The European Commission’s new Technological Sovereignty Package marks a clear shift from “resilience” to assertive control over key digital infrastructures. It bundles four initiatives – a revamped Chips Act, the Cloud and AI Development Act (CADA), an EU Open Source Strategy, and a roadmap for digitalisation and AI in the energy sector – around one central concern: Europe’s structural dependence on non‑EU providers for chips, cloud and AI.

At the heart of this shift sit the Union Assurance Levels (UALs) in Annex II of CADA, a four‑tier framework for “sovereign” cloud services. These tiers will determine which providers can host sensitive public‑sector workloads – and, in practice, they will make life significantly harder for US hyperscalers in parts of the European market.

Understanding the Union Assurance Levels

CADA’s Article 16 establishes a “Union cloud computing sovereignty framework consisting of four assurance levels” and points to Annex II for the specific criteria that cloud services must meet to be recognised at Union Assurance Levels 1 to 4.

The structure is simple in form but demanding in substance:

• UAL1: baseline sovereignty for all public‑sector cloud procurements
• UAL2–3: progressively stricter “EU‑controlled” service requirements
• UAL4: full EU‑only control – the highest sovereignty tier for the most sensitive workloads.

Annex II applies to “cloud computing service providers and their cloud computing services” and explicitly covers software (as defined in the Cyber Resilience Act), while excluding hardware. In other words, the framework is aimed squarely at cloud and AI services, stacks and platforms, not at physical kit.

What Each Level Requires in Practice

Union Assurance Level 1 – The New Minimum

UAL1 is the minimum bar that any cloud provider must clear to serve EU public‑sector bodies under CADA. Article 30 CADA requires contracting authorities to procure at least UAL1 for any cloud computing service.

Annex II sets out cumulative conditions, including:

• Provider established in the EU, with infrastructure and assets located in the Union (unless the public body explicitly requires otherwise).
• Customer data, including metadata and telemetry, remain in the Union in all phases, again unless the public body explicitly agrees to an exception.
• Any outsourcing of technical or operational support outside the Union must be tightly governed so as not to compromise the provider’s operational autonomy.
• Compliance with “state‑of‑the‑art” cybersecurity standards and full transparency on subcontractors.
• If the provider is controlled by a third country or a third‑country entity, it must at least prove there are no laws or practices in that country requiring it to report software vulnerabilities to foreign authorities before exploitation.

UAL1 thus already goes well beyond today’s de facto situation, especially by codifying EU establishment, data localisation by default and disclosure‑of‑vulnerabilities safeguards. But it does not exclude non‑EU‑controlled groups per se.

Union Assurance Level 2 – Everything in Europe, With Strings

UAL2 ramps up the sovereignty demands. Annex II requires that:

• Both the audited provider and all subcontractors involved in the service are established in the Union, with infrastructure, assets and personnel located in the Union.
• Customer data, metadata and telemetry must remain exclusively in the Union (unless the public body explicitly requires otherwise).
• Public bodies may ask for additional personnel screening and EU‑citizenship requirements.
• The service must hold at least a “substantial” EU cybersecurity certificate (or equivalent under national schemes until an EU scheme exists).
• Data generated by using the service may not be used to train or fine‑tune any AI system operated by a third country or third‑country entity, and may not be transferred outside the Union in any case.
• Where the provider or its subcontractors are under third‑country control, they must demonstrate strong legal, technical and organisational measures to prevent foreign access to data, disruption of service continuity, and imposition of foreign sanctions or embargoes.
• Technical and operational support must be initiated and carried out exclusively within the Union.
• Stringent software supply‑chain controls apply: a complete SBOM, controls on remote features in third‑country components, source‑code audits and migration plans, plus guarantees against early vulnerability disclosure to foreign authorities.

UAL2 is the first level that looks like a genuine sovereign cloud profile: EU‑only infrastructure and staff, no non‑EU training of AI on usage data, and robust protection against extra‑territorial interference. This is a high bar for any provider with a non‑EU parent.

