Microsoft's Piracy Check Draws Complaints, Lawsuits
When Microsoft Corp. said it planned to begin checking for pirated copies of
its Windows operating system using the method it set up to send people security
fixes, even some of the company's traditional critics could sympathize.
After all, although Microsoft rakes in billions, piracy of its flagship products
remains a huge, costly problem, particularly in developing countries such as
China and Russia. The Business Software Alliance estimates that 35 percent of
software installed on PCs worldwide is pirated.
Nevertheless, 18 months after announcing the Windows Genuine Advantage piracy
check, Microsoft faces controversy and backlash, including two lawsuits. Some
say the company clumsily handled several elements of the program, including
a key privacy issue.
"They have a right to say, `If you want patches from Microsoft, you know,
you should let us make sure you're not running a pirated copy of Windows,'"
said Gartner analyst John Pescatore. "That's a valid claim, and with the
Windows Genuine Advantage tool, I think, they tried to go a little too far."
Microsoft introduced the piracy check in mid-2005 as a condition for downloading
security fixes and other software, such as anti-spyware technology, from its
Now the anti-piracy check is also being sent to customers whose computers receive
security updates automatically. For now, users can take extra steps to opt out
of the piracy check. But Microsoft strongly encourages people to run it, calling
it a "high priority update," and says the check might become mandatory
at some point.
Once installed, the program checks whether it believes the user's version of
Windows is legitimate. It gathers information such as the computer's manufacturer,
hard drive serial number and Windows product identification.
Microsoft still offers important security fixes even if the company alleges
the version of Windows is pirated, although those users can't get non-security
downloads, such as a test version of the new Internet Explorer browser. Those
users also receive a barrage of notices that they are running an illegal copy
While Microsoft had told users the new software would gather information related
to piracy, some people became alarmed when they discovered that the software
also was performing a daily check-in with the company.
Microsoft said the daily "call home" was a safety measure designed
to let the company shut the program down quickly if something went wrong. But
critics saw the undisclosed communications as a breach of privacy and trust.
Marc Rotenberg, executive director of the Electronic Privacy Information Center,
said the concern is that users did not know about or control the interaction.
"It feels very much like a digital trespass -- you know, someone is getting
access to your system without your consent," he said.
Microsoft conceded that it should have told users it was making the daily connection.
It has since discontinued the daily check and revised its disclosures. The system
will, however, continue to occasionally check in with Microsoft to make sure
it still believes a person's software is legitimate.
Even so, although many had sympathized with Microsoft's original anti-piracy
efforts, to some this misstep was enough to call into question the entire program.
"To use the security mechanism to install marketing software that is designed
to increase Microsoft's revenue but actually interferes with some people's use
of their PCs is a real breach of faith with customers," said Brian Livingston,
editor of Windows Secrets, a newsletter and Web site that offers tips for using
He thinks the episode will have a long-term, negative effect on how well people
regard the software maker.
"The trust has been broken," he said.
Microsoft faces two federal lawsuits over the software, both of which accuse
the company of violating laws that seek to combat spyware. The lawsuits seek
Microsoft spokesman Jim Desler insists the piracy check is not spyware.
"These lawsuits are without merit and they really distort the objective
of our anti-piracy program," he said.
Pescatore, the Gartner analyst, said he thinks Microsoft has found a good middle
ground by backing off on the daily checks, and he doesn't think most users will
be affected by the controversy.
But for those who were already suspicious of Microsoft, this adds more fuel.
"I definitely think that there's paranoia -- I would argue unwarranted
paranoia," said Russ Cooper, a security researcher at Cybertrust Inc. who
approves of the privacy check.
Microsoft has taken great pains to improve its privacy policies since it came
under intense fire about five years ago for a system called Passport that sought
to store all sorts of personal information under one log-on. The program was
scaled back considerably and, despite some ongoing concerns, Rotenberg said
Microsoft has come to play a leading role in privacy issues.
"Since that time you can say simply, they got privacy religion,"
But he thinks Microsoft has misstepped with the privacy check, and should separate
it from the system for sending security updates.
Because the piracy check isn't mandatory -- for now at least -- Microsoft is
using incentives to try to get people to download it. One short-lived offering,
called Private Folder, gave people a special place on their computers to password-protect
data they didn't want to share with family members or co-workers. The company
was forced to pull that product amid complaints that the secret folders would
create headaches for corporate technology experts trying to manage big computer
systems, and raise other problems if consumers forgot their passcodes and couldn't
get at their data.
Despite such flubs, Microsoft appears if anything to be redoubling its commitment
to crack down on illegal Windows copies, part of a larger push to increase profits
from the highly lucrative franchise.
Microsoft takes legal action against those it believes are distributing pirated
copies -- and it says it has used data from the piracy check to help track down
some sellers. The company also is working with government officials in places
like China to try to make piracy less acceptable.
But in a meeting with financial analysts in late July, Microsoft also made
clear it is counting on the individual check as part of its overall bid to grow
sales by slashing piracy.
Kevin Johnson, co-president of the Microsoft division that includes Windows,
said: "We're really trying to amplify the fact that being genuine enables
a set of benefits and value."