CSC 379: Ethics in Computing  
  Summer II 2006  
 
 
 
  CSC 379  
 
HOME
  
 
Announcements
  
 
Homework & Grading
 
 
TEXTBOOK
  
  COURSE OVERVIEW  
  This course is is a survey of the ethical issues involved in computing. It discusses the way that computers and software pose new ethical questions or pose new versions of standard moral problems and dilemmas. It stresses case studies that relate to ethical theory.  
     
  INSTRUCTOR  
  Edward F. Gehringer
Office: 2301 Partners I
(919) 515-2066
Office hours:
MW 2:45-3:45
efg@ncsu.edu 		 
     
  TEACHING ASSISTANT  
  Ahmed Bakir
abakir@ncsu.edu
919-641-6642		  
 
  Lecture 5: Software Piracy
 
   
Lecture 5: Software Piracy
  
   

The problem. The earliest text on ethics in computing, Deborah Johnson's Computer Ethics, describes the case of a fictional company known as Bingo Software. It employs 15-20 people, invests $2 million, and spends three years developing an operating system for networked microcomputers. Bingo successfully markets its system for one year.

After the first year, a rival company, Pirate Pete's Software, begins to sell a system very similar to Bingo's, but with additional features. It seems they have examined Bingo's system and copied it, with improvements. Bingo's sales decrease. Meanwhile, it seems that copying of Bingo's system is becoming rampant. Small businesses appear to be buying one copy, then making multiple copies for internal use. They may be giving away copies to other businesses as well. Bingo is unable to recover the full costs of development, andoes into bankruptcy. It is a victim of software piracy.

The extent. Software piracy is a problem all over the world. The Business Software Alliance (BSA) estimates that more than $33 billion was lost to software piracy in 2004. About 35% of software installed by businesses worldwide was pirated, they estimate. While the percentage is not as high as the 49% reported in 1994, due to increasing amounts of software being shipped, the dollar losses have increased.

In dollar volume, the US leads, with $6.6 billion in losses, despite having the lowest software-piracy rate (21%). The second greatest loss, $3.5 billion, occurred in China, where the piracy rate is 90%. The countries with the highest piracy rates were Vietnam (92%), Ukraine (91%), China (90%), Zimbabwe (90%) and Indonesia (87 %). On the other end of the scale were the United States (21%), New Zealand (23%), Austria (25%), Sweden (26%), and the United Kingdom (27%). In general, software piracy is less prevalent in developed countries. An exception is the United Arab Emirates, which has only a 34% piracy rate, making it the only emerging economy among the lowest 20 piracy rates.

In percentage terms, however, other countries far outrank North America. In Germany, a survey a several years ago disclosed that there were fewer programs purchased than computers. That's no longer the case in Germany; in 2004, only 29% of software packages were pirated there. But it's still the case in many regions of the world. Latin America, Eastern Europe, the Middle East, Africa, and the Asia/Pacific region account for over one-third of PC shipments today, but only a tenth of spending on PC software. The least law-abiding region was Latin America, where 66% of software was pirated. Most Asian countries have higher rates, but the overall Asia/Pacific rate is brought down by Japan and Australia, which use a lot of software but have relatively low piracy rates. Cultural factors certainly play a role: In China over the centuries, copying has been regarded as honorable. It is regarded as a compliment if a student can flawlessly reproduce a teacher's work. This philosophy has been reinforced by 40 years of Communism, which outlawed private property and decreed that all goods should be held "in common" by "the people."

Amidst growing piracy, there are a few signs that a corner may have been turned. In 1991, under international pressure, China finally passed a copyright law. In other countries, passage of tougher laws has been followed byeclines in the rate of piracy. After the passage of a tough new law in 1993, Spain's rate dropped from 88% to an estimated 73%. It is now down to 51%. Finland's rate fell from 67% to 43% after jail sentences were imposed for illegal copying, and is now down to 29%.

However, software piracy continues to pervade all parts of society, even the government. The Army conducted three audits from 1988 through 1990. Based on a statistical sample, the audit agency found that 41 percent of the Army-owned personal computers hadn't documented software valued at $21 million. In 1996, the Software Publishers Association (now the SIIA) received a report that unauthorized computer software was in use at the Department of Labor's Mine Safety and Health Administration in Lakewood, Colo. and Arlington, Va. The report indicated that 40 percent of the software in use on both servers and standalone machines was unauthorized.

