Vulnerabilities / Threats
5/14/2012
05:59 PM
Connect Directly
RSS
E-Mail
50%
50%

Half Of Computer Users Admit To Pirating Software

Software pirates typically are young and male and live in emerging economies, where obtaining legal copies of software isn't always easy, finds Business Software Alliance study.

More than half of computer users around the world say they've pirated software, typically by installing more copies of an application than their license permits, or by downloading the software via BitTorrent or other file-sharing networks.

That finding comes by way of a new study commissioned by the Business Software Alliance (BSA) and conducted by Ipsos Public Affairs, which surveyed 15,000 computer users in 33 countries about their software-buying--or alternative forms of procurement--practices. Overall, the commercial value of pirated software was $59 billion in 2010, but rose to $63 billion in 2011, which the BSA says was driven by the majority of PC shipments now going to emerging countries, including China, Russia, India, and Brazil. Notably, those countries have the world's fastest-growing technology markets, but also some of the highest levels of software piracy.

Although 57% of respondents said they've pirated software, according to the study, "frequent software pirates are disproportionately young and male, and they are more than twice as likely to live in an emerging economy as they are to live in a mature one." On average, these emerging-economy pirates also install nearly four times as many applications as "frequent pirates" in more mature economies.

[ Do Android developers make less money from paid apps than iOS developers because of piracy? See Android Survey Highlights Piracy Problem. ]

The United States, the world's largest software market, racked up 2011 software sales of about $42 billion, and had the world's lowest rate of piracy--just 19%. At the other end of the spectrum, China generated software sales of about $3 billion in 2011, but had an illegal software market worth $9 billion, making for a 77% piracy rate.

The amount of money spent on new PCs also highlights just how little some countries collectively spend on software. For example, the average PC in China, sans monitor, costs $542. But last year, according to market researcher IDC, China saw just $8.89 of legal software sales per PC, compared with $33.79 in India, and $120.22 in the United States.

Unclear provenance might help account for the higher levels of software piracy in emerging economies. "For example, a comparatively low two-thirds of computer users in emerging economies trust that the software available for sale in retail stores is likely to be legal. That skepticism is not unreasonable. Indeed, in many emerging markets, users would often be right to assume that stores are stocked with illegal copies of name-brand software," said the study.

The survey also found a marked discrepancy between how people view intellectual property rights, and their software-buying habits. "There's a mile-wide gap between what people say they believe in principle, versus what they do in practice," said Robert W. Holleyman II, president and CEO of the BSA, in a phone interview. For example, across all markets, 70% of respondents "agreed with the concept that they should be paying innovators for new software that comes to market--so it's essentially asking people, do you believe in intellectual property rights, without using that term, which they might not know," he said.

"At the same time, 57% of those users admit that they're acquiring and using unlicensed software," he said. But potential penalties seem remote, as only 15% of "frequent pirates" in emerging markets--and 20% in mature markets--"think the risk of getting caught is a reason for not doing it," he said.

"Now, if 57% of consumers said that they shoplift, you'd really see a dramatic increase in the public response--education, law enforcement, people who are shopping legitimately getting up in arms abut this," he said. But the same isn't true of software piracy, much of which occurs in business settings. "The biggest cause--and candidly, the most correctable cause--is when otherwise legitimate enterprises have some valid licenses, but exceed the allowed license numbers."

As with shoplifting statistics, the BSA study didn't examine whether people would have paid for the software they installed without a valid license. Instead, it just looked at the value of software that was being used, but which hadn't been paid for. The BSA study also didn't just assess the piracy rates of software from U.S. producers, but from around the world, including India and China.

Some researchers have painted the piracy problems in countries such as China, India, and Brazil as a market failure, rather than a legal one, but Holleyman criticized that analysis. "I can assure you, having spent time in both markets, it's not under any stretch of the imagination a distribution problem. The problem especially in China is that there's no disincentive, there's effectively no sheriff in town establishing that there's a risk for organizations that use the software of being caught and punished," he said.

What's the best way to crack down on software piracy? The BSA continues to pitch the issue as a business problem, as well as warning about the information security hazards of using any software of unknown provenance--for example, obtained via peer-to-peer networks.

More recently, the industry association also has started highlighting the unfair competitive advantage afforded to countries with businesses that don't pay as much for their software. "President Obama has made it a big issue for the U.S. and China, and it's not just because it affects the software industry, but because it affects every business; software is a tool for production," said Holleyman.

Put an end to insider theft and accidental data disclosure with network and host controls--and don't forget to keep employees on their toes. Also in the new, all-digital Stop Data Leaks issue of Dark Reading: Why security must be everyone's concern, and lessons learned from the Global Payments breach. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
vikramadhiman
50%
50%
vikramadhiman,
User Rank: Apprentice
5/16/2012 | 7:00:52 AM
re: Half Of Computer Users Admit To Pirating Software
Is piracy the bigger concern? Or is it computer security? Courses like this one on computer security would make you believe it is the latter. Yes, piracy is a profitability and business sustainability concern - but a over and above the thought of a third world war happening in the electronic space - not so sure.
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-4734
Published: 2014-07-21
Cross-site scripting (XSS) vulnerability in e107_admin/db.php in e107 2.0 alpha2 and earlier allows remote attackers to inject arbitrary web script or HTML via the type parameter.

CVE-2014-4960
Published: 2014-07-21
Multiple SQL injection vulnerabilities in models\gallery.php in Youtube Gallery (com_youtubegallery) component 4.x through 4.1.7, and possibly 3.x, for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) listid or (2) themeid parameter to index.php.

CVE-2014-5016
Published: 2014-07-21
Multiple cross-site scripting (XSS) vulnerabilities in LimeSurvey 2.05+ Build 140618 allow remote attackers to inject arbitrary web script or HTML via (1) the pid attribute to the getAttribute_json function to application/controllers/admin/participantsaction.php in CPDB, (2) the sa parameter to appl...

CVE-2014-5017
Published: 2014-07-21
SQL injection vulnerability in CPDB in application/controllers/admin/participantsaction.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to execute arbitrary SQL commands via the sidx parameter in a JSON request to admin/participants/sa/getParticipants_json, related to a search parameter...

CVE-2014-5018
Published: 2014-07-21
Incomplete blacklist vulnerability in the autoEscape function in common_helper.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to conduct cross-site scripting (XSS) attacks via the GBK charset in the loadname parameter to index.php, related to the survey resume.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Where do information security startups come from? More important, how can I tell a good one from a flash in the pan? Learn how to separate ITSec wheat from chaff in this episode.