India’s Data Center Boom Hobbled by Fragmented Regulations

Terms of use

Terms of Use

The use of this site and the content contained therein is governed by the Terms of Use. When you use this site you acknowledge that you have read the Terms of Use and that you accept and will be bound by the terms hereof and such terms as may be modified from time to time.

All text, graphics, audio, design and other works on the site are the copyrighted works of nasscom unless otherwise indicated. All rights reserved.
Content on the site is for personal use only and may be downloaded provided the material is kept intact and there is no violation of the copyrights, trademarks, and other proprietary rights. Any alteration of the material or use of the material contained in the site for any other purpose is a violation of the copyright of nasscom and / or its affiliates or associates or of its third-party information providers. This material cannot be copied, reproduced, republished, uploaded, posted, transmitted or distributed in any way for non-personal use without obtaining the prior permission from nasscom.
The nasscom Members login is for the reference of only registered nasscom Member Companies.
nasscom reserves the right to modify the terms of use of any service without any liability. nasscom reserves the right to take all measures necessary to prevent access to any service or termination of service if the terms of use are not complied with or are contravened or there is any violation of copyright, trademark or other proprietary right.
From time to time nasscom may supplement these terms of use with additional terms pertaining to specific content (additional terms). Such additional terms are hereby incorporated by reference into these Terms of Use.

Disclaimer

The Company information provided on the nasscom web site is as per data collected by companies. nasscom is not liable on the authenticity of such data.
nasscom has exercised due diligence in checking the correctness and authenticity of the information contained in the site, but nasscom or any of its affiliates or associates or employees shall not be in any way responsible for any loss or damage that may arise to any person from any inadvertent error in the information contained in this site. The information from or through this site is provided "as is" and all warranties express or implied of any kind, regarding any matter pertaining to any service or channel, including without limitation the implied warranties of merchantability, fitness for a particular purpose, and non-infringement are disclaimed. nasscom and its affiliates and associates shall not be liable, at any time, for any failure of performance, error, omission, interruption, deletion, defect, delay in operation or transmission, computer virus, communications line failure, theft or destruction or unauthorised access to, alteration of, or use of information contained on the site. No representations, warranties or guarantees whatsoever are made as to the accuracy, adequacy, reliability, completeness, suitability or applicability of the information to a particular situation.
nasscom or its affiliates or associates or its employees do not provide any judgments or warranty in respect of the authenticity or correctness of the content of other services or sites to which links are provided. A link to another service or site is not an endorsement of any products or services on such site or the site.
The content provided is for information purposes alone and does not substitute for specific advice whether investment, legal, taxation or otherwise. nasscom disclaims all liability for damages caused by use of content on the site.
All responsibility and liability for any damages caused by downloading of any data is disclaimed.
nasscom reserves the right to modify, suspend / cancel, or discontinue any or all sections, or service at any time without notice.

For any grievances under the Information Technology Act 2000, please get in touch with Grievance Officer, Mr. Anirban Mandal at data-query@nasscom.in.

New

See all

No notification found.

India’s Data Center Boom Hobbled by Fragmented Regulations

Yashasvi Rathore

@Yashasvi

August 7, 2025

Data Science & AI Community IT Services Government Schemes

139

The Patchwork Problem

India’s fragmented legal and regulatory environment poses a serious challenge to data center development. The absence of uniform definitions, exponential state-specific approval processes, and ineffective single-window clearances creates significant uncertainty, driving up both project timelines and compliance costs.

Each state effectively functions as a separate regulatory jurisdiction, requiring bespoke legal strategies and localized consultants, which adds substantial overhead. This results in higher capital expenditure, delayed market entry, and increased risk exposure, especially for players without deep institutional capacity.

These disparities directly shape location strategy. States offering clearer policies, faster approvals, and cost-effective incentives, such as Maharashtra’s electricity duty exemption or Haryana’s expedited timelines, naturally attract higher investment. As a result, capacity is increasingly concentrated in a few metro corridors, while pan-India scalability remains constrained.

Moreover, operational challenges such as inconsistent power quality, varied labour laws, and uneven digital infrastructure across states prevent standardized playbooks, forcing operators to customize execution in every geography, which undermines efficiency and increases per-MW operational costs.

