The EU and Microsoft

Greetings, everyone. Some time ago, my brother Harold invited me to contribute to this blog on an occasional basis, but I never really had the opportunity to do so until now. However, as I've often had to do in person, I need to correct my brother on some rather important points relating to Microsoft's behavior.

Before I begin, I should probably give an idea of my background. I am a computer engineer and UNIX administrator working in the DC area. My personal specialty is in computer and network security. While my primary job responsibilities involve running mostly UNIX and Linux servers, I also work with Windows servers and desktops quite a bit. At home, I have both a Linux machine and a Windows machine, and my laptop runs both Ubuntu Linux and Windows Vista Ultimate. While for day-to-day tasks, I prefer Linux (it's more productive for me), I also fully support using Windows when it's needed.

With all of that said, my brother is way off in his recent post on the EU and Microsoft. This is not akin to saying that Airbus has to hand over all of its blueprints to its competitors. In reality it is far different from that.

The EU case centers around client/server protocols that Microsoft built into Windows. The roots of the case stretch back to the early 1990s, and efforts by Microsoft to break into the server market. Since the 1970s, the server market has been mostly dominated by large mainframes and UNIX servers (with the UNIX servers growing in market share as they replace some mainframes). These servers are large, multi-user machines that would communicate with each other using various protocols (essentially languages used for one machine to talk to another).

During the 1980s, with the arrival of the PC, a new model arose, where single-user machines would also connect to the different servers using different protocols. Because of a series of savvy business deals, Microsoft rose to dominance over the single-user PC market with MSDOS, and later Windows.

In 1993, in an attempt to break into the server market, Microsoft released Windows NT. This used a brand new set of protocols to communicate between Windows desktop PCs and NT-based servers. Microsoft refused to release any information about these protocols, in an attempt to keep other companies from being able to work as easily with NT servers and Windows desktops.

Well, in 1998, SUN Microsystems filed a complaint with the EU because they refused to provide information on the protocols used by NT to communicate between servers and desktops. Essentially, they said that Microsoft was trying to use its dominance in one market (desktop PCs) to dominate another market (servers). Under European law, that is illegal.

Before we continue, it's important to note several things about protocols. As I said before, protocols are like different languages spoken between computers. If you are reading this, it's because your computer supports several different protocols, including TCP (Transmission Control Protocol), IP (Internet Protocol), HTTP (Hyper Text Transfer Protocol) and DNS (Domain Name Service). In order for a protocol to work, both the sender and the receiver have to understand the same protocol. Just like two people cannot communicate if one of them only speaks German and the other only speaks Japanese, both a server and a client (desktop) need to understand the same protocol to exchange any information.

Using a variety of tools, you can listen in on the conversations that two computers have using a specific protocol. From there, you can reverse engineer the protocol if you are given enough time. However, this is a very slow and time consuming process. Moreover, it is extremely error prone, and you never know if it is complete. How easy do you think it would be to translate a message from Japanese to English just by listening to a lot of Japanese? Over time you have to guess at what specific sounds mean, and check to see if they are correct. Even then, you never know if you've learned the entire vocabulary. How would you know the word for dog if you've never seen it? In the same way, you can figure out some of a computer protocol, but you never know if it is complete.

To make a long story short, in March 2004, the EU ruled that Microsoft had abused its dominance in the desktop market to influence the server market through refusing to release their communications protocols. Whether you agree with the principle or not, it was in violation of EU law. Microsoft was ordered to release the specifications of their protocols in order to allow their competitors to be able to communicate with their servers. This didn't require source code. It only required that they release the protocols themselves. You can see a good example of how such specifications are usually written by looking at RFC 793: TCP. Notice carefully that there is no source code, only a description of how to talk using the protocol.

Well, Microsoft released a specification for the protocols, but several groups complained to the EU that the specification that Microsoft released was so poorly written as to be almost unusable. After reviewing the complaints and Microsoft's responses, the EU agreed that the complaints were justified. Microsoft was then ordered to release the source code of their implementation so that others could use it to verify compatibility. That doesn't mean that Microsoft's competitors can use Microsoft's code in their products. It only means that they can use Microsoft's code to understand the protocol, and then they still have to write their own code to translate it.

And that is the real debate here. Microsoft broke EU law, law that was in place before Microsoft was ever incorporated. That law applies to all companies that operate within the EU, not just Microsoft. When they were told that they had violated the law, Microsoft then refused to do what was required to fix the problem. As a result, Microsoft now faces harsher penalties than it would have previously.

You don't have to agree with the law, but that doesn't mean that you have a right to ignore it. Microsoft needs to play by the same rules as everyone else, and that means that they have to fulfill their obligations under EU law.