‘secure’ or Restricted Boot in UEFI has no purpose (or little purpose) other than to serve or facilitate business models of corporations, at the expense of customers. It is akin to DRM and TiVoization and it is hard to defend the inclusion of this antifeature, for reasons we covered here before
So there is no technical reason for Microsoft to force it on everybody. It also gives UEFI an (so far) undeserved bad reputation.
Secure boot takes away the boot freedom and on some devices (ARM architechture); it is impossible to install other than Microsoft products.
But in this Market Microsoft has no mentionable market share.
The intention to use it to gain control is badly camouflaged so Digital Rights Management is probably more of a real reason for implementing it.