Software Piracy At the Beijing Branch Office?

spirit_fingers writes "I'm the IT manager for a west coast design company that has a small branch office in Beijing with 5 employees, a few workstations and a couple of servers. Recently, it came to my attention that the Beijing office has been routinely installing and using pirated software on their computers — MS Office and Adobe Creative Suite, mostly. We're very buttoned up about being legal with our software here at the home office, and I consider it unprofessional and risky for our Beijing office to be engaging in this practice. When I called the local office manager on this, he shrugged and replied, 'Well, every other shop here does it.' So I was wondering if there are any IT manager Slashdotters here in the the US who may have experienced something similar with their colleagues in APAC, and how they handle a situation like this." Click the link for more of this reader's thoughts on the subject.
Up until now, the powers that be here in the States have had a relatively laissez faire attitude about what goes on at the Beijing office and our accounting department hadn't noticed that Beijing never submitted receipts for software, until I questioned them about it.

I have no doubt that "everyone else does it" in that environment. Frankly, I could care less what those guys do with their personal computers, but when it comes to company-owned gear my attitude is to stay legal no matter what anyone else is doing. And it's not like they need to do it to save money: the Beijing branch turns a tidy profit. It just seems to be an attitude so firmly ingrained in the culture over there that no one gives it a second thought.

My response (CC'd to our CFO) was to ask for copies of all receipts and serial numbers for the software they're using. and see what happens. This came down today, so I'll give them a day or two to come up with something.

Set a policy and enforce it

[Matt+Perry]

Create a written IT policy for hardware and software. Make sure everyone knows what it is. Create a business ethics policy and ensure that components of it address using unlicensed software. Make sure that your employees are trained on these policies and that a record of training goes into their employee file. If the employees violate the policy, warn them in writing and file the notice in their HR record. If they violate the policy again, fire them. If they want to keep their job, they will fall into line and stop exposing the company to unnecessary legal risk.

Re:Given it'smostly MS Office and PDF stuff....

[jkrise]

But I'm curious -- did you actually get that multi-national company to use any open standards, or are they still doing Exchange and Word?

I tried, but failed badly. I was with them from 1996 to 2002; and in late 2000, the MNC entered into an alliance with Microsoft globally, to use Windows and other Microsoft products. Initially I joined them to set up an SGI-based development network on IRIX and OGL; this was disbanded in 2002 and I quit.

My impression is that in many Western economies, the pricing for Microsoft products isn't that big a deal; so people tend to think of it as a problem that will disappear if they can throw some money at it. But on Server products, things got very expensive and complicated with Craptive Directory and Exchange 5.5; so many Directory Service Replication errors, and a nightmare for the sysadmins. It's like a treadmill... we need to keep running (upgrading) but seldom move forward.

Re:Given it'smostly MS Office and PDF stuff....

[lokedhs]

As an interesting side-note, the only time I receieved OpenOffice documents from a client was from an Indian customer.

I have to admit I smiled a bit with joy when that happened. :-)

Re:He's Right

[Uber+Banker]

EVERYONE in China massively pirates all software.

Not everyone does it, as well as being illegal it's a big reputational risk. Living in China I find it quite fascinating seeing the differences large international companies, small international/foreign companies, and large/small local companies work. This topic is an example of such.

[Cue Slashdot car analogy.] Large international corporations often do not let their senior foreign staff own a car, even if such staff state a preference to do so. A rented car and driver are cheap. The risk to the reputation of the company (and international companies often hire on their reputation for being well backed financially, esp. in white collar sectors) should a senior staff member have a well publicised accident are sufficiently high to cause this behaviour. Many more examples exist.

Aside from other concerns like IT security, backdoors in commonly pirated software, lack of availability of software updates, the reputation with the OP's customers is at risk. Perhaps that is how the home office could be persuaded to put some force on the foreign office.

Outsourcing brings with it cost cutting - legal software may appear highly expensive to the overseas office. It MAY BE THE CASE that the manager of the overseas office is pocketing the money, or will pocket the money if legal software is demanded, and providing fake receipts. This is not unusual. The home office should audit all software. China provides an environment where QQ (a hugely popular instant messaging program) or other software may be installed on machines and local IT/security staff have lower standards than that of the home office. Again, an audit and remote administration should be mandatory.

I would point out that this case is not unique to China, all developing economies share work and cultural environments which may surprise, disorientate or confuse the home country office. A professional consultancy* can often be hired at good rates to ensure best practice is maintained in any developing or unfamiliar situation, helping to avoid potentially costly mistakes and lapses in judgement.

*I run such a company but I'm not going to astroturf. Slashdot is for my fun time.

Re:He's Right

[1u3hr]

... backdoors in commonly pirated software,

Bollocks. Never seen it, or heard of it, except from software vendors trying to scare people. And I live in Hong Kong and have seen a fair sample of pirated software. Pirates are actually pretty good at customer service, most give full refund or exchange on demand. They have no interest in selling infected software, it would just rebound on them. Can't say it never happens, but there has been plenty of infected factory fresh legal software. The risk is not larger, in my experience.

