Big Tech Redefined the Open Internet to Serve Its Own Interests

By Burcu Kilic and Mallory Knodel

What if the internet as you know it is already gone? “Open” was once a public interest principle at the heart of the internet’s design. But Big Tech companies have managed to redefine terms like “openness” and “free expression” to support business models built on centralization and data monetization. What was once a decentralized system designed for interoperability and equal access, the internet is now a collection of closed, tightly controlled platforms. The open internet used to allow different parts of the network to work together easily, with openly shared information and transparent behavior.

Today, the “wide internet” is effectively gone; true openness and actual interoperability have all but disappeared. Internet providers limit connection, hide systems behind proprietary walls, and treat people and society as data resources to extract. Reclaiming the internet’s original purpose will mean challenging Big Tech’s use of public interest language to justify enclosure. Protecting the open internet requires aggressive enforcement of anti-monopoly regulation. And it will require the creation of new policies that support true openness and user freedom.

When “Open” Stopped Meaning Open

The internet’s foundational ideals: openness, interoperability, and free expression once united civil society and tech innovators in opposition of incumbent and monopolistic telecommunications companies. Early champions of a free and open web aligned themselves with digital rights advocates to protect user choice, information access and civil liberties. But over time, these former innovators have co-opted that very language to entrench their own monopoly platforms.

Terms like “free expression” and the “free flow of information” used to push back against centralized telecom control, are now deployed by Big Tech to justify commercial surveillance, extractive data practices and an increasingly closed web. Civil society, too, has struggled to keep up. Groups that formerly acted as watch dogs have sometimes uncritically echoed the language and positions of powerful platforms, failing to question how openness is being selectively redefined.

Take, for instance, the recurring call for a “free and open internet” in public advocacy letters like those from ACLU, the Internet Society or Freedom House. These appeals rightly warn against state-driven censorship, data localization and discrimination against foreign services, yet the same vocabulary: free flows of data, non-discrimination, and openness, is frequently repurposed by Big Tech to resist regulations in the US and abroad intended to protect competition, privacy and public interest. Meta and Apple claim, for instance, that the EU’s Digital Markets Act threatens user privacy and security by forcing interoperability and limiting their ability to maintain “open” and “trusted” platform experiences.

This distortion becomes especially clear in the current debate over AI training. Large language model developers argue that scraping vast swaths of the internet is justified under the banner of “fair use” or the “right to research,” as seen in OpenAI’s response to the lawsuit from The New York Times which alleges that OpenAI and Microsoft used millions of copyrighted articles without permission to train their models, reproducing Times content verbatim or in close paraphrase without attribution or compensation. These aren’t neutral acts of innovation. They are commercial strategies, conducted by a handful of powerful firms, to build proprietary models with little oversight, minimal benefit to creators, and no meaningful consent.

The same companies that once claimed to democratize knowledge now argue that using copyrighted works, news archives, or public forums without permission is necessary to fuel AI development. In this framing, openness is no longer about interoperability or decentralization, it is about unregulated extraction. Meanwhile, independent creators and the public remain powerless in the face of sweeping commercial appropriation.

From Open Systems to Walled Gardens

The original design of the internet was radically open. It was built on a decentralized technical architecture: a mesh of hosts and routers connected through open protocols like TCP/IP, HTTP, and DNS. These protocols weren’t owned or controlled by any single company. They enabled systems to interoperate, communicate, and evolve without permission. Anyone could build on top of this foundation. As long as you followed the protocols, your website, service, or idea could participate in the network.

This openness fostered "permissionless" innovation and experimentation. It allowed communities to form across borders and supported countless small-scale projects that could grow organically. Transparency wasn’t just a principle, it was embedded in the system’s design. People could inspect how things worked, build their own versions, and contribute to the ecosystem. 

The rise of surveillance capitalism in the early 2010s marked a turning point. Google was the first to discover how user data could be monetized at scale through behavioral advertising with the acquisition of DoubleClick. It wasn’t long before Facebook followed, transforming itself into a data-harvesting machine. These companies built empires not on open infrastructure, but on extracting insights from user behavior to sell targeted ads. The web’s openness was no longer the point. It was an obstacle.

What emerged instead was platformization: a model where services restrict interoperability, control access through proprietary APIs, and lock users into closed ecosystems. The user isn’t a participant in a network, they’re a captive audience. App stores gatekeep software distribution. YouTube disables certain features unless you're logged in to a Google account. Google Search shows you less of the open web and more of its own products, like Maps, Shopping, or YouTube videos. Each platform draws a perimeter around itself, limiting how other services or users can interact with it.

