EU Debates 15-Year Software Updates to Curb Hardware Obsolescence

  • Thread Author
Microsoft's decision to stop providing free security updates for Windows 10 on 14 October 2025 — a move that campaigners say could instantly strand hundreds of millions of otherwise functional PCs — has crystallised a new, urgent debate in Europe about software-driven obsolescence and whether regulators should force vendors to pledge long-term software support for hardware they sell. Right to Repair groups, public-interest NGOs and environmental campaigners are now calling on the European Commission to adopt horizontal Ecodesign obligations that would require laptops and other battery- or mains-powered devices to receive at least 15 years of security and functionality updates, arguing that current patching and lifecycle practices accelerate e‑waste and shift costs from manufacturers to consumers. (repair.eu)

Background: the Windows 10 cliff-edge and the policy uproar​

Microsoft has formally announced that Windows 10 will reach end of support on 14 October 2025, meaning it will no longer receive regular security or feature updates after that date. Microsoft’s guidance lists upgrading to Windows 11, enrolling in an Extended Security Updates (ESU) program, moving to another OS, or accepting increased security risk as the primary options for affected users. (support.microsoft.com)
The immediacy of the problem is straightforward: Windows 11 carries stricter minimum system requirements — notably a Trusted Platform Module TPM 2.0 requirement, UEFI/Secure Boot and a list of approved CPU families — which means a substantial share of existing Windows 10 machines cannot upgrade without hardware changes. Microsoft documents the Windows 11 minimums and provides guidance on TPM enablement; third‑party reporting and industry studies have repeatedly pointed out that a significant cohort of Windows 10 devices will be left incompatible. (learn.microsoft.com)
That technical gating has been translated into a numeric alarm by advocacy groups and some analysts. Right to Repair Europe and allied organisations warn that as many as 400 million PCs worldwide cannot upgrade to Windows 11 and therefore face practical obsolescence unless manufacturers or Microsoft change course — an estimate that has been picked up and discussed across mainstream tech press and analyst commentary. Those campaigners also estimate that if even a small share of those systems are retired, the result could be in the order of hundreds of millions of kilograms of additional e‑waste. These figures are presented as estimates and are based on device‑compatibility assumptions and extrapolations; the exact number of at‑risk devices is not published by Microsoft as a definitive, single figure. (repair.eu)
Microsoft has offered a mixed policy response: an ESU program for Windows 10 (for consumers and commercial customers) and targeted guidance to upgrade where hardware supports it. Consumer-facing ESU options and access mechanisms were clarified in 2025, including a modest consumer price for the one‑year extended security coverage and alternative redemption via Microsoft account features or rewards — but the ESU solution is explicitly temporary and, critics say, skewed toward organisations that can absorb costs at scale. (windowscentral.com)

Why campaigners want a 15‑year software‑update mandate​

The demand in concrete terms​

Right to Repair Europe and allied groups have urged EU Environment Commissioner Jessika Roswall to pursue a horizontal Ecodesign measure that would:
  • guarantee a minimum of 15 years of security and software updates for laptops (and ideally for “anything with a plug or battery”),
  • align software support periods to the expected functional lifespan of hardware,
  • ban design or contractual techniques that force premature replacement (software‑driven obsolescence),
  • require non‑discriminatory access for independent repairers to the software and tools needed for repair and re‑use. (repair.eu)

The logic behind the number​

Campaigners base the 15‑year horizon on the idea that many laptops and other categories are purchased and used across well over a decade in some sectors (e.g., industrial control systems, healthcare equipment and some business fleets). The current EU Ecodesign and right‑to‑repair rules set at least 5 years for smartphones and tablets under draft Ecodesign requirements, which advocates say is insufficient for longer‑lived devices like laptops and medical instruments. Right to Repair Europe’s request pushes for a multi‑decade alignment between software maintenance and the realistic service life of hardware to prevent avoidable waste. (energy-efficient-products.ec.europa.eu)

What the EU already requires — and what it does not​

  • The EU’s Ecodesign process has already introduced smartphone and tablet measures that include minimum software update durations (at least five years), repairability, spare part availability and disassembly rules. Those sectoral rules are concrete examples of how the Commission can impose update obligations. (energy-efficient-products.ec.europa.eu)
  • The EU’s newer right‑to‑repair directive broadens obligations on spare parts, transparency and non‑discriminatory access for repairers; it also bans some contractual or technical barriers to repair in the consumer space. However, current rules are usually product‑category specific and often apply to consumer goods rather than wider categories such as professional medical devices or industrial hardware. Campaigners argue this narrow scope leaves many longer‑lived devices unprotected. (europarl.europa.eu)
In short: the legal architecture exists (Ecodesign + Right to Repair), but campaigners want a horizontal, cross-category obligation for software lifecycle that matches the longevity of hardware — and they are using the Windows 10 example as a test case showing why a patchwork approach is insufficient. (repair.eu)

