APAC is building 40% of the world's digital infrastructure. Most of it is going up without the standards that the rest of the world is making mandatory.
In June 2025, the United Nations Environment Programme released guidelines on data centre sustainability and noted that “very few countries currently have comprehensive frameworks in place for sustainable data centre operations.” The sector’s expansion, UNEP warned, was proceeding largely without the governance frameworks needed to manage it.
Most of those countries are in APAC.
By 2030, the region will host 40% of global data centre capacity — an $800 billion buildout, according to Moody’s. Governments have responded with national AI strategies, green data centre initiatives, data protection laws, digital sovereignty frameworks. The announcements have been frequent and, on the surface, substantive.
But announcements are not standards. Measured against what good policy actually requires — on emissions, water, noise, AI safety, and data rights — a pattern emerges worth naming: the policy facade. The law was passed. The strategy was launched. The enforcement mechanism, the measurement standard, the funded regulator — those are missing. Without them, the framework does not govern. It performs.
The EU’s Energy Efficiency Directive requires every data centre above 500kW to report its Power Usage Effectiveness, Water Usage Effectiveness, and renewable energy share annually — to a public database. The EU AI Act mandates conformity assessments for high-risk AI, with fines reaching up to €35 million or 3% of global turnover for violations. China’s standards are binding and specific in its major data centre regions: PUE below 1.3 from 2025, water consumption below 2.5 litres per kilowatt-hour.
These are not aspirations. They are the operational floor that data centre operators in the EU and China must meet today. They are the standard against which APAC should be judged — not against each other.
Enjoying this? Arc Brief in your inbox every Friday.
| Dimension | EU ★ | China | Korea | Sing. | Japan | Aus. | India | Malay. | Viet. | Indo. | Phil. | Thai. |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Energy / Emissions | ||||||||||||
| Water / WUE | ||||||||||||
| Noise / Community | ||||||||||||
| AI Safety | ||||||||||||
| Data Rights | ||||||||||||
| ESG Reporting |
Energy and emissions.Outside Singapore — which mandates WUE disclosure and can revoke permits above 2.5 L/kWh — APAC has no mandatory energy efficiency reporting for commercial data centres. India has no national PUE or WUE standard. Thirty large projects adding 3.5GW of planned capacity were announced between March 2025 and April 2026, all built to the operator’s own standard. Malaysia, Indonesia, the Philippines, and Thailand have nothing equivalent. The region’s facilities will consume 1.70 trillion litres of water annually by 2030 without a reporting framework that would make the scale of the problem visible.
Water.AI workloads are significantly more water-intensive than conventional search — Goldman Sachs research estimated a ChatGPT query consumes roughly ten times the water of a standard Google search. The hubs absorbing APAC’s data centre growth — Hyderabad, Chennai, Jakarta, Johor — are in water-stressed regions. Malaysia’s regulator rejected 30% of new data centre applications in early 2024 citing water concerns. Reactive rejection is not prospective governance. Johor already has a daily water deficit. There is no WUE standard preventing the next cohort from building to the same standard as those rejected.
Noise and community impact. Three countries. Three different mechanisms of resistance. One common absence.
In Japan, data centres are classified as offices, not factories, under the City Planning Act — a single classification that lets them be built in residential-adjacent zones and exempts them from factory noise obligations under the Noise Regulation Law. There are no laws regulating heat discharge from cooling units. In Koto Ward, Tokyo, resident Yuki Mizoi watched a data centre rise directly beside his condominium in 2025 and told Yomiuri Shimbun he feared “noises and waste heat may continue all day.” His building association wrote letters to the developer — because no regulator had jurisdiction. Across greater Tokyo, multiple planned developments have been withdrawn or challenged. The government’s response: non-binding guidelines, published March 2026, noted explicitly by law firm Nagashima Ohno & Tsunematsu as having “no legally binding force.”
In South Korea, community resistance routes through EMF anxiety about the power infrastructure data centres require. Korea records 50 to 100 formal EMF appeals per year against base station infrastructure alone. Transmission line opposition has delayed grid projects by up to eleven years, per IEEFA. A hyperscale campus needing a new substation inherits that opposition. MOTIE’s proposed Power Grid Impact Assessment for data centres — which formally includes “local community acceptance” as a criterion — remains in pilot phase since May 2024.
In Australia, AirTrunk’s proposed $5 billion, 1.2GW campus in Kemps Creek, Western Sydney drew formal objections from a neighbouring school, two Catholic dioceses, a retirement village, and Penrith City Council. On 10 April 2026, the NSW EPA found the Environmental Impact Statement “does not provide the information required to allow us to complete our assessment” — flagging noise, air quality, and proximity to schools and aged care. The same project was fast-tracked by the NSW Investment Delivery Authority.
The cooling systems are always on. The frameworks were written for machines that stop.
