There is a useful test for whether something has become critical national infrastructure. Ask what happens if it stops working. For electricity grids, the answer is obvious, and a century of oversight, rate-setting, reliability standards, and public accountability frameworks emerged from the recognition that the people who control power delivery control something too important for policymakers to leave entirely to market incentives.
Ask the same question about large-scale AI data centers in 2026 and the answer is increasingly identical. Banking systems run on them. Hospital records live in them. Government services depend on them. The telecommunications networks carrying voice, data, and emergency services route through them. A significant and growing fraction of the economic activity in developed economies depends on continuous, reliable access to compute and storage infrastructure that a small number of private operators control. Data center operators are, by any functional definition, utilities. The regulatory frameworks governing them are not, and that gap is widening every quarter that the buildout continues.
The Scale Shift That Changed the Nature of the Business
Colocation and hyperscale data center operations spent most of their history as real estate businesses with a technology overlay. Operators provided space, power, and cooling. Tenants brought their own equipment and managed their own infrastructure. The operator’s obligation was to keep the lights on and the temperature controlled. That is a real estate liability, not a utility liability, and the regulatory environment built around it reflects that framing: planning permissions, building codes, standard commercial lease structures, and the same general corporate accountability that applies to any large private landlord.
The scale and criticality of what now runs inside those facilities has changed the functional nature of the business without changing its legal classification. A mid-tier colocation operator serving a regional hospital network, a municipal government, and a financial services firm is not providing a commodity real estate service. It is providing the infrastructure layer on which those organisations’ operational continuity depends entirely. When that operator’s power delivery fails, hospitals lose access to patient records. When its cooling systems fail during a summer heatwave, the economic activity of an entire region can stall within hours. The liability exposure that creates, and the public interest stakes attached to it, are utility-scale problems dressed in real estate company legal structures. The regulatory environment has not caught up to what the buildings now do.
The Gap Between Function and Regulation Is Growing Every Year
Traditional utilities operate under regulatory frameworks designed precisely because markets alone do not produce the reliability, access, and pricing transparency that critical infrastructure requires. Rate cases, reliability standards, interconnection obligations, service territory rules, and public utility commissions exist because society concluded that private operators controlling essential services need public accountability mechanisms that market competition alone cannot provide. Those frameworks are not perfect, but they exist for a reason that remains valid.
Data center operators controlling equivalent critical infrastructure operate under none of those frameworks. They set their own pricing without regulatory oversight. Capacity decisions are made without any public process, and operators can decline to serve customers, exit markets, or change service terms in ways that a regulated utility legally cannot. Senators Elizabeth Warren and Josh Hawley introduced a bipartisan push in March 2026 for mandatory energy use reporting requirements for data centers specifically because comprehensive data on data center operations does not currently exist in any form accessible to grid planners or policymakers. The operators whose load decisions are reshaping national electricity infrastructure are not required to report what they consume, where they plan to grow, or how their decisions affect local grid stability.
The AI industry’s transparency problem becoming a liability problem is partly a symptom of this regulatory gap: operators whose decisions affect communities, grid stability, and public services have no formal accountability mechanism requiring them to explain those decisions to anyone outside their direct customer relationships. That worked when data centers were one component of a diversified technology supply chain. It does not work when they are the foundation layer everything else depends on.
The Grid Relationship That Accelerated the Problem
The data center industry’s relationship with the electricity grid is the clearest illustration of what happens when utility-scale infrastructure operates without utility-scale accountability. Data centers in the United States now represent the fastest-growing load category on grids designed for a fundamentally different demand profile. They are negotiating power purchase agreements that reshape generation investment at regional scale. They are driving interconnection queue backlogs that delay renewable energy projects for years. In markets like Virginia, Texas, and Georgia, they are the primary driver of electricity price movements that affect residential and commercial ratepayers who have no direct relationship with them and no mechanism to participate in the decisions affecting their bills.
Traditional utilities operating at this scale of grid influence face regulatory oversight that forces them to balance their own operational interests against the interests of other grid participants and ratepayers. Data center operators face no equivalent constraint. The DATA Act introduced in early 2026 by Senator Tom Cotton proposed creating a new category of consumer-regulated utility specifically to address this tension, allowing operators to build off-grid private power systems free from federal utility regulation. That proposal reflects the degree to which federal legislators recognise the functional utility status of large data center operators, even while the instinct is to deregulate further rather than regulate appropriately. The utilities quietly becoming the most important players in AI infrastructure reflects the dynamic from the grid side. The operators signing those long-term power agreements are shaping electricity markets at utility scale while remaining outside the structures that govern utility behaviour.
The Patchwork of Local Responses Is Not a Substitute for a Framework
The regulatory environment around data center operations is already moving, just unevenly and far too slowly relative to the pace at which critical dependency is accumulating. More than 300 data center-related bills were introduced across 30 US state legislatures in the first six weeks of 2026 alone, representing a decisive pivot from incentive-focused policies toward regulatory oversight. Maine considered a statewide data center moratorium. North Carolina introduced legislation shifting grid infrastructure costs to hyperscalers. Wisconsin required data centers to pay their full energy infrastructure bill. Washington and Oregon advanced legislation explicitly requiring data centers to fund the grid upgrades their facilities necessitate. Denver, Logan County, and Minneapolis all moved toward moratoriums or operational restrictions. In the UK, Ofgem is exploring whether data infrastructure’s designation as Critical National Infrastructure requires changes to how grid demand from these facilities is managed.
These are not coordinated policy interventions building toward a coherent framework. They are local and state governments reaching for whatever regulatory tools exist when the frameworks they actually need do not. The result is a patchwork of inconsistent obligations across jurisdictions that creates regulatory arbitrage opportunities for operators, compliance complexity for operators genuinely trying to meet public interest obligations, and no durable solution to the underlying accountability deficit. What is missing is not more moratoriums. It is a coherent regulatory structure that applies reliability obligations, mandatory reporting, public accountability requirements, and ratepayer protection mechanisms to operators whose infrastructure decisions have consequences at the scale policymakers originally created utility regulation to govern.
The Industry Has Been Making a Weaker Argument Than It Realises
The data center industry has spent years arguing that regulatory intervention would slow investment and harm innovation. That argument had some validity when the stakes were lower and the critical dependency was less complete. It is considerably harder to sustain when the infrastructure in question is the operational foundation of hospitals, governments, and financial systems, and when the people making investment and operational decisions about it are accountable only to their shareholders.
The more honest version of the industry argument is not that regulation is unnecessary but that it should be designed well rather than badly. Badly designed regulation, the kind that emerges from patchwork state-level responses and bipartisan Senate pressure without a coherent federal framework, is worse for operators than thoughtfully designed regulation that creates clear obligations, consistent standards across jurisdictions, and a predictable operating environment. The industry has more influence over the shape of the regulatory framework while policymakers are designing it than after political pressure has already built to the point that it produces poorly designed regulation. That window is narrowing. More than 300 bills in six weeks suggests policymakers may already be closing it.
