UEFI Secure Boot

The UEFI Secure Boot, developed by Microsoft and other companies, is intended to replace the old BIOS-system. The BIOS-system is the first program which runs when a computer is turned on and activates the screen and keyboard. When the BIOS has been activated, the operating system can run. The UEFI Secure Boot was made to prevent unauthorized software or another operating system to run on the computer.

Manufacturer of hardware who choose the option “Microsoft Certification” will have to implement the UEFI Secure Boot. Microsoft will allow the manufacturers to provide the possibility to deactivate the Secure Boot on x86 hardware, which is used in many computers, but they will be denied to do this on ARM-hardware, which is used in mobile computers like cellphones.

This means that the buyer of an ARM-hardware is to run nothing but a Windows approved operating system. This leaves both the seller and buyer unable to change the operating system and thus prevents free competition.

Amelia’s first and second question is on whether the Commission has or plans to evaluate if the UEFI Secure Boot breaks the Competition law. She also wants to know what the Commission plans to do about the UEFI Secure Boot forcing other developers of software to contract with Microsoft. The Commission answered that they are aware of the safety requirements in Windows 8 and that it is not yet assessed if they break the Competition law, but the Commission will follow the case, and if necessary, take action.

In the third question Amelia wants to know which measures that has been taken to protect the international market from companies with economic opportunities to impose standards on European companies, which the Secure Boot do by forcing companies to contract with Microsoft. The Commissions answer is almost the same as to the earlier questions Amelia asked about the UEFI Secure Boot. “The Commission will continue to monitor market developments so as to ensure that competition and a level playing field are preserved amongst all market players.”

The fourth question is about if the Commission consider Microsoft to be an electronic trust service provider under the new draft for legislation about electronic identification and trusted services for electronic transactions, in which case Microsoft possibly would infringe the legislation since it would mean that consumers and software providers can not freely choose a service provider other than Microsoft. The Commission has answered that it does not consider the services of Microsoft in relation to the UEFI Secure Boot to be such that they are covered by the definition of trust services in article 3 of the proposed regulation on electronic identification and trust services.

In a fifth and a sixth question, Amelia asks the Commission whether it is considering the impact on the chip manufacturing market that Microsoft makes a distinction between demands for user flexibility placed on x86 architecture manufacturers and ARM architecture manufacturers. In particular, she asks whether the Commission considers that chip architectures constitute a relevant product market with effects on downstream competition in their own right. The Commission responds to the fifth question that they have found no similar dominance of Microsoft on the mobile telephony market as they previously found on the general PC market, but have no clarified their position on architectures at large.