The Federal Ministry of the Interior (Bundesministerium des Innern or BMI) in Germany says it will reduce reliance on specific IT suppliers, especially Microsoft, in order to strengthen its "digital sovereignty".

In an official statement, the Federal Minister of the Interior Horst Seehofer states that “in order to ensure our digital sovereignty, we want to reduce dependencies on individual IT providers. We are also considering alternative programs to replace certain software. This will be done in close coordination with other EU countries.”

BMI commissioned a strategic market analysis from consultants PwC, resulting in a paper that was published last month. The paper examines the risks inherent in IT dependency on commercial software vendors, with a particular focus on Microsoft because of the heavy use of its products and the way they are interconnected, especially Microsoft Office, Windows, Windows Server and Office 365.

Oracle and SAP also get a mention, with a recommendation for future examination, though PwC's analysts seem less concerned about them because they occupy individual product segments (database and ERP) rather than being pervasive.

The current trend towards integrated cloud-based offerings such as Office 365, Dynamics 365 and AI-driven applications on Azure gives the customer enhanced value but also increases lock-in because the added value comes from using them together, the analysis found.

Microsoft telemetry among Schmerzpunkten fingered by report

The analyst identifies several pain points ("Schmerzpunkten"). The first is data security. Telemetry transfers data to Microsoft, the user has limited insight and control over this, and it may contain personal data and therefore risk of breaching GDPR, the report suggests.

In addition, dependence on cloud services raises the risk of outages or remote deactivation of software licenses, PwC said.

Subscription pricing, the report added, means the potential for uncontrollable costs is a "moderate pain point". Microsoft may hoist prices or change the licensing rules, it suggested.

There is also an intriguing claim that using cloud services may reduce in-house IT competence, because the need to support on-premises software is reduced, and therefore threaten the federal administration's ability to innovate.

You could also argue that less time spent fixing broken on-premises IT means more time to focus on innovation; but it is true that cloud computing is a kind of outsourcing and there are downsides.

What to do? The report suggested several approaches to mitigate the problems it identified.

Negotiation, diversity and open source

One is to negotiate with software providers. The paper references how the Dutch Ministry of Justice negotiated with Microsoft over the collection of telemetry data.

Another is to use a more diverse range of proprietary software, such as Google G Suite in place of Microsoft Office, or Apple devices in place of Windows PCs.

Munich council: To hell with Linux, we're going full Windows in 2020 READ MORE

A third approach is to build and use more open source software. The report references several examples, including Munich's largely failed attempt to replace Windows and Office with Linux and OpenOffice, subsequently reversed, and the more successful efforts of the French police force to use Linux, LibreOffice and other open source applications,

The report does sound a note of caution though, referencing how large IT providers often acquire open source products and that this can be detrimental. Oracle is referenced for the way it has handled MySQL and Java.

The upside is that recent moves such as the appearance of the Linux kernel in Windows 10 (via the Windows Subsystem for Linux) may make it easier to adopt Linux applications.

It is easy to identify advantages in switching away from expensive proprietary software, but often hard to accomplish. Be realistic, ensure user acceptance, do the necessary training, proceed step by step, PwC suggests.

Is there anything new here? Some of the arguments, such as the risk of cloud downtime, seem familiar from years back; and yet it has not impeded cloud adoption. The relative merits and risks of proprietary versus open source software is also well-worn territory. What is more recent, though, is the trend towards massive data-gathering as well as international tensions (such as between the US and Huawei) which show how taking a dependency on technology controlled by other nations can come back to bite you.

The Register has requested comment from Microsoft. ®