In this landscape, risk mitigation becomes a core competency. Leading operators invest heavily in legal and regulatory expertise, both in-house and external, to navigate the complex patchwork of state-level laws.

While industry and associations advocate for harmonization, the current environment compels the private sector to bear the burden of complexity. Until regulatory coherence is achieved, policy fragmentation will remain a structural barrier to scale, speed, and long-term cost optimization for India’s data center industry.

Annexure: Regulatory Framework for Data Centers in India

This annexure lists the minimum laws and compliances that data centers in different states of India typically need to adhere to.

I. National-Level Laws and Compliances

These laws and regulations are applicable across India, though their enforcement and specific interpretations can have state-level nuances.

1. Corporate and Financial Compliances:

Companies Act, 2013: Governs the incorporation, functioning, and dissolution of companies. Operators must register their company under this Act and obtain essential documents like PAN, TAN, and DIN.
Foreign Exchange Management Act (FEMA): Regulates foreign investment. Generally, 100% Foreign Direct Investment (FDI) is allowed in data centers, with some restrictions.
Goods and Services Tax (GST) Laws: Applicable to under-construction property and construction services.
Income Tax Act: Covers Capital Gains Tax on the sale of immovable property and TDS on property purchases above ₹50 lakhs.
Harmonized Master List of Infrastructure Sub-sectors: Data centers with a minimum capacity of 5 MW of IT load are included in this list, which eases access to long-term and cheaper institutional financing.

2. Data Protection and Cybersecurity Compliances:

Digital Personal Data Protection Act, 2023 (DPDP Act): Mandates in-country data storage, protects data from unauthorized access, and requires consent for data processing. Non-compliance can result in substantial penalties.
Information Technology Act, 2000 (IT Act) and IT Rules, 2011:
- Section 43A: Mandates "reasonable security practices and procedures" for handling "sensitive personal data or information" (SPDI) to avoid liability for data breaches.
- IT Rules, 2011: Elaborate on "reasonable security practices" and apply universally to data stored in India.
CERT-In Directions: Issued by the Indian Computer Emergency Response Team, these directions mandate that service providers, including data centers, report cyber incidents within a prescribed timeframe (e.g., six hours) and maintain logs for 180 days.

3. Energy Efficiency Compliances:

Energy Conservation Act, 2001: Establishes the Bureau of Energy Efficiency (BEE).
Energy Conservation Building Code (ECBC): Sets minimum energy performance standards for commercial buildings with a connected load of 100 kW or more, directly influencing data center design and operational efficiency.

4. Telecommunications Compliances:

Telecommunications Act, 2023: Includes the Notified Telecom Cyber Security Rules, 2024, and Critical Telecommunication Infrastructure Rules, 2024, for securing telecom networks.
Unified License (UL) Framework: While data centers typically don't require full telecom licenses, they may need to comply with regulations related to Right of Way (RoW) for fiber optic networks.

II. State-Level Laws and Compliances

These laws are governed by individual states, leading to significant variations. State-specific data center policies often provide incentives under these broader laws.

1. Real Estate and Land Use Laws:

State-specific Land Revenue Codes: Govern land acquisition processes.
Zoning Regulations: Define acceptable land use. Data centers may require a Change of Land Use (CLU) approval.

Building Bye-laws: Local authorities approve layouts and issue completion certificates. Some states offer relaxations on Floor Area Ratio (FAR).
Registration Act, 1908 & Indian Stamp Act, 1899: Mandate the registration of property transactions and the payment of stamp duty, which varies by state. Many states offer stamp duty exemptions.
Right to Fair Compensation and Transparency in Land Acquisition... Act, 2013: Governs compulsory land acquisition.

2. Environmental Regulations:

Environment (Protection) Act, 1986 and EIA Notification, 2006: Mandate environmental clearance for certain projects.
State Environmental Impact Assessment Authority (SEIAA) and State Pollution Control Boards (SPCB): Issue Consent to Establish (CTE) and Consent to Operate (CTO).
Forest Act, 1980: May require a Tree Cutting NOC from the Forest Department.

