More thoughts on CD copy protection

I went ahead and wrote up an article that talks more about the CD copy protection issue:

My view is this:

  1. CD copy protection mainly inconveniences legitimate buyers, not pirates.

  2. Most game companies are completely unaware of how convenient piracy has become in the last couple of years. CD protection only adds more incentive to pirate. A casual gamer is likely to think "Why am I paying $50 for a game that makes me keep track of fairly delicate things (CDs) when I could, with a few clicks, have the game for free and not have to deal with copy protection?

  3. The best way to combat piracy is to make the incentive for being a customer greater than the incentive for being a pirate. Give more benefits to purchasing such as free updates after release that are easy to obtain for legitimate buyers and more difficult for pirates.

That’s in a nutshell. This issue really struck a nerve here because I’m packing up for a 3 day trip and as I go through a few games I’d like to play while on the plane or at night in the hotel, I realize that I don’t want to take the CDs with me (what if they get scratched or lost?) which means no game. That’s ridiculous.

Come up with a better solution that doesn’t require significant overhead to administer and you win a prize.

This isn’t as easy as saying “why not just give people who buy your game something that pirates can’t get.” What would you give them? How would you get it to them? Would the method of receiving said gifts be easier for them than requiring them to have the CD in the drive when it runs?

I don’t think anyone here (at VU Games) thinks that SecureROM is the be-all/end-all of our piracy-prevention efforts, but it’s the ONLY viable solution right now. In ten years when we can simply require online authentication for all games then we’ll be in heaven, but until then, the industry is long on complaints and short on real ideas to make it work.

The goal: prevent jerks from stealing our stuff while not inconveniencing the people who buy our stuff.

Your task: make it happen. Let’s see some ideas.

I present specifics in the article.

Indeed. It used to be that you’d have to find a warez FTP server, hope it wasn’t full of connections, and hope you didn’t get dropped midway. Now, you just fire up eMule, do a search, double-click, and you’re done. You will eventually get it, even if it takes a couple of days, and you don’t have to check on it at all. In fact, the newer the game is, the faster you will get it.

Brad’s dead on right. SecuROM/SafeDisc is more like a catalyst for piracy than it is a retardant. Subscription or multiplayer authorization servers are about the only ways to really reduce piracy.

How about no on-disc copy protection? Do that on a title, see how well it sells. Brad’s company already did it with Galactic Civilizations and it’s their best-selling game to date. If you’re afraid you are going to lose a ton of revenue, feel free to cite appropriate figures to demonstrate that. Otherwise, give it a shot. If the game has a multiplayer component, by all means include an authentication scheme, but keep the CD completely free of any protection schemes.

If you want something more specific, have the game require a one-time authorization similar to XP’s activation. If Joe Compaq installs the game on his PC, it then connects to the publisher’s authorization system, gets verified and all is well. If he then loans his game to John Compaq and John installs it, John gets a message when the game runs the verification to the effect of “This game has already been installed on another system. If you wish to play, you must purchase an additional copy or uninstall the game from the other system first.”

Now, these sorts of schemes can be defeated, much like anything, but I would not object to a one-time authorization check at install. Presumably the system would accommodate an uninstall/re-install of the game. If this check was done quickly and painlessly, it would be vastly better than the current system of having games suffer performance issues (Morrowind) due to onboard copy protection or not running at all (NWN, SimCity 4, etc.) because you have a particular type of CD drive the protection does not like.

And I am in full agreement with Matt and Brad. SecuROM and its ilk are driving more and more casual users toward piracy. When it fails, it is about the best advertisement for piracy there is.

Adam - honest answer - do you and anyone else at Sierra/VU honestly think CD copy protection is stopping people from pirating your games ?

If the answer is yes then Sierra really does have its head in the sand. Honestly it doesn’t take much for the average Joe Blow to load up his Kazaa and download your games over his broadband connection.

I have seen this first hand. It’s not rocket science and CD copy protections definitely aren’t stopping the blatant copying of games by people of all ages.

I had to change CD drives three times to find one that would finally work with Safedisc. I think it is ridiculous and I purchase all my games.

The true piracy is that conducted by all these companies producing CD copy protections and charging Sierra/VU for the priviledge of using it on their CD’s. I bet they are laughing all the way to the bank.

I hear where Adam is coming from, and I feel the frustration from publishers–seems they have an impossible task in protecting their business, and everyone is out to get them.


