Microsoft Attorney Bonnie MacNaughton on Software Counterfeiting

On December 27, 2004, President Bush did something that made Microsoft — and probably every other software maker in the world — very happy. Bush signed into law the Anti-Counterfeiting Amendments Act of 2003, also known as H.R. 3632.

The new law criminalizes the distribution of genuine authentication components that have been separated from the software they were intended to authenticate for the purpose of knowingly attempting to certify counterfeit products. This includes Certificate of Authenticity (COA) labels, licensing documents and registration cards that certify copyrights.

Prior to the legislation, Microsoft had purchased hundreds of individual COA labels and computer systems with COA labels that allegedly were attached in an attempt to authenticate unlicensed software via its Genuine Microsoft Software program.

Microsoft’s testing resulted in the company filing eight lawsuits against counterfeiters. H.R. 3632 is a critical part of the tech giant’s overall effort to address software counterfeiting by giving Microsoft new legal tools with which to fight piracy.

That’s important, what with the Business Software Alliance reporting that 36 percent of the software installed on computers is pirated. That represents a loss of nearly US$29 billion to the software industry worldwide.

The E-Commerce Times caught up with Microsoft senior attorney Bonnie MacNaughton to discuss the implications of the new law on the technology industry and how Microsoft will leverage the legislation to curb piracy of its intellectual property.

ECT: How much does software counterfeiting cost Microsoft each year?

MacNaughton: It’s clear that over the past number of years Microsoft has lost billions of dollars to software piracy.

ECT: Given that figure, how critical is this new legislation in the fight against counterfeit software? Could we have hoped for drastic changes without such legislation?

MacNaughton: There was no statute on the books before this particular, very important piece of legislation that specifically made the practice of distributing and misusing genuine COA labels illegal either civilly or criminally. That’s why this legislation is absolutely key to us. There is no legitimate reason for people to buy and sell stand-alone COA labels. The only reason for that practice is to authenticate unlicensed software or personal computers that are hard disk loaded, meaning loaded with unlicensed software. People use the stand-alone labels to authenticate the software, even though the software is not authentic.

We see this legislation as being absolutely essential to Microsoft’s fightagainst piracy on a worldwide basis. In particular, the legislation actually closes a legal loophole that existed and allows us to address both the distribution and misuse of COA labels and the abuse and misuse of genuine COA labels, which is a widespread practice that is very concerning to Microsoft and its legitimate partners in the channel.

ECT: Will we see any short-term impacts of this legislation, or is this more of a long-term measure?

MacNaughton: Microsoft conducted a very large test purchase program within the last six months to test purchase stand-alone COA labels that were being purchased and then used to authenticate unlicensed software. As a result of the test purchase program, we sent cease and desist letter to hundreds of companies telling them that their practices were not appropriate and could potentially deceive customers that want to acquire licensed software. We also filed eight lawsuits.

This legislation will allow Microsoft to send wide notice to the people that are engaged in the trafficking in stand-alone counterfeit and genuine COA labels that their behavior is now criminal and could expose them to both criminal and civil penalties and expose them to substantial risk if they continue to engage in this behavior. Microsoft intends to notify anyone that we are aware of that is engaging in this practice of the legislation and then to monitor the marketplace to see if there are people that, despite the law, continue to engage in this illicit practice.

ECT: Where are lawbreakers getting the COA labels?

MacNaughton: The labels come from a couple of different places. Some of the labels are counterfeit. Some of the labels were stolen. A number of the labels that we test purchased were simply removed from older personal computers. If you look at the bottom of your PC it’s got a label on it to authenticate your software. We have learned of reported incidents where people were going into businesses and stealing the COA labels right off the personal computers and then either selling them in the country in which the labels were removed or actually importing them into the U.S. for sale in our secondary marketplace here.

A number of the labels that we test purchased were being bought and sold in the U.S. over the Internet or over eBay or through brick and mortar stores. A number of them came from Asia. You have this seemingly strange business model where people essentially remove COA labels from personal computers, depriving the owner of that personal computer of their label and all the proof of having authentic software. People then take those labels and sell them for, in some cases, as much as $100 a piece. So it would be like if you had $100 bill taped to the bottom of your PC and pulled it off the machine and went and bought yourself a pair of jeans.

