Why the centralized internet is broken, why the decentralized web is the solution, and why that matters to you

The current internet is highly centralized. Large parts of our digital infrastructure depend on a handful of central data centers, platforms, and service providers, often operated by foreign tech giants. This model brings several structural problems. Below, we highlight eleven major issues, with a focus on examples from Europe and the Netherlands (from mid-2022 onward). We conclude by briefly outlining a possible alternative in the form of a decentralized internet (ThreeFold), which aims to address several of these problems.

1. Vulnerability of the centralized model

Single points of failure

In a centralized internet, single points of failure pose a major risk. A single malfunction or attack can affect millions of users. For example, a rare summer storm in July 2023 in the Netherlands severed a single fiber optic cable between two Microsoft data centers. As a result, Azure services across the Western Europe region were disrupted for hours. Microsoft confirmed that the remaining connections were overwhelmed, causing a chain reaction of packet loss and outages. Everything was restored only after ~13 hours. This incident showed that even with redundant connections, a single bottleneck can have major consequences.

Large-Scale Cloud Outages

Such incidents happen more often. In January 2023, Microsoft faced a global Azure outage, which took down services like Teams and Outlook. More than 500 million users rely on Azure Cloud; an outage thus creates a domino effect on numerous services. Reuters calculated that virtually all major global companies use Azure, meaning a single error or update could affect millions. Other Big Tech platforms have faced similar outages, underlining how vulnerable our digital society is when too many critical systems rely on the same centralized infrastructure.

Centralization Creates Fragility

In short, centralization creates single points of failure that can cause massive disruption, both physically (fiber cables, data centers) and digitally. Experts emphasize that concentrated hubs in networks are concentrated points of vulnerability. Therefore, redundancy and decentralization are essential to mitigate such risks.

2. Environmental Burden of Centralized Data Centers

Cooling Water Consumption and Water Scarcity

Centralized hyperscale data centers are not only an IT risk, they also pose a burden to the environment and the surrounding living environment. In Europe, concerns mainly focus on water usage and land consumption. Large data centers consume enormous amounts of (cooling) water – often clean drinking water – to keep their servers cool. A relatively small 1 MW data center can consume up to 26 million liters of water annually, equivalent to the annual usage of around 62 households. Many large centers use evaporative cooling systems, where water disappears permanently into the atmosphere. This locally contributes to water scarcity, especially in dry periods.

The Meta Data Center Controversy in the Netherlands

These concerns were explicitly raised around the (now cancelled) Meta data center in Zeewolde. This hyperscale data center was projected to consume large amounts of groundwater, alarming local residents. In 2022, massive local resistance emerged due to fears of exhausting the local water supply. The Dutch government ultimately intervened and revoked the zoning approval for Meta’s data center. This unprecedented decision – driven by concerns over groundwater and the landscape – illustrates the environmental impact such centralized data centers can have.

Growing Political and Social Tension in Europe and Beyond

Elsewhere in Europe, tensions are also rising. Researchers have noted that data centers in water-scarce regions increase political and social risks. In 2023, citizens in Uruguay protested against new Google data centers during the worst drought in 74 years. In the Netherlands, drinking water is scarce during hot summers, and data centers then compete with civilians and farmers for this essential resource.

Electricity Grid Congestion and Land Use

Aside from water, there are concerns around energy use and land consumption. Hyperscale centers consume so much electricity that local grids become overloaded. In the Amsterdam region, electricity capacity became so scarce that in 2022 the municipality issued a construction freeze on new data centers. Only those considered “essential for Amsterdam” were still allowed. The density of data centers pushed the energy grid to its limits, endangering network reliability.

In addition, valuable agricultural land is lost to massive server halls, another major point of criticism in Zeewolde and beyond.

A Growing Environmental Burden

In summary, data centralization leads to concentrated environmental burdens. Large data centers act like “water vultures” and infrastructure gluttons. On a small and densely populated continent like Europe, this leads to protests and forces policymakers to intervene. Governments are now imposing stricter requirements on cooling and water usage, and some EU regulations require more transparency around environmental impact. But the fundamental question remains: is such centralization compatible with sustainable and just development, especially in vulnerable regions?

3. War and Geopolitics: Data Centers as Strategic Targets

Data Infrastructure as a Military Target

In times of crisis or war, central digital hubs become strategic targets. Data infrastructure is now so deeply integrated into economic and governmental systems that hostile actors prioritize disabling or exploiting it. Europe has become increasingly aware of this vulnerability, especially since the war in Ukraine.

