Feeds

Windows genuine disadvantage

A step too far?

Combat fraud and increase customer satisfaction

Comment A recent lawsuit filed against Microsoft should have all companies reexamining their privacy policies to determine what information they are actually collecting about customers and what they can possibly do with it.

What would you call a computer program that surreptitiously installed itself onto your computer, collected personal information about you without your knowledge or effective consent, was difficult or impossible to remove, installed pop-up banners that constantly harassed you, and presented significant security vulnerabilities?

If you were Los Angeles resident Brian Johnson, the answer would be simple. You'd call it Windows. Or more specifically, it's the anti-piracy software download known as Windows Genuine Advantage.

His class action lawsuit (PDF court documents available in linked article), filed in US federal District Court in Seattle, Washington on June 26, 2006, alleges that the Microsoft software violates California and Washington State privacy laws, consumer protection laws, and anti-spyware laws.

The outcome of the case may well dictate how companies package software, and more particularly how they promise privacy. This will apply not only to software companies, but also to any company that, either knowingly or not, collects certain "personal information" about visitors to its websites.

Genuine advantage?

In April 2004, with much fanfare, Microsoft announced a new program to protect the consumer from...well, from themselves. Ostensibly an anti-fraud program, the Windows Genuine Advantage (WGA) program was marketed as a means for individuals to determine whether the software on their system (that is, only the Microsoft OS software) was properly licensed.

In theory, the target for this program was people who bought computers with OEM Microsoft software which, unbeknownst to them, was not appropriately licensed. In theory, people who downloaded or obtained software off the web kinda knew or suspected that their free copy of Windows XP Professional might not be legitimate.

The WGA program was not really a consumer protection program. It was actually designed to protect Microsoft itself from people obtaining unlicensed copies of its Windows (tm) operating system, and forcing them to obtain actual licensed copies of the OS.

If you were the victim of fraud, and had unknowingly obtained a copy of the OS without a license, Microsoft's software did not help you obtain redress against the seller of the computer or OS. It merely offered you a mechanism to repurchase the software, at full price, from Microsoft itself.

Presumably, the consumer who obtained a perfectly functional computer from an OEM manufacturer at a fair market price (well, lets assume a slight bargain) was now given the opportunity to give Microsoft more money to prevent piracy.

I must admit some aversion to the term "piracy" - as it evokes images of peg-legged men with parrots swinging from riggings of Galleons with knives between their teeth demanding ransom - not someone who has obtained software without adhering to the terms of the End User License Agreement.

Captain Jack Sparrow with a modem? Software "piracy" is at worst theft, and more generally a breach of contract - not an armed gunmen taking hostages off the Somali coast. Congress' authority to regulate software piracy rests in Article I Section 8 of the Constitution, which gives them the ability, "to promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries". This is not the portion two clauses down which gives them the ability "to define and punish Piracies and Felonies committed on the high Seas, and Offences against the Law of Nations". Unless of course, you had a broadband connection on your Brigantine.

Indeed, those who were the "victims" of software piracy and who presumably wanted to "get legal" were the ones who purchased OEM products that were unlicensed - and they were the ones being forced by Microsoft to "walk the plank." Arrrrrrrrrrrrgh.

It's not like Microsoft was going after the OEM manufacturers and distributors of unlicensed product, obtaining monetary judgments and then giving that money to the purchasers of the products. No, the enforcement actions were aimed at obtaining license fees and civil and criminal sanctions for the company, all the while the company was claiming that the unwitting purchasers were the victims.

In fact, even if the Redmond giant successfully squeezed license fees or other sanctions from the OEM selling the unlicensed software, they still retained the right, through the WGA program, to go after the individual (and possibly unwitting) purchasers for the license fees again. Well, life 'aint fair. Deal with it.

The progression of security updates and unlicensed software

Now, make no mistake. The sale and transfer of unlicensed software presents serious economic costs to software manufacturers. The Business Software Alliance (PDF) estimated in its March 2006 report that for the previous year about 35 per cent of software on PCs was improperly licensed, and that worldwide the median piracy rate was about 64 per cent. In fact, the BSA estimated that, in 2005, for every $2 of software purchased legally, $1 was obtained illegally. This amounts to billions of dollars of losses - a sizeable portion of which must be for Microsoft itself. No wonder it instituted a program to protect itself. But did it go too far?

3 Big data security analytics techniques

Next page: Broken promises?

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Inside the Hekaton: SQL Server 2014's database engine deconstructed
Nadella's database sqares the circle of cheap memory vs speed
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
IRS boss on XP migration: 'Classic fix the airplane while you're flying it attempt'
Plus: Condoleezza Rice at Dropbox 'maybe she can find ... weapons of mass destruction'
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.