Fighting Software Piracy: What Are the Alternatives?


For both large software publishers and specialized niche developers, Japan offers wonderful growth opportunities. But success in the software market depends on the protection of intellectual property rights.

by Mike Emerson

Japan is the world's second-most lucrative software market, trailing only the United States. But for developers to succeed, they must be wary; in Japan, as in all software markets, the single greatest threat to a developer's success is software piracy.

The US-based Business Software Alliance (BSA) estimates that 67% of the software in use in Japan is illegal (compared with 35% in the US). According to the BSA, this costs developers more than $2 billion in lost sales each year, making the Japan market loss second only to the United States ($2.8 million).

The Software Publishers Association (SPA), a 1200-member US-based association of the desktop software industry, looks at business application software only. The SPA estimates Japan's illegal business software use at 56% (compared with 25% for the US), and ranks Japan as the world's leader in lost revenue for business software developers ($1.3 billion for Japan versus $1.0 billion for the US).

No matter whose figures you subscribe to, the loss in potential revenue in Japan is staggering. Software piracy
hinders recouping the costs of localization and in-country technical support. Developers in vertical or niche markets have a limited pool of prospective customers and face costly product development. Even if sales lost through piracy do not bankrupt a software company, the situation can stagnate future program improvements, which ultimately hurts the businesses that use the software. Thus there is a need to fight software piracy by all possible means.

A three-pronged defense

Japan's options for defending against the depredations of software pirates are similar to those of other countries. Attempts to control piracy, and ensure developers the revenue they are entitled to, are being made by government and industry through a combination of user education, the threat of litigation, and proactive technology development.

Education: By educating users about copyright laws and the benefits of legal software, third-party organizations are striving to create an environment that respects intellectual property rights. US-based organizations such as the SPA and BSA have a vested interest in ensuring the rights of their software developer members selling in Japan. The SPA, for example, has recently offered Japanese companies a Certified Software Manager course designed to promote the use of legitimate software.

The Tokyo-based Association of Copyright for Computer Software (ACCS) represents 190 companies in Japan. To support its stated goal of protecting the rights of copyrighters of computer programs, the ACCS sponsors a wide variety of educational classes and seminars on software copyright laws. Additionally, it issues a yearly report and monthly bulletins examining the status of Japan's software copyright protection activities.

Litigation: Both the BSA and SPA work with local governments and undertake aggressive campaigns to keep and strengthen current copyright laws. Both have active enforcement programs in Japan. Within the ACCS, meanwhile, the Software Legal Protection Supervisory Organization investigates the illegal copying of computer software in schools and business and acts on violations of copyright. The Software Legal Protection Supervisory Organization also investigates companies involved in illegal rental, sales, or distribution of pirated software, and works closely with Japanese police to take appropriate legal measures in cases of high-profile copyright violations.

Technology solutions: Today in Japan, over 1,000 developers are using technology solutions to discourage or prevent software piracy. Protection solutions are available for nearly all hardware and software platforms use in Japan, but the cost, effectiveness, and security of these solutions vary. The three major categories of technology solutions to prevent software piracy available today are software-only protection, hardware keys, and network license management. Let's look at each of these categories separately.

Software-only protection

Software-only protection has evolved from simply altering diskette formats to prevent copying, to requiring a licensing password for installing and running a program. Software-only protection schemes are an inexpensive solution to piracy. There are three basic types of software-only protection:

Password protection is a system whereby, when an application runs, it periodically requests the user to enter a password. The password is usually found in the program's written documentation, which circumvents its effectiveness if the manuals are also copied. Gaming software often uses this approach because it is extremely inexpensive.

Copy protection alters one or more of the program's diskettes (such as by a laser) so that the DOS DISKCOPY command does not work. The original diskette must be inserted whenever the software is run, and is verified through a special, supplied driver. This method is also inexpensive, but it prevents the user from making a backup copy of the software.

Password licensing, the newest form of software-only protection, may be delivered in two forms: diskette protection or password fulfillment. Both forms determine a PC's "fingerprint" -- derived from hardware components such as hard disk ID or BIOS serial number -- and transfer a license that enables the application to be run only on hardware with the expected fingerprint. Most password licensing schemes will allow the user to uninstall the application and reinstall it on another machine.

In diskette protection, a password and information are stored on the diskette in sectors marked "bad" to hide them from the operating system. The password is transferred to the PC by the program during the installation process. With password fulfillment, the program is stored in an encrypted format; the user must obtain a password to decrypt the program, such as via a phone call to the company. Password licensing offers a developer the advantage of complete user registration, and it allows backups, but the overhead can be costly.

Hardware key protection

Hardware keys (dongles) offer a higher level of security against piracy than software-only protection. A hardware key protection system comprises an external device, the key, and software components that allow communication between the key and the developer's application. This type of protection is sometimes referred to as execution control, because the presence of the key is required for the software to execute and run. This method was developed to eliminate the problems of software-only protection. It allows backup copies of the software to be made, yet prevents the unauthorized copies from running.