This practice has been growing and proliferating not only in the U.S. but on a worldwide basis. That is why we are thrilled that Congress and the president have taken action to make it clear to people that this type of action is illegal and could expose them to penalties and possible jail time if they don’t stop this practice.

ECT: Have you had any discussion with eBay about the auctioning off of counterfeit or stolen certificates from their site?

MacNaughton: We work very closely with eBay in taking down postings that are infringing of Microsoft’s intellectual property rights and, in fact, have sent a number of take-down notices to eBay to take down sites selling stand-alone COAs. EBay has been extremely cooperative with Microsoft in taking down those sites. EBay has been very supportive of the information that Microsoft has about the software that is being sold on eBay that we have reason to believe is illegal or infringing and does routine take downs for us of that software.

ECT: What kind of impacts do you expect the Anti-Counterfeiting Amendments Act of 2003 to make on the software industry overall?

MacNaughton: We think it’s going to have a significant impact on our ability to prevent our customers from being deceived by devices that were intended to allow them to know whether they have software that’s authentic. This will, we think, shut down the practice of trafficking in stand-alone COA labels. Unfortunately, that practice is only part of our problem because there are very sophisticated counterfeits of our software that are available that we already have legislation criminalizing. So we will continue to fight against all forms of piracy, and this gives us another tool in our arsenal of legislation to bring action against pirates.

ECT: What kind of impacts do you expect this to have on software companies’ channel partners?

MacNaughton: One of the reasons that we pursued this legislation and instituted the test purchase program was because our channel partners were continuing to ask us for support to level the playing field between them and the dishonest resellers that are selling personal computers with unlicensed software. It’s very difficult, as you can imagine, to compete legally with somebody who doesn’t have to pay for the software component of the personal computer because they are loading unlicensed software. I think this is going to be a great value to Microsoft in helping level the playing field for our honest channel partners.

ECT: What kind of impacts do you expect this to have on the hardware industry?

MacNaughton: This particular bill applies to all companies and products that use devices of authentication. So you could imagine a hardware company that uses some type of device to authenticate its hardware would have additional claims that could be brought based on this legislation as well.

ECT: Do you see the need for additional legislation in this area, or does this bill close all the gaps regarding counterfeit software?

MacNaughton: This bill closes the legal loophole that previously existed for the trafficking of stand-alone genuine COAs. We already have legislation that addresses trafficking in counterfeit software and components.

ECT: Backed by this legislation, will Microsoft become even more aggressive in going after counterfeiters?

MacNaughton: Microsoft’s program, which I am responsible for running in the U.S., has three components: education, enforcement and engineering, which is the technical component of our anti-piracy security. As a starting place, we want to make sure that these people understand that what they are doing is illegal; that it infringes on Microsoft’s IP rights and it deceives customers.

Our intent right now is to make sure that as many people as possible know about this legislation. We intend to send out a massive mailing campaign to people that are involved in the channel and the software distribution industry so that they are aware of this legislation. We’ll also send out letters to anyone that we know of who is engaging in this type of business practice so that when we end up referring cases to law enforcement or take civil action like we did six weeks ago, we know that the people we are pursuing or that we are asking the government to pursue know that what they are doing is wrong. That’s very important to us.

We don’t want to pursue people that are unwittingly doing something wrong. We feel it’s our obligation and responsibility to make sure that people know about this law and make sure that they are aware that what they are doing is wrong. Then if they choose not to stop their behavior because they are simply too committed to a business model where they don’t pay for software because they want to make a larger profit by competing unfairly with the market, then we will take enforcement action. At that point we will take very aggressive enforcement action.

ECT: That’s very fair.

MacNaughton: When you are a large company you want to be very fair.

ECT: Do you see the need for additional legislation in some other area as it relates to the technology industry? If so, then what?

MacNaughton: As far as piracy, I think this new law really closes the main loophole that we saw in the U.S. I think the issues relating to Internet safety and ensuring consumer privacy online are likely to dominate our legislative agenda for 2005.