Tripling the EU’s data centre stock with special AI compute zones
CFG’s submission to the call for evidence on the Cloud and AI Development Act.
Introduction
Europe lags significantly behind the United States and China in compute capacity, digital infrastructure, and cloud sovereignty. According to new research[2] by Epoch AI, the EU currently hosts only a rough 5% of the world’s AI compute capacity, compared to almost 75% by the US. As outlined in the Commission’s Call for Evidence on the Cloud and AI Development Act[3], this gap threatens the EU’s competitiveness in AI and risks Europe giving away significant leverage to foreign actors.
McKinsey estimates[4] total datacenter demand in Europe will grow from some 10 GW in IT load in 2024 to 35 GW by 2030, with the bulk of this demand increase fueled by AI. In the AI Continent Action Plan[5], the Commission has rightly set the goal to triple the EU’s data centre capacity over the next 5-7 years to accommodate this demand and address Europe’s weak AI infrastructure position. Achieving this ambitious target will require a broader strategy addressing EU-wide permitting issues, financial bottlenecks, energy market design and more. In this submission, we zoom in on a specific instrument in the EU’s toolbox that could form the core of such a broader legislative package: Special Compute Zones[6] (SCZs).
More concretely, we propose a new EU Regulation requiring Member States to establish such SCZs—dedicated regions where the rules for AI data centres, energy infrastructure, and security are harmonised and fast-tracked. This proposal is akin to the already established UK AI Growth Zones[7], which are meant to accelerate all aspects of the AI supply chain in the UK. The idea of special compute zones is also gaining traction[8] in the US policy, despite the already speedy deployment of compute infrastructure in the US.
This submission builds on CFG’s previous work to explore the need for[9] and design of[10] a new CERN for AI in Europe, an institution that would not only give the EU a seat at the table in the critical AI sector, but also present an alternative research and production model for AI outputs, a model built on trustworthiness and democratic values.
Our SCZ proposal addresses all three objectives outlined by the Commission for the Cloud and AI Development Act:
Data centre capacity
“Triple the EU’s data centre capacity within the next 5-7 years by promoting and creating the right conditions for attracting and supporting investment in sustainable data centres across the EU, notably by tackling obstacles such as long permitting times and difficulties in accessing energy, water, land, and capital, and by offering possible financial support in line with applicable State aid rules to data centres with a high innovation and sustainability contribution.”
SCZ’s offer pre-approved, earmarked sites for large data centre buildouts, that come with space for on-site power generation and necessary grid connections. Each zone operates under a streamlined “single-window” permitting system, drastically reducing approval times.
See the section called ‘Objective 1: capacity’
Data centre sustainability
“Advance research and innovation to make the EU a leader in resource-efficient data processing infrastructures, software, and services by advancing the sustainability of AI data processing along the compute continuum and, on the data centre level, by improving power management, cooling, general operations, and integration into energy and water systems.”
SCZ’s enable co-location of renewable energy generation and data infrastructures, streamline permitting for renewable energy projects and require Member States and data centre providers to create certified sustainability plans.
See the section called ‘Objective 2: sustainability’
Data centre security
“Ensure that a set of narrowly defined highly critical use cases can be operated using highly secure EU based cloud capacity, while creating the conditions for the EU cloud industry to develop secure processing capabilities to serve the needs of these highly critical use cases.”
Larger Member States would need to support high security SCZ designs, enabling critical AI use cases that can only be run inside designated public data centres.
See the section called ‘Objective 3: security’
Data centre capacity
Data centre sustainability
Data centre security
“Triple the EU’s data centre capacity within the next 5-7 years by promoting and creating the right conditions for attracting and supporting investment in sustainable data centres across the EU, notably by tackling obstacles such as long permitting times and difficulties in accessing energy, water, land, and capital, and by offering possible financial support in line with applicable State aid rules to data centres with a high innovation and sustainability contribution.”
“Advance research and innovation to make the EU a leader in resource-efficient data processing infrastructures, software, and services by advancing the sustainability of AI data processing along the compute continuum and, on the data centre level, by improving power management, cooling, general operations, and integration into energy and water systems.”
“Ensure that a set of narrowly defined highly critical use cases can be operated using highly secure EU based cloud capacity, while creating the conditions for the EU cloud industry to develop secure processing capabilities to serve the needs of these highly critical use cases.”
SCZ’s offer pre-approved, earmarked sites for large data centre buildouts, that come with space for on-site power generation and necessary grid connections. Each zone operates under a streamlined “single-window” permitting system, drastically reducing approval times.
SCZ’s enable co-location of renewable energy generation and data infrastructures, streamline permitting for renewable energy projects and require Member States and data centre providers to create certified sustainability plans.
Larger Member States would need to support high security SCZ designs, enabling critical AI use cases that can only be run inside designated public data centres.
See the section called ‘Objective 1: capacity’
See the section called ‘Objective 2: sustainability’
See the section called ‘Objective 3: security’
To rapidly expand Europe’s compute capabilities, SCZs must be integrated within an appropriate EU legal framework. We recommend that the European Commission pursue Option 3—adopting a dedicated Regulation, as outlined in its public consultation, to ensure strong, harmonized, and enforceable support for their development.
Policy Options 0, 1, and 2 require transposition into 27 separate national legal systems, and would inevitably lead to a slow and fragmented implementation. Policy Option 4 could be overreaching and is bound to face political pushback. We believe that Option 3 – a Regulation – is the instrument most capable of delivering the necessary speed and legal certainty required to attract investment at the scale and pace needed. The EU’s own legislative history provides a clear precedent with the European Chips Act. The Act (Regulation (EU) 2023/1781) established Integrated Production Facilities with mandated fast-track permitting, creating a powerful pathway for a critical technology. Similarly, lessons from the Renewable Energy Directive (RED III) show an increasing recognition that for strategic infrastructure projects, a prescriptive, harmonised, approach is essential to cut through national administrative bottlenecks.
Summary of the proposal
What are special compute zones?
SCZs are specially designated areas where the development of AI infrastructure can happen at scale, speed, and with a clear, streamlined regulatory framework. Think of them as the equivalent of industrial parks—but for next-generation computing infrastructure. By concentrating efforts geographically, the EU can accelerate buildouts while ensuring strong environmental and security standards.
Similar zone-based approaches have proven successful in other sectors. For example, Germany’s “Solar Valley[11]” once laid the foundation for solar’s exponential rise by providing simplified regulations, targeted incentives, and co-located supply chain partners.
Why this matters
AI models require enormous data centres to train and widely serve. They require reliable electricity, robust internet connectivity, access to water for cooling and sizable land areas. Regulatory requirements in all these domains have made setting up AI data centres in the EU burdensome. In the field of AI where progress is measured in weeks, current permitting processes—often spanning more than 48 months[12]—are simply too slow.
Computing power is crucial to train next-generation AI systems that can accelerate science[13], supercharge worker productivity[14], and help protect Europe against hybrid threats[15]. Distributed compute stocks throughout Europe are also vital to serve those same models at scale with minimal delays in model response time and ensuring inference capabilities for critical tasks. Europe currently lags behind the US in both training and inference compute capacity—by a long shot. Worse, the US is rapidly expanding its infrastructure lead over Europe, with America being on track to triple its datacenter capacity between 2024 and 2028, adding more than 55GW of critical IT power[16]. Without urgent action, the EU risks falling permanently behind in a field that underpins future economic, scientific, and security leadership.
Key elements of the proposal
Under our proposal, most Member States would need to establish at least one SCZ. Based on predefined parameters such as GDP, population density, and land mass, some Member States would be required to designate larger or additional zones, ensuring geographic equity and shared responsibility in access to cutting-edge infrastructure. Similarly, some requirements could be adjusted downward or remain voluntary for (very) small Member States that lack the power infrastructure or state capacity to rapidly implement full-sized SCZ’s. For instance, small Member States may choose to make energy co-location a requirement for potential datacenter providers, decreasing the need for state-led grid upgrades.
Each SCZ would support modern AI computing needs with:
- A simplified, unified permitting process limited to 180 days (compared to the current 24+ months[17] in most Member States). This deadline aligns with lower bounds of current best practices in Europe’s fastest markets, like Danish energy markets[18], where authorities have demonstrated that streamlined processes can deliver complex infrastructure approvals.
- Earmarked sites with ample space for data centres and energy buildouts.
- Redundant backbone fibre links with low latency to safeguard fast and stable connections.
- An initial 200 MW of electrical capacity, expandable to at least 500-1000 MW by 2030, depending on Member States specifics to align with the Commission’s 5-7 year timeline.
