This is not an answer, but I register a guess: the number relies on claims about piracy, which is to say illegal downloads of music, movies, videogames, and so on. The problem is that the conventional numbers for this are utter bunk, because the way it gets calculated by default is they take the number of downloads, multiply it by the retail price, and call that the cost.
This would be how they get the cost of cybercrime to significantly exceed the value of the software industry: they can do something like take the whole value of the cybersecurity industry, better-measured losses like from finance and crypto, and then add bunk numbers for piracy losses from the entertainment industry on top of it.
It assumes the alternative is “everyone buys at retail price” rather than “they just don’t buy, the pirates go without, and the sellers make no more money.”
I haven’t looked at the math used in this case, but if they’re using retail price that’s actually much less distorted than I’d expect. Historically, the more motivated liars would use statutory damages for each instance. Since statutory damages were set based on assuming intended commercial re-use rather than personal, that overstates the impact by 2-7 OOMs. Even still
Because that method rejects everything about prices. People consume more of something the lower the price is, even more so when it is free: consider the meme about all the games that have never been played in people’s Steam libraries because they buy them in bundles or on sale days. There are ~zero branches of history where they sell as many units at retail as are pirated.
A better-but-still-generous method would be to do a projection of the increased sales in the future under the lower price curve, and then claim all of that as damages, reasoning that all of this excess supply deprived the company of the opportunity to get those sales in the future.
This is not an answer, but I register a guess: the number relies on claims about piracy, which is to say illegal downloads of music, movies, videogames, and so on. The problem is that the conventional numbers for this are utter bunk, because the way it gets calculated by default is they take the number of downloads, multiply it by the retail price, and call that the cost.
This would be how they get the cost of cybercrime to significantly exceed the value of the software industry: they can do something like take the whole value of the cybersecurity industry, better-measured losses like from finance and crypto, and then add bunk numbers for piracy losses from the entertainment industry on top of it.
Why do you think the methodology of calculating piracy damages by taking the number of downloads and multiplying by the retail price utter bunk?
It assumes the alternative is “everyone buys at retail price” rather than “they just don’t buy, the pirates go without, and the sellers make no more money.”
I haven’t looked at the math used in this case, but if they’re using retail price that’s actually much less distorted than I’d expect. Historically, the more motivated liars would use statutory damages for each instance. Since statutory damages were set based on assuming intended commercial re-use rather than personal, that overstates the impact by 2-7 OOMs. Even still
Your last sentence hasn’t been finished.
Sorry, that was a fragment I meant to remove. Please disregard.
Because that method rejects everything about prices. People consume more of something the lower the price is, even more so when it is free: consider the meme about all the games that have never been played in people’s Steam libraries because they buy them in bundles or on sale days. There are ~zero branches of history where they sell as many units at retail as are pirated.
A better-but-still-generous method would be to do a projection of the increased sales in the future under the lower price curve, and then claim all of that as damages, reasoning that all of this excess supply deprived the company of the opportunity to get those sales in the future.