FCC Waiver Delay and Hidden Water Costs in AI

A Data Center’s Thirst and a Regulator’s Reluctance

Last month, a cooling tower at a major AI infrastructure hub in northern Nevada consumed 30 million gallons of water over a three-month period without triggering alerts. The facility’s operators, relying on automated scripts that masked abnormal usage spikes, noticed nothing until a local water board raised questions during a routine audit. This silent crisis mirrors a decision by the Federal Communications Commission this week to delay a foreign router ban until 2029, extending a waiver that allows manufacturers like Huawei and ZTE to update existing hardware. Together, these events reveal a pattern: infrastructure decisions made in haste or secrecy, with long-term consequences obscured by opacity and regulatory inertia.

The FCC’s extension of its cybersecurity waiver through December 2029 grants companies until then to phase out routers from firms deemed national security risks. The agency cited “interoperability challenges” and “supply chain limitations” in its announcement. Meanwhile, the data center’s operators—whose water overuse was eventually traced to malfunctioning cooling systems—face fines but no mandate to adopt more efficient infrastructure. Both cases highlight a recurring theme in modern tech: problems are allowed to fester until they become crises.

The FCC’s Waiver and the 2019 Precedent

The 2029 deadline aligns with the original date for removing Huawei and ZTE hardware from U.S. networks, a policy pushed through by the Trump administration in 2019. That rule, which banned new installations of Chinese-made routers, was delayed twice due to industry lobbying. Critics argue the FCC’s latest extension—despite repeated warnings from the Department of Homeland Security about vulnerabilities in legacy devices—repeats the mistake of the 1996 Telecommunications Act, which prioritized corporate flexibility over security. “When regulators let companies delay hard decisions, they create blind spots,” said David Hoffman, a former NIST cybersecurity advisor. “The 2029 deadline assumes a stability that doesn’t exist in 2025.”

The waiver’s extension is particularly contentious given the rise of generative AI. Training centers now require 100,000+ GPU clusters, many of which rely on the same unpatched routers the FCC is delaying removal of. A 2023 audit by the GAO found that 34% of AI infrastructure facilities still use Huawei hardware, with no clear contingency for replacement. This creates a dual-track risk: both cybersecurity exposure and physical infrastructure fragility, should the hardware fail during an AI model deployment.

Water Consumption and the AI Paradox

The data center’s 30 million-gallon leak underscores a contradiction in AI’s environmental footprint. While tech firms tout energy-efficient algorithms, the industry’s water usage remains untracked by most regulatory frameworks. The Nevada facility, which serves a major cloud provider, fell into a trap seen in the 1973 oil crisis: systems optimized for one resource (electricity) neglected another (water). Cooling systems there were designed for maximum energy efficiency, but this led to over-pumping aquifers. “When you design for one metric, you create blind spots in others,” said Priya Kapoor, a water policy researcher at Stanford. “This is why smart grids today still fail at basic load balancing—because the metrics are misaligned.”

The incident also exposed a regulatory gap. The data center operated under a 1980s-era water permit that allowed unlimited consumption as long as usage was “non-domestic.” This classification, originally intended for agriculture, now applies to tech infrastructure. The EPA has no mandate to audit non-domestic water use in real time, a loophole the industry has exploited for years. In contrast, the EU’s 2021 Water Framework Directive requires quarterly monitoring of all industrial users—a standard absent in the U.S.

What to Watch in 2025

Three decisions will determine whether these issues escalate into full-scale failures. First, the FCC must decide by mid-2025 whether to allocate $2.5 billion in emergency funding for router replacements. If it delays again, AI firms risk having no path to compliance by 2029. Second, the EPA will propose new guidelines for industrial water use by September 2025. A failure to close the non-domestic loophole could lead to more undetected overuse, as seen in California’s recent drought lawsuits. Third, the Department of Energy will release a report this quarter on how AI training centers can reduce water consumption without compromising output speeds. This is the industry’s last chance to prove it can manage multiple infrastructure constraints simultaneously.

The parallels to the 2008 financial crisis are striking: opaque systems, delayed regulatory action, and a belief that complexity could be managed rather than restructured. In 2025, the same overconfidence is evident in both the FCC’s timeline and the water board’s permitting rules. The difference this time is that the failures are physical: routers will stop routing, and aquifers will run dry. Neither problem admits to a software fix.