By Alex Salkever For 28 years, Rich LaMagna chased drug lords and coke smugglers as chief of the special intelligence division of the U.S. Drug Enforcement Agency. Then in April, 1999, LaMagna made a big career shift. He left Uncle Sam and went to work for Microsoft (MSFT). The software giant wanted a senior law-enforcement official to build an in-house team focused on stopping and tracking down software pirates.
Today, LaMagna's unit has a multimillion-dollar budget and staff of more than 100 in offices from Hong Kong to Los Angeles to London. Virtually all of LaMagna's legions come from law enforcement, including investigators, attorneys, computer forensics experts, and even paralegals.
The unit has built a database of Microsoft's Most Wanted: major players in the computer underground, whose factories churn out bogus CDs loaded with pirated Microsoft software. The antipiracy troops comb through tips received over a toll-free hotline and patrol the Internet for big sellers of Microsoft wares. Often the team will then provide key intelligence to federal, state, and local law enforcement.
"A LITTLE NERVOUS." "We will have private investigators do some of the legwork to get the case up to the level of where we can hand it over to law enforcement," says LaMagna. He goes after the big fish atop an organization, just like he did in the old days at the DEA.
The results for Microsoft have been remarkable. LaMagna's unit identified and helped confiscate software worth about $500 million on the black market in the last year. The average bust precipitated by a Microsoft investigation was for about $500,000 in pirated software, he says. "We have gotten some feedback from sources on the street saying they're getting a little nervous dealing with Microsoft counterfeit product," says LaMagna. Bill Gates & Co. has deemed the effort so important that it has quadrupled the resources dedicated to antipiracy since LaMagna came aboard.
In fact, many insiders trace a 10% drop in worldwide piracy of software -- from an estimated $12.2 billion in 1999 to under $11 billion in 2001, according to the Business Software Alliance -- to Microsoft's crackdown over the past three years. But the danger hasn't passed: Hard-core software thieves operating out of Asia and Eastern Europe continue to ship millions of boxed copies of pirated software to markets around the globe. And smaller players are increasingly hanging shingles on online auction sites and pushing bogus wares through spam blasts. Indeed, faster connections have made it easier to sell pirated software downloads on the Web.
AIRTIGHT CASES. Small wonder more software companies have followed Redmond's lead and decided to take the piracy fight into their own hands. "A number of member companies have ramped up their in-house efforts to address the sale of pirated software online and in other places," says Robert Kruger, vice-president for enforcement at industry trade group Business Software Alliance.
No kicking down doors and making citizen's arrests in this line of work. Most investigative work involves more mundane issues such as surfing the Web to find out who's selling wares on the sly, then doing background checks. These company cops' ultimate goal is to deliver an airtight legal case to the authorities that will result in arrest and conviction.
With the tech slowdown continuing to drag on software company profits, the move to hire corporate antipiracy warriors is understandable. According to the BSA, about 25% of software in use around the world isn't acquired through legitimate or legal means. The problem is just as real in the U.S. as anywhere else: About 30% of software in use in California is pirated, according to the BSA.
A MARKET OF MILLIONS. Kruger notes that half of that piracy problem comes from what he calls overdeployment -- a company installing copies on more machines than its software license allows. But plenty of outright rogues are flying a jolly roger on the high seas of cyberspace, touting stolen software for ridiculously low prices.
"The Internet allows pirates to reach a much larger marketplace. If you're a card-table vendor, you can probably only sell to a couple of thousand people on a really good day. But if you're an Internet pirate and you're spamming or operating a pirate Web site or selling on [an auction site], you could reach millions," says Kruger.
Case in point: Microsoft provided intelligence to law enforcement about Lisa Wu Chen, a 52-year old Taiwanese national who pleaded no contest to piracy charges last month and was sentenced to nine years in prison. Police found that Wu Chen and three accomplices had stashed $100 million in Microsoft and Symantec (SYMC) products in a warehouse in Alhambra, Calif., until she was busted in November, 2001.
"PIVOTAL INCIDENT." The magnitude of the Wu Chen bust is precisely why Symantec hired William Plante as its first worldwide director of security and brand protection in March, 2002. The Alhambra warehouse contained ripped-off Symantec software with a street value of $40 million. That's a big chunk of change for a company that earned $52 million in the quarter ending September 27, 2002. A veteran with a background in investigations and institutional security for hotels and credit-card companies, Plante now has a staff of four. "This really was the pivotal incident," he says.
Plante's work may have just begun, however. Each day a greater number of people have Internet access and thus become potential customers for pirates selling bogus downloads or questionable box sets that sell for 90% below retail price. Faster software copying devices now allow thieves to turn out tens of thousands of bootleg software CDs each day.
In fact, despite the stepped-up enforcement efforts in the last year, piracy has become shockingly blatant. "You'd be amazed at how many e-mails we receive to addresses in our company system asking if we would like to buy pirated copies of Adobe software," says Drew McManus, director of worldwide antipiracy operations for Adobe (ADBE), the graphics software company headquartered in San Jose, Calif.
That's why Adobe hired McManus as its first full-time staffer looking into antipiracy concerns two months ago, joining the ranks of companies that consider antipiracy efforts worthy of a top management slot. He's now evaluating how to respond to the threat and may create a dedicated antipiracy unit akin to Symantec's and Microsoft's in the near future. In addition to CEO, CFO, and CIO, CSO -- chief security officer -- may be the next big executive job in software. Salkever is Technology Editor for BusinessWeek Online and covers computer security issues weekly in his Security Net column