Clifford Chance

The twin challenges of the energy transition and digital transformation are tightly linked, – with each playing a crucial role in the success of the other. On the one hand, digital transformation is helping us reduce our carbon footprint in a variety of ways, be it through video calls, new forms of mobility or the real-time monitoring of how much energy we are using at home. On the other hand, we need to ensure that those technologies do not consume more energy than they need to.

The energy transition is underpinned by a broad digital transformation in relation to the way our energy is generated, distributed and used. The proportion of renewable energy we generate is increasing year on year and a long overdue digital transformation is occurring in the retail energy sector. AI and other sophisticated software is being deployed to optimise smarter distribution networks and data centre use. Cybersecurity and the protection of personal data has become critical as the adoption of smart meters and electric vehicle (EV) accelerates. Protecting the IP arising in respect of innovative net zero technologies, including software, is now as important in the energy sector as it is in other more traditionally “software-centric” sectors.

This briefing will examine some of the legal considerations arising from the relationship between the energy transition and digital transformation in these contexts.

1. The scale of investment is starting to meet the scale of the net zero challenge

Achieving the Paris Agreement’s objectives of delivering net zero by the middle of the century and limiting the impact of climate change will be among the greatest challenges of our age.

Many public and private companies, particularly in the US and Europe, have made pledges in support of these ambitions, and legislation related to achieving (and in some cases reporting on) net zero progress is incentivising more companies to develop or invest in green technologies to achieve their net zero and sustainability commitments. This trend is likely to accelerate considering increased regulatory and advertising standards intervention in relation to greenwashing and related public scrutiny.

The 2022 US Inflation Reduction Act has proven to be another catalyst for change. The Act designates USD369 billion in subsidies for companies who invest in and develop net zero and low-carbon intensity technologies (see our briefing: Inflation Reduction Act of 2022). The EU has responded in kind, with its Green Deal Industrial Plan for the Net Zero Age and the 2023 Net Zero Industry Act – with the intention of stimulating investment and growth in specific green technologies including batteries, solar, wind power, heat pumps and renewable hydrogen (see our briefing: The European Net Zero Industry Act). Similar packages have been proposed elsewhere, including in the UK, where the 2023 Spring Budget allocated substantial investments in carbon capture technologies and small modular reactors, and in Japan, where the GX (Green Transformation) Promotion Act – enacted in May 2023 – aims to accelerate decarbonisation in Japan through introducing a carbon pricing scheme and issuing energy transition bonds to support investment and public-private partnerships, including for renewables, grid updates, EVs and ‘clean’ hydrogen and ammonia value chains.

VW Group’s recent decision to revaluate whether to construct a vast new battery plant in the US or Eastern Europe is expected to be heavily influenced by the support available in each jurisdiction and highlights the political significance of green technologies at a time when energy security and sovereignty are attracting unprecedented attention. For more, see our paper: The Green Industrial Policy Revolution – developments in trade, energy transition and geopolitics.

In addition to the flow of public capital, in recent years there has been significant growth of energy transition investment funds and other forms of ‘responsible’ private investing. The popularity of these funds is attributable to private investor appetite for ESG credentials and enthusiasm to capitalise on the anticipated growth in renewable energy generation, and the emergence of new, globally scalable, low-carbon technologies. In particular, the volume of assets exhibiting ESG-related credentials under management of signatories to the UN Principles of Responsible Investing has grown from USD$21 trillion in 2010 to USD$121 trillion in 2021.

These shifting investor preferences toward sustainable businesses and an increasing sense of urgency to fulfil net zero and sustainability commitments are also seeing ‘energy transition’ and ‘responsible’ investing gaining momentum as one of the primary drivers in private M&A (see our briefing: Energy Transition Trends 2023). In addition to a trend towards strategic acquisition of lower carbon or ‘green’ assets (particularly in the renewable sectors), there are increasing numbers of companies that operate in traditional industrial sectors searching for new technologies which can help reduce their emissions. As different types of investors recognise the long-term financial benefits of ‘green’ assets, potential acquirers are drawn to these opportunities, making sustainability a key consideration in the M&A strategies not only of private equity firms, but also of long-term investors such as sovereign wealth funds, pensions and infrastructure funds.

