Your Questions Answered: What Data Centers and Energy-Intensive Infrastructure Developers and Operators Need to Know

Drawing on the firm’s cross-practice capabilities, we provide clear, practical answers to the most common questions developers and operators have, helping to navigate:

• Regulatory and Tax Considerations: Staying ahead of changing laws and incentives.
• Permitting and Zoning: Understanding local, state, and federal requirements.
• Real Estate and Site Selection: Addressing land use, easements, and title concerns.
• Financing Structures: Mitigating risk and optimizing capital strategies.
• Environmental and Sustainability Compliance: Meeting evolving local, state, and federal requirements and ESG standards.

Our lawyers and policy professionals are ready to help you reduce risk, accelerate development, and ensure compliance across every phase of the data center project lifecycle.

Click below to view the various topics: 

• Fundamentals
• Federal and State Energy Regulatory
• Environmental and Permitting
• Intellectual Property
• Data Privacy

Fundamentals 

What Is Energy-Intensive Infrastructure?

“Energy-intensive infrastructure” refers to facilities or operations that require substantial amounts of electrical power to function. Examples include data centers, manufacturing plants, and other industrial operations with consistently high energy demand. Some jurisdictions define these facilities as having a certain megawatt (MW) threshold; for example, Texas defines an energy intensive facility or large loads as being 75 MW or greater. 

What Is Driving the Growth of Data Centers and Energy-Intensive Infrastructure?

The rapid expansion of data centers and energy-intensive infrastructure is fueled by advancements in artificial intelligence (AI), cloud computing, onshoring manufacturing, and heightened national security concerns. These factors combined create an urgent need for high-performance, reliable facilities that can support modern digital workloads and safeguard critical data, accelerating development across the sector.

What Are the Biggest Challenges Currently Faced by Data Centers and Energy-Intensive Infrastructure?

Data centers and energy-intensive infrastructure face major challenges, including network interconnection and timing issues, high power demand and flexibility, water supply management, backup power reliability, environmental compliance, zoning restrictions, and data security risks. Additionally, regulatory and permitting hurdles often arise when facilities seek to develop their own primary energy generation. These obstacles impact operational efficiency, compliance, and sustainability across the sector

What Legal and Regulatory Frameworks Govern the Operation of Data Centers and Energy-Intensive Infrastructure?

Operations of data centers and energy intensive infrastructure are governed by complex federal, state, and local regulations, including environmental laws, zoning codes, data privacy regulations, and energy procurement standards. Compliance with these frameworks is essential for legal and operational stability. Not only must facilities meet local regulatory requirements, but there are state and federal requirements as well as grid operator requirements which are often not aligned with one another. Such frameworks include:

1. Environmental Laws: Compliance with statutes such as the Clean Air Act, Clean Water Act, and National Environmental Policy Act (NEPA) is mandatory. Developers often need Environmental Impact Assessments (EIAs) to evaluate emissions, water usage, and ecological impact.\\
2. Zoning Codes: Local ordinances govern site selection, building height, noise levels, and proximity to residential areas. Special permits may be required, depending on jurisdiction, due to the high energy and water consumption of data centers. 
3. Federal and State Regulatory Requirements: There are currently no comprehensive federal standards in the United States that apply specifically to data centers or other energy-intensive infrastructure. In the absence of federal standards, states have taken the lead in developing and implementing policies, regulations, and incentives governing data centers. More information on such standards can be found in the US Federal and State Energy Regulatory section below. 
4. Data Privacy and Cybersecurity Regulations: Data centers must comply with domestic US data protection laws, including state privacy statues, and global laws such as GDPR. More information on such standards can be found in the Data Privacy section below.
5. Energy Procurement Standards: Operators negotiate Power Purchase Agreements (PPAs) to secure reliable and sustainable energy, which often involves strategies to mitigate grid constraints. 
6. Grid Operator Compliance: Facilities must meet North American Electric Reliability Corporation standards and local grid codes to ensure safe interconnection and prevent instability. Compliance includes technical standards for parallel generation and cybersecurity protocols for distributed energy resources

What Is “Co-Location?”