The hardware key commonly connects to the 25-pin parallel port of a PC, the ADB port on an Apple Macintosh, or the serial port of a UNIX/open systems workstation. On Japanese computers, however, the parallel port connection can vary; market leader NEC, for example, has used a 14-pin parallel port connector, and its most recent machines use a 36-pin high-density connector. The variety of parallel port connectors has led some suppliers to use a 36-pin key that fits between a printer cable and the printer, since this is the most common connector type in Japan.

Regardless of the connector, a single hardware key can protect a stand-alone application or multiple/modular software packages. The keys are programmed and shipped with the software. Once connected, they offer security, transparency, and reliability.

Network license management

License management products track the use of applications in a networked environment. The two types of license management products in the marketplace today for developers are software-based license management and hardware keys that support concurrent license management.

Concurrent usage licensing is extremely popular with both developers and corporations; the license is available to anyone on a network rather than being tied to a particular PC. Companies view concurrent licensing as a way to pay only for what they need instead of having to buy an expensive site license, or individual licenses for each potential user. With a concurrent license model, a company need only buy licenses for the maximum number of an application that it expects to be in concurrent use at any given time.

Software-based license management packages are currently available for both UNIX and Windows server platforms, and support a variety of clients. They usually consist only of software components, although hardware keys may sometimes accompany them to serve as licensing meters or alternate host IDs. Software license management allows a developer a wide variety of licensing models so users will have new ways to evaluate and buy their software. The license management software controls usage and tracks license count, so only the specified maximum number of users can run the application simultaneously.

While software-based license management offers a moderate level of security, it retains a high degree of licensing flexibility and reporting capabilities. A typical model requires the customer to register the software, thus ensuring the developer 100% user registration.

Hardware-based license management is similar to the software-based solution in that the developers purchase the keys and enclose them with their shrink-wrapped software. Keys are supplied with pre-programmed limits that cannot be altered by the developer, and one hardware key is required for each license server at an end user site. Most keys also offer soft licenses, which can be customized or altered by the developer, thus allowing a developer to protect multiple applications, features, or modules with varying license limits, using just one key. And with most keys, developers can upgrade everything except the hard license limit remotely.

Hardware keys providing concurrent license management are usually priced according to the number of hard licenses pre-programmed into the key. Hardware-based license management offers a high degree of security, basic concurrent license management, and administrative simplicity.

Ensuring your success in Japan

What does the future hold? Software developers and publishers in Japan and internationally will continue to use all these methods, and more, to wage their war on software piracy. Japanese and international organizations will keep on spreading the message and educating software users on intellectual property rights. The Japanese government will enforce penalties on flagrant abusers of copyright law. And technology solution suppliers will continue to develop and support products that can ensure the protection of developers' software and revenue, while minimizing any end user inconvenience.

But those who want something for nothing will always be with us, and the fight against software piracy will be a never-ending battle.

Mike Emerson is worldwide marketing manager for Rainbow Technologies, a world leader in software protection and network license management solutions. He can be reached at Rainbow Technologies, Inc., 50 Technology Drive, Irvine, CA, 92718, USA; phone +1-714-450-7300, fax +1-714-450-7450; e-mail memerson@rnbo.com.

What constitutes piracy?

Software piracy is the unauthorized copying, distribution, or use of personal computer software. Unlike products from other industries, each copy of software a computer user makes is identical to the original and functions exactly the same. Regardless of the country, industry, or platform, more computer software is used than is bought.

Individuals as well as corporations are bound by copyright law that usually allows software to be installed on one computer and a back-up copy to be made for archival purposes. Many individuals and corporations, however, disregard the importance of software as valuable intellectual property; inadvertently, or purposely, they copy , share, or otherwise illegally use programs throughout an organization. There are even businesses that profit from the sale of pirated software.

Some examples of
software piracy are:

* An individual user shares his favorite program with friends

* A business user buys a new program and installs it on several computers in the office

* A consultant or systems integrator installs its software on a client's computer

* A business disregards the license agreements for networked software

* A professional software thief duplicates the diskettes, packaging, and manuals from a software package and then sell the illegal copies



In the first six months of 1995, the Business Software Alliance received over 1,000 reports on its toll-free software piracy hotline in Japan, with callers reporting violations primarily in manufacturing firms, banks, insurance companies, trading companies, schools, and computer-leasing agencies. According to the BSA, the majority of software piracy in Japan involves copying by end-users, hard disk-loading infringements by dealers, and software "rental."

The BSA usually achieves out-of-court settlement, soliciting a promise from the offending company to purchase legal replacement software and pay a penalty based on the list price of the illegally-copied software. The BSA will file suit against recalcitrant companies, though this is rare. For a major copyright violation, such as public sales of pirated software, the BSA normally refers the case to Japan's Association of Copyright for Computer Software for investigation and possible criminal prosecution.

In 1994, Japan reportedly had the highest revenue loss per computer user of any country in the world.



For some statistics on international software piracy, check Rainbow Technologies' WWW home page at http://www.rnbo.com. For additional information on software piracy, contact the Software Publishers Association at +1-202-452-1600, the Business Software Alliance at +1-202-872-5500, or the Association of Copyright for Computer Software at +81-3-5976-5175.