The Federal Trade Commission is investigating Microsoft as part of a broad investigation into whether the company’s business practices violate antitrust laws, according to people familiar with the matter. In recent weeks, FTC lawyers have been conducting interviews and setting up meetings with Microsoft’s competitors.
One key area of interest is how the world’s largest software vendor integrates its popular Office products with cybersecurity and cloud computing services, said one of the people, who spoke on condition of anonymity to discuss the confidential matter.
This so-called package was an item a recent investigation by ProPublicawhich detailed how, beginning in 2021, Microsoft used this practice to significantly expand its business with the US government by depriving competitors of lucrative federal contracts.
At the time, many federal employees used a software license that included the Windows operating system and products such as Word, Outlook, and Excel. After several devastating cyberattacks, Microsoft offered to upgrade these license packs for free for a limited time, giving the government access to its more advanced cybersecurity products. The company also provided consultants to install the upgrades.
Much of the federal bureaucracy agreed, including all military services in the Department of Defense, and then began paying for these enhanced services when the free trial ended. Former sales executives involved in the work likened it to a drug dealer hooking a user with free samples because they knew federal customers would effectively be locked out of updates once they were installed. Microsoft’s offering not only displaced some existing cybersecurity vendors, but also took market share from cloud vendors such as Amazon Web Services as the government began using products that run on Azure, Microsoft’s own cloud platform.
Some experts told ProPublica that the company’s tactics may have violated laws governing contracts and competition, and the news organization reported that even some of Microsoft’s own lawyers had antitrust concerns about the deals.
Microsoft said its offer was “structured to avoid antitrust concerns.” “The company’s sole purpose during this period was to support the administration’s persistent request to strengthen the security of federal agencies that were increasingly targeted by sophisticated national state threats,” said Steve Feil, head of security for Microsoft’s federal business. told ProPublica.
Good journalism matters:
Our nonprofit, independent newsroom has one mission: to hold powerful people accountable. This is how our investigations are progressing driving real-world change:
We are trying something new. Was it helpful?
Some of these intrusions were the result of Microsoft’s own security flaws. As ProPublica reported in June, Russian government hackers were involved in the so-called SolarWinds attack exploited a weakness in a Microsoft product for stealing sensitive data from the National Nuclear Security Administration and the National Institutes of Health, among other victims. Years before the attack was discovered, a Microsoft engineer warned product leaders about the flaw, but they refused to fix it for fear of alienating the federal government and losing ground to competitors, ProPublica reported.
While the engineer’s proposed fix would keep customers safe, it would also create a “shelve” for users logging in on their devices. The addition of such “frictions” was unacceptable to the leaders of the product group, which at the time was in fierce competition with competitors in the market for so-called identification tools, the news organization reported. These tools, which ensure that users have permission to log into cloud applications, are important to Microsoft’s business strategy because they often drive demand for the company’s other cloud services.
One such identity product, Entra ID, formerly known as Azure Active Directory, is another focus of the agency’s probe, according to a person familiar with the FTC’s investigation.
Microsoft defended its decision against addressing the SolarWinds flaw, telling ProPublica in June that the company’s assessment included “multiple reviews” at the time and that its response to security concerns was based on “potential disruption to customers, exploitability and available measures mitigation”. » He promised to put security “above all else”.
The FTC is viewing the fact that Microsoft won more federal business even as the government became vulnerable to hacking attacks as an example of the company’s problematic market power, a person familiar with the investigation told the news organization.
The commission is not alone. “These guys are kind of a version of ‘too big to fail,'” said Sen. Ron Wyden, the Oregon Democrat who chairs the Senate Finance Committee and a longtime critic of Microsoft. “I think it’s time to step up the antitrust side by dealing with antitrust violations.”
The FTC’s investigation into Microsoft was first reported Financial Times and Bloombergfar from the company’s first run-in with federal antitrust regulators. More than two decades ago, the Justice Department sued the company in a landmark antitrust case that nearly brought it down. Federal prosecutors allege that Microsoft maintained an illegal monopoly in the operating system market through anticompetitive behavior that prevented competitors from gaining a foothold. In the end, the Department of Justice agreed with Microsoft, and a federal judge approved a consent decree which placed restrictions on how a company could develop and license software.
John Lopatka, a former FTC consultant who now teaches of Pennsylvania antitrust law, told ProPublica that Microsoft’s actions, detailed in a recent report by the news organization, followed a “very familiar pattern” of behavior.
“It really echoes the Microsoft case” from a decade ago, said Lopatka, who co-authored a book on the case.
As part of the new investigation, the FTC has served Microsoft with a civil investigative demand, the agency’s version of a subpoena that compels the company to turn over information, people familiar with the investigation said. Microsoft has confirmed that it has received the document.
Company spokesman David Cuddy would not comment on the specifics of the investigation, but said the FTC’s request was “broad, sweeping and asking for things that can’t even be logical.” He refused to give examples in the report. The FTC declined to comment.
The agency’s investigation followed a public comment period in 2023, during which it sought information about the business practices of cloud computing providers. After that was completed, the FTC said it continues to investigate whether “certain business practices impede competition.’
The recent demand against Microsoft represents one of the latest moves by FTC Commissioner Lina Hahn as chairman, and the investigation appears to be gaining momentum as the Biden administration leaves office. The new leadership of the commission, however, will decide the further fate of the investigation.
President-elect Donald Trump said this month that he would promote Commissioner Andrew Ferguson, a Republican attorney general, to lead the agency. After Ferguson’s announcement said in a message on X“At the FTC, we will end Big Tech’s vendetta against competition and free speech. We will make America a global technology leader and the best place for innovators to bring new ideas to life.”
Trump also said he would nominate Republican lawyer Mark Meader as commissioner, naming him “antitrust authority” who previously worked for the FTC and the Department of Justice. Meador is also a former aide to Sen. Mike Lee, Republican of Utah, who introduced the law to break up Google.
Doris Burke contributed to the study.