Missile Strikes on Ukrainian Data Centers

During the early days of the Russian invasion in February 2022, Russian forces launched targeted missile strikes on Ukrainian government data centers. A major data facility in Kyiv was hit, severely disrupting government digital communication. Because much sensitive data was stored locally, the physical destruction of servers led to direct information loss. Ukraine eventually had to migrate its data to cloud servers abroad, with support from Microsoft, to maintain continuity.

This case is now viewed as a wake-up call for other nations: centralized data centers are no longer neutral infrastructure, they are considered legitimate military targets, just like power plants or bridges in earlier eras.

European intelligence services now work from the assumption that, in the event of a conflict (e.g., with Russia), critical IT hubs could be attacked both physically and digitally.

Dutch Policy Shift: “Too Big to Fail”

The Dutch government has formally recognized this risk. Since September 2023, large multi-tenant data centers have been officially designated as vital infrastructure. The official reasoning is that failure of such data centers could realistically cause societal disruption and cascading failures. They are described as “too big to fail.” A prolonged outage would severely compromise national digital continuity.

This new classification comes with legal obligations: operators must now implement advanced security protocols and comply with mandatory incident reporting requirements under the EU’s NIS2 directive.

DDoS Attacks and Information Warfare

In addition to physical risks, cyber threats are escalating. During geopolitical tensions, DDoS campaigns and digital sabotage can paralyze key digital services. European institutions and companies are increasingly targeted by pro-Russian hacker groups. These assaults are not random, they are part of broader strategies to destabilize public trust and interrupt communication channels.

Data Centers as a Matter of National Security

In short: centralized internet infrastructure and data centers are no longer neutral, they are strategic targets in modern warfare. Both physical attacks (as in Ukraine) and digital disruptions (as seen across Europe) illustrate the risks of centralization. National governments are responding with new designations and security frameworks, recognizing that digital infrastructure is now a core component of national defense.

4. Lack of Control Over Your Own Data

Centralization Means Loss of Data Sovereignty

A direct consequence of internet centralization is that users – citizens, companies, and governments – lose effective control over their data. In today’s model, our information often ends up in distant cloud servers or with a few dominant platforms, usually owned by foreign corporations. This raises major questions about data sovereignty, especially in Europe, where privacy regulations are stricter.

The Meta Case: Billions in Fines and Data Repatriation

A striking example is the legal battle over EU–US data transfers. In May 2023, Meta (Facebook) was fined €1.2 billion by the Irish Data Protection Authority for transferring European user data to U.S. servers. The reason: such transfers expose data to U.S. surveillance laws like FISA 702, violating core EU privacy rights. In addition to the fine, Meta was ordered to repatriate all previous EU Facebook data to data centers within Europe.

This unprecedented sanction highlights how little control Europeans—users or regulators—have once their data is placed with a U.S.-based cloud provider. American law can override European privacy wishes.

Systemic Exposure to Foreign Surveillance

And it’s not just Facebook. All major cloud providers – Amazon AWS, Google, Microsoft Azure – are based in the U.S. and subject to similar surveillance laws. European concerns include the risk that sensitive personal data or business secrets are accessible to foreign intelligence services through legal backdoors. The Snowden revelations in 2013 already showed that the NSA had direct access to data at Big Tech companies via programs like PRISM. That led to the annulment of the old Safe Harbor agreement and later of the Privacy Shield by the European Court. Nonetheless, in practice, EU data continued to flow en masse to American clouds, hence the recent sanctions and the creation of a new EU–US Data Privacy Framework.

But critics such as privacy activist Max Schrems question whether this new agreement will hold up in court as long as U.S. surveillance law remains unchanged.

Vendor Lock-In and Platform Dependency in Europe

Loss of control is also an issue closer to home. European companies and governments often experience vendor lock-in with major cloud providers, making it difficult to migrate or self-manage their data (see also point 7). Additionally, many essential online services are privately owned. Think of Gmail/Outlook for email, Office365 or Google Docs for documents, and social media for communication. If a service unilaterally changes its terms or deletes data, individual users are powerless.

In 2022, for example, there were reports of companies being restricted or removed from cloud platforms due to geopolitical sanctions, leaving them temporarily unable to access their own data.

The European Response: Digital Sovereignty Initiatives

European policymakers are responding with initiatives aimed at digital sovereignty. There is a growing call to regain “control over one’s own data.” Projects like Gaia-X (a European cloud federation initiative) and legislation such as the Data Act (2024) aim to improve data portability and reduce dependency. The core goal is for Europe to no longer be merely a data colony of the United States.

A 2024 Clingendael report showed that 9 out of the 10 largest GDPR fines were issued to U.S. tech firms. This underscores how often Big Tech violates EU rules, usually due to a lack of transparency or user control.