Recently, sellers of pirated software have turned to online auctions, with an estimated 90% of auctioned software being illegal copies.

The Inslaw case. The most celebrated example of software piracy by government is the case of the Inslaw company, which sued the Department of Justice for software piracy. In 1982, Inslaw landed a $10-million contract with the Justice Department to install its PROMIS case-tracking software in the 20 largest federal prosecutors' offices nationwide, plus another version in 70 smaller ffices. Then Inslaw allegedly spent $8 million enhancing PROMIS on the assumption that they could renegotiate the contract to recoup expenses. But after the Justice Department got the source code, they refused to renegotiate, withheld payments of $1.77M, terminated the contract, and allegedly pirated 20 more copies of PROMIS. By 1985, Inslaw was forced into bankruptcy. The owners kept fighting, & case ended up in U.S. Bankruptcy Court for the District of Columbia. In February 1988, Inslaw was awarded $6.8M damages, plus legal fees.

Under the doctrine of sovereign immunity, the government is ordinarily immune from suit. The only reason Inslaw was able to sue the Justice Department was because they were in the middle of bankruptcy proceedings. However, in 1991, another federal court set aside the verdict, ruling that the Bankruptcy Court did not have jurisdiction. The same year, Danny Casolaro, an investigative journalist researching for a possible book on the case was found dead in a West Virginia motel. Casolaro's murder has not been solved. Congressmen Jack Brooks of Texas and Charlie Rose (D-NC) tried to enact a bill that would force an investigation of the Justice Department and the death of Danny Casolaro, and pay reparations to the owners of Inslaw. However, the House never approved the bill. In 1995 the Senate finally passed a similar measure, but it was not acted upon by the House. Finally, in 1997, a federal court ruled that Inslaw's claims have no merit, and the Justice Department closed the case.

The methods. Pirated software flows through many kinds of channels. Counterfeit packaging is one of them. In 1991, Microsoft unveiled MS-DOS 5. The package contained two holograms that Microsoft said were "virtually impossible" to reproduce. They claimed it "... raise[d] the counterfeiting barrier to a level previously unattempted in the software industry." Within 2 weeks, a Taiwanese counterfeiter commissioned a holographer in China to copy and produce the holograms. In October 1991, a salesman calling on a software store in Taipei saw a package that "didn't look quite right." One of Microsoft's antipiracy specialists said, "We were in shock. No one could believe it happened." An NYT article in 1992 said that the Chinese government hadn't decided whether to turn over the molds that produce nearly exact fakes.

Bulletin boards are another avenue. In June 1992, the FBI raided BBS known as Davey Jones's Locker. It contained 200 commercial programs that could be downloaded. The operator charged $99/year for access. An arrest was made, and in March 1995, Richard D. Kenadek, the operator of the BBS, was sentenced to six months home confinement and 24 months probation.

The Internet has greatly simplified the task of disseminating pirated software to mass markets. From November to December 1993, an MIT student named David LaMacchia operated the "Cynosure" bulletin board on MIT's Athena network. LaMacchia was indicted in April '94. It was questionable whether he could be prosecuted, since he didn't do the copying. Furthermore, most of the advertisements and downloading of the software went through an anonymous remailer in Finland. The government eventually decided to prosecute LaMacchia under the wire-fraud statute. What he did was not a copyright violation--he didn't do the copying. It was not theft--legitimate users weren't deprived of anything. A federal judge threw out the case on Dec. 29, 1994, ruling that it was not wire fraud--who was defrauded? Some groups claimed that the prosecution violated LaMacchia's civil liberties. Others claimed that it demonstrated a need for new laws to criminalize actions that help others to pirate software. Certainly, it would have been possible for software companies to sue LaMacchia, but since he was just a poor college student, it would not have been worth the expense. Since then, the No Electronic Theft Act has outlawed the kind of actions that LaMacchia performed.

Protection against copying. About fifteen years ago, it was common for software to come on diskettes that were copy-protected. When copy-protection first came out, the user could run programs only from the floppy. This was inconvenient, especially when more than one or two programs were being run simultaneously. So the next generation of copy-protection only required the user to insert the diskette for validation when launching the program. But it was not long before copy-protection was abandoned. The inconvenience hurt sales. And software was developed for breaking copy-protection. In 1985, MicroPro International abandoned copy-protection, and so did Microsoft for Word. In 1986, Software Publishing Corp. followed suit. Ashton-Tate said that stronger anti-piracy legislation around the world strengthened their hand.

