI Development Act (CADA) apply to?
• Where can I read the official text of the Cloud and AI Development Act (CADA)?
• When must Member States act under CADA? Key deadlines
• What is the one-sentence summary of the Cloud and AI Development Act (CADA)?

This is general information about a draft EU regulation, not legal advice.