Reclaiming Control Requires Structural Change

Nevertheless, in practice, most European data today is still not “under our own control.” We still rely on the promises of third parties. Whether they are European, National or local, they remain a ‘third party’. Regaining control requires either a fundamentally different internet architecture or strict oversight of dominant players. Awareness is growing that “whoever owns the servers, holds the power”, and Europe increasingly wants that power to reside within its own region.

5. Mass Surveillance via Centralized Infrastructure

Centralization Enables Efficient Surveillance

Centralization makes mass surveillance easier, both by governments and by corporations. When data flows pass through a handful of datacenters and are stored by only a few entities, it creates the perfect setup for widespread monitoring. Europe has painful experience with both indiscriminate state surveillance and private misuse of user data.

Government Surveillance: Legal Overreach in Europe

The EU has strong privacy laws, but member states have at times pushed (and crossed) the legal boundaries. A classic example is the retention of communications metadata (telephony/internet). The European Court of Justice has repeatedly ruled (since 2014) that generalized mass surveillance – such as mandatory storage of all phone and internet data of citizens – violates fundamental rights. Yet several countries largely ignored this. Ireland, Belgium, France, the UK, and others maintained broad retention obligations in the name of national security.

For example, in 2021 France’s highest administrative court approved a law allowing continuous bulk data retention due to a “permanent terrorism threat.” This is effectively a legal bypass of the EU ban—but in practice, it means many European citizens are still being preventively monitored via centralized telecom and internet provider databases.

Dutch Case: The “Sleepwet” and Internet Tapping

The Netherlands, for example, had the “Sleepwet” (Intelligence and Security Services Act of 2017), which permits broad cable tapping. After public protest, the law was slightly amended, but intelligence services still have wide access to internet hubs.

Corporate Surveillance: Ad Tech and Platform Exploitation

The situation is no better on the corporate side. The centralized advertisement model of Big Tech relies on mass data collection. Platforms like Facebook, Google, and TikTok gather behavioral data from hundreds of millions of Europeans to build detailed user profiles. This is enabled through centralized infrastructure like tracking pixels and cookies that monitor our internet behavior at scale.

Scandals like Cambridge Analytica showed how such centralized datasets (e.g. Facebook’s social graph) can be abused for political manipulation. Major platforms have also experienced repeated data breaches, exposing personal information of millions of users.

The GDPR’s Limits and the Persistence of Central Logging

The EU is trying to push back through the GDPR with some success (see the fines in points 4 and 6). Still, if you watch a video on YouTube, it’s centrally logged by YouTube. If you post something on Facebook, it’s centrally analyzed by AI systems. Smartphone data typically flows through just a few cloud servers that can, if needed, be monitored. This asymmetry – users decentralized, data centralized – makes mass surveillance both economically attractive and technically feasible.

Cross-Border Espionage Enabled by Centralized Networks

Centralized internet infrastructure even facilitates cross-border espionage. The Snowden revelations showed that U.S. and U.K. intelligence agencies could directly tap transatlantic fiber cables and intercept data at major internet exchange points. This allowed them to extract vast amounts of European communication in one go. In a decentralized network, this would be far more difficult because there’s no single hub where everything converges.

Surveillance Built into the Architecture

Where data clusters, curious eyes gather. Europe struggles to protect citizens from both Big Brother and Big Tech. The centralized model puts them at a disadvantage. Only by breaking that model – or by implementing strong decentral encryption and federation – can access for mass surveillance truly be limited. Until then, the infrastructure remains an open invitation for anyone who wants to watch on a large scale.

6. Infrastructure Risk: The Single Point of Failure Problem

Centralized Internet = Central Weak Spots

A core problem of centralization is that many people or systems become dependent on a few critical points, whether that’s a DNS server, data center, cloud provider, or telecom node. If something goes wrong at such a central hub, the consequences can be massive and far-reaching. This is known as the single point of failure.

When DNS Fails: No One Gets Online

A well-known example occurred in July 2022, when Cloudflare’s DNS services went offline, taking down websites like Discord, Shopify, and Peloton for hours. Cloudflare is one of the largest DNS providers in the world. When its routing system malfunctioned, millions of users worldwide were unable to access the web, even though their own internet connections and devices were working fine. All because of one point in the infrastructure.

Data Center Fires and the Chain Reaction Effect

Another example is the 2021 fire at the OVH data center in Strasbourg. OVH is Europe’s largest cloud hosting provider. The fire destroyed entire server halls, causing thousands of websites – from news platforms to government portals – to go offline permanently. Some companies lost years’ worth of data and couldn’t recover because they had stored everything in one centralized location.

Although OVH had a backup plan, the backup servers were in the same building. This failure sparked debate about how “resilient” centralized cloud actually is.

