Special Compute Zones: Answers to the most essential questions

The physical infrastructure that powers AI will substantially influence the pace, security, and sovereignty of AI innovation in Europe. The European Commission has launched a major new initiative, the Cloud and AI Development Act^[1] to triple the Union’s data center capacity by 2030. The Centre for Future Generations (CFG) proposed using Special Compute Zones (SCZs) to accelerate this process.

This FAQ explains what SCZs are, the problems they solve, and how they can safeguard Europe’s digital future.

1. What is the “Cloud and AI Development Act”, and why is it important?

The Cloud and AI Development Act is a new initiative from the European Commission, as part of the AI Continent Action Plan^[2], designed to tackle a major strategic challenge: Europe’s significant deficit in AI computing power.

Modern AI, particularly the powerful “frontier” models that can accelerate scientific discovery or boost our economies, requires an immense amount of computing power to train and serve at scale. To put this in perspective, the compute cost for training a model like Google’s Gemini Ultra is estimated to be as high as $ 191 Million^[3]. The energy required is equally immense, with research from Epoch AI estimating that training a model of this scale needs a power draw of about 35 megawatts – enough to power a small town^[4]. The recent emergence of highly efficient models such as DeepSeek-R1 has led some to question whether such large-scale compute is still necessary, but the reality is more nuanced^[5]. DeepSeek’s impressive performance relies on a highly efficient architecture, but its creation still required pre-training on large amounts of compute. In the efforts to create the most capable model, the trend is not a move away from large-scale compute, but an effort to combine more sophisticated algorithms with increasingly more powerful infrastructure^[6].

This computing power encompasses specialised hardware, memory processing, network, and specialised software, which are all typically housed in large, specialised data centres. The Commission has rightly diagnosed that investing in AI data centre capacity will be key for the EU to effectively contribute to AI innovation and secure the bloc’s digital sovereignty. To address this, the Cloud and AI Development Act has set three core objectives:

1. Boost capacity: To triple the EU’s data centre capacity within 5-7 years.
2. Ensure sustainability: To become a leader in green, resource-efficient data infrastructure.
3. Guarantee security: To make sure the most critical AI applications can run on highly secure, EU-based cloud solutions.

Our proposal for Special Compute Zones (SCZs) is a direct response to this call to action, offering a concrete plan to make rapid progress on all three of these objectives.

2. How big is the compute gap between the EU and the US? Why is this an issue?

The gap is substantial and growing. According to recent research from Epoch AI, the EU currently hosts only about 5% of the world’s AI compute capacity^[7]. In stark contrast, the United States houses nearly 75%.^[8] This gap is set to widen even more with the US on track to add more data centre capacity in the next four years than currently exists in all of Europe^[9]. However, this is not for a lack of demand for datacentres in Europe – McKinsey estimates that data centre demand in Europe will more than triple by 2030, largely fueled by AI^[10].

The European Union’s technological landscape is currently heavily dependent on imports^[11] – primarily from the USA and China – and in staying the course, there’s a clear risk of becoming a permanent consumer of AI technology developed elsewhere, rather than a leader that shapes it according to its own values and economic interests. This is further compounded by two additional risks – performance and security. For high-speed applications of AI where performance needs to be close to real-time, local infrastructure is essential. For example, in advanced manufacturing^[12], low-latency AI can detect microscopic defects on a fast-moving production line – a delay of even a few milliseconds could result in thousands of faulty products and compromise competitiveness. Similarly, in autonomous vehicles, those same milliseconds of delay can lead to accidents^[13]. And for sensitive applications within Europe, such as cybersecurity or healthcare, using EU-based and owned data centres is vital for data sovereignty and GDPR compliance. This ensures sensitive data is shielded from foreign legal access and provides a trusted foundation upon which higher-tier security can be built, mitigating supply chain risks like those exposed by the global SolarWinds hack^[14].

There is a real need for EU AI infrastructure, but a massive gap already exists and is only widening given the current trajectory. Without urgent action, this gap could become irreversible.

3. What exactly is a Special Compute Zone (SCZ) and how would it help bridge the compute gap?

A Special Compute Zone (SCZ) is a specifically designated area with streamlined rules for building and operating AI data centres and their supporting infrastructure to accelerate the permitting processes surrounding building a datacentre – a process that currently often takes over 48 months^[15]. Our proposal suggests an outline for what each SCZ would need to provide. These features should be core requirements to ensure every zone can help speed up building compute infrastructure. The key elements include:

• Fast-tracked, 180-day permitting process: A legally mandated maximum timeline for all approvals. This addresses critical administrative delays developers currently face, ensuring speed and certainty needed to attract investment.
• Earmarked sites: Pre-approved locations with ample space for data centres and on-site energy generation. This solves land acquisition and zoning hurdles by pre-approving locations, removing a significant barrier to entry for developers.
• Powerful and clean energy: An initial electrical capacity of at least 200 MW (expandable up to 500-1000 MW), with certified plans to procure carbon-free power on a 24/7 basis. This overcomes power-grid connection bottlenecks by guaranteeing access to massive-scale, sustainable energy.
• High-speed connectivity: Redundant backbone fibre links to ensure fast and stable connections across the EU. This ensures operational capacity essential for training and deploying large-scale AI models.
• A tiered security model: A built-in framework to support everything from commercial applications to defence-grade critical systems with the appropriate safeguards. Such a risk-based model ensures critical systems get maximum protection without overburdening commercial applications.

SCZs resemble industrial parks, but for the digital age. Just as a traditional industrial park has pre-approved zoning and utility connections to make it easy for factories to set up, an SCZ is designed from the ground up to be the perfect environment for next-generation computing infrastructure. By concentrating our efforts and creating these ideal conditions in specific zones, we can accelerate the construction of the infrastructure that Europe needs, while still ensuring high standards for security and sustainability.

4. How would an SCZ actually make it faster to build a data centre?

While there are hurdles around investment and social acceptance to overcome, the main bottleneck today is administrative red tape. As the AI Continent Action Plan^[16] states, the average time to obtain a permit and the related environmental authorisations for building a datacentre in Europe often lies upwards of 48 months. In the world of AI, where progress is measured in weeks and a project like xAI’s largest data center “Colossus” reportedly took about 4 months^[17] to become operational, this is simply too slow.

SCZs would solve this with two key changes:

1. A ‘one-stop shop’ for permits: Instead of dealing with multiple different authorities for land use, environmental assessments, grid connections, and construction codes, a developer would go through a single, unified digital portal. This approach mirrors the “green lane” permitting under the European Chips Act, which bundles all relevant permits to accelerate the construction of semiconductor fabs^[18].  All the relevant agencies would coordinate at the back end. 
2. A legally mandated deadline through condition-based approval: The entire permitting process, from application to final decision, would be limited to a maximum of 180 days and comes with a presumption of approval immediately after that – construction can begin if the regulators don’t formally challenge or respond within that time. This replaces today’s system of uncertain, open-ended timelines with the speed and predictability that is crucial for attracting investment. To safeguard residents and the environment, this rapid approval is only possible because SCZs will be designated in pre-vetted industrial areas where comprehensive environmental assessments are conducted. This model is inspired by Spain’s reforms for solar power, where simplifying and speeding up environmental approvals^[19] for projects in low-sensitivity areas helped the country add a record 5.6 GW of utility-scale solar capability in 2023 alone^[20].

5. What does a condition-based approval process mean in practice?

This is a fundamental shift from the current norm in many key EU Member States. In countries like Germany^[21] and France^[22], data centre projects are typically assessed on a case-by-case basis – a process involving multiple authorities and creating long and unpredictable review timelines. A condition-based approach flips this around.

The establishment of an SCZ means the government has already declared that building data centres in that specific zone is a strategic priority for Europe. From that point on, a project would be approved automatically as long as it meets a clear, pre-defined checklist of criteria and standards. Such a checklist could include specific, measurable conditions such as noise limits at the zone’s boundary^[23], water efficiency^[24], and energy sourcing^[25].

This creates a presumption in favour of construction. Instead of developers having to prove their project is acceptable, the project is assumed to be acceptable unless it is formally challenged or fails to meet the published conditions. This provides enormous clarity and certainty for developers while still maintaining strong environmental and legal safeguards.

6. Where would these zones be located?

The site selection process will need to leverage existing infrastructure to save time, reduce costs, and minimise environmental impact. Our proposal strongly recommends prioritising brownfield industrial areas, that is, land that has been previously developed but is now underused or abandoned.

Decommissioned coal power plants are particularly promising sites. These locations are ideal because they already have two of the most critical and expensive components for a large data centre:

1. Heavy-duty connections to the national power grid. Old power plants often have grid connections capable of handling 500 to 1000 MW or more^[26] – a capacity that aligns perfectly with the needs of a large AI data centre campus. Building such a connection from scratch can take years otherwise.
2. Industrial zoning that is separate from residential or sensitive areas. This will mitigate community impact from factors such as the constant, low-frequency noise generated by cooling equipment.

This strategy allows the EU to repurpose old fossil fuel infrastructure for the digital and green transition, avoiding ecologically sensitive areas like Natura 2000 sites. This is already being done successfully in places like Greece, where former lignite mines are being redeveloped into data centre and solar farm campuses^[27].

7. How should data centres in the SCZs be built without harming the environment?

Sustainability must guide the design of the SCZs from the very beginning. The goal is not just to build more data centres, but to build them in a smarter, greener way, directly addressing the European Commission’s sustainability objectives as laid out in the Digital Decade Policy programme^[28].

