Gujarat’s First AI Data Centre at GIFT IFSC: Legal Framework and Investment Opportunities for Global Investors

Introduction

Gujarat’s maiden artificial intelligence (AI) data centre at the Gujarat International Finance Tec-City (GIFT) International Financial Services Centre (IFSC) represents a watershed moment in India’s digital infrastructure evolution, creating unprecedented investment opportunities for global technology and financial services firms. With a capacity of up to 40 megawatts and adopting an innovative vertical format design, this facility aligns with India’s ambitious sovereign digital initiatives while offering foreign investors a sophisticated regulatory environment characterized by single-window clearances, preferential tax treatment, and streamlined compliance under the International Financial Services Centres Authority (IFSCA). This development positions GIFT City as a strategic hub for AI-intensive financial technology operations, addressing the surging demand for advanced compute power driven by artificial intelligence, machine learning workloads, and data-intensive enterprise applications.​ [1]

GIFT IFSC: Regulatory Architecture and Statutory Framework

Special Economic Zone Status and Governance Structure

GIFT City operates as a multi-service Special Economic Zone (SEZ) under the SEZ Act, 2005, with Section 18 specifically empowering the Government of India to establish International Financial Services Centres within designated SEZs. The IFSCA, constituted under the IFSCA Act, 2019, functions as a unified financial regulator for all financial activities within the IFSC, consolidating powers traditionally distributed among the Reserve Bank of India (RBI), Securities and Exchange Board of India (SEBI), Insurance Regulatory and Development Authority of India (IRDAI), and Pension Fund Regulatory and Development Authority (PFRDA). This principle-based, light-touch regulatory approach significantly reduces administrative overhead and provides enhanced regulatory clarity compared to mainland India’s fragmented oversight mechanisms. The IFSCA has delegated authority under the SEZ Act, streamlining approval processes through a single-window IT system that integrates registration procedures across multiple regulatory bodies including GSTN, RBI, SEBI, and IRDAI, potentially eliminating separate No Objection Certificates (NOCs) from onshore Indian regulators.​ [2] [3]

Applicability to AI Data Centre Operations

The proposed Gujarat’s First AI Data Centre at GIFT IFSC, designed specifically for high-performance, data-intensive AI workloads encompassing training and inference operations, will serve GIFT City’s extensive ecosystem of techfin players, leading banks, and international stock and bullion exchanges. The facility’s vertical architecture optimizes land utilization while incorporating specialized liquid cooling technology and advanced power supply systems compliant with global standards. From a regulatory perspective, entities establishing AI data centre operations within GIFT IFSC can structure themselves either as IFSC units regulated by IFSCA or as SEZ units under the SEZ framework, with corresponding variations in compliance obligations and benefits. The IFSCA (Capital Market Intermediaries) Regulations, 2021 provide a comprehensive regulatory framework for capital market activities, while sector-specific regulations govern payment systems, banking, and insurance operations within the IFSC.​ [4]

Tax Incentives and Fiscal Benefits Under SEZ Framework

Income Tax Holidays and Exemptions

IFSC units operating within GIFT City enjoy substantial income tax benefits under Section 80LA of the Income Tax Act, 1961, which provides 100% exemption on eligible profits or gains for the first five consecutive years, followed by 50% exemption for the next five years, without any sunset clause—a significant advantage over conventional SEZ units governed by Section 10AA, which carried a sunset date of March 31, 2020. Additionally, Minimum Alternate Tax (MAT) applies at a concessional rate of 9% for IFSC units, substantially lower than the standard MAT rate applicable in mainland India. The income tax holiday provisions under Section 80LA specifically target derivative transactions, offshore banking units, and aircraft leasing operations, though their application extends to technology infrastructure supporting such financial services. For operators of the First AI Data Centre at GIFT IFSC, these provisions translate into significant after-tax returns, particularly during the capital-intensive initial development and operational ramp-up phases.​ [5]

