Digital Infrastructure and the Platforms You Don't Own

Your email, your files, your customer list, your payment processing, your social media reach, your cloud storage, and your online storefront all share a common structural feature: you do not own any of them. You rent them. The terms of the rental are set unilaterally by the platform, can be changed without your consent, and include the provision that the platform can terminate your access at any time, for any reason or no reason, with whatever recourse the terms of service specify — which is typically none. Shoshana Zuboff’s The Age of Surveillance Capitalism documents the extraction economy these platforms represent; Edward Snowden’s Permanent Record documents their vulnerability to institutional access. But the fragility that matters most for the sovereignty-minded person is simpler than either of those analyses: the platform you build your life on is not yours, and the person who controls the platform controls the switch.

This is not a conspiracy. It is a terms-of-service agreement. And the rational response is not to abandon platforms entirely — they provide genuine utility — but to ensure that no single platform can turn off your livelihood, your communications, or your access to your own data.

The Account Lockout Problem

Google provides email, file storage, photo storage, calendar, contacts, and authentication services to billions of users through a single account. The integration is the product’s appeal. It is also the product’s vulnerability. When Google disables a Google account — for a terms-of-service violation, a security flag, or an automated system’s determination that something is wrong — the user loses access to all of these services simultaneously.

This is not hypothetical. Documented cases include users locked out of their entire Google ecosystem for violations as minor as sharing a family photo that triggered automated content moderation systems. Photographers locked out for images flagged by automated child safety scanning that were, in fact, medical photos taken at a doctor’s request. Small business owners who lost access to their Gmail, their Google Drive, their Google Ads account, and their Google Voice number — the entire communications infrastructure of their business — in a single automated action.

The appeal process is opaque. Google does not provide a phone number to call. There is no local office to visit. The user submits a form and waits. For a person whose livelihood depends on that account, the wait can be catastrophic. A week without email, without access to client files, without the phone number that customers call — this is not an inconvenience. It is a business emergency.

The structural issue is not that Google is malicious. It is that Google operates at a scale where individual account decisions are necessarily automated, and the automated systems optimize for risk reduction across billions of accounts, not for the accurate resolution of individual cases. You are a statistical event, not a customer relationship. The platform’s incentive is to minimize its own risk, and disabling a flagged account is always lower risk to the platform than leaving it active pending review.

Payment Processing as a Chokepoint

If platform dependency is a vulnerability, payment processing dependency is an existential one. The infrastructure through which money moves online — Stripe, PayPal, Square, and the banks and card networks behind them — operates under terms of service that give the processor broad discretion to freeze funds, terminate accounts, and hold reserves.

PayPal’s account freezes are documented extensively in business forums and news reporting. Funds held for 180 days. Accounts terminated for “business model risk” without specific explanation. Small businesses that woke up to discover their payment processor had decided they were unacceptable and frozen their balance pending review. Stripe, which powers payment processing for millions of online businesses, reserves the right to hold funds, delay payouts, and terminate accounts based on its risk assessment.

The card networks — Visa, Mastercard — operate upstream of the processors and have their own content and business category restrictions. A business that falls outside the card networks’ acceptable categories cannot process card payments regardless of which processor they use. This is not law enforcement. It is private infrastructure making private decisions about who may use it. The effect, however, is enforcement-like: if you cannot process payments, you cannot operate a business.

The sovereign response is diversification of payment rails. Maintain relationships with multiple processors. Accept multiple payment methods. Maintain a cash reserve sufficient to survive a processor freeze. Understand the terms of service of every processor you use, and do not build a business that is one terms-of-service violation away from losing its ability to collect revenue.

Social Media Reach as Rented Land

The metaphor of building a business on rented land is overused because it is accurate. A business that depends on a social media platform for customer acquisition has built its growth engine on infrastructure it does not own, cannot control, and has no contractual right to use in any specific way.

Algorithm changes are the quiet version of this risk. Facebook’s organic reach for business pages declined from an estimated 16% of followers in 2012 to approximately 2% by 2020. Businesses that had invested years in building Facebook followings discovered that the platform had, without announcement or compensation, reduced their ability to reach the audience they had built. Instagram, TikTok, YouTube, and every other algorithmically curated platform retain the same power: the algorithm is theirs, the reach is theirs, and what they give they can take away.

Deplatforming is the loud version. The Parler case is instructive not because of its politics but because of its infrastructure lesson. When Amazon Web Services terminated Parler’s hosting agreement in January 2021, the platform went completely dark within twenty-four hours. The entire platform — millions of users, the complete content archive, the infrastructure — was dependent on a single hosting provider, and when that provider decided the platform violated its terms of service, the platform ceased to exist until it could rebuild on alternative infrastructure.