Nowhere is this enclosure clearer than in what some call the “Google Web.” As Microsoft CEO Satya Nadella recently said in an antitrust hearing, Microsoft Bing can’t compete with Google, because the search engine’s market share is so large the internet has basically become the “Google web”. Google has positioned itself as the default interface to the internet. It controls what results people see, how data is prioritized, and even which standards get adopted. Developers design for Google. Content creators write for Google. Even the advertising industry relies on its tools and metrics.

Google’s infrastructure—from its login systems and analytics tools to its advertising stack and, increasingly, its AI APIs—has become deeply embedded in the fabric of the web. This integration gives Google the power to shape the behavior of users, businesses, and even regulators, all while cloaking its dominance in the language of open access and innovation.

Failing and False Solutions

This distortion of “openness” goes beyond internal platform decisions. It shapes the policies they promote and the narratives they use to defend them. Take for example, calls for “data free flows” in trade negotiations. These are often framed as defending openness, yet they protect the global reach of surveillance capitalism, enabling corporations in the global North to extract data from users and infrastructures in the global South under the banner of digital trade, reinforcing asymmetries in power, oversight, and economic benefit.

Even data protection laws like the GDPR, while important, have left dominant business models untouched. Data brokers continue to amass and sell personal information, while the online advertising industry remains rife with potential for abuse. By placing the burden on individuals to manage endless consent requests, the GDPR reinforces a system where large-scale data collection remains the norm. Rather than challenging the surveillance-based business models that drive the digital economy, it legitimizes them through a veneer of user choice.

Meanwhile, some of the most important decisions about digital policy, especially around AI and data governance, are being made behind closed doors with minimal public input and maximum corporate influence. Civil society groups and independent researchers are often excluded in favor of industry stakeholders. In the European Union, recent moves to delay the Digital Services Act, drop the AI Liability Directive, and carve out security exemptions from the AI Act have taken place with little transparency or public debate. These shifts reflect growing pressure from tech industry lobbyists and geopolitical concerns rather than democratic consultation.

Real Alternatives for Reclaiming Openness

Reclaiming an open internet means confronting the systems that allow corporate concentration and unchecked data extraction. Policy must go beyond symbolic gestures to drive structural change.

Antitrust enforcement should focus not just on harm, but on reducing market dominance that limits competition and innovation. Data minimization should be a core principle, limiting what data can be collected in the first place. Stronger enforcement tools like private right of action, class actions and tort-based remedies can help shift power back toward users and civil society.

We also need public investment in digital infrastructure. That includes expanding the number of internet exchange points, investing in alternative AI models such as The Swiss AI Initiative—an effort by Switzerland to release a large language model developed on public infrastructure, and supporting startups that build around open standards. True interoperability must be enforced, not optional.

Finally, we need to restore digital civic spaces, like the Fediverse, where people can communicate, organize, and create without being surveilled or monetized. An open internet should be a public good, governed with transparency, participation, and accountability.

Conclusion

The real threat to an open internet is not trade barriers  or state censorship. It is Big Tech. These companies have redefined “openness” to justify their own dominance, turning the internet into a system of surveillance and control. Trade policy and deregulation have reinforced this shift, protecting business models built on data extraction rather than public benefit.

To reclaim the internet’s original purpose, we need to rethink what openness really means. It should not be about unrestricted data flows for corporate use, but about enabling people to connect, create, and communicate freely and safely.

This will take coordinated action across local, national, and global levels. Regulators must challenge concentrated power, not accommodate it. And policymakers must put the public interest ahead of corporate influence. The internet still has the potential to serve as a space for democratic participation and shared progress. But that will only happen if we fight to make it serve people, not platforms.

Publication Spotlight: Tech Accountability in Focus

Tech Accountability in Focus is a bulletin from the Business & Human Rights Resource Centre that brings you the latest on tech accountability three times a year. Each edition covers the biggest human rights stories linked to the sector, regulatory developments, investor updates, and insights from direct engagement with companies facing allegations of abuse.

