Cybersecurity Governance Under Surveillance Capitalism: A Systematic Review with Business Management Insights
DOI:
https://doi.org/10.51137/wrp.ijarbm.311Keywords:
Surveillance Capitalism, Cybersecurity, Data Governance, Systematic Review, Digital Surveillance, Privacy Regulation, Data ExploitabilityAbstract
This systematic review investigates the impact of surveillance capitalism on contemporary cybersecurity risks, mechanisms, and governance strategies. Drawing on 28 peer-reviewed studies published between 2014 and 2025, the review explores three guiding research questions: (1) How does surveillance capitalism affect cybersecurity risks? (2) What mechanisms of corporate data harvesting contribute to digital exploitability? (3) How do cybersecurity policies address, or overlook, the structural challenges posed by surveillance capitalism? Following the PRISMA 2020 guidelines, the review employs a thematic synthesis approach. It identifies four major themes: (1) the expansion of cyber risk surfaces through large-scale data commodification, (2) the exploitability of opaque data infrastructures operated by platform corporations and brokers, (3) significant gaps in cybersecurity regulation and transnational governance, and (4) the socio-political entanglements between surveillance practices and security norms. Findings reveal that the structural logic of surveillance capitalism not only increases cybersecurity vulnerabilities to businesses but also escapes conventional regulatory oversight. The review concludes by advocating a paradigm shift from reactive, technical models of cybersecurity to structural, interdisciplinary, and rights-based approaches that confront the root causes of digital insecurity in businesses.
References
Aho, B., & Duffield, R. (2020). Beyond surveillance capitalism: Privacy, regulation, and big data in Europe. Journal of Information, Communication and Ethics in Society, 18(2), 245–260. https://doi.org/10.1108/JICES-05-2019-0050 DOI: https://doi.org/10.1080/03085147.2019.1690275
Ali, S., & Ghosh, A. (2021). Policy captures in surveillance economies. Surveillance & Society, 19(1), 45–62. https://doi.org/10.24908/ss.v19i1.14483
Andrejevic, M. (2020). Automated surveillance cultures: From drones to data. Surveillance & Society, 18(2), 224–231. https://doi.org/10.24908/ss.v18i2.13703
Andrew, J., Baker, M., & Huang, C. (2023). Data Breaches in the Age of Surveillance Capitalism Critical Perspectives on Accounting, 89, 102416. https://doi.org/10.1016/j.cpa.2022.102416 DOI: https://doi.org/10.1016/j.cpa.2021.102396
Astone, A. (2020). Capitalism of digital surveillance and European legal principles. European Journal of Law and Technology, 11(3). https://www.ejlt.org/index.php/ejlt/article/view/747
Baker, M., Andrew, J., & Huang, C. (2021). Cybersecurity in Risk Governance under Surveillance Capitalism. Critical Perspectives on Accounting, 78, 102126. https://doi.org/10.1016/j.cpa.2020.102126
Benanchi, S. (2023). Surveillance capitalism: The implications of losing privacy. Journal of Media Ethics, 38(1), 15–29. https://doi.org/10.1080/08900523.2022.2158612
Couldry, N., & Mejias, U. A. (2019). The costs of connection: How data is colonizing human life and appropriating it for capitalism. Stanford University Press. https://doi.org/10.1515/9781503609754 DOI: https://doi.org/10.1515/9781503609754
Curran, D. (2023). Surveillance capitalism and systemic digital risk. Big Data & Society, 10(1), 1–14. https://doi.org/10.1177/20539517231177621 DOI: https://doi.org/10.1177/20539517231177621
Daly, A. (2021). Neoliberalism and privacy: Post-surveillance capitalism or business-as-usual with GDPR? Information, Communication & Society, 24(14), 2003–2021. https://doi.org/10.1080/1369118X.2020.1764606 DOI: https://doi.org/10.1080/1369118X.2020.1764606
