The Tech Coup

1. The Tech Coup: How Private Power Erodes Democracy

The gradual erosion of democracy in our time is being accelerated by the growing, unaccountable power of technology companies, of which NSO Group is only one, albeit extreme, example.

Unaccountable power. The initial optimism about technology's democratizing potential, seen in movements like Iran's Green Movement, has given way to a stark reality: tech companies now wield immense, unchecked power that undermines democratic principles. This shift is not accidental but a consequence of democratic governments' abdication of responsibility.

State functions privatized. Tech giants increasingly perform roles traditionally held by states, from national security to public discourse. This outsourcing hollows out governmental capabilities and allows private interests to dictate societal outcomes, often misaligned with the public good. Elon Musk's Starlink, for instance, made critical geopolitical decisions during the Ukraine war.

Systemic problem. The issue extends beyond individual scandals to a systemic erosion of free and fair elections, the rule of law, separation of powers, and civil liberties. Technology, once seen as a neutral tool, is now a pervasive layer impacting every sector, demanding urgent legal and governance frameworks to protect democracy.

2. Early Internet Ideals Collide with Corporate Reality

Today’s industry is a far cry from Berners-Lee and Barlow’s vision of emancipation through the wide availability of technology.

Libertarian roots. The internet's pioneers, like Vint Cerf and Tim Berners-Lee, envisioned a decentralized, open, and emancipatory digital world, free from central control. Cypherpunks and figures like John Perry Barlow championed strong encryption and an anti-government credo, believing code, not politics, would shape the future.

Profit-driven shift. This idealistic vision quickly morphed into a "winner-take-all" mentality, where companies like Uber, Amazon, and Meta pursued "blitzscaling" to dominate markets. Their success was often built on offering low-cost products to capture entire sectors, leading to monopolies and unprecedented wealth.

Antiregulation rhetoric. Tech leaders, such as Peter Thiel and Mark Zuckerberg, openly expressed skepticism of government, believing they could serve users better. They leveraged rhetoric like "regulation stifles innovation" to resist oversight, even as their companies benefited from massive state investments in foundational technologies like DARPA and GPS.

3. Invisible Digital Infrastructure Wields Immense Power

The governors of the digital world today are big corporations and tiny companies, well-known consumer brands and obscure power brokers.

Hidden layers. Beyond the visible online platforms, a vast, often invisible network of hardware and applications forms the digital world's "stack." Critical components like microchips, undersea fiber optic cables, and data centers are controlled by a handful of companies, many of which are unknown to the public.

Geopolitical pawns. These infrastructures are now central to geopolitical struggles:

• Microchips: Few producers (e.g., TSMC in Taiwan), massive capital investment, and reliance on rare earth materials (China) make them strategic assets, leading to a global "chip arms race."
• Undersea cables: Carrying 99% of internet traffic, these are vulnerable to damage (natural disasters, sabotage) and state espionage, with companies like Alphabet and Meta increasingly owning them.
• Data centers: Consuming vast energy and water, these are often built through secretive lobbying by tech giants (e.g., Meta in Zeewolde), overwhelming local governments and raising environmental concerns.

Transparency deficit. The lack of transparency surrounding these critical infrastructures—from ownership to resource consumption—prevents democratic oversight. This concentration of power in private hands creates systemic risks and vulnerabilities that governments are ill-equipped to manage.

4. Everything Digital is Weaponizable, Creating Unprecedented Risks

If it’s smart, it’s vulnerable.

Inherent flaws. The rapid digitization of nearly every aspect of life, from smart appliances to critical infrastructure, has created an expansive "attack surface." Software programs, often millions of lines long, inevitably contain "zero-day vulnerabilities" that hackers can exploit, and delays in patching these flaws create persistent windows of opportunity.

Diverse arsenal. Cyberattackers employ a range of methods:

• Social engineering: Phishing scams trick users into granting access.
• Malicious insiders: Employees like Mitto's COO can leverage network access for illicit surveillance.
• Cyberweapons: Distributed denial-of-service (DDoS) attacks disrupt services, while ransomware (e.g., DarkSide, North Korea) locks data for payment.

Devastating impact. Major incidents like the Citrix hack and the Colonial Pipeline ransomware attack demonstrate how these vulnerabilities can cripple essential services, from hospitals to energy grids, with significant economic and societal fallout. The blurred lines between criminal and state-sponsored attacks, coupled with legal ambiguity, perpetuate impunity.

5. Tech Companies Usurp Core Government Functions

The “great outsourcing” of government is fundamentally rewriting the social contract between the democratic state and its citizens.