Congestion on the Grid: Too Much in One Place

Centralization also causes pressure on other infrastructure. In Amsterdam and other tech hubs, data centers and server parks consume so much energy that the electricity grid becomes congested. In 2023, a moratorium was imposed in parts of the Netherlands on the construction of new server facilities due to capacity shortages. Here, too, the concentration of usage in a few spots creates a fragility that affects the entire network.

A Single Provider Can Paralyze Governments

Governments themselves are not immune. In 2023, the Danish government experienced a major outage after a central IT supplier, KMD, had technical problems. Multiple digital public services were offline for hours, including tax systems and citizen portals. Critics warned that the Danish government had become too dependent on a single commercial provider for basic digital services.

Cloud Providers: Convenience at the Cost of Resilience

The same applies to cloud storage. If everyone’s files are in the same cloud (e.g., Google Drive or Microsoft OneDrive), an incident – technical or political – can affect millions at once. In 2021, a misconfiguration at Facebook’s servers took down Facebook, WhatsApp, and Instagram for nearly 6 hours. The company lost billions in market value, and millions of users worldwide were suddenly without communication.

This case demonstrates how much reach a single central actor can have and what happens when that actor fails.

Centralization Makes the Internet Fragile

In summary: the more we centralize, the more brittle the system becomes. Every layer of the internet – from nameservers and hosting to apps and telecom – is now partly dependent on a handful of providers or locations. One problem there can cascade across entire countries or continents. Decentralization is not just a political or ethical goal, it is essential for a resilient and robust internet.

7. Vendor Lock-In and the Loss of Technological Freedom

What Is Vendor Lock-In?

Vendor lock-in occurs when a user (person, company, or government) becomes so dependent on a provider’s technology, platform, or infrastructure that switching becomes difficult, costly, or practically impossible. Centralized services often make this dependency intentional. Once you’ve committed your data, applications, or workflows to one provider, leaving comes at a price.

Proprietary Standards and Closed Ecosystems

Large cloud platforms such as Microsoft Azure, Amazon AWS, and Google Cloud use proprietary tools and formats that are not always compatible with other systems. This makes migrating to another provider a technical challenge. For example, if your organization uses Microsoft’s entire stack – email via Outlook, documents via OneDrive, collaboration via Teams – moving to a different setup would require retraining staff, transferring data, and potentially losing functionality.

In some cases, key functions are only available within the ecosystem, so competitors can’t offer a true alternative.

Lock-In in Government and Education

Governments and schools are particularly affected. A 2023 report from The Register described how German state agencies were deeply locked into Microsoft 365, even after the software was found to violate the GDPR in some configurations. Due to vendor lock-in, they couldn’t easily switch to privacy-friendly or open-source alternatives.

The same applies to Dutch municipalities, which often depend on a small number of software suppliers. Contracts are lengthy, customization is high, and exiting the partnership can take years.

Cloud Lock-In: “Pay to Leave”

In the cloud sector, there’s a phenomenon known as egress fees; providers charge extra money when customers try to move their data to a competitor. This means: uploading data is cheap or free, but downloading it again costs money. Critics see this as a deliberate barrier to exit.

An article from EU Techloop explained how these lock-ins hinder innovation and limit user freedom. Companies become “trapped” in a tech stack that no longer serves their needs, but exiting is too costly or risky.

End-User Examples: App Stores and Streaming

Vendor lock-in also affects ordinary users. Apple users, for instance, are tied to the App Store, iCloud, and Safari. Android users are largely dependent on Google Play, Gmail, and Google Docs. Streaming services like Spotify, Netflix, and YouTube make it difficult to export playlists or history.

This dependence has behavioral consequences: users become less likely to explore alternatives or demand better terms.

EU Data Act: A First Step?

The European Union is trying to tackle lock-in through the Data Act (2024), which requires cloud providers to make switching easier and data more portable. It also introduces a ban on excessive egress fees and encourages interoperability between services. The act is seen as a first step toward technological freedom for users.

However, critics argue that enforcement will be challenging, and Big Tech may find new ways to retain control through technical tricks or contractual clauses.

Centralized Systems Keep You Trapped

Vendor lock-in is not a side effect, it’s a core part of many centralized business models. It creates dependency, reduces freedom of choice, and raises the cost of change. As long as infrastructure and platforms are controlled by a few dominant players, real digital autonomy will remain out of reach.

8. Freedom of Information and Platform Censorship

Centralized Platforms as Global Gatekeepers

In a centralized internet, a small number of tech platforms act as global gatekeepers of information. They decide what content is visible, which voices are amplified or silenced, and who can participate in the public conversation. These are private corporations – not democratic institutions – yet they wield tremendous influence over freedom of expression and public discourse.