Co-location refers to arrangements in which large consumers of electricity, such as data centers, are strategically located at existing or planned power generation facilities. This arrangement creates a shared point of interconnection, allowing the energy-intensive infrastructure to benefit from dedicated power capacity and improved reliability behind the shared point of interconnection. In some jurisdictions, like Texas, this co-location arrangement can help the electricity consumer avoid certain transmission charges. Co-location also offers grid stability, improving resilience during peak demand, and supports efficient land use to accelerate permitting. 

Federal and State Energy Regulatory

How Are the Federal Energy Regulatory Commission (FERC), States, and Grid Operators Addressing the Regulatory and Operational Challenges Faced by Data Centers and Energy-Intensive Infrastructure?

Currently, there are no comprehensive federal standards in the United States specifically applicable to data centers and energy-intensive infrastructure. However, FERC is actively reviewing issues related to the co-location of these facilities, focusing on interconnection processes, cost allocation, and market participation rules for large loads. States have taken the lead in shaping and implementing policies, regulations, and incentives for data centers. This has resulted in a fragmented regulatory landscape across the country. Grid operators, such as Independent System Operators (ISO) and Regional Transmission Organizations (RTO), have been working to address these issues through their stakeholder processes while also focusing on resource adequacy, grid reliability, load forecasting, and cost allocation. With generation that is co-located, state issues related to the sale of power become very important when structuring the arrangement. 

What Are the Jurisdictional Boundaries Between FERC and State Authorities Regarding Co-Location Arrangements, and How Do They Impact Data Center Operations?

Under the Federal Power Act (FPA), FERC has jurisdiction over the wholesale electricity sales and transmission in interstate commerce, and has authority over the rates, terms, and conditions for such wholesale transactions and associated facilities. FERC’s authority also extends to practices "directly affecting" wholesale rates, including generator interconnections to the transmission system, grid reliability, capacity markets, and cost allocation affecting the wholesale market.

The FPA expressly reserves to states the authority over any other sale of electricity, including retail sales and wholesale sales not in interstate commerce. This means that states generally have the authority to regulate retail electricity sales to end-use customers; determine which entities are legally permitted to provide electricity supply to retail customers; review siting and grant permitting for generating resources; and determine the state’s generation resource mix. 

As applied to data center operations, retail power sales made directly from a generator to a data center typically fall under state jurisdiction, not FERC oversight.

What Are the Cost Implications for Data Centers and Ratepayers Under a Utility’s Tariff for Grid Upgrades Built to Serve Data Centers’ Load When That Load Never Fully Materializes?

Cost responsibility depends on several factors, including the level of grid connectivity, whether the load takes network service, and the grid operator’s interconnection rules. The laws and regulations surrounding cost allocation are rapidly changing at both the federal and state levels. 

A utility tariff outlines the rates, rules, and conditions for a utility company's services. It determines how customers are charged based on their usage and includes various charges like fixed fees, usage rates, and regulations. Generally speaking, utility tariffs typically include a load ratio sharing mechanism that requires the retail customer requesting service to pay for all, or a portion of, the system upgrades needed to serve the load. It also requires certain other retail customers to pay for their pro rata use of the upgrades to the extent the upgrades benefit them. If the requesting customer’s load never materializes or only partially materializes—and no other customers benefit from the facilities—the initial customer is usually responsible for all or most of the upgrade costs. However, upgrades that provide system-wide benefits are typically socialized among all ratepayers.

Can a Co-Located Generator Directly Supply Power to the Data Center Without Violating the Incumbent Utility’s Exclusive Franchise to Serve Load Within its Territory?

Sales between a co-located generator and a data center are governed by state law, so an analysis of the specific state’s rules is required. In most states, laws restrict when and how load can be served by an electric supplier other than the franchised public utility. Typically, the franchised public utility has the exclusive right to serve load within its service territory. Unless a state-law exception applies—such as a “private use” exception or “landlord” exception—co-located generators generally cannot supply power directly to the co-located load without the franchised utility’s cooperation. In areas open to competition, such as ERCOT, a detailed review of local requirements is still necessary because even competitive markets may include franchised service territories.

How Can a Data Center Developer Get Involved at the Public Utility Commission in Their Chosen State?

The best way to get involved is to track active and upcoming regulatory proceedings at state public utility commissions, such as rulemakings, rate cases, rate reconciliations, and Integrated Resource Planning and to actively engage with the state commission. Some of these proceedings may require the developer to actively intervene and become a party, while others have more informal participation requirements.  