This Week's Links

Open Social Web

• Free Our Feeds’ latest update outlines new investments in ATProto infrastructure, shared content moderation tools, and a European-led initiative (“Eurosky”) to build social media systems that meet regulatory and civic needs—raising bigger questions about who should govern the social web. https://free-our-feeds.ghost.io/free-our-feeds-update-3-july-2025 
• Europe’s dependency on Big Tech’s social-media platforms threatens its digital sovereignty. While policymakers often argue that there are no viable alternatives, this ignores the potential for building apps on open-source frameworks, says Sebastian Vogelsang. https://www.project-syndicate.org/commentary/europe-can-build-own-social-media-on-at-protocol-by-sebastian-vogelsang-2025-07 

Internet Governance

• Digital emblems could protect hospitals, cultural sites, and even civil flights online. In this IETF draft, Felix Linker outlines emerging use cases and technical requirements as the Digital Emblems (DIEM) Working Group begins to define an architecture and discovery mechanism for presenting and validating these emblems securely across the internet. https://datatracker.ietf.org/doc/draft-linker-diem-requirements 
• IETF workshop aims to understand the current use cases for publishing, discovering, and consuming IP address geolocation data ('IP-geo' hereafter). https://datatracker.ietf.org/group/ipgeows/about 
• As AFRINIC teeters on the edge of collapse, the deafening silence from African governments raises a critical question: in a continent increasingly shaped by digital infrastructure, where are the public stewards of the internet? From Alice Munyua. https://substack.com/inbox/post/168774762 
• Cloudflare is blocking AI bots by default and launching a pay-per-crawl system that lets publishers charge for access—marking a pivotal shift toward consent, compensation, and infrastructure-led policy in the AI era, writes Courtney Radsch. https://www.techpolicy.press/cloudflare-wades-into-the-battle-over-ai-consent-and-compensation 
• The UN has published two papers through an initiative called the AI and Multimedia Authenticity Standards Collaboration, aims to “respond decisively to the risks posed by deepfakes, misinformation, and synthetic content misuse, while fostering the creative and societal benefits of AI.” https://www.biometricupdate.com/202507/un-initiative-unites-standards-bodies-to-tackle-global-deepfake-threat 
• India is exporting its digital governance model to the world—but with it come deeper questions about power, exclusion, and the future of the state, writes Anuradha Sajjanhar. https://www.techpolicy.press/indias-digital-infrastructure-is-going-global-what-kind-of-power-is-it-building 
• Despite a wave of state-level tech laws since 2021, meaningful regulation of data practices and algorithmic systems remains elusive. Matthew Scherer’s latest paper unpacks why. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=5346390 
• Russia’s State Duma has advanced new legislation that would introduce fines for searching prohibited material online, including when using VPNs. https://en.zona.media/article/2025/07/15/searchban 
• OpenAI’s chatbot blurred the line between fantasy and reality with a man on autism spectrum, fuling dangerous delusions. https://www.wsj.com/tech/ai/chatgpt-chatbot-psychology-manic-episodes-57452d14 
• OpenAI’s advisory board says it should continue to be controlled by a nonprofit because the artificial intelligence technology it is developing is “too consequential” to be governed by a corporation alone. It is, however, worth noting the board’s recommendations are non-binding. https://apnews.com/article/openai-nonprofit-sam-altman-dolores-huerta-1b6625fbe429c2d81ab19c33e0a522e7 
• AfriSIG 2025 equipped a new wave of African internet governance leaders with the tools, networks, and rights-based frameworks needed to shape inclusive digital policy from the ground up. https://www.apc.org/en/news/afrisig-2025-where-policy-activism-and-african-realities-converge 
• The Electronic Frontier Foundation and ARTICLE 19 strongly support the Wikimedia Foundation’s legal challenge to the categorization regulations of the United Kingdom’s Online Safety Act. If it breaks Wikipedia, it’s probably bad policy. https://www.eff.org/deeplinks/2025/07/we-support-wikimedia-foundations-challenge-uks-online-safety-act 
• W3C’s Diversity report for 2025. https://www.w3.org/about/diversity/diversity-report-2025 

Digital Rights

• New research has found that LLMs such as ChatGPT consistently advise women to ask for lower salaries than men, even when both have identical qualifications. https://thenextweb.com/news/chatgpt-advises-women-to-ask-for-lower-salaries-finds-new-study 
• The lesson from Gaza is clear: when AI-powered machines control who lives, human rights die, writes Dima Samaro. https://lens.civicus.org/interview/the-lesson-from-gaza-is-clear-when-ai-powered-machines-control-who-lives-human-rights-die 
• Microsoft has admitted under oath that US authorities can demand French and European user data, despite previous security assurances. https://ppc.land/microsoft-cant-protect-french-data-from-us-government-access 
• Meta has argued to Australia's Productivity Commission that proposed privacy law reforms could hinder AI innovation and put the country out of step with global norms. In response, the Australian Privacy Commissioner, Carly Kind, countered that robust privacy protections are strongly supported by the public and essential for building trust in AI. https://www.linkedin.com/posts/carly-kind-0b201727_yesterday-the-australian-reported-that-in-activity-7351738228753764352-NKsP/?rcm=ACoAACWJ_HIBp2ruf2wVpyUwySkAKakbPfg5KLw 

