The Federal Government’s Data Centre Strategy – A Roadmap for Germany’s Digital Infrastructure

Within the field of energy and sustainability, the Federal Government correctly identifies the availability of electricity as a bottleneck for the establishment of (additional) data centres in Germany. It therefore proposes various measures aimed at optimising processes and procedures.

It is, in principle, to be welcomed that transmission system operators (TSOs), in whose networks large data centres could be connected, are to be granted additional scope to reserve capacity for data centres. However, the precise design of such scope remains unclear. The same applies to the initiative to have network operators, together with the industry, develop uniform technical requirements for grid connections across Europe.

The Federal Government’s strategy appears to point towards a reorientation of the TSOs’ capacity allocation procedures, potentially including advantages or even priority rules for data centres. However, the TSOs have already presented a fundamentally revised capacity allocation procedure, transitioning in their recently published joint paper outlining the transition from the ‘first come, first served’ principle to a new ‘maturity-based procedure’. According to the TSOs, this is to be implemented as early as April 2026. The TSOs are therefore likely to take particular interest in the Federal Government’s announced proposals to revise capacity allocation procedures.

The announced proposals relating to the revision of capacity allocation procedures of the distribution system operators (DSOs) may prove even more significant. Given the large number of German DSOs, their procedures are often described as a ‘patchwork’. Measures aimed at harmonising procedures, improving efficiency in the use of existing capacities and ensuring maximum transparency are therefore likely to be positively received by connection applicants.

The proposed development of an industry standard for flexible connection agreements (FCAs) has long been advocated, not only in relation to data centres. FCAs are intended to enable connections even where full capacity is not yet available, with capacity increasing incrementally over time. In practice, however, step-by-step capacity expansion is already commonly provided for in data centre development planning. Standardisation initiatives by certain DSOs are also already at an advanced stage.

The structural problem that in many regions of Germany there is currently insufficient grid capacity to enable a systematic expansion of data centres, an issue which cannot be resolved without substantial grid expansion, is not addressed by the measures outlined in the strategy.

The Federal Government also aims to improve Germany’s competitiveness with regard to electricity costs. This is to be achieved, on the one hand, through the continuation of general federal subsidies for financing the expansion of renewable energy (EEG) and for reducing grid charges. On the other hand, data centres are to be included in electricity price compensation schemes. However, this requires prior recognition of additional eligible sectors by the European Commission under state aid rules.

At the same time, the Federal Government envisages that the positive contribution of data centres to grid stability – particularly due to their stable and continuously high electricity consumption – should be taken into account in the grid charges system developed by the Federal Network Agency (Bundesnetzagentur – BNetzA) as part of the ongoing AgNES process. The AgNES process serves to redesign the legal framework governing how network operators allocate the costs of operating the grid to users through grid charges. Grid charges are a key component of electricity prices and thus a significant cost factor for data centres. Preferential consideration in the future grid charging system would therefore likely be welcomed by developers and operators. However, the BNetzA, as the authority responsible for the AgNES process, must act largely independently of legislative and, a fortiori, political influence, as clearly established by the Court of Justice of the European Union (CJEU). The relevant CJEU judgment of 2021 was, in fact, one of the triggers for the AgNES process. It therefore remains questionable to what extent the Federal Government can influence a process that lies solely within the BNetzA’s remit.

The strategy also addresses, within the field of energy and sustainability, the increase of energy efficiency and the enhanced use of waste heat. The Energy Efficiency Act (Energieeffizienzgesetz – EnEfG) already imposes stringent requirements in this regard. In particular, operators are required to cover a substantial proportion of their electricity demand, on a balance sheet basis, from renewable energy sources, with full coverage envisaged from 2027 onwards. In practice, however, considerable challenges arise, including the availability of renewable energy, limited grid connection capacities and the economically and technically viable use of waste heat. In addition, there is a complex interplay of various statutory obligations, implementation timelines and sanction mechanisms. These requirements are interlinked, subject to short and, in part, rigid deadlines, and backed by administrative fines of up to EUR 100,000. Practical experience already shows cases in which operators were not fully aware of the scope of individual obligations and had to retrospectively undertake extensive compliance efforts.

Against this background, the Data Centre Strategy explicitly addresses the need for a more practice-oriented design of existing requirements. In particular, discussions focus on how the use and transfer of waste heat can be facilitated and made economically viable, including potential tax incentives. In parallel, a structured dialogue between data centre operators and the energy sector is to be established. The aim is to develop a sustainability framework that reconciles environmental requirements with investment and planning certainty. In this context, the role of in-house energy generation by data centre operators is also considered.

