03:50 PM
Connect Directly

Pirated Software Hurts U.S. Jobs, Economy, Microsoft Says

Companies that use illegally copied software put more scrupulous competing companies--and countries--at a disadvantage, Microsoft argues in its latest anti-piracy push.

10 Massive Security Breaches
(click image for larger view)
Slideshow: 10 Massive Security Breaches
Thursday was Play Fair Day, and on this Microsoft-created annual event designed to remind people about the problems associated with intellectual property theft, Microsoft released a study showing that software piracy in Brazil, Russia, India, and China creates an aggregate competitive disadvantage of $8.2 billion over five years for companies that play by the rules.

In other words, firms that don't rely on stolen software pay more to operate, making them less competitive.

For Chinese firms using legitimate copies of Windows, the study's findings translate into annual harm of $837 million, enough to construct 66 manufacturing plants or hire 217,000 employees (at a salary of $3,857 each).

The message might seem to be that crime pays, but of course it's the exact opposite: Microsoft doesn't get paid. Microsoft's challenge is to get more people, particularly in emerging markets, to recognize theft of intellectual property as a crime.

[ Find out what Microsoft has up its sleeve for its next operating system. Read Windows 8 Promises Fewer Annoying Restarts. ]

"We're losing a lot of money from people stealing our IP," said Bonnie MacNaughton, senior attorney in the Microsoft legal affairs department and head of the company's anti-piracy team in the U.S.

MacNaughton, other members of Microsoft's anti-piracy team, a supply chain management expert from Stanford's Knight Management Center, and a principal from the consultancy that conducted Microsoft's study, met over dinner with members of the press in San Francisco, Calif., on Wednesday evening to discuss the company's evolving effort to combat unauthorized Microsoft software.

Play Fair Day, an event known as Consumer Action Day since its 2008 inception, comes at time when intellectual property issues are at the forefront of regulatory discourse. An intellectual property protection bill recently introduced in the House of Representatives, the Stop Online Piracy Act (SOPA), is being fought by Internet companies--Microsoft doesn't yet have an official position--that fear it will undermine the safe harbor protections that protect them from being held liable for the actions of their users. And the Computer & Communications Industry Association, a tech industry trade group, testified Wednesday before the Congressional Executive Committee on China about how Chinese censorship constitutes an unfair trade barrier. Also, earlier this month, 39 state attorneys general said they intended "to address the unfair advantage that results when foreign and other manufacturers use stolen information technology, including pirated software, to illegally slash their costs."

That's the approach Microsoft is taking and it represents something of a new strategy. It is focusing on software piracy's economic impact on businesses and governments rather than emphasizing crime and litigation. The company's strategic shift makes sense given the ongoing global economic difficulties. Now more than ever, a message that pirated software endangers jobs is likely to resonate with policymakers, and perhaps even with a public that isn't entirely convinced of the evils of copying without authorization.

The problems associated with illegally copied software have been well-known for years: Pirated software can be unreliable and insecure, and it enriches scofflaws at the expense of those who worked hard to create it.

Pirated software is also rampant: About 41% of software worldwide is pirated, according to a 2008 IDC study. The problem is more acute in emerging markets, which just happen to be places where Microsoft sees the most potential for growth.

And it is compounded by extreme price pressure: Microsoft's hardware partners in emerging markets have been selling "naked" PCs--computers without the Windows operating system--to reduce the retail price of their devices from, say, $450 to $400. This not only deprives Microsoft of Windows license revenue but also leads to brand damage and increased support costs--buyers of bargain PCs still tend to blame the hardware maker and Microsoft when their illegal copy of Windows has problems.

Yet, if some businesses see an economic incentive to rely on unlicensed software, there are also incentives pushing in the opposite direction. Jeff Marowits, principal at Keystone Strategy, the consultancy commissioned by Microsoft to conduct the study, noted that even in environments where software piracy is up in the 80% range, some companies recognize the business case for playing by the rules, particularly if they expect to do business internationally. Some emerging markets are starting to see things that way too.

"The new twelve year plan [in China] is very much focused on moving up the stack," he explained. "They don't just want to be differentiated by low labor costs; they want to create things and come up with ideas and monetize those. And in order to do that, you need to protect intellectual property."

The situation appears to be similar in Russia, which has been sending business leaders and politicians to Silicon Valley in the hope of learning how to foster innovation at home more effectively.

MacNaughton characterized Russia as one of the emerging markets where Microsoft has made the most progress in terms of fostering an interest in protecting intellectual property. She also noted that governments have an additional incentive to promote authorized software sales: tax revenue. "Governments are losing billions of dollars and tens of thousands of jobs for not having a legal software industry," said MacNaughton.

"As soon as you want to get into the innovation business, you will respect ideas," said Marowits.

Indeed, with BRIC countries seeking to sell more than cheap labor, piracy rates have been coming down in emerging markets over the past five years. China still has a ways to go--the software piracy rate has come down from 90% a few years ago to 78%, according to MacNaughton. But growth of PC sales in China hasn't been matched by proportional growth in software license sales, which means that Microsoft is losing more potential revenue than it was when the piracy rate was higher.

Although cyber criminals continue to keep one step ahead of investigators--Peter Anaman, senior program manager for online piracy in Microsoft's legal affairs department, noted that software pirates had begun hiding their servers using Tor encryption software in response to more aggressive takedowns--Microsoft isn't about to give up. In two months or so, the company expects to open a investigative analytics center devoted to tracking piracy around the globe.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-10-21
Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter in a get_template action.

Published: 2014-10-21
functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to read arbitrary database information via a crafted request.

Published: 2014-10-21
Multiple cross-site scripting (XSS) vulnerabilities in dotProject before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) callback parameter in a color_selector action, (2) field parameter in a date_format action, or (3) company_name parameter in an addedit action to i...

Published: 2014-10-21
SQL injection vulnerability in the MRBS module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: 2014-10-21
SQL injection vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) before 5.0.14 build 577 allows remote authenticated users to execute arbitrary SQL commands via the i parameter in a search action to the (1) NodeWorx , (2) SiteWorx, or (3) R...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.