UK and EU data centres face planning, power and cyber risks

Data centre demand tied to AI and cloud computing is pushing UK and EU projects into a more complex regulatory environment. In England, large-scale facilities can now seek approval through the nationally significant infrastructure projects regime and the development consent order process, but uncertainty remains over the thresholds for national significance until a dedicated national policy statement is consulted on and adopted. Changes to planning policy may also open lower-value green belt land, while environmental impact assessments face closer scrutiny over energy, water and carbon mitigation.

The UK’s AI Growth Zones are intended to speed planning and grid connections in Oxfordshire, the North East, North and South Wales and Scotland, but grid access remains a central constraint. Sites must demonstrate access to 500MW of power by 2030 to qualify, creating a circular problem for developers that need designation benefits to secure the required capacity. A proposed £2 billion data centre at Wapseys Wood, Buckinghamshire, is expected to test how the government balances net-zero duties with AI growth ambitions.

Operators also face rising community, copyright and cyber exposure. Planning opposition has focused on noise, traffic and environmental impacts, with poor engagement linked to delays and opposition in 26 planning applications. Copyright disputes over AI training data may create disclosure, injunction and liability risks for hosting providers, while new UK and EU cyber rules and insurance exclusions are increasing pressure around outages, supplier due diligence and service level agreement claims.