Federal Data Center Law Expires Soon, Security Standards at Risk

The Federal Data Center Enhancement Act of 2023, which mandates security, reliability, and sustainability standards for federal data centers nationwide, is scheduled to expire on September 30, 2026. No replacement legislation has been proposed by Congress or the current administration. This lapse comes as the demand for data center capacity surges due to advancements in AI and computing.

Under the expiring act, federal facilities must adhere to protections covering uptime, power reliability, physical and cybersecurity, and resilience against natural disasters. It also emphasizes sustainable energy use. Without a new law, agencies would gain significant latitude in designing and operating future data center projects, potentially aligning with a broader trend towards reduced regulation and expedited approvals for such infrastructure.

The impending expiration coincides with increased public concern over the environmental impact of data centers, including electricity and water consumption. This legislative gap highlights a growing tension between infrastructure expansion and community opposition to new data center developments.

Should no new framework be established before the deadline, individual federal agencies will be responsible for setting their own standards for forthcoming data center projects. This could lead to a patchwork of regulations across the federal government.