Erosion of state power. Technology applications are fundamentally reshaping the purpose and power of government, usurping functions traditionally held by foundational departments like State, Treasury, and War. This outsourcing means the state is increasingly unable to independently manage monetary policy, guarantee privacy, or ensure national security.

Monetary policy undermined. Cryptocurrencies, initially hailed as a decentralized financial revolution, have instead proven volatile, prone to scams (e.g., FTX's collapse), and favored by criminals and rogue states. They undermine central banks' ability to manage currency and financial stability, with devastating consequences for ordinary investors.

Privatized policing and security. Companies like Clearview AI (facial recognition) and Palantir (data analytics) provide sensitive law enforcement and national security services with little public oversight. Their biased systems and opaque operations erode fundamental rights like privacy and due process, while governments become dependent on private firms for critical intelligence and operational capabilities.

6. Democracies Are Losing the Geopolitical Tech Battle

Tech companies are now, undoubtedly, on the front lines of the battle between democracy and authoritarianism.

Tech as geopolitical arbiter. Multinational tech giants have become instruments in global power struggles, with corporate decisions impacting elections, human rights, and military strategy. The removal of Alexei Navalny's app by Apple and Google under Russian pressure, or Elon Musk's Starlink providing critical military communications in Ukraine, exemplify this shift.

Authoritarian advantage. While democracies debated tech governance, authoritarian regimes like China proactively integrated technology into their state power. China's surveillance state (e.g., Uyghur repression, social credit systems) and its Digital Silk Road initiative export this model globally, creating new dependencies and undermining democratic norms.

Democratic inaction. Policymakers in the West were slow to appreciate tech's geopolitical impact, often prioritizing market growth over democratic principles. This inaction has left democracies vulnerable, with tech companies often prioritizing profits over human rights, making compromises in markets like China and India, and blurring the lines of state sovereignty in cyber conflicts.

7. Big Tech Mastered the Art of Avoiding Regulation

Self-regulation is an oxymoron. It does not resemble anything close to democratic regulation, the purpose of which is to impose external constraints on behavior.

Framing the narrative. Tech companies skillfully shaped public perception to resist regulation. They equated regulating a few tech giants with "regulating the internet" and propagated the false dichotomy that "regulation stifles innovation," despite evidence that regulation often spurs it.

Illusions of self-governance. To deflect genuine oversight, companies created internal "self-regulatory" mechanisms like Facebook's Oversight Board or TikTok's Content Advisory Council. These initiatives, often staffed by esteemed experts, provided an illusion of accountability while possessing limited mandates and little power to impact core business practices.

Lobbying juggernaut. Tech giants invested massively in lobbying, outspending other industries in Washington D.C. and Brussels. Microsoft, for example, perfected subtle influence tactics, funding reports, nonprofits (CyberPeace Institute), and academic programs to shape policy debates and secure lucrative government contracts, further entrenching their power.

8. Reclaiming Sovereignty Requires Proactive Governance

The EU has embraced its role as the “superregulator” of digital technologies that are often made by companies in China or the United States.

Divergent approaches. Global powers are grappling with tech governance, each with distinct strategies:

• EU's "superregulator" model: Emphasizes civil liberties and comprehensive frameworks (GDPR, AI Act, Digital Services/Markets Acts). It aims for "digital sovereignty" through regulation and strategic investments (EU Chips Act, Global Gateway), despite lacking a strong domestic tech industrial base.
• US's national security focus: Prioritizes countering foreign adversaries (e.g., TikTok ban, export controls against China) but struggles with domestic civil liberties and consumer protection due to political dysfunction. Regulatory agencies (FTC, CISA) are stepping up where Congress falters.
• China's surveillance state: Proactively uses tech for censorship, surveillance, and propaganda, exporting its model via the Digital Silk Road. It prioritizes state control over economic gains, forcing foreign companies to comply with its demands.
• India's declining democracy: Embraces accelerated digitization (India Stack, Aadhaar) but with increasing internet shutdowns and censorship, posing a dilemma for Western allies.

Need for rebalancing. While the EU leads in comprehensive regulation and the US in national security, both must rebalance power between democratic governments and private tech companies. A fragmented approach weakens democracies against both tech giants and authoritarian models.

9. The Precautionary Principle Must Guide Emerging Tech

The precautionary principle requires us to grasp the consequences of a risk before taking it.

Preventing unforeseen harms. The rapid rollout of emerging technologies, particularly AI, often precedes a full understanding of their societal impacts. The "precautionary principle," as applied in the EU for GMOs, demands that innovations with potential harms are sufficiently researched and understood before widespread deployment.

