On October 14, Windows will no longer send Microsoft 10 security updates for free: while this could encourage many to upgrade to Windows 11 or take out their credit card to extend the life of their computer, 01net.com wanted to take stock of the subject.
What updates are we entitled to when we buy a computer or a smartphone? For how long do manufacturers of electronic devices have to update their operating system, the software that allows a machine to function?
The question is important, because the lifespan of a device depends on the time of its updates, whether it concerns the operating system or security patches. Without the latter, it is impossible to benefit from the latest features, but above all, it is impossible to install patches for security flaws. In other words, a device without an up-to-date operating system becomes vulnerable to cyberattacks, when it may end up not working at all.
Despite its importance, the issue of updates has been put aside until now. In France as in Europe, legislators have focused instead on hardware and guarantees related to repairs or spare parts. But the trend could soon be reversed.
French law only provides for an obligation to provide information, but not a minimum duration
Since the AGEC law and a 2022 decree, smartphone and computer manufacturers are required to inform consumers of the duration for which software updates will be available. When purchasing a device, you are therefore supposed to have easy access to this information.
It should also be noted that in theory, manufacturers do not have the right to deliberately reduce the lifespan of a product, including through updates: a French law from 2015 prohibited planned obsolescence, but in practice, this provision is difficult to apply.
But apart from this obligation to provide information and this prohibition in principle which only exists in France, the law has mainly focused on the hardware part. There is currently no mandatory update duration, whether functional or related to security.
During the 2020 AGEC law, "we managed to obtain a minimum availability time for spare parts, but we never managed to obtain anything for software maintenance", regrets Flavie Vonderscher, head of advocacy at Stop planned obsolescence (HOP), questioned by 01net.com.
This explains why for smartphones, for example, we find durations ranging from 2 years to 7 years, 7 years being particularly planned for high-end phones like the Pixel 8 and 9 from Google or the Galaxy S24 from Samsung. For iPhones, Apple provides for a minimum of five years of updates from the launch date.
Smartphones: 5 years minimum from June 2025
This cacophony should change from next June, thanks to a European regulation: all smartphone and tablet manufacturers will have to guarantee at least five years of updates to their operating system from the launch date of a product.
This rule, from the European Regulation 2023/1670, specifies that this concerns "security updates, corrective updates and functionality updates".
The idea is to "ensure that users continue to receive these updates for a minimum period of time and at no cost, including for a period after the manufacturer has stopped selling the relevant product model", specifies this European law, which sets ecodesign requirements.
While this remains a very positive point, HOP regrets that the European durability index, which replaced the French repairability index, does not encourage manufacturers to go beyond this five-year minimum. Manufacturers who go beyond this duration will not be "rated" any better.
For computers and their operating systems: no obligation for the moment
For other electronic devices such as computers, no minimum duration is currently planned. But the issue should be decided in "delegated acts" that will be directly applicable in France and the 26 other EU countries. It is the European Commission that, on the basis of the 2023 regulation, must adopt these texts, each delegated act being specific to a particular product. For computers, the consultation phase is over, and a draft should be published in 2025 (in the 4th quarter), therefore at the end of the year, according to the Commission's website.
The association Halte à l'obsolescence programmée (HOP), which was consulted by Brussels, explains to us that it campaigned for the mandatory minimum duration of updates to go beyond five years, the mandatory duration for smartphones. "Quite simply because we're supposed to keep a computer for longer," emphasizes Flavie Vonderscher, head of advocacy at the association.
For its part, Arcep, the French telecoms regulator, wanted to do its bit by publishing a note last July, intended for the Commission. The French authority is calling for "computer manufacturers and distributors"to "ensure the maintenance of the operating systems pre-installed on their devices." "Security updates essential for their use" must be provided free of charge "for a period of 10 years from the end of the marketing of the associated computer ". This would therefore involve imposing ten years of software support for a product, starting not from its launch, but from the withdrawal from the market of the associated device: a starting point that raises questions because it rests with the computer manufacturer - the one that withdraws the device from the market such as Asus, HP, Huawei, Lenovo, etc., which is often different from the operating system provider such as Windows, macOS, Linux, etc. This would theoretically mean, if Arcom's suggestion is adopted, that the update would have to be provided for much longer than is currently planned. Windows 10, launched in 2015, will be updated until October 2025. However, if I buy an HP computer with Windows 10 in January, this operating system should theoretically be updated, with this rule, up to 10 years from the withdrawal from the market of the HP computer – a withdrawal that has not yet taken place. "When an operating system is no longer maintained", Arcep also suggests that the Commission ask computer manufacturers to "facilitate the use of alternative operating systems». Not sure that this will please the developers of operating systems. So see you at the end of the year to see what has been retained by the European Commission.
0 Comments