03:05 PM
Connect Directly
Repost This

Schwartz On Security: Piracy Equals Market Failure

Legal actions to prevent or punish movie, music, and software piracy may be harmful to innovation as well as ineffective.

What's the best way to combat music, movie, and software piracy?

The Android camp offers one approach. Facing piracy of Android software--obviously, a turnoff for third-party developers who need to make a living--Google recently added in-app billing to provide developers with another revenue stream. Now, customers can demo an application before buying it, or purchase upgrades from within the existing application.

Another option comes from the high-technology sector, and involves finding businesses that are pirating your products and suggesting they pay up, so as to avoid fines. This is a strategy practiced by the Business Software Alliance, which counts Adobe, Apple, and Microsoft as members.

Legal channels are another approach. In November, for example, the Feds launched operation In Our Sites, which seized 82 domains, most relating to sales of counterfeit physical goods, though four were file-sharing or related domains. That was followed by an operation in February that took down 10 domains being used by six different services to stream sports events.

Let's review: Giving people an easy way to pay for what they're consuming--or listening to, per Apple iTunes--generates revenue. So does finding people already using your software products and suggesting they pay for it. But do legal measures increase revenues or even decrease piracy?

Industry groups suggest that they do, and praised the Fed-driven takedowns in a letter to the White House, reports The Hill. "Operation In Our Sites has not only put illegal sites out of business, but has raised public awareness about this specific form of crime on the Internet," wrote the Motion Picture Association of America (MPAA) and other organizations. "Most importantly, these enforcement efforts have resulted in most of these entities ceasing their illegal activity."

In fact, the MPAA may be wrong on all fronts. When it comes to the takedowns, for example, TorrentFreak notes that "most of the piracy-related sites simply continued under new domains, undeterred." Only one of the sports-streaming services went dark, while sites related to file-sharing simply set up shop using a new domain. One of them, the operator of Torrent-Finder, also is protesting the seizure in court, since he only linked to files, rather than hosting them.

Nevertheless, industry trade groups have been pushing for greater fines to serve as a stronger piracy disincentive. In March, Victoria Espinel, White House intellectual property enforcement coordinator for the U.S., recommended that Congress make illegal streaming a felony, hit organized criminals with stiffer fines for stealing copyrighted material, and also "increase the U.S. sentencing guideline range for repeat intellectual property offenders."

The Recording Industry Association of America (RIAA), a trade group, applauded her recommendations. "We commend the administration for these thoughtful and common-sense reforms that will significantly advance the public conversation about the most effective ways to promote creative innovation and protect the rights of the music community," RIAA chairman and CEO Mitch Bainwol said in a statement.

However, some business and legal experts suggest that today's heavy-handed legal approach to combating privacy is stifling innovation. Notably, James Allworth, a fellow at the Forum for Growth and Innovation at Harvard Business School, says that the strategy of "Big Content"--music and movie groups--risks "damaging America's position as a world leader in innovation." Furthermore, new laws won't stop current copyright infringers, but may be used "to stop legitimate uses that the content industries don't like," he says.

Guess the result: "If you're the next YouTube, would you want to locate here in the U.S. and risk having the government simply switch off your site at the behest of Big Content?" he asks. "Or might it not be easier to find a more benign environment to create your business in?" As a result, piracy might actually be costing music and movie groups less than what those groups are costing us as a society.

Furthermore, piracy may largely stem from these groups' inability to bring their business models and supply approaches in line with consumer demand. On that front, Michael Geist, who teaches Internet and e-commerce law at the University of Ottawa, recently detailed a pioneering, six-year study of piracy in six emerging economies--including Brazil and India—that ultimately concludes that "piracy is chiefly a product of a market failure, not a legal one."

In particular, the report finds no strong connection between organized crime and piracy, and also "rejects the conventional wisdom that tougher penalties provide a strong deterrent to piracy activities," Geist says, especially since overworked judges must often deal with much more serious matters, such as violent crime. In addition, it found that piracy typically results from there being no non-pirated distribution channel (in developing countries) or because businesses are setting product prices too high, based on actual consumer demand. In other words, big content companies have a business-model problem, not a legal one.

The industry may argue otherwise, but when the former head of Warner Music in Britain recommends dropping the price of an album to $1.60--both to eliminate piracy and increase revenues--it's time to stop the "more of the same" approach. Despite the macho image and self-promoting rhetoric that "getting tough" on pirates may give trade groups, prioritizing the legal approach is a waste of our time and money.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Current Issue
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web