Furthermore, an amendment to the Energy Efficiency Act in the course of implementing the revised EU Energy Efficiency Directive is foreseeable. While targeted relief measures appear possible, the overall level of regulatory ambition is unlikely to change.

While the energy issue is central, the availability of suitable land – particularly from a planning law perspective – is equally decisive. Accordingly, under the ‘location and land’ field of action, sites for data centres are to be identified and developed at an early stage. This includes, inter alia, the designation of preferential areas, for example at particularly suitable sites such as former power plant or mining areas. To support municipalities in selecting suitable sites, a catalogue of criteria is to be developed. A key criterion is connectivity: high data transmission speeds are essential for data centres. Accordingly, the expansion of data centres goes hand in hand with the expansion of telecommunications and fibre networks. The Telecommunications Act (Telekommunikationsgesetz – TKG) is therefore to be supplemented by simplifications for fibre rollout. This may particularly benefit structurally weaker regions. The Federal Government also takes up the concept of clustering, whereby the entire value chain is concentrated at a single location in order to simplify planning and infrastructure.

In addition, a ‘practicality check’ is envisaged to review the existing legal framework governing permitting and planning procedures with a view to acceleration and further digitalisation, while maintaining environmental standards. In practice, however, environmental law requirements are often the primary source of delay, as procedures must take into account a wide range of interests, including soil, water, nature conservation and immission control (e.g. noise), typically requiring expert assessments. Rather than focusing solely on formal procedural acceleration, it would be desirable to simplify requirements at a substantive level. Nevertheless, the intention to promote exchange between the federal states and to compile ‘best practices’ is to be welcomed. Equally, experienced (legal) project management on both sides, as well as increased staffing in authorities and municipalities, would be beneficial for handling projects of this scale efficiently – although this is not addressed in the strategy.

There is no legal entitlement to the creation of planning law for the benefit of data centres. Municipalities are, in principle, free to decide whether to designate land for data centres. A key lever for increasing their willingness to do so lies in financial participation: a fairer allocation of trade tax revenue could enhance acceptance of data centres. Data centres require substantial land and consume significant amounts of energy. Municipalities therefore face considerable burdens when hosting such facilities, while often perceiving limited local benefit, as data centres typically create only a small number of jobs. Core staff are usually employed at the company’s headquarters. As a result, municipalities hosting only the data centre benefit only to a limited extent from trade tax revenues, due to the allocation formula based on payroll. Consequently, many municipalities prefer to allocate scarce commercial land to other types of businesses.

Against this background, the Federal Government is considering increasing the share of trade tax revenue allocated to municipalities hosting data centres. This is to be achieved through a rule analogous to the special allocation rules applicable to facilities generating electricity and other energy carriers, as well as heat from wind and solar energy, and certain energy storage facilities. Similar issues arise in those sectors without such special rules. However, existing special rules apply only where the activity is carried out ‘exclusively’. This exclusivity criterion creates structuring opportunities that data centre operators could also utilise. It therefore remains to be seen whether the legislator will seek to restrict such structuring possibilities.

At present, it is unclear whether and when a statutory special rule for data centres will be introduced. However, operators already have the option of agreeing with the municipalities involved on an allocation method deviating from the standard payroll-based formula, provided all parties agree.

Independently of trade tax considerations, some municipalities are considering negotiating so-called compensation payments with operators as part of bilateral settlement agreements. If a legally robust framework can be established, this may provide an additional incentive for municipalities to support data centre projects.

Within the field of ‘technology and sovereignty‘, the German Federal Government focuses on expanding sovereign AI, cloud and edge capacities, establishing at least one AI gigafactory and creating a sovereign cloud platform for AI applications as part of the ‘Germany Stack’. In terms of contractual and sales practice, this implies: AI gigafactories and new AI data centres will increasingly be marketed not as one-off investments but through long-term lease, usage and ‘as-a-service’ agreements with recurring remuneration. Under commercial law, these are long-term, mixed-type continuing obligations. Key contractual issues include clear service descriptions and service level agreements, transparent pricing models, balanced term and termination provisions, as well as explicitly regulated scaling options. It remains to be seen whether the strategy can be translated into economically viable and marketable standard models, or whether political ambition and technological dynamics will lead to contractual relationships requiring continuous renegotiation.

In addition, specific sovereignty requirements must be properly reflected in contracts: data localisation within the EU, the use of trustworthy components and manufacturers, restrictions on extraterritorial access, and high standards for availability, information security, geo-redundancy and confidentiality, particularly for security agency and other critical applications. In practical terms, this means: commitments regarding data localisation and supply chain compliance, extensive audit and information rights, and strictly regulated subcontractor chains that must be passed through on a ‘back-to-back’ basis along the entire supply chain (operator – integrator – end customer). This is precisely where political requirements quickly clash with the reality of standardised cloud GTC, global supply chains and limited negotiation leverage within channel structures.