Technology for Society

• AI is reshaping the US economy, but its benefits are still concentrated in a few tech hubs. A new Brookings report from Mark Muro and Shriya Methkupally maps where talent, innovation, and adoption are taking hold, and which regions risk being left behind without targeted investment. https://www.brookings.edu/articles/mapping-the-ai-economy-which-regions-are-ready-for-the-next-technology-leap 
• The Library of Congress has launched a new Government + Libraries, Archives, and Museums Community Group to explore how emerging content provenance standards like C2PA (Coalition for Content Provenance and Authenticity) can support digital preservation and authenticity across cultural heritage institutions. https://blogs.loc.gov/thesignal/2025/07/c2pa-glam 
• Transparency International US’s “Suport Foreign Aid” ad in Times Square. https://www.youtube.com/watch?v=Z7Q3hPRDTNo 

Privacy and Security

• Rural hospitals, schools, and essential services are under siege from cyberattacks. Not because they’re behind, but because public policy has left them unprotected, writes Nicole Tisdale. https://www.aspendigital.org/blog/cyber-poverty-line 
• The UK government wants Apple to weaken its encryption. Open Rights Group is raising funds to make a legal intervention at Apple’s hearing. Donate now. https://action.openrightsgroup.org/make-our-voice-heard-apple%E2%80%99s-encryption-hearing 
• Hackers are turning DNS records, the internet’s basic address book, into covert malware delivery channels, exploiting a blind spot in cybersecurity defenses that even advanced tools often overlook, reports Dan Goodin. https://arstechnica.com/security/2025/07/hackers-exploit-a-blind-spot-by-hiding-malware-inside-dns-records 
• Spain has quietly allowed Huawei to manage its lawful intercept system for over two decades, despite rising concerns over Chinese state surveillance and EU bans on high-risk suppliers writes Tom Uren. https://www.lawfaremedia.org/article/spain-leaves-key-under-mat-for-huawei 
• Google is testing a major security upgrade for group chats in Messages with MLS encryption, alongside a redesign of the conversation details page reports Bena Ilyas. https://fuchsiawire.com/google-trials-new-encryption-of-rcs-and-ui-update 

Upcoming Events

• Protocols for Publishers is a series that brings together publishers, developers, and researchers to explore open protocols for a sustainable agentic web. ​Join them for an evening of presentations and open discussion, where protocol builders and publishers share their thinking about the future of the web. August 20, 6:00 EDT. New York, NY.  https://lu.ma/gb050dwt 
• Digital Rights Asia-Pacific Assembly 2025 (DRAPAC25) will bring together activists, technologists, and advocates to confront rising digital authoritarianism. August 26-27. Kuala Lumpur, Malaysia. https://www.apc.org/en/event/digital-rights-asia-pacific-assembly-2025 
• The 2025 Team CommUNITY Global Gathering (GG) will bring together participants from over 140 countries to focus on grassroots tech innovation, circumvention tools, secure communication, and organizational sustainability. September 8-10. Estoril, Portugal. https://www.apc.org/en/event/team-community-global-gathering 
• Forum on Internet Freedom in Africa 2025 (#FIFAfrica25) brings together diverse stakeholders from Africa and beyond to explore gaps and opportunities in advancing privacy, free expression, inclusion, civic participation, and innovation online. September 24-26. Windhoek, Namibia. https://internetfreedom.africa 

Careers and Funding Opportunities

• Mozilla Foundation: VP, Community. Remote. https://www.mozilla.org/careers/position/gh/7081536 
• The Better Information Project: Operations & Project Manager. Remote UK, Belgium, Germany, France, Spain. https://careers.meliorefoundation.org/en/postings/35a8f907-453d-494c-8681-6f6ac32d5dbc 
• Pollicy: Fellowships 2025. Remote Africa. https://pollicy.org/wp-content/uploads/2025/07/August-2025-Pollicy-Fellowship-Advert.pdf 
• AlgorithmWatch’s reporting fellowship on AI and power. Remote Europe. https://algorithmwatch.org/en/open-call-algorithmwatch-fellowship 

What did we miss? Please send us a reply or write to editor@exchangepoint.tech.