0

The Amazon Web Services outage might seem a small price to pay for the high quality and value AWS provides. After all, the disruption was unintentional—a simple backend mistake—and AWS delivers many benefits through its scale and efficiency. Yet, smaller enterprises, especially telecom providers, face far stricter regulatory standards, covering compliance, reliability, disclosure, and transparency. It is difficult to fathom why AWS, a company with a market capitalization in the trillions of dollars, gets a pass.

RELATED: Microsoft’s cloud struggles continue: Azure outage follows June layoffs

Indeed some 2000 enterprises were negatively impacted by the outage, including Uber, Lyft, Starbucks, Snapchat, Slack, Reddit, Pokémon Go, Fortnite, Roblox, Sony’s PlayStation Network, Coinbase, British Telecom, Zoom, Perplexity, ChatGPT and the UK tax authority. AWS, with revenues of $126 billion last year, accounts for 70 percent of the world’s cloud computing market along with Google and Microsoft.

Compounding this, AWS consistently lobbies against financial contributions that could support more accessible and resilient access networks—investments in broadband infrastructure, connectivity vouchers for low-income users, or other public-interest and resiliency measures.

Globally AWS has funded reports claiming that requiring it to contribute financially to such programs would devastate economic growth, often citing doomsday scenarios. Network usage fees are what customers pay to AWS to use its networks and cloud services, and somehow it’s wrong for competitors to charge these, AWS purports.

AWS has singled out South Korea for its usage fee regime, claiming that its regime reduces investment, security, innovation, and welfare—a claim at odds with reality, as South Korea, which for more than two decades, remains a widely recognized digital nation and leads in fiber and 5G broadband deployment, access, and digital skills. Indeed, policymakers worldwide study the policy success of South Korea. AWS seems determined that other nations should avoid Korea’s valuable lessons and policy measures which have served the people and enterprises of this competitive nation, one of the few which has produced indigenous digital innovation which challenges Big Tech.

ADVERTISEMENT

AWS relies on its trade association CCIA, the consultancy Analysys Mason, and others to fabricate these reports. Strand Consult fact-checked these claims and found them based on stretched reasoning that even the reports’ authors acknowledge.

Check out Strand Consult’s Fact Checks based upon the dubious claims promoted by CCIA and Analysys Mason.

The asymmetry in obligations and accountability between AWS and traditional telecom providers

AWS operates a parallel internet, with its own fiber-optic backbones, routers, switches, and interconnection points. There is a legitimate legal discussion as to whether these elements constitute “telecommunications” under U.S. law, facilitating the “transmission” of data—that is, the movement of information from one point to another without alteration. Indeed, it is likely that AWS is already eligible to contribute to the Universal Service Fund (USF) in the United States, but has not done so because of FCC forbearance, which allows AWS to claim a self-provider exemption. By contrast, countries like India have updated their telecommunications laws to explicitly include hyperscale cloud providers such as AWS and their OTT services, though have yet to pull the regulatory trigger.

Telecom providers are subject to a mountain of regulatory obligations, including number portability, interconnection requirements, and service quality obligations. Regulators often pretend that analogous obligations exist for cloud providers under the rubric of “data portability” and “data breach notification”, but in practice, enforcing such rules across a hyperscaler’s sprawling, global cloud portfolio is extremely difficult and cumbersome. Many regulators are likely reluctant to challenge these hyperscalers—a fear that is understandable given AWS’s formidable, multi-million-dollar lobbying engine, which includes dozens of firms staffed with former government officials, law enforcement veterans, and other influential operatives. See the Corporate Europe Observatory and Open Secrets for USA for more details.

AWS’s refusal to participate in broader social obligations—such as funding network resilience or supporting low-income connectivity whether through public or private means—undermines the public good of a reliable, resilient, and accessible Internet ecosystem.

ADVERTISEMENT

Amazon: The Internet’s Single Point of Failure

The AWS outage unveiled a difficult truth: the modern internet depends on a handful of cloud providers whose internal failures can cascade across banks, hospitals, government agencies, news outlets (Key telecom trade media LightReading.com and Telecoms.com were down for several hours), and everyday applications. This is the classic definition of a single point of failure. When a centralized system breaks, everything connected to it goes dark.