AI safety.South Korea’s AI Basic Act (January 2026) is the only binding comprehensive AI law in APAC. It mandates human oversight for high-impact AI in healthcare, energy, and public services, with extraterritorial reach. Everywhere else: Singapore’s framework is sophisticated and voluntary. India’s 2025 AI guidelines recommend internal governance groups with no penalty for ignoring them. Australia’s National AI Plan explicitly declined new mandatory obligations. In hiring AI, healthcare AI, and credit-scoring — all high-risk under the EU AI Act — not a single binding obligation exists anywhere in APAC outside Korea.
Data rights quality.Most APAC governments have a data protection law. The question is what those laws protect. India’s DPDP Rules (November 2025) have no data portability right, limited erasure rights, and broad government exemptions. Indonesia’s 2022 law is modelled on GDPR with no implementing regulation, no Data Protection Authority, and no enforcement history. The Philippines Data Privacy Act is from 2012, predating cloud computing as standard enterprise architecture. The shape of rights exists. The substance is thinner than the announcements suggest.
The facade.A National AI Strategy with no budget line is a communications exercise. A voluntary AI framework no company must comply with is a reference document. A data protection law with no DPA is aspiration. The ASEAN Guide on AI Governance (2020) is cited by every regional government as evidence of coordination; it binds no one. These are rational competitive choices — a binding emissions standard may redirect a hyperscaler to a lower-compliance market. The facade is a strategy. The question is what it costs over time, not what it costs today.
What makes the facade specifically dangerous, rather than merely suboptimal, is that it self-reinforces. Infrastructure built without standards creates physical, commercial, and political resistance to retrofitting later. The operators who built to their own internal benchmarks have invested capital and engineering in those benchmarks — mandatory external standards mean writing down that investment. The communities not consulted during planning have no established regulatory channel to demand change during operation; their only recourse is the protest and parliamentary inquiry that produces, at best, a freeze. The governments that issued non-binding guidelines have no enforcement precedent to stand on when they eventually want binding ones. The longer the facade holds, the more the underlying infrastructure calcifies around it. This is not a problem that waits patiently to be solved.
South Korea is the strongest overall — the AI Basic Act is specific, funded, and extraterritorial. But Korea has no mandatory data centre energy standards equivalent to the EU EED, and its community impact framework for the physical infrastructure remains general industrial regulation. Singapore is strongest on sustainability — WUE permits, the Green DC Roadmap, the NUS Testbed — but its AI governance is voluntary and its data rights penalties sit below GDPR. Even the region’s leaders have significant gaps against the global benchmark. This is structural, not individual.
Stranded assets.Facilities built without PUE obligations face compliance liabilities when standards tighten — which the Brussels Effect and ESG financing will force. Retrofitting cooling infrastructure in an operating campus costs significantly more than building to standard from day one. The campuses going up across India, Malaysia, and Vietnam now will still be operating in 2050.
Community backlash and the planning freeze.Ireland attracted 70% of EU data centre capacity with minimal governance, then faced a planning freeze in 2023–2024 as opposition mounted. The trajectory is visible in APAC now. Korea’s EMF-driven transmission opposition delays infrastructure by up to eleven years. Sydney’s NSW parliamentary inquiry into data centres opened in May 2026. Data Center Watch tracked $64 billion in global projects blocked or delayed between 2023 and 2025 — project cancellations quadrupled year on year. Governments without prospective community frameworks have one instrument left when the backlash arrives: a freeze.
The Brussels Effect.When the EU sets a standard, global operators apply it across their estate rather than run parallel compliance systems. APAC markets that don’t set their own standards will receive EU standards on someone else’s terms, with no negotiation and no credit for early action. Countries that wait don’t avoid the standard. They inherit it.
APAC’s data centres are real. The investment is real. The challenge is that the policies governing them — on energy, water, noise, AI, and data rights — are, across most of the region, still performing rather than governing.
The infrastructure going up now will operate for two to three decades. The standards — or their absence — compound across that entire period. Choosing the facade is a legible decision. It should be made explicitly, with the full cost priced in — not by default, in the shadow of the next hyperscaler announcement.
Next: The policy gap looks one way from a government briefing. It looks different from a community meeting room. The next Arc Brief editorial goes to the ground — one community, one facility, and what happens when there is no regulator to call.
UNEP Data Centre Sustainability Guidelines (June 2025) · Moody’s APAC Data Centre Report · EU Energy Efficiency Directive · EU AI Act · China 15th Five-Year Plan PUE/WUE Standards · South Korea AI Basic Act (January 2026) · Singapore Green Data Centre Roadmap · MOTIE Power Grid Impact Assessment pilot (May 2024) · NSW EPA AirTrunk Kemps Creek decision (April 2026) · Japan Nagashima Ohno & Tsunematsu advisory note (March 2026) · India Digital Personal Data Protection Rules (November 2025) · Indonesia Personal Data Protection Law 2022 · Goldman Sachs AI water consumption research · IEEFA transmission opposition analysis · Data Center Watch project tracker 2023–2025 · Yomiuri Shimbun Koto Ward reporting (2025) · NSW Data Centre Consultation Paper (March 2026)
APAC tech, read once a week.
No ads, no noise.