More broadly, the International Energy Agency (IEA) estimates that investment in clean technologies is on course to reach USD1.7 trillion in 2023 – with investments in solar technologies eclipsing investments in oil production for the first time in history.
The think tank, Atlas Public Policy, estimates that, to date, USD830 billion has been invested in vehicle and battery plants and battery recycling facilities (See our briefing: Betting on batteries: powering the clean energy transition.) We expect to see significant changes in capital allocation and capital flows, more divestments of high-carbon assets, and strategic investments in start-ups to acquire disruptive technology.

2. Digital transformation has taken centre stage in the energy transition

Digital technologies will be central to any meaningful attempt to solve the challenges of the energy transition. For example, smart energy distribution hardware, deployment of increasingly sophisticated software platforms in retail energy, use of AI to predict demand, leveraging digital twins to maximise power plant operational efficiencies, and the application of blockchain technology to monitor and validate renewable energy supply, are just a few examples of the types of digital transformation in this space.

The increased role of digital technology as an ‘enabler’ of the energy transition means that related areas of law are becoming more important than ever before within affected sectors. These include:

• Data Governance and Commercialisation: the collection, processing and sharing of personal data and other valuable datasets from smart meters and IoT-enabled domestic devices will be key to successfully leveraging distributed energy resources. Over time, individual domestic and commercial energy customers are likely to play contributory roles as utilities pursue grid resilience and consumption optimisation goals. For example, we are already seeing retail energy providers managing domestic EV charging loads to avoid times of peak demand by using data collection techniques and flexible tariffs to incentivise customers to charge their EVs at times when networks experience reduced loads. Ensuring consumer trust in relation to these use cases through effective and transparent data governance will be key to ensuring that these data remain available for processing, analytics and innovation. Data governance is also expected to play an increasing role in reducing the environmental impact of cloud workloads as companies examine the sustainability of long-term storage of unused data.
• Cybersecurity and Resilience: ensuring that the grid and its connected assets are technically secure and resilient to malign actors and cyber threat vectors will be a priority. Energy security is essential in an increasingly volatile geopolitical environment. The proliferation of connected devices (including in the home) may create access points or other vulnerabilities as energy resources become increasingly interconnected. More broadly, today’s businesses have more complex technology stacks with multiple points of potential cyber vulnerability or supplier failure, and increasingly rely on digital technologies for their operations. These risks arise at a time when cyber risk and operational resilience is a growing priority for legislators, with both horizontal and sector-specific laws affecting sectors such as energy, mobility and digital infrastructure.
• AI and Machine Learning: increasingly sophisticated software systems and platforms are playing critical roles in energy transition, including through streamlining energy services, enabling smart girds and demand response retail energy plans, and facilitating effective workload consolidation and scheduling in data centres. The regulatory framework that applies to these systems – particularly where they fall within emerging definitions of ‘AI’ – is complex and evolving. Businesses across sectors, from energy providers to data centre operators, are engaging in strategic planning and initiatives to effectively navigate the legal landscape for AI and machine learning.
• Contracting for Digital Transformation and Protecting IP: digital transformation and efficiency are fundamental to the transition to net zero. With the introduction of renewables and distributed energy resources, alongside the expected increase in demand for electricity arising from the electrification of mobility and other technological advances, our grid infrastructure will need to evolve to institute more control over supply and demand – for example, through the deployment of AI systems and increasingly sophisticated software platforms. As capital is deployed and invested in innovative technologies, the IP arising in respect of those innovations will need to be protected. Research partnerships will be forged, and the universe of applicable technology regulation will continue to expand. As innovators seek to commercialise their IP (for example, their copyright in software code and their patents in hardware), their contractual risk will also need to be carefully managed – both in respect of their supply chains and in respect of any licensing terms imposed on their customers. On the other hand, licensees will also be looking for robust contractual protections (such as service levels) as they deploy potentially transformative innovations within their businesses.