Union Assurance Level 3 – High Sovereignty With Only Narrow Openings

UAL3 keeps most of UAL2’s conditions and tightens them further:

• All personnel involved (including subcontractors) must be EU citizens, with national security clearance where they handle classified information.
• The audited provider and its subcontractors must not be subject to control by a third country or third‑country entity, as a rule.
• An exception is possible only if the Commission issues an implementing act under Article 18 recognising a third country as providing sufficient assurances; in that case, additional separation and protection measures must be demonstrated.
• Support and assistance must be performed exclusively within the Union, by Union residents, and by entities not under third‑country control.
• The same strict AI‑training ban and data non‑transfer rules as UAL2 apply.
• The same deep supply‑chain transparency and control obligations apply, including SBOMs and source‑code audits for third‑country components, along with contingency plans.

UAL3 thus amounts to a “high‑sovereignty tier”, essentially EU‑only in normal circumstances, with a narrow gateway for associated third countries that pass a demanding adequacy‑type test under Article 18.

Union Assurance Level 4 – Full EU‑Only Control

UAL4 is the top tier, intended for the most sensitive government workloads. It requires, cumulatively:

• EU establishment and EU location of infrastructure, assets and personnel (provider and subcontractors).
• Sensitive customer data, metadata and telemetry must always remain in the Union – without the exceptions foreseen at lower levels.
• All personnel involved must be EU citizens, with clearance where appropriate.
• A “high”‑assurance cybersecurity certificate under the EU cloud scheme (or equivalent national schemes in the interim).
• No use of data generated by the service for training or fine‑tuning AI operated by third‑country entities, and no transfer of those data outside the Union.
• The audited provider and subcontractors must not be under the control of any third country or third‑country entity – with no derogation mechanism.
• Support and operations exclusively from Union territory, by Union residents and non‑controlled entities.
• On the software supply chain, UAL4 introduces a particularly demanding requirement: providers must prove that no third country or third‑country entity holds “effective control” over the design, development, maintenance and evolution of software components or products, including influence over security remediation and long‑term continuity.

In effect, UAL4 defines what a fully EU‑controlled sovereign cloud looks like: European in ownership, infrastructure, personnel, data location and software governance. It is explicitly geared towards defence, national security, justice, border management and other critical public‑sector systems.

Who Must Use These Levels – And For What

CADA’s Title IV clarifies the scope of application:

• Public sector and EU institutions
  • Article 29 obliges Member States and Union entities to carry out risk assessments to determine which public‑sector activities require conformity with UAL2, 3 or 4.
  • Article 30 requires that all contracting authorities procure at least UAL1 for any cloud computing service, and that authorities whose activities have “public order relevance” must procure and use only services recognised at UAL2, 3 or 4.

This makes UAL1 the new baseline for public procurement of cloud services across the EU, and pushes a significant share of sensitive workloads into the UAL2‑4 band.

• Private sector
  • Article 31 allows private entities covered by NIS2 (energy, transport, banking, financial market infrastructures, health, digital infrastructure and other critical sectors) to carry out impact assessments mirroring those of the public sector and to use the UAL framework when choosing cloud providers.
  • There is no direct legal obligation for private entities to choose UAL‑certified services, but the framework will become a regulatory reference point for supervisors and national cybersecurity regimes.

In short, the UAL framework is mandatory for public buyers and voluntary but strongly incentivised for critical private operators. Over time, this is likely to turn UAL labels into a de facto market standard for “trustworthy” cloud even beyond the public sector.

The Likely Impact on US Hyperscalers in Europe

The Commission insists that the Tech Sovereignty Package is about “openness with safeguards” rather than protectionism. Yet, taken together, the Union Assurance Levels and related procurement rules will reshape the competitive landscape for US cloud giants in Europe.

Several effects stand out.

1. Sensitive Government Workloads Will Largely Move Away from US Cloud

Analyses of the package and Commission briefings converge on one point: US providers will struggle to reach UAL3 and UAL4because of the US CLOUD Act and other extra‑territorial powers that can compel American companies to hand over data, regardless of where they are stored.