Re:He's Right

[alexandre_ganso]

When you say unfair to usa, you forget that those pirated softwares are exported using US prices, being charged to india/china/russia/brazil salaries.

A single copy of a software may cost as much as one year of an employee's salary there.

Re:He's Right

[julian67]

You're confusing the people who sell the stuff on the street/malls/markets with the people who crack the software and to some extent with the people who manufacture it. You're also making a mistake in assuming a modified binary in a software installer is something that an anti-virus/anti-malware program can necessarily detect. I've seen "clean" installs from commonly used and sold XP CD (in SE Asia) which contain keyloggers and so on from minute one. They were undetectable from the running machine but could be found by scanning from read only media such as live CD. The best way to get a rootkit onto many, many people's PCs is to have them install it along with the OS, or have the local PC retail industry helpfully do the work for you when they clone the pirated OS onto the newly purchased (without OS) PC using their cracked copy of Norton Ghost....and the distribution network of human vendors is efficient, motivated (profit), looks after its customers and broadly trusted. Perfect and beautiful! You pay now, wait 5 minutes.

Re:He's Right

[julian67]

You're still confusing the street vendors with the people who make the warez (the cracked software *not* the physical CD). For example: "where there is a motive for the supplier to add "evil bits" even if it only earns him a few cents a ....." It isn't the guy making a few cents selling physical media who adds anything (except a few scratches ha ha). Reputations: assume someone spends the whole $2 and buys XP Pro and installs it. Next step? Install a bunch of other stuff too, some from similar warez CDs, some from p2p, some from warez ftp. Now tell me how anyone who *even notices there is a rootkit(!!!)* can determine its origin? Street vendor reputation unaffected, in fact not really even relevant. I like the idea of "a reputation system the non-braindead use to check out quality and safety" because the idea contains the paradox of supposedly intelligent people trusting all their IT security to street vendors and unknown warez producers. Sweet! p.s. a rootkit is by definition very hard to detect ;-) p.p.s. claiming that something doesn't happen because you haven't noticed it, and demonstrating neither the ability nor the will to notice it, is not a powerful argument. Even if you say bollocks. Seems to me that Brits writing "Bollocks" at the start of a (usually flawed) assertion equates to Americans writing "Period" at the end of one. Neither is as impressively convincing as the author always believes :-)

Re:Let the directors decide.

[robthebloke]

We get more support requests for our software from China than from any other country - and we've never sold a single license there.

If the people using the software have no qualms in contacting the developers directly, then it seems to be a fairly entrenched problem that's going to take an awful lot to stamp out. Whilst talking about this topic many people may think 'windows+office' the fact is that piracy is affecting every developer large and small (and I work for a small one). I applaud anyone who takes an interest in stamping the problem out at their office, though unfortunately it's not going anyway anytime soon...

Re:He's Right

[v1]

Yes copyright infringement is theft of labor. It's no different from if you hired an employee to mow your grass, and then you refused to pay them.

There are more than two things happening. You are seeing the fruits of the labor, and the money changing hands. You're overlooking the work your neighbor put in to mow your lawn. The difference with software is it's not like mowing a lawn. With lawn mowing, every x units of work you invest get you paid for x units. If you mow 2x lawns you get paid 2x. There is always a 1:1 investment, and anyone that fails to pay you directly impacts you, in two ways. One, you worked, and two you missed an opportunity to work for someone else (lost a sale) because you were busy mowing the deadbeat's lawn and couldn't mow the other guy's lawn that would have paid you.

Software development is a whole different business model. You invest y units with development and marketing, and then you sell x units and get paid x. If you sell 3x units, you get paid 3x. Once you've spent y, changes in x have no affect on y. You can increase your x beforehand by pouring more money into y with continued marketing and development, but it's nowhere near a 1:1 relationship. If somewhere along the line you sell another 1x units and don't see the payment of 1x, it doesn't even appear on the books so to speak. It's "icing on the cake".

Theft is usually described as depriving someone of their property or failure to compensate them for their labor done for you. (often referred to as "theft of property or services") We can clearly see no deprivation of property, so the question is one of labor. How much labor did we fail to compensate you for by copying that application? (how much additional work did I just cost you by copying the application instead of buying it?) None.

If you don't pay your neighbor for mowing, he's wasted his time when he could be mowing someone else's lawn and getting paid for it, or he could be doing some other work, or he could be relaxing. You've clearly affected him. But if this morning I install this single license on a second computer over to the right, I haven't affected Adobe in any way this morning.

The only way to justify it is to say that if I hadn't copied the app, I would have bought it. OK that could be viewed as theft of a sale. But that always has to assume I would have bought it. While sometimes this assumption is true, often times it's not. We see that a lot with copying music. When I see someone with 350 albums of music on their 1T hard drive, do I really think they would have bought 350 CDs if they hadn't been able to download them? Isn't that just a little bit ridiculous? I'm not denying the possibility, but it's nowhere the scope imagined. That same person may have bought a dozen or two dozen CDs or more even, but not 350. Software I'd expect to be much the same.

So there are two important differences - copying doesn't have the same direct impact to the vendor as theft, and copying does not necessarily imply a lost sale.