3. Legal challenges: perspectives from different sectors

What role is digital technology playing as industries focus on their net zero ambitions, and what legal challenges are they facing?

Retail Energy and the Smart Home

In many parts of the world, the retail energy sector has been under pressure from wholesale price rises, strict regulation (including price caps in the UK and Singapore) and a wide range of geopolitical events in recent years. Many players have concluded that digital transformation is the only way to reduce the cost-to-serve customers in the face of shrinking margins. These transformations are often enabled by software and other technologies that can automate customer self-service and data collection, integrate and manage distributed assets (for example, battery storage, EV chargers, heat pumps and solar panels) and permit and enable smart tariffs.

With the adoption of new software platforms, legal challenges arise in connection with the processing of collected data, managing vendor and customer interfaces, contracting and IP risk. Where software platforms are critical to the durability and resilience of energy services, licensees may expect the reassurance of source code escrow deposits and strict service levels. Other challenges arise in connection with increasingly popular continuous integration and continuous delivery methodologies (i.e. CICD), with customers increasingly unable to perform detailed acceptance testing in respect of CICD software, particularly where new source code deployments are ‘pushed’ directly to the licensees’ local instances or cloud environments many
times each day.

More broadly, there has been no let-up in EU legislative activity affecting digital services – with, for example, the Data Act approaching finalisation, the adoption of the Data Governance Act and the revised Network and Information Systems (NIS2) Directive, and a common European energy data space in progress. Specific cross-sector EU legislation on AI is edging towards finalisation too, which could have an impact on the way in which AI systems are deployed to predict energy demand and manage distributed energy resources (see our article: EU AI Act: Final negotiations can begin after European Parliament vote).

Cybersecurity is crucial to the resilience of energy supply. This is reflected in both legislation and in contractual terms between energy players and software or IT service providers. For example, the EU’s NIS2 Directive further harmonises Member State laws on cybersecurity for critical infrastructure by imposing enhanced requirements for “essential” or “important” entities, including in the energy sector. Together with its implementing Member State laws (which are to follow), it obliges such businesses operating in the EU to adopt specific cybersecurity risk management processes and comply with strict reporting standards, in each case with a view to operating resilient and robust systems and services (see our briefing: NIS 2 Directive: Europe revamps its cybersecurity framework). Similarly, the Singapore Cybersecurity Act 2018 imposes obligations on owners of a critical information infrastructure (CII) supporting the delivery of an ‘essential service’ across 11 prescribed sectors, including the energy sector. CII owners must comply with mandated codes of practice and performance standards, conduct cybersecurity audits and risk assessments, and share certain information with the Cyber Security Agency of Singapore where requested, including in the event of an attack.

Through the Data Act, the EU is recognises the role of data access in driving innovation, and potentially improving decision-making, customer offerings and operational efficiency (see our briefing: The Data Act: A Proposed New Framework for Data Access and Porting within the EU). The wider EU Data Strategy adopted in 2020 sets out the related idea of establishing a single EU market for data based on common European data spaces. To facilitate data sharing and improve the interoperability of data, these EU-wide data spaces are to be developed in several strategic sectors – including energy, with the stated ambition of supporting the EU’s energy sector goals.