Censorship of Independent Experts and Professionals

Many Europeans experience content removals, account suspensions, and visibility restrictions without clear explanations. This affects independent professionals, scientists, journalists, and everyday users. Sometimes, this results from automated moderation; in other cases, vague or inconsistently applied community guidelines are cited.

A documented example: several Dutch general practitioners and scientists had their content removed on YouTube, Facebook, and LinkedIn for sharing critical insights on health issues. In one case, a Dutch medical expert was banned from LinkedIn after sharing a link to a peer-reviewed article in The Lancet. The platform reversed its decision only after national media attention. During the suspension, the professional lost access to their network and visibility, impacting their practice.

This and other cases were described on BLCKBX, an independent Dutch media platform.

Political Crises and Shifting Moderation Policies

During times of geopolitical tension, centralized platforms often change their policies under government pressure. After Russia’s invasion of Ukraine, for example, the EU instructed platforms to block the Russian news outlets RT and Sputnik. Major platforms complied immediately, not only by removing content but by restricting searches and recommendation algorithms.

This shows how quickly political decisions can ripple through centralized platforms, impacting access to alternative perspectives, regardless of content legality or local context.

Invisible Censorship Through Algorithms

Even without formal bans, algorithms shape what we do or do not see. Content can be technically still online, but practically invisible due to downranking, deboosting, or demonetization. This form of algorithmic censorship is opaque and hard to challenge. Users don’t always realize their content is being suppressed, which makes resistance difficult.

Lack of Transparency and Fair Appeal

When content is removed or accounts suspended, users often receive vague notifications like “violation of community standards.” No clear explanation. No due process. Appeals are slow or ineffective, especially for smaller accounts or non-English users.

This erodes trust in digital platforms and undermines legal certainty. Private companies are effectively enforcing public norms, but without proper procedures, oversight, or accountability.

European Regulation: A Start, Not a Solution

The EU has attempted to address this through the Digital Services Act (DSA), effective since 2023. The DSA requires platforms to publish more data on content moderation and provide better appeals processes. This is a step in the right direction, but enforcement is complex and platforms still retain wide discretion.

Furthermore, the DSA doesn’t fundamentally change the centralized nature of content control. The power to decide what may be said remains with the platforms.

Censorship Is Baked Into the System

The structure of the centralized internet makes censorship – whether political, commercial, or algorithmic – easier and more scalable. If a platform decides to remove you, there is often no recourse. A decentralized system, in which no single actor can control speech across the entire network, is essential for protecting freedom of information in the digital age.

9. Erosion of Digital Identity and Autonomy

From User to Product: Your Identity Is Monetized

In a centralized internet, users are often not the customer, but the product. Your behavior, preferences, interactions, and even emotions become data points in a vast commercial ecosystem. This undermines your autonomy: instead of acting freely online, your digital identity is shaped and exploited by others.

Your attention is captured, your decisions influenced, and your profile sold to advertisers, AI trainers, and data brokers. The more centralized the infrastructure, the easier it is to aggregate and commercialize identity.

Fragmented and Dependent Identities

A typical internet user has dozens of accounts across different platforms, each with their own login, profile, settings, and behavioral history. These identities are not truly yours: they exist on someone else’s server, and they can be deleted, suspended, or altered without your consent.

For example, if you lose access to your Google or Apple account, you may instantly be locked out of your email, documents, photos, calendar, and payment apps. Your digital self is fragmented and fundamentally dependent on external actors.

The Rise of Algorithmic Identity

Platforms increasingly build predictive models based on your behavior. These models determine what you see, how you’re categorized, and what’s recommended to you. Over time, this affects your self-perception and behavior. Your identity is no longer just what you say or choose, but what the system predicts or assumes about you.

This phenomenon, known as algorithmic identity, can entrench stereotypes, amplify biases, and limit personal development. It reinforces the status quo instead of encouraging exploration or growth.

Digital Death: What Happens When You’re Banned?

In extreme cases, users experience digital death: their accounts are permanently removed from essential platforms. This can happen to whistleblowers, controversial figures, or simply due to errors in moderation systems. Suddenly, someone loses access to years of work, connections, or memories.

This reveals how fragile our digital identity is when it’s hosted centrally. There is often no alternative, no warning, and no appeal.

No True Ownership Without Decentralization

Without control over the infrastructure, true digital autonomy is impossible. You don’t own your data, your identity, or your digital relationships. You’re merely allowed to use them, temporarily and conditionally.

Decentralized identity systems (like self-sovereign identity, SSI) are being developed to address this. These systems give users cryptographic control over their digital persona. But until such systems are mainstream and supported by decentralized infrastructure, most people remain digital tenants. Never owners.