Beyond "permissionless innovation." This principle directly challenges Silicon Valley's "permissionless innovation" mantra, which prioritizes speed over safety. It calls for:

• Independent assessment: An independent board of experts to evaluate technologies for potential harms.
• Research access: Mandating academic researchers access to proprietary data and computational power for independent studies.
• Risk mitigation: Building in time to learn and discover, akin to clinical trials in medicine, to prevent technologies from "breaking things."

Addressing immediate risks. While experts debate AI's existential threats, immediate problems like discrimination, hallucination, and cybersecurity vulnerabilities are already present. The precautionary principle ensures that democratic societies, not unelected CEOs, determine acceptable risk levels for new technologies.

10. Curbing Antidemocratic Tech is a Democratic Imperative

Technologies that nullify the right to privacy, the right to self-determination, or the freedom of press have no place in democratic societies, and governments should not shy away from rigorously banning the use and sale of such products.

Targeted bans. Some technologies and practices are inherently antidemocratic, and their harms are already well-established, requiring direct prohibition rather than mere regulation:

• Commercial spyware: Systems like NSO Group's Pegasus are designed to violate privacy and should be banned for sale and use by democratic governments, both domestically and for export.
• Data brokerage: The collection, buying, and selling of vast personal data (e.g., location, health, online behavior) by brokers should be outlawed, as it creates significant risks for individuals and can be weaponized (e.g., post-Roe v. Wade prosecutions).
• Facial recognition systems: While limited government use (e.g., customs) may be necessary, commercial scraping of faces and real-time use in public spaces should be severely restricted or banned due to inherent biases and privacy violations.
• Cryptocurrencies: Their volatility, use by criminals and rogue states, and undermining of financial stability mean that only digital currencies minted by licensed, regulated financial institutions should be permitted, ending the "speculative poison" of unregulated crypto.

Protecting fundamental rights. These measures are crucial for safeguarding privacy, self-determination, and freedom of expression, ensuring that technology serves democratic values rather than eroding them.

11. Transparency and Accountability are Non-Negotiable Pillars

Meaningful access to the powerful processes designed and operated by companies is a sine qua non, or vital condition, for many other steps to allow for democratic governance of technologies.

Ending opacity. The tech industry's systemic lack of transparency hinders public oversight and fuels negative consequences. To counter this, transparency must be cultivated:

• Identify AI: AI-generated content (text, images, audio) should be clearly marked or watermarked to combat disinformation and maintain trust in authentic media.
• Investment and bid transparency: Funding sources for tech companies, especially from sovereign wealth funds of nondemocratic states, must be disclosed. Companies bidding on public resources (e.g., data centers) should operate under their true names and publish environmental impact data.
• Public accountability extension: Any law applying to government organizations (e.g., freedom of information, nondiscrimination) must equally apply to tech companies performing tasks on their behalf. This includes public access to code and communications on commercial platforms.

Reforming trade secrecy. Current intellectual property laws often serve as a blanket excuse for companies to shield critical information. Exceptions are needed to allow academics, journalists, and regulators to understand how technologies work, fostering a well-informed public debate and enabling effective governance.

12. Governments Must Lead by Example and Rebuild the Public Sphere

The desired outcomes for society, beginning with the preconditions to govern technologies in line with democratic laws and norms, should guide procurement and policy alike.

Leveraging purchasing power. Governments, as the largest buyers of IT products, possess immense leverage to shape markets. They should use procurement to:

• Set standards: Mandate cybersecurity (zero trust, privacy by design) and transparency criteria (CO2 footprint, resource use) in all tech contracts.
• Hold vendors accountable: Implement blacklisting mechanisms for companies that fail to comply with security or accountability requirements.
• Foster public alternatives: Redirect funding from private vendors towards building public digital infrastructure and open-source solutions.

Technological expert services. Legislatures need independent technological expertise, akin to legal or budget services, to inform lawmaking and counter corporate lobbying. This would also create a public-service pipeline for tech talent, ensuring policymakers understand the technologies they regulate.

Building accountability mechanisms. To close the impunity gap:

• Systemically important tech institutions: Designate major tech companies (Amazon, Google, Meta, Microsoft) for heightened regulatory scrutiny, similar to "too big to fail" banks.
• Arbitration court for cyber incidents: Establish independent, credible courts to investigate and attribute cyberattacks, fostering accountability in a legally ambiguous domain.
• Joint democratic forces: Like-minded countries must collaborate through binding agreements (e.g., DFI, G7, UN Advisory Body on AI) to set global standards, coordinate sanctions, and draft international nonproliferation agreements for digital arms.

Reinvigorating the digital commons. Empowering grassroots initiatives and building a "public stack" based on public values can counter the privatization of the digital sphere. This requires redefining the digital commons and redirecting state funding to public digital infrastructure, ensuring technology serves citizens, not just shareholders.

Last updated: November 30, 2025