Data sharing frameworks to support a European data space for energy were laid out in the Data Governance Act, adopted by co-legislators in May 2022 (see our article:
An overview of the EU Data Governance Act). Although the aim of the proposal is to facilitate data reuse, the conditions imposed on the exchange of non-public data have been criticised as creating additional hurdles, with definitions that are imprecise and provisions that could allow, for example, the blocking of transfers of valuable non- personal data to countries outside the EU. Procuring data, particularly from private organisations, can also be prohibitively expensive, particularly for new market entrants. An evolving trend to facilitate data access and sharing includes using application programming interfaces (APIs) to democratise data flows, through standardised data transfer technology. The energy industry will face a new wave of commercial and contracting issues in realising the benefit of using API marketplaces. Issues include pricing of data points shared via APIs, integration considerations and delivering frictionless customer experiences.

Multi-disciplinary collaborations and initiatives are also being formed in some countries in order to encourage information sharing and enable technology innovation in the energy sector. For example, EcoLabs Centre of Innovation for Energy in Singapore was set up specifically to bolster the country’s energy transition. EcoLabs supports energy sector start-ups and SMEs by providing research equipment (which may otherwise be too expensive for the company to buy itself), as well as offering access to scientific research in clean energy and testing facilities.

Finally, retail energy companies also realise that they could see value erosion unless they own or control parts of the EV ecosystem and many are investing in their related domestic and public offerings. Retail energy providers with supply arms also recognise that they need to invest in renewable generation as old plant is taken offline and corresponding electrification is part of that business case. These businesses must also balance the capital expenditure of their investments in the regulated retail space with the capital demands of their upstream and downstream businesses – which may drive transformative M&A as these businesses evolve their strategic ambitions for growth.

Data Centres and Cloud Computing

Whilst the use of cloud computing and related data centre infrastructure underpins many innovative net zero technology solutions, especially the effective management of distributed energy resources (such as battery storage and virtual power plants), the cloud and data centre sector is subject to its own green revolution.

That revolution is a crucial one since, according to a European Commission study, data centres were responsible for 2.7% of the EU’s entire electricity demand in 2018. Other studies suggest that data centres are currently responsible for the same percentage of global greenhouse gas emissions as the entire global airline industry. Energy consumption by data centres is set to increase in the next decade and beyond as new data-hungry technologies such as AI, virtual reality and autonomous driving take hold, and 5G networks drive greater consumption of data. These new technologies will require new data centres to be built locally and regionally to deliver the low latency required to support them (Edge Computing). This involves processing data

nearer to where it is collected or created with a view to enabling near real-time analytics to be performed and to minimise outages or interruptions (see our briefing: Data Centre Trends 2023). Given the anticipated growth in demand and increased legislative and commercial pressures regarding sustainability, data centres will need to dramatically improve efficiency and reduce (or offset) carbon emissions by using renewable energy and other means – with the associated challenges differing according to the size
of the data centre.

In Europe, the European Commission ambitiously asserts that the sector should be carbon neutral by 2030 and is urging data centre operators to take appropriate steps to achieve this goal, despite growing demand. To this end, the European Commission has issued a Code of Conduct for Data Centre Efficiency featuring a series of steps for data centre operators to adopt. Singapore is similarly encouraging improved data centre efficiency, including through the IMDA’s Green Data Centre Standard, which provides a framework and methodology designed to help organisations establish systems and processes to improve the energy efficiency of their data centres in tropical climates. In China, establishment of regional and nationwide data centres for governmental and private use is a priority on government’s agenda, with green energy sourcing and reduced energy consumption being part of the announced rationale regarding location of regional hubs. China requires data centres to use renewable energy to the extent possible, encourages participation in renewable energy market trades, and requires energy efficiency to be taken into account throughout the design and construction of data centres (including in relation to procurement of associated digital technology) and monitored thereafter. The largest customers of data centre operators are similarly focused on the energy transition: having announced their own sustainability targets, they are looking to their supply chain for help.

