Progress against piracy
The 25 arrests, which included Ma Kei Pei — indicted in the U.S. in 2003 before fleeing to China for allegedly creating fake Microsoft programs — represent the first results of an increased anti-piracy partnership between U.S. and Chinese authorities. Such a working relationship is no small matter when dealing with a country long regarded as the world's prime source of illegally copied goods, but now widely regarded as trying to whitewash its image before the 2008 Olympic Games in Beijing.
For U.S.-based software vendors, the arrests were good news for numerous reasons. The break-up of a piracy syndicate results in less fake merchandise on the streets, but it is also a symbolic victory, signaling likely future busts, says Chris Paden, public relations manager at Symantec, a company whose software Ma Kei Pei is accused of replicating.
“When Ma and other members of his syndicate were arrested, not a lot of the recovered products were Symantec, but we helped authorities in terms of information. Bringing down that syndicate was a big step,” he says. “I think that was a very big step that was very encouraging for many people over here. It was encouraging that the FBI and Chinese law enforcement worked together.”
While the arrests may have only dented the armor of worldwide piracy, other data suggests that the rates of piracy in countries such as China and Russia — hotbeds of counterfeiting of all kinds — have taken a hit in recent years. A study released in May by the Business Software Alliance (BSA), a nonprofit which fosters copyright protection, cyber security, trade and e-commerce, and conducted by IDC, revealed that the rate of pirated software has decreased by 10 percent in China over the past three years. In Russia, the piracy rate dropped by seven percentage points over the same period of time. Contrary to these trends, the legitimate software market in China grew to $1.2 billion in 2006, an increase of 88 percent from the year before, and a jump of 358 percent from 2003.
But not all of the percentages in the BSA survey signal positive developments. More than $100 billion in pirated software was installed on PCs in 2006 and the global piracy rate for that year was 35 percent, the same as 2005, according to the BSA.
Efforts are paying off
Large enterprises and organizations such as the BSA, which have an international reach and can lobby foreign governments, can take the statistics as a sign that their efforts are paying off. However, much work must be done to pressure foreign governments to increase anti-piracy regulations, says Rodger Correa, BSA compliance marketing director.
“What we are doing is working with governments, and governments can do a lot to reduce software piracy,” he says. “A lot has to do with government control. An example is reducing China's piracy rate by 10 percent. There are positives, but there is much more to be done.”
No software vendor feels the heat of pirate activity as much as Microsoft, whose operating systems and applications run on the vast majority of home and corporate computers around the world. Because software pirates rely on name recognition to sell counterfeit goods, Microsoft has an unusually large target on its back. In response, the software giant takes a three-pronged approach to fending off piracy, says Michael Beare, director, channel, Genuine Software Initiative at Microsoft. This strategy includes educating the public on the dangers of software piracy, using technical advances, such as the Windows Genuine Advantage program, and also working with law enforcement authorities, according to Beare.
“We have a really strong legal team comprised of attorneys supporting the U.S. Customs and Border Patrol and trying to detect the counterfeit products,” he says. “That's investment that has been distracted away from bettering our products.”
Large software vendors, who stand to lose tens of millions of dollars annually to software pirates often conduct their own educational programs, warning that counterfeit software is not only illegal, but can damage a corporate PC — a loss the company must then replace. The use of pirated software tends to be more common in small- and medium-sized businesses (SMB) because of a lack of attention. The emergence of the Sarbanes-Oxley Act of 2002 as a regulatory tool has minimized the use of pirated software in larger corporations, says Correa.
“Most piracy tends to be concentrated in SMBs. We do realize that SMBs are working with limited resources, and software resources sometimes aren't at the top of their priorities. In the past, it was also concentrated in larger corporations, but with the influx of SOX, that has been reduced in the past
couple years,” he says. “We have done quite a bit of advertising and quite a bit of communications overall. I would be surprised if companies weren't aware of us.”
Another obstacle facing legitimate software vendors is that the bad guys sometimes have a technical advantage. The key to unlocking and reverse-engineering software is sometimes just a few web searches away, says Michael Dager, CEO of Arxan, a leading provider of intellectual property protection designed to prevent software piracy.
“The bigger problem is that the hackers and the pirates, themselves sophisticated programmers, have jumped in a major way in front of the software vendors and the license management vendors,” he says. “The proliferation of hacking tools, things like reverse compilers, has increased exponentially over the past couple of years, and the quantity of tools and the methodology of these tools has leapt ahead.”
Don't step on toes
In addition, software companies must keep in mind another group of people when trying to fend off pirates — their own customers. A technical anti-piracy solution should stay off the toes of end-users while protecting the company's intellectual property, says Gord Larose, senior application security engineer at Cloakware, a Vienna, Va.-based security solutions provider.
“I think there's certainly room for technology, but you have to strike a careful balance between something that's bulletproof and annoys people,” says Larose.
While there are other methods to fight piracy other than handcuffs and police raids, the effectiveness of working with law enforcement authorities shouldn't be underestimated. Investigative units are used by many large vendors to follow the tracks of criminals benefitting from the sale of counterfeit software. Combined with technical precautions and public education — as well as the awareness efforts of other organizations — this can make for an effective piracy fighting program, says Scott Minden, director of legal affairs, Symantec.
“We're going to continue our current course, which is aggressive investigations and continuing to publicize this as best we can,” says Minden. “We want to really let the pirates know that we're after them, and to let consumers know that we're focusing on what they purchase. One thing we'd really like to focus on is increasing our education drive to the public.”
From the - October 2007 Issue of SCMagazine »