State public utility commissions also host policy sessions that allow members of the public and select entities to voice their interests and concerns to the commissioners. 

What Are Options for Backup Generation?

Options for backup generation will depend on federal, state and local permitting, including environmental and regulatory laws. With respect to regulatory requirements, some states required independent power producers, including backup generators, to obtain permits from the state’s utility commission. An analysis of the specific state requirements for backup generation, which can include diesel, natural gas, and batteries, is required.  

What Are the Tradeoffs and Legal Risks for a Developer in Choosing Between Pursuing Co-Location and Direct Grid Power?

The primary advantage of co-location is accelerated speed to market. Connecting a new data center to the grid often takes years due to various studies and construction upgrades needed to add the load to the grid. Co-location helps bypass some of these time-consuming processes by placing facilities near existing power sources. By locating near a power source, the developer can guarantee a stream of power that is not curtailed by congestion or other grid constraints. In some geographies, co-location can also help the load avoid some transmission costs. While co-location can provide several benefits, co-location currently faces a great deal of regulatory uncertainty as regulators are continuing to develop rules and regulations applicable to these types of arrangements. Additionally, unless a state-law exception applies—such as a “private use” exception or “landlord” exception—co-located generators generally cannot supply power directly to the co-located load without the franchised utility’s cooperation.   

What Are the Benefits of a “Sleeving Arrangement” and How Should I Structure Them When Procuring Power to Serve my Data Center?

A sleeving arrangement is a contractual structure where a licensed utility or energy service provider acts as an intermediary between the power generator and the power consumer. The utility “sleeves” the electricity by taking delivery from the generator and then supplying it to the consumer under the consumer’s existing supply agreement. In certain circumstances, these arrangements provide a useful mechanism for procuring power from an unfranchised electric supplier without violating the utility’s franchised right to serve load within its boundaries. Under a sleeving arrangement, an unfranchised power seller would sell power at wholesale to an entity authorized to make retail sales in that geographic area (such as an investor-owned public utility, cooperative, or municipality), and that intermediary buyer would then sell that same power to the ultimate end use customer (the data center load). This results in the sale of electricity between the power generator and the “sleeving” party being a wholesale sale and the sale of power between the “sleeving” party and the power consumer being a permissible retail sale.

Environmental and Permitting

What Environmental and Permitting Challenges do Data Center and Energy-Intensive Infrastructure Developers Commonly Face?

Key environmental and permitting hurdles during project development typically involve: 

1. Securing local zoning and land use approvals, which often requires addressing community concerns and overcoming potential opposition; 
2. Obtaining dependable water supply and the necessary permits or regulatory clearances for usage; and 
3. Acquiring permits for any on-site power generation systems—whether natural gas, diesel, solar, wind, or battery storage—to ensure compliance with environmental and operational standards.

If natural gas or diesel generators will be brought to the site to supply power (either as a primary or back-up power source), permitting can be a significant gating item. Other potential challenges include construction stormwater permitting, spill prevention and control, wetland and stream crossing permits, threatened and endangered species protections, and historic and cultural resources consultation requirements.

Will a Particular State’s Climate Legislation Allow My Project’s Co-Located Generation to be Built?

It is important to be aware of a state’s climate legislation and associated regulations, which can provide both opportunities and requirements depending upon the state and the type of proposed co-located generation system. To advance efforts to reduce greenhouse gas emissions and meet state carbon reduction goals, certain states offer incentives such as increased funding, tax deductions, and eased regulatory requirements for the installation of renewable energy generation systems, including those that can be utilized by data centers. 

Conversely, some states have imposed carbon cap-and-trade systems, carbon reporting and disclosure requirements, and more stringent regulatory requirements for energy generation systems that could potentially increase carbon emissions. While all states will allow co-location of various types of energy generation, certain types of facilities may be significantly more expensive to install and operate in states that have implemented climate legislation than others.

What Are the Benefits and Risks to Utilizing the Recently Announced Expedited National Environmental Policy Act (NEPA) and Regulatory Processes at Various Federal Agencies for Developing Data Center-Related Energy Infrastructure Projects?