Indirect Tax Benefits and Duty Exemptions

Since GIFT City operates as an SEZ, all goods and services provided to locations outside the SEZ qualify as exports attracting a 0% Goods and Services Tax (GST) rate, enabling full input tax credit claims without double taxation burdens. Furthermore, IFSC units benefit from exemptions under the Securities Transaction Tax provisions of Section 98 of the Finance (No. 2) Act, 2004, particularly advantageous for financial intermediaries conducting high-frequency trading and algorithmic transactions requiring robust data centre infrastructure. State-level fiscal incentives include exemptions from Value Added Tax (VAT), stamp duty, and electricity duty as per respective State Government policies, further enhancing the cost competitiveness of operations. The zero-rated GST treatment extends to imports of specialized equipment, including high-performance computing servers, liquid cooling systems, and advanced networking infrastructure essential for AI data centre operations.​ [5] [6]

Foreign Direct Investment Policy and Cross-Border Data Flows

Liberalized FDI Regime for Data Centre Infrastructure

India permits 100% foreign direct investment (FDI) in data centres under the automatic route, subject solely to restrictions applicable to entities from countries sharing land borders with India (Restricted Countries), which require prior government approval where the beneficial owner is situated in or is a citizen of such Restricted Countries. This liberalized FDI policy enables foreign investors to establish wholly-owned subsidiaries or joint ventures with Indian partners without sectoral caps or performance-linked conditions. For GIFT IFSC operations, the regulatory framework provides additional flexibility through foreign exchange liberalization measures, including permission to maintain accounts in freely convertible currencies, absence of capital account restrictions typically applicable in mainland India, and facilitated cross-border fund movements for operational and capital expenditure requirements. The IFSCA’s unified regulatory architecture eliminates the complexity of obtaining multiple approvals from sectoral regulators, significantly compressing approval timelines and reducing transaction costs for foreign investors.​ [7]

Data Localization and Cross-Border Transfer Compliance

Under the IFSCA regulatory framework, all transaction data generated within GIFT IFSC must be stored within the IFSC jurisdiction, with mandatory regular reporting to IFSCA. This data localization requirement, while creating compliance obligations, simultaneously ensures that data processing infrastructure established within GIFT City maintains exclusive custody of high-value financial transaction datasets, a critical consideration for banking, financial services, and insurance (BFSI) players and global capability centres (GCCs) evaluating investment decisions. The Digital Personal Data Protection Act, 2023 (DPDP Act), which governs personal data processing for Indian citizens, creates specific compliance obligations for data centres operating in India, though the precise interplay between DPDP Act requirements and IFSC-specific regulations awaits clarification through subordinate rules expected in 2025. Significantly, the DPDP Act mandates that Data Fiduciaries implement appropriate technical and organizational safeguards to prevent data breaches, with breach notification obligations to the Data Protection Board and affected individuals, and imposes penalties up to INR 250 crores for non-compliance.​ [1]

International Comparative Framework: EU, Singapore, and US Data Centre Regulations

European Union’s Regulatory Approach

The European Union’s General Data Protection Regulation (GDPR), which replaced the Data Protection Directive 95/46/EC, establishes an extraterritorial regulatory regime applicable to any organization worldwide processing personal data of EU residents or demonstrating intent to attract EU customers, irrespective of the data controller’s physical establishment within the EU. The GDPR mandates obligatory reporting of data breaches to supervisory authorities within 72 hours of detection, accompanied by notification to affected individuals in circumstances where the breach poses high risk—a substantially more stringent requirement than India’s DPDP Act, which prescribes breach notification obligations but lacks specific timeframes in the principal legislation. Additionally, the EU’s revised Energy Efficiency Directive, effective October 10, 2023, imposes monitoring and reporting obligations on data centre energy performance, with the first reporting deadline having passed on September 15, 2024. The Corporate Sustainability Due Diligence Directive, which entered into force on July 25, 2024, further requires large enterprises to consider environmental effects in business decisions, potentially impacting data centre site selection and operational parameters. India’s regulatory framework for AI data centres at GIFT IFSC, while incorporating environmental clearance requirements under State-level regulations, currently lacks comparable comprehensive energy efficiency reporting mandates.​ [8]

