Big Tech, Big Regulation: Why Scaling a Platform Has Never Been Riskier

By Dianne See Morrison for University of Oxford Executive Education

In the last decade, companies built on the platform business model have reshaped entire industries, toppling incumbents and creating entirely new markets, products, and services. For consumers, platforms have delivered convenience, wider choice, value, and in some instances, new sources of income. Businesses, and especially SMEs, have also benefited, leveraging platforms to reach global markets, cut costs, and scale faster than ever. For the most successful players—Google, Facebook, Apple, Amazon, Alibaba, and Tencent—the model has fueled their rapid rise, seemingly overnight, with enviable profit margins and soaring revenues, particularly during the pandemic. And the platform juggernaut shows no signs of slowing, churning out more winners year after year. As of August 2021, eight of the ten most valuable unicorns are platform-based, including ByteDance, Stripe, and Klarna, according to CB Insights.

For all their benefits, platform companies have also introduced serious risks. Their rapid expansion across retail, entertainment, media, finance, transportation, and hospitality, to name a few, has repeatedly tested the boundaries of labor laws, competition policies, and consumer protections. In forging new markets, the most dominant platforms have often leveraged gaps in regulatory oversight either by stretching existing legal definitions, engaging in regulatory arbitrage, or outright flouting local rules. Increasingly, as network effects and market consolidation have taken hold and solidified their advantage, platforms no longer just compete within markets—they define and control them. Now, regulators are left scrambling to answer a more urgent question: how much power is too much—and can anything still be done to rein them in?

Around the world, a number of Big Tech firms are already under regulatory fire. Amazon sellers, for example, have long accused the company of exploiting their success and turning them into test subjects for its own competing products. According to an investigative report from the Wall Street Journal, Amazon employees routinely used its sellers' data to identify successful products to launch its own private-label versions, despite company policies prohibiting the practice and the company’s repeated denials. 

This aggressive playbook has a long history. A decade earlier, Amazon, setting its sights on the lucrative baby product market, took down Diapers.com, the baby-product e-tailer owned by Quidsi, which was growing fast. After Diapers.com refused Amazon’s first buyout offer in 2009, Amazon retaliated with a brutal price war, slashing diaper and baby product prices by as much as 30 percent. Yet, the $200 million Amazon reportedly lost was worth it. Quidsi faced two choices: match the prices, or sell. Unable to compete, it sold to Amazon for $545 million in 2010. Amazon eventually shut down Diapers.com in 2017.

These tactics have increasingly landed Amazon in front of regulators. In 2019, the U.S. House Judiciary Committee on Antitrust grilled Amazon over its treatment of its third-party sellers, exposing how the company systematically exploits data and pricing power to eliminate competitors, even its own sellers.

Apple is also in the crosshairs. In the U.S., Apple is facing an antitrust lawsuit from Epic Games over its App Store policies. Epic, the maker of Fortnite, one of the world’s most popular games, alleges that Apple forces developers to use its payment system to reach iOS users—while charging a 30% commission for that access. In Europe, the EU is investigating both the App Store and Apple Pay for potential breaches of competition law.

Meanwhile, Google’s antitrust troubles have become so extensive that keeping count is difficult. The company is facing three major cases in the US and three more in the EU, alongside investigations or settlements in France, Germany, Italy, Japan, Australia, South Korea and Argentina. The sheer volume of legal action reinforces just how difficult the challenge is for regulators to modulate platform power.

All’s Fair in War and War

Antitrust isn’t the only regulatory concern. Dominant platforms have also been accused of skirting taxes, exploiting consumer data, sidestepping labor protections, and distorting local markets. Nowhere is this more apparent than in fintech, where companies didn’t just outpace oversight—they deliberately sought out regulatory blind spots. From P2P lending to cryptocurrencies and challenger banks, fintech platforms scaled rapidly by exploiting gaps in existing laws, forcing regulators to scramble in response.

P2P lending platforms, in particular, built their rapid growth on a simple—now familiar—defense: they were merely connectors, not banks, that gave borrowers and lenders a place to transact. That claim allowed them to bypass traditional lending regulations and, as many small investors, lured by the promise of higher returns, would learn, shift the risk onto them.

The results were striking—and in some cases, devastating. In China, the sector grew into a $200 billion bubble before it collapsed under fraud, defaults, and mass consumer losses, forcing the authorities to ban most platforms by 2019. In the UK, platforms like Lendy failed, leaving investors out of pocket, prompting the Financial Conduct Authority (FCA) to tighten rules in 2019, including restrictions on retail investors. In the US, platforms like LendingClub grew rapidly until the SEC stepped in, ruling P2P loans were securities—slowing expansion but adding guardrails early on. The pattern was clear: Platforms leveraged regulatory gray zones to scale fast—until defaults and scandals forced regulators to catch up.

For other platforms, this sidestepping of rules has allowed them to reshape markets essential to daily life. Airbnb, for instance, has been blamed for driving up rents and hollowing out housing markets in major cities around the world, as its platform made it easy and more lucrative for landlords to cater to short-term tourists over long-term tenants. In both New York and London, Airbnb operated in defiance of long-standing rental laws where short-term rentals were either heavily restricted or required planning permission. In both cities, regulators struggled to rein in widespread violations, even as housing shortages worsened.

Labor issues, meanwhile, are forcing governments to rethink the social safety net, worker protections, and tax policy—because platform companies won’t. When Covid-19 triggered global lockdowns in 2020, governments rushed to support workers—but gig workers were left behind. In the UK, those on zero-hour contracts and minimum wage faced a brutal choice: work and risk infection, or self-isolate and lose pay. Platform companies offered little in response. Deliveroo pledged to pay “in excess” of statutory sick pay but never clarified the amount. Hermes set aside £1 million for affected workers—but capped aid at £20 per day for 14 days, only for those earning under £90 per day. DPD initially refused to pay sick leave at all before relenting to the statutory minimum.

The UK government eventually told gig workers to apply for universal credit, the state system that takes at least five weeks to pay out. In the U.S., the CARES Act had to extend unemployment benefits to gig workers, independent contractors, and the self-employed—workers who otherwise would have received nothing.

By classifying workers as independent contractors, platforms avoided the costs of worker protections, leaving governments and taxpayers to pick up the bill. But as the gig economy expands and more workers rely on platform jobs, should taxpayers continue footing the bill for protections that traditional employers are required to provide? Whether these workers are contractors or employees, they are still in need of protections as the pandemic made so painfully clear.

Meanwhile, platform companies, whose revenues surged during the pandemic, continue to profit off a system that shifts the burden of worker protections onto the public—while their traditional rivals are forced to play by the rules. The real question isn’t how platforms justify withholding protections—they already have. It’s how long regulators will continue to let them.  

Big Tech’s Big Regulatory Wake

But as regulators push back, it’s not just Big Tech that will feel the squeeze. Ironically, the very attempt to rein in platform giants is creating a new reality where every player—startups included—must now think in terms of regulatory risk. As Pinar Ozcan, a professor of entrepreneurship and innovation at the University of Oxford’s Said Business School, and Max Buge, a visiting scholar at Said, argue in their research paper, Platform Scaling, Fast and Slow, regulatory complexity and regulatory risk are two often-neglected factors that are increasingly shaping how quickly a platform can scale.

Regulatory complexity refers to the existing legal and compliance burdens that vary by industry—platforms entering financial services, pharmaceuticals, or healthcare, for example, face significantly higher barriers. Regulatory risk, on the other hand, is the uncertainty of future legal shifts, particularly as lawmakers respond to public pressure or market failures. This is where the biggest challenges arise: when platforms scale too fast for regulators to keep up, they operate in a legal gray area—until the rules catch up. But regulating after the fact is a balancing act: rules meant to restore fairness can sometimes backfire, entrenching the very giants they were meant to check.

That’s exactly what happened with California’s Assembly Bill 5 (AB5), a law meant to protect gig workers—not to curb platforms directly. The goal was to force companies like Uber, Lyft, and DoorDash to classify workers as employees, granting them benefits like minimum wage, sick pay, and unemployment insurance. But Big Tech fought back. Uber and Lyft spent over $200 million–a mere rounding error for the ride-hailing behemoths–lobbying for Prop 22, a ballot measure that ultimately exempted them from AB5. The result? The law meant to protect workers barely touched Uber—but crushed smaller players who lacked the resources to fight or adapt. Small delivery startups and independent truckers couldn’t afford the compliance costs and shut down or scaled back. Even freelance journalists, theater workers, and translators—who were never the intended targets—found their jobs threatened by the law’s sweeping reclassification. AB5 exposed an uncomfortable truth: regulations designed to check Big Tech often hit smaller players the hardest, entrenching the very giants they were supposed to rein in.

Even more troubling, as Big Tech’s once-boundless market matures, competition between the giants themselves is turning ruthless, posing new risks for platform entrants and more headaches for regulators. Where Big Tech platforms once thrived in parallel, they are now willing to take direct shots at each other to protect their turf. In spring 2021, Apple introduced opt-in privacy settings, a move the company touted as a win for consumer privacy—one that privacy advocates applauded. But industry insiders saw it differently: as a proxy war, with Facebook as the primary target, and Google also taking a hit. By forcing apps to ask for tracking permission, Apple knew most users would opt out, gutting Facebook’s ability to target ads and slashing billions from its revenue. One estimate put the cost to Facebook and Google at some $25 billion in lost revenues in one year alone.

More alarming is the collateral damage of this escalating rivalry. Fueled by limitless revenues, the clash of the Big Tech titans has recklessly crushed entire industries of smaller companies. Apple’s privacy move, for instance, obliterated the global mobile retargeting ad sector—with nary a stakeholder consultation—rendering the business model obsolete.

Regulating Big Tech was never going to be simple—but the unintended consequences are becoming harder to ignore. Laws meant to rein in platform giants often end up reinforcing their dominance, creating barriers that smaller players can’t always overcome. At the same time, Big Tech’s own escalating battles are crushing adjacent industries, rewriting business models overnight with little regard for the fallout. As these platforms expand their reach—and their influence—the regulatory burden will only grow, not just for them, but for everyone trying to compete. 

Just as the post-2008 financial sector was deemed “Too Big to Fail,” Big Tech is now “Too Embedded to Challenge.” The sheer scale of these platforms makes meaningful regulation a complex, high-stakes balancing act. But unlike banks, which threatened economic collapse, these platforms wield network effects that can entrench their dominance with every new rule imposed. The challenge for regulators isn’t just reining them in—it’s doing so without further cementing their hold over the digital economy and ensuring the next generation of businesses has a fair shot at competing in a market that isn’t already stacked against them.