Cloud Empires and the Platform as Private Sovereign
Vili Lehdonvirta's Cloud Empires is a history of how digital platforms became private governments. Its strongest claim isn't that Amazon, eBay, Upwork, Apple, Uber, Bitcoin, and GoFundMe grew powerful, but that they grew powerful by supplying order: identity, trust, enforcement, payment, reputation, dispute resolution, labor discipline, and market access. Read in the AI era, the book explains why model platforms and agent ecosystems are becoming institutions before publics have decided how to govern them.
Platform sovereignty is the power to make participation conditional: to define the identity, money, ranking, visibility, remedy, data, labor, and exit rules that others must accept in order to work, sell, speak, build, or delegate action. The question is not whether platforms resemble states in every way. It is which public powers they exercise while remaining privately governed.
The operational test is a platform-sovereignty file: identify the rulemaker, governed population, access gate, data and payment rails, appeal route, portability path, agent authority, audit log, and public-law hook before a private interface becomes the only practical way to participate.
The Book
Cloud Empires: How Digital Platforms Are Overtaking the State and How We Can Regain Control was published by the MIT Press in September 2022, with a paperback edition in February 2024. MIT Press lists the hardcover at 296 pages, ISBN 9780262047227, and notes that the book was a 2023 PROSE Award finalist in Business, Finance, and Management.
Lehdonvirta writes from economic sociology and platform-labor research. Oxford Internet Institute's current profile lists him as a former Professor of Economic Sociology and Digital Social Research at the OII and as Professor of Technology Policy at Aalto University, with current research on the geopolitics and geoeconomics of digital infrastructures, cloud computing, and AI compute. That background matters because the book is not a loose complaint about Big Tech. It is an institutional history of how online markets got rules.
The book's recurring puzzle is simple: the internet was supposed to route around old institutions, but online commerce quickly rediscovered the need for institutional order. Buyers needed fraud protection. Sellers needed reputation systems. App developers needed distribution and payment rails. Gig workers needed income, rankings, and dispute processes. Crowdfunding users needed trust. Each problem invited a platform to build rules, then enforce them.
Current Context
As of June 25, 2026, Cloud Empires reads less like a metaphor and more like a description of the regulatory problem. The European Commission's Digital Markets Act materials define gatekeepers as large platforms that provide core platform services such as search engines, app stores, and messaging services, and the current gatekeeper portal lists Alphabet, Amazon, Apple, Booking, ByteDance, Meta, and Microsoft across 23 designated core platform services. On April 23, 2025, the Commission found Apple and Meta in breach of the DMA and imposed fines of €500 million and €200 million respectively. On June 25, 2026, the Commission also informed Amazon and Microsoft of its preliminary view that AWS and Azure should be designated as gatekeepers for cloud computing services, citing their role as gateways, lock-in effects, high switching costs, and AI tools and partnerships as factors in cloud procurement. Those decisions and preliminary positions do not settle platform democracy, but they show regulators treating app stores, advertising systems, marketplaces, identity/data choices, and cloud infrastructure as public-interest governance surfaces rather than ordinary product settings.
The EU Digital Services Act adds a second frame. Very large online platforms and search engines, defined by the Commission as services with more than 45 million monthly users in the EU, must address systemic risks, transparency around advertising and recommender systems, content-moderation decisions, external oversight, and mitigation duties. The EU Data Act, applicable since September 12, 2025, adds access, use, and switching rules for data, including cloud-computing contract materials. These are not interchangeable laws. Together they point to the same institutional fact Lehdonvirta tracks: platform order is now important enough that lawmakers are specifying how it must be explained, contested, and sometimes opened.
AI makes the platform-state question sharper. The EU AI Act's general-purpose AI materials require providers of GPAI models to draw up technical documentation, implement a copyright policy, and publish a summary of training content; providers of GPAI models with systemic risk face additional notification, risk-assessment, incident-reporting, and cybersecurity obligations. The General-Purpose AI Code of Practice, published July 10, 2025 and assessed by the Commission and AI Board as an adequate voluntary compliance tool, translates some of those duties into model documentation, copyright, safety, and security practices. This is platform governance for model infrastructure: not only what the model says, but who can integrate it, audit it, rely on it, and exit it.
