Risk
4/14/2011
03:05 PM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Schwartz On Security: Piracy Equals Market Failure

Legal actions to prevent or punish movie, music, and software piracy may be harmful to innovation as well as ineffective.

What's the best way to combat music, movie, and software piracy?

The Android camp offers one approach. Facing piracy of Android software--obviously, a turnoff for third-party developers who need to make a living--Google recently added in-app billing to provide developers with another revenue stream. Now, customers can demo an application before buying it, or purchase upgrades from within the existing application.

Another option comes from the high-technology sector, and involves finding businesses that are pirating your products and suggesting they pay up, so as to avoid fines. This is a strategy practiced by the Business Software Alliance, which counts Adobe, Apple, and Microsoft as members.

Legal channels are another approach. In November, for example, the Feds launched operation In Our Sites, which seized 82 domains, most relating to sales of counterfeit physical goods, though four were file-sharing or related domains. That was followed by an operation in February that took down 10 domains being used by six different services to stream sports events.

Let's review: Giving people an easy way to pay for what they're consuming--or listening to, per Apple iTunes--generates revenue. So does finding people already using your software products and suggesting they pay for it. But do legal measures increase revenues or even decrease piracy?

Industry groups suggest that they do, and praised the Fed-driven takedowns in a letter to the White House, reports The Hill. "Operation In Our Sites has not only put illegal sites out of business, but has raised public awareness about this specific form of crime on the Internet," wrote the Motion Picture Association of America (MPAA) and other organizations. "Most importantly, these enforcement efforts have resulted in most of these entities ceasing their illegal activity."

In fact, the MPAA may be wrong on all fronts. When it comes to the takedowns, for example, TorrentFreak notes that "most of the piracy-related sites simply continued under new domains, undeterred." Only one of the sports-streaming services went dark, while sites related to file-sharing simply set up shop using a new domain. One of them, the operator of Torrent-Finder, also is protesting the seizure in court, since he only linked to files, rather than hosting them.

Nevertheless, industry trade groups have been pushing for greater fines to serve as a stronger piracy disincentive. In March, Victoria Espinel, White House intellectual property enforcement coordinator for the U.S., recommended that Congress make illegal streaming a felony, hit organized criminals with stiffer fines for stealing copyrighted material, and also "increase the U.S. sentencing guideline range for repeat intellectual property offenders."

The Recording Industry Association of America (RIAA), a trade group, applauded her recommendations. "We commend the administration for these thoughtful and common-sense reforms that will significantly advance the public conversation about the most effective ways to promote creative innovation and protect the rights of the music community," RIAA chairman and CEO Mitch Bainwol said in a statement.

However, some business and legal experts suggest that today's heavy-handed legal approach to combating privacy is stifling innovation. Notably, James Allworth, a fellow at the Forum for Growth and Innovation at Harvard Business School, says that the strategy of "Big Content"--music and movie groups--risks "damaging America's position as a world leader in innovation." Furthermore, new laws won't stop current copyright infringers, but may be used "to stop legitimate uses that the content industries don't like," he says.

Guess the result: "If you're the next YouTube, would you want to locate here in the U.S. and risk having the government simply switch off your site at the behest of Big Content?" he asks. "Or might it not be easier to find a more benign environment to create your business in?" As a result, piracy might actually be costing music and movie groups less than what those groups are costing us as a society.

Furthermore, piracy may largely stem from these groups' inability to bring their business models and supply approaches in line with consumer demand. On that front, Michael Geist, who teaches Internet and e-commerce law at the University of Ottawa, recently detailed a pioneering, six-year study of piracy in six emerging economies--including Brazil and India—that ultimately concludes that "piracy is chiefly a product of a market failure, not a legal one."

In particular, the report finds no strong connection between organized crime and piracy, and also "rejects the conventional wisdom that tougher penalties provide a strong deterrent to piracy activities," Geist says, especially since overworked judges must often deal with much more serious matters, such as violent crime. In addition, it found that piracy typically results from there being no non-pirated distribution channel (in developing countries) or because businesses are setting product prices too high, based on actual consumer demand. In other words, big content companies have a business-model problem, not a legal one.

The industry may argue otherwise, but when the former head of Warner Music in Britain recommends dropping the price of an album to $1.60--both to eliminate piracy and increase revenues--it's time to stop the "more of the same" approach. Despite the macho image and self-promoting rhetoric that "getting tough" on pirates may give trade groups, prioritizing the legal approach is a waste of our time and money.


Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-0460
Published: 2014-04-16
The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map.

CVE-2011-0993
Published: 2014-04-16
SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows local users to obtain sensitive information via unspecified vectors.

CVE-2011-3180
Published: 2014-04-16
kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown.

CVE-2011-4089
Published: 2014-04-16
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.

CVE-2011-4192
Published: 2014-04-16
kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile."

Best of the Web