3. Energy Regulations (State-specific):

State Electricity Boards (SEBs) / State Electricity Regulatory Commissions (SERCs): Regulate power procurement, tariffs, and electricity duties.
State-specific Electricity Duty Exemptions and Power Tariff Subsidies: Offered by various states to attract investment.

4. Labor Laws:

Factories Act, 1948: Regulates working conditions.
State-specific Shops and Establishments Acts: Govern working conditions in commercial establishments, with many states offering relaxations for IT/ITeS units to allow 24/7 operations.
Industrial Disputes Act, 1947: Data centers are often declared "public utility services" to ensure uninterrupted operations.
New Labour Codes: These central codes are consolidating existing labor laws, and their implementation will require new state-level rules.

5. Local Municipal Approvals:

Building Permits / Approvals: Issued by municipal corporations.
Fire Hazard Approvals / Fire Safety NOCs: Required from State Fire and Rescue Services.
Commencement Certificate and Occupancy Certificate: Issued by local authorities upon project completion.

III. Licenses and Registrations

Data centers may require specific licenses and registrations depending on their operational model and services offered.

Cloud Service Provider (CSP) licenses: For offering cloud services directly.
Other Service Provider (OSP) licenses: For entities providing IT-enabled services.
Internet Service Provider (ISP) Authorization: For providing internet access.
Wireless Planning & Coordination (WPC) licenses: For network and satellite operations.
Registration with Directorate of Industries (DIC): Many state policies require this to avail incentives.
Registration IEM (Industrial Entrepreneur Memorandum): With the Ministry of Commerce.

Data Center Market Regulatory & Compliance IT infrastructure digital economy Public Policy & Investment Real Estate & Location Strategy

Disclaimer

That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.

Yashasvi Rathore

Manager - Legal Services

I do Law & Stuff. Charting my course as a first-gen lawyer. Four years of breaking molds and pushing boundaries. Hit me up for a fresh perspective and endless possibilities.

India’s Fintech GCCs are Building Tomorrow’s Digital Banks today

Sneha Sharma

@snsharma

27 Aug 2025

GCC Data Science & AI Community BFSI

India’s fintech Global Capability Centers (GCCs) are at the forefront of the country’s remarkable transformation into a powerhouse for technology-driven innovation and enterprise impact. India now hosts 1,760+ GCCs with over 2,975 units as of FY2024…

Decoding AI Studios: Making AI Accessible for Business

Janhvi Juyal

@juyal janhvi

26 Aug 2025

Data Science & AI Community Emerging Tech AI Industry Trends

In the last six to nine months, we’ve seen a proliferation of business-friendly AI studios, coming after the wave of developer-friendly AI platforms that emerged with GenAI. AI studios have started gaining traction by offering simplified, guided…

Why Include AI In Your Upcoming Software Development Project?

kartikpatel

@KartikPatel

25 Aug 2025

Data Science & AI Community AI from Telangana AI Inside AI

Should I Include AI In My Software Development Strategy? Whether you are a business owner, a business manager, a team member or a consumer, the chances are good you have read articles and seen media coverage of the influence of AI. There is no…

Mental Health in the Workplace and Why It's Important for HR Leaders

Mental Health..

@MHFA India

11 Aug 2025

Diversity And Inclusion

The 3 AM coffee runs, endless sprint cycles, and that perpetual "just one more feature" mindset – sound familiar? If you're part of India's tech ecosystem, you've probably witnessed (or lived through) this reality more times than you'd like to admit…

Value-Velocity Dashboards: Linking AI Resource Management Software to Margin in Real Time

Kytes by Prod..

@ProductDossier

08 Aug 2025

Analytics AI Inside

Most enterprises can track resource schedules, time logs, and project status, yet real-time insight into how those decisions influence profitability remains elusive. This disconnect forces teams to juggle separate systems for project tracking,…

Role of a Data Annotation Company in Accelerating Multimodal AI

Gurpreet Sing..

@gurpreetarora

08 Aug 2025

Think of a scenario where an AI system analyzes a client’s frustrated tone in a support call. Upon cross-referencing their usage data, the system not only alerts the account manager but also equips them with de-escalation strategies. Once a distant…

Topics In Demand

Notification

New

India’s Data Center Boom Hobbled by Fragmented Regulations

Manager - Legal Services

Share this blog

Related blogs