This fragility stands in contrast to the way traditional communications networks have long been regulated. For example under Title II of the Communications Act in the United States, providers of essential services—like telephone networks—were classified as “common carriers.” This classification came with certain obligations: they had to serve any customer who made a reasonable request, provide service on fair and nondiscriminatory terms, publish their terms openly, and submit to oversight in the public interest. For example, nations regulate the minimum backup power levels for mobile infrastructure, mobile providers, and emergency service providers. While the debate over whether cloud services should fall under such rules is far from settled, the logic behind these obligations helps us understand the problem at hand.

Why Single Points of Failure Matter

In the AWS case, technical errors in one region, such as failures in DNS and internal monitoring systems, disrupted service for thousands of organizations. Users—from banks to online retailers—had no practical alternative in the moment. Their systems had been designed around a single cloud region or provider. The problem wasn’t just that something broke. It was that no backup existed outside of the same ecosystem. In a traditional utility framework, that would be considered a failure to “serve upon reasonable request.”

Cloud providers aren’t phone companies. But they now provide the infrastructure through which communication, commerce, health care, and public safety operate. When their systems falter, society feels the impact immediately. The question isn’t whether AWS or any single provider is acting in bad faith. It is whether the current market incentives reward the level of resilience on which the public depends.

Regulatory Principles Revealed

The telecom regulation offers a conceptual lens—not necessarily a regulatory solution—for thinking about resilience and responsibility in essential digital services:

  • Duty to Provide Service Reliably: Traditional common carriers must provide service when reasonably requested. When a cloud failure affects millions simultaneously, it raises the question of whether essential digital infrastructure should meet a higher continuity standard.
  • Just and Reasonable Practices: Providers cannot impose unreasonable practices or rates. Today, many cloud customers unknowingly rely on single-region architectures. Pricing and standard contracts rarely reflect the systemic risks of that dependence.
  • Transparency (Tariffing): Historically, carriers published rates and service terms publicly. Cloud providers, by contrast, do not disclose detailed dependency maps, failover procedures, or the true scope of systemic risk. Customers often learn about those only after a failure.
  • Regulatory Oversight: Regulators intervene when services critical to the public interest fail or lack transparency. Whether or not this authority should apply to cloud services, the principle—that essential infrastructure should have meaningful accountability—remains relevant.

What Could Prevention Look Like?

Applying these ideas does not require full-scale utility regulation. Instead, they point toward pragmatic steps—some technical, some policy-based:

  • Architecting systems across multiple regions or providers to avoid single points of failure.
  • Shortening DNS recovery times, testing failover plans, and isolating control systems so internal monitoring failures don’t trigger wider collapse.
  • Requirements to publish clear incident reports, dependency disclosures, and resilience practices.
  • Minimum availability standards or credits that reflect the true cost of downtime.
  • Accountability mechanisms—whether public, regulatory, or contractual—so resilience is more than a marketing term.

Regulation Isn’t a Silver Bullet

Invoking regulation for cloud services is not without cost or controversy. The history of telecommunications shows that regulation has often led to unintended consequences—and, at times, outright failure. A key problem with regulation is asymmetry.

Traditional telecommunications providers must deliver basic, reliable service to all customers—and it regulated to do so. In contrast, AWS may seek to provide more reliable or resilient service—but it will do so as a premium offering, charging customers extra on top of standard AWS services. AWS is likely to offer solutions tailored to specific reliability needs, but access will come at an additional cost rather than being included as a baseline expectation. Some telecom providers would like to provide such service level agreements in lieu of mandated obligations but face de juris and de facto obstacles to do so.

AWS does not guarantee full resilience as a baseline public obligation. Instead, it increasingly frames resilience as an optional, premium feature—something customers can purchase if they can afford it. This mirrors existing models, such as Microsoft 365, where backup services and continuity protections are available, but only at additional cost. If this standard is acceptable for a global cloud provider, it raises a fundamental question: why are regional telecom providers held to higher mandatory reliability standards, often without the ability to charge extra.

Indeed there are workarounds if you can’t use your cellular network. Mobile calls over Wi-Fi, known as Wi-Fi Calling, allow users to make and receive calls using a Wi-Fi network instead of relying on cellular service. This is particularly useful in areas with poor cellular reception. To enable it, go to your phone’s settings, locate the Wi-Fi Calling option—often under “Calls,” “Network & Internet,” or “Connections”—and turn it on. You may need to verify your emergency address, and some carriers let you choose whether to prioritize Wi-Fi or the mobile network when both are available.

