Anti-Piracy During the Pandemic: Five Tips for Protecting Software

May 20, 2020 Ted Miracco, CEO, SmartFlow Compliance Solutions

COVID-19 underscores the need for software companies to take an aggressive, integrated, and comprehensive approach to license compliance and piracy challenges as work-from-home users and employees get targeted by fraud and other scams.

Yes, even during a pandemic software piracy, illegal use, copying, or distributing software without ownership or legal rights, rages on. Globally, an estimated 37% of installed software is not properly licensed. Malware from unlicensed software that infects systems and compromises data costs companies worldwide nearly $359 billion a year, according to the Business Software Alliance (BSA).

For U.S. software vendors, these five tips can help protect the company’s software from piracy and ensure license compliance before piracy becomes an even greater epidemic during the pandemic.

Maximize U.S. Contacts

All or at least part of a company’s software and manuals should be hosted in the U.S., even though companies like to host their software near where their customers are throughout the world. If there is part of a program that can be hosted in the U.S., it is much more likely that a copyright infringement claim in a U.S. court will apply. Pirates will frequently come directly to a company’s website and download trial copies to crack. The same goes for documentation and other technical support whitepapers or examples. If the website they are downloading from is hosted in the U.S., the company has a much better chance of winning a U.S. jurisdictional claim, even if the infringers are in a foreign country, like China. Home-court advantage means a lot, especially in negotiations that can potentially help avoid litigation entirely.

Beef Up Software License Agreements

Use a click-through agreement with an up-front display of the terms of use, mandatory for all avenues of software access, including trial versions and educational software. Companies should make sure the user agrees to the terms and conditions in the click-through agreement before the software can be run. An ink-signed agreement is preferable, if possible, and make sure that it applies only to legitimate copies of the software used only with valid licenses. Even though online agreements are enforceable, outside the U.S. an ink-signed agreement is viewed as much more legitimate.

Include in terms of use clauses for forum selection and choice of law, as well as a liquidated damages clause that specifies a predetermined amount of money that must be paid as damages for breach of contract. Include a licensee’s recognition that the company’s work is protected by U.S. copyright law and make sure the agreement is for a license, not a sale.

Incorporate Telemetry Gathering Technology

Embed both tamper-detection and usage analytics technologies in the software, in addition to the license management system. The usage analytics data should be supplemented with website registration information, website account logins, trial version requests, download records of manuals and support documents, support requests, and training program attendance records.

Strong anti-piracy technology provides information that the software has been used illegally and offers a complete picture of the infringement, including details of exactly who used it, where, how many times, for how long, and more. This is factual information that can be used to confront infringers and negotiate a settlement or, if necessary, to prevail in a legal proceeding.

Make Sure Policing Efforts are Timely

Statutes of limitations may prevent a company from recovering revenue for unauthorized use if more than a few years in the past, particularly if it knew and did not act. Crying wolf may cost a company credibility and money.

Repeated “warning” letters and threats with no follow up generally don’t work.  Companies must “say what you mean and mean what you say.”

Prioritize Efforts

Not all unauthorized use is the same. Limited resources and competing interests make some forms of piracy more actionable than others. Prioritize organizations that are more reputable and may be more easily persuaded to become a paying customer or that have U.S. contacts.

Research whether the target’s management is respectable and possibly unaware of the piracy. Look for low risk/high reward. Is the pirate a frequent user with limited incentives to fight or fewer reasons to argue?

About the Author

Ted Miracco is co-founder and CEO of SmartFlow Compliance Solutions. His high-technology experience spans 30 years in defense electronics, RF/microwave circuit design, semiconductors, electronic design automation (EDA), and cybersecurity. Prior to SmartFlow, Miracco co-founded EDA company AWR Corporation, acquired by National Instruments in 2011 and purchased by Cadence Design Systems in 2020. In addition, he has worked with several Fortune 500 software companies, including Cadence and startup company EEsof Inc., acquired by Hewlett Packard in 1994 and now Keysight EEsof EDA. Miracco holds a Bachelor of Science degree in Electrical Engineering from Carnegie Mellon University.

Previous Article
Protecting Remote Workers with PKI
Protecting Remote Workers with PKI

Organizations with a large percentage of employees working from home have faced challenges in scaling to su...

Next Article
MCUs are Changing the Face Recognition Game
MCUs are Changing the Face Recognition Game

Contrary to what you might expect, bringing facial recognition capabilities to computers doesn’t require hi...