I'm a newbie, so if I've posted this in the wrong place, my apologies in advance.


Last year I purchased 10 licenses to PGP for my company. The nature of our business requires encryption of electronically transmitted data under federal mandate. We have about 20 business partners also using PGP with which we exchange encryption keys.

Recently I received an email notice that the licenses were expiring along with an invitation to renew.

The price had gone from $65 to $80 -- no big deal, inflation casts shadows into every lighted room. However, a new pricing scheme was presented that seemed to be saying I could purchase a perpetual license. All I had to do was pay $165 per license and it would never expire.

I thought this was pretty neat. There was also something called Upgrade Insurance for an additional $300. I ignored that. If I want a particular upgrade I'll pay for it on an individual basis and PGP doesn't require that everyone have the same version to work.

I called the reseller who was more than willing to take my $1,650 for ten perpetual licenses. Then he told me that I would be "well advised" to purchase the upgrade insurance. When I asked why, he said that "PGP Corporation will force you to pay for the Perpetual License again if you want to upgrade and haven't bought the Upgrade Insurance." Then he told me that the upgrade insurance had to be purchased annually.

So, the deal is, the "Perpetual License" is a misnomer at best, and a scam at the worst. If I pay for a perpetual license at version 8.0, and decide I want to upgrade to 9.0 when it comes out I pay another $1,650 (assuming no inflation). To protect myself from my PERPETUAL license EXPIRING (isn't that an oxymoron?) I have to buy Upgrade Insurance every year.

The cost of the Upgrade Insurance is NOT the issue. The issue is that PGP Corporation apparently does not understand the meaning of the word "perpetual" (or, they fully understand it and are relying on the ignorance of their installed base).

I have to put up with this stuff from M$, now I have to put up with it from a weenie company like PGP Corporation. I considered looking for an alternative, but after canvassing the 20 business partners about the possibility of changing encryption software I realized that PGP Corporation has a captive audience -- they have become a de-facto standard -- at least within my industry.



Thanks for giving me a place to vent!