Pirate software: the problems is the security, not the sanction

More and more companies are convicted for using illegal software, and these convictions bring our attention back to the last reform of the Criminal Code, which considerably toughens the sanctions for pirate software and extends the legal consequences for the company and its administrators.

The present discourse: legal and economic sanctions against illegal software

The details of the BSA The Software Alliance report are very clear: in Catalonia alone, 42% of companies use unlicensed programs, 13% more than the European average. However, the reform of the Criminal Code is striking: companies chance sanctions of up to €280,000, the possible suspension of business activity for up to five years and responsibility of up to two years of prison for the administrators, amongst other convictions.

This reform brought, and continues to bring, severe criticisms amongst professionals and companies, which consider the measures out of proportion as the sanctions for the use of illegal software can be tougher, for instance, than making false VAT declarations or unfairly dismissing a worker. Are private software companies’ losses more serious than tax fraud or the breach of labour laws? This is the sensation that is given.

The widespread use of illegal software is frequently attributed to the question of “business culture”, as the possible economic sanctions are much higher than the investments in software licenses. But for smes this investment is not as easy to assume as for a large company. Without considering the large number of freelances and micro companies that might need programs with licenses of prohibitive prices in many cases, and for which there is no free software alternative, as is the case of designing and editing audio-visuals.

In short, the focus that has been given to date is to penalise, by toughening the sanctions for those who break the law. Even the awareness-raising campaigns that are carried out, such as that of Leysoftware.net, highlight the legal consequences of using pirate software. But is this the right focus?

Security, the key element of legal software

Internet security experts give a very different discourse focused on the serious problems of security that might be caused by the use of illegal software. According to data from Play-it-safe.net, Microsoft’s Digital Crimes unit, 61% of computers bought with pirate software contain some kind of virus or malware.

This malware exposes companies to serious security breaches and to the loss of business data in 73% of cases, and to critical failure in 43%.

And this lack of security translates into economic losses: in 2013 alone, losses were produced to a value of 127 billion dollars by security problems related to malware associated with pirate software, and 364 billion by violation of personal data through malware associated with pirate software.

But the security problems do not stop here. Today we are all hyper connected both in our professional and private life; this causes security risks for companies and users alike. More control is needed on the technological tools that are used, such as software, and greater awareness is needed of the risks involved in hyper connectivity and security breaches. This awareness will be difficult to achieve with penalties, what is needed is more information.

With respect to the IoT and security risks, John Moor, director of The Internet of Things Security Information, said, “if we are not careful, we can get into trouble without realising. And some unprecedented trouble”.

Because most companies that use illegal software also connect remotely to consult email, to access bank data or to consult customer or worker databases from any device, so the security breach favoured by this software is much deeper than it might first seem.

The cloud solutions, an ever more widespread alternative to illegal software or licences

As we have already said, for most small and medium-sized companies, let alone freelances, legal software licences are seen as a burden.

Free or opensource programs are an alternative, but are not the complete solution, as there are specific programs that we will not find in free versions with similar functions. Problems of compatibility can also be produced between programs if we want to integrate them.

The ever more widespread option in companies are the cloud-based solutions. These options reduce both the cost of the licenses and of the necessary physical infrastructure, and all with high-level data security.

In short, in the end not everything comes down to a legal penalty or economic sanction. Security risks expose companies both to significant economic losses and a negative impact on their image and reputation, and therefore on the confidence of their present and potential clients. Therefore it is worth assessing the risk and the alternatives available to us: what we have to be concerned about is the security, not the sanction.

Article published in ITespresso.