Softw Areservices - September2012
Softw Areservices - September2012
Softw Areservices - September2012
+1
647
[email protected]
Ioana Bica
+40 356 089 978
[email protected]
Bobby Chiu
+65 3158 3793
[email protected]
Important: Please read
disclaimer on last page
As
2012 informatio
Sector Analysts:n
communic
Matthew Barg
317
3645ation
technology
(ICT)
becomes
increasingl
y
pervasive,
software
and
services
companies
are
assuming
a
more
prominent
role in the
day-to-day
activities
of
consumers
,
businesses
privacy,
and
the
The sector can play an important role in helping
use
of
customers address environmental impact and
Internet to
resource constraint challenges, especially climate
restrict
change and energy management. As well, the sector
human
plays an important role in addressing the digital
rights
divide
and
facilitating
the
quality
of
life
represent
improvements that digitization and connectivity can
major
deliver. Growing public concerns regarding data
areas
of
Copyright 2012 Sustainalytics - All rights
reserved
Trends
are
Industry able to disti guish themselves from their peers and generate considerable brand value
and seize related bu iness opportunities.
2012,
which
NASSCOM
stated
would
account
for
direct
employment
of
about
2.8
Productmillin,andindirectlyandServicefor8.9millionInnovationpeople.
The demand for immediate, clear, and uninterrupted information delivered securely is pushing innovation
in the sector. Major sector trends include mobility; large, complex, and rapidly growing data sets (Big
Data); cloud computing; and virtualization of data centres. Forrester estimated that the global cloud
computing market will grow to approximately USD 240 billion by 2020, from USD 40.7 billion in 2010.
Software-as-a-service (SaaS) (i.e. software applications delivered over the Internet that preclude the
installation and management of onsite IT equipment and staff) represent the largest and fastest growing
share of that market due to its simpler implementation and lower licensing and IT-related costs.
Furthermore, ICT users increasingly seek to be mobile, accessing information whenever needed,
regardless of location. The ITU estimates that at the end of 2011, there were more than six billion mobile
subscriptions worldwide, which Ericsson predicts is accounted for by 4.2 billion subscribers. GSMA Mobile
for Development estimates this includes 500 million individuals who do not have access to electricity.
Growth of mobile subscriptions was coming primarily from developing countries, accounting for 80 per
cent of new subscriptions in 2011. Product innovation is also driven by the need to address environmental
problems, such as climate change and water scarcity. The Climate Group and the Global e-Sustainability
Initiative (GeSI) predicted that ICT applications have the potential to reduce global greenhouse gas (GHG)
emissions by 15 per cent by 2020 through products and services seeking to optimize productivity and
efficiency.
The technology industrys drive to innovate has increasingly led to vertical integration and mergers and
acquisitions, as companies seek to increase their competitive advantage by delivering both products and
services. Few, if any, of the largest companies in the software and services or the technology hardware
groups are pure players. For example, in early 2012, Google acquired major hardware company Motorola
Mobility, thus adding a subsidiary that can produce the mobile devices on which its existing mobile
operating system can run. Similarly, software company Autonomy was absorbed by HP in 2011. Finally,
IBM, historically
Labourahrdwarecompany,Forceis
company.
In order to capitalize on new innovations and new markets, companies must be able to attract and retain
skilled workers. The U.S. Bureau of Labour Statistics (BLS) estimated that employment in all computer
occupations was expected to increase by 22 per cent between 2012 and 2020, while demand for software
developers was expected to increase between 28 per cent to 32 per cent and demand for database
administrators by 31 per
cent. The OECD reported that between 3 per cent to 4 per cent of total employment in OECD countries
can be included in the field of ICT specialists and demand for data analytics, Internet and mobile software
applications, and data security services was expected to keep the employment outlook for technology
engineers and managers strong well into the future.
