The Billion Pound software piracy problem
Some may describe the problem of piracy an unassailable one. Not John Lovelock, a man who, courtesy of upcoming legislation, might soon be knocking on your door in order to drag you to prison...
"My ultimate aim is to get a company director in prison".
Those are the words of John Lovelock, director general of the Federation Against Software Theft (FAST). The first time we heard him make this shocking statement? He was addressing a room full of company directors and managers at an event in early 2006.
But that's typical John Lovelock. Since then, we've met him twice more and each time he's in the same bullish mood. He believes without question that software piracy is a crime, and should be treated is such. "The reason there is complacency within corporate UK is because software is not treated as an asset", he asserts, "and our biggest challenge is directors taking responsibility for software in their enterprises".
And he's pulling few punches. Software, he argues, is often worth ten times more than the physical computer it sits on. But take a look at the average asset register in a company, and you may find the keyboard and mouse, but you won't find the software listed at all. "It undervalues companies", he argues, citing an example of one firm he dealt with whose value was some 3 million short as a result.
"If we get a director in jail for the maximum amount [currently ten years], then that will resonate with directors and managers, and permeate through the business world".
"It will", he argues, "send an industry-wide message that this is a serious issue". And, he adds, if it comes to the crunch, ignorance of the problem simply isn't a defence in court.
Furthermore, he cites the case of one of FAST's members, a small husband and wife software publisher, whose software had been stolen and as a result, their business was, as Lovelock describes it, "on its knees". Even when FAST intervened, it was a troublesome path to get the case of the software theft to court. And while they're now a successful firm, "the simple truth is they nearly went broke because people stole their code".
"Last year, we identified 145 targets who were sharing our members' software", he explains, "and we went to court for an order to get ISPs to reveal their personal details. We presented the evidence, got the details, and wrote to the targets concerned".
But, given that the press haven't been reporting stories of OAPs being sued, you can conclude that FAST's tactics have been a little different. A large number settled straight away, paying a nominal 350 and signing an agreement not to re-offend. Those who ignored FAST were contacted again, causing more to settle, and in the end, only those who persistently ignored all communications have been escalated. Even then, as Lovelock describes, FAST were careful to filter their targets down to "those who had the ability to pay and should know better". One such target, a professional engineer, is about to be famous for the wrong reason, as Lovelock expects by the end of February 2007 to name him as the recipient of the first judgement of its kind in the UK for software file sharing. And, in a move seemingly designed to send a further warning shot across corporate Britain, Lovelock intends to name both him and, as it's in the public domain, the name of the company he works for. That, and a costs bill of some 8,000, is ultimately the end result of ignoring a simple letter. "We didn't want it to go this far", Lovelock adds, "but we had to take it to its conclusion".
Already, FAST are working on a second tracker project, and they've made a change or two. "Our first tracker traced individuals at home, or at University, but now we've refined the process so we're tracking back to a corporate address", Lovelock explains. "Our main focus is corporate UK, particularly where the problem of software misuse and file swapping is being, most worryingly, ignored". His argument isn't just based on the misuse of FAST's members' software. "File sharing, and P2P, is a complete security risk to a business", he argues.
Tracker two has already started yielding results, and Lovelock has begun the process of contacting the chief executives of the companies concerned and telling them what's happening in their enterprises. "I've been to see two chief executives so far, and both of them were stunned", he says. "They had no idea it was happening in their business".
The two firms concerned have addressed the problem, and we'll be talking about one of them on IT PRO in the near feature. Six further companies are shortly to get a knock of the door though, one of whom has over 250,000 PCs. He's not yet telling who they are, but the message from Lovelock to any firm where file sharing is taking place is straight and to the point: "it's easy to catch you".
When we first met Lovelock back in early 2006, his main frustration was clause 107A of the Copyright Designs & Patents Act. It's actually something that's been on the statute books for thirteen years so far, and for the past two or three, FAST had been steadfastly promised that it would be enacted. Yet it took the Gower Report at the end of 2006 for genuine movement, in what Lovelock describes as a landmark moment. The enactment of 107A means that, in theory, Trading Standards can knock on the door of any UK business and inspect software licences. "For the first time", says Lovelock, "they can walk into your business without a warrant and ask you to demonstrate you have the necessarily licences". For FAST to be able to do that, they'd need first of all to acquire and present relevant evidence, simply to get a search warrant.
Things really are changing, especially as Gordon Brown has also pledged 5m for Trading Standards to do this work, and while that money still has to be administered by local authorities, it's clearly a sizeable jump in the right direction. The necessary legislation should all be on the statute book by the end of the year - barring any further delays - and that'll increase the tools available to fight IP theft significantly. What's more, alongside it will be another change that sees sentences for web crime fall into line with their physical equivalents, meaning the maximum ten year penalty that selling illegal software in a market would attract now applies to digital theft too.
He freely admits to being frustrated by some of the limitations he's under in his job, although clearly Lovelock's a man who relishes the challenge. He's vehement that progress has been made, too. Back when the first seeds of FAST were sown, when it evolved from the BCS copyright committee, software wasn't even recognised as anything in law. In 1988, the law changed to appreciate software as a literary work, and since then, FAST have made an increasing-number of legislative inroads, which Lovelock offers as some of the best work the Federation has done. Few things though, he reckons, will topple the legislative progress of the past few months in aiding their work.
Yet it's the education efforts of FAST that Lovelock's particularly proud of, and he's keen to point out that enforcement is just one of the four pillars upon which FAST base their work. Lobbying and representation are of equal importance, with education perhaps the most important of all. Working with a group called CREATE, FAST are looking to work with youngsters aged 7-19 on the value of creativity. Discussions have started over using certain well-known animated characters in this work, and the music industry are already involved through the BMR. "We teach our kids from an early age that it's wrong to shoplift", Lovelock argues, "but we have to educate them about IP too, and the meaning of creativity. We simply have to prove there is a value to it".
The road ahead
But that doesn't mean John Lovelock has taken his eyes off his goal. He knows that a precedent needs to be set to ensure the message to businesses gets through, and he's determined to track down those who wilfully misuse FAST members' software. Even backed by a further threat of utilising the Proceeds of Crime Act to seek recompense for his members where appropriate, we nonetheless suspect that when we next arrange to meet John Lovelock towards the end of the year that he won't have achieved his goal. Yet, conversely, it's equally likely that he'll be a few steps closer to it.
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Security best practices for PostgreSQL
Securing data with PostgreSQLDownload now
Transform your MSP business into a money-making machine
Benefits and challenges of a recurring revenue modelDownload now
The care and feeding of cloud
How to support cloud infrastructure post-migrationWatch now