Foster, J. B., & McChesney, R. W. (2014). Surveillance Capitalism: Monopoly-finance capital, the military-industrial complex, and the digital age. Monthly Review, 66(3), 1–31. https://doi.org/10.14452/MR-066-03-2014-07_1 DOI: https://doi.org/10.14452/MR-066-03-2014-07_1
Goodman, B. (2023). Privacy without persons: A Buddhist critique of surveillance capitalism. AI and Ethics, 3(2), 127–138. https://doi.org/10.1007/s43681-022-00204-1 DOI: https://doi.org/10.1007/s43681-022-00204-1
Kaplan, A. M. (2020). Cybersecurity threats in the age of data capitalism. Journal of Strategic Security, 13(3), 75–94. https://doi.org/10.5038/1944-0472.13.3.1839
Khatam, D. (2022). Making of GDPR and CCPA in the surveillance age. International Journal of Law and Information Technology, 30(2), 120–137. https://doi.org/10.1093/ijlit/eac002
Korkmaz, E. E. (2023). Digital identity and surveillance capitalism. In Digital Surveillance and the Right to Privacy (pp. 87–103). Bristol University Press. https://doi.org/10.51952/9781529233520.ch004 DOI: https://doi.org/10.51952/9781529233520.ch004
Pal, R., Mukhopadhyay, S., & Dasgupta, S. (2020). Privacy risk by information type: Classification through machine learning. In 2020, IEEE International Conference on Cyber Security and Protection of Digital Services (Cyber Security), 1–8. https://doi.org/10.1109/CyberSecPODS50155.2020.00012
Raekstad, P., & Williams, A. (2022). Surveillance capitalism or informational republic? Journal of Applied Philosophy, 39(2), 242–257. https://doi.org/10.1111/japp.12570 DOI: https://doi.org/10.1111/japp.12570
Reviglio, U. (2021). The discreet role of surveillance brokers: Fragmentation and invisibility. Big Data & Society, 8(2), 1–15. https://doi.org/10.1177/20539517211047497
Reviglio, U. (2022). The discreet role of surveillance brokers in the data ecosystem. First Monday, 27(1). https://doi.org/10.5210/fm.v27i1.11540
Sharifi Poor, M. S., Hadian, A., & Abedini, A. (2025). AI-based disaster risk management and surveillance systems. Journal of Crisis and Security Studies, 7(1), 45–63. https://jcss.ut.ac.ir/article_102844.html
Silverman, J. (2017). Privacy under surveillance capitalism. The Information Society, 33(5), 251–261. https://doi.org/10.1080/01972243.2017.1340767
Singh, R., & Bhandari, N. (2022). Corporate surveillance and national threats in developing democracies. Information Technology & People, 35(3), 892–909. https://doi.org/10.1108/ITP-12-2020-0834
Singler, S., & Babalola, O. (2024). Digital colonialism and privacy rights in the global South. Philosophy & Technology. Advance online publication. https://doi.org/10.1007/s13347-023-00636-5 DOI: https://doi.org/10.1007/s13347-023-00636-5
Stürmer, M., Möslein, K., & Gersch, M. (2021). Security implications of digital platform ecosystems. arXiv preprint. https://arxiv.org/abs/2107.01662
Van Dijck, J. (2018). The platform society: Public values in a connective world. Oxford University Press. https://doi.org/10.1093/oso/9780190889760.001.0001 DOI: https://doi.org/10.1093/oso/9780190889760.001.0001
West, S. M. (2019). Data capitalism: Redefining the logics of surveillance and privacy. Business & Society, 58(1), 20–41. https://doi.org/10.1177/0007650317718185 DOI: https://doi.org/10.1177/0007650317718185
Zuboff, S. (2019). The age of surveillance capitalism: The fight for a human future at the new frontier of power. PublicAffairs. https://doi.org/10.4324/9781003320609-27 DOI: https://doi.org/10.4324/9781003320609-27
Zuboff, S. (2022). Surveillance capitalism or democracy? Big Data & Society, 9(2), 1–6. https://doi.org/10.1177/20539517221129290
Downloads
Published
Issue
Section
License
Copyright (c) 2025 R. V. R. N. U. Ranatunga, R. V. S. P. K. Ranatunga (Author)
This work is licensed under a Creative Commons Attribution 4.0 International License.