The United Kingdom's competition regulator is moving in a parallel direction. The CMA's Apple mobile-platform case page records an October 22, 2025 final decision designating Apple as having strategic market status in respect of its mobile operating systems, app distribution, mobile browser, and browser engine; the same page records April 1, 2026 final commitments around app-store processes and interoperable access. The CMA's AI foundation-model update paper frames foundation models through access, diversity, choice, fair dealing, transparency, and accountability. The current policy vocabulary is no longer only "innovation" or "competition." It is institutional dependence.
Markets Need Order
Cloud Empires is strongest when it refuses the fantasy of the frictionless market. A market without trust is not freedom. It is exposure. The early web could connect strangers, but connection alone did not answer basic questions: who is real, who pays, who delivers, who cheats, who decides a dispute, who can be expelled, and who bears loss when the system fails.
Platforms answered those questions with architectures of order. Amazon and eBay made commercial reputation operational. Apple made the app store a gatekeeping regime. Upwork and Mechanical Turk converted remote labor into task markets, ratings, account histories, and terms of service. Uber reorganized transportation around algorithmic dispatch, pricing, and driver control. GoFundMe became, in Lehdonvirta's framing, a platform substitute for parts of the welfare state.
This is the book's core lesson for technological politics: software becomes institutional when people must pass through it to act. A platform is not just a website or marketplace. It is a rule system with memory, sanctions, access controls, appeal procedures, taxonomies, payment mechanics, and private administrators. The interface may look like convenience. The deeper layer is governance.
The recurring site theme here is legibility becoming command. A seller becomes a rating history. A driver becomes an acceptance rate and location trace. A developer becomes an app-review queue. A donor becomes a fraud-risk signal. Once the platform makes people legible in its own categories, it can sort, reward, punish, and exclude them through interface changes that look smaller than law but can matter like law.
The Platform-State
The best secondary readings of the book emphasize this state-like dimension. A Socio-Economic Review forum describes the book's central move as analyzing large digital firms as private providers of the institutional foundations of commerce. The same forum notes that Lehdonvirta reconstructs how firms came to organize governance across labor markets, retailing, and monetary systems.
That formulation is useful because it prevents two easy mistakes. The first is treating platform power as only monopoly power. Monopoly matters, but a platform can be politically important because it supplies the order that makes a market usable. The second mistake is treating platform rules as merely private preferences. When a platform sets identity requirements, fee schedules, rating rules, moderation policies, ranking systems, APIs, appeal routes, and enforcement thresholds, it is making law-like decisions for a population that may have nowhere equivalent to go.
This is why "vote with your feet" often fails as a governance theory. Exit is weak when the platform is the practical place where customers, sellers, workers, developers, donors, advertisers, audiences, tools, and payment flows already gather. Dependence turns the platform into an environment. People experience private policy as the conditions of reality.
The state analogy is strongest when it stays concrete. A platform taxes through fees, polices through moderation and account discipline, legislates through terms and developer policies, adjudicates through dispute processes, issues identity through accounts, manages borders through APIs and app review, and keeps records through logs, rankings, and reputation systems. It is not a state, but it can exercise enough state-like functions that public law has to ask what obligations attach to those functions.
Labor Under Private Rules
The labor chapters are especially important for AI-era reading because they show how control appears before automation becomes total. Platform work is not simply work mediated by an app. It is work inside a privately administered labor market where visibility, pay, task allocation, fraud flags, ratings, account standing, and dispute outcomes are shaped by systems the worker usually cannot inspect.
The worker may be called independent, but the platform supplies the institutional field in which independence is possible. A freelance profile, driver account, crowdwork rating, seller dashboard, or app-store listing becomes both identity document and work permit. Losing access can mean losing livelihood. The platform's governance apparatus is therefore not an optional service around the market. It is the market's operating condition.
This is where Lehdonvirta pairs well with the labor shelf: Ghost Work, Behind the Screen, Data Driven, The Eye of the Master, and Platform Capitalism. Together, they show a sequence. First the work is moved into a platform. Then the work is measured. Then it is governed by dashboards, rankings, policies, and automated enforcement. Then AI is added as supervisor, assistant, filter, or replacement.
