Toronto’s IT spending woes are making headlines, and not in a good way. Between 2020 and 2024, the City of Toronto wasted $11 million on unused and underutilized software licenses. Let that sink in—$11 million that could have been spent on public services, infrastructure, or just about anything other than dormant software subscriptions.
This isn’t just a Toronto problem. It’s symptomatic of Canada’s larger issues with poor software choices and lack of foresight when it comes to digital infrastructure. From inaccessible tools to privacy-invasive platforms, Canadians are often left paying the price—financially and in terms of security.
License to Waste
The City’s Auditor General reported that $9.63 million of this wasted money went to Microsoft M365 subscriptions that nobody used, and $1.36 million went to software licenses for employees who were no longer even working for the City. This lack of oversight isn’t just wasteful—it’s embarrassing.
The broader context is just as bleak. Between 2019 and 2023, the City spent $235 million on software, yet 1,200 of its 7,500 software titles require paid licenses. Many of these tools are inaccessible or unnecessary, highlighting a chronic failure to manage resources effectively.
Meanwhile, the City has ignored 12 recommendations from past audits, some of which are over five years old. This is what happens when governments double down on bad software practices instead of rethinking their approach.
Keeping software licenses active for staff who no longer work at the City of Toronto adds another layer of security risk. In the age of remote work, where sensitive data is accessed from various locations, active licenses tied to former employees or unused accounts can serve as open doors for cyber threats. These dormant accounts may be exploited by malicious actors, leading to potential data breaches or unauthorized access to critical systems. Without proper oversight and deactivation protocols, the City’s business operations remain exposed, compounding its existing IT vulnerabilities. Implementing stronger data security measures and regularly auditing active licenses are essential steps to address this common IT issue and safeguard against preventable security risks.
A National Epidemic of Bad Software Choices
Toronto’s software problems reflect a national issue. Across Canada, government agencies, schools, and even courts force citizens to use poorly chosen, insecure, and often inaccessible software. Google services, for example, dominate schools despite significant privacy concerns. In contrast, countries like France have banned Google Workspace and Microsoft 365 from schools, citing their failure to meet privacy and security standards.
Why can’t Canada follow suit? In many western countries, privacy-invasive platforms are simply not tolerated in public institutions. Canada’s acceptance of such tools isn’t just a bad choice—it’s a national failure to prioritize digital sovereignty and the rights of its citizens.
Cybersecurity Failures: The Real Cost of Cutting Corners
It’s not just about wasted money; cutting corners on cybersecurity poses significant risks to business operations and government services alike. Failing to stay up to date with robust security measures leaves organizations vulnerable to cyber threats, including ransomware attacks and data breaches—a common IT problem that has plagued Canada’s healthcare systems and government agencies in recent years.
Many security issues stem from a lack of proper data backup, cloud-based solutions, and proactive managed IT services. When organizations rely on outdated systems or neglect critical security updates, they expose themselves to increased risks from human error and weak infrastructure. Small businesses, in particular, often underestimate the importance of data security, leaving them ill-prepared to tackle modern cyber threats.
By adopting cloud services and prioritizing robust security practices, organizations can mitigate common IT issues while ensuring their systems remain secure and adaptable. Open-source and cloud-based solutions offer greater transparency and flexibility, empowering teams to address vulnerabilities quickly and improve overall security. Investing in these solutions is not just about protecting data; it’s about ensuring business continuity and resilience in an increasingly digital world.
Global Lessons in Open Source
Around the world, governments are showing how open-source software can save money, enhance security, and protect privacy. The European Union has embraced a robust open-source strategy, prioritizing technological sovereignty and cutting costs while fostering collaboration and innovation. Germany and Estonia are leaders in this space, and even U.S. government agencies are turning to open repositories to promote transparency and security.
Open source isn’t just about saving money—it’s about making smarter, more ethical software choices. By adopting open-source tools, organizations can avoid vendor lock-in, adapt software to their specific needs, and empower local developers.
A Better Way Forward for Toronto—and Canada
Perry Toone, founder of Thexyz, a Toronto-based provider of open-source solutions, has long advocated for smarter software choices. As he pointed out in a recent talk at the University of Toronto, governments can save millions and improve security by switching to open-source platforms. “Canada has the talent and the tools to lead the way,” says Toone. “We just need the will to act.”
By making a decisive shift to open-source software, Canada could save billions annually while fostering innovation and enhancing security. Open-source solutions eliminate costly licensing fees, reduce dependence on foreign corporations, and support homegrown tech industries. This isn’t just about cost-saving—it’s about national sovereignty and stopping the flow of taxpayer dollars into corporate welfare for foreign tech giants. Embracing open-source alternatives would not only protect sensitive government data but also create opportunities for Canadian developers to innovate and thrive in a more equitable digital landscape. The choice is clear: invest in sustainable, secure, and adaptable technology or continue propping up monopolistic practices at the expense of taxpayers.
