Architectures as a relevant product market and UEFI Secure Boot

18.3.2013

Question for written answer E-003006-13
to the Commission
Rule 117
Amelia Andersdotter (Verts/ALE)

Over the past year, it has been repeated in the media that the Unified Extensible Firmware Interface (UEFI) Secure Boot system — which I have previously drawn to the Commission’s attention in Written Questions E-011160/2012, E-011084/2012, E-000162/2013 and E-002247/2013 (the last of which has not yet been answered) — risks creating lock-in mechanisms for independent developers and end-users of software products. In particular, in its reply to Written Question E-000162/2013, the Commission states that ‘on the basis of the information currently available to the Commission it appears that the OEMs [original equipment manufacturers] are required to give end users the option to disable the UEFI Secure Boot’. However, it has been brought to my attention that UEFI Secure Boot with Microsoft-signed keys is mandatory on the ARM instruction set architecture (ISA)[1]. Apparently this is because Microsoft feels that the obligation to open up its operating system only applies to x86 ISAs. ARM architecture has become an increasingly attractive choice for several types of end-user electronics, including personal computers. Also, because of the mobile revolution, an increasingly large amount of devices run on ARM central processing units rather than on the very common x86 architectures used in personal computers.

Does the Commission share the Microsoft Corporation’s view that the obligation to open up its platforms only applies to those based on x86 architectures?

• [1] See for instance http://www.softwarefreedom.org/blog/2012/jan/12/microsoft-confirms-UEFI-fears-locks-down-ARM/ or http://atechnologyjobisnoexcuse.com/2013/why-secure-boot-makes-people-freak-out/.

OJ C 11 E, 15/01/2014