Why Does Microsoft Charge $100 For BitLocker?
Every other major OS includes free full-disk encryption to protect against data theft, surveillance, and persecution. So why does Microsoft charge?
In the 1990s, it used to be the case that if your phone or computer was stolen, all of your private data - finances, emails, passwords, business intel - went with it. With physical access to your device, an attacker could trivially bypass your password and get to this stuff. Considering that 7 out of every 100 laptop computers are lost or stolen[pdf], that is a lot of data theft. And it had an economic impact too: for a business in 2010, every lost computer caused a $49,000 economic loss. For the most part these people weren’t carrying around $50,000 laptops, so it’s clear that the impact here was the theft of corporate data - not the cost of the physical hardware itself.
In response to the economic impact of data theft, manufacturers began to include free disk encryption features in their products to thwart data thieves. In 2009 Apple introduced free full-disk encryption into their iPhone line, and it is now enabled by default on new iPhones. In 2012 they introduced the free FileVault 2 feature to protect Macbooks against this same type of attack, and it is now enabled by default on all new Macs. In 2011, Google released Chrome OS with free always-on encryption, and in 2013, they released free encryption for their phone OS as part of Android 4.4. All of these devices are now effectively impossible for a common thief to break into, and sometimes not even the FBI can.
In contrast with the free encryption provided by Apple and Google, Microsoft introduced encryption too, but at a steep price. To this day their full disk encryption feature (which they call BitLocker) is only available with the “Pro” editions of Windows, which cost $100 more than the Home editions and include a bunch of extra business features that are completely useless to a home user. The only alternative to coughing up the extra $100 to protect your data is to use a 3rd-party tool like VeraCrypt, which is more difficult to set up, comes with no stability or compatibility guarantees, and requires unsupported command-line tools or a time-consuming removal and reinstallation process with every major Windows upgrade.
The year is now 2018, and all major operating system vendors besides Microsoft not only include full disk encryption for free with their products, but enable it by default. This is what a home user of each major OS pays for full-disk encryption to protect against data theft:
|Platform||Price||On by Default?|
To be clear, when we talk about full-disk encryption we are not just talking about a “nice-to-have” feature. Anybody with data on their computer that they would like to protect from a thief (so, literally everybody everywhere), benefits in a real economic sense from easy-to-use full-disk encryption. On top of that, according to Amnesty International, access to encryption is a matter of human rights:
In the digital age, access to and use of encryption is an enabler of the rights to privacy and freedom of expression, information and opinion, and also has an impact on the rights to freedom of peaceful assembly, association and other human rights. […] Because of the critical role played by encryption in enabling the enjoyment of, among others, the rights to privacy and freedom of expression, restrictions on access to and use of encryption, constitute an interference with the enjoyment of human rights. […] At a minimum, companies have a responsibility to provide an adequate level of encryption, where their products or services involve the storage, processing or transmission of personal data.
Data protection is not only useful, it is instrumental to our right to free speech in this digital age. So why is Microsoft still acting like it is a premium business feature? Get with the picture, Microsoft. Flip your magic switch and let everyone lock their damn computers, just like they lock their cars and homes.
Oh, and don’t screw up your encryption again. Thanks.
$100 Bills: Pepi Stojanovski
More Articles Tagged #privacy
How I Removed My Profile Pic from Sydex.net and Alumnius.net People Search
26 June 2020 privacy tech
How I Removed My Own Face From My Head
17 June 2020 satire tech privacy