SWITCHED ON
The daily technology series nobody asked for but everyone needed
The Pipes: Who Actually Controls the Internet's Physical Infrastructure
Ninety-five percent of international internet traffic travels through cables on the ocean floor, most of them privately owned, some of them increasingly built by the same companies whose platforms ride on top of them. The internet feels like a cloud. It is actually a very specific and very vulnerable set of wires.
The word "cloud" was the most successful piece of infrastructure marketing in the history of computing. It described a system of concrete buildings, copper and fibre cables, and physical servers as something ethereal and placeless. The internet has a location. It has owners. And increasingly, those owners are the same five or six companies whose platforms dominate everything built on top of it.
Yesterday we toured the new factory — additive manufacturing's genuinely different economic logic, Industry 4.0's lighthouse facilities and the gap to typical manufacturing, the reshoring push and its slower-than-promised reality, and the supply chain lesson from COVID-19 that has been partially but not fully learned. Today we are going underneath everything this entire series has discussed — literally, in most cases, to the ocean floor. The physical infrastructure of the internet: the undersea cables that carry the overwhelming majority of international data traffic, the internet exchange points where networks interconnect, the root server system that makes domain names work, and the question of who actually owns and controls the infrastructure that every digital service in this series depends on. This is the episode about the plumbing. It matters more than its lack of glamour suggests.
01 — The Cables on the Ocean Floor
Approximately ninety-five to ninety-nine percent of international internet and telecommunications traffic travels through submarine fibre optic cables — not satellites, which carry a small fraction of total traffic despite the attention Starlink and its competitors receive. There are currently more than five hundred active submarine cable systems, totalling over 1.4 million kilometres of cable, laid on the ocean floor by specialised cable-laying ships, connecting continents and enabling the international internet as it actually functions.
The ownership of this infrastructure has shifted dramatically over the past fifteen years. Submarine cables were historically owned by consortiums of telecommunications carriers — AT&T, BT, NTT, and similar national carriers building shared infrastructure. Increasingly, the largest and most significant new cables are owned wholly or substantially by the major technology platforms themselves. Google has invested in or wholly owns more than twenty submarine cable systems. Meta, Amazon, and Microsoft have similarly significant cable ownership stakes. The 2Africa cable, a Meta-led consortium project, is the longest submarine cable system in the world at over 45,000 kilometres, circumnavigating the African continent and connecting it to Europe and Asia.
The same companies whose platforms dominate the application layer of the internet increasingly own the physical infrastructure layer beneath it. This vertical integration gives them control over latency, routing, and capacity that smaller competitors and even some national telecommunications operators do not have, and it has happened with remarkably little public or regulatory scrutiny relative to its significance.
The physical vulnerability of this infrastructure is significant and periodically demonstrated. Cables are damaged by fishing trawlers, ship anchors, and natural events including earthquakes and underwater landslides far more frequently than by deliberate sabotage — there are an estimated 100 to 200 cable faults globally each year, mostly repaired within days to weeks by specialised repair vessels. The 2008 Mediterranean cable cuts, which significantly disrupted internet connectivity across the Middle East and South Asia, demonstrated how concentrated certain chokepoints are. More recently, suspected sabotage of cables in the Baltic Sea in 2023 and 2024, in the context of heightened tension following Russia's invasion of Ukraine, has elevated submarine cable security to a recognised national security concern across NATO countries, with several nations announcing increased naval patrols and monitoring of critical undersea infrastructure.
02 — Internet Exchange Points and the Architecture of Routing
Internet exchange points — physical facilities where different networks interconnect and exchange traffic directly rather than routing through third-party intermediaries — are the less visible but equally critical infrastructure layer that determines internet performance and resilience. DE-CIX in Frankfurt, AMS-IX in Amsterdam, and LINX in London are among the largest IXPs globally, each handling traffic volumes measured in terabits per second and serving as critical junctions through which much of European internet traffic passes.
The geographic concentration of major IXPs creates a different kind of chokepoint vulnerability than submarine cables — a small number of facilities through which a disproportionate volume of regional or global internet traffic flows. This concentration exists partly for sound technical and economic reasons (network effects favour interconnection where other networks already interconnect) and partly as a legacy of historical infrastructure development patterns that have proven difficult to diversify away from.
The routing protocol that determines how data actually finds its way across this infrastructure — the Border Gateway Protocol, or BGP — was designed in the 1980s with minimal security considerations, operating on a fundamentally trust-based model in which networks announce the routes they can provide and other networks generally accept these announcements without independent verification. BGP hijacking — in which a network falsely announces it can route traffic for address ranges it does not actually control — has been used both accidentally (misconfiguration) and deliberately (traffic interception, censorship, and in documented cases attributed to state actors) to redirect internet traffic. Significant BGP security improvements, including Resource Public Key Infrastructure, have been developed and are being adopted, but implementation remains incomplete across the global routing system, leaving a foundational protocol of the internet running on infrastructure-level trust assumptions that are increasingly recognised as inadequate.
