Piracy has long been a thorn in the side of the software industry. A 2018 survey found that worldwide, 37% of software installed on personal computers is unlicensed, with the commercial value of that unlicensed software coming in at $46.3 billion. But what do those numbers really mean to individual vendors? And is software piracy really a problem, or is it an opportunity?
Consider Bill Gates’ infamous quote from 1998, in which he said, in regard to software, that if people were going to steal it, he’d want them to steal Microsoft’s. He reasoned that those with pirated software would become addicted to it, and Microsoft would then “figure out how to collect sometime in the next decade.”
In the more than 20 years since Gates’ proclamation, many vendors have figured out how to collect, and from what I’ve seen working with vendors, they’re using software usage data and analytics to do it. Software usage data is most commonly collected through “phone home” technology that is either built by the vendors themselves or purchased from outside providers and integrated into their applications. It provides vendors with forensic evidence of misuse that can be analyzed to identify infringers, measure the scope of the revenue opportunity, and prioritize efforts and strategies to convert infringers to paying customers.
Vendors have traditionally relied upon four common approaches to protect their intellectual property (licensing systems, software protection, internal compliance and legal action). Regardless of whether vendors collect their usage data in house or with the help of an outside provider, here’s how they can harness it to enhance these approaches.
Software Licensing is a key foundational strategy, but the common refrain is that “licensing keeps honest customers honest.” The challenge for vendors is that the primary attack vector for those who crack software is to disable or bypass licensing altogether. In addition to enabling unlicensed use, this also cuts the flow of any infringement or metering data that might be sent to the vendor. Fortunately, disabling software usage reporting technology isn’t a priority for crackers, because it doesn’t interfere with their goal of getting applications to run without licensing or activation. As a result, vendors with usage reporting can detect pirated use and receive valuable intelligence they can use to measure piracy’s impact on revenues. Vendors that want to do more than measure the impact can analyze their usage data to build data-driven license compliance programs that turn infringement reports into actionable leads and revenue pipelines.
Software protection, or “application hardening,” is squarely aimed at preventing piracy by making it more difficult for the crackers to disable licensing. Unfortunately, most vendors have found that they are only delaying piracy with this approach. Vendors also need to walk a tightrope to ensure protection techniques don’t complicate installation or impact application performance for honest customers, or divert their research and development teams away from delivering new functionality. By leveraging usage data, vendors gain visibility into when a new version of a release has been cracked, giving them information about the effectiveness of their software protection methods. They can then use that information to make better decisions about which protections to apply in each product and market, optimizing tradeoffs between protection and cost.
“Internal compliance” usually means auditing. Audits are a useful component of any license compliance strategy, but vendors typically profile customers to identify and target those at high risk for overuse or suspected of piracy — even if there’s no solid proof of infringement. The resulting audits can be time-consuming and damage customer relationships. Usage data replaces profiling and “suspicions” with specific, reliable and detailed forensic evidence of overuse and piracy. These data-driven audits are more efficient and can lead to more open conversations and relationships with customers.
There are two prongs to most legal action: takedown notices to limit the availability of pirated software and lawsuits against infringers using the software. While large developers such as Adobe and Microsoft have made it less likely that purchasers will inadvertently pay for pirated software through channels that appear legitimate, pirate channels are resilient: The pirate community regularly creates new ways to deliver cracked wares. And for all but the largest companies, the cost and complexity of limiting the supply of pirated software by pursuing legal action against pirate sites and channels often exceeds the benefits, which may only be temporary. On the demand side of the equation, adversarial legal proceedings against users do not promote the feelings of trust and respect that are key to long-term customer value and are best reserved for regions and edge cases where they are most appropriate.
By taking a usage data-driven approach, vendors can continue to use due diligence to try to minimize availability in piracy channels, but also leverage those as yet another distribution channel where prospects and customers are finding them. Vendors can also use this data in more of a sales opportunity conversion funnel and to convert infringers to paying customers. A mutually beneficial result can be achieved by offering more benefits and incentives and taking a less punitive approach — increasing the likelihood of annual run rate revenues.
At a time when usage data from devices like Fitbits and Nest thermostats are driving consumer decisions and behavior, it makes sense that software vendors have found a data-driven way to “figure out” the piracy challenge. Harnessing their software usage data enables them to measure the impact of software piracy, conduct targeted audits, and take a proactive and customer-centric approach that can deliver a new pipeline for license revenue.