The planned AI gigafactory, as a predominantly commercial yet politically driven project, raises additional questions regarding capacity allocation and prioritisation. There is a lack of clear guidelines on how capacity will be allocated between the state and the private sector, how priorities are to be set during bottlenecks and how capacity reservation obligations in favour of public sector customers are to be remunerated. Contracts should therefore explicitly regulate capacity reservations, priority levels, bottleneck scenarios and compensation mechanisms. Otherwise, significant conflicts and liability risks will arise.

The opportunity lies in developing scalable and legally robust contractual and commercial models for sovereign AI and cloud services at an early stage. Conversely, the risk lies in a sovereignty agenda which, without practical contractual building blocks, results in a contractual landscape that is virtually impossible to predict for investors, operators and distribution partners.

Germany and Europe are currently heavily dependent on hyperscalers in the fields of cloud, AI computing and key hardware components. Public contracting authorities procuring AI or cloud services today typically purchase from providers whose infrastructure is subject to US law, with implications for data sovereignty, information security and effective control. The political response is ambitious: a sovereign cloud platform for the federal administration, the establishment of an AI gigafactory and binding requirements for European value creation in the construction and operation of data centres. In practice, this is primarily a matter of public procurement law – and one that offers more flexibility than many contracting authorities assume. In March 2025, the CJEU clarified that bidders from third countries without a procurement agreement with the EU have no right to participate in procurement procedures and cannot rely on EU procurement directives. Contracting authorities are therefore free to decide whether to admit or exclude such bidders, provided this is properly documented and specified in the tender documents. However, this lever is of limited use with regard to dependence on US hyperscalers, as the United States is a member of the WTO Government Procurement Agreement (GPA). US providers therefore generally enjoy the same access rights as European bidders, and a blanket exclusion is not permissible. If genuine sovereignty vis-à-vis dominant US providers is to be achieved, contracting authorities must instead rely on the more effective – but also more demanding – instrument of carefully designed qualification and award criteria. Data localisation requirements, information security and confidentiality standards, interoperability and open-source requirements, as well as the exceptions under Sections 107 et seq. of the German Act against Restraints of Competition (GWB), are the key levers through which sovereignty can be implemented in procurement practice. The announced sovereign cloud platform as part of the ‘Germany Stack’ and the AI gigafactory as a public-private partnership involving EuroHPC are projects where the success or failure will depend on precisely this type of careful legal structuring. In short: sovereignty is possible under procurement law – but it must be implemented with precision.

As the importance of digital infrastructure increases, so do the requirements for its resilience against disruptions and attacks. Operators of large data centres in Germany are subject to a complex framework of requirements relating to critical infrastructure protection, IT security and, in some cases, telecommunications law. Whether a data centre qualifies as critical infrastructure depends primarily on its significance for supply. Operators are essentially required to implement comprehensive security and resilience management systems. This includes risk analyses, technical and organisational protection measures, continuous monitoring systems, and emergency and recovery plans. These obligations are complemented by reporting and verification requirements vis-à-vis authorities: security incidents must be reported promptly, and the effectiveness of measures must be regularly reviewed. 

For operators, the conclusion is clear: resilience is an ongoing management responsibility. Operators of critical data centres must adopt an integrated approach to security, operational continuity and organisational processes. Otherwise, they face not only operational disruptions but also significant regulatory consequences. This is all the more relevant, as the Data Centre Strategy indicates that resilience requirements may, in future, be extended beyond large, already regulated facilities. Smaller data centres that have not previously been in focus could therefore fall within scope. If implemented correctly, this offers an opportunity to establish a consistently high level of security and position Germany as a leader in cyber resilience for digital infrastructure.

The National Data Centre Strategy is not a wish list – it is a roadmap with clearly defined targets, concrete measures and an ambitious timeline: doubling IT connection capacity by 2030, quadrupling AI capacity, establishing an AI gigafactory and creating a sovereign cloud platform for the federal administration. The real work now begins at the intersection of political ambition and legal reality. Grid connection procedures, land allocation, permitting law, state aid frameworks, procurement procedures for cloud and AI infrastructure, and sovereignty requirements in tenders – each of these measures has a legal dimension that will determine success or failure. Operators, investors, technology providers and public contracting authorities seeking to seize the opportunities presented by this strategy should not adopt a wait-and-see approach. The strategy has been adopted. What matters now is not observation, but implementation – and this requires parties who not only understand the legal framework, but are also able to make effective use of it.