The safety issue is not only low pay or bad classification. It is procedural power. A worker who cannot inspect a fraud flag, contest a rating, recover an account, export a reputation, or learn why tasks disappeared is governed without a usable record. The platform has a file; the worker has a notification.
The AI-Age Reading
Cloud Empires was written before the current generative-AI boom became the dominant technology story, but its analysis travels cleanly. Foundation-model companies are not only selling models. They are building platforms: APIs, app stores, agent frameworks, tool registries, identity layers, evaluation systems, safety policies, cloud partnerships, developer programs, usage logs, enterprise admin panels, and marketplaces for automated work.
An AI agent is especially dependent on institutional plumbing. To act on behalf of a user, it needs accounts, permissions, payment authority, data access, memory, tools, logs, and policy boundaries. Whoever owns those connections can shape what agency means. The platform decides which tools are trusted, which actions require confirmation, what data persists, what gets logged, what can be monetized, what is blocked, and who is responsible when the agent causes harm.
Lehdonvirta's state analogy therefore sharpens a governance question that model-safety debates can miss. Accuracy, bias, robustness, and misuse are important, but they are not the whole politics of AI. The larger issue is institutional capture: whether work, commerce, knowledge, public services, and personal delegation become dependent on privately administered cognitive infrastructure.
The AI platform is powerful because it can join three layers that used to be easier to separate: the model that interprets, the cloud that hosts, and the agent layer that acts. A buyer may think it is choosing a chatbot, but the deployed system may also fix the identity provider, vector store, logging format, eval regime, content policy, tool marketplace, payment channel, and export path. That is why AI procurement and vendor governance belong inside the analysis rather than after it.
Governance and Safety
The governance lesson is not "abolish platforms" or "trust platforms." It is to govern the functions that make platforms sovereign. A serious platform-governance file should identify the rules for identity, ranking, fees, payments, moderation, account suspension, dispute resolution, data retention, API access, interoperability, audit logs, worker status, developer terms, advertising, recommender systems, and exit.
For AI platforms, the same file needs model and system documentation, training-content summaries where available, data-use limits, customer-log retention rules, no-training defaults for sensitive material, subcontractor disclosure, security controls, incident reporting, tool-permission design, and evidence that users or buyers can export records without losing institutional memory. A policy that says "human review" is not enough if the reviewer cannot see the logs, source documents, model version, tool call, or previous account decision.
Agentic systems need stricter controls because platform sovereignty becomes delegated action. Minimum safeguards include least-privilege permissions, separate identities for agents, action receipts, confirmation gates for spending or external communication, rollback paths, durable logs, rate limits, sandboxing for untrusted tools, and clear responsibility when an automated action harms a user, worker, customer, or third party. This is the same record-integrity problem described in agent action receipts and AI audit trails.
Safety also requires preserving competent order. Lehdonvirta is right that markets need trust, fraud control, reliable payments, moderation, and dispute handling. The alternative to private sovereignty is not unmanaged chaos. It is accountable order: public rules for high-power platforms, interoperable exit, meaningful appeals, regulator access, worker and developer voice, and public reporting that turns private administration into something reviewable.
The practical test is simple. If a platform decision can remove livelihood, distribution, speech reach, payment access, public-service access, or an agent's ability to act, then the decision should leave a contestable record. If the record belongs only to the platform, the governed person is not a participant in the system. They are an object inside it.
Platform-Sovereignty File
A platform-sovereignty file starts by naming the population under rule: sellers, drivers, developers, advertisers, creators, patients, students, public agencies, model customers, agent users, or third parties affected by automated action. Then it names the gate: account, app store, API, cloud region, identity layer, payment rail, ranking system, moderation queue, agent connector, or enterprise admin console. The file should show who can change the rule, who receives notice, who can appeal, and who can leave without losing livelihood, records, audience, or public-service access.
The file should separate market power from institutional power. Market power asks whether alternatives exist. Institutional power asks whether the platform supplies identity, trust, dispute resolution, fraud control, payment, safety, or labor allocation that users cannot easily reproduce elsewhere. A smaller platform can still govern arbitrarily; a competitive platform market can still leave workers and developers without portable reputation, transparent rule changes, or usable recourse.
