The US battle over AI harms has so far unfolded piecemeal, state by state. Democratic senator Ed Markey wants to change the pace with a federal initiative that has a precise target: local data centers. Not the companies training the models, not the chatbot developers, but the physical infrastructure where computations run. If enacted, this idea would turn every server farm into a gatekeeper of algorithmic accountability.

Markey's list of concerns is long and cross-cutting. Thirsty data centers, workplace surveillance, biased algorithms, chatbots designed to prey on children. The Massachusetts senator has decided to translate it into a single legislative proposal, still to be fully detailed, but already clear in its direction: compel data center operators to monitor and account for what they host.

For those who follow AI deployment dynamics, this move shines a spotlight on data sovereignty and physical infrastructure control. Markey does not explicitly mention on-premise, but when he says “your local data centre” he evokes precisely those environments where organizations keep their own hardware, in-house or in colocation, to run models. It's a shift in perspective: compliance would no longer be just a matter of code and corporate policies, but of inspections and constraints at the rack level, power consumption, water flows, and the types of workloads hosted.

The core issue, from our standpoint, is that such regulation would make the dividing line between public cloud and self-managed infrastructure even sharper. Today many companies choose self-hosted for sovereignty and TCO reasons: keeping data on-site, avoiding lock-in, controlling inference costs without surprises. If local data centers became subject to stringent controls, the competitive advantage of on-premise could paradoxically strengthen: those who already own the hardware and have internal audit processes would be favored over those relying on external providers that might pass compliance costs downstream.

It’s no coincidence that water consumption features in the proposal. High-density GPUs used for training and inference have an energy and cooling footprint that in recent years has strained local water resources. Tying data center activity to such parameters means forcing specific architectural choices: liquid cooling systems, heat reuse, rack density limits. Those designing on-premise clusters for LLMs will have to consider not just VRAM and memory bandwidth, but also certifiable environmental footprint.

On the surveillance and bias front, the impact is equally concrete. The senator envisions a mechanism where the data center becomes responsible for what hosted models produce. For a company running inference locally, this means setting up logging systems, response traceability, and real-time filters—integrated not at the application level but within the container orchestration and serving pipelines. Scenarios of “air-gapped compliance” come to mind, where the model runs in a sealed perimeter with automatic auditing and mandatory reporting.

There are gray areas, though. The proposal, as previewed, doesn't distinguish between general-purpose data centers and AI-dedicated infrastructure. The risk is hitting very different realities with the same hammer, from bank server rooms to startup clusters doing experimental fine-tuning. Moreover, there’s no hint of how edge computing workloads would be treated, where the boundaries of a “local data center” are blurred.

Despite the unknowns, the direction is clear: shifting the center of gravity of responsibility from software to metal, from corporate policies to the physical bricks of infrastructure. For the Italian and European ecosystem, already sensitive to GDPR and data residency, the Markey initiative is a signal not to be underestimated. It could accelerate the convergence between privacy regulations and AI-specific rules, with direct consequences on architecture and deployment choices.