Since UAL3 and UAL4 either prohibit third‑country control outright (UAL4) or allow it only under an exceptionally demanding Article 18 decision (UAL3), US hyperscalers will find it extremely difficult to qualify for those tiers while remaining under US corporate control.

This means that:

• Defence, national security, justice, border and critical infrastructure workloads in the public sector will, in practice, have to run on EU‑controlled clouds if Member States follow the logic of Articles 29–30 and assign them to UAL3 or UAL4.
• Sectors like public healthcare and public finance, which the Commission and commentators explicitly flag as “sensitive”, will also face strong pressure to move to higher UAL tiers that non‑EU‑controlled providers cannot reach.

In other words, while CADA does not impose a blanket ban, it creates a legal environment where US hyperscalers are structurally disadvantaged for the most sensitive and politically visible parts of the European public‑sector cloud market.

2. A Strong Pull for EU‑Controlled Cloud Champions

The UAL framework effectively defines the “design specification” for European sovereign cloud operators:

• EU‑incorporated, EU‑controlled providers with fully EU‑based infrastructure, personnel and support can credibly target UAL3–4.
• Providers able to demonstrate deep supply‑chain control, transparent SBOMs, source‑code auditability and independence from third‑country interference will have a regulatory advantage in competing for high‑sovereignty workloads.

Combined with the package’s broader support measures – from Cloud and AI Leadership Initiatives to a European public sector cloud federation (EuroCloud Federation) – this will channel public demand, capital and legitimacy towards EU‑based cloud and AI players.

3. Indirect Pressure on Critical Private Users

Formally, the Tech Sovereignty Package “does not regulate” private‑sector use of cloud services. But in practice, several channels will transmit its effects to large private buyers:

• Regulatory supervision: NIS2 authorities and financial, energy or health regulators can treat UAL classification as an indicator of acceptable risk in their own guidance or supervisory expectations.
• Benchmarking: once ministries of finance, defence or health demand UAL3 or UAL4 clouds, major banks, insurers, telcos and energy companies will find it hard to justify lower standards for functionally similar workloads.
• Market signalling: boards and CISOs may come under pressure to “follow the UAL standard” for reputational and liability reasons, even without a formal legal obligation.

This suggests that, over time, UAL labels will matter well beyond the public sector, shaping procurement choices of banks, utilities and other critical private operators – and further eroding the relative position of non‑EU‑controlled cloud providers in high‑sensitivity segments.

4. Strategic Responses from US Big Tech

US hyperscalers are unlikely to passively accept a progressive exclusion from sensitive EU workloads. Likely responses include:

• Setting up more elaborate ring‑fenced EU entities and joint ventures to argue for eligibility at UAL2 or, in limited cases, UAL3 under Article 18.
• Pressing for an EU–US understanding on cloud similar to data‑protection adequacy, though the CLOUD Act’s breadth may make such an arrangement politically difficult.
• Re‑focusing their European growth strategies on non‑sensitive workloads, where UAL1 remains achievable, and on providing technology and tooling to EU‑controlled operators at higher tiers.

Industry groups have already criticised CADA as discriminatory and warned of “severe market fragmentation” if non‑EU vendors “would be unable to meet” the higher sovereignty thresholds by design.

Conclusion: A Quiet Re‑Wiring of Europe’s Cloud Market

The Tech Sovereignty Package does not declare war on US tech. It does something more subtle – and, in the long term, more consequential. It codifies graduated sovereignty requirements for cloud and AI services, ties them to public procurement obligations, and offers critical private operators a ready‑made framework for their own risk assessments.

For US hyperscalers, the likely outcome is not a total exit from Europe, but a strategic retreat from the most sensitive public‑sector and critical‑infrastructure workloads, coupled with a stronger focus on less sensitive segments. For European providers, the Union Assurance Levels are an invitation – and a challenge – to build credible, competitive sovereign cloud offerings at scale.