However, skilled labour is at a premium and employee attraction and retention represents an ongoing
challenge for the sector. In March 2012, the Conference Board estimated that tech sector job postings
outnumbered qualified job seekers three-to-one. The United Kingdom, continental Europe, India, and
China have reported similar statistics. In 2012, the OECD reported that the total number of graduates in
computer sciences in OECD countries declined since 2006. Universities are responding, but increasingly
immigrants are being hired to satisfy the skills shortage in developed markets. Some companies are also
outsourcing their labour to emerging markets: in 2011, the Philippines surpassed India as having the
largest call centre cluster in the world, much of it delivering services to the English-speaking world. Yet,
competition for talent in EMs will also intensify as
these markets continue their progressive digitization and demand for related technicians
RegulatoryandengineersincreasesEnvironment.
The regulatory trends affecting the software and services sector are related to consumer data privacy and
security, and intellectual property (IP) rights, issues that, due to rapid technological change, legal
oversight is struggling to keep up with. There has been an ongoing global debate concerning these issues
and recently, the U.S. and European Union have taken some steps to introduce regulatory changes. In
January 2012, the European Commission proposed reforms to its existing Data Protection Directive, which
seek to protect individual rights related to access, collection, and use of private data. The reforms focused
on addressing risks inherent in the use of changing ICT, including cloud computing, social networking, ecommerce, and mobile technology able to identify ones location. The proposal would also harmonize
existing data protection laws across the EU.
Another trend driving regulatory action in the sector is the need to protect the human rights of Internet
users. In response to censorship and freedom of speech violations by repressive regimes, governments in
democratic countries are seeking to restrict the sale of certain software to those regimes. In the U.S., the
Global Online Freedom Act was proposed in Congress in 2011. It focuses on human rights and free
expression via export restrictions, but still has to face a vote in the House and the Senate. Meanwhile,
sanctions against repressive regimes have been implemented, such as those the U.S. enacted against
Syria and Iran in April 2012, that specifically focused on information technology. In response to the
repressive surveillance activities witnessed during the Arab Spring, the EU declared a No Disconnect
Strategy in December 2011. This commitment recognized the importance of Internet communications in
supporting and advancing global human rights. Though it did not constitute a strict regulation, the
strategy aimed to stimulate EU companies to develop relevant self-regulation and management systems
to limit sales of ICT equipment to totalitarian regimes.
Governments worldwide are focused on protecting and enforcing intellectual protection rights. The AntiCounterfeiting Trade Agreement (ACTA), which is a multi-lateral treaty
focused on establishing an IP enforcement framework, has been signed by the United States, the
European Union and 22 member states and is awaiting ratification. The Trans-Pacific Partnership (TPP) is a
free trade agreement under negotiation that has similar IP oversight intentions as ACTA, among other
foci. However, some of the country-level legislation addressing piracy and other illegal activities on the
internet has raised public concern that the laws could also enable censorship and restrict human rights
and freedom of speech. For example, in the U.S. the Stop Online Piracy Act (SOPA) and the Protect
Intellectual Property Act (PIPA), two bills intended to limit the accessibility of websites and other non-legal
sites, have been slowed in 2012. In Russia, a 2012 regulation was passed (Bill 89417-6) allowing the
government to restrict access to
on
Key
ESG
bsitesthat
itviewed
aspromoting
illegalactivity.
drug trafficking, there were also concerns that it could be
Business Ethics
Best Practices:
Code of business conduct and training programs addressing fraud, corruption and anticompetitive behaviour
Disclosures of anti-competitive fines and penalties and any remediation measures
Antitrust and patent infringement controversies are relatively common in the sector, due to its reliance on
product innovation and the consolidation of large portions of the market in the hands of a few players. In
November 2010, the European Commission announced a wide-ranging antitrust investigation into
Googles potential abuse of its dominant position in online search and search advertising. This
investigation started after smaller software companies complained that Google had downgraded their
sites in its search results. Googles search engine has a 90 per cent market share in many European
markets, compared with less than 70 per cent in the United States, where it is also under investigation for
its dominant position. Patent infringement lawsuits are also common among companies in the sector and
there is a concern that these lawsuits can be used in an anti-competitive fashion to restrict peers,
especially where the patents are adopted as industry standards. The EUs approval in 2012 of Googles
acquisition of Motorola Mobility explicitly stated that the companys activities regarding intellectual
property would be under scrutiny for possible anti-competitive practices.
