Risk
3/6/2013
10:22 AM
50%
50%

EU Fines Microsoft $732 Million In Browser Brawl

Microsoft stopped offering browser-choice screen to European Windows consumers, in violation of 2009 agreement with antitrust regulators.

Microsoft was fined 561 million euros ($732 million) Wednesday for a "serious infringement" of its agreement with European Union antitrust regulators.

"Today, the commission adopted a decision sanctioning Microsoft for its failure to comply with the legally binding commitments which it made to the commission," said Joaquin Almunia, vice president of the European Commission and the commissioner responsible for its competition policies, at a Wednesday press conference in Brussels.

Specifically, Microsoft was sanctioned for breaking an agreement that it made with the European Commission, which is the executive body of the European Union, in response to EU antitrust concerns over Microsoft tying its Windows operating system to its Internet Explorer browser. In 2009, the products respectively commanded 90% of the operating system market share in Europe and 55% of the browser market.

[ For the latest on Java vulnerabilities, see Java Emergency Patch Slaps McRAT Infections. ]

To settle those antitrust concerns, Microsoft in December 2009 agreed that until 2014, it would create a "choice screen" in Windows for European users, which would allow them to select the browser they wanted. According to EU officials, between March and November 2010, people downloaded 84 million browsers via the choice screen.

But the Wednesday fine against Microsoft was triggered by the company dropping the browser-choice screen in later versions of Windows. "Although Microsoft did make the choice screen available in March 2010, the choice screen was not rolled out as required following the launch of Windows 7 Service Pack 1 in May 2011," said Almunia. "As a consequence, during more than a year, until July 2012, around 15.3 million users did not see the choice screen as they should have."

Almunia said the steep fine -- which under EU law could have been up to 10% of Microsoft's annual revenue, meaning $7.4 billion -- reflected both the gravity of Microsoft's offense and its duration, but was also meant to serve as a deterrent to other businesses. "If companies agree to offer commitments which then become legally binding, they must do what they have committed to do or face the consequences -- namely, the imposition of sanctions," he said.

A statement issued Wednesday by Microsoft said the company took full responsibility for failing to continue offering a browser-choice screen in Windows, and said a technical problem was to blame for the lapse. "We take full responsibility for the technical error that caused this problem and have apologized for it," read Microsoft's statement. "We provided the commission with a complete and candid assessment of the situation, and we have taken steps to strengthen our software development and other processes to help avoid this mistake -- or anything similar -- in the future."

The EU's approach to consumer protection mirrors that practiced by the Federal Trade Commission, which lacks the power to fine first-time offenders. Instead, the FTC seeks legally binding settlements in which the alleged offenders agree to discontinue their violations of consumer protection laws.

Likewise, rather than levying fines, the European Union often first seeks legally binding commitments from a company to alter its regulation-infringing ways. Such was the approach with Microsoft, and Almunia said it had led to the desired effect: increased competition in the Web browser market. "Of course, the browser market has evolved a lot since then -- and fortunately so," he said. "Users can now easily choose, download and install the browser they prefer, which was precisely the objective of the commission. Easy access to different browsers encourages companies to continue to innovate to provide users with the best products."

Irrespective of the effect that the EU's antitrust action had on the browser market, there's clearly been a browser renaissance in recent years, with Google's Chrome, Mozilla's Firefox, and Apple's Safari now providing strong competition against IE in terms of features, security and reliability.

Attend Interop Las Vegas May 6-10 and learn the emerging trends in information risk management and security. Use Priority Code MPIWK by March 22 to save an additional $200 off the early bird discount on All Access and Conference Passes. Join us in Las Vegas for access to 125+ workshops and conference classes, 300+ exhibiting companies, and the latest technology. Register today!

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
lbell284
50%
50%
lbell284,
User Rank: Apprentice
3/12/2013 | 1:50:14 AM
re: EU Fines Microsoft $732 Million In Browser Brawl
I still can't believe the people that run Europe think the people they govern are so stupid they can't figure out how to download another browser. That makes no logical sense to me and never has.
SeniorMoment
50%
50%
SeniorMoment,
User Rank: Apprentice
3/8/2013 | 10:04:59 AM
re: EU Fines Microsoft $732 Million In Browser Brawl
It has long been clear that Europe would not treat Microsoft as leniently as President G. W. Bush's administration did in basically dropping the Justice anti-trust suit against Microsoft, so the size of the penalty comes as no surprise.
PoliTecs
50%
50%
PoliTecs,
User Rank: Apprentice
3/7/2013 | 8:32:35 PM
re: EU Fines Microsoft $732 Million In Browser Brawl
Hey, you freaking Euro blow-hards! Why don't you go create your won damn Microsoft! You not using your time and money to see a dentist so do something with that extra time!

I have a better idea! Your all socialists, use Linux!! What a bunch of wining ass little bitches you Eros are... talk about cutting your nose off despite your bad teeth.
AustinIT
50%
50%
AustinIT,
User Rank: Apprentice
3/7/2013 | 2:31:59 PM
re: EU Fines Microsoft $732 Million In Browser Brawl
What I find odd is that a contentious regulation was put into effect and virtually no one noticed that MS dropped the Ballot screen for a very prolonged period of time.

Was the original gripe by the EU (as a whole) just not that important enough for them to monitor?

Something doesn't seem quite right here.
Michael Endler
50%
50%
Michael Endler,
User Rank: Apprentice
3/7/2013 | 4:48:09 AM
re: EU Fines Microsoft $732 Million In Browser Brawl
Word from later in the day is that Google and Opera tipped off the EU. Getting pretty chippy these days between Mountain View and Redmond.
Deirdre Blake
50%
50%
Deirdre Blake,
User Rank: Apprentice
3/6/2013 | 5:50:16 PM
re: EU Fines Microsoft $732 Million In Browser Brawl
Yowza! Someone's head will roll at Microsoft, if it hasn't already.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7830
Published: 2014-11-24
Cross-site scripting (XSS) vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse cap...

CVE-2014-7831
Published: 2014-11-24
lib/classes/grades_external.php in Moodle 2.7.x before 2.7.3 does not consider the moodle/grade:viewhidden capability before displaying hidden grades, which allows remote authenticated users to obtain sensitive information by leveraging the student role to access the get_grades web service.

CVE-2014-7832
Published: 2014-11-24
mod/lti/launch.php in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 performs access control at the course level rather than at the activity level, which allows remote authenticated users to bypass the mod/lti:view capability requirement by vi...

CVE-2014-7833
Published: 2014-11-24
mod/data/edit.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 sets a certain group ID to zero upon a database-entry change, which allows remote authenticated users to obtain sensitive information by accessing the database after an edit by a teacher.

CVE-2014-7834
Published: 2014-11-24
mod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not verify group permissions, which allows remote authenticated users to access a forum via the forum_get_discussions web service.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?