How did Big Tech get so powerful?

If they're that evil, how did we let them get away with it?

Three words: FREE, FRAMING and LOBBYING

Free toys

We all drank the cool aid. We took the shiny - and quite frankly amazing - free toys they offered us. Search, browsers, operating systems, cheaper-than-they-should-be mobile phones, social media networks, messaging apps, video calls, email, maps.... Free, free, free, free! Like magic!!

We didn't stop to think of what the real price was. Not even when the expression "data is the new oil" became well known. Perhaps you thought that means that companies everywhere will start to get into data analytics to better understand their customers? It mostly referred to Google and Facebook mining the s%*^ out of our personal data.

Our behavioural data became the raw material for their product: access to predicting and influencing our behaviour. And for this product, businesses (via advertisers) were willing to pay a LOT of money. And with the product's raw material coming from us citizens for free, the margins on the product are enormous.

Framing

To succeed in growing their advertising revenues the most important thing for Google and Facebook was to keep the true nature of their data harvesting operations secret. They achived this by clever framing and lobbying

Framing means posing their mission and operations in such a way that the public thinks a certain way about it, and do not focus on the truth.

The most famous framing trick was Eric Schmidt's quote "If you've got something to hide, maybe you shouldn't be doing it in the first place". Another is "Regulation stifles innovation".

Lobbying

So they fooled us, but what about governments, regulators, law makers?

Initially they stood down willingly. They were actually about to pass fairly strong privacy laws but in the aftermath of 9/11 these were abandoned. Our privacy was given up in the name of security. Never let a good crisis go to waste, they say, and the security services were very keen to get these young tech companies to harvest as much data about the population as possible.

As the years went by, however, the harms of social media became clear, privacy scandals about big tech were regularly reported (e.g. Cambridge Analytica, 2017), and whistleblowers showed us what the security services were up to (e.g. Edward Snowden, 2014). In order to survive these events Big Tech has to spend eye-watering amounts on lobbying governments and law-makers:

https://corporateeurope.org/en/2021/08/big-tech-takes-eu-lobby-spending-all-time-high

https://www.politico.com/newsletters/morning-tech/2022/01/24/tech-spent-big-on-lobbying-last-year-00001144

So our governments have been well paid for their silence.

Why didn't the GDPR stop them?

The GDPR is comprehensive but it was never well applied, and it was poorly enforced.

Cookie popups and Privacy Policies

Placing the choice with the consumer using cookie banner popups was a terrible idea. It is a faustian choice. And putting a 'Do you agree to our privacy policy' choice before accessing each Big Tech services was a terrible idea too. A study estimated it would take you 76 days per year if you read every privacy policy properly:

https://www.theatlantic.com/technology/archive/2012/03/reading-the-privacy-policies-you-encounter-in-a-year-would-take-76-work-days/253851/

So despite the GDPR being correctly focused on consent, it was never well applied. In most cases the consent is meaningless, and is merely a 'take it (data harvesting) or leave it choice'.

Ireland sold out

Pretty much all the Big Tech companies flocked to Ireland to set up their EU headquarters: Google, Meta, Apple, Microsoft. Why? They were offered low corporation tax rates by the Irish government. At the time the Irish economy was recovering after the crash following the Celtic Tiger, so it was understandable.

What is unforgivable is that since then the Irish DPC (Data Protection Commission) has sat on their hands for nearly every GDPR complaint that has been presented to it. In fact the EU Court of Justice had to sue the Irish DPC in order to force it to process the complaints against Big Tech firms (mainly Meta and Google):

https://www.rte.ie/news/europe/2025/0129/1493565-european-court/

Big fines, small payments

Since 2021 Meta has been fined a whopping €2.6bn in GDPR violation fines:

Meta GDPR fines

It's good news that they received the fines, but weakness at the Irish DPC has meant that very little money has actually changed hands.

Proton has done a great job of keeping track of the massive fines that Big Tech has received, but as you can see, they are a drop in the surveillance profits ocean:

https://proton.me/tech-fines-tracker

➡️ How is all this a threat to democracy?

Rebel Tech Alliance

Big Tech can do one 🖕