Autonomy Requires Infrastructure Control

To be truly free and autonomous online, people need more than privacy settings and user agreements. They need control over the underlying systems that define their identity. Centralized platforms offer convenience, but at the cost of freedom. A decentralized architecture is the only sustainable way to ensure that your digital self remains truly yours.

10. Loss of Community Ownership and Participation

The Internet Was Once a Commons

In its early days, the internet was a decentralized network built on open standards, maintained by academic and grassroots communities. Local internet service providers, community-hosted servers, and public infrastructure played a key role. Participation and contribution were common. Users were co-creators, not just consumers.

This structure enabled a sense of ownership and belonging. Communities managed their own mailing lists, forums, and websites. Governance was collaborative, not corporate.

Centralization Replaces Communities with Corporations

Today, most internet services are owned and operated by a handful of global corporations. The infrastructure is proprietary, the rules are top-down, and community participation is limited to feedback forms or comment sections. Decisions are made by executives, not users.

This shift from community infrastructure to corporate platforms means that people no longer have a stake in the systems they depend on. There’s no co-determination, no transparency, and often no accountability. It leads to disempowerment and detachment.

Content Creation Without Control

Millions of people spend their time creating videos, posts, memes, reviews, and artworks online. But most of this happens on platforms like YouTube, TikTok, Instagram, or Medium, where the creators have no ownership over the infrastructure, limited access to monetization tools, and no say in policy changes.

Algorithms decide visibility, demonetization can happen without warning, and terms of service can change at any time. Creators build their digital homes on rented land.

Lack of Local Resilience and Digital Sovereignty

When digital infrastructure is centralized and globally operated, communities lose local resilience. A neighborhood, town, or region cannot maintain or modify its own digital services. If Facebook goes down, even local school groups or volunteer networks disappear. If Amazon Web Services crashes, thousands of local businesses go offline.

This is especially problematic during crises, when local digital autonomy could make the difference between functioning systems and widespread disruption.

Participation Becomes Performance

Central platforms reward performance over participation. Metrics like likes, followers, and views incentivize users to produce content that pleases algorithms, not necessarily content that builds relationships or solves problems. Community becomes commodified. Dialogue turns into broadcast. Civic engagement is replaced by viral entertainment.

In this environment, genuine participation and deliberation – hallmarks of healthy communities – are marginalized.

Reviving the Commons Through Decentralization

Decentralized networks offer a path back to community ownership. Projects like ThreeFold, Mastodon, and Nextcloud show that it is possible to build open, federated systems that users can host, manage, and govern themselves.

In these models, communities can choose their own rules, manage their own infrastructure, and collectively shape their digital space. Participation becomes meaningful again, because it happens in systems that users partly own.

From Consumers Back to Contributors

If the internet is to serve the public good, users must regain a role in its design, maintenance, and governance. Centralized systems treat us as consumers. Decentralized models invite us to become contributors again. Only then can we rebuild digital spaces that reflect the values, needs, and diversity of our communities.

11. Market Distortion and Monopolization

The Illusion of Competition in a Winner-Takes-All Market

On the surface, the digital market appears competitive. There are thousands of apps, tools, and startups. But beneath that surface lies a winner-takes-all dynamic: platforms with the most users attract even more users, gain more data, and become virtually impossible to compete with. This is known as the network effect and it fuels monopolization.

As a result, most core services online are controlled by a handful of giants: Google dominates search and maps, Meta dominates social media, Amazon dominates cloud and e-commerce, and Microsoft dominates business productivity tools.

Startups Become Acquisition Targets, Not Competitors

Innovative startups are often bought before they can grow into real competitors. Facebook acquired Instagram and WhatsApp. Google bought YouTube and Waze. Microsoft took over LinkedIn and GitHub. These acquisitions remove market pressure and consolidate control.

This undermines innovation: founders build with the goal of being acquired, not disrupting the system. It also limits consumer choice. In the end, even if you’re using multiple apps, you’re often still in the same ecosystem.

Barriers to Entry Are Structural

Large platforms benefit from economies of scale, brand recognition, user base lock-in, and vast legal and lobbying teams. New entrants can’t compete on these terms. Even if a better product exists, it often fails due to lack of visibility, compatibility, or trust.

These barriers are structural, not just financial. A new search engine, for instance, must crawl and index billions of pages, handle global traffic, respect data regulations, and build business models without access to the same ad infrastructure. The playing field is far from level.

Market Power Shapes Regulation

Big Tech companies also exert enormous influence over regulation. Through lobbying, they shape data laws, cloud contracts, and digital taxation rules in ways that protect their business models. In some cases, they co-author industry standards or fund the very watchdogs meant to oversee them.

