Vulnerabilities / Threats
5/14/2012
05:59 PM
Connect Directly
RSS
E-Mail
50%
50%

Half Of Computer Users Admit To Pirating Software

Software pirates typically are young and male and live in emerging economies, where obtaining legal copies of software isn't always easy, finds Business Software Alliance study.

More than half of computer users around the world say they've pirated software, typically by installing more copies of an application than their license permits, or by downloading the software via BitTorrent or other file-sharing networks.

That finding comes by way of a new study commissioned by the Business Software Alliance (BSA) and conducted by Ipsos Public Affairs, which surveyed 15,000 computer users in 33 countries about their software-buying--or alternative forms of procurement--practices. Overall, the commercial value of pirated software was $59 billion in 2010, but rose to $63 billion in 2011, which the BSA says was driven by the majority of PC shipments now going to emerging countries, including China, Russia, India, and Brazil. Notably, those countries have the world's fastest-growing technology markets, but also some of the highest levels of software piracy.

Although 57% of respondents said they've pirated software, according to the study, "frequent software pirates are disproportionately young and male, and they are more than twice as likely to live in an emerging economy as they are to live in a mature one." On average, these emerging-economy pirates also install nearly four times as many applications as "frequent pirates" in more mature economies.

[ Do Android developers make less money from paid apps than iOS developers because of piracy? See Android Survey Highlights Piracy Problem. ]

The United States, the world's largest software market, racked up 2011 software sales of about $42 billion, and had the world's lowest rate of piracy--just 19%. At the other end of the spectrum, China generated software sales of about $3 billion in 2011, but had an illegal software market worth $9 billion, making for a 77% piracy rate.

The amount of money spent on new PCs also highlights just how little some countries collectively spend on software. For example, the average PC in China, sans monitor, costs $542. But last year, according to market researcher IDC, China saw just $8.89 of legal software sales per PC, compared with $33.79 in India, and $120.22 in the United States.

Unclear provenance might help account for the higher levels of software piracy in emerging economies. "For example, a comparatively low two-thirds of computer users in emerging economies trust that the software available for sale in retail stores is likely to be legal. That skepticism is not unreasonable. Indeed, in many emerging markets, users would often be right to assume that stores are stocked with illegal copies of name-brand software," said the study.

The survey also found a marked discrepancy between how people view intellectual property rights, and their software-buying habits. "There's a mile-wide gap between what people say they believe in principle, versus what they do in practice," said Robert W. Holleyman II, president and CEO of the BSA, in a phone interview. For example, across all markets, 70% of respondents "agreed with the concept that they should be paying innovators for new software that comes to market--so it's essentially asking people, do you believe in intellectual property rights, without using that term, which they might not know," he said.

"At the same time, 57% of those users admit that they're acquiring and using unlicensed software," he said. But potential penalties seem remote, as only 15% of "frequent pirates" in emerging markets--and 20% in mature markets--"think the risk of getting caught is a reason for not doing it," he said.

"Now, if 57% of consumers said that they shoplift, you'd really see a dramatic increase in the public response--education, law enforcement, people who are shopping legitimately getting up in arms abut this," he said. But the same isn't true of software piracy, much of which occurs in business settings. "The biggest cause--and candidly, the most correctable cause--is when otherwise legitimate enterprises have some valid licenses, but exceed the allowed license numbers."

As with shoplifting statistics, the BSA study didn't examine whether people would have paid for the software they installed without a valid license. Instead, it just looked at the value of software that was being used, but which hadn't been paid for. The BSA study also didn't just assess the piracy rates of software from U.S. producers, but from around the world, including India and China.

Some researchers have painted the piracy problems in countries such as China, India, and Brazil as a market failure, rather than a legal one, but Holleyman criticized that analysis. "I can assure you, having spent time in both markets, it's not under any stretch of the imagination a distribution problem. The problem especially in China is that there's no disincentive, there's effectively no sheriff in town establishing that there's a risk for organizations that use the software of being caught and punished," he said.

What's the best way to crack down on software piracy? The BSA continues to pitch the issue as a business problem, as well as warning about the information security hazards of using any software of unknown provenance--for example, obtained via peer-to-peer networks.

More recently, the industry association also has started highlighting the unfair competitive advantage afforded to countries with businesses that don't pay as much for their software. "President Obama has made it a big issue for the U.S. and China, and it's not just because it affects the software industry, but because it affects every business; software is a tool for production," said Holleyman.

Put an end to insider theft and accidental data disclosure with network and host controls--and don't forget to keep employees on their toes. Also in the new, all-digital Stop Data Leaks issue of Dark Reading: Why security must be everyone's concern, and lessons learned from the Global Payments breach. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
vikramadhiman
50%
50%
vikramadhiman,
User Rank: Apprentice
5/16/2012 | 7:00:52 AM
re: Half Of Computer Users Admit To Pirating Software
Is piracy the bigger concern? Or is it computer security? Courses like this one on computer security would make you believe it is the latter. Yes, piracy is a profitability and business sustainability concern - but a over and above the thought of a third world war happening in the electronic space - not so sure.
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0640
Published: 2014-08-20
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to bypass intended restrictions on resource access via unspecified vectors.

CVE-2014-0641
Published: 2014-08-20
Cross-site request forgery (CSRF) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to hijack the authentication of arbitrary users.

CVE-2014-2505
Published: 2014-08-20
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors.

CVE-2014-2511
Published: 2014-08-20
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter.

CVE-2014-2515
Published: 2014-08-20
EMC Documentum D2 3.1 before P24, 3.1SP1 before P02, 4.0 before P11, 4.1 before P16, and 4.2 before P05 does not properly restrict tickets provided by D2GetAdminTicketMethod and D2RefreshCacheMethod, which allows remote authenticated users to gain privileges via a request for a superuser ticket.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Three interviews on critical embedded systems and security, recorded at Black Hat 2014 in Las Vegas.