Who truly owns a device that won’t run the software you choose? We are living through a quiet contraction of digital ownership: makers of hardware and platforms are hardening their gardens, and with each gate they add, a little more user freedom slips away. This isn’t only an abstract debate about openness — it affects product strategy, customer trust and, increasingly, regulation.
Why the walls are getting higher
There are three forces driving this change.
- Security as rationale. Companies point to malware and fraud to justify control. This is partly legitimate — modern endpoints are attack vectors for identity and financial crimes — but security alone doesn’t explain the shape of the solutions we’re seeing.
- Business incentives. Guarded ecosystems increase recurring revenue, lock in customers and create opportunity for high-margin services.
- Gradual erosion strategy. Changes are rolled out incrementally so that the average user hardly notices until choice is gone. That makes it harder for policymakers and consumers to see the connection between step A and the eventual closed system.
Real examples: from Gatekeeper to Secure Boot and beyond
These are not hypotheticals. Apple’s Gatekeeper is a security feature that requires apps to be signed and notarised by identified developers; a useful protection, but one that also creates friction for independent developers and small vendors. On Android, recent moves by Google to tighten sideloading and impose developer verification requirements are being presented as anti-malware measures — yet critics argue they make it much harder to install alternatives to the Play Store. Read a solid overview at Ars Technica.
At a lower level, UEFI Secure Boot was sold as a way to stop boot-time malware. In practice it has been used on some machines to make installing alternative operating systems difficult. For many users who value their freedom to tinker, run specialised workloads, or adopt privacy-respecting distros, these restrictions are meaningful barriers.
The Hackaday piece captures the cultural shift well: what felt like ownership — the right to run what you want on your hardware — is being reframed as a privilege granted by vendors.
Why product and engineering leaders should care
This trend has practical implications for those of us building products and services.
- Customer trust is at stake. Users buy devices expecting control. When that expectation is eroded, churn and dissatisfaction follow, especially among power users and enterprise customers that value extensibility.
- Innovation gets constrained. Small developers and start-ups often rely on the ability to ship novel software for existing hardware. Walled gardens raise the cost of entry and favour incumbent players.
- Technical debt masquerades as security. Overly prescriptive platform controls can force teams into brittle workarounds, increasing long-term maintenance costs.
Practical responses for leaders
What can product, technology and innovation leaders do? Here are concrete approaches that respect security without surrendering user agency.
- Design for choice. Where possible, offer users alternative installation paths or modular integrations. If you ship hardware, document and support boot modes, developer options and recovery tools transparently.
- Adopt open standards. Prefer open formats and protocols that make substitution easy. That reduces vendor lock-in and gives customers control over data and interoperability.
- Partner with open-source communities. Contribute upstream fix‑and‑feature work so your product can interoperate with wider ecosystems. This also builds credibility with technically minded users and enterprise buyers.
- Advocate for users in procurement. When buying third‑party platforms for your business, prioritise vendors that allow control and provide escape hatches; push back on clauses that unduly restrict modification or alternative software.
- Prepare for regulation. Engage with standards bodies and regulators. This isn’t theoretical: policymakers are increasingly interested in competition and consumer rights in digital markets. If you sit silent, the rules will be written without your perspective.
Balancing safety and sovereignty
Security matters — I’m not arguing for reckless freedom. But the balance has shifted. The right question for product leaders is not “can we stop users doing dangerous things?” but “how do we protect users while preserving their agency?” Practical tactics include verified optional defaults (secure by default but reversible by informed users), transparent attestations of risk, and developer programmes that make secure participation affordable for small teams.
A small example with big implications
Consider enterprise deployments. A company buying tablet fleets for staff may prefer locked devices for compliance; but many of these organisations also need bespoke local apps, offline tools, or integration with legacy systems. Vendors that make reasonable developer escape routes preserve the buyer’s future options and generate long-term loyalty. Those that don’t create future friction and procurement headaches.
Where regulators and product leaders must meet
Markets left to the incentives of a few large platform owners will push towards control. That’s why sensible regulation is increasingly necessary: not to punish security, but to preserve competition and consumer rights. Product leaders should be ready to make clear, practical cases to regulators about what constitutes reasonable security measures and what looks suspiciously like commercial lock-in.
Actionable takeaways:
- Audit the degree of control your product imposes on users and customers.
- Prioritise open standards, documented escape hatches, and developer-friendly policies.
- Engage with regulators and industry groups to shape balanced rules that protect users and competition.
The story of our devices shouldn’t be one where ownership is an illusion wrapped in a glossy interface. As product and technology leaders we have both a responsibility and an opportunity: to design secure systems that empower users, not to outsource choice to a handful of gatekeepers. Do that well and you’ll not only protect customers — you’ll build lasting trust and sustainable products.
Leave a Reply