Program Pirates: Steering Clear of Software Audits
Even accidentally unlicensed computer software leads to costly penalties.
June 30, 2009 at 08:00 PM
6 minute read
—
Imagine you head a small company, with just a few dozen employees and computers. One day you receive a letter from a software industry trade group, such as the Business Software Alliance (BSA) or the Software & Information Industry Association (SIIA), informing you that it knows your company has unlicensed–or illegal–software within the network. They tell you to audit your whole system for improperly licensed software and hand over detailed results.
The allegations turn out to be true, albeit unintentional, and you have to pay the software group anywhere from thousands to millions of dollars.
This is no unusual scenario. The BSA says it initiated almost 15,900 enforcement actions globally in 2008 for unlicensed software, and it claims a fifth of all software in the U.S. is pirated. It's not a pretty picture for companies forced to undergo audits.
“It was a horrible process,” says an executive at one small company that settled with the SIIA for six figures. “I fear these people.”
The executive, who asked for anonymity, says the majority of the improperly licensed programs were accidentally made copies buried within servers and back-up drives.
“[The settlement] just about killed me,” he says. The company settled for an undisclosed amount and spent tens of thousands on legal help.
When a software trade association or an individual software vendor discovers a company has unlicensed software, it can sue for copyright infringement or violation of the licensing contract, says Robert Weiss, a partner at Neal, Gerber & Eisenberg. Copyright infringement can accrue up to $150,000 in statutory damages per program infringed. So if a company has five licensed copies and 10 total copies (a low number in audit cases) of a program such as Photoshop, it could owe up to $750,000.
However, software audit disputes rarely make it to court because infringing companies have little chance of winning. Instead, the parties normally settle. Scott & Scott Managing Partner Robert Scott says negotiations tend to start at three times each individual program's full, unbundled price.
Finding Informants
To uncover infringers, the BSA runs extensive radio and Web advertisements encouraging people to anonymously report their employers or former employers. The group, which lists software vendors such as Adobe, Apple, Cisco, Dell and Microsoft as members, has drawn criticism for depending on disgruntled or laid-off employees to act as informants. Experts often note the plethora of bitter ex-employees in a recession. Scott says most companies never find out who reported them.
Jenny Blank, the BSA's senior director of legal affairs, rejects the criticism, saying her organization gives people the opportunity to do the right thing.
“Sure, the people who call us are frequently disgruntled,” she says. “But you have to distinguish between being disgruntled and telling the truth. The disgruntlement is the motivation to pick up the phone, but it's because they have the tale to tell us.”
The organization advertises rewards of up to $1 million, but it takes a settlement of $15 million to reap that much. More often, informants' rewards lie closer to $12,000.
“It's still pretty good money, if you ask me,” Blank says.
Accidental Piracy
Despite the steep settlements, corporations rarely steal software intentionally.
“It can be very difficult to control how your software is being used within the four corners of the organization,” Weiss says.
A variety of situations, which in-house counsel must work to prevent, can lead to unlicensed programs spreading throughout a company. For example, two businesses merge, and copies from the two formerly separate entities might get crossed among the new unified organization.
“Or one branch of a company buys a program,” Weiss says, giving another scenario. “Somebody in another division knows that the first division has that product and says, 'Can we have a copy?' Somebody within the division who purchased the software gives a copy to somebody in that other division, but it wasn't authorized for use there.”
Less commonly, a company might find a “too good to be true” Web site that sells software for strangely low prices. Such a vendor might claim to be an authorized reseller, but the software is actually pirated. This is a more easily preventable trap.
“It's exercising some due diligence and common sense on the front end–not just going, 'Wow! I can get this at one-tenth of the price everyone else is getting,'” says Kathy Ossian, information technology law leader at Miller Canfield.
Additionally, Scott says IT employees circumvent software access control technologies–in violation of the Digital Millennium Copyright Act–more often than counsel would expect. Sometimes they use cracked codes or multiple registration keys for company programs.
“You'd be shocked at what you find when you're not looking,” he says.
Managing Assets
When push comes to shove, the only way to prove software is properly licensed is with the original receipt. Scott says credit card statements, authenticity certificates and license agreements will not cut it.
To stay compliant, Ossian says legal departments need to keep track of how their companies manage software. Even though it's time-consuming and expensive, in-house attorneys should ask the IT department lots of questions before the software groups ever come knocking.
“Can anybody install software or does it have to be done by the information services department? [Ask] those kinds of questions, almost like a self-audit,” Ossian says. “If the answers are, 'I don't know,' or, 'Sort of,' then you probably have an issue.”
If someone does report your company, the legal team should be the company's liaison with the software people from the moment you receive that audit letter. Weiss warns not to let IT personnel respond directly to the vendors.
“Often they try to be helpful, and they go too far,” he adds. “They'll disclose things beyond what the software vendor is asking you to reveal.”
Finally, from the BSA's perspective, Blank recommends avoiding knee-jerk reactions to the audit letter. Running out and buying a whole bunch of new software, she points out, won't eliminate the problem.
“Or, God forbid–don't delete all your software, because that would be spoliation of evidence,” she says.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllFinancial Watchdog Alleges Walmart Forced Army of Gig-Worker Drivers to Receive Pay Through High-Fee Accounts
GC Pleads Guilty to Embezzling $7.4 Million From 3 Banks
In Lawsuit, Ex-Google Employee Says Company’s Layoffs Targeted Parents and Others on Leave
6 minute readGC With Deep GM Experience Takes Legal Reins of Power Management Giant
2 minute readTrending Stories
- 1Decision of the Day: Administrative Court Finds Prevailing Wage Law Applies to Workers Who Cleaned NYC Subways During Pandemic
- 2Trailblazing Broward Judge Retires; Legacy Includes Bush v. Gore
- 3Federal Judge Named in Lawsuit Over Underage Drinking Party at His California Home
- 4'Almost an Arms Race': California Law Firms Scooped Up Lateral Talent by the Handful in 2024
- 5Pittsburgh Judge Rules Loan Company's Online Arbitration Agreement Unenforceable
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250