In 2025, many organizations will have to start reporting their cloud computing carbon emissions.
This change is indicative of a wider expansion to the regulations that require organizations – small, medium, and large – to report the carbon emissions that they produce. Around the world, but particularly in the EU and UK, governments are preparing legislation that requires businesses to report not only on scope 1 and 2 emissions, but scope 3 as well.
Cloud computing emissions must soon be reported by businesses.
Carbon emissions from cloud computing fall under scope 3 of the Greenhouse Gas Protocol (GHG Protocol). The GHG Protocol is an internationally recognized standard for carbon emission measurement and is used as the foundation for most national and international emissions reporting regulations. The GHG Protocol defines three categories of emissions that businesses might produce:
Scope 1: Emissions from sources that an organization owns or operates (such as gas boilers, on-site mechanical combustion, and fuel for fleet vehicles).
Scope 2: Emissions from the purchased electricity an organization powers its operations with.
Scope 3: Emissions from all other activities outside of Scopes 1 and 2. This includes all emissions from the production of a company’s goods and services, as well as logistics, disposal, employee commuting, business travel, and investments.
Scope 3 emissions make companies responsible for the actions that cause emissions across their supply chains. The category prevents companies from outsourcing their emissions to other organizations or avoiding the bulk of their carbon responsibility: scope 3 contributes approximately 70% of an organization’s emissions (CDP, 2024).
Cloud computing emissions fall under scope 3 because they are produced as a result of an organization’s actions. The organization does not actively burn fossil fuels or pay for the electricity that powers the cloud service, but the emissions are produced regardless. Because that quantity of emissions would not exist without the organization’s use of cloud services, the organization must take responsibility for them.
Small, medium, and large EU and non-EU organizations may be in-scope.
The EU’s Corporate Sustainability Reporting Directive comes into force in 2025, requiring many organizations based in or trading in the EU to report all scope 3 emissions. Those that will be in-scope include:
In addition, large companies based or trading in the EU will also have to conduct due diligence into their scope 3 responsibilities under the Corporate Sustainability Due Diligence Directive from 2027.
This expansion of EU regulation is reflective of changing attitudes towards scope 3 reporting in other countries, especially the UK. In 2023, the UK government launched a Call for Evidence to assess the practicalities of introducing mandatory scope 3 reporting for UK businesses. This was followed up in 2024 by the announcement that the government supports the introduction of IFRS Sustainability Disclosure Standards into UK law, which would require scope 3 reporting. Similarly, countries such as Japan, Australia, China, Brazil, and Canada are all in the process of implementing mandatory Scope 3 reporting regimes.
Datacenter emissions may be 662% higher than Cloud Service Providers state.
Few organizations are prepared for the changes to come. Many are not even aware that cloud computing is in-scope of scope 3 reporting requirements. Additionally, the data that is available from cloud service providers such as AWS, Microsoft, and Google is highly questionable: a September 2024 Guardian report found that datacenter emissions are likely to be up to 662% higher than publicly stated. This puts organizations at risk of regulatory punishment if the data they are reporting comes from inaccurate sources – particularly in light of the EU’s due diligence legislation.
Tailpipe offers an independent and thorough analysis of an organization’s scope 3 cloud computing emissions. Its methodology is comprehensive, transparent, and most importantly, accurate. To find out more about how Tailpipe can prepare your organization for increasing regulatory oversight, get in touch with our team here.