03 — The Root Server System and Domain Name Governance
The Domain Name System — which translates human-readable domain names into the numerical IP addresses that computers actually use to route traffic — depends on a root server system consisting of thirteen logical root server identities, operated by twelve different organisations including universities, non-profits, and commercial entities, physically implemented across hundreds of server locations worldwide through a technique called anycast routing.
The governance of the domain name system has been a genuinely contested issue in internet governance for decades. ICANN, the Internet Corporation for Assigned Names and Numbers, oversees the domain name system under a multi-stakeholder governance model that has been deliberately structured to avoid control by any single government, following the historical period in which the US government held direct contractual oversight of this function. The transition of this oversight away from direct US government control, completed in 2016, was a significant and contested moment in internet governance, with debates about whether multi-stakeholder governance (involving technical experts, civil society, businesses, and governments collectively) or more traditional intergovernmental control (through a body like the UN's International Telecommunication Union) represented the more legitimate and effective model.
This is not an abstract governance debate. Countries including Russia and China have advocated for years for greater state control over internet governance through intergovernmental bodies, framing the multi-stakeholder model as a vehicle for continued US and Western technology company dominance. Western governments and most internet technical and civil society communities have defended the multi-stakeholder model as more resistant to authoritarian capture and more reflective of the internet's genuinely global and decentralised character. The outcome of this ongoing contest will shape who has effective control over the internet's naming and addressing infrastructure for decades.
04 — The Cloud Concentration Problem
Beyond the cables and routing infrastructure, the computing infrastructure that actually runs the applications and services built on top of the internet has become extraordinarily concentrated. Amazon Web Services, Microsoft Azure, and Google Cloud Platform collectively control approximately two-thirds of the global cloud infrastructure market. A significant proportion of the internet services that hundreds of millions of people use daily run on infrastructure owned by three companies.
The systemic risk this concentration creates has been demonstrated repeatedly. AWS outages have simultaneously disrupted Netflix, Slack, Coinbase, and thousands of other services that depend on AWS infrastructure, because an outage in a single AWS region cascades to every service hosted there regardless of how unrelated those services otherwise are. A significant outage at any of the three major cloud providers has the potential to disrupt a substantial fraction of global internet services simultaneously — a level of systemic concentration risk that would likely trigger significant regulatory intervention in almost any other critical infrastructure sector, and that has received comparatively little regulatory attention in this one.
05 — The Sovereignty Question
The combination of submarine cable ownership concentration, cloud infrastructure concentration, and the technical architecture of internet routing has produced a situation in which a relatively small number of primarily American technology companies have substantial practical influence over global internet infrastructure — a state of affairs that an increasing number of governments, including European ones nominally allied with the US, have begun to view as a sovereignty concern.
The EU's digital sovereignty agenda — encompassing GAIA-X, a proposed European cloud infrastructure initiative, and broader policy efforts to reduce dependency on American cloud and infrastructure providers — reflects this concern directly, though its practical impact to date has been limited relative to its ambitions, hampered by the genuine technical and economic advantages that the incumbent American providers have built over more than a decade of infrastructure investment. China has pursued a more decisive sovereignty strategy, building a largely separate internet infrastructure stack — domestic cloud providers, the Great Firewall's content control infrastructure, and increasing efforts toward semiconductor and infrastructure self-sufficiency — that represents the most complete example of internet infrastructure sovereignty currently in existence, achieved at the cost of significant isolation from the global internet as most other countries experience it.
The underlying tension — between the efficiency and innovation benefits of a globally integrated internet infrastructure built by companies with the capital and expertise to build it well, and the sovereignty and resilience risks of depending on infrastructure controlled by a small number of foreign private companies — does not have a resolution that satisfies every legitimate concern simultaneously. It is, like most of the governance questions in this series, a trade-off that different countries are making differently, with consequences for global internet architecture that will play out over decades.
Tomorrow we are moving from infrastructure to something considerably more immediate and personal — autonomous vehicles, where the technology genuinely stands in 2026, why the promised timeline for full self-driving has slipped repeatedly, and what the Waymo and Tesla approaches reveal about two fundamentally different bets on how this technology should be built. See you then.
Switched On is a daily technology series covering the ideas, systems, and arguments shaping the digital world. Opinionated. Witty. Occasionally wrong. Always worth the argument.