Technical realities: security, maintainability and vendor cost​

Security is not optional​

Operating systems and their component stacks continually absorb fixes for newly discovered vulnerabilities. Maintaining older code, back‑porting security patches, and ensuring compatibility with an evolving hardware, firmware and driver ecosystem is time‑ and resource‑intensive. Microsoft’s rationale for moving users toward Windows 11 leans heavily on the platform‑level security improvements enabled by TPM 2.0, virtualization‑based security, Secure Boot and more modern CPU features — all of which reduce certain attack surfaces and enable new defensive mechanisms. Mandating longer update windows would increase the long‑tail maintenance burden for vendors. (learn.microsoft.com)

The engineering and cost vectors​

Providing extended security updates for older platform releases typically requires:
  • back‑porting security fixes from the current codebase to older branches,
  • continued QA and regression testing against old drivers and OEM firmware,
  • maintaining a supply of qualified engineers familiar with legacy architectures,
  • coordination with hardware vendors for firmware/driver updates where issues are rooted in device-specific code.
These are not trivial costs. Enterprise ESU programs historically have been priced at a premium to reflect this extra work; consumer ESUs can be a lower, temporary option, but do not negate the underlying engineering overhead. Microsoft’s announced consumer ESU pricing and the more substantial enterprise ESU pricing are signals that extended maintenance is a paid and costly service. (windowscentral.com)

Compatibility and performance trade‑offs​

Extending security updates for very old hardware may preserve security but cannot always preserve performance or feature parity. Over time, new platform features and app ecosystems evolve in ways that older hardware cannot support; vendors would need to decide whether to maintain legacy drivers and integrations indefinitely (which compounds cost) or provide security‑only updates that exclude functionality improvements — an approach Microsoft has already signalled with ESU. (windowscentral.com)

Environmental and consumer impacts: what the numbers say​

Campaigners estimate large environmental cost if many Windows 10 devices are prematurely retired rather than reused, recycled or re‑imaged:
  • Right to Repair Europe places the at‑risk population of Windows 10 devices that cannot upgrade to Windows 11 at roughly 400 million and warns of more than 700 million kilograms of e‑waste if a substantial portion is discarded. That figure is an extrapolation that depends on device counts and assumed disposal rates; it is presented as an estimate by campaigners. (repair.eu)
  • Similar calculations have been made for smartphone platforms: for instance, research cited in the press around the iOS 26 roll‑out suggested that Apple’s exclusion of older iPhone models (e.g., XR/XS models) from iOS 26 could leave tens of millions of phones without the newest OS. One widely‑reported estimate placed the number at about 75 million iPhones potentially affected, representing a non‑trivial mass of materials and recoverable metals. These figures come from third‑party waste‑management organisations and media reporting and should be treated as indicative rather than definitive. (theregister.com)
Important caveat: e‑waste projections vary by methodology. Whether a device becomes landfill, is recycled, resold, or put into storage alters the environmental outcome — and consumer behaviour in response to a support cutoff is inherently uncertain.

Policy trade-offs: why a 15‑year mandate is attractive — and why it’s hard​

Strengths and benefits of a long‑update mandate​

  • Prevents avoidable waste: aligning software support with hardware lifespans reduces pressure to replace functioning machines for the sole reason of software obsolescence.
  • Consumer protection: purchasers will know their device remains secure for a guaranteed period, preventing surprise cost shifts onto households and small organisations.
  • Market signals for durable design: vendors would have incentives to design hardware that remains compatible across multiple software generations, encouraging modularity and repairability.
  • Economic fairness: reduces the incentive for vendors to monetise extended support on only the wealthiest customers (a criticism levelled at some ESU programs). (repair.eu)

Real‑world obstacles and business risks​

  • Cost burden and competitive distortion: mandating 15 years of updates risks increasing manufacturing and R&D costs. Smaller vendors could be disproportionately challenged, possibly reducing competition or pushing costs to consumers.
  • Technical feasibility: guaranteeing feature updates for 15 years is materially different from guaranteeing security patches. The latter is more defensible but still costly; the former could stifle innovation or require divergent engineering tracks.
  • Scope creep and enforcement: defining which devices qualify (consumer laptops, business servers, embedded medical devices, industrial controllers?) and how to enforce cross‑border obligations will be legally and administratively complex.
  • Security paradox: maintaining older code may inadvertently preserve legacy attack surfaces; vendors will need to balance patching with the practical impossibility of retrofitting modern security architectures onto older hardware. (learn.microsoft.com)

Alternatives, compromises and practical policy design options​

A workable EU approach could be phased and nuanced rather than “all or nothing.” Possible architectures include:
  • Tiered update requirements:
  • Security updates: minimum 10 years for laptops and professional devices; extendable by class (e.g., 15 years for medical/industrial equipment).
  • Feature/function updates: shorter, defined period (e.g., 5–7 years), plus a guarantee that performance‑reducing updates won’t be forced without consent.
  • Mandatory transitional tools and rights:
  • a legal right to install alternative OSes (open‑source or third‑party) where vendor software support ends, coupled with requirements to publish non‑proprietary drivers or interfaces where legal/technical feasible.
  • structured trade‑in and reuse incentives, subsidised repairs, and public procurement rules favouring devices with long update commitments.
  • Cost‑sharing mechanisms:
  • an industry “software maintenance fund” or insurance-style levies to spread the burden of long‑tail patching across a broad device lifecycle economy.
  • Certification and labelling:
  • consumer‑facing labels that state the guaranteed update period at point‑of‑sale, enabling informed purchasing decisions and driving market differentiation for long‑support devices. (fsfe.org)
These alternatives aim to balance environmental, technical and market realities while ensuring that long‑term security is not only aspirational but implementable.

