Securing Low-Energy Data Centres in Sustainable Cybersecurity Infrastructure
DOI:
https://doi.org/10.69971/dss.2.2.2025.36Keywords:
Data Centres, NIS 2 Directive, Circular Economy, Green AI, Lightweight Cryptography, Digital Sovereignty, Critical Raw MaterialsAbstract
The global digital economy exists on a physical paradox: whilst the ‘cloud’ is an industrial physical infrastructure that uses a lot of electricity, water and other raw materials to operate. The emergence of this paradox has led to a significant doctrinal tension between a government’s obligation for cyber security against its government’s obligation for environmental sustainability as the European Union continues with its “twin transition” of digitisation and decarbonisation. In the paper, I will provide an analysis of the legal and technical implications of this conflict by examining how the NIS 2 Directive, GDPR and the recast Energy Efficiency Directive relate to each other. Finally, I will explain that the move towards using “low-energy” infrastructure will create new vulnerabilities that are not being addressed under current liability frameworks due to the adoption of liquid cooled systems; IoT-driven environmental controls; and lightweight cryptography. In addition, this write up discusses the “Sanitization Paradox”, which is a situation where data protection absolutism requires functional devices to be physically destroyed (shredded), creating a break in the circular economy for Critical Raw Material (CRM) commodities such as Neodymium and Cobalt. This write up synthesizes technical information related to “Green AI” and cryptographic efficiency with legal information regarding tort liability and regulatory compliance in order to propose a standard for “eco-efficient resilience” that balances the demands of security against the demands of sustainability.
Downloads
References
Commins, Jessica and Kristina Irion. 2025. Towards Planet Proof Computing: Law and Policy of Data Centre Sustainability in the European Union. Technology and Regulation. https://pure.uva.nl/ws/files/226700880/TechReg2025.001_Commins.pdf
Davronbekovich, Allakuliev Mirdjalol. 2024. Legal regulation of liability for cyber attacks and data breaches. International Journal of Law 10: 111-113. https://www.lawjournals.org/assets/archives/2024/vol10issue5/10234.pdf
Editorial, ‘Challenges Faced By Data Centers In Adopting Liquid Cooling’ (The Cyber Express, 1 July 2024).
Elsa, Jane and Hassan Raza. 2024. Cyber Resilience for Sustainable Data Centers: Strengthening Security in Eco-Friendly Infrastructure. EasyChair Preprint 12217: 1-7. https://easychair.org/publications/preprint/h2jG/open
International Energy Agency. 2024. Electricity 2024 - Analysis and Forecast to 2026. International Energy Agency. https://iea.blob.core.windows.net/assets/6b2fd954-2017-408e-bf08-952fdd62118a/Electricity2024-Analysisandforecastto2026.pdf
K. C., Aashish, Md Zakir Hossain Zamil, and Md Shafiqul Islam Mridul et al. 2025. Towards Eco-Friendly Cybersecurity: Machine Learning-Based Anomaly Detection with Carbon and Energy Metrics. International Journal of Applied Mathematics 38: 765- 515. https://arxiv.org/pdf/2601.00893
Thakor, Vishal A, Mohammad Abdur Razzaque and Muhammad R. A. Khandaker. 2021. Lightweight Cryptography for IoT: A State-of-the-Art. Arxiv. https://arxiv.org/abs/2006.13813
WeLOOP. 2020. A Situational Analysis of a Circular Economy in the Data Centre Industry. Circular Economy for the Data Centre Industry. https://www.weloop.org/wp-content/uploads/2021/09/2020_04_16_CEDaCI_situation_analysis_circular_economy_report_VF.pdf
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Authors
This work is licensed under a Creative Commons Attribution 4.0 International License.
