Developing an Antipiracy Program

By Richard C. LaMagna, CPP

Building the Team and the Program

Once the assessment is complete and executive sponsorship and budget are obtained for an antipiracy program, the next step is to build a good in-house team or to have a combination of in-house experts and external consultants devise an antipiracy strategy. Antipiracy programs can be costly, particularly with regard to investigative and legal support, and will inevitably involve corporate attorneys as well as outside counsel to develop legal strategies. Finding the right talent is crucial; many security managers have expertise in a variety of areas but not necessarily for antipiracy strategies and operations. Outside consultants can help develop the program in the early stages. Ideally, an in-house team under the Director of Corporate Security consists of a senior manager for investigations or an antipiracy manager, an attorney with prosecution or civil litigation and asset forfeiture experience, investigators with a physical and Internet investigations background, a paralegal, and a business analyst.

The analyst plays a critical role in analyzing and interpreting the information collected from the investigations, performing trend analysis, and preparing briefing materials.  It is important to ensure that the team’s goals and brand protection efforts are in keeping with the overall company strategy. A monthly scorecard of metrics, highlights, and trends that can be shared with company stakeholders is essential in maintaining internal support for your team’s efforts.  Often good work goes unnoticed because it isn’t properly presented and consumed at the right executive level.  I was involved in one situation where millions of dollars were spent on Internet Piracy programs which were well-documented in monthly progress reports that were apparently never read by the senior executive in charge of the program.  Not only was he unable to articulate the return on investment for the company, but also his subordinates who managed the program were unable to ascertain if the program was achieving management’s desired goals and objectives. We often felt as if we were on the proverbial rudderless ship.

While AP investigations are not vastly different from other types of investigations, there are some unique challenges. For example, identifying and prioritizing high-impact targets, managing a test purchase (TP) program and vendors, and analyzing data are key components.  In addition, product identification, data and evidence collection and analysis, and coordination with attorneys and law enforcement authorities for criminal prosecution or civil litigation are all part of the continuum of an antipiracy program.  Coordination of all of these program components towards the goal of protecting the company’s brand integrity is the main objective.

In my experience as Director of Worldwide AP Investigations at a large technology company, a multi-faceted strategy was very effective and reduced piracy by at least 10-15 percent over a four-five year period.  It was a highly integrated approach and involved law enforcement referrals and prosecutions, aggressive civil litigation, asset seizures, and cease and desist notices.  Web site takedowns, and robust consumer education and PR campaigns were also part of the strategy. In one case in California in November 2001, then U.S. Customs (now U.S. Customs and Border Protection) made the largest software seizure in history of a container load of counterfeit software and cigarettes worth more than $60 million.  

Cases such as these are the result of extensive law enforcement liaison and training programs that not only assist officers in identifying the company’s products but also help build those all-important relationships that facilitate cooperation.  Through this approach, we were successful in getting a broad range of law enforcement agencies such as the FBI; ICE; and many state, local, and foreign law enforcement agencies to investigate and prosecute our cases. 

In addition to traditional enforcement measures, other program elements, such as legislation, are critical to support the effort.  My company successfully supported a legislative initiative to close a loophole that allowed counterfeiters to break open software packages and sell the genuine components used to authenticate counterfeits. Internally we worked with product and packaging teams to adopt the latest security features and counterfeiting counter-measures and leveraged public relations opportunities and the company Web site to reach consumers.  By employing all of these strategies in an integrated manner, over a five-year period the company saw a dramatic drop in the availability of counterfeit products and a shift towards the sale of genuine products. There were indications that counterfeiters were moving towards the counterfeiting of competitors’ products. Anecdotal information filtered back to us that the sellers and distributors were reluctant to sell counterfeits of our products due to our strong enforcement posture.

Measures of Success

Measuring effectiveness and success can be the most challenging aspect of an antipiracy program. As in law enforcement, it is often difficult to know if your efforts are truly having an impact. Can success be measured in seizure and arrest statistics? A qualified yes, if they are strategically targeted.

