Are you sure you're not a pirate?

The number of firms being investigated for software piracy during the recession is growing

Let’s assume you’ve worked hard to build up your business. Let’s assume you needed extra employees to service your growing needs and that you trust the people you took on. And let’s assume that you would never consider using pirated or unlicensed software. None of these assumptions is far-fetched and they reflect the reality for thousands of businesses. So why did you end up having to pay substantial damages as a result of being reported by one of your staff to your software licensor, the Business Software Alliance (BSA) or the Federation Against Software Theft (Fast)? This has happened to many businesses, with the numbers being “caught” during the ongoing recession growing ever larger.

The enforcers
First, some background. Both Fast and the BSA are not-for-profit trade associations. Fast’s members include software publishers, resellers, distributors and law firms. Indeed, the Fast Legal Action Group (Flag) is a legal lobby within Fast that lobbies for greater legal protection for the software industry. The BSA’s members include many of the largest names in the IT industry, such as Adobe, Apple, Intel and Microsoft. Both organisations seek to protect their members’ interests through education, and through enforcement action against transgressors. Their enforcement letters are tenacious, can be aggressive and often create much hassle for recipients. More on this below. Fast and the BSA also set the tone for much of the remainder of the industry which is not a member of either – usually smaller software licensors.

Using the BSA as an example, being on the receiving end of one of its enforcement letters is a scenario faced by an increasing number of businesses. Every year, the BSA investigates hundreds of British businesses for using unlicensed software and many are threatened with legal proceedings. In 2009, the BSA received increased software piracy leads, which resulted in investigations. These leads are usually reports from inside businesses. For reasons we will see, there are many incentives that explain why the number of leads – and the number of successful recoveries of damages – has been increasing; but there are also good reasons why the number of successful recoveries may start going down.

New research from Forrester shows that software users faced increased software audits from software licensors in 2009 as licensors sought to collect as much money as possible. After all, there is a recession on and software businesses that are selling less software are looking to compensate for diminished revenue streams. Audits are possible because most software licences provide licensors with a right to check that users are complying with the licence agreements.

Are you a software pirate?
Returning to our scenario, that may be fine for the “illegal” businesses but how does this affect you, the legitimate user of software? You think you are a legitimate business that has nothing to do with software piracy. However, the BSA and Fast may take a different view.

Look at the BSA web site home page. You may unwittingly be what it, the software industry as a whole and the law, call a “software pirate”.

The BSA says:
“Software piracy is the unauthorised copying or distribution of copyrighted software…What a lot of people don’t realise or don’t think about is that when you purchase software, you are actually purchasing a licence to use it, not the actual software. It is that licence that tells you how many times you can install the software, so it’s important to read it. If you make more copies of the software than the licence permits, you are pirating.”

What may have originally started as a lawful right to use software may subsequently have become unlawful as your business has moved on. This often happens when a business experiences rapid growth and omits to update its software licences. If Microsoft’s software licence said you could permit 100 users to use it, that was fine when you had 80 employees. But when you had 101 employees, you breached the software licence.

Or take another common scenario. You may have decided to outsource some of your IT function, even if that has meant keeping your computers inhouse but having non-employed consultants coming onto your premises and using your computers. If you did not seek prior written consent for the use of the software licences by the outsourced service provider, you may well be in breach of the licence. Licences usually prohibit sub-licensing to third parties (which would usually include outsourcing service providers) without the licensor’s prior written consent.

Ensuring proper compliance is not always top of the agenda when a business is trying hard to achieve revenue-growth and cost-cutting targets. But it’s still important. Not only could failure to keep software licences up to date cost in terms of hard cash, but business reputation could be damaged if it is tarred with the label “software pirate”.

The return of “stiffing”
During the last recession, many software licensors were accused of a practice known as “stiffing”. This involved software licensors taking a strict construction of a software licence. For example, a piece of software may have been licensed for use on 20 processors (CPUs) at a time when one “desktop computer” had only one processor within it. However, when dual-core (and now quad-core) CPUs started to become available, people doing the “stiffing” sought further licence fees if more than 10 desktop computers (using dual core CPUs) or five desktop computers (for quad-core CPUs) were being used. This was viewed by licensees, and by the mainstream computer press, as a disreputable practice.

However, the recession is seeing more legitimate “stiffing”. It is now less about a disreputable reading of what a software licence may or may not provide and more about software licensors actively enforcing rights that they clearly have under a software licence.

Rich pickings for snitchers
So the BSA and Fast, acting on the instructions of their members, are actively pursuing a policy of discovering legitimate software which is being used outside the terms of the licence on which that software was originally supplied. The way they identify the businesses on which they turn the investigation spotlight is (if you excuse the pun) quite illuminating.

One primary method that the BSA and Fast use to discover which businesses have neglected to keep their licences up to date is encouraging the staff of the business to snitch on the business. Most companies would like to believe that none of their staff would be so disloyal. But there’s a recession on and it’s amazing what people do for money. And the BSA evidence backs this up.

The BSA’s rewards policy usually pays up to £10,000 for a tip-off that leads to a successful judgment or settlement. Staff are shopping the business they work for as a side earner. The BSA even offered a nice little extra Christmas bonus for the snitching employees, by doubling that reward in the weeks leading up to 31 December 2009. A business will probably never find out that it has been reported, because the BSA promises confidentiality to give employees incentives to come forward.

Meanwhile, Fast had a campaign last year to encourage employees to report employers who illegally use software. It wanted to reassure employees that they would be protected for whistleblowing the illegal activity under the Public Interest Disclosure Act 1998 – although the position is not certain as to whether employees would be protected under that Act, as the Act protects against reporting internal wrongdoing to a regulator and it is not clear whether Fast would count as a regulator.