Simon Says – Musings of a Technology CTO

It’s been an interesting week in the IT world with some quite amazing (to me anyway) news. No, I’m not referring to the FTC’s decision to shut down the known spam ISP Pricewert, or the announcement by T-Mobile that their network had not indeed been hacked…

I’m referring to the news that the Swedish “Pirate Party” gained a seat in the European Parliament.

Whoa! You may say – what? Yes indeed, a political party with the aims to promote Piracy got a commendable 7% of the Swedish vote which gives them one of the 18 seats in the European Parliament, and thus political legitimacy (to put this in perspective, the next biggest winner was the Green party with 2 seats and 10% of the vote).

It’s an interesting story if you like me care to study the obscurities of IT – the 2006 founded party is based on three goals, “To fundamentally reform copyright law,” “To get rid of the patent system” and “ensure that citizens’ rights and privacy are respected.”

I think you can see that though many may differ in opinion on the first two issues, the third is a noble goal worthy of pursuit by any civilized political entity.

How they swung voters in their favor is up to debate, but one self-mentioned catalyst was Sweden’s’ recent imprisonment of the owners of “The Pirate Bay,” an unaffiliated web site which acted as a torrent index. Though no copyright material was stored on their servers, and in the strict eyes of the law they had not done anything illegal, amazingly the 4 guys who maintained this index to “warez” got a year in jail and a $3.6m fine, not you may think for hosting the index to millions of download links (not a crime in itself), but for 33 copyrighted files found being distributed via their servers. You can read more about it here. You can perhaps appreciate that the simple act of pointing out where copyright material could be downloaded was something they didn’t expect to ultimately lead to them being in jail.

Why I bring this up? Because I’ve been plagued by questions on how this political position affects McAfee and our drive to tackle IT security issues.

It’s an interesting question because hackers and pirates, in the IT world, traditionally have very different agendas. Hackers, or hacking, is about obtaining information and access through subversion (and then usually exploiting it for financial gain), whereas piracy is about breaching the usage terms of copyright holders (causing them financial loss).

The two are of course both part of the “IT Underworld,” but whereas pirates seek to give you something for nothing, hackers want to take something from you for their profit. Historically these two groups have been antagonistic towards each other. Pirates consider the successful circumvention of a copy-protection act, and the subsequent free distribution of IP (like breaking the DVD crypto code), a heady and noble goal and are oft supported by the public at large. Whereas Hackers write malware to steal our secrets, cause trouble and make money.

Nowadays the line is a little more blurred – there’s innumerable examples of “pirated” material containing malware, such as peer-to-peer downloads of the latest Hollywood blockbusters containing password stealing Trojans. In the words of the underground, Hackers are often parasites of Piracy…

McAfee is of course keen – no, REALLY keen, to stop hackers – that’s our day job and it’s what we do best, but piracy is not so much a technological challenge as a distribution issue. This is the domain of the Digital Millennium Copyright Act and of Digital Rights Management, two things we certainly have technology to assist with such as our Data Leakage Prevention solutions, but not specific products to address the problem in general. It’s certainly on our radar though, and I welcome anyone to contact me to discuss their views. Data Protection is a goal of McAfee, and our vision encompasses protection for you and I as individuals, and companies including Banks, Insurance, Movie Studios or recording artists.

In the eyes of the law both hacking and digital piracy are very well defined and controlled. Subvert a system and you’ve committed a “computer misuse” crime. Breach the usage rights imposed by the copyright holder and you’re committed a “crime against copyright” (in most countries) – there’s simply no way around it. The gray area in the copyright law is the concept of “fair use,” something we’ll probably be arguing for decades to come, and a topic for another blog.

Whether the Pirate Party makes a difference to the Swedish people depends on how they conduct themselves now that they have a seat. I don’t believe it will make the world more unsafe, or empower hackers at all. It’s certainly a golden opportunity for The Pirate Party to make a difference to some long-standing and outdated laws, and I wish them well. Personally I’m going to be watching what they do closely, especially regarding privacy rights.