Recent Supreme Court precent has prompted the federal agency responsible for the general coordination of NEPA, the Council on Environmental Quality (CEQ), and several key federal agencies—including the Department of the Interior, Department of Transportation, and the US Army Corps of Engineers—to implement regulations to streamline the NEPA process, shorten NEPA review timelines, and limit the scope of what needs to be considered in NEPA analysis.

In July 2025, the Trump Administration also directed CEQ to establish new categorical exemptions under NEPA for qualifying data center projects. Such categorical exemptions could provide significant benefits to expediting data center projects, as they can reduce or eliminate the need for federal environmental review associated with federal permits needed for such projects. However, project opponents may seek to challenge the utilization of such categorical exemptions and/or an expedited NEPA process. If a project seeks to utilize an expedited NEPA process and/or categorical exemption, it should ensure that there is proper justification in the administrative record supporting that the project meets the requirements for the categorical exemption and has taken steps to avoid and minimize any associated environmental impacts. 

While these developments may significantly reduce or eliminate the need for federal environmental review under NEPA, a project may still need to comply with state environmental review requirements in certain jurisdictions. 

How Can Data Center Developers Effectively Engage With Government Officials and Communities to Secure Necessary Approvals?

An important step in securing necessary government approvals is to proactively develop an engagement strategy prior to the submission of your applications. This should include engaging with key government officials and communities early in the process to identify community needs, developing a community benefits package, and addressing potential concerns. Map out critical stakeholders—such as labor unions, trade associations, chambers of commerce, and other influential groups—that can be enlisted to potentially support the project. Prior to community engagement, developers should have a plan to address common environmental concerns, including questions concerning water and energy use, carbon emissions (to the extent applicable), aesthetic concerns, and potential impacts or benefits to the regional electrical grid. Given the number of approvals needed for data center projects, a data center developer should prepare a permitting strategy that maximizes an efficient review process, with concurrent review by relevant government agencies to the greatest extent possible.

How Can I Navigate Local Opposition or Community Concerns Related to Data Center Development?

Strategic community engagement is critical but will vary significantly depending upon the community character, geographic region, and the community’s familiarity with data center projects. For example, in areas without prior data center development, companies may need to address misconceptions, while in regions with significant development, concerns about oversaturation or cumulative impacts may arise. Building an understanding of the community and key stakeholders before submitting applications is a best practice. Active listening helps identify concerns, and flexibility can go a long way toward addressing reasonable concerns. It is also helpful to understand the goals and objectives of potential opponents to distinguish those that are willing to discuss ways that the project can be improved to address their concerns from others who are simply opposed to any development of data centers in their area. Coordinated outreach through social media, participation in local community events, developing a project-specific website, and timely responsiveness to community questions are all important aspects of a successful outreach campaign. To the extent that a company is unable to avoid local opposition, ensure that concerns and issues raised by project opponents are addressed in a timely fashion in the administrative record to provide evidentiary support that can be relied upon in the event of an administrative appeal or litigation challenging project approval.

Intellectual Property

How Should Data Centers Proactively Manage Intellectual Property (IP) Issues That Can Arise in the Design, Development, and Deployment of Cutting-Edge Technologies?

Data centers encounter IP risks throughout their operational lifecycle. During the design phase, patent clearance becomes critical when centers select cooling systems, power management solutions, and server configurations. Before committing to specific technologies, most centers benefit from freedom-to-operate analyses. As development progresses, trade secret protection requires attention, particularly for proprietary server configurations and cooling algorithms. At this stage, centers should establish invention disclosure processes and pursue patent applications for novel solutions.

During deployment phases, licensing negotiations often drive the process. Data centers need agreements covering third-party software, hardware systems, and integrated solutions. Throughout operations, patent monitoring provides early warning of potential conflicts. Regular analyses help identify emerging patent threats and opportunities. Meanwhile, documentation practices should capture technical innovations and prior art. Employee invention policies prevent ownership disputes. Over time, centers can build defensive patent portfolios through systematic prior art collection and strategic prosecution.

What Legal Considerations Should Be Addressed When Protecting IP in Data Center Mergers and Acquisitions? 

IP due diligence can shape transaction value and structure. Buyers need comprehensive audits covering patent portfolios, trademark registrations, copyright assets, and trade secret programs. Early in the process, ownership verification prevents post-closing disputes. License agreements often contain change-of-control restrictions that trigger renegotiation requirements. Additionally, pending litigation and patent challenges create valuation uncertainties.