Singapore’s Foundational Digital Infrastructure Framework

Singapore’s Cybersecurity Act 2018, substantially amended through the Cybersecurity (Amendment) Act 2024 effective May 2024, grants the Commissioner of Cybersecurity expansive powers to oversee data centres designated as “major foundational digital infrastructure”. Designated operators must comply with technical standards, codes of practice, incident reporting protocols, and implement detection and response systems for cyber threats—a proactive regulatory approach emphasizing resilience and security. The forthcoming Digital Infrastructure Act in Singapore will introduce binding standards for cloud and data centre operators, transitioning from the current voluntary Guidelines on Foundational Digital Infrastructure for Critical Information Infrastructure Sectors to mandatory compliance regimes. India’s DPDP Act, while imposing security safeguards and breach notification obligations on Data Fiduciaries, does not currently designate data centres as critical infrastructure subject to sector-specific cybersecurity oversight comparable to Singapore’s framework, though the proposed rules under the DPDP Act may introduce enhanced requirements for Significant Data Fiduciaries. For foreign investors evaluating regulatory risk, India’s evolving data protection landscape necessitates continuous monitoring of rule-making developments and engagement with legal advisors to ensure proactive compliance.​ [1] [8]

United States: Emerging Federal and State-Level Regulations

The United States lacks a comprehensive federal data protection statute comparable to the GDPR or India’s DPDP Act, with data privacy regulations primarily emerging at the state level through statutes such as the California Consumer Privacy Act (CCPA) and its successor, the California Privacy Rights Act (CPRA). Data centre energy efficiency regulations in the US remain largely voluntary, with industry-led initiatives such as the EU’s voluntary Code of Conduct for Data Centres serving as benchmarks for best practices. However, growing Congressional focus on artificial intelligence governance and data security, coupled with increasing state-level legislative activity, suggests a trajectory toward more structured federal oversight of AI data infrastructure. India’s GIFT IFSC framework, combining tax incentives, unified regulation, and operational flexibility within a defined legal perimeter, presents competitive advantages for investors seeking regulatory certainty relative to the fragmented US regulatory landscape. ​[2]

Licensing, Permits, and Operational Compliance Requirements

Telecommunications and Sector-Specific Licenses

Operating a data centre in India involves licensing requirements under telecommunications regulations administered by the Department of Telecommunications (DoT), with specific license categories dependent on the nature of services offered by the investing entity. Data centres providing internet connectivity or telecommunication services may require Infrastructure Provider (IP) licenses or Other Service Provider (OSP) registrations, while those exclusively offering colocation and managed hosting services typically fall outside telecom licensing requirements. Within GIFT IFSC, the single-window clearance mechanism facilitated by IFSCA coordinates telecom licensing approvals, reducing processing timelines and regulatory interface points. Additionally, as data centres represent a combination of real estate, infrastructure, and data operations, comprehensive compliance encompasses operational licenses under State-specific Shops and Establishment Acts, environmental clearances for construction and operation under the Environment Protection Act, 1986, fire safety No Objection Certificates from State Fire Services, and building plan approvals from local municipal authorities.​

