Tag Archives: BSA

Counterpoint to Guilty Till Proven Innocent

Last month I wrote a piece talking about the Business Software Alliance’s point of view of software piracy, which is guilty till proven innocent.

As with any good story, there is often an opposing view and I came across one on Mondaq, the legal (among many other things) information publisher.

The article, written by Steven Hellend of the law firm of Fredrikson and Bryon, has a different point of view and I think his point is well taken.  Understand, of course, that if you take his strategy you are likely in for a large legal bill, but the situation is messy either way and you need to decide what is the best strategy for your company.

Steven’s point of view is summed up this way, by him:

Imagine that you are accused of shoplifting a pair of Levi’s® jeans by an un-named tipster. The agent for the clothing store demands that you inventory not only your Levi’s® jeans, but every article of clothing in your closet. Next the agent demands that you provide a dated receipt for each article of clothing. No matter how old. And if you can’t find a receipt for a favorite old sweater, the agent is un-interested that your mom will provide an affidavit that she bought it for you as a gift. Absent a dated receipt, all items are deemed shoplifted or stolen. And the agent will demand a settlement payment or threaten to sue you for $150,000 per item.
The inference of shoplifting/theft above is absurd on its face.
The inference of copyright infringement for software under like circumstances is equally absurd.

I think that Steven is not particularly arguing with the guilty until innocent comment, but he thinks that there are many possible defenses, contrary to what the BSA might tell you.  Remember, the BSA is a private organization, not a judge, jury or regulatory body.

So, in short summary, here is his take:

  • The BSA says you have to have dated receipts.  Steven says that you may be able to convince a court that other evidence is sufficient.
  • The BSA says if you cannot provide dated receipts you are de facto guilty.  Steven says there are many factors and in court (assuming you go that far), things may not be so simple and the burden MAY shift to the BSA. Note I said MAY.
  • The BSA says you can be fined up to $150,000 per infringement. Steven says that the BSA forgets to mention that the statute says ordinary or typical damages are between $750 and $30,000 as the court considers just.  The $150,000 is the maximum for certain willful infringement. It also says that the court may reduce the fine to no less than $200.

So, I think what Steven is saying is that you should not cave, consider your options and come up with a plan.  The result may be much less dire than the BSA suggests.

That being said, as part of your cyber risk management plan, you do need to manage software licenses, manage documentation, enforce the rules, punish violators, etc.  Doing this will likely (not guaranteed, but likely) eliminate any chance of willful infringement charges being successful.  In that case, your exposure will certainly be a whole lot less than the BSA suggests.  However, if you just let it slide or wink while employees copy software, the picture will not look anywhere near as pretty.

Here is an article on software audits that Steven has written on his company’s web site.  More information.  In this case, information is definitely good for you.



Guilty Until Proven Innocent – Software Licensing

Lewitt, Hackman, Shapiro, Marshall and Harlan, a law firm based outside Los Angeles, has an interesting take on software licensing.  They don’t say whether they have been representing plaintiffs or defendants in software piracy lawsuits, so I don’t know if there is a bias in their blogging, but it is an interesting point of view.

They talk about the Business Software Alliance or BSA, an industry trade group made up of heavyweights like Microsoft, Adobe and Intel, that offers rewards to current or former employees to turn in their company if they suspect they are using pirated software.  Note they say “suspect” and not “have evidence of”.

The BSA investigates about 15,000 companies a year, starting by asking them to do a self audit and then “negotiating” for damages.  Having been on the wrong end of that deal once, we had to write a check with way too many zeros before the period.  Not fun.

That is old  news.  The BSA has been kicking this dog for a long time and they try to get the occasional large penalty in order to try and cut down piracy, which from their point of view is understandable.

Here is what is interesting.  According to Lewitt, Hackman, under the law, all the BSA or Microsoft or whoever has to do to prove infringement is the following:

  • That it owns the copyright for the software
  • That the (soon to be) defendant used the software

They don’t have to prove that you pirated it or that you are using more copies than you bought.  At this point, you are assumed to be guilty and have to prove your innocence, something that very few companies can do.

Your claim that you are using the software legally is a legal defense.

The law says, according to Lewitt, Hackman, that it is your burden to prove you have a license from the copyright owner.

I doubt there is any company on the planet that has zero disgruntled ex-employees and if reporting you, anonymously, to the BSA is a way to get both revenge and cash, I could see that some people might do that.  The BSA even runs ads in magazines suggesting pretty much this.

How many companies can show an invoice or check copy for every copy of Windows, Office, Photoshop or any other piece of software you have installed on any computer in the office.  By the way, whether you are using the software or not is irrelevant to your defense.  If it is installed and unlicensed, you are guilty.  Been there, have the scars.

So, one part of your business risk management program should be to keep copies of all software receipts, licenses and other records so that if the issue comes up you don’t have to recreate history.

Food for thought.