End-to-end encrypted email provider Tutanota finally got a fix last month from Microsoft for a registration issue that had affected users who were trying to sign up to the tech giant's cloud-based collaboration platform, Teams, using a Tutanota email address -- but only after complaining about the problem publicly.
TechCrunch picked up its complaint last month.
Thanks to the reporting of @riptari, we can now announce that Microsoft is no longer blocking Tutanota users from registering a Teams account! 😀 🙌
— Tutanota (@TutanotaTeam) September 14, 2022
In a blog post confirming the resolution yesterday, Tutanota writes that Microsoft got in touch with it "within a week" after media outlets such as this one raised the issue with Microsoft. It had been complaining about the issue through Microsoft's official support channels since January 2021 -- without any resolution. But after the oxygen of publicity arrived the problem was swiftly fixed last month. Fancy that!
While it's (finally) a happy ending for Tutanota, its co-founder Matthias Pfau makes the salient point that this situation remains an entirely unsatisfactory one for SMEs faced with the market muscle of powerful platforms which have -- at best -- a competitive disinterest in swiftly attending to access issues and other problems affecting smaller businesses that need fair interfacing with their platforms to ensure they can properly serve their own customers.
"While the issue has been resolved pretty quickly by Microsoft after the right people contacted us following the media attention, we still believe that this example shows why we need better antitrust regulations. It is not fair that a Big Tech company can ignore a small company's request to fix an issue that effects its users for months, and is only interested in fixing the issue after it received bad publicity because of this," he writes.
"After all, not every small company has the option to go public, possibly because the media will decide their issue is not worth talking about or because they simply do not have established media contacts and find it hard to get through to the right people.
"While we are very happy that this particular issue has now been fixed for all Tutanota users, we still believe that there must be a better way for companies to contact Big Tech and request fixes from them - one where they can not simply answer to the request with "Sorry, fixing the issue you are having is not feasible for us."
Platform fairness is one issue that the European Commission has been attending to in recent years -- but apparently not with enough of a flex to ensure all SMEs are being treated attentively by cloud giants.
Tutanota is not alone in experiencing issues with Microsoft's support response to its complaint. Another SME, the browser maker Vivaldi, got in touch following our report on Tutanota's issue -- saying users of a webmail service it offers had reported a similar issue on Azure, another Microsoft cloud computing platform. It told us that users of its Vivaldi.net email service had been given information -- "and possibly access to" -- other vivaldi.net users' Azure accounts. Which sounds, well, suboptimal.
"The reason is that vivaldi.net is handled as a corporate domain, not an email provider domain. Microsoft has refused to fix the problem, claiming it is by design," a spokesperson for the company explained last month, adding: "We have also had similar reports about other services."
"It's frustrating that in 2022 to find Microsoft blatantly continues to engage in anti-competitive practices," they added.
After TechCrunch raised Vivaldi's complaint with Microsoft, the SME got back in touch with us to say -- surprise! -- it had suddenly had fresh attention from the cloud giant to its complaint... "We are having a meeting with them this week. So they have woken up after two years. Let's see what comes out of this," its spokesperson told us a few weeks ago.
We followed up this month to see if Vivaldi has also had a resolution -- but at the time of writing we're still waiting on a response.
Update: Vivaldi told us the meeting with Microsoft "moved in a positive direction and the issues are partially fixed". "Vivaldi.net is being treated as a personal email address and that's what we expect. Although it's been fixed for new signups, for existing accounts that were created before they made their changes, we don't think they've done anything yet," they also said. "Hopefully, all such issues should soon be resolved."
We also asked for an update from Microsoft but haven't heard back yet. But the tech giant previously said: "We’re in touch with Vivaldi.net to look into their concerns around data and will take action as needed to ensure that customer data is handled properly and any issues are addressed appropriately."
One thing is clear: These two complaints are just the tip of the iceberg. (Just the social media chatter around our Tutanota reporting includes a similar complaint about IBM Cloud -- and another that Microsoft also blocks self hosted emails from its virtual private servers "without any sort of explanation, so you can conveniently get an email address from them as well", with the complainant accusing its business of "always been forced dominance" -- for e.g.)
What's a whole lot less clear is whether or not current (and incoming) EU regulations are up to the task of protecting SMEs from cloud giants' power to be totally disinterested in resolving platform problems that affect smaller competitors.
Back in 2019, the European Union agreed a regulation the bloc's lawmakers claimed was pioneering in this regard -- aimed at tackling unfair platform business practices, with the Commission saying they wanted to outlaw "some of the most unfair practices" and create a benchmark for transparency. The regulation, which came into force just over two years ago, included a requirement that platforms set up new avenues for dispute resolution by mandating they have an internal complaint-handling system to assist business users.
However the EU's platform-to-business (P2B) trading regulation, which was targeted at so-called "online intermediation services" which provide services to business users that to enable them to reach consumers, had a heavy focus on ecommerce platforms, search engines, app stores and rental websites etc (and barely any mention of cloud computing). So it's not clear whether services like Microsoft Teams and Azure are intended to fall in scope -- despite "online intermediation" itself being a broad concept.
If the regulation is supposed to apply to cloud services, the poor experiences of SMEs like Tutanota -- having core issues affecting their users essentially ignored via official support channels -- indicates something isn't working. So, at very least, there's a failure of enforcement going on here. The lack of clarity around whether the P2B regulation even applies in such cases also obviously doesn't help. So there does seem to be a communication gap -- if not an outright loophole.
The EU has further digital regulations incoming that are squarely targeted at ruling how platforms do business with others, with the goal of ensuring open and contestable markets via proactive enforcement of fair terms and conditions. Most notably the Digital Markets Act (DMA), which will apply to the most powerful "gatekeeper" platforms.
However this regulation is not yet in force -- application will start next year -- and it will require individual gatekeepers and "core platform services" to be designated before requirements apply, which will take many months in each case. So, well, it's not going to be a quick fix.
Additionally, there have also been some concerns about whether the new regime will robustly apply to cloud giants productivity and enterprise services to other businesses. So some legal fuzziness around cloud services may persist.
Asked if it's confident the DMA will be an antitrust game-changer, a spokeswoman for Tutanota was doubtful it will prove a silver bullet to resolve the baked-in power imbalance between platforms and SMEs. "A better way to resolve such issues is needed," she told us. "Possibly the DMA will address this but consequences in cases of negligence on the gatekeeper's side must be in place; otherwise it will be easy for them to continue to ignore small competitors.
"As long as Big Tech companies do not have to fear any kind of consequence -- be it bad publicity or drastic fines -- they will not be interested to invest into fixing issues of competitors' users -- which from their business perspective is understandable. This is exactly why we need better legislation in this regard."
"We expect the DMA to be a good first step into this direction, though it will probably not address all issues," she added.
The Commission was contacted with questions on these issues but at the time of writing it had not responded. We'll update this report if we hear back.