Another problem is that regulation can foster collusion between regulators and the regulated. In the twentieth century, AT&T and the FCC developed a cooperative relationship that effectively preserved AT&T’s monopoly for decades. Rates stayed high and innovation slowed. The landmark breakup of AT&T in 1984 was not just a reaction to excessive market power—it was a reaction to regulatory power being used to entrench incumbents rather than discipline them. A similar dynamic in cloud services could create barriers to entry, protect dominant firms, and discourage experimentation.

Regulation of cloud providers is not a trivial exercise

Second, regulation of cloud providers is not a trivial exercise. It would require legislative action or aggressive regulatory interpretation, extensive rulemaking, and ongoing enforcement—all of which demand political capital and financial resources that are in short supply. Lawmakers are reluctant to expand bureaucratic authority, and agencies already face credibility challenges. A regulatory project of this scale would have to overcome public skepticism toward both Big Tech and Big Government.

Third, the debate often assumes regulators possess superior knowledge about system risks or failure points. In reality, AWS employs some of the world’s leading engineers and operate infrastructure at a scale few public agencies can fully comprehend. Regulators do not necessarily know more than the operators they would regulate. And poorly informed mandates could lock in obsolete practices or hinder the very resilience they aim to protect.

And yet, this is not an argument for doing nothing. The issue is not whether regulators are smarter than cloud architects. It is whether some baseline disclosures and minimum standards should exist so customers and the public can understand the risks they are being asked to bear. Transparency about dependencies, clear incident reporting, and honest service-level guarantees do not require regulators to out-engineer Amazon. They simply require providers to explain the architecture society is now built upon.

Moreover, Amazon should not get a free ride on the downstream broadband networks that carry their growing volumes of data, video, and advertising traffic. Contributing like every other user is the foundational obligation necessary to ensure ecosystem resilience, network reliability, and affordable access.

Can Competition and Antitrust Fix the Problem?

Some argue that market competition—not regulation—is the best defense against systemic cloud failures. In theory, a capable chief technology officer hedges risk by spreading workloads across providers, but this doesn’t happen in practice. Diversification requires technical staff, governance systems, and the financial capacity to manage parallel vendors—luxuries most enterprises  don’t have. For most, cloud dependence is not a choice; it is an economic necessity. Even switching providers is not as simple as porting a phone number. Data formats, application architectures, identity systems, APIs, and security protocols are deeply integrated into each provider’s proprietary ecosystem.

Antitrust law is ill-suited to solve this: it can punish abuse of market power, but it cannot mandate redundancy or resilience. Amazon’s massive scale—spanning e-commerce, advertising, logistics, and cloud—is sometimes defended as the result of minimal regulation. But if that is true, it raises an uncomfortable question: why do regulated industries still bear obligations for reliability and public service, while unregulated ones that are equally essential to modern life do not?

The Conversation Worth Having

Cloud services have enabled extraordinary innovation. But the more essential they become, the more acutely we feel the consequences when they fail. Regulation emerged in a previous era to ensure reliability and transparency. We may not need to apply those rules to cloud services as they are. But the underlying questions—Who must be served? What level of reliability is reasonable? Who is accountable when systems fail?—are no longer theoretical.

Ignoring them leaves society dependent on digital infrastructure that is both indispensable and alarmingly fragile. A public conversation about resilience, responsibility, and the limits of Big Tech’s self-regulation is overdue.

Conclusion: The Accountability Gap Can No Longer Be Ignored

Cloud services now underpin banking, transportation, healthcare, emergency communications, and government functions. When AWS goes down, hospitals reroute patients, citizens cannot file taxes, payments stop processing, and public information systems go dark. Yet unlike telecom operators, AWS bears no statutory obligation to ensure continuity, contribute to universal service, or compensate the public for systemic harm.

This asymmetry is not accidental—it is the product of deliberate lobbying, regulatory forbearance, and a policy framework that treats cloud providers as private conveniences rather than critical infrastructure. That fiction is no longer tenable.

At the very least, it’s time to end AWS free ride on broadband networks. AWS can at least pay to cover the costs they create when consuming broadband network resources. This will go a long way to recover the cost to build and maintain broadband and make it more affordable for the most vulnerable.

Courtesy: Strand Consult

More in Features

You may also like