Employment, Labor, and Intellectual Property Considerations

Foreign investors establishing AI data centre operations must navigate India’s complex labor law framework, including compliance with the Industrial Disputes Act, 1947, Employees’ Provident Funds and Miscellaneous Provisions Act, 1952, and Employees’ State Insurance Act, 1948, alongside State-level labor regulations governing working hours, overtime, and leave entitlements. For GIFT IFSC entities, certain labor law exemptions and modifications may apply under SEZ regulations, though comprehensive labor compliance audits remain essential. Intellectual property protection for proprietary AI algorithms, software architectures, and data processing methodologies deployed within data centres benefits from India’s robust IP regime under the Patents Act, 1970, Copyright Act, 1957, and Trade Marks Act, 1999, with enforcement mechanisms available through civil courts and specialized IP tribunals. Foreign investors should implement comprehensive IP protection strategies, including trade secret safeguards, employee confidentiality agreements, and vendor data protection clauses to mitigate risks of unauthorized disclosure or misappropriation.​ [1] [3]

Strategic Advantages for Foreign Investors and Market Opportunities

Techfin and BFSI Sector Convergence

GIFT City’s concentration of techfin players, leading banks, international stock exchanges, and bullion trading platforms creates immediate demand for AI-intensive data processing capabilities, particularly for real-time financial transaction analysis, fraud detection, algorithmic trading, and regulatory compliance monitoring. The AI data centre’s capability to analyze vast financial datasets with superior speed and accuracy compared to traditional systems positions it as critical infrastructure for next-generation financial services. Payment system providers, cross-border remittance platforms, and financial market intermediaries increasingly require low-latency, high-availability computing infrastructure to support machine learning models for risk assessment, customer analytics, and transaction processing. Foreign investors with expertise in hyperscale, AI-ready infrastructure can leverage GIFT IFSC as a strategic entry point for serving India’s rapidly expanding digital financial services market while benefiting from IFSC’s regulatory sandbox environment for testing innovative technologies before mainland deployment.​ [2] [5]

Global Capability Centres and Captive Operations

Multinational corporations establishing Global Capability Centres (GCCs) in India increasingly prioritize access to advanced AI computing infrastructure for enterprise applications spanning customer relationship management, supply chain optimization, and business intelligence analytics. GIFT IFSC’s regulatory framework facilitates establishment of captive data centre operations serving global parent entities, with flexible cross-border data transfer provisions, unrestricted currency convertibility, and favorable transfer pricing treatment for intra-group services. The IFSCA’s regulatory framework for payment service providers and financial technology firms specifically contemplates dual operational structures, where entities leverage IFSC operations for international payment flows while maintaining RBI-licensed entities for domestic operations—a model equally applicable to data centre infrastructure supporting hybrid operational models. For foreign investors, this regulatory bifurcation enables optimization of tax efficiency, regulatory compliance costs, and operational flexibility across international and domestic market segments.​

Risk Mitigation and Due Diligence Imperatives

Dynamic Regulatory Landscape and Compliance Monitoring

India’s technology and data protection regulatory framework remains in active evolution, with the DPDP Act rules anticipated in 2025 potentially introducing material compliance obligations around data localization, cross-border transfer restrictions, consent management, and data principal rights. Foreign investors must establish robust legal compliance functions encompassing regular regulatory audits, engagement with specialized legal advisors for real-time monitoring of rule-making developments, and proactive adaptation of operational procedures to emerging requirements. The IFSCA’s principle-based regulatory approach, while providing operational flexibility, requires continuous engagement with the regulator to ensure alignment with evolving supervisory expectations, particularly for novel AI applications lacking established regulatory precedents. Investors should implement comprehensive compliance management systems incorporating Know Your Customer (KYC), Anti-Money Laundering (AML), and Combating the Financing of Terrorism (CFT) protocols, mandatory disclosure requirements, transaction data segregation, and grievance redressal mechanisms as prescribed under IFSCA regulations.​