First off, I think there is little empirical evidence that SecureROM and other physical copy protection schemes actually work. There’s lots of “we think” and “we believe,” but mostly IMO it’s people who are scared shitless to do anything else because they figure, if piracy is this bad WITH copy protection, sweet Jeebus what would it be like WITHOUT it?" In the absence of any real statistical data that isn’t churned out either by the companies selling copy protection schemes (“The entire population of China would be stealing your game without our copy protection system!”) or by people who don’t want any copy protection ever (“There aren’t any pirates who actually cost you sales, honest!”), it’s damn near impossible to come up with any sort of quantitative evidence on which to make good decisions.

In that climate it’s no wonder companies say there’s no viable alternative. They aren’t happy about losing customer good will (or even customers) but they figure the attrition from copy protection cost them less than the losses from piracy–losses they estimate but perhaps understandably are too scared to verify by NOT using copy protection.

When reasonable, smart guys like Adam say “come up with a better solution?” when referring to the abysmal system we have now, you have to think the situation is pretty sad all around. I mean, NO ONE except the vendors likes these schemes. No one. The fact that companies use them is evidence that in their eyes no one has come up with a better solution, and that’s very sad indeed. And keep in mind that big publishers can’t just say “ok, we’ll let this one out with minimal/no protection and just get some hard data ourselves.” You try telling that to the stockholders. You try defending the company against lawsuits if the product is copied to hell and back (or even if people think it was copied a lot) and it doesn’t sell well and the stock tanks. You convince a bunch of lawyers, accountants, and MBAs that deliberately sending software out there with no protection is a good idea. In a perfect world it probably is–if only to get the data the industry so desperately needs–but it ain’t gonna happen.

Small firms like Stardock can lead the way. We also need small publishers who vend boxed games to do the same thing. If enough of these show that piracy doesn’t necessarily cripple a game (or rather that the rates of lost sales are the same with or without Satan-ROM) then maybe the big boys will get the go-ahead to try it. But I doubt it–it’s too ingrained in the culture by now.

In ten years when we can simply require online authentication for all games then we’ll be in heaven


Incidentally, GalCiv’s world-wise retail sales are in the six digit range which is, by far, our top selling title ever. Having no copy protection on the CD didn’t seem to have a negative impact as far as we can tell and I think we’re in a much better situation for a sequel than most titles.

I’m not suggesting that post-release updates via customer accounts eliminates piracy. I simply think it reduces piracy without the negative side effects of on disk copy protection.

Jedi Knight II shipped with no multiplayer cd-key check. Deus Ex shipped without Securom/Safedisk/etc (it had an ini entry pointing to the Cd-rom drive that could be easily edited), and many other games have shipped with no cd-checks at all.

As for giving consumers a reason to get the boxed copy versus the pirated copy, why not give them stuffed cows, lightsaber toys, nifty posters and manuals and other doodads? It used to be the norm back in the day. I’m sure the increase in sales would at least equal the decrease the profits due to the extra packaging expense. Everyone is a winner.

A laudable and necessary goal, of course.

But since it’s apparently not currently acheivable, it’s sad that “not inconveniencing the people who buy our stuff” is the portion that’s put aside while someone figures out a way to do it.

It would be interesting to see a test run. Take a mid-appeal game and release it in one area of the country with protection, one area without. Then look at regional sales compared to earlier titles.

(Of course, the unprotected version will end up online worldwide. But a cracked version would have gone up otherwise, so that’s not a factor. This is a test of whether the protection would prevent “casual” piracy.)

Tribes was released with no copy protection at all, and by tracking the number of people who were playing online vs. the number of sales, we saw a 3:1 ratio (pirates:legit users) easily.

And if you look at music as a corrolary you can see how far offering non-protected content gets you.

As far as a one-time authentication goes (ala WinXP) I’m really surprised you bring it up. The outcry against Activation has been nothing short of HUGE. So not only are you recommending a solution that you would probably complain about if we implemented it, you’re recommending a solution that would require a whole additional room full of people answering phones and doing tech support - not gonna happen any time soon.

The long and short of it is this: people are going to steal our games. Nobody is naive enough to think that we’re going to prevent it altogether. So we try to mitigate risk by making it as difficult as possible for people to steal our stuff. Yes, this means inconveniencing some of our paying customers. It sucks, but there are realities that many of you are ignoring.

Oh, so if music CDs had something like SecureROM, you think there’d be a reduction in piracy of music?

If that’s the line you’re gonna try and sell, take it elsewhere. You don’t need to be a statitician to realize the utter ridiculousness of that argument.

Allow me to pain a picture.

The RIAA claims:

That’s all well and good, but it sorta ignores several mother-freakin’ vital statistics. Here’s the CORRECT picture.

Welcome to fun with numbers.