Another anti-piracy defense that has just about died out is "dongles." These are programmed chips or electronic locks that are physically attached to a computer. In theory, the software can be run only when the chip is inserted into the correct port. This too is inconvenient, and may tie up a port that is needed to connect another device. Of course, the software can be modified to bypass a dongle just as easily as it can bypass a copy-protected diskette.

Currently, much software requires the user to type in a registration number when the software is first installed. This is not quite as much of an obstacle to piracy, but it does decrease it by forcing the pirates to be more organized, to make sure the correct registration number is distributed with each copy of pirated software.

In today's world, practically all intellectual property--popular songs, TV programs, movies--is stored digitally as a form of "software". Content owners are becoming increasingly concerned that this software will be "shared" with unauthorized users. They cite falling sales of music CDs as an example. Though the factors behind the decline are many, and it can't be blamed solely on piracy, content owners are demanding that computer manufacturers take steps to prevent it. Toward this end, former Sen. Fritz Hollings introduced a bill to require that all computers include mechanisms to prevent unauthorized copying of content. It was opposed by organizations such as the Association for Computing Machinery. Introduction of the bill prompted a joint statement of principles by Intel and AOL Time Warner highlighting their commitments to protection of intellectual property. Critics of the proposed legislation worry that such technological solutions might require the habits of online users to be electronically tracked, as ordered in a recent California court decision, or might inadvertently exclude legitimate kinds of copying, such as screenreaders for the blind. Opponents formed the Alliance for Digital Progress to fight attempts by government to impose technological solutions to digital piracy. Recently there have been efforts by the entertainment and high-tech industries to reach a truce on how to deal with digital piracy.

UCITA. Given the persistence of piracy, there is a feeling in the software industry that software is treated too much like a tangible product, and not enough like the intangible intellectual property that it is. Unless there is specific legislation to outline the rights of producers and consumers in software transactions, they say, both parties will be at the mercy of inconsistent court decisions in a myriad of jurisdictions. In some cases, it is not even clear whose law applies, as when a customer purchases software while connected to the Internet in an airplane.

These concerns led to the drafting of the Uniform Computer Information Transactions Act (UCITA). Meant to be part of the Uniform Commercial Code, it would have served as a standard means of regulating software transactions in all 50 states. But the perception grew that it unfairly favored software producers, and the American Law Institute withdrew its sponsorship, which killed any chance of its becoming part of the Uniform Commercial Code. Although there are many objections to UCITA, some of the greatest concern is directed at its provisions to prevent software piracy. It allows software producers to remotely disable software if license fees are not paid, or if users violate the license terms in any other way. Because no regulatory agency or court would need to approve the disabling, critics have charged that it would allow software producers to "blackmail" users for more fees.

In early 2000, UCITA seemed to be on a "fast track" for approval, as states sought to attract software publishers to locate in their jurisdictions. But consumer opposition derailed the law, and it has taken effect only in Maryland and Virginia, with little prospect of passage in other states.

Combating piracy. The SIIA asks ompanies to adopt the following policy:

  • Appoint a software manager responsible for keeping records on purchases and software use.
  • Develop a software code of ethics, and make sure employees read it.
  • Keep a software log, including records of when a program is purchased, who is to use it, and on which machine it is to reside.
  • Perform regular audits. A program called SPAudit automatically lists all the applications on a hard disk. The list can be compared to purchasing records.

If not dealt with, the problem of software piracy will spread toll kinds of intellectual property. It is becoming easy to scan inocuments and digitize audio and video. Pirated music CDs are a problem in the Far East. Beverly Sills visited China and Japan and saw hundreds of her CDs in covers she had never seen before.

A new software-piracy law was passed by Congress in October 1992. Illegally copying software for private or commercial gain is now a felony. The penalties are 5 years in prison, or a fine of up to $250,000 for someone who has made more than 10 copies of software,arrying a retail value greater than $2500. To receive the maximum penalty, the retail value of pirated software would have to exceed80 million.

How are violators caught? A disgruntled employee may turn them in. A report from Datamation, May 1995 said that a "company with above-average honesty quotient and a zealous microcomputer support manager" spent months negotiating with the SPA. A terminated employee had called their 800 number. This kind of tattling is becoming increasingly common among downsized workers with a grudge against their former employers.

In summary, software piracy is a serious problem, both nationally and internationally. Laws can be passed, but they will be effective only when the community of computer users respects the property rights of software-writers, rights which are essential to the progress of our industry.