Land Acquisition, Environmental, and Infrastructure Risks

While GIFT City offers developed, cutting-edge infrastructure within a planned SEZ environment, investors must conduct thorough due diligence on land title, encumbrances, environmental clearances, and utility availability. The vertical format architecture adopted for the First AI data centre at GIFT IFSC, designed to minimize land disruption and optimize space efficiency, requires specialized construction expertise and adherence to building codes for high-rise structures accommodating heavy computing equipment and cooling systems. Environmental compliance encompasses obtaining clearances under the Environment Protection Act, 1986, for construction activities, water usage, and waste disposal, alongside ongoing monitoring obligations for air quality, noise levels, and hazardous waste management. Power infrastructure adequacy represents a critical consideration, with AI data centres consuming substantial electrical capacity; GIFT City’s established power infrastructure supporting three international exchanges provides foundational reliability, though investors should validate capacity allocation and backup power arrangements. Foreign investors should engage technical consultants for independent verification of infrastructure specifications, utility commitments, and service level agreements prior to finalizing investment decisions.​ [3]

Conclusion and Investment Outlook

Gujarat’s first AI data centre at GIFT IFSC represents a compelling investment opportunity for foreign technology infrastructure providers, hyperscale operators, and financial services firms seeking strategic positioning in India’s rapidly expanding digital economy. The convergence of substantial tax incentives under the SEZ framework, unified regulation through IFSCA, operational flexibility for cross-border data and capital flows, and proximate access to a sophisticated financial services ecosystem creates differentiated competitive advantages relative to mainland India operations. While investors must navigate evolving data protection regulations under the DPDP Act, telecommunications licensing requirements, and multi-layered environmental and labor compliance obligations, GIFT IFSC’s single-window clearance mechanism and principle-based regulatory approach significantly compress approval timelines and reduce administrative friction. The project’s phased development structure, aligned with demand projections and infrastructure readiness, enables calibrated investment deployment mitigating construction and demand risks. Foreign investors should prioritize comprehensive legal due diligence, engage specialized Indian legal counsel with IFSC regulatory expertise, and establish proactive compliance monitoring systems to capitalize on this transformative infrastructure development while managing regulatory evolution risks. As India positions itself as a global hub for AI innovation and sovereign digital initiatives, GIFT IFSC’s AI data centre infrastructure will serve as foundational architecture supporting the nation’s ambitions, creating sustained investment opportunities for global technology leaders.

References:

[1] Foreign Investors’ Guide to setting up a Data Center in India: Legal, Regulatory, and Operational Guides Available at: https://www.barandbench.com/view-point/foreign-investors-guide-to-setting-up-a-data-center-in-india-legal-regulatory-and-operational-guides

[2] FIG Paper No 49: IFSC, GIFT City: A New Legal Frontier for Cross-Border Payments Available at: https://corporate.cyrilamarchandblogs.com/2025/08/fig-paper-no-49-ifsc-gift-city-a-new-legal-frontier-for-cross-border-payments/

[3] Regulatory Framework of the Gujarat International Financial-Tech (GIFT) City: A Primer Available at: https://sarvaankassociates.com/wp-content/uploads/2024/06/GIFT-City-Regulatory-Framework_compressed.pdf

[4] Gujarat International Finance Tec-City Available at : https://api.giftgujarat.in/public/tool-guiedes-for-setting/DoingBusinessatIFSC.pdf

[5] Various Tax, Fiscal and Economic Benefits for Operating in Gift City (India’s IFSC) Available at: https://taxguru.in/sebi/tax-fiscal-economic-benefits-operating-gift-city-indias-ifsc.html

[6] Setting Up Business in GIFT City: Tax Advantages Available at: https://www.ascentium.com/in/blog/maximize-tax-benefits-by-setting-up-business-in-gift-city/

[7] Legal Framework Underway to Establish India’s GIFT City as a Global Accounting Hub Available at https://www.india-briefing.com/doing-business-guide/india/where-to-invest/legal-framework-underway-to-establish-india-s-gift-city-as-a-global-accounting-hub

[8] Data Compliance Requirements under the DPDP Act, 2023 Available at: https://tsaaro.com/blogs/data-compliance-requirements-under-the-dpdp-act-2023/