Cloud Computing and Software Piracy

Cloud computing has radically changed the way in which software and hardware are consumed in enterprises. This new model of IT has provided CIOs with the benefits of efficiency, scale and lower capex. However, one area that could have a profound impact – because of increasing cloud adoption – is that of software piracy. This scourge of unlicensed software that poses a challenge to both vendors and CIOs may witness a dip as cloud proliferates. 

Use of unlicensed software continues to be a major problem globally. In 2013, 43 per cent of the software installed on PCs around the world was not properly licensed, a rise from 42 per cent in 2011. The commercial value of the unlicensed installations was $62.7 billion, a report from BSA (The Software Alliance) says. The report is based on a global survey of nearly 22,000 consumers and enterprise PC users and a parallel survey of more than 2,000 IT managers conducted by BSA.

Cloud Panacea for Piracy?

But can cloud be the panacea for unlicensed software? After all, it promises to give vendors greater control of the distribution of software and continual views of usage. This is also one of the reasons why software vendors are extending special pricing and offers so as to push its adoption.

“The market for cloud software services is still young, and as yet more of a developed-country phenomenon than of an emerging-market. At the moment, then, if cloud services are going to lower unlicensed software use, they will do so first in geographies that already have relatively low rates of it,” says Seemin Qadiri, Director, Compliance Solutions, BSA Global.

“The face of piracy will change, the numbers will change. But to say that cloud computing will take care of licensing issues or piracy issues would be optimistic,” she avers.

Echoing the sentiment, Dinesh Kaushik, Head-IT, Caparo, says, “Cloud can certainly control piracy. However, it can’t completely root it out. An enterprise could go in for a cloud solution such as Microsoft Office 365 believing that it is completely legal but it could be in for a surprise. There could be a possibility that the service provider may not be adhering to the licensing policies.”

“Similarly, there could be instances when we get a product developed from a third party, who in turn may not be following the development platform’s licensing policy. It is, therefore important for a CIO to get a certificate from the product development company lest he gets into trouble during an audit,” he says.

Piracy 2.0?

While traditional modes of perpetrating piracy could feel the heat from cloud, those playing in the unlicensed software space could move to more innovative ways of promoting piracy.

According to Anubhav Batha, Information Security Leader at SDG Corporation, “Today, there are bundled software packages that are available only on the cloud. Vendors provide a product key that can be downloaded to activate the software. However, one can’t be sure if it is a legitimate buy or not. It could be possible that it is not the actual vendor’s source.”

Bathla believes this shifting of pirated software online could see a rise as more and more companies leverage Internet for procuring software.

“It is not only small companies, even bigger enterprises are procuring software through online. The prohibitive cost of licensed software coupled with discounted pricing offered online are making information technology decision-makers turn towards online buying. The downside of such a purchase is that it could be a hoax. An IT leader will not be able to confirm if the offer was originating from the vendor’s library or not. It could be pirated software,” he warns. 

According to IDC, more than 80 per cent of cloud software services come with licensing provisions that require each user, even when under a multi-user license, to have separate log-in credentials – at least an account name and password.

“Technically, users are not supposed to share log-in credentials, and in some cases the sharing of passwords is specifically prohibited in the terms of service. But, in fact, users do share credentials. For users of business cloud services that are paid for, BSA’s Global Software Survey found that 52 per cent of respondents said they shared credentials, up from 42 per cent in 2011. Sixty-two per cent of those who shared credentials did so more than rarely. Nearly one in five (18 per cent) said they share credentials outside the company,” the BSA report says.

“Based on feedback from IT managers, there was a moderate correlation between credential sharing and country-level rates of unlicensed software installation. For example, 75 per cent of respondents inChina, India andThailandsaid they shared log-in credentials, whileDenmark, Finland and theUKwere all less than 40 per cent,” it says.

As cloud services penetrate emerging markets, expect the incidence of credential sharing to go up. But is credential sharing the same as unlicensed software use or piracy?

“Certainly it is akin to under-licensing, where an enterprise pays for a certain number of software copies but uses more than what were paid for. Here, a company pays for a certain number of cloud service users (or ‘seats’) and, through credential sharing, more people have access. Because these are services designed to displace their on-premise counterparts, credential sharing would have the same effect as under-licensing,” the report adds.

“There will always be a different form of piracy. You will encounter dark clouds because there will be no visibility into them,” warns Seemin.

Conclusion

So does this mean that new forms of potential license abuse (such as credential sharing) will remain unabated? Will cloud make no impact at all in curbing piracy? Are we at a loss when it comes to legally curbing piracy on cloud?

Yolynd Lobo, Director, BSA Global (India), believesIndiahas enough laws to take care of piracy on cloud. However, she feels the laws need to be strictly enforced.

“We have the IT Act inIndiathat can address piracy issues on cloud. We also have a robust Copyright Law. What is lacking is the enforcement of these acts and the awareness of the powers that enforcement agencies have under these laws. What we need is a stronger, judiciary, customs and police,” says Lobo.

She also believes there was no need to create a new law as technology was ever changing.

“There is no point in creating omnibus legislation that looks only at piracy in the cloud – because technology will evolve over a period of time and then the law becomes redundant,” Lobo avers.

“Today, companies have tracking methodologies to track piracy on cloud – but it always comes up against data protection rules, which makes it impossible to get accurate numbers. Actually tracking piracy on cloud will also become an issue of debate tomorrow,” she adds.

While cloud computing may not be the ultimate cure for piracy, it will no doubt play its part in curbing the evil.

Womens Running Shoes