This leads to regulatory capture, when those in power help write the rules they must follow. Smaller competitors and consumers are left without a fair voice.

Public Infrastructure Becomes Privatized

Essential digital services – search, navigation, communication, storage – are now operated by private firms with profit motives. Governments and public institutions rely heavily on Big Tech infrastructure. For example, many Dutch municipalities and schools run on Microsoft 365. Health systems use Amazon cloud. Even police departments use Facebook for communication.

This reliance effectively privatizes public functions, without democratic control or public alternatives. It also increases the risk of lock-in and loss of digital sovereignty.

Economic Power Becomes Political Power

As tech firms grow, their economic power translates into geopolitical leverage. Countries court data centers with tax breaks. Politicians consult tech CEOs on national strategy. Companies negotiate directly with states, like Meta threatening to pull services from Europe if regulations become “unworkable.”

This power imbalance between public institutions and private platforms distorts democratic processes and weakens public accountability.

Monopolies Undermine a Free and Open Internet

A decentralized internet is not just a technical alternative, it is an economic necessity. Monopolies distort markets, limit choice, slow innovation, and undermine the democratic function of the internet. By distributing infrastructure, ownership, and governance, we can restore competition and create a more resilient digital economy.

12. Privacy Erosion and the Surveillance Economy

Surveillance as a Business Model

In today’s centralized internet, surveillance is not a bug, it’s a feature. Most “free” digital services generate revenue by tracking user behavior, analyzing it with AI, and monetizing the results through advertising or profiling. This has created a surveillance economy in which human attention and behavior are the main commodities.

Companies collect vast amounts of data: what you search, what you watch, where you go, who you talk to, what you buy, even how long you pause while reading. This behavioral data is processed to predict, influence, and ultimately manipulate future choices.

Invisible Tracking, Even Outside the Platform

Tracking doesn’t stop at the platform itself. Third-party cookies, trackers, device fingerprints, and browser analytics follow users across the web. Visiting a news site, shopping online, or even reading a public document can trigger dozens of data transmissions to unknown entities.

An investigation by The Markup showed how widespread this tracking is, even on websites run by governments and NGOs. Users often have no idea who receives their data, for what purpose, or how long it’s stored.

Personal Data Becomes a Liability

The more data is collected, the more risk users face. Data leaks, hacks, phishing attacks, and identity theft are now common consequences of centralized data storage. In one breach alone, the health data of over 100 million EU citizens was exposed.

Sensitive information – health, finance, politics, religion – can be used to profile, discriminate, or control. Once collected, it is almost impossible to delete.

Behavioral Manipulation at Scale

The surveillance economy doesn’t just observe, it shapes behavior. Platforms use algorithmic nudging to increase engagement, steer attention, and maximize time spent on screen. Newsfeeds, notifications, recommendations, and personalized ads are designed not to inform, but to provoke and convert.

This creates digital environments optimized for addiction, outrage, and division. Not well-being or truth.

Chilling Effects on Free Expression

Knowing that you’re being watched changes how you behave. This is the so-called chilling effect: people censor themselves, avoid certain topics, or refrain from activism for fear of being flagged, punished, or profiled.

In countries with authoritarian tendencies, centralized surveillance infrastructure is often used to monitor dissidents and suppress protests. But even in democratic states, surveillance undermines freedom of thought and expression at the structural level.

Consent Is an Illusion

GDPR and similar laws require consent for data collection. But in practice, most users click “accept all” without understanding what they agree to. Consent is often coerced – without it, the service doesn’t work – or buried under legal jargon.

This leads to a system where legal compliance replaces ethical responsibility, and data exploitation continues unchecked.

Privacy Needs Infrastructure, Not Just Policy

Privacy cannot be restored with settings and policies alone. As long as data flows through centralized systems owned by surveillance-driven corporations, the erosion of privacy will continue. A decentralized internet, where data remains with the user and infrastructure is user-owned, is the only durable foundation for true digital privacy.

13. Infrastructural Vulnerability and Geopolitical Risk

Centralized Infrastructure as a Single Point of Failure

The internet’s physical infrastructure – servers, data centers, fiber cables, and cloud platforms – is increasingly centralized. This concentration creates single points of failure: if a major provider goes offline, large parts of the internet can become inaccessible. This is not a theoretical risk, it has happened multiple times in recent years.

One 2023 example involved an outage at Microsoft’s cloud platform (Azure), which took down services like Outlook, Teams, and OneDrive across Europe. In the same year, an incident at AWS disrupted digital services for banks, retailers, and government portals across several countries.