- Certified sustainability plans, including working up to 24/7 net carbon-free power procurement.
- A tiered security model supporting a full range of AI use cases—from commercial applications to defence-grade critical systems—with appropriate safeguards at each level.
We further envision two complementary policy interventions to enable successful SCZ implementation:
First, we propose creating a central SCZ Hub within EuroHPC which would monitor SCZ progress, help identify promising sites and resolve cross-border issues. This hub would serve as a technical resource centre, offering expertise in site assessment, permitting process design, and environmental compliance.
Second, we recommend negotiating with the US to support uniform access to AI chips for the entire EU. With the US government recently abandoning its Diffusion Framework controlling the export of advanced AI chips, this is a very opportune time to secure compute access for Member States that previously faced import restrictions. To accommodate American worries about chips being smuggled to China via European countries, we recommend the EU co-invest in and adopt remote attestation technology for AI chips, enabling course-grained, privacy-preserving location verification, avoiding crude export controls and ingraining security mechanisms in the chips themselves.
We believe that a single targeted EU Regulation is the most effective and balanced legislative way to stimulate SCZs. It offers a timely, coherent, and ambitious framework that ensures legal uniformity across Member States, avoiding the delays and fragmentation associated with Directives. This approach is crucial for addressing the security and transparency challenges of AI-enabled cloud infrastructure and fosters regulatory certainty to support large-scale innovation and investment. Although a more comprehensive legislative proposal establishing a new dedicated EU agency further could enhance long-term governance, it carries significant political and financial hurdles. Choosing a targeted Regulation now allows for rapid alignment without precluding future institutional evolution.
Objective 1: capacity
For the EU to triple its data centre capacity over the next 5-7 years, it has to make it radically easier for data centre operators to secure necessary permits, and to expand the pool of attractive sites.
Cutting through the red tape: a single window for all permits
Currently, building a hyperscale data centre in Europe can involve navigating dozens of regulatory procedures across multiple agencies—often taking more than 2 years. SCZs would change that.
Multiple independent authorities
Single-window system
Sequential approvals
Parallel processing
No statutory deadlines
180-day maximum timeline
Case-by-case assessment
Condition-based approval
Presumption against development
Presumption in favour unless challenged
Fragmented digital systems
Unified digital portal
Multiple independent authorities
Sequential approvals
No statutory deadlines
Case-by-case assessment
Presumption against development
Fragmented digital systems
Single-window system
Parallel processing
180-day maximum timeline
Condition-based approval
Presumption in favour unless challenged
Unified digital portal
SCZs establish a default presumption in favour of construction unless formally challenged within, say, 3 months of application. Unlike traditional planning processes that assess each proposal on a case-by-case basis, the establishment of an SCZ would signify that the broader public interests have already been weighed favourably. As such, project approvals would follow a condition-based approach, whereby developments proceed automatically if they meet predefined criteria and standards.
Each zone would operate under a “single-window” permitting system, bringing together all necessary approvals—from land use and environmental assessments to grid connection and construction codes—within one digital portal that different enforcement agencies coordinate on. Statutory deadlines would be imposed: for instance, 90 days for initial completeness checks, 180 days for final decisions. If authorities fail to meet these deadlines, tacit approval would apply. This creates certainty for developers while maintaining environmental and legal safeguards.
Countries like Spain have already successfully experimented with similar ‘rules of positive silence’ to speed up permitting. Following a Royal Decree[19] in 2022, Spain simplified environmental impact assessments for operators who met a few specific criteria. The Energy Transmissions Commission estimates[20] that this measure cut permitting timelines in half, and reports that, following this decree, BloombergNEF increased its Spanish solar capacity forecast in 2030 by 13 GW.
Choosing the Right Sites
While Member States would be responsible for SCZ site selection, EuroHPC could play a supportive and coordinating role. By establishing a SCZ Coordination Hub within EuroHPC, the EU can better track the progress of SCZ’s deployment, offer technical assistance for site identification and permitting, and help Member States coordinate access to EU funding streams (e.g., InvestEU, RRF). This coordination hub could for instance develop site selection tools that can help Member States quickly identify a short-list of potential sites, based on data spanning land use, spare energy capacity, fibre connections, water supply and more.
Site selection should be pragmatic. To accelerate timelines and minimise environmental impact, Member States should prioritise locations such as large brownfield industrial areas near low-carbon power plants, existing transmission infrastructure, and dark fibre connections. Decommissioned coal power plants are particularly promising sites as they possess the necessary grid connections and industrial zoning. Co-locating sustainable power generation on such sites makes for ripe new grounds for datacentre campuses. This strategy will help avoid sensitive zones like Natura 2000 sites and can avoid further potential opposition via early informal consultations. Some Member States are already implementing similar strategies: for example, in Greece, PPC is building data centres in former lignite mines in West Macedonia.
Objective 2: sustainability
AI data centres are inherently energy-intensive. Modern AI training clusters consume tens of MW each, with the largest currently available clusters[21] requiring hundreds of MW—equivalent to the electricity needs of a medium-sized city. To function effectively and sustainably, Special Compute Zones (SCZs) must be underpinned by electricity systems that are powerful, predictable, resilient, and clean.
Energy as a foundational enabler
One practical mechanism to ensure a reliable power supply is through the co-location of clean energy generation. While co-locating need not be mandatory, SCZs should proactively evaluate the potential for integrating on-site clean energy sources, in coordination with Transmission System Operators (TSOs) and National Regulatory Authorities (NRAs). Not only could this help speed up permitting for new data centres, behind-the-meter solutions can also help alleviate grid congestion, a growing problem[22] in many Member States. Under this proposal, energy infrastructure projects that serve SCZs would be designated as priority infrastructure, benefiting from the same 180-day fast-track permitting process as the data centres they support. This regulatory alignment would help overcome structural bottlenecks that have historically slowed both the digital and energy transitions in Europe.
Given the variable nature of renewables, SCZ developers should be incentivized to pursue hourly matching strategies—procuring clean electricity that aligns with data centre consumption on an hour-by-hour basis throughout the year. Where direct on-site matching is not feasible, equivalence can be demonstrated through Power Purchase Agreements (PPAs), securing long-term contracts between data centers and energy providers. This ensures that renewable energy powers data center operations in real time, rather than merely in annual averages.
While renewables provide a low-cost, zero-carbon solution, their deployment must be complemented by dispatchable sources to guarantee around-the-clock operations and maintain grid stability. In the near term, natural gas may serve as a transitional option due to its responsiveness and cost-effectiveness. However, the European Union should more broadly accelerate the development and deployment of sustainable baseload technologies such as Small Modular Reactors (SMRs) and geothermal systems, potentially supported through EU co-financed PPAs. Furthermore, the EU should consider fast-tracking the approval process for reactivating nuclear power plants.
To address legitimate concerns about the environmental impact of large-scale compute infrastructure, data centres operating within SCZs should be subject to transparent, regular environmental reporting. Mandatory disclosures could include:
- Water consumption data;
- A detailed heat reuse strategy, whether implemented on-site or in partnership with external users;
- Hourly CO₂ emissions, reported using location-based methodologies.
These requirements must be streamlined and automated wherever feasible, minimizing administrative burden while ensuring accountability and visibility into the environmental performance of high-intensity compute facilities.
Objective 3: security
As AI systems become integral to the operations of both public institutions and private enterprises, the underlying infrastructure must be treated as critical infrastructure. Sovereign European cloud capacity is no longer merely a strategic aspiration—it is a foundational operational requirement. These imperatives should be directly integrated into the design and regulatory framework of the SCZs.
A tiered security framework
We recommend the SCZ Regulation adopt a three-tiered security model, drawing inspiration from RAND’s AI Security Levels Framework[23]. This model could serve as a precursor to harmonization within a dedicated AI-focused component of the EU Cloud Security Certification Scheme (EUCS)[24]. Compared to traditional cloud services, AI systems pose additional unique security challenges, as models—essentially large arrays of numbers—can be easily exfiltrated without rigorous protections. If AI models are exfiltrated, they can be modified and exploited by malicious actors to cause substantial disruption and harm across various sectors of the economy. A tailored, pan-European AI security standard could establish robust safeguards applicable across a spectrum of AI use cases, ranging from everyday commercial applications to highly sensitive, state-level inferencing.
More concretely, we propose the following tiered system:
- Tier A (Basic): Designed for most commercial AI workloads, this tier would include industry-standard physical and cybersecurity controls like model-weight encryption and mandatory security training for personnel. It roughly maps to RAND SL1–SL2 and could form ‘AI-EUCS Basic’, suitable against low-skill or opportunistic attackers.
- Tier B (Substantial): Tailored for sensitive applications such as large foundation model training. This level would require additional safeguards, automated anomaly detection, penetration testing and zero-trust architectures. It aligns with RAND SL2–SL3 and could form ‘AI-EUCS Substantial’, which defends against cybercrime syndicates and insider threats.
- Tier C (High): Reserved for national or European security-critical workloads—defence, elections, and core public services—this tier would mandate hardware-based security measures, upload limits and rigorous personnel vetting by intelligence agencies. It aligns with RAND SL3–SL4 and could form ‘AI-EUCS High’, capable of resisting state-sponsored cyber threats and intelligence operations.
We propose that every SCZ support at least Tier A capabilities, but that larger Member States and those hosting critical infrastructure should be required to support higher tiers as well. This approach allows Europe to protect its most sensitive digital assets without fragmenting the wider cloud market.
Dynamic designation of critical AI use cases
As touched on above, not all AI use cases warrant the same level of protection. To avoid unnecessary cost burdens and preserve innovation, only a dynamic, EU-level list of critical AI workloads should trigger higher-tier SCZ requirements. This list should be regularly updated by the European Commission in consultation with ENISA and Member States to reflect evolving threat landscapes.
Sensitive domains—such as public health (e.g. the European Health Data Space), national elections, and advanced defence analytics—should be prioritized for initial classification as critical use cases requiring potential Tier B or C protection.
Importantly, non-critical workloads should remain deployable across diverse cloud environments. Imposing blanket sovereignty requirements would risk slowing down Europe’s AI ecosystem. A multicloud strategy—focused on security, legal protection, and flexible contracting—will better serve Europe’s digital resilience than exclusive reliance on national providers.
Secure hardware as a diplomatic lever
Hardware security within SCZs also provides a potential geopolitical advantage. Until recently, EU access to advanced AI chips was constrained under the U.S. AI Diffusion Framework, which imposed export restrictions on multiple Member States amid concerns about potential diversion to adversaries like China. The recent rescission of this framework offers the EU a critical window to renegotiate its position.
We recommend the EU pursue a targeted security-based technology collaboration with the United States centred on hardware-enabled safeguards and remote attestation. These technologies verify hardware integrity and usage, ensuring AI chips are utilized as intended and not diverted to unauthorized parties. By demonstrating that exported AI chips will remain in secure, monitored environments within SCZs, Europe can make a compelling case for preferential access to U.S.-designed semiconductors. This creates a win-win situation: the US gains financially from exporting more chips, while the EU secures and expands its lacking compute base. With US-EU relationships under strain, such a transactional, targeted partnership could further help to stabilise Transatlantic tensions.
Conclusion: A Time-Limited Opportunity
The AI age will not wait. If Europe wants to remain prosperous, safe and maintain its seat at the table of global AI development, it must build the infrastructure that such AI ambitions demand. The window for establishing European competitiveness in global AI is rapidly closing, with every month of delay widening the gap with leading regions.
Our proposed Regulation on Special Compute Zones is not a silver bullet, but it could serve as a crucial keystone. It brings together all the necessary ingredients—scale, speed, sustainability, and sovereignty—under one coherent legislative roof.
The race for AI competitiveness is not just about algorithms or data—it’s also about physical infrastructure. Without decisive action now, Europe risks becoming a permanent consumer rather than a producer of next-generation AI capabilities. Special Compute Zones offer a practical, implementable path to close this critical gap.
Authors
Avinash Kothuri
Advanced AI Researcher
David Janků
Advanced AI Researcher
Jorge Miguel Teixeira
Advanced AI Analyst – Policy
Daan Juijn
Senior Advanced AI Researcher
Endnotes
[1] Corresponding author: d.juijn@cfg.eu
[2] Konstantin F. Pilz, James Sanders, Robi Rahman, and Lennart Heim, ‘Trends in AI Supercomputers’, ArXiv, 2025, available at https://arxiv.org/abs/2504.16026.
[3] European Comission, ‘Call for evidence for an impact assessment – Ares(2025)2878100’, 2025, available at https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/14628-AI-Continent-new-cloud-and-AI-development-act_en.