During documentation, transaction documents should address IP representations, warranties, and indemnification provisions. Escrow arrangements provide security for IP-related claims. Employee retention becomes critical when key inventors and technical personnel hold institutional knowledge. Post-closing, integration planning must preserve trade secret protections and prevent inadvertent disclosures. Finally, antitrust concerns may arise when patent portfolios create market concentration or enable anticompetitive licensing practices.

What Are the Potential Patent or IP Considerations for Organizations Deploying Artificial Intelligence (AI) or Developing Data Center Facilities?

AI deployment creates substantial patent exposure across multiple areas. Neural network architectures, training methodologies, and inference algorithms face extensive patent coverage. Furthermore, hardware acceleration through graphics processing units (GPUs), tensor processing units (TPUs), and custom silicon involves complex patent landscapes. Data processing techniques and optimization methods trigger additional infringement risks. Moreover, open-source frameworks carry hidden patent obligations through contributor agreements.

Similarly, data center construction involves patented technologies across multiple systems. Cooling innovations, power distribution architectures, and server rack designs face patent protection. Virtualization software and management systems require license clearance. Patent searches should occur prior to technology selection and implementation. Licensing strategies help navigate essential patents from major technology holders. Nonpracticing entity (NPE) activity targets both AI implementations and data center operations. Patent monitoring and clearance procedures reduce litigation exposure.

Data Privacy

What Legal Risks Do Data Centers Face Regarding Data Privacy Compliance?

Privacy compliance failures expose data centers to regulatory enforcement, private litigation, and contractual liability. Under GDPR, processor obligations include impact assessments, breach notification requirements, and data deletion duties. Similarly, California Consumer Privacy Act (CCPA) service provider restrictions limit data use and require opt-out mechanisms. Privacy laws in Virginia, Connecticut, and other jurisdictions create additional compliance burdens.

Regarding international operations, cross-border data transfers require legal mechanisms such as standard contractual clauses or adequacy decisions. Regulatory enforcement actions carry significant fines and operational restrictions. Additionally, private litigation under US state privacy statutes enables class action exposure through statutory damages. Contractual liability arises when compliance failures breach customer agreements. Insurance coverage disputes emerge from privacy-related claims. International operations create jurisdictional conflicts and competing legal requirements. Consequently, privacy programs should address data mapping, retention policies, and vendor oversight.

What Is the Impact of Data Handling Considerations on Data Center Compliance With International Data Privacy Laws? 

International data transfers involve complex legal frameworks with diverse requirements. The European Union’s adequacy decisions apply to only a limited number of countries, often requiring organizations to rely on Standard Contractual Clauses (SCCs) or Binding Corporate Rules (BCRs) for compliance. In contrast, data localization laws in jurisdictions such as China and Russia mandate that certain data be processed within national borders. Additionally, sectors like financial services and healthcare face industry-specific transfer restrictions.

From a technical perspective, safeguards including encryption and pseudonymization support compliance but create key management obligations. Cloud architectures complicate data location tracking and controller-processor relationships. Government access laws create tensions between local disclosure requirements and origin-country blocking statutes. 

To address these challenges, data processing agreements should specify cross-border transfer mechanisms and safeguards. Regular data flow mapping exercises should be conducted to track international movements. Regulatory changes affect transfer mechanisms and require ongoing monitoring.

What Legal Considerations Should Data Centers Address When Negotiating Licenses for Proprietary Systems and Software?

Software licensing agreements create privacy obligations that go beyond traditional IP concerns. When data centers serve as processors or sub-processors, data processing roles must be clearly defined. Data protection addenda should specify processing purposes, security requirements, and breach procedures. Obligations regarding data retention and deletion remain in effect even after contract termination. 

Vendor selection should involve comprehensive due diligence, including assessment of privacy certifications, security audits, and prior breach history. International data transfers within licensing arrangements require appropriate legal mechanisms. During vendor selection, due diligence should examine privacy certifications, security audits, and breach history. Liability provisions must account for privacy violations and regulatory penalties. Audit rights enable oversight of privacy and security practices. Government access provisions address law enforcement requests and national security obligations. Privacy insurance requirements and coverage assignments help manage financial exposure. Termination clauses should specify data return and destruction procedures. After contract execution, ongoing vendor monitoring ensures continued compliance.