Digital technologies are increasingly being explored in improving energy efficiency and/ or sourcing renewable energy in the context of data centres and cloud computing. For example, with a significant proportion of data centre energy use being related to cooling and ventilation, machine learning is being used to optimise ‘white space cooling’ and limit energy use to where it is needed. It can also assist with consolidating workloads and enabling and disabling circuits in line with need, reducing the time period in which (and degree to which) data centres run overcapacity. Beyond reducing energy consumption, digital technology can also play a role in enabling data centres to source renewable energy supply – blockchain can be used to establish the provenance of renewable energy resources, including by allowing real-time time-stamping at the point of energy generation to give transparency of energy origin.

As data centre owners and operators seek to reduce their energy consumption for political and legislative reasons, as well as to reduce operating costs, they should pay close attention to their procurement and customer contracts. Supply and procurement contracts related to the installation of electrical equipment including power delivery units and redundancy systems (for example, battery storage) must all be scrutinised carefully owing to the mission criticality of the underlying hardware and the importance of their efficiency. Where suppliers are licensing software to operators and owners that are intended to balance loads across servers or allow real-time monitoring of servers and services, it will be important to carefully consider the cyber security commitments offered by those suppliers – particularly where cyber-attacks can be as effective at taking a data centre offline as a power outage. For both equipment and software, suppliers’ performance claims and service levels must be carefully considered to minimise the probability of severe exposure to customer claims in the event of power cuts, hardware failure, cyber incidents or similar events. These operators and owners must also pay close attention to their power usage effectiveness data since these data are increasingly scrutinised by existing and prospective customers who are keen to meet their own ESG goals (as well as by interested third parties, including NGOs).
Relatedly, operators and owners must pay attention to the claims they might make in their marketing and advertising materials, given the advertising standards and other regulatory scrutiny that can be brought to bear in relation to misleading or disputable claims.
Data governance also plays an increasing role in reducing the environmental impact of cloud workloads. Although moving applications to hyperscale data centres can itself achieve a reduction in energy usage, the sustainability of moving existing workloads into the cloud on an ‘as-is’ basis is increasingly being queried. As the volume of unused data that is stored by businesses increases, strategic data governance programmes that reduce digital waste are more important than ever in enabling companies to meet legal requirements (for example, under data protection laws), manage data risks and reduce the environmental impact of their operations. Beyond energy efficiency and use of green energy sources, there is increased interest in the potential for data centres to facilitate the transition to renewable electricity through their participation in demand response for increased stability of the electricity system. To achieve a reliable electricity system that is dominated by renewable energy, a key challenge will be developing flexible load management. A growing area of research is the potential role of software and industry data platforms in supporting use of data centres to increase the stability of a renewable energy-dominated electricity system through greater integration with smart grids and more flexibly managed power demand (through, for example, scheduling delay-tolerant workloads). Data centres (and cloud computing, more broadly) are crucial to the operations of most companies and financial institutions. Whilst the emerging legislative and political drivers will continue to incentivise data centre owners and operators to embrace technologies in pursuit of net zero, it is also clear that their customers’ ESG goals will catalyse change – and those operators who can demonstrate progress in these areas will likely achieve a significant competitive advantage.
 

4. Mobility

The automotive and aviation industries have been at the forefront of many technological innovations. The need to innovate is being supercharged by political intervention. In Europe, this includes the prospective UK ban on the sale of new ICE vehicles from 2030, the imposition of cross-fleet emissions standards across the EU, and the recently agreed EU regulation on sustainable aviation fuels (the “ReFuelEU Aviation Initiative”).
China also continues to promote digital innovation through an evolving regulatory landscape for mobility, including through tax preferential treatment policies to encourage relevant automotive technology R&D and certain upgrading activities connected with energy transition.