Fraud controversies are relatively common in the sector, particularly when governments act as
customers. In October 2011, Oracle agreed to pay USD 199.5 million, to settle charges that it defrauded
the U.S. government on a software contract that involved more than USD 1 billion in sales. In March 2012,
SAIC admitted its guilt after being exposed as playing a fraudulent role in overcharging New York City for
a payroll timeCopyright 2012 Sustainalytics - All rights
reserved
practice by
Labourmintaining
compli
Relationsncetraining
Best Practices:
Establish employee training and development programs in line
with
professional interest and needed skills
Engage with employees via satisfaction surveys and establish
annual targets on
related KPIs
Adopt a formal program, with quantitative targets and deadlines,
to increase
employee diversity
As a knowledge-based industry, the software and services sector requires
skilled labour
Programs to
Increase
Workforce
Diversit
y
3%
7%
18%
51%
Strong programs
20%
capacity. Recruitment and development of talent is a significant cost to a company and workers tend to
be relatively mobile. Adobe, Google, and Intuit among other tech companies face a lawsuit alleging that
the companies agreed not to compete with each other for highly-skilled workers. This would present an
antitrust violation in that the companies actions hindered the employees ability to improve their
compensation along with potentially damaging a companys reputation as an employer of choice.
Similar claims were resolved in 2010 between these companies and the U.S. Department
11%
38%
cepted privacy
principles establishing
protection and
management of
information
Data security
management
systems aligned with
information security
standards and
certification, such as
ISO 27001
B
e
s
t
P
r
a
c
t
i
c
e
s
:
Quality
management
and
assurance
processes aligned with
international standards,
such as ISO 9001, and
supported by responsive
technical and customer
service
Co
m
pa
ny
Due to the extraordinary prevalence of
ICT and the constant generation of data
wi
by all users, unreliable and low-quality
de
products and services in this sector can
pr
have significant
iv
ac
economic repercussions for clients an
y
po
these tools is often only appreciated when the
lic
stem from a variety of h
y
ba
However, the particular nature of so
se
d
introduced during developme
on
in
of program requirements, which le
te
terms of quality manageme
rn
at
under the testing parameters. Ne
io
na
serves as a way to
lly
measure and improve
ac
software reliability.
related not satisfy minimum criteria
r major quality
A
concern facing this
manag
n
sector relates to
No
evidence
of
policy
ement
o
attacks from
system
t
cybercriminals,
s Policy
h
through hacking or
does
e
malicious
22%
29%
programs designedData.
phishing
scams,
where very
sector
as
connectivity
to attack systemsThe
credible-looking emails are import
increases.
The
World
or steal data. Forleak
sent to people soliciting other ant.
Economic Forum highlights
example, in Aprilraised
sensitive information, such as
data privacy as a major risk
Data
2011, emailconcer bank
account
details.
to assets and reputations
privacy
addresses ofns that Fundamentally,
anything
requiring
heightened
protecti
millions ofthe e- connected
through
the
responsibility
throughout
on is a
customers of majormails
Internet can be hacked; as
society and corporations.
key
American banks,could
such, increased dependence
Services are being added to
area of
hotels,be
on connectivity for daily
the
network
allowing
exposu
and stores leaked because used
activities
makes
the
remote
manipulation
of
re
for
of a security breach from for so- protection
of
connectivity
systems
this
Epsilon, a unit of Alliance called
against security breaches
Copyright 2012
Sustai nalytics - All rights
reserved
ranging from home security to electrical grids. Software companies are positioned at the nexus of
information collected from a wide range of users, which, if not managed properly, can result in privacy
violations. For example in July 2012, a lawsuit was filed against Yahoo! and Google accusing them of
violating Californias Invasion of Privacy Act by scanning e-mails in order to determine which ads to serve
to recipients.
