46. Gaia-X Basic Labels
The Gaia-X Basic Labels are three clusters of compliance criteria defined in the Gaia-X Labelling Framework. They correspond to: Label Level 1, Label Level 2,Label Level 3, defined as follows:
▪ Label Level 1 – Data protection, transparency, security, portability, and flexibility are guaranteed in line with the rules defined in the Gaia-X Policy Rules Document and the basic set of technical requirements derived from the Gaia-X Architecture Document. For cybersecurity, with the minimum requirement being to meet ENISA’s European Cybersecurity Scheme - Basic Level.
▪ Label Level 2 – This advanced Label Level 2 extends the basic requirements from Level 1 and reflects a higher level of security, transparency of applicable legal rules and potential dependencies. The option of a service location in Europe must be provided to the consumer. Regarding cybersecurity, the minimum requirement will be to meet ENISA European Cybersecurity Scheme - Substantial Level.
▪ Label Level 3 – This level targets the highest standards for data protection, security, transparency, portability, and flexibility, as well as European control. It extends the requirements of Levels 1 and 2, with criteria that ensure immunity to non-European access and a strong degree of control over vendor lock-in. A service location in Europe is mandatory. For cybersecurity, the minimum requirement will be to meet ENISA’s European Cybersecurity Scheme - High Level.