CADA Draws A Line Through The Public-Sector Cloud. Here Is Where Owned Infrastructure Sits
The EU's Cloud and AI Development Act sorts government workloads into four sovereignty tiers. I explain the honest boundary, and why owned, air-gapped SIOS is the natural fit for the top of it.
By Micky Irons
For a decade the honest answer to "where does European government data actually live" was "on someone else's continent, under someone else's law." On 3 June 2026 the European Commission decided that answer was no longer good enough for its most sensitive workloads. It proposed the Cloud and AI Development Act (CADA), part of its wider push under the AI Continent Action Plan to rebuild Europe's cloud and data-centre base. Buried inside the proposal is the thing that actually changes procurement behaviour: a four-tier cloud sovereignty framework that grades every public-sector contract against how far the underlying infrastructure sits from foreign reach.
I build a Sovereign Intelligence Operating System for exactly this boundary, so let me be precise about what CADA does and, just as importantly, what it does not do. The internet is already full of "the EU just banned US cloud" takes. That is not what happened. What happened is quieter and more durable, and it moves the top of the market toward owned infrastructure whether or not any hyperscaler is ever formally excluded from anything.
What CADA actually says
CADA is a proposal, not yet law. It will move through the European Parliament and Council before it binds anyone. But the design intent is already clear, and public bodies plan against direction of travel, not just against a commencement date.
The mechanism is a set of four Union assurance levels. When a contracting authority procures cloud for its own use, the provider must meet at least Level 1, which requires data to be processed and stored on infrastructure located in the EU. That is the baseline, and with only very narrow exceptions it applies across the public sector. Above that, each body runs a sovereignty risk assessment per use case and lands on the level the workload demands. The levels climb through stricter controls on where infrastructure sits, who owns and operates it, which supply chain feeds it, and which citizens may touch it.
At the top, Level 4 is built for one thing: effective immunity from third-country interference. To reach it a provider must not be controlled by a third country, must hold a European cybersecurity certificate at "high" assurance, and must show full transparency and control over its software supply chain, so that no foreign power controls its design, development, maintenance or evolution. The Commission frames this as the tier that, after a risk assessment, most likely applies to defence and national-security workloads. Level 3 already demands EU ownership and control plus personnel criteria such as citizenship. Level 4 closes the last gaps in the supply chain.
CADA also tackles the physical side. Member States must designate at least one data centre acceleration zone, where projects get streamlined permitting, aggregated baseline permits and a maximum twelve-month permit-granting timeline. That sits within a stated ambition to grow EU data-centre capacity sharply over the coming years. The Act is not only telling government where to run workloads. It is trying to build the ground for them to run on.
The honest boundary: this is a preference engine, not a ban
Here is the part I will not let slide, because getting it wrong is how vendors lose trust. CADA does not bar European public bodies from cloud. Almost nothing in the European regulatory stack does. The EU AI Act, GDPR, DORA, and the FCA, PRA and EBA rulebooks all permit cloud, on conditions. DORA, which has governed the financial sector since it entered into application on 17 January 2025, is explicit: it does not ban third-party ICT or cloud, it requires you to manage the risk with exit strategies, audit rights and concentration controls. CADA is the same shape. Even at the top of its framework, the Commission contemplates a role for large providers on high-criticality workloads where encryption stays under EU control and operational requirements are met.
So the genuine no-cloud line is workload-level, not sector-level. It bites on classified and SECRET-plus material, on ITAR-touched data, on isolated OT and SCADA environments, and on any use case where a data protection assessment comes back negative. Everything else is a preference, and CADA's four tiers are a mechanism for expressing that preference as a procurement score rather than a slogan. A government CIO reading CADA is not being told "you may not use cloud." They are being told "the more sensitive the workload, the more procurement will reward infrastructure you can prove sits beyond foreign reach." That is a very different, and much more defensible, claim. It is the same reading I set out in my work on EU digital sovereignty and on data residency for regulated workloads, and CADA now gives it a procurement spine.
Where owned infrastructure sits
Trace the four tiers upward and something becomes obvious. At Level 1 you can satisfy the rule with a hyperscaler region inside the EU. By Level 3 you need EU ownership, EU operation and cleared personnel. By Level 4 you need to prove that no third country can reach the software supply chain at all. Each rung strips out a category of external dependency. Follow that logic to its end and you arrive at infrastructure the organisation owns and controls outright.
That is what a Sovereign Intelligence Operating System is, and it is why I built Mickai the way I did. Mickai is not a service you rent from me and hope I am on the right side of the right border. It is a SIOS that a regulated organisation owns and runs inside its own walls, air-gapped where the workload demands it, with every model, every retrieval and every agent action executing on infrastructure the body physically holds. There is no third-country operator, because there is no operator but you. There is no foreign supply-chain reach into the running system, because the running system does not phone home. And because every action writes to a cryptographically-signed audit record, a Level 4 assessor is not taking your word for immunity. They are reading a tamper-evident log of it.
CADA does not name owned infrastructure as the answer to its top tier. Regulators rarely name a category, and I would not want them to. What CADA does is describe a set of properties (no foreign control, full supply-chain command, high-assurance security, personnel and operational sovereignty) that owned, air-gapped SIOS satisfies natively rather than by a chain of contractual promises. For the workloads that land at the top after a sovereignty risk assessment, that distinction is the whole game.
The takeaway
CADA is not the end of cloud in European government. It is the end of pretending that all workloads carry the same sovereignty risk. For most public-sector systems, an EU cloud region and a sound risk assessment will clear the bar. For the workloads at the top (defence, national security, and anything where a foreign legal order reaching your data is an unacceptable outcome) the framework quietly rewards the properties that only owned infrastructure delivers by construction. That is where SIOS sits. Not as a reaction to a ban that did not happen, but as the honest terminal point of a preference the EU is now writing into procurement. I have built for that point already. It is running. When the risk assessment says Level 4, we are what Level 4 looks like when you stop renting it.
Frequently asked questions
Does CADA ban EU public bodies from using US cloud providers?
No. CADA does not impose a blanket ban. It sets a baseline that public-sector data be processed and stored in the EU (Level 1) and then grades more sensitive workloads against stricter sovereignty tiers up to Level 4. Large providers can still serve many workloads, including high-criticality ones, where encryption and operational controls are met. The genuine no-cloud line is workload-level, for classified, ITAR, isolated OT and similar cases, not a sector-wide prohibition.
When does CADA take effect?
CADA was proposed by the European Commission on 3 June 2026. It is a proposal, so it must still pass through the European Parliament and Council before it becomes binding law. Public bodies are already planning against its direction of travel because procurement decisions made now will outlive the legislative timetable.
What is Level 4 and which workloads reach it?
Level 4 is the highest assurance tier, designed for effective immunity from third-country interference. It requires that the provider is not controlled by a third country, holds a "high" European cybersecurity certificate, and shows full transparency and control over its software supply chain. After a per-use-case sovereignty risk assessment, it most likely applies to defence and national-security workloads.
Why is owned, air-gapped SIOS the natural fit for the top tier?
Because Level 4's requirements (no foreign control, full supply-chain command, high-assurance security and operational sovereignty) are satisfied natively by infrastructure the organisation owns and runs itself, rather than by a chain of contractual promises. Mickai is a Sovereign Intelligence Operating System that runs inside your own walls, air-gapped where needed, with a cryptographically-signed audit record on every action, so immunity is something an assessor can verify rather than trust.