A strong privacy management system should include a formal policy statement and a security oversight
committee responsible for implementation, monitoring compliance, and enforcement of the policies and
practices. Companies looking to standardize these activities can adopt international standards such as the
ISO 27001 information security management standard. For example, Teradata has a strong company-wide
policy based on privacy principles focused on ensuring protection of user data. Implementation of the
policy is overseen by a chief ethics privacy officer. All employees are required to follow training on
protecting private information, and employees who may have access to
protected
data
receive
additional
training.
Along
with
maintaining
ISO
27001
certification,
Best Practices:
Investing a significant portion of R&D into development of solutions that help customers
reduce their environmental impact
Implementing programs to lower greenhouse gas
emissions and energy consumption related to delivering sustainable solutions
Software companies are well positioned to deliver solutions that require less infrastructure and time and
that can facilitate optimization throughout organizations, all of which can reduce a customers
environmental footprint. For example, software companies can help customers reduce their GHG
emissions by improving energy efficiency in power transmission and distribution, in buildings and
factories (important power consumers), and in goods transportation. Such business drivers create
tremendous opportunities for tech companies. Leading companies are also developing solutions, such as
smart grid technologies, data centre management, and strategic consulting to capitalize on consumer
demand. Yet, only 41 per cent of software and services companies tracked by Sustainalytics provide
sustainability-related products and services that are of particular benefit to the environment or the
society with a clear sustainability dimension, such as those developed specifically to facilitate customer
efficiency and optimization. CA Technologies offers its ecoSoftware product to help customers collect,
monitor and manage environmental data, including GHG emissions, and related strategy and target
setting. CSC reports that its Green Supply Chain Service helps customers to reduce their supply chain
carbon footprint and other impacts by identifying optimization and efficiency opportunities.
However, the sectors contribution to mitigating global warming is offset to a limited degree by its own
GHG emissions. The use of ICT contributes approximately 2 per cent of annual global GHG emissions and
up to 1.5 per cent of global electricity is consumed by data centres, an amount that more than doubled
between 2005 and 2010. Data
centres use a significant amount of energy; 10 to 20 times more energy than a typical commercial
building according to the Electric Power Research Institute. According to the Climate Group and GeSI, ICT
sector GHG emissions are expected to triple between 2008 and 2020. However, leading data centre
players in the sector that host and manage growing amounts of data for both consumers and business
customers, such as VMWare
or
Google,
are
driving
best
practices
in
creating
energy-efficient,
low-carbon
data
Nevertheless, the sector can also have a positive effect on democratic rights and quality of life. In 2011,
the UN declared that internet access be considered a human right. This
10
declaration made clear that ICT is positioned to facilitate development and to narrow the digital divide
the gap in access to or use of information between those who have access to ICT and those who do not,
such as people in low income and rural areas. SAP works with the organization PlaNet Finance to provide
technology to farmers in Ghana and help them create sustainable businesses. Furthermore, companies in
this group can significantly improve the quality of life for people with disabilities through products that
allow them to communicate better, perform certain tasks and become
for
Investors
reemployable
.Oacle
hasestablishedanAccessibility Program Office and works with the National Federation of the
Blind to develop better software solutions for blind
Reputation
ncyOperationalEfficie
Innovation
ConsumerDemand
RegulatoryEnvironm
ent
Access toNaturalResources
Access toLabour
ESG Issue
CORE
SD R I V E R
people and to increase tech ology-r lated empl yment opportunities for the blind.
Business Ethics
Labour Relations
Moderate
Link
Negligibl
e
Link
Regulatory Environment
Antitrust regulators are increasingly paying attention to whether business practices in the IT sector
show signs of market manipulation. After previously being sanctioned by the European Union in
2008 for monopolistic practices related to its Internet Explorer (IE) browser, resulting in more than
USD 1 billion in fines, in 2012, Microsoft was found to have violated the EUs requirements leaving it
open to further fines constituting up to 10 per cent of its total annual revenues.