Our proposal includes several requirements to ease the pressure on the environment:

• Potential for co-location with clean energy: SCZ sites would be chosen specifically to make it easy to build new renewable energy sources, like solar or wind farms, right next to the data centres that they will power.
• 24×7 carbon-free energy: Data centres would be required to work their way up to matching electricity consumption with carbon-free energy generation on an hourly basis, 24/7. This is a much higher standard than the current common practice of offsetting annual consumption with renewable energy credits.  
• Transparent reporting: All data centres in an SCZ would have to publicly report key environmental data, including their water consumption, their strategy for reusing waste heat (for example, by heating nearby buildings), and their hourly CO₂ emissions.

By making these zones hubs for both digital and green infrastructure, we can use the urgent need for AI compute as a catalyst to accelerate Europe’s energy transition.

8. How can the EU ensure that the AI models and data stored on these powerful data centres are secure?

As AI becomes more integrated into our economy and public services, the infrastructure it runs on must be treated as critical infrastructure and, therefore, pertain to the highest level of security.

Inspired by risk-based frameworks like that developed by RAND^[29] for securing AI systems, we propose a three-tiered security model for data centres operating within the SCZs, where the level of protection matches the sensitivity of the AI application:

• Tier A (Basic): This would be the standard for most commercial AI applications, providing robust, industry-standard cybersecurity.
• Tier B (Substantial): This would be for more sensitive tasks, like training large foundation models, and would require extra safeguards like zero-trust architectures and penetration testing. Such processes face unique risks such as theft of the multi-billion-dollar model itself or data poisoning attacks that could corrupt the model’s integrity, thereby necessitating additional safeguards.
• Tier C (High): This would be reserved for the most critical national and European security uses, like cybersecurity or public health. It would mandate the highest level of protection, including hardware-based security measures and rigorous personnel vetting by intelligence agencies.

This risk-based approach ensures that Europe’s most sensitive digital assets get the protection they need, without imposing unnecessary costs or burdens on the entire market, as costs rise substantially with each tier – moving from tier A to B would involve investment in specialised services and architecture, while moving from B to C would require further hardware and personnel costs.

9. Who decides what AI applications are critical and need higher security?

This would not be a static decision. The proposal recommends a dynamic, EU-level list of critical AI workloads that would trigger the higher-tier security requirements.

This list would be regularly updated by the European Commission, in close consultation with cybersecurity experts at ENISA (the EU Agency for Cybersecurity) and the Member States. This ensures the process is flexible and can adapt to evolving threats. For example, AI systems used for managing the European Health Data Space or for advanced defence analytics could be prioritised for initial classification as critical, requiring Tier B or C protection.

Crucially, non-critical workloads would remain free to be deployed in any standard cloud environment. This targeted approach avoids slowing down Europe’s broader AI ecosystem with unnecessary security burdens.

10. How would EU Member States implement SCZs?

To ensure all 27 Member States apply this framework quickly and uniformly, we recommend that the European Commission implement it using a Regulation.

In its consultation^[30], the Commission outlined several policy options. A ‘soft’ approach, like a Directive, would set a goal but let Member States decide how to achieve it, which, while ensuring flexibility, would be slow and lead to a patchwork of different rules. While a Regulation isn’t a silver bullet, its key feature of direct applicability is a major advantage. Becoming a binding law simultaneously across the EU without needing to be transposed into 27 different national laws drastically reduces delays and legal discrepancies.

The drawbacks of a Regulation are that it can be politically more challenging to get all Member States to approve because of its top-down nature. However, in such a case where the EU faces a critical strategic challenge that requires speed and harmony, we believe a Regulation is the best bet. A Regulation also ensures legal certainty and, therefore, boosts investment. There is also strong, recent precedent to back this up – the European Chips Act^[31] used a Regulation to create a similar fast-track ‘green lane’ for building semiconductor factories. While not without challenges, this has directly spurred major investment decisions, including TSMC’s factory in Dresden^[32].

11. Can each Member State carry the same weight? Will smaller states be penalised under such a Regulation?

Any Regulation that encompasses all 27 Member States must ensure that it is a “one-size-fits-all” solution. There are certain key aspects of this proposal tailored to ensure flexibility:

• More equitable distribution of data centres: By creating one harmonised set of rules for permitting and operations, investment and innovation can take place in large and historically more innovation-oriented Member States, as well as new entrants to this key economic sector.
• Proportional obligations and requirements: The obligations for the SCZ should be based on predefined parameters such as GDP, population density, land mass, etc., which ensure that the Regulation scales with the capacity of the country. Similarly, some of the requirements for the SCZ could be adjusted downwards, or even made voluntary, for smaller member states without the necessary capacity. Furthermore, the financial burden for new infrastructure does not have to fall entirely on the Member State. For example, solutions such as the private data-centre company building its own co-located energy source will also shift the costs to the private sector.
• Flexibility in security: The security tiers would give the Member States the flexibility to set up infrastructure that they have the capability and resources to set up. For example, a smaller, more resource-constrained Member State could set up a Tier-A security SCZ while more critical applications run out of data centres located in high-resource states that have the capacity to build Tier-C security data centres.

Endnotes