Skip to content
You can now search across every topic, entity and event.What's new
Cloud and AI Development Act
LegislationEU

Cloud and AI Development Act

EU law (CAIDA) to ban US cloud from sensitive EU public-sector data; blocked a third time by US trade pressure on 27 May 2026.

Last refreshed: 27 May 2026 · Appears in 2 active topics

Key Question

Can CAIDA survive a trade war it was never designed to fight?

Timeline for Cloud and AI Development Act

View full timeline →
Common Questions
What is the Cloud and AI Development Act?
CADA is the European Commission's proposed legislation for infrastructure-layer cloud and AI sovereignty, implementing a Draghi Report recommendation. Proposed in Q1 2026, practical effect is not expected before 2028.Source: European Commission
When will the EU Cloud and AI Development Act come into force?
No draft text has been published; given the typical EU legislative cycle, practical effect is not expected before 2028.
How does CADA relate to the Draghi report?
CADA directly implements a recommendation from Mario Draghi's 2024 European competitiveness report, which called for structural intervention at the infrastructure layer of the cloud market.

Background

The Cloud and AI Development Act (CAIDA) is the European Commission's proposed legislation to address infrastructure-layer sovereignty in cloud computing and artificial intelligence. It implements a direct recommendation from Mario Draghi's 2024 competitiveness report and appeared on the Commission's work agenda in Q1 2026. A leaked scope confirmed by CNBC and gHacks bars US cloud providers from processing financial, judicial, and health data for EU public-sector clients, while leaving private-sector procurement untouched. CAIDA was referenced at the Sovereign Tech Europe summit in Brussels in April 2026 as one of the primary regulatory instruments for European digital sovereignty.

CAIDA has failed to reach the College of Commissioners on three successive calendar-locked dates: 25 March, 15 April, and 27 May 2026. On the third slip the Act was pushed to a tentative 3 June date. US Ambassador Andrew Puzder declared the package crosses "a red line" inconsistent with the EU-US trade framework; a France-Germany split over threatened automotive tariff exposure (up to $200bn) is the structural constraint behind that warning. Politico separately reported the 400-page text was simply not ready. The G7 Digital Ministerial France had built as CAIDA's international launch pad convened on 29 May without it; cloud sovereignty was omitted from the official agenda entirely.

CAIDA sits above the Commission's existing sovereign cloud procurement framework, which in April 2026 awarded a €180m six-year contract to four provider groupings. The Act is intended to set structural rules for how EU institutions and member states procure and govern cloud and AI infrastructure over the longer term. Japan signalled alignment between CAIDA and its own Economic Security Promotion Act at the April summit. Practical effect is not expected before 2028 at the earliest; no draft text had been published as of April 2026. The instrument built to escape US technological dependence has been pre-defeated diplomatically before a word of it formally reached the College.

More questions
Why has the EU Cloud and AI Development Act been delayed three times?
CAIDA missed its adoption dates on 25 March, 15 April and 27 May 2026. US Ambassador Andrew Puzder called it a red line inconsistent with the EU-US trade framework, and a Paris-Berlin split over automotive tariff exposure made the political consensus needed to table it impossible.Source: Politico, European Commission
What does the leaked CAIDA scope actually bar US cloud companies from doing?
Leaked text confirmed by CNBC and gHacks bars US cloud providers from processing financial, judicial and health data on behalf of EU public-sector clients. Private-sector procurement is excluded.Source: CNBC, gHacks
When will CAIDA take effect if it is adopted in June 2026?
Practical effect is not expected before 2028 at the earliest, reflecting the standard EU legislative cycle. Adoption by the College starts the ordinary legislative procedure through Parliament and Council.Source: European Commission
How does CAIDA relate to the USTR Section 301 investigation into EU digital rules?
The USTR Section 301 final determination on EU digital rules is due 24 July 2026. Washington has signalled that CAIDA-style procurement restrictions on US cloud firms are among the practices under review, giving the US a trade lever timed against the peak enforcement window.Source: USTR, European Commission
What is the difference between CAIDA and the existing EU sovereign cloud procurement framework?
The existing framework is operational: in April 2026 the Commission awarded a €180m six-year contract to four provider groupings. CAIDA is legislative: it would set binding structural rules for how all EU institutions and member states govern cloud and AI procurement going forward.Source: European Commission