[4] McKinsey, ‘The role of power in unlocking the European AI revolution’, 2024, available at https://www.mckinsey.com/industries/electric-power-and-natural-gas/our-insights/the-role-of-power-in-unlocking-the-european-ai-revolution
[5] European Comission, ‘The AI Continent Action Plan’, 2025, available at https://digital-strategy.ec.europa.eu/en/library/ai-continent-action-plan
[6] Jack Wiseman, Duncan McClements and Theo Horsley. ‘Getting AI Data Centres in the UK’. Inference Magazine, 2024, available at https://inferencemagazine.substack.com/p/getting-ai-datacentres-in-the-uk?open=false#%C2%A7the-uk-should-create-special-compute-zones
[7] UK Government, ‘AI Growth Zones: expression of interest’, 2025, available at https://www.gov.uk/government/publications/ai-growth-zones-expression-of-interest
[8] Tim Fist, ‘Establishing Special Compute Zones’, The Techno-Industrial Playbook, 2025. Available at https://www.rebuilding.tech/posts/establishing-special-compute-zones
[9] Petropoulos, A; Pataki, B; Juijn, D and Reddel, M, “CERN for AI: The EU’s seat at the table”. September 2024. Available at https://cfg.eu/cern-for-ai-eu-report/
[10] Petropoulos, A; Pataki, B; Juijn, D and Reddel, M, “Building a CERN for AI: An institutional blueprint”. January 2025. Available at https://cfg.eu/building-cern-for-ai/
[11] Ned Stafford, ‘Germany’s Solar Valley’, Chemistry World, June 2010. Available at https://www.rsc.org/images/Germanys%20Solar%20Valley_tcm18-182768.pdf
[12] European Commission, ‘The AI Continent Action Plan’, 2025. Available at https://digital-strategy.ec.europa.eu/en/library/ai-continent-action-plan
[13] Merchant, A. et al., ‘Scaling deep learning for materials discovery’, 2023. Available at https://www.nature.com/articles/s41586-023-06735-9
[14] Dell’Aqua, F. et al, ‘Navigating the Jagged Technological Frontier: Field Experimental Evidence of the Effects of AI on Knowledge Worker Productivity and Quality’, 2023. Available at https://www.hbs.edu/faculty/Pages/item.aspx?num=64700
[15] CFG, ‘Strategic innovation for European security’, 2025. Available at https://cfg.eu/strategic-innovation-for-european-security/
[16] Dylan Patel, Daniel Nishball and Jeremie Eliahou Ontiveros, ‘AI Datacenter Energy Dilemma – Race for AI Datacenter Space’, Semianalysis, 2024, available at https://semianalysis.com/2024/03/13/ai-datacenter-energy-dilemma-race/
[17] European Commission, ‘The AI Continent Action Plan’, 2025. Available at https://digital-strategy.ec.europa.eu/en/library/ai-continent-action-plan
[18]State of Green, ‘One-Stop-Shop to accelerate offshore wind permitting’, 2025. Available at https://stateofgreen.com/en/news/one-stop-shop-to-accelerate-offshore-wind-permitting/
[19] Andrés Alfonso, Ricardo García-Borregón, Alfonso González-Espejo and Soledad Adell, ‘Energy Spain Newsflash’, Ashurst, 2024, available at https://www.ashurst.com/en/insights/energy-spain-newsflash-january-2024/
[20] Energy Transitions Commission, ‘Solution Toolkit: Actions for national/regional governments and policymakers’, 2023, available at https://www.energy-transitions.org/wp-content/uploads/2023/01/Barriers_PP_GovernmentST_vFinal.pdf
[21] Dylan Patel, Daniel Nishball and Jeremie Eliahou Ontiveros, ‘AI Datacenter Energy Dilemma – Race for AI Datacenter Space’, Semianalysis, 2024, available at https://semianalysis.com/2024/03/13/ai-datacenter-energy-dilemma-race/
[22] Netbeheer Nederland, ‘Capacity Map’, 2024, available at https://www.netbeheernederland.nl/netcapaciteit-en-flexibiliteit/capaciteitskaart [in Dutch]
[23] Nevo, Sella, Dan Lahav, Ajay Karpur, Yogev Bar-On, Henry Alexander Bradley, and Jeff Alstott, Securing AI Model Weights: Preventing Theft and Misuse of Frontier Models. Santa Monica, CA: RAND Corporation, 2024, available at https://www.rand.org/pubs/research_reports/RRA2849-1.html.
[24] ENISA, ‘EUCS – Cloud Services Scheme, 2020, available at https://www.enisa.europa.eu/publications/eucs-cloud-service-scheme