Public consultation on the proposal for a regulation of the European Parliament and of the Council establishing a framework of measures for the strengthening of the European cloud and artificial intelligence ecosystem (CADA Regulation)
Date of publication: 16/06/2026
Deadline: from June 16 to July 7, 2026 at 23:59
Context
Cloud computing and artificial intelligence have become the engines that are transforming industry, public services and everyday life in the European Union. The cloud provides the backbone for everyone to access and deploy digital solutions efficiently, while AI creates unprecedented opportunities for automation, data-driven decision-making and personalized services. A strategic approach to its development and adoption is therefore essential for a competitive, secure, sovereign and future-proof EU.
In this context, various high-level strategic analyses - such as the Draghi Report on the future of European competitiveness, the Letta Report or the Communication "Compass for Competitiveness" - have highlighted the availability of advanced digital infrastructures and sovereign cloud services as essential elements to strengthen the economic competitiveness, strategic autonomy and resilience of the European Union. The Economic Security Risk Assessment on AI Technologies also identified the dependence on a limited number of foreign cloud and border AI providers as a significant vulnerability of the European ecosystem.
The analysis carried out within the framework of the impact assessment process – from which the following data come – has identified two major structural problems that justify the intervention of the European legislator:
Firstly, there remains a limited and geographically concentrated availability of computing capacity in the European Union.
In 2025, the installed capacity in the EU amounts to approximately 12.4 GW, which represents only 20% of the global capacity, compared to 42% in the United States, with a comparable GDP. In addition, the existing capacity is concentrated in four large centres – Frankfurt, Paris, Amsterdam and Dublin – which account for 65% of the European market, leaving many regions, particularly in southern and eastern Europe, with insufficient access to nearby computing infrastructures.
The factors behind this problem are mainly two: on the one hand, the structural barriers to market entry resulting from the first-come advantage of large non-European suppliers – which hoard most new data centre projects through large-scale pre-lease contracts – and, on the other, regulatory fragmentation and administrative bottlenecks that slow down the deployment of new infrastructure across the Union. Added to this is the shortage of suitable soil, the high energy costs (two or three times higher than those in the US. US o China) and difficulties in accessing funding for smaller scale projects.
Secondly, there is a structural dependence on cloud and AI services provided by non-European providers.
The European cloud services market (IaaS and PaaS) is dominated by three US companies – Amazon Web Services, Microsoft Azure and Google Cloud – which together account for around 70% of the European market. This situation generates risks of various kinds, among which stand out: economic risks in the face of price rises or unilateral contractual changes; operational risks in the face of any interruption of the service; and geopolitical risks, since the data of European citizens, companies and administrations may be exposed to extraterritorial legislation of third countries —such as the US CLOUD Act or Section 702 of the US FISA Act— that allow access to these data without the intervention of European justice.
The share of European suppliers has fallen from 29% in 2017 to 15% in 2022, where it has stabilized, and shows no upward trend without decisive intervention. Due to different factors, which include fragmentation in national markets, the lack of scale and scope to compete with the integrated catalogues of more than 200 hyperscalar services and the low adoption by the public sector of cloud services from European suppliers, unlike what happened historically in the United States.
The European public cloud market is estimated at more than 200 billion euros in 2028, and demand will continue to grow. If the right decisions are not taken, the problems described will tend to worsen: the capacity deficit will widen, making it foreseeable an increase in the prices of access to computing, and external dependence will deepen, making European companies and administrations able to continue to depend on decisions taken outside the Union.
A new regulatory framework can enable Europe to increase its competitiveness and technological sovereignty, making it easier and faster to implement a sustainable cloud and data center infrastructure, and ensuring that the deployment of cloud and sovereign AI to critical sectors is accelerated, while keeping the market open to our partners.
Objectives and content of the standard
To meet the challenges described, the Cloud and AI Development Act (CADA Regulation) aims to ensure the functioning of the internal market for cloud computing and artificial intelligence services, and to ensure the necessary conditions for the competitiveness and strategic autonomy of the European Union.
The normative text is articulated as a directly applicable regulation that establishes an integrated framework of measures in three main areas:
1. Research, development and innovation (R+D+I)
- supporting the development of cutting-edge cloud technologies and next-generation artificial intelligence, in particular for border artificial intelligence, industrial artificial intelligence and physical artificial intelligence;
- introducir «Grandes Desafios» (iniciativas estratégicas) para impulsar futuros esfuerzos de I+D+i para alcanzar sus objetivos generales;
- ensure the adoption of cloud and AI in strategic industrial and public sectors through national cloud and AI strategies in Member States, and AI experience and acceleration centres.
2. Capacity
- At least triple the capacity in EU data centers in the next 5-7 years;
- Simplify and accelerate the granting of permits and the deployment of data centers;
- Improving access to key resources such as energy, land, water and finance;
- Ensure sufficient computing capacity to support AI, cloud services, and data-intensive applications.
3. Autonomy
- introducing a single EU-wide sovereignty framework to assess cloud and AI sovereignty;
- accelerate the deployment of cloud and sovereign AI to critical sectors, while ensuring that the vast majority of the market remains open to our partners;
- boost the added value of EU cloud and AI, rewarding contributions to EU-based innovation and supply chain resilience;
- establishing a common procurement framework at EU level for public administrations to use their combined purchasing power;
- Drive open source solutions to strengthen resilience.
Together, these measures seek to transform the European cloud and AI ecosystem into a more competitive, resilient and sovereign sector, capable of supporting the mass adoption of artificial intelligence, cloud computing, the Internet of Things and other innovative technologies that are essential for the competitiveness of the European economy in the present decade.
To this end, the proposal for a regulation presented by the European Commission is made available, which is submitted to a public hearing as a step prior to its processing in the institutions of the European Union, in order to gather the opinions of the citizens, companies and organizations potentially affected on the problems, objectives and regulatory alternatives raised by the initiative.
Official text of the proposal:
Deadline and submission of contributions
The contributions can be sent to the email address: tramitacion.dgia@digital.gob.es Indicating in the subject:
"Public hearing Regulation CADA – Contributions [name or social reason]"
The public hearing will be open from 16 June to 7 July 2026 at 23:59. During this period, all interested parties can submit their contributions.