Risks During Conflict and Crisis

Centralized infrastructure becomes especially vulnerable during armed conflicts, trade wars, or political unrest. Data centers, cables, and digital infrastructure are now seen as strategic targets and have already been attacked.

In 2022, a mysterious sabotage incident damaged multiple undersea internet cables between France and the UK, affecting European internet traffic. A few months later, sabotage of Germany’s rail communication system caused disruptions across the country, linked to a targeted fiber-optic attack.

Such events demonstrate that digital infrastructure is not immune to geopolitical instability—and that centralization increases both the attractiveness and the impact of attacks.

Global Dependencies Create Leverage

Europe relies heavily on infrastructure owned by American or Chinese companies. Whether it’s cloud services (Microsoft, Amazon, Google), mobile hardware (Apple, Huawei), or backbone equipment (Cisco, ZTE), control lies largely outside of Europe’s jurisdiction. This creates geopolitical dependencies.

If tensions rise, these dependencies can be exploited. The 2019 Huawei ban showed how quickly access to key technologies can be weaponized. Sanctions, export restrictions, or forced service suspensions can severely impact the digital sovereignty of entire regions.

The Problem of Legal Fragmentation

Different countries have different laws regarding privacy, data access, and encryption. When infrastructure is centralized and global, these conflicting legal systems create compliance confusion and legal grey zones.

For example, European companies using U.S.-based cloud services may fall under U.S. surveillance laws, even if their data is hosted in the EU. The Schrems II ruling by the European Court of Justice invalidated the Privacy Shield agreement, highlighting the incompatibility between EU privacy rights and U.S. law.

A Matter of National and Regional Security

The reliability and independence of digital infrastructure is now a national security concern. Governments are beginning to recognize that centralization creates strategic vulnerabilities, not only for data protection, but for the continuity of basic services such as energy, health, transport, and communication.

The EU’s Cybersecurity Strategy emphasizes the need for more resilient and decentralized infrastructure, but implementation is slow, and political will is uneven.

Resilience Requires Distribution

In a centralized system, the failure of a few nodes can disrupt entire societies. In a decentralized system, no single point of failure exists. That makes it inherently more resilient, especially in times of crisis or conflict.

To protect digital sovereignty, ensure service continuity, and withstand geopolitical pressure, the internet’s infrastructure must be distributed, diverse, and community-owned. Only then can it serve as a stable foundation for our digital future.

Conclusion: A Systemic Problem Demands a Systemic Solution

The problems caused by the centralized internet are not isolated or incidental. They are structural, systemic, and deeply interconnected. From ecological strain and algorithmic manipulation to geopolitical risk and loss of autonomy, each issue reinforces the others, forming a tightly woven web of digital dependence.

Attempts to regulate or patch the current system are necessary, but not sufficient. As long as control, infrastructure, and data remain concentrated in the hands of a few global tech corporations, fundamental change will remain out of reach. True digital freedom, resilience, and sovereignty require a different foundation.

That foundation is decentralization.

A decentralized internet redistributes power, ownership, and control. It allows people and communities to reclaim their role. Not just as users or consumers, but as co-creators and stewards of the digital world. It replaces opacity with transparency, dependence with autonomy, fragility with resilience.

This is not a utopian dream, but an urgent necessity. The technological building blocks exist. The vision is clear. Now is the time to build and adopt a new internet, one that serves people, not platforms.

The decentralized internet already exists. And it works

The decentralized internet is no longer just an idea. It’s already here, fully operational and running. Since 2016, the non-profit foundation ThreeFold has been building a truly decentralized internet infrastructure from the ground up.

Today, the ThreeFold Grid spans over 50 countries worldwide and powers a growing number of real-world applications: from cloud storage and communication platforms to web hosting, AI workloads, and blockchain nodes. Unlike many other projects that depend on centralized layers or cloud dependencies, the ThreeFold Grid is fully peer-to-peer, energy-efficient, and self-owned by the people who run its physical infrastructure: the nodes.

It’s not a prototype. It’s live. And it’s growing.

How Your Data Network helps people use it

At Your Data Network, our mission is to help people, businesses and public organizations actually use this new internet, easily, securely and with full ownership.

Here’s how we do that:

• We provide ready-to-use devices like privacy-first smartphones, Linux laptops and 3Nodes that connect directly to the decentralized internet.
• We offer pre-installed services such as Nextcloud for secure file storage, private communication tools, and decentralized VPNs, all running on the ThreeFold Grid.
• We make onboarding simple through step-by-step guides, demos and expert support, even for people with zero technical experience.
• And we build a growing community of early adopters, builders and advocates who are no longer just users of the internet, but owners of it.

The internet is broken. The decentralized web is the solution. And that solution is ready. Now.