Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

Half Of Computer Users Admit To Pirating Software

Software pirates typically are young and male and live in emerging economies, where obtaining legal copies of software isn't always easy, finds Business Software Alliance study.

More than half of computer users around the world say they've pirated software, typically by installing more copies of an application than their license permits, or by downloading the software via BitTorrent or other file-sharing networks.

That finding comes by way of a new study commissioned by the Business Software Alliance (BSA) and conducted by Ipsos Public Affairs, which surveyed 15,000 computer users in 33 countries about their software-buying--or alternative forms of procurement--practices. Overall, the commercial value of pirated software was $59 billion in 2010, but rose to $63 billion in 2011, which the BSA says was driven by the majority of PC shipments now going to emerging countries, including China, Russia, India, and Brazil. Notably, those countries have the world's fastest-growing technology markets, but also some of the highest levels of software piracy.

Although 57% of respondents said they've pirated software, according to the study, "frequent software pirates are disproportionately young and male, and they are more than twice as likely to live in an emerging economy as they are to live in a mature one." On average, these emerging-economy pirates also install nearly four times as many applications as "frequent pirates" in more mature economies.

[ Do Android developers make less money from paid apps than iOS developers because of piracy? See Android Survey Highlights Piracy Problem. ]

The United States, the world's largest software market, racked up 2011 software sales of about $42 billion, and had the world's lowest rate of piracy--just 19%. At the other end of the spectrum, China generated software sales of about $3 billion in 2011, but had an illegal software market worth $9 billion, making for a 77% piracy rate.

The amount of money spent on new PCs also highlights just how little some countries collectively spend on software. For example, the average PC in China, sans monitor, costs $542. But last year, according to market researcher IDC, China saw just $8.89 of legal software sales per PC, compared with $33.79 in India, and $120.22 in the United States.

Unclear provenance might help account for the higher levels of software piracy in emerging economies. "For example, a comparatively low two-thirds of computer users in emerging economies trust that the software available for sale in retail stores is likely to be legal. That skepticism is not unreasonable. Indeed, in many emerging markets, users would often be right to assume that stores are stocked with illegal copies of name-brand software," said the study.

The survey also found a marked discrepancy between how people view intellectual property rights, and their software-buying habits. "There's a mile-wide gap between what people say they believe in principle, versus what they do in practice," said Robert W. Holleyman II, president and CEO of the BSA, in a phone interview. For example, across all markets, 70% of respondents "agreed with the concept that they should be paying innovators for new software that comes to market--so it's essentially asking people, do you believe in intellectual property rights, without using that term, which they might not know," he said.

"At the same time, 57% of those users admit that they're acquiring and using unlicensed software," he said. But potential penalties seem remote, as only 15% of "frequent pirates" in emerging markets--and 20% in mature markets--"think the risk of getting caught is a reason for not doing it," he said.

"Now, if 57% of consumers said that they shoplift, you'd really see a dramatic increase in the public response--education, law enforcement, people who are shopping legitimately getting up in arms abut this," he said. But the same isn't true of software piracy, much of which occurs in business settings. "The biggest cause--and candidly, the most correctable cause--is when otherwise legitimate enterprises have some valid licenses, but exceed the allowed license numbers."

As with shoplifting statistics, the BSA study didn't examine whether people would have paid for the software they installed without a valid license. Instead, it just looked at the value of software that was being used, but which hadn't been paid for. The BSA study also didn't just assess the piracy rates of software from U.S. producers, but from around the world, including India and China.

Some researchers have painted the piracy problems in countries such as China, India, and Brazil as a market failure, rather than a legal one, but Holleyman criticized that analysis. "I can assure you, having spent time in both markets, it's not under any stretch of the imagination a distribution problem. The problem especially in China is that there's no disincentive, there's effectively no sheriff in town establishing that there's a risk for organizations that use the software of being caught and punished," he said.

What's the best way to crack down on software piracy? The BSA continues to pitch the issue as a business problem, as well as warning about the information security hazards of using any software of unknown provenance--for example, obtained via peer-to-peer networks.

More recently, the industry association also has started highlighting the unfair competitive advantage afforded to countries with businesses that don't pay as much for their software. "President Obama has made it a big issue for the U.S. and China, and it's not just because it affects the software industry, but because it affects every business; software is a tool for production," said Holleyman.

Put an end to insider theft and accidental data disclosure with network and host controls--and don't forget to keep employees on their toes. Also in the new, all-digital Stop Data Leaks issue of Dark Reading: Why security must be everyone's concern, and lessons learned from the Global Payments breach. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
vikramadhiman
50%
50%
vikramadhiman,
User Rank: Apprentice
5/16/2012 | 7:00:52 AM
re: Half Of Computer Users Admit To Pirating Software
Is piracy the bigger concern? Or is it computer security? Courses like this one on computer security would make you believe it is the latter. Yes, piracy is a profitability and business sustainability concern - but a over and above the thought of a third world war happening in the electronic space - not so sure.
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Look Beyond the 'Big 5' in Cyberattacks
Robert Lemos, Contributing Writer,  11/25/2020
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: We are really excited about our new two tone authentication system!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4126
PUBLISHED: 2020-12-01
HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the cookie by intercepting its transmission within an http session. Fixes are available in HCL Domino and iNotes versions 10.0.1 FP6 and 11.0.1 FP2 and later.
CVE-2020-4129
PUBLISHED: 2020-12-01
HCL Domino is susceptible to a lockout policy bypass vulnerability in the LDAP service. An unauthenticated attacker could use this vulnerability to mount a brute force attack against the LDAP service. Fixes are available in HCL Domino versions 9.0.1 FP10 IF6, 10.0.1 FP6 and 11.0.1 FP1 and later.
CVE-2020-9115
PUBLISHED: 2020-12-01
ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, ,6.5.1.1.B050, 8.0.0 and 8.0.1 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the plug-in component. Due to insufficient input validation of ...
CVE-2020-9116
PUBLISHED: 2020-12-01
Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticated, remote attacker can craft specific request to exploit this vulnerability. Due to insufficient verification, this could be exploited to cause the attackers to obtain higher privilege.
CVE-2020-14193
PUBLISHED: 2020-11-30
Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & <jira-installation>/jira/bin directories via a template injection vulnerability in Jira smart values using mustache partials. The ...