Stay informed with free updates
Simply sign up to the Big Tech myFT Digest — delivered directly to your inbox.
The writer is director of Europe and transatlantic partnerships at the Open Markets Institute
In its scale and societal importance, cloud computing now resembles a public utility. Nearly all of us depend on it in our daily lives — when we read the news, pay our taxes, check in for a flight or look up our medical results online. Yet its essential role is being undermined by the risks inherent in over-centralisation.
Unlike traditional utilities, the dominant cloud providers Amazon, Google and Microsoft — which together control two-thirds of the global market — operate with minimal transparency or public oversight. This leaves governments, businesses and citizens vulnerable to systemic risks, while giving these corporations immense power to shape the digital economy to their advantage.
It is no accident that the same behemoths that dominate ecommerce, digital advertising and operating systems also control the cloud computing infrastructure that underpins these services.
Cloud is an extraordinarily capital-intensive business, with high barriers to entry and significant network effects. The data, technological capabilities and financial reserves controlled by these behemoths secured them advantages that smaller, independent rivals simply couldn’t match when cloud computing began to take off.
But the companies haven’t just benefited from structural advantages; they’ve also engaged in anti-competitive practices, as documented by competition authorities across Europe, the US, Australia and Japan. These include opaque and discriminatory pricing, technical barriers to switching provider, excessive fees for data transfers and bundling cloud services with other products.
The resulting concentration of both control and capacity is worrying for several reasons. First, centralised infrastructure is highly susceptible to espionage, sabotage, human error and natural disasters. These vulnerabilities become national security threats when they affect sensitive state functions.
Second, the dependence of many nations on a small number of US cloud giants is a geopolitical threat. Several existing US laws — including the Cloud Act — require providers to hand data to the American government when asked, even if stored on foreign soil.
Third, Big Tech’s cloud oligopoly undermines innovation. In artificial intelligence, for example, tech giants have been accused of trading cut-price access to cloud resources for intellectual property rights, equity stakes and strategic influence over leading start-ups, reinforcing their dominance across the sector.
How should governments respond? Fortunately, most of the tools we need to address these problems already exist. Established frameworks — including utility regulation, competition policy and public procurement — can be drawn on to restructure and govern cloud infrastructure in the public interest.
For instance, regulators should mandate fair and non-discriminatory access to cloud services, mirroring rules already applied to telecoms. This should include transparent, consistent pricing and a ban on unfair contract terms. Providers should be required to implement robust processes to ensure the stability and security of their infrastructure, with regular audits and stress tests.
Governments should also rethink their procurement practices. Public institutions should not reinforce monopoly power by defaulting to the dominant providers.
Finally — and most ambitiously — governments should consider structural separation. Requiring Amazon, Google and Microsoft to spin off their cloud divisions would eliminate their ability to use this critical infrastructure to extend their dominance into new markets.
With the right tools and political will, we can ensure cloud infrastructure serves the public good — not just Big Tech’s profit margins.