Date: 6 Feb 93 08:25:00 GMT From: Mitchell Kapor Subject: File 4--Mitch Kapor's Forbes Column on S.893 Software Felonies Copyright 1993 Mitchell Kapor If you copy this, please include the complete article including header information. (First Published in the February 15, 1993 issue of Forbes) (Mitch Ratcliffe, Editor-at-Large of Mac Week, provided research assistance for this article.) It doesn't take much to persuade Congress to jack up the penalties for white-collar crime, and last fall's amendments to the Copyright Act were no exception. With a little prodding from the Software Publishers Association, legislators made a felony of possession of ten unauthorized copies of a program, collectively valued at as little as $2,500. The new law is a powerful bargaining chip for an industry that has learned to enforce its property rights through intimidation. A little too powerful, I'll wager. Under the new law, just about any computer department manager could be charged as a felon. There's no doubt that software companies need help enforcing their property rights against brazen counterfeiting schemes, as a recent action brought by Microsoft shows. Its civil suit against Taiwanese defendants alleges that hundreds of thousands of counterfeit copies of the MS-DOS operating system were sold to unsuspecting customers. Armed with seizure orders, attorneys for Microsoft staged elaborate raids on secret warehouses in southern California, carting off truckloads of contraband. Use of the new criminal provisions of the copyright law makes sense in an extreme situation such as this. But should it be a felony to make ten unauthorized copies of a program? In public speeches on this topic, I routinely ask members of the audience how many of them will stand up to declare they have no unauthorized copies on their hard disks. Only a tiny minority will do so. This suggests to me that, under the new law, any manager with a handful or more of employees could be prosecuted and sent to jail. Software producers, of course, have to protect themselves against more than the counterfeiters. The software association estimates that its members lose between $1 billion and $2 billion a year in revenue from customers who buy fewer copies of business software than they should. At Lotus, we tried to solve this problem by adopting technical measures to restrict the copying of files. As I learned to my chagrin, this approach had the unacceptable consequence of also restricting legitimate uses by paying customers. Nowadays very few software producers use copy protection devices. They're too likely to be broken by serious hackers and too likely to alienate innocent users. As a simple technical matter, there is no barrier today to anyone walking off with a $500 product in a shirt pocket, or to a corporate software customer that wants to use more copies than it is willing to pay for. But the solution to this problem is not a rigid prohibition on copying. Even in the overwhelming majority of honest companies, including many with stringent internal policies, employees routinely make copies of their applications for use on portable and home computers, temporary copies for a co- workers, multiple back-up copies, and the like. Unauthorized copies proliferate. Careful lines must be drawn, dividing software duplication into three different grades of behavior: totally innocent copying, unfair use that might give rise to a lawsuit, and criminal piracy. The new anti-piracy law fails to make these distinctions. The software association claims it has no intention to use the criminal law to enforce essentially civil claims against customers who make and use multiple copies. ``I don't need to call the FBI to beat on corporations,'' says Ken REAL NAME Wasch, the association's executive director. ``There's absolutely no intention of criminalizing the inadvertent copier in a corporation. We have a very adequate civil remedy.'' By its own accounting, Wasch's group has done very well in civil court. Nonetheless, with these stiff new provisions in place, I can't imagine that sooner or later the felony criminal provisions won't be used, in practice or as threat, against less than obviously flagrant violators. Here's one scenario: The software association will knock politely and ask to review XYZ Corp.'s computers for illegal copies. If XYZ refuses to allow the audit, the enforcers can now do more than file a civil action. They can threaten to call in the Department of Justice for a criminal investigation. This law is simply prone to abuse. It won't stop piracy, nor will it contribute to a new ethic that respects the hard work and research dollars put into application software. Software vendors could take one step in the right direction by rewriting their license agreements to be more realistic. Most licenses don't permit a user to install the same copy of a product twice under any circumstances, except to make a backup. However, a few companies permit customers to make multiple installations of a single copy of software as long as only one copy is in use at any time. With more executives using a desktop computer in the office and a notebook computer on the road, broadening the terms of acceptable use just represents common sense. It would also go a long way to ease tensions with customers who find themselves uncomfortable at the prospect of being branded as felons. We live in a difficult era in which, as Stewart Brand puts it, information wants to be free, yet it also wants to be expensive. Until both vendors and users sincerely acknowledge this paradox, efforts to reduce piracy are likely Downloaded From P-80 International Information Systems 304-744-2253