There is a highly divisive and costly practice that software companies have inflicted on their customers for nearly a decade. This practice brings with it significant emotional duress, time investment and financial penalties — all of which divert meaningful resources from revenue-driving activities.
And to add insult to injury, this practice very often rewards with financial gains the very perpetrators of bad behavior.
The practice to which I refer is the ever-common software audit, conducted by trade associations to uncover the business use of unlicensed software. Prominent software trade groups include the BSA The Software Alliance, whose members include Microsoft, Adobe, Oracle, Autodesk and other global heavy-hitters; and the Software & Information Industry Association (SIIA), which has hundreds of members in the software, media and publishing industries.
For the last decade I have provided legal defense for hundreds of clients in software-compliance audits, including the companies cited in this article that are brave enough to speak out. I feel it is no coincidence that an overwhelming majority of the companies targeted by these associations are small businesses, with limited technology and legal resources.
With the proliferation of devices and ease of downloads, not to mention the unnecessary complexity of software-license agreements, you can imagine how simple it can be for companies to have unlicensed software in use by employees, without their knowledge.
Now please let me be clear; I fully appreciate that the use of unlicensed or counterfeit software has a negative impact on the revenue and subsequent earnings of software providers. And I am certainly not defending the deliberate use of software for which companies have not paid.
It is no coincidence that an overwhelming majority of the companies targeted by these associations are small businesses, with limited technology and legal resources.
At the same time, I feel I must also help bring to light many of the aggressive, shakedown practices that these associations use at the expense of hardworking companies, many of which have no idea that unlicensed software is being used and would be happy to purchase it, had they known.
Here are three of the most egregious practices that I have seen software trade associations use consistently, at the expense of businesses across the country.
Practice One: Whistleblower payments
Software trade associations very often pay a portion of the settlement money they receive to those who report infractions. Seems reasonable, right? Not really… First, in our experience, these whistleblowers are almost always former employees of the companies they are accusing and, indeed, the very person in IT who was responsible for ensuring software-license compliance at the recently departed company.
Furthermore, individuals who report non-compliance are granted anonymity, providing any disgruntled employee a platform for taking down their former company with complete impunity.
In fact, currently in practice is a campaign called “No Piracy,” in which the BSA advertises on popular social channels the ability for whistleblowers to receive a cash reward and take a “dream vacation” for reporting unlicensed business software.
In one instance, a Texas automotive repair company, Fuzzy’s Radiator, was accused by the BSA of using unlicensed copies of Microsoft products and a received a letter stating the company could owe millions of dollars for the alleged infringement. The BSA notice came soon after Fuzzy’s Radiator’s in-house IT person left the company.
Trinda Lopez, a human resources executive at the company, stated the initial penalty demand was sufficient to put Fuzzy Radiator out of business if not disputed. Employee salaries were frozen, bonuses were canceled and purchase of new equipment was abandoned for one year. “I think the disgruntled former employee was trying to bring down the company,” said Lopez. The company sought our legal counsel and settled for a small fraction of what the BSA originally sought.
Lucky Roberto, comptroller at John Desch Associates Inc. (JDA), a New Jersey-based engineering consulting firm specializing in accident reconstruction and traffic flow management, was contacted by the BSA in 2010, after three employees left the company — one of whom was responsible for Information Technology.
Soon after, the company received a certified notification from the BSA. “We started to learn the hard way about the BSA,” said Roberto, adding that the letter received was “pretty damn intimidating.” It turns out the person who had installed the software on the computers in question was the one who reported the company. Although JDA settled with the BSA for a mere fraction of what the association sought (financial terms cannot be disclosed because of the settlement agreement), the emotional damage according to Roberto was extremely significant.
Practice Two: Excessive penalties elicit fear
I think it is important to note that of the 250-plus cases we have handled against the BSA and SIIA, only one company had more than 1,000 computers. I believe these associations are intentionally pursuing smaller companies that do not have the resources to understand proper audit response protocols, and use fear as their weapon.
The owner of a U.S.-based software development company with fewer than 100 employees reported a similar experience and came forward on condition of anonymity. “The BSA is really sly, I just don’t trust them at all. I think if I got my name out there, they would target us,” he said, then added, “The way they use local lawyers to go after you is almost unconscionable.” About four years ago, soon after employees left the company, his company received an official notice from a lawyer representing Microsoft. The notice claimed they were pirating software, namely Microsoft Office applications and operating systems.
[I am] confident that the whistleblowers are subject to karmic justice in the end. Lucky Roberto, John Desch Associates Inc.
When informed of the audit, this company ran the audit software provided by BSA, which checked all the software in use for member companies. The BSA issued a demand that included a penalty in excess of $200,000. The company offered to remove the offending software but were told that it did not matter, as they were liable for all software instances recorded in the audit. “They just kept hounding us, retaining four different lawyers in the space of two years,” said the owner of the small software company.
In that case, the BSA audit also led to a visit from Oracle, which requested an audit and a $220,000 penalty for upgraded software. “Luckily we had documented proof that their people had told us we could upgrade our software. Oracle said ‘too bad just pay up,’” said the owner, adding that, “after about six months of haggling, I told them I would see them in court and they backed down.”
Practice Three: Outrageous multiples
In most cases, software-license agreements are long, complex and burdensome. Further, the BSA and many publishers themselves often force customers to pay 3X the software value per license in penalties and then require them to purchase the necessary seats on top of the penalty.
Trinda Lopez of Fuzzy’s Radiator adds that it is unfair that allowances are not made for machines with multiple versions of Office and that the Microsoft Office suite is split into its component parts to increase the penalty amount.
In Short: It Can Happen To You
None of the three companies mentioned here are software pirates. They do not own duplication nor printing equipment to mass produce illegal software and, in all cases, were likely the victims of poor software-auditing practices and opportunistic former employees. All three companies have learned from their experience and are more diligent in tracking software and related licensing.
JDA’s Roberto is trying to move on, but the company is still subject to possible future audits, as are the others mentioned. However, JDA is now prepared for it — administrative rights have been removed on all systems and internal audits take place on a regular basis. “The hardest part to deal with is that these employees left with malice and the BSA offered them the perfect opportunity to take down the company that had trained them. In short, their evil intent was perfectly suited to the BSA,” said Roberto. However, she also adds that she is confident that the whistleblowers are subject to karmic justice in the end.