I put forth that if it weren’t for online music sharing allowing people to experience a far more diverse selection of music than one would find on the payola laden, Child of Satan Clear Channel-sanctioned Radio Stations, they have actually bought MORE CDs than they normally would have with economic and music conditions being as bad as they were.

But then, what makes sense to me usually doesn’t make sense to anyone else, so maybe I’m crazy.

Ah, but you have no evidence that that ratio would be any different if the game had had copy protection. (Which would have been cracked in days…)

And as an online-only game, Tribes is a worst-case scenario when it comes to attracting the pirate crowd.

It galls me the number of people I meet in day-to-day life who casually talk about downloading games and applications for free, without thinking about the fact that I might not approve given that part of my livelihood depends on the game industry. If my Airborne Express delivery guy and the dude who fixed my deck (both guys who couldn’t even tell me what video card their rigs had) can get games for free off of Kazaa, etc., then who exactly are these casual users that are buying the games thanks to the copy protection?

I do not believe that any company is unaware of the issues with CD protection. It’s just a choice that they make.

One-time on-line activation would be okay as long as it got patched out later, say two/three years after release. With the way game studios get acquired or go under, I’d hate for a game to be unplayable because of a defunct activation system.

Of course, what if you want to install another copy of the game on your laptop for travel? You could argue that the game comes with a single install license, but more likely the average user will opt for the convenience route, and you’re back to square one.

  • Alan

Now demonstrate that every pirated copy would have translated into a sale. To work on the assumption that every warezed copy equals a lost sale is just not reasonable, in my opinion. There’s no way to prove it or if there is, no one has done so to my knowledge. :)

As far as a one-time authentication goes (ala WinXP) I’m really surprised you bring it up. The outcry against Activation has been nothing short of HUGE. So not only are you recommending a solution that you would probably complain about if we implemented it, you’re recommending a solution that would require a whole additional room full of people answering phones and doing tech support - not gonna happen any time soon.

Do you really care if people complain as long as they buy? I don’t say that to be cynical, just trying to reflect reality. Given enough time, everyone will complain about everything. They complain about SecuROM now but you’re not about to drop it, so I don’t see how this is a point of contention. Do you think activation would impact sales negatively? Has it done so for Windows XP? The impression I get is no, but I have no hard data to back that up. Other companies are moving toward activation schemes with their software, though (Symantec, Intuit, etc.), just not game companies. Not yet, anyway.

A whole additional room of people for tech support? This is just baseless speculation. You already have a tech support staff. Is there some reason they could not field problems concerning activation vs. dealing with problems over SecuROM now? Do you have evidence that activation schemes require a lot more support?

And as an example, Tribes 2 has an authentication server right now. It authenticates every time someone plays online. Can you explain why this sort of thing is feasible but a one-time activation for a game isn’t? I really don’t understand.

Yes, this means inconveniencing some of our paying customers. It sucks, but there are realities that many of you are ignoring.

Not being able to use the software I pay for is not what I would call an inconvenience. It may be an inconvenience to you, the publisher. To me, it’s $60 down the drain unless I get a crack or can return the game.

Actually, my impression is that it does negatively impact sales. I know an awful lot of people who have elected to use a no-activation version of XP, and there are keygens that will allow you to get all the updates.

I’m going to reevaluate my opinion on activation. Upon reflection, it would definitely cause me to not purchase a game I would otherwise be interested in. It’s bad enough that games nag me to register, and I still have a bad taste in my mouth after the whole “Blizzard collecting user data” fiasco. I sort of begrudgingly put up with the one-time XP activation, but having to register all my games too would be virtually intolerable.

  • Alan

That kind of gets back to the piracy vs. purchase argument, though. How do you know people would otherwise not be using XP if they couldn’t get a keygen or a non-activated copy? I suppose it’s easy enough for people on both sides of the argument to counter each other with anecdotal evidence but no one really knows for sure. The little evidence I have in favor of people – grudgingly, perhaps – accepting activation is that other companies are starting to adopt the scheme now. I don’t know that they would do that if there was evidence that it would hurt sales more than help.

BTW, I don’t want to look like I’m some big pro-activation fanatic, it’s just the most reasonable system I can think of to replace the SecuROM/on-CD protection we have now. The only others that spring to mind are ones that have been tried in the past with mixed success – protection that requires the manual, dongles and so forth. My preference is still no protection and trying to cultivate a culture where people are willing to buy rather than rip because they think they are getting a fair deal. I know, I should wish for a pony and world peace, too.

The XP activation model doesnt’ requrie you to register to activate the product.

Registering is optional and requires giving information about yourself Activation is mandatory and doesn’t require you to give any information about yourself.