For AI platforms, the file needs an agent layer: model owner, deployment owner, tool registry, credentials, data retention, log access, tool-call receipts, model-change notice, incident reporting, and rollback authority. A model platform becomes sovereign when it controls not only outputs but the conditions under which other systems can see, decide, pay, publish, hire, moderate, or act. That connects this review to AI agent identity, agent tool permissions, AI audit trails, and AI system inventories.
The public-law hook should be explicit. A DMA designation, DSA obligation, Data Act switching rule, AI Act GPAI duty, UK strategic-market-status decision, sector regulator order, procurement clause, or labor-law rule may each cover a different part of the platform. Source discipline matters because these are not interchangeable. The test is whether the governed person can reconstruct the decision chain and find a remedy outside the private dashboard.
Where the Book Needs Care
The book's breadth is a strength, but the historical analogy can sometimes run ahead of the institutional detail. Platforms do resemble states in some functions, but they are not states. They lack the same public-law duties, electoral accountability, territorial obligations, constitutional limits, and redistributive responsibilities. Calling them state-like is analytically useful only if it helps identify which powers they exercise and which obligations they evade.
The book also has to compress many platform histories into a single arc. Readers looking for deep technical accounts of recommendation systems, content moderation, cloud infrastructure, antitrust litigation, or data-center politics will need companion texts. The value here is not exhaustive coverage of every platform subsystem. It is the conceptual reframing: platforms should be judged as institutions, not only as firms.
That reframing also raises a hard problem the book can only partially solve. If platforms provide order that users actually need, then the answer cannot be simple decentralization or simple antitrust. Breaking up a private sovereign does not automatically create democratic governance. A weaker platform can still be arbitrary. A decentralized system can still be unsafe, exclusionary, or captured. Public control has to build competent institutions, not just denounce private ones.
The book also predates the agent-platform layer now emerging around foundation models. That does not make it obsolete. It means the state analogy should be carried into new control points: model access, compute allocation, tool registries, memory defaults, safety policy, action logs, and cloud switching. The sovereign function may move from the marketplace page to the API, admin console, agent connector, or enterprise identity layer.
What This Changes
The recurring danger is that administration disappears into interface. A platform rule becomes a button state. A labor policy becomes a score. A welfare failure becomes a crowdfunding page. A market boundary becomes an API permission. A sovereign decision becomes a notification.
Cloud Empires gives a durable diagnostic habit: when a digital system promises freedom from institutions, ask which institution it is quietly becoming. Who writes the rules? Who benefits from the order? Who can appeal? Who has exit? Who sees the records? Who can change the terms? Who performs the work of enforcement? Who is governed without being represented?
For AI, the same habit becomes urgent. Model platforms are beginning to mediate speech, software, research, commerce, education, search, hiring, medicine, government services, and personal delegation. They will not merely answer questions. They will set conditions for action. The politics of the next interface will be the politics of private institutions that look, from the user's side, like helpful machines.
The review shelf often asks how systems become reality-shaping without announcing themselves as rulers. Cloud Empires gives one answer: by solving real coordination problems and then making the solution indispensable. The right response is not nostalgia for disorder. It is a demand that indispensable infrastructure become inspectable, portable, appealable, and answerable to the people who must live under its rules.
Source Discipline
This review separates the book's institutional argument from current legal claims. MIT Press and author-profile sources support bibliographic and author-context claims. Academic reviews support the reception and interpretation of the book. Current claims about DMA, DSA, Data Act, AI Act, GPAI, and UK strategic-market-status policy come from official European Commission, UK Competition and Markets Authority, or government pages. Vendor pages, if used at all, should show only advertised capabilities, not proof of safety, fairness, competition, or public consent.
Current legal claims are dated because DMA designations, DSA designations, UK strategic-market-status decisions, Data Act cloud-switching rules, and AI Act GPAI duties move on different timelines. This article treats those sources as evidence of governance duties, enforcement status, or regulator positions, not as proof that any platform is democratic, safe, or lawful in every product decision.
Platform-governance claims also need careful verbs. A designation is not a final finding of every possible violation. A voluntary code is not the same thing as a binding statute. A transparency report is not an audit. A portability right is not proof that exit is easy in practice. An app-store commitment is not a full democratic constitution. The source has to match the claim.
This page makes no claim that any AI system is conscious, divine, or AGI. The power at issue is institutional: platforms can write rules, keep records, allocate access, and make private administration feel like the normal condition of digital life.
Related Pages
- Platform power: The Platform Society, Platform Capitalism, Technofeudalism, The Master Switch, and The Age of Surveillance Capitalism.
- Labor and hidden administration: Ghost Work, Behind the Screen, Work Without the Worker, Feeding the Machine, and The Eye of the Master.
- Governance tools: Vendor and Platform Governance, Platform Governance, Platform Monopoly Power, Duty of Care for AI Platforms, and Transparency and Public Registers.
- AI controls: AI Procurement, AI System Inventory, AI Audit Trails, AI Data Provenance, Algorithmic Impact Assessments, and The Agent Log Becomes the Receipt.
- Agent infrastructure: AI Agent Identity, Agent Tool Permission Protocol, Agentic Commerce, AI Bill of Materials, and Notice and Appeal.
Sources
- MIT Press, Cloud Empires by Vili Lehdonvirta, publisher listing, publication dates, ISBNs, page count, illustrations, description, author note, and PROSE finalist note, reviewed June 25, 2026.
- Oxford Internet Institute, "Professor Vili Lehdonvirta", author profile, research background, cloud infrastructure research, and AI compute research, reviewed June 25, 2026.
- Timur Ergen et al., "On Vili Lehdonvirta's Cloud Empires", Socio-Economic Review 22, no. 4, October 2024, pp. 2025-2038, DOI: 10.1093/ser/mwae023, reviewed June 25, 2026.
- Timo Seidl, review of Cloud Empires, Regulation & Governance, 2022, DOI: 10.1111/rego.12493, reviewed June 25, 2026.
- Niamh Healy, review of Cloud Empires, Journal of Cyber Policy 8, no. 2, 2023, pp. 277-279, DOI: 10.1080/23738871.2023.2287116, reviewed June 25, 2026.
- European Commission, Digital Markets Act overview, gatekeeper definition, core platform service framing, obligations and prohibitions, implementation reporting, and June 25, 2026 cloud-services preliminary position, reviewed June 25, 2026.
- European Commission, DMA Gatekeepers Portal, current gatekeeper designations and designated core platform services, reviewed June 25, 2026.
- European Commission, "Commission finds Apple and Meta in breach of the Digital Markets Act", April 23, 2025 non-compliance decisions and fines, reviewed June 25, 2026.
- European Commission, "Commission reaches preliminary position that Amazon's and Microsoft's market leading cloud services should be designated under the DMA", June 25, 2026 AWS and Azure preliminary position, reviewed June 25, 2026.
- European Commission, "DSA: Very large online platforms and search engines", VLOP/VLOSE threshold, systemic-risk, transparency, advertising, recommender-system, and mitigation duties, reviewed June 25, 2026.
- European Commission, Data Act explained, applicability date, data access, use, and switching context, reviewed June 25, 2026.
- European Commission, General-purpose AI obligations under the AI Act, technical documentation, copyright policy, training-content summary, systemic-risk, incident-reporting, and cybersecurity obligations, reviewed June 25, 2026.
- European Commission, General-Purpose AI Code of Practice, voluntary compliance tool, transparency, copyright, safety, and security chapters, reviewed June 25, 2026.
- European Commission, Explanatory Notice and Template for the Public Summary of Training Content for General-Purpose AI Models, training-content disclosure context, reviewed June 25, 2026.
- UK Competition and Markets Authority, Apple's mobile platform case page, strategic market status final decision, mobile platform scope, and 2026 app-store and interoperability commitments, reviewed June 25, 2026.
- UK Competition and Markets Authority, AI Foundation Models: Update paper, final principles for competition and consumer protection in foundation-model markets, reviewed June 25, 2026.
Book links are paid affiliate links. As an Amazon Associate I earn from qualifying purchases.
- Amazon, Cloud Empires by Vili Lehdonvirta, affiliate listing, reviewed June 25, 2026.