OEMs are investing unprecedented sums in R&D, with a particular focus on EV-efficiency technologies such as solid-state and other higher energy density batteries, e-fuels and hydrogen fuel cells. In addition, automotive and aviation businesses are seeking collaborations instead of, or in addition to, conducting their own R&D in order to gain access to new technologies and/or market share. These mobility solutions are supplemented by innovation in the fields of connectivity, infotainment, advanced driver-assistance aids, and AI-enabled route planning. Connectivity is at the core of a modern car and the car is arguably now as much a “connected” device as a smartphone – with data from its sensors being shared between vehicles, infrastructure and other IOT-connected devices. All these innovations, collaborations and procurement arrangements generate regulatory, contractual, privacy, and IP protection and enforcement issues in relation to their development, acquisition and/or integration. For example, in collaborations, partnerships or procurements focusing on access to new technology, negotiations regarding IP rights and forward planning regarding data sharing, cyber risk, product liability and wider regulatory compliance are pivotal – typically requiring support from multi-disciplinary teams.

New functionality is increasingly digitised with a view to new modes of income generation including connected vehicle services, subscription services and targeted, individualised customer experiences. On the one hand, these digital services may offset some of the major capital expenditure on mobility-related R&D. On the other hand, some of these digital services are necessary to enable a more customer-centric experience that can overcome some of the challenges associated with e-Mobility or to meet requirements regarding non-discriminatory access and payment processes. For example, as EVs proliferate, connected services that consolidate invoicing in relation to the use of charging infrastructure operated by different providers may reduce some of the challenges associated with destination and ‘en route’ EV charging stops (as well as driving further revenues for OEMs, charging network providers and other over-the-top providers). Also, over-the-air software updates can avoid the need for more costly repairs and prolong the life of vehicles, with resultant sustainability advantages.

Traditional sector-specific regulations focusing on cars continue to target safety (such as the EU’s Directive 2010/40 on the framework for the deployment of Intelligent Transport Systems in the field of road transport), and road or air traffic (such as EU Regulations 886/2013 and 2015/962 establishing National Access Points for traffic data). However, with OEMs expanding their ecosystems and legislators watching technological advances in mobility carefully, more areas of regulation will become relevant. Laws on cyber security and the protection of personal data already catch OEMs in most modes of customer-facing activity, including vehicle monitoring, with industry-specific regulatory guidelines often already in place. For example, China maintains a focus on the regulation of important mobility data and, in addition to cross- sector laws such as the Cybersecurity Law, the Data Security Law and the Personal Information Protection Law, has been issuing various national standards applicable to mobility. In the EU, the General Data Protection Regulations will apply to many customer-related data processing activities, alongside more specific guidelines such as the EDPB’s Guidelines 1/2020 on the processing of personal data in the context of connected vehicles and mobility-related applications.

Upcoming cross-sector digital regulations such as the EU AI Act, EU Data Act (affecting, amongst other things, the sharing of data from “connected products”) and the EU Cyber Resilience Act (affecting cybersecurity requirements for products with digital elements) will also catch numerous elements of the modern automotive or air mobility ecosystems, from sharing GPS (and Assisted GPS) data, to route planning, to AI-predictive maintenance, to establishing software security standards. Data-focused initiatives such as the EU’s common European mobility data spaces will also impact data access and sharing models in the sector. With so much data now being collected, generated and processed by vehicles, aircraft, drones and their OEMs, the mobility industry will need to keep pace (see our briefing: The Data Act: A Proposed New Framework for Data Access and Porting within the EU).

In addition, new targeted legislative frameworks are in progress in certain jurisdictions to address the evolving use of digital technologies in the mobility sector. For example, Germany has passed a law on highly automated and autonomous driving, the EU has enacted harmonised regulations on civil drones (impacting a broad range of drones, including passenger drones) and, in the UK, the government has announced plans to develop a new legislative framework to allow for the wider rollout of autonomous vehicles by 2025 (see our article: Rollout of autonomous vehicles: UK government plans for a legislative framework).

In summary, the mobility sector is transforming as it adapts to new laws and explores evolving technologies. There remains significant growth potential as the industry pursues new avenues of innovation, such as the shift towards EVs and alternative fuel (for example, e-fuels and fuel cells, or sustainable aviation fuels) – along with parallel developments in.