The lesson is not that AWS was wrong or right. The lesson is that a platform built on a single provider’s infrastructure is a platform that exists at the provider’s discretion. The same principle applies at every scale: if your business depends on Instagram for customer acquisition and Instagram changes its algorithm or bans your account, your business has lost its customer acquisition channel with no contractual remedy.

Cloud Storage Is Not Backup

The phrase “back up to the cloud” has become synonymous with data safety. It should not be. Cloud storage — Google Drive, iCloud, Dropbox, OneDrive — provides convenience, synchronization, and remote access. It does not provide the security guarantees that the word “backup” implies.

A backup, in the meaningful sense, is a copy of your data that is independent of the system it protects. Cloud storage that is accessible through the same account whose compromise you are protecting against is not a backup. If your Google account is disabled, your Google Drive is disabled with it. If your iCloud account is compromised, your iCloud backup is compromised with it. The synchronization that makes cloud storage convenient also makes it a vector for data loss: a ransomware infection that encrypts your local files will, through synchronization, encrypt your cloud copies as well.

The sovereign data architecture separates backup from cloud storage. Local backups — on external drives, on a network-attached storage device — provide copies that are independent of any platform account. Offline backups — drives that are not continuously connected — provide copies that are immune to ransomware propagation and account compromise. Cloud storage remains useful for synchronization and access. It should not be the only place your important data exists.

Domain Names and DNS: The Overlooked Vulnerability

Your domain name — the address that customers use to find your website, the identifier behind your email — is registered through a domain registrar and resolved through the Domain Name System. Both of these layers represent single points of failure that most businesses never think about until something goes wrong.

Domain registrars can suspend or seize domain names for terms-of-service violations, legal disputes, or government orders. The seizure of a domain name is functionally equivalent to the seizure of a business’s physical address and phone number simultaneously. All web traffic, all email, all services tied to that domain cease to function.

DNS, the system that translates domain names into the IP addresses that computers use, is another dependency. Most businesses use their domain registrar’s DNS servers by default. An outage at the DNS provider — or a deliberate denial-of-service attack against DNS infrastructure — makes the website unreachable even if the web server itself is functioning perfectly. The 2016 Dyn DNS attack demonstrated this at scale, taking major websites offline for hours by attacking a single DNS provider.

The sovereign digital stack uses a domain registrar with a strong track record and clear policies, configures DNS through a provider independent of the registrar (creating redundancy), and maintains the ability to migrate to alternative providers quickly if necessary. These are not expensive or technically difficult measures. They are the digital equivalent of having a spare key to your own building.

The Sovereign Digital Stack

The principles are consistent across every digital dependency: own what you can, diversify what you must rent, and ensure that no single provider controls a critical function without an alternative available.

Email: maintain your own domain for email rather than depending on a free provider’s address. A custom domain email can be migrated between providers — from Google Workspace to Microsoft 365 to a self-hosted solution — without losing the address. A Gmail address cannot be migrated. It is Google’s address, and you use it at Google’s discretion.

Files: maintain local backups independent of any cloud provider. Use cloud storage for convenience and synchronization, not as your sole repository. A network-attached storage device in your home provides local, high-speed backup under your physical control.

Website: if your business depends on a website, understand your hosting dependency. Maintain the ability to deploy on alternative hosting within days, not weeks. Keep current backups of your website data, including databases.

Payment processing: maintain relationships with at least two payment processors. Understand the terms of service of each. Maintain a cash reserve sufficient to cover operating expenses during a processor transition.

Customer communications: build an email list that you own and control, separate from any social media platform. An email list on a platform like Kit, Mailchimp, or a self-hosted solution is portable. A social media following is not.

What This Means For Your Sovereignty

Digital infrastructure is the contemporary equivalent of the physical infrastructure Thoreau built at Walden: the foundation on which your daily life and your economic activity rest. The difference is that Thoreau owned his cabin. Most of us rent our digital infrastructure from companies that can change the terms or revoke access at their discretion.

The sovereign does not reject platforms. Platforms are tools, and useful ones. The sovereign ensures that no single platform is a single point of failure. The sovereign owns their domain, maintains their backups, diversifies their payment processing, and builds their audience on ground they control — an email list, a website on their own domain — while using social media as a distribution channel rather than a foundation.

This is not paranoia. It is the same principle that leads a prudent business owner to carry insurance, maintain emergency reserves, and avoid dependence on a single client for the majority of their revenue. The only thing unusual about applying this principle to digital infrastructure is that most people have never thought about it — because the platforms have made dependence so convenient that the fragility it creates is invisible until the moment it is not.

This article is part of the Institutional Fragility series at SovereignCML.

Related reading: The Grid Is a Single Point of Failure, The Pattern: Why All Institutional Fragility Looks the Same, The Sovereign Response