However, random seizures of counterfeit products have little impact.  Does an increase in the seizure of counterfeits indicate that the strategy is working or does it suggest a greater availability of illegal product on the market? Focusing enforcement efforts on certain products, organizations, and markets can result in an increase in legitimate sales and should be measured in individual markets.  Information campaigns surrounding enforcement actions can also be very effective as a deterrent and lets consumers know that the company is protecting brand integrity and consumer interests.

Consumer comment and feedback can also be a useful measure of effectiveness especially with regard to anti-piracy technologies.  However, one must be careful about too much negative publicity that can result in a lack of brand confidence and rapid migration to a competitor’s brand. This may be particularly true in the pharmaceutical industry where there are often similar choices.

For example, Viagra is one of the most common counterfeit pharmaceutical products offered by illegal online pharmacies. Overexposure of this issue may lead consumers to think that they automatically reduce their risk by purchasing another erectile dysfunction drug. Changes in consumer behavior and buying trends can be another measure of success.

Target qualification and identification, case prioritization, and enforcement outcomes can be hard to establish and even harder to measure. Referrals to law enforcement agencies do not always yield immediate results and require patient liaison efforts. While federal agencies have broader jurisdiction and authority than state and local agencies, they invariably take longer to conclude the investigation. I know of numerous cases that were very successful in dismantling counterfeiting organizations but took in excess of one year to complete. In the meantime, counterfeits continue to flood the market and company executives are looking for results. 

In addition, enforcement agencies often have other priorities and want to avoid being seen as working for one company as opposed to an entire industry—for these reasons, good  law enforcement liaison is critical for success. When I managed a worldwide anti-piracy program our active law enforcement liaison and training program paid great dividends in terms of cooperation and our law enforcement colleagues knew that we were 100 percent committed to supporting them.

A good antipiracy program must also balance customer satisfaction and public image with strong security and enforcement measures. For example, while encryption and product activation keys are effective software antipiracy measures, they often create user frustration and inconvenience.  Another consideration is how will strong enforcement affect the company’s image and brand reputation?  Will it be seen as “heavy handed” in going after infringers? In recent years the recording Industry understandably took a very strong stand against unpaid digital downloading of music, but in the process it created a public relations problem by alienating its own customer base--- young music enthusiasts. Targeting large-scale counterfeiters and distributors helps to avoid that perception and reinforces the point that strategic enforcement protects consumers’ interests.

Good data management and retrieval is critical to the conduct and the analysis of investigations as well as to the ability to measure success. One pharmaceutical company with which I am familiar had a very robust Internet antipiracy program; however, during the program evaluation by an independent management consultant, the success was difficult to quantify due to the inconsistency and unreliability of the data that was collected. In addition, the cost of “cleaning” the data so that consistency could be achieved was high.  If data isn’t accurate and reliable the entire process and results are distorted and program effectiveness will be difficult to determine.

Globalization has impacted both legitimate and illegitimate commerce. Criminals operate across national borders, thus to be truly effective, investigations and strategies must be coordinated on an international basis and targeted on the source of the problem. Admittedly there are challenges in transnational cooperation and enforcement, not the least of which is a disparity in IP laws. Success, however, can be measured in terms of investigations, prosecutions, and convictions of major violators, closures of illegal plants, civil lawsuits, and forfeited assets. The money recovered through restitution and asset seizure can help finance antipiracy operations and cause a decrease in availability of the most frequently pirated products and an increase in your company’s bottom line.

Rich LaMagna, CPP, is the former director of Worldwide Anti-piracy Investigations for Microsoft and is the president of LaMagna and Associates, LLC, a Washington, D.C.-based consulting firm.



Great Article

Great article!  Realizing you couldn't go into all of the details for setting up a world class program, you have managed to provide a great higher level view of the problem and a starting point.  The opposition is always changing their tactics to counter our tactics, but having a program able to interface and respond quickly to these changing conditions really benefits the organization. 
Keep up the good work!
Thomas Quilty
BD Consulting and Investigations, Inc.

The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.