As regulatory oversight of privacy and data security increases globally, software and services
companies will be expected to be responsive and compliant. At minimum, failure to anticipate and
adapt to these regulatory trends can result in fines, sanctions, and additional monitoring
requirements by government agencies. At worst, companies could find themselves excluded from
competing for government contracts or from accessing markets entirely.
11
In order to gain access to certain markets, companies in the sector may be expected to provide
governments with access to user data which may be used to suppress free speech or to oppress
political opponents. The potential for human rights violations via ICT has prompted democratic
governments to introduce legislation that would permit regulatory sanctions against companies
found complicit in these violations in addition to recourse available under existing export
restrictions.
Potential ramifications include loss of privilege to bid on requests for proposals
Innovationrfines.
Data protection and system security is a key requirement on both personal and corporate levels.
There is a constant threat of data exposure by cybercriminals or computer malware. Software and
services companies have recognized that investing in innovation promoting information security can
have a significant impact on their selection as a preferred vendor. Further, some companies have
identified security as their main business offering and are driven to deliver relevant innovative
solutions.
Innovation and delivery of products and services that facilitate sustainability interests have become
an important market opportunity for software and services companies. Investing in research and
development for new technologies to address sustainability challenges can provide a competitive
advantage for software and services companies as
their customers increasingly implement programs which address their environmental
Operationalimpcts. Efficiency
Fines and sanctions resulting from anti-competitive or corrupt practices can negatively impact a
companys resources and capital available for research and development, employee recruitment, or
flexibility to pursue market opportunities. In July 2012, Visa, Mastercard, and issuers of their credit
cards agreed to a USD 7.25 billion settlement with U.S. retailers concerning alleged fixing of credit
card fees. However, prior to court approval, a retail trade association filed a lawsuit opposing the
settlement. As such, company resources will continue to be tied to litigation in addition to an already
substantial pending settlement.
As software and services companies transmit, store, and manage growing amounts of user data,
they are also highly exposed to risks related to security breaches. In addition to financial impacts
related to regulatory violations, consumers are using class action lawsuits to pursue damages from
companies when their personal data is exposed.
There are significant opportunities for companies with products that help customers improve their
environmental performance and manage resource constraints. Software and services companies that
have systematically incorporated environmental considerations into product innovation will be well
positioned to capitalize on these opportunities.
CasedisplaypoorStudiestransparency
and as such
12
13
signed in 2010 that subjects it to independent privacy audits every two years, bans it from
misrepresenting the privacy of its customers data, and requires user consent before sharing user
information with third parties. Further, in 2010, Google paid USD 8.5 million to settle a civil class action
lawsuit in relation to privacy concerns with its defunct Buzz service, which also led to a 2011 settlement
with the FTC requiring the company to introduce a comprehensive program to protect the privacy of
consumers information. The company implemented changes to its privacy policy in March 2012.
However, the changes, while expressly intended to simplify user privacy management and personalize
user experience, were criticized as facilitating a more comprehensive view of users thereby further
exposing users to targeted advertising and other perceived privacy violations. In the past few years,
Google Street View has prompted multiple investigations by national authorities due to privacy and data
security violations. In May 2010, Google revealed that the fleet of cars used to photograph streets around
the world for the Street View project had been accidently collecting the personal information of
consumers operating on wireless networks since 2006.
Along with various fines and monitoring requirements, these issues also put Googles reputation at risk.
The companys business model is built on its search capability, but a significant share of its revenue is
based on providing targeted ads to its users. An increasing amount of litigation and public outcry against
Google and other service providers has occurred as citizens become increasingly aware of how their
online activities are captured, stored, and sold. Critics have accused Google of placing advertisers
interests over users rights. However, recent news reports of Google hiring data privacy experts may hint
at its commitment to improve its practices. Due to rapid innovation, privacy laws and regulations have
not kept up with technology changes, which puts a larger share of responsibility on consumer-brand
companies like Google to assert stronger and more transparent privacy policies that will ask users to optin for tracking usage.
IBM CORP. STRATEGIC DECISION TO OFFER SUSTAINABLE PRODUCTS AND SERVICES
Products and services that provide solutions to sustainability challenges represent a growth area for
companies in this sector. To a notable extent, IBM has made solutions addressing issues such as energy
and water consumption and infrastructure development a key offering. Launched in 2009, IBMs Smarter
Planet initiative aims to provide solutions that can connect global systems, making the planet smarter
by reducing traffic congestion, producing healthier food, offering cleaner water, and creating safer cities,
for example. In 2011, revenues for IBMs Smarter Planet solutions increased by 50 per cent and the
company stated in its annual report that it will aggressively invest in sector solutions under this
umbrella. IBM has identified its Smarter Cities solutions as being a strong value generator. Part of its
promotion of these solutions includes USD 50 million in competitive grants through which the company
places teams of IBM experts with municipal governments to address specific issues. The Smarter Planet
initiative integrates with the companys other major offerings in emerging markets, its analytics and its
cloud computing services.
IBM has also responded to increased demand for efficient data centres and the correlated need for
systemic energy management to maintain these resources. Without stating a specific target, IBM makes
continuous energy efficiency improvements a baseline
14
requirement of its new server generations. In 2011, IBM reported that its new System x servers were 97
per cent more efficient in terms of electricity consumption per million theoretical operations per second
(watts/MTOPS) when measured against available comparison models.
Stakeholder engagement further positions the company to be responsive to sustainability needs. The
company is a member of the Green Sigma Coalition, which was founded as a cross-sectorial group
focused on sharing best practice in establishing efficiencies and addressing sustainability challenges. In
January 2012, IBM announced its partnership with the World Environment Centre to create the
Innovations in Environmental Sustainability Council (IESC). The initiative aims to integrate innovative
business processes and technology into sustainable solutions for materials, energy, water, infrastructure
and logistics. IBMs 2011 research and development budget was USD 6.3 billion, an amount that netted
the company more patents than had ever previously been granted to a public company. Almost threequarters of these were for software and services products. IBMs IP portfolio also generates more than
USD 1 billion in annual revenue for the company. By coupling this research capacity with a strategic
orientation to address the resource constraint problems of its customers and integrated product and
solution offerings, IBM has successfully capitalized on customer needs in managing complex
sustainability-related issues.
15
from Internet sites to customers wishing to engineer their digital profile. Numerous brokers providing
these services can be found via Baidus search engine, typically charging CNY 2,000 to CNY 2,800 to
remove negative posts depending on the content, location and severity. Currently in China, there are no
comprehensive general privacy laws specifically protecting consumers or governing business behaviour
on the web. The lack of clear and comprehensive laws and regulations that might deter brokers and
others also contributes to the growth in this shadow industry.
Baidu, Chinas leading search engine, has been implicated in these practices through the actions of its
employees. In August 2012, four of Baidus employees were accused of taking bribes to remove posts
and three of four employees were detained for non-national government employee bribery charges.
One Baidu employee admitted to receiving CNY 67,400 (USD 10,000), approximately 20 times the
monthly salary of a college graduate. Baidu reported this incident to the authorities and stated that it
would actively monitor and report illegal behaviour. It established a professional ethics committee in
2009 followed by a department to investigate ethical violations. The company is also a member of the
Internet Society of China, which is an industry association supported by other leading Chinese web sites
committed to ethical conduct and self-regulation.
Baidu faces challenges in developing and maintaining a reputation as a trustworthy and reliable source of
information. Without a foundation of trust in its brand, the company could face the migration of users to
other service providers. There is also a risk that the company could miss out on partnerships. For
instance, Baidu is the largest Chinese search engine and recently established an agreement with Apple to
be included as the search provider on iPhones sold in China. By establishing leading business practice
standards, the company can position itself as a reliable service. This could include engagement with the
government and newly elected political leaders as the major stakeholder in Internet delivery in China.
16