Wilson Sonsini
Silicon Valley tech law firm; CADA analysis found NIS2 sectors caught beyond the 1% headline.
Last refreshed: 10 June 2026 · Appears in 1 active topic
Does Wilson Sonsini's CADA reading mean energy and healthcare are caught too?
Timeline for Wilson Sonsini
Assessed CADA obligations as catching NIS2 sectors beyond the 1% headline
European Tech Sovereignty: Brussels adopts CADA, narrows its scope- What did Wilson Sonsini say about the EU CADA cloud law?
- Wilson Sonsini assessed that CADA's sovereignty obligations extend beyond the Commission's stated 1% of public services to also catch sectors under NIS2, the EU network-security framework, including energy, healthcare and digital infrastructure.Source: Wilson Sonsini
- Does the EU CADA law affect energy and healthcare procurement?
- Wilson Sonsini's analysis concluded it may, via the NIS2 crossover. The Commission's own framing restricts the strictest tier to national security, defence, law enforcement and border management. The final scope will be set in trilogue.Source: Wilson Sonsini
- What is Wilson Sonsini Goodrich and Rosati known for in technology law?
- Wilson Sonsini is a leading US law firm founded in 1961 in Palo Alto, closely associated with Silicon Valley technology and life-sciences clients. It is among the top legal advisers on EU digital regulation, M&A transactions and public markets work for technology companies.
Background
Wilson Sonsini Goodrich and Rosati (WSGR) is a leading US law firm headquartered in Palo Alto, founded in 1961 and closely associated with Silicon Valley technology and life-sciences clients. It is among the top legal advisers to technology companies on regulatory, M&A and public-markets work, with a substantial European practice focused on EU digital regulation.
The firm entered the Lowdown record when its analysis of the Cloud and AI Development Act (CADA) assessed the act's practical scope as considerably wider than the Commission's headline claim. While the Commission stated that only approximately 1% of public services fall under CADA's strictest sovereignty tier, Wilson Sonsini concluded that obligations also catch sectors subject to NIS2 (the EU network-security framework), including energy, healthcare and digital infrastructure. That reading, if borne out in trilogue, would pull in a substantial share of critical national infrastructure rather than just the four explicitly named workload categories.
The firm's role here is that of informed outside counsel interpreting a legislative text in transit, not a regulator or party to the legislation. Its reading is advisory and contested; the final scope will be determined by the European Parliament, Council and Commission in trilogue. US tech clients with European public-sector contracts have material exposure to whichever interpretation prevails.