heise PlusAbo
Anzeige

Microsoft Dependency: Federal Government Pays near 500 Million Euros in One Year

Federal spending on Microsoft licenses is rising rapidly. An analysis points to the risks of digital dependency.

listen Print view
Bundled 500-Euro Bills

(Image: RODWORKS/Shutterstock.com; heise medien)

9 min. read
iX Magazin
By
  • Prof. Dennis-Kenji Kipker
Contents

481.4 million euros: This is how much the federal administration spent on Microsoft licenses in 2025 – up from 274.1 million euros (2023) and 347.7 million euros (2024). This dynamic is more than a budgetary note. It makes visible how years of targeted product bundling and lock-in effects by Microsoft are thinning out competition and rendering Europe's digital sovereignty absurd. The federal government in particular must find a way out of this and lead by example.

Dennis-Kenji Kipker englisch
Dennis-Kenji Kipker

Dennis-Kenji Kipker is a professor of IT security law at Bremen University of Applied Sciences, where he works at the intersection of law and technology in information security and data protection.

The figure that makes digital dependency visible

The massive sums are based on the federal government using a central framework agreement from the Central IT Procurement Office to acquire Microsoft licenses. The BMI (Federal Ministry of the Interior) negotiates the framework agreement, which contains special conditions for the entire public administration, usually every three years.

The fact that spending has increased so sharply within two years is a clear warning signal that the state has degraded itself into a key customer of a digitally non-sovereign ecosystem with declining negotiating power. In many authorities, it has become customary over decades for Outlook, PowerPoint, Exchange Server, and increasingly Teams to be part of the basic infrastructure.

The inquiry by Rebecca Lenhard, the digital policy spokesperson for the Green Party, also shows that the federal government lacks an overall view of digital dependencies in the federal system: According to the response, the federal government has no reliable figures for the states and municipalities. The total volume of license spending for Microsoft across the entire German administration is likely to be significantly higher. This is precisely where it becomes clear why digital sovereignty is still too often dismissed as merely an IT task: without transparency on spending, common standards, and coordination in IT procurement for public administration, dependencies on a single corporation are not reduced but perpetuated.

Product bundling as leverage: from the workplace to the cloud

Microsoft's market power stems less from a single product than from its bundling into an almost completely integrated work and cloud environment: Windows, Office, email and collaboration, identity, security and compliance components, and cloud infrastructure are interconnected. Alternative solutions can therefore rarely be integrated “plug and play.” Switching to alternatives quickly becomes a major organizational project. First, one has entered into technological dependency, more or less consciously, over years – now one is stuck. Without a political decision from the very top, individual authorities often lack the resources to change course independently.

The targeted bundling of products and services quickly becomes de facto coupling in dominant markets: If central functions are only attractively priced or technically best integrated as a package, the path of least resistance – and not the best or most digitally sovereign offer – ultimately determines the procurement process. The sales network of the Redmond-based company also plays its part in keeping municipal IT departments and central procurement offices on board.

The fact that the EU Commission is currently investigating Microsoft's coupling practices in the collaboration market with MS Teams and MS Office shows the severity of the dilemma we are currently in. However, with the integration of AI tools into Microsoft 365, we are already experiencing the next path to digital dependency.

Lock-in in the cloud: when switching costs become state risks

The effect of being stuck in the Microsoft ecosystem is particularly strong in public administration. This is because continuity, legal certainty, and interoperability across authorities are of central importance in the public sector. However, when documents, identities, access models, and interfaces are tailored to a single ecosystem, migration efforts and cybersecurity risks also increase.

The market mechanism then fails not due to a lack of (digitally sovereign) alternatives but because of practically prohibitively high switching costs. These platform and lock-in effects remain the central driver of our digital dependency. If, as early as 2029, a consistent switch to subscription models with mandatory Azure subscriptions is threatened, dependency on Microsoft becomes a strategic imperative – especially without a plan B.

Read also

Competition law issues: license terms as a market entry barrier

In cloud computing, not only technical features but also license conditions are decisive: European cloud associations have been criticizing for years that certain Microsoft license models make workloads on non-Microsoft clouds pricier or restrict them. While agreements with European providers, for example in the CISPE environment, have initiated improvements, they are simultaneously assessed as insufficient and primarily prove one thing: license rules can be used as leverage to structurally favor one's own cloud.

This is doubly relevant for the public sector: because tax revenues not only flow into licenses but also indirectly solidify market power when IT procurement scales a closed ecosystem. At the same time, it becomes harder for open, interoperable alternatives to gain a foothold in a highly competitive market.

Digital sovereignty is a matter of state – or it remains rhetoric

Digital sovereignty primarily means freedom of choice and control: changing providers without loss of control, traceable data flows, data sovereignty and data protection, verifiable security measures, and reliable digital options for action in crisis. Those who continue to bundle central administrative processes in the Microsoft cloud stack not only ignore these requirements but also import systemic risks into their own IT – from supply chain dependencies and price jumps to legal uncertainties and the state's loss of control over its digital work foundations.

Videos by heise

The demand for greater digital sovereignty has now become a core element for the operational capability of the German state and Europe's ability to shape digital infrastructure according to its own rules. As long as the federal government, states, and municipalities act without a common objective framework, isolated solutions will emerge, and these will ultimately reinforce precisely the lock-in effects that are politically intended to be reduced.

A way out is possible

The federal government urgently needs a realistic diversification and exit strategy from its one-sided dependency and the years-long dominance of a single provider. Political appeals, such as recently at the Digital Summit with Friedrich Merz and Emmanuel Macron, cannot be enough. Especially since there are indeed pragmatic courses of action to achieve the goal:

  • Anchor cost transparency across all levels to gain negotiating power and planning security,
  • Conduct feasibility and potential studies for alternative paths for operating systems, office suites, communication, and collaboration,
  • Strive for a mix of suitable and needs-based providers in public tenders, and
  • Define interoperability, data portability, and open standards as contractual and procurement obligations.

In parallel, a strategy supported by competition law is needed: Where license terms or coupling practices hinder fair competition, the Federal Cartel Office and the EU Commission must consistently use their instruments. However, the crucial lever remains a coordinated procurement strategy by the federal government and the states with common minimum standards. The federal government must lead the way here, because only it has the signaling effect and scaling power to turn pilot projects into genuine sovereignty.

Time is running out. If the federal government is facing new contract and migration decisions anyway, it must use the coming years to test alternatives to Microsoft in scalable reference architectures, build up expertise, and gradually implement the switch. The fact that the federal government, states, and municipalities are stocking up on licenses through a framework agreement with Microsoft, involving large German companies as Licensing Solution Partners, but there is no overall overview of costs, is difficult to justify to taxpayers. Here too, the federal government must negotiate more intelligently and foresightedly in the future.

In the medium term, the nearly 500 million euros per year should no longer flow into Microsoft licenses but should financially support the transition to a sovereign ecosystem for public IT. This also includes a politically set target date from which critical core functions in the national IT infrastructure must no longer be exclusively tied to a single ecosystem.

(fo)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten