Many businesses that use software published by Autodesk are familiar with the company’s vigorous copyright enforcement program. Autodesk is one of the most active software publishers when it comes to threatening litigation over allegedly unlicensed use of its well-known computer-aided design products, such as AutoCAD, and it regularly targets businesses of all sizes demanding costly and distracting audits and settlements, often based solely on the word of unidentified informants.

In addition to such matters targeted at its past and potential customers, however, Autodesk’s enforcement program also includes efforts to eradicate what it believes to be unauthorized sale of its software. The Washington state federal lawsuit of Vernor v. Autodesk Inc. falls into this category. Here, the plaintiff, Timothy Vernor, had for some time attempted to sell used AutoCAD packages on eBay. However, when he did so, Autodesk sent notices to eBay pursuant to the Digital Millennium Copyright Act that such activity violated Autodesk’s copyrights, and in order to avoid contributory copyright liability, eBay removed the listings. After several such exchanges, eBay eventually terminated Vernor’s account. In response, Vernor filed suit against Autodesk, seeking a declaratory judgment that his sale of used software did not constitute copyright infringement.

In its first substantive opinion in the matter, the Federal Court for the Western District of Washington denied a motion to dismiss in which Autodesk had argued that the software Vernor attempted to sell on eBay had been licensed exclusively to a Seattle architecture firm, that the firm had no authority to transfer the software to any other party, and that Vernor’s activity therefore constituted a violation of its copyrights in the software. The court disagreed, holding that the first sale doctrine under U.S. copyright law protected Vernor from liability. Despite Autodesk’s characterization of the earlier transaction as the transfer of a license, the court ruled that the architectural firm merely had purchased a copy of the product, and first sale doctrine allows the lawful owner of a copy of a work to sell or give it away.

On September 30, 2009, the court essentially repeated this holding in ruling on cross-motions for summary judgment filed by each of the parties. Again relying primarily on the 9^th Circuit’s opinion in United States v. Wise (1977), the court characterized the earlier sale to the architectural firm as just a sale with a restriction as to use. After Wise, the 9^th Circuit held in other cases involving software disputes that software licensees did not “own” their copies. However, the Vernor trial court nevertheless looked to Wise as the controlling precedent, because it was the earliest case to consider the issue and because the 9^th Circuit did not expressly address it in the cases that followed.

A decision by Autodesk not to appeal these rulings by the Vernor court would be surprising, considering what is at stake. The implications of the court’s holding, if allowed to stand, would cast a shadow across the license-enforcement initiatives of not only Autodesk, but also other software publishers and their trade groups, such as the Business Software Alliance and the Software & Information Industry Association. It will be very interesting to see what happens next in this matter.

Tags:

The BSA and SIIA are not the only organizations pursuing business for software copyright infringement.  Though it is a member of both the BSA and SIIA, Autodesk, which manufactures the popular design software AutoCAD, often pursues audit targets on its own. 

The audits begin much like those instituted by the BSA or SIIA.  The target of Autodesk’s audit will receive a letter from a law firm representing Autodesk demanding the business’ cooperation in disclosing the number Autodesk installations on its network and the number of Autodesk licenses it owns, including serial numbers.  The law firm will assert it has received information that indicates the business may have more installations of Autodesk software than it is licensed to use.  The letter will go on to describe the various penalties associated with copyright infringement and it may threaten the business with civil litigation.

Targets who receive such letters should treat the matter very seriously.  It is important to know your legal rights and protect your legal position before responding to a request for information from a software publisher who is trying to conduct an audit.  Additionally, many companies who prepare their own responses to Autodesk without the benefit of counsel and before conducting a thorough investigation often receive an unexpectedly high settlement offer from Autodesk. 

In many cases, Autodesk demands a settlement payment calculated as the MSRP of the allegedly unauthorized products installed on the business’ network multiplied by three.  The multiplier, Autodesk argues, is the penalty for using unauthorized software and is assessed in lieu of proceeding with formal judicial resolution.  The use of multipliers as an approximation of damages is a hotly contested issue.

When responding to Autodesk audit requests, companies should work with experienced counsel to thoroughly investigate the software usage on their computers, protect themselves by requesting agreement from Autodesk regarding the use of the materials that will be produced in the audit, and negotiate a resolution geared toward ensuring future compliance. 

Tags:

A variety of resolution frameworks are available to businesses involved in a software license dispute. An audit is the most common such framework and entails an analysis of the organization’s network for software installations compared against its licenses. The types of audits initiated by software publishers and trade associations include self audits, independent audits, software asset management (“SAM”) engagements, and publisher-staffed audits.

Self Audits
Self audits are the least disruptive of all software audits. They are a mechanism often employed by trade associations acting on behalf of software publishers. The trade associations, and in some instances, the publisher itself, requests that the target company conduct a self audit and report the results of the audit to the trade association or publisher. Companies that agree to conduct a self audit must inventory the applicable software on the computers within the scope of the audit and report the number of installations, the number of licenses, and the number of license deficiencies.

When evaluating whether you should cooperate or litigate after a request for a self audit, you should consider the benefits of a self audit compared to the other types of audits. For instance, in publisher and third-party audits, you usually have a contractual obligation to participate in the audit and provide information to the auditors. When conducting a self audit, you have some control over the timing of the audit and the allocation of resources. That flexibility is not always present in other types of audits.

Additionally, outside auditors are not always required to be impartial and may submit incomplete or inaccurate audit results. For these reasons, regardless of the type of audit requested by the software publisher, companies faced with an audit should request the opportunity to provide a self audit rather than an independent audit, a publisher-staffed audit, or (usually) a SAM engagement.

Independent Audits
An independent software audit involves the use of a third-party auditor to gather the facts
relevant to the dispute. This audit method may be the most costly and time consuming option for the audit target.

Many software licenses incorporate audit provisions allowing the software publisher to request an independent audit. Such provisions must be carefully analyzed to determine the potential business impact of the audit and liability that may result from the audit.

In an independent audit, the organization has no input into the selection of the auditor, how long the audit will last, or the scope of the materials the auditors may review. The target company must also bear the costs of the audit if the auditor finds a licensing discrepancy of more than 5%. If the auditors conclude there is a discrepancy, the publisher has the contractual authority to unilaterally determine the license price for the software necessary to become compliant. Independent audits have significant business impacts and should be avoided if possible. Nonetheless, independent audits are preferred over SAM engagements and publisher-staffed audits because the auditor is usually ethically obligated to remain independent.

SAM Engagements
SAM engagements are also conducted by third-party auditors or consultants, but there is no obligation that the auditor in a SAM engagement be independent. The software publisher requests that the target allow a third party to audit its software installations and report the results directly to the publisher. In these engagements, the publisher pays the auditor, and the target is required to purchase licenses to cover any deficiencies in its software licenses. Microsoft’s SAM engagement has been extensively used in lieu of traditional software audits with mixed reviews from the end user’s perspective.

Participation in a properly managed SAM engagement may be in the client’s best interest
because such engagements typically provide some flexibility and a lower total cost of resolution than self audits and independent audits. In many instances, the publisher seeks no compensation for alleged past infringements in exchange for an agreement to come into compliance on a go-forward basis.

Publisher-Staffed Audits
Publisher-staffed audits are the most intrusive and least impartial of all software audits. In these audits, the publisher’s employees collect information relevant to the dispute. In many instances, publishers request a company’s confidential information or access to a company’s network to conduct the audit. Although a publisher may arguably have a contractual right to request that it be allowed to examine its customers’ computer network, it is never advisable to agree to a publisher-staffed audit without examining all of the alternatives first.

Tags:

Software Piracy penalties are sums collected by software publishers and their trade groups such as the BSA and SIIA in connection with software piracy audit activity.

The software piracy enforcement groups have developed a standard formula for assessing fines in software piracy audits. It is important to note that these groups such as BSA and SIIA are not governmental entities and have no independent authority to levy an enforceable software piracy penalty or fine. Software piracy penalties are therefore merely offered in settlement to avoid litigation and, like all pre-litigation settlement offers, are negotiable with the help of experienced counsel.

Dated Proof of Purchase Required to Avoid Software Piracy Penalty
Software piracy groups’ methodology for calculating fines starts by treating as unlicensed all software products for which there is a lack of adequate documentation, including dated proofs of purchase. All proofs of purchase must be dated prior to the software piracy audit initial letter to be considered valid evidence. Because companies may not always have access to the requisite dated proofs of purchase, software piracy penalties are often based, in part, on software titles that companies legally own and properly acquired.

Unbundling Software Suites in Software Piracy Penalties
Software piracy groups also unbundle the products in software suites such as Microsoft Office. So instead of proposing a fine based upon one copy of Microsoft Office, the BSA or SIIA proposes a fine for Microsoft Outlook, Microsoft Word, Microsoft Excel, and Microsoft PowerPoint. The result is a proposed software piracy penalty of $1,126 for a product that retails for $339.

The Arbitrary 3x Software Piracy Multiplier
After disallowing credit for valid software without dated proofs of purchase and unbundling all software suites, the software piracy groups then apply an arbitrary multiple of three times the full retail price for each software title. Accordingly, one allegedly unlicensed copy of Microsoft Office will carry a proposed software piracy penalty of $ 2,252.

Software Piracy Attorney’s Fees
To add insult to injury, the software piracy penalties will include a line item for $3,500 to pay the attorney’s fees for the auditing agency. While this is not usually a large number as a percentage, it should be taken into account when considering potential software piracy penalties. To calculate your potential software piracy penalty exposure, use our Business Software Alliance Fine Calculator.

Tags:

Software piracy audits conducted by the BSA and the SIIA threaten small and medium sized businesses. As the economy tightens, software publishers such as Microsoft, Adobe, and Autodesk hide behind software piracy enforcement groups to pursue customers accused of installing more software on corporate computers than they have purchased licenses for. If your company has been accused of software piracy, here’s what you should do:

• Hire an Attorney – BSA and SIIA have experienced software piracy attorneys working for them, you should too.
• Preserve Evidence – do not uninstall or change computer configurations until an accurate inventory of in-scope computers has been gathered.
• Avoid Knee-Jerk Purchases – a natural but counterproductive response to a software piracy audit is to run out and purchase software. I advise my clients to avoid making purchases until a complete inventory and case assessment has been completed.
• Maintain Confidentiality – client prepared audit materials and related documentation may be discoverable in a lawsuit. We conduct attorney-supervised audit reports protected by attorney-client and attorney work-product privileges.
• Condition Audit Disclosure – software piracy audit materials should only be disclosed after an appropriate agreement regarding confidentiality and non-use of the information has been signed by the software piracy enforcement agency.
• Estimate Software Piracy Fines – always review the draft audit materials with your attorney before they are produced to make sure everyone is clear on the potential financial exposure involved. Our software piracy fine calculators are available at: BSA Fine Calculator and SIIA Fine Calculator
• Argue Software Piracy Legal Issues – there are many legal issues involved in software piracy audits including what constitutes infringement, who has the burden of proof, how damages should be calculated, what constitutes proof of ownership and many others. We vigorously argue these legal points in an effort to reduce software piracy settlement demands.
• Negotiate Non-Monetary Terms – software piracy audit settlement agreements are incredibly one-sided and unfair to the targets. I advise my clients to carefully consider important issues like future audit obligations, confidentiality of the settlement terms, the nature and scope of the release being offered.
• Focus on Your Business – the only way to be successful in a software piracy audit is to continue to stay focused on running your business and taking care of your clients.

If you have been accused of software piracy please call Scott & Scott, LLP for a free consultation.

Tags:

Targeted by the BSA? Almost all of my clients wonder how the Business Software Alliance got their name. Have you heard the BSA’s radio campaign offering rewards of up $1,000,000 dollars to disgruntled employees? The BSA entices disgruntled employees to rat on their employers in exchange for the promise of reward money. If you have been contacted by the BSA, a former or current disgruntled employee likely heard the Business Software Alliance’s Blow the Whistle campaign on the radio.

Click the link below to listen to the Business Software Alliance’s Radio Campaign as reported by ABC News:
Business Software Alliance Report

Tags:

When I heard a Microsoft executive recently explain its new approach to software license compliance enforcement, I couldn’t believe my ears. Statements like, “Microsoft does not endorse audits,” and “Microsoft believes that most of its customers want to be in compliance, they just need help with tool deployment and reconciliation,” sounded to good to be true. In reality and not surprisingly, the program was not playing out as presented.

The Harsh Reality

Very quickly after Microsoft’s Software Audit practice was disbanded and its SAM Engagement program implemented, clients began calling with questions and concerns about Microsoft’s proposal and approach. For example, while Microsoft officially touts its SAM Engagement service as being completely voluntary, clients are given the impression to the contrary by veiled threats that the “matter will be escalated to legal” if they begin asking too many questions.

Microsoft Official Position

Microsoft’s official position on its SAM initiatives is extremely positive. Microsoft has certified a group of partners to assist companies with Microsoft license reconciliation and to assist customers with implementing software asset management best practices within their organizations. In theory, Microsoft has it right. Helping share the burden of the “compliance tax” imposed by its products is smart business. And because most companies are honest, Microsoft will yield the revenue from audit activity that currently is consumed by the BSA and the SIIA when they conduct more adversarial audits on Microsoft’s behalf.
Why Is Microsoft Paying Its Partners?
Interestingly, Microsoft even pays its certified partner to deploy an automated discovery tool, conduct the license reconciliation and share the information with Microsoft and the customer. Unfortunately, in practice the SAM engagement is just an audit by another name. Unless properly managed these audits can be expensive and disruptive to your business.

How You Get Targeted?

Evidently, Microsoft is reviewing previous and current purchase activity to develop a profile of its customers most likely to have a compliance gap. Thereafter, Microsoft and its partners approach the target to propose assisting them with dealing with any compliance problems they have. Microsoft appears to be focusing it efforts on mid-market enterprises with 500 to 2000 computers.

The Partner’s Conflict of Interest Problem

Unfortunately for businesses, the SAM partner is operating under a conflict of interest, and will naturally want Microsoft to yield more revenue from the end customer than for which it has been paid by Microsoft. Further, the SAM partner is obligated to turn over the results of its findings to Microsoft, creating an additional conflict of interest. Regardless of how it is presented, Microsoft is paying its partners to audit customers so they can extract incremental revenue related to licensing gaps that are present with virtual certainty in the average company.

Get an NDA With the Partner

Before agreeing to proceed with the SAM engagement, I advise clients to require the SAM partner to enter into a Non-Disclosure and Confidentiality Agreement precluding the company from sharing any of the information it discovers during engagement with any third party, including Microsoft. If the partner is to act as the target company’s consultant, they should be expected to sign an industry standard NDA.
Get an NDA and Settlement Discussions Only Agreement from Microsoft
After you present the partner with an appropriate NDA, the Partner will disclose that its contract with Microsoft requires it to share the information it gathers during the engagement and the next question that will certainly arise is, ‘how will Microsoft be informed regarding your purchase needs?’ The answer is you will agree to share the information directly with Microsoft provided that Microsoft signs an NDA with appropriate language that protects the information shared during potential settlement negotiations. By requiring these two agreements, you place the engagement on a footing consistent with the way Microsoft is marketing the program. Unless both parties agree to these agreements, I advise clients to decline the SAM engagement.

Cooperate Without Placing Your Company in Jeopardy

A properly managed SAM engagement can be extremely valuable and can reduce the drain on internal resources that may be less experienced than the SAM partners at conducting project-based license compliance reviews. The key is to restructure the relationships between your business, Microsoft and its SAM Partner to avoid the conflicts of interest, preserve confidentiality, and insure that you are able to negotiate with Microsoft from a position of strength.

Negotiate From A Position of Strength

In addition to protecting your business with the appropriate contracts going into the engagement, it is important that you engage an attorney with expertise on Microsoft licensing to review the Partner’s work-product before it shared with Microsoft and to protect your legal interests. Microsoft licensing is subject to interpretation and is frequently ambiguous regarding how the rules pertain to a particular situation. For this reason, it is critical that the Partners’ license reconciliation, which will be the starting point for negotiations, is thoroughly reviewed and analyzed by experienced counsel. Only by understanding the issues pertaining to all alleged deficiencies will you be able to negotiate from a position of strength.

Tags:

The Business Software Alliance is aggressively targeting businesses accusing them of software piracy. Businesses around the world are facing off with the BSA as the media continues to raise questions about its questionable enforcement tactics such as offering up to one million dollars in reward money. This ABC News report contains the Business Software Alliances’ Blow the Whistle campaign as well as interviews with BSA officials and me. If you have been targeted in an investigation by the Business Software Alliance, you should seek the advice of an experienced attorney.

Click the link below to listen to the Full Report on Business Software Alliance by ABC News:

 Business Software Alliance Report

Tags:

Tags:

Software auditors almost always try to find ways to maximize the number of allegedly infringing software “copies” at issue in an audit engagement. It is typical for the Business Software Alliance (BSA), the Software & Information Industry Association (SIIA), and other software publishers to demand that their small-to-medium-sized business targets disclose all installations of relevant software products on all of the computers owned by the target, which number the auditors then use in determining how much money they are going to demand in settlement to keep the matter from going to court. This is perhaps unsurprising behavior by the auditors, because it clearly gives them more leverage during settlement negotiations. However, according to more than one federal court, it may not be a correct interpretation of federal law.

In FM Industries, Inc. v. Citicorp Credit Services, Inc., the United States District Court for the Northern District of Illinois determined the existence and extent of infringement of a software program by a business whose license to use the program had expired. In the case, the business at issue claimed that it its use was non-infringing because it initially installed the software with the consent of the publisher. The court rejected this argument, holding that “a user reproduces a program stored in his computer's hard drive merely by launching that program, thereby causing the computer to copy it to Random Access Memory.” The court also cited to a Ninth Circuit opinion in the case of MAI Systems Corp. v. Peak Computer, Inc., where the court there stated:

The district court's grant of summary judgment on MAI's claims of copyright infringement reflects its conclusion that a “copying” for purposes of copyright law occurs when a computer program is transferred from a permanent storage device to a computer's RAM. This conclusion is consistent with its finding, in granting the preliminary injunction, that: “the loading of copyrighted computer software from a storage medium (hard disk, floppy disk, or read only memory) into the memory of a central processing unit (“CPU”) causes a copy to be made. In the absence of ownership of the copyright or express permission by license, such acts constitute copyright infringement.” We find that this conclusion is supported by the record and by the law.

These opinions are at odds with the standard tactics employed by the BSA, the SIIA, Autodesk, and other software auditors. For example, when presented with information that a design firm has repurposed a CAD workstation to a reception desk or, in a perhaps more stark example, decommissioned the machine to a storage closet, the BSA would argue that any design or CAD software remaining on the machine’s hard drive remains relevant for audit purposes, and they would use any such installations as factors in calculating a settlement demand. However, according to the FM Industries and MAI Systems opinions, this methodology is flawed. A correct damages model would not count as “copying” the mere presence of copyrighted software on a hard drive. The relevant inquiry is whether that software is being used by loading it into a computer’s RAM.

When faced with a software audit demand from the BSA, the SIIA, or any other software publisher or industry representative, before disclosing any information regarding the software in use in your business’ computer network, it is important to consult with counsel to determine what is and what may not be within the scope of the audit.
 

Tags: