The Federal Data Center Enhancement Act (FDCEA) of 2023, which sets security and sustainability standards for US federal datacentres, is set to lapse with no replacement legislation in sight. The regulatory gap leaves federal datacentre operations without a clear statutory framework governing security baselines and environmental requirements. For organisations operating within or supplying to the US federal cloud ecosystem, this creates uncertainty around compliance obligations and security assurance expectations.

Security Architect’s Take: If you support US federal clients or operate under FedRAMP-adjacent frameworks, review which of your current security controls were anchored to FDCEA requirements and ensure they are maintained contractually or via alternative frameworks such as NIST SP 800-53 to avoid accidental compliance drift during the legislative gap.

Original advisory: Feds snooze as US datacenter law set to lapse with no replacement in site