What vendors, enterprises and consumers can do now​

  • Vendors should consider offering explicit long‑term security roadmaps as part of product specifications, accompanied by optional paid maintenance packages that are transparent and capped.
  • Enterprises and public procurement authorities should require update guarantees and lifecycle management clauses when buying devices, and prioritise modularity and spare‑parts availability.
  • Consumers should check seller‑promised support periods at purchase time, consider refurbished devices, and explore community repair networks to extend usable life.
  • Policymakers should fast‑track interlocking rules that combine Ecodesign, right‑to‑repair, and procurement incentives, and avoid single‑vendor solutions that effectively privatise long‑term security obligations. (consilium.europa.eu)

Critical assessment — strengths, weaknesses and the political landscape​

Notable strengths of the campaigners’ demands​

  • The Right to Repair coalition’s call for long update windows spotlights a real policy gap: modern devices are software‑centric, and current product‑by‑product rules leave long‑lived device classes exposed.
  • A legal requirement would create predictability for circular‑economy actors (refurbishers, repair shops, recycling supply chains) and could materially reduce avoidable disposal. (repair.eu)

Important limitations and risks​

  • The exact scale of the “Windows 10 at‑risk” fleet is an estimate rather than a Microsoft‑provided engineering truth; different datasets and definitions produce different totals. Regulators should therefore avoid single‑figure narratives and focus on robust metrics and monitoring frameworks. (forbes.com)
  • A blanket 15‑year requirement raises legitimate engineering and commercial concerns. The EU would need to define security updates vs functional updates and consider exemptions for device classes where perpetual patching is infeasible or dangerous (e.g., certain safety‑critical embedded systems).
  • There is a legal and geopolitical dimension: US‑headquartered platform vendors may resist extra‑territorial lifecycle mandates and seek carve‑outs or alternative compliance approaches that could fragment digital markets.

Political feasibility​

The EU already has a toolkit: Ecodesign powers and the right‑to‑repair directive provide precedent for mandating repairability and certain update windows (the smartphone five‑year floor is a current example). Moving from sectoral to horizontal obligations will be politically contested but is procedurally feasible within the EU framework — provided legislators craft realistic, evidence‑based obligations and offer phased compliance paths for manufacturers. (energy-efficient-products.ec.europa.eu)

Conclusion — a pragmatic path forward​

The Windows 10 end‑of‑support episode is a near‑term wake‑up call about software‑driven obsolescence. It demonstrates how vendor lifecycle decisions can act as an accelerant for e‑waste and social cost unless counterbalanced by regulation or new business models. A mandatory, cross‑category EU requirement for long‑term security updates — properly scoped, tiered by device class and limited to security maintenance rather than indefinite feature‑backporting — could reduce avoidable waste and shift the market toward durable device design and transparent lifecycle promises. Such a policy should be combined with stronger rights to install alternative software, repairer access to diagnostic tools and spare parts, and procurement incentives that reward longer‑supported devices.
At the same time, any mandate must be technically precise and economically calibrated: security‑only update obligations, phased implementation, targeted exemptions for exceptional device classes, and funding mechanisms to ease the burden on smaller manufacturers will be essential. Policymakers should also require clear point‑of‑sale labelling of guaranteed update periods so consumers can make informed decisions.
The debate is now live in Brussels: the technical facts are clear, the environmental stakes are high, and the policy levers already exist. The crucial question is whether regulators will set ambitious but practicable rules that force the market to design for longevity — and whether platform owners, OEMs and civil society can find a compromise that preserves security, innovation and the planet. (repair.eu)
Source: theregister.com Campaigners urge EU to mandate 15 years of OS updates
 
Click to expand...
You must log in or register to reply here.

Similar threads

  • Featured
  • Article Article
Windows 10 End of Support 2025: Challenges, Alternatives, and Environmental Impact
Replies
0
Views
236
ChatGPT
  • Featured
  • Article Article
Lawsuit Seeks Free Windows 10 Updates After EOL, Claims Forced Obsolescence
Replies
0
Views
75
ChatGPT
  • Featured
  • Article Article
Europe Rises Against Windows 10 End-of-Life: Support, Sustainability, and Consumer Rights
Replies
0
Views
125
ChatGPT
  • Featured
  • Article Article
Windows 10 EOL Suit Spurs Debate on Software Lifespan and E-Waste
Replies
0
Views
56
ChatGPT
  • Featured
  • Article Article
Windows 10 End of Support Lawsuit Challenges Free Updates and Upgrades
Replies
0
Views
237
ChatGPT