A nonprofit trade group formed by more than a dozen major software makers--including Microsoft, Adobe Systems and Autodesk--the BSA is charged with enforcing licensing and copyright protections. Personal contact with the software group usually comes in the form of a "software audit," in which the BSA, often acting on a tip from an angry current or former employee, combs through a company's PC stock, matching installed programs with licenses. Companies that come up short can be forced to pay big fines and buy tons of new licenses.
But BSA executives say the group's role isn't to be the tough guy. Instead, they're around to protect the interests of software makers, through a combination of enforcement action, education and governmental lobbying.
Educational efforts include advertising campaigns designed to make IT managers sweat and periodic surveys on the state of international software piracy. The latest survey, which pegged international losses due to software piracyat more than $29 billion a year, has drawn criticism from pundits and trade groups such as the Consumer Electronics Association, for allegedly inflating loss estimates by counting every stolen program as a lost sale.
Many of the same critics have already clashed with the BSA over its lobbying on behalf of the several legislative measures, including the Inducing Infringement of Copyrights Act , which would effectively outlaw file-sharing networks.
Given the BSA's complex and sometimes confrontational role, Bob Kruger, vice president of enforcement for the organization, doesn't necessarily expect to be every IT guy's best buddy. But he maintains the BSA does valuable and necessary work to keep the software industry healthy.
"We've always viewed education and understanding as the key to promoting compliance with copyright requirements," Kruger said in an interview with CNET News.com. "Even our enforcement program is geared to raising awareness. We don't enforce for the sake of enforcement. We pursue these actions mainly to illustrate the consequences of failure to respect copyright requirements."
Q: What's Microsoft role in the BSA--some IT folks refer to you as "the Microsoft police?"
A: That's an unfortunate perception. We have 13 global members now and every one of them, from my perspective and the perspective of the BSA staff, is equally important. Only one member from a tech company sits on the BSA board; only one member from each company sits on the BSA committee. Every decision we make is made by all members.
Microsoft may be a bigger company than many of the other BSA members, but they all have this piracy problem in common. All the work we do is geared toward benefiting not just these companies but the software industry as a whole. Within the BSA, there are companies like Autodesk and Adobe that make very popular products, and those products get pirated and impact those companies every bit as much as Microsoft's products do.
Yet I've heard allegations from some IT buyers of Microsoft salespeople using the threat of a BSA audit to get customers to upgrade.
The notion that we're doing enforcement for anything other than to promote compliance is just false.
You've come under some criticism for the allegedly inflated figures in your latest piracy survey. What's your response?
Once again, people are trying to create something that's not there. We've been doing this study for at least 10 years, and the only thing that's different about the study this year is that it's more comprehensive. In the past, we've omitted certain categories, such as consumer software like reference and entertainment. Operating systems have never been included in the past. And we haven't looked as closely as we did this year at global software--products created and bought to market outside the United States.
This year's study is really just a continuation and extension of what we've done in the past, with a bigger base. The conclusions are pretty consistent. The piracy rate we announced this year doesn't vary significantly from the piracy rate we've announced in the past. Naturally, because you're looking at a bigger market, you come up with a higher figure for lost revenue.
But some folks have a problem with the apparent assumption that every pirated copy of a program is a lost sale.
I think the methodology behind the study is very sound. I haven't seen where anyone's pointed out anything about the methodology they disagree with. Many people don't like the number for one reason or another.
The notion that not every pirated copy represents a lost sale seems to be a correct one; I don't think anyone in our industry has ever argued it does. But I'd say when you look at piracy generally, it's far more likely that a pirated copy of business productivity package represents a lost sale than it would with other types of digital works. It stands to reason that a company that makes more copies of a program on company PCs than they have licenses to support them would purchase most if not all of those programs if they weren't copying them illegally.
There's a fairly close to one-to-one correspondence between workplace copying and lost sales, as opposed to say downloading music files from the Internet. You have to understand that the majority of the problem for this industry is concentrated in the workplace. And most companies that are copying business software are using it to run their businesses. To say that's not lost revenue--I don't know.
Is that one of the biggest education challenges, to get people to think of piracy beyond some guy in Hanoi selling Windows XP for $5?
I think it's a relative question. What we often find when we go to a business that's copying software and we tell them they're engaging in piracy, often they take offense. They respond that they're not selling software, they're not counterfeiting the software, they're just copying it.
From the perspective of the software company having its product used without recompense, there's not a lot of difference. It's like if somebody steals my car, I don't really care if they drive it and enjoy it or if they abandon it by the side of the road--either way, I'm out a car.
Let me share with you some of the criticism I've heard about the way the BSA conducts audits, starting with the idea that it's hardly ever a private thing. The BSA wants to publicize the outcome, and there's a degree of embarrassment for the company involved.
As I said earlier, even our enforcement program is aimed at raising awareness. Unless we make known that we exist and we are doing these enforcement actions, it's hard to imagine how we could perform that awareness-raising function.
It's far more likely that a pirated copy of business productivity package represents a lost sale than it would with other types of digital works.
There's also a perception of audits used as harassment--you've made a point of letting it be known that disgruntled ex-employees are a good source of leads.
We receive thousands of leads a year, and we take action on less than half of them. We take very seriously our responsibility to our companies to only proceed on the basis of reliable information. We don't do our companies any good by taking action against businesses that are in compliance with their software licensing requirements. We would very much reject any attempt by disgruntled ex-employees to get BSA to carry out their vendetta.
There have also been complaints that the BSA doesn't really distinguish between sloppy record-keeping and actively setting out to illegally copy software--if you can't produce a license, you're guilty.
We recognize there are situations where the problem is one of record-keeping, and we work with the company on that basis. But you don't want to have a situation where the company is deliberately copying the software and then saying, 'Well, we have the licenses, but the dog ate them.' We take great care in pursuing these investigations to give the company the full opportunity to explain what happened. We take everything they provide to us into account. Anyone who's really familiar with how we approach these matters knows we make a serious effort to be firm but fair.
Let's say I'm an IT manager at a small business, and I've got 27 projects vying for my attention. Why should auditing and keeping track of software licenses be a priority?
Unfortunately, there are a lot of issues out there, to the point where software-licensing compliance often drops off the corporate checklist. It's important for us to break through some of that noise with examples of what it might cost a company if they don't manage their licenses.
I think the answer lies in the fact that there are serious legal consequences. And there are a number of practical reasons for companies to make sure their software is properly managed. If you don't have a compliance program in place, you increase the risk of installing virus-ridden software or software that doesn't work as intended, and you lose a lot of benefits as far as technical support.
So is your advice to just make tracking licenses part of somebody's job?
Absolutely. Most of the companies we end up contacting are not bad companies. They do most things right; they're honest companies. They just need to treat this issue more seriously. It's almost always the case that the reason the company has this kind of problem is not bad record-keeping or a deliberate attempt to cut corners--it's just inattention to the issue.
Some would say it's also because software licenses are so darn complicated nobody can keep track of what they're supposed to be doing.
I'm a lawyer, and I'm sympathetic to people who say some of these licenses are difficult to understand. But there's often no ambiguity in that one paragraph that sets out your right to install and use that software on a limited number of computers. In those cases where companies take a single copy of a software program and install it on all their computers, it's not because of confusion over the terms of the license agreement.
See more CNET content tagged:
enforcement,
Autodesk Inc.,
piracy,
audit,
compliance
1. The act of extorting; the act or practice of wresting
anything from a person by force, by threats, or by any
undue exercise of power; undue exaction; overcharge.[/i]
Some of the tactics used by Microsoft and the Business Software Association (BSA) in the name of the fight against software piracy directly hurt the consumer, Microsoft's competitors and even society in general.
Microsoft has been found guilty of breaching the US antitrust laws by US Court of Appeal, abusing its dominant position in the marketplace to the detriment of its competitors and the consumer.
The Business Software Assocation (BSA), quoting from its webpage, claims to ...
http://www.bsa.org/intnatl/about.phtml
[i] We are the voice of the world?s software, hardware and Internet sectors before governments and with consumers in the international marketplace. BSA members represent the fastest growing industries in the world.
BSA educates computer users on software copyrights and cyber security; advocates public policy that fosters innovation and expands trade opportunities; and fights software piracy.[/i]
The BSA includes a few large software and computer companies in its offical memberships.
http://global.bsa.org/intnatl/membercompanies.phtml
Both the BSA and Microsoft are also actively running a worldwide campaign to fight software piracy. It is some of the tactics used in this campaign and the relationship between Microsoft and the BSA management which is being used by Microsoft to reinforce its monopoly. This is hurting the rest of the computer industry including some of the same companies in the BSA membership.
Other tactics, including the targeting ex-employees for informants and the offering of bounties to informants is directly harmful to the employer-employee relationship and society in general.
You or your employer may have received an email or letter from Microsoft or the BSA, or you may have heard the BSA's radio adverts. It's also likely that either of the above may have raised a little concern, even from the most lawful of people. The BSA can even get a court order, sometimes based on the accusation of an individual and with the help of federal marshals enter your home or place of work to gather evidence. The BSA can collects fees of up to $150,000 for every unregistered software program installed on an organizations computers. What if some unlicensed software is installed on the owners computer without their knowledge?
It is not that Microsoft or any other company should not have the right to protect its copyrighted products from "piracy". However the tactics used must also not be abused by Microsoft or the BSA to the detriment of the consumer or society.
There will be those arguing in the BSA's and Microsoft's favor who will try to paint this solely as a pure black and white issue - guilty or not guilty of software piracy and theft. BUT, by the same reasoning Microsoft's own executives should have also face imprisonment for breaching the Sherman Antitrust Act.
http://www.usdoj.gov/atr/foia/divisionmanual/ch2.htm
At the "discretion of the court", the issue of intent on the part of Microsoft's management was taken into consideration . Microsoft was granted the right to negotate its way out of a criminal antitrust case. In the same way the BSA, Microsoft and the courts should take the issue of intent into consideration when dealing with some particular cases of software "piracy".
Tracking licenses is difficult and even if it does its best, any organization cannot be guaranteed to be 100% correct all the time. Computers are moved, repaired, upgraded, replaced and even cannibalized into other computers. It is not made any easier with one of the requirements of the BSA audits being that, along with valid licenses, you must present purchase documentation to prove ownership. Presenting enough valid licenses to cover all of the copies installed on the computers in the organization used should be sufficient. Although maintaining purchase documentation is necessary for tax purposes, matching documentation to each computer is difficult and time consuming. Should the BSA have the same powers, if not greater, than the IRS?
The larger and more diverse the organization, the more difficult, time consuming and expensive it can be to perform a full audit of the software running on all computers. So when presented with the options of :-
a) Undergoing an audit from the BSA, which might turn up anything installed without the managements knowledge; OR
b) Signing up to the purchase of all new versions of software and a special license.
For the larger organization, the latter option is often the only choice, even when the new license, software and required computer hardware upgrades is far more expensive than the existing setup.
Many organization have already received emails and letters from Microsoft offering the exact same choice. The problem for Microsoft's customers and competitors is that the contracts often either replaces competing software vendors products or locks in the customer to Microsoft's software preventing competition.
This Mojo article shows an example of replacement of Novell's servers, a company who is also a member BSA. The article also explains why many software vendors and customers remain silent on the issue.
http://www.motherjones.com/mother_jones/JF98/burstein.html
This Linuxworld article explains how the new contracts can lockout other vendors.
http://www.linuxworld.com/story/32825.htm
[i] There is an insidious aspect to a citywide, multi-year plan. It locks users into Microsoft products only. While the Enterprise Agreement doesn't specifically prohibit the use of other products, effectively it does. It's logical to assume that if you're paying for MS Exchange for three years why allow a department to consider an alternative. (Microsoft makes hay of this point in a Word-formatted white paper extolling the Enterprise Agreement.)[i]
What Microsoft or the BSA is doing would not necessarily be illegal if Microsoft was not a monopoly, but as the Antitrust division of the US Department Of Justice (DOJ) informs us...
http://www.usdoj.gov/atr/public/guidelines/ipguide.htm#t22
[i] As in other antitrust contexts, however, market power could be illegally acquired or maintained, or, even if lawfully acquired and maintained, would be relevant to the ability of an intellectual property owner to harm competition through unreasonable conduct in connection with such property.[/i]
Microsoft has been found in breach of the Sherman act for using similar pressure on OEMs ( Original Equipment Manufactures ), including Compaq and Dell, to select Microsoft's products over competitors. Microsoft settlement with the USDOJ restricts the pressure that Microsoft can bring to bare on major OEMs.
[b]Just as Microsoft was "levering" OEMs to stop installing competing vendors products, Microsoft is using the threat of a BSA audit to "lever" end customers into choosing Microsoft's products over competing vendors. Why should the end customers be subjected to the same tactics?[/b]
Worldwide, many of the governmental federal, state and local organizations that your tax dollars pay for have already been "levered" into new long term enterprise license schemes.
Any organization that have already felt pressured to sign up to the new license agreements because of such threats should be given the option at anytime during the contract period, for all or individual groups of computers, to either
a) Continue the contract until it's competition; OR
b) Terminating the contract and renegotiate with Microsoft for a new contract without threat of an audit from the BSA; OR
c) Terminate the contract, removing all the software from the computer and receive a refund from Microsoft in direct proportion to the time remaining on the contract; OR
d) Unbundle and remove selected packages from the computer and receive a refund from Microsoft in direct proportion to both the time remaining on the contract AND the retail cost of the individual package.
For organizations facing threats of audit, now or in the future, a way must be provided to ensure that they can come into compliance without being forced into new license agreements.
Even when being audited by the IRS, you are given an opportunity to pay for a shortfall, plus sometimes a percentage penalty. In the same way, if facing a license audit, an alternative arrangement for some cases of "piracy" might be more equitable to both consumer and vendor.
Where the problem is an excess of installations, any organization or individual should have the option to purchase extra licenses, at the same price at which they purchased the original software, WITHOUT having to be forced into renegotiating the arrangement with the software vendor.
Where the problem is software installed and is in active use, that the organization or individual has never purchased any licenses for, then the vendor should expect to be paid the current market price per each unit installed. PLUS if knowledge and intent by the individuals or management can be proved then by all means a reasonable penalty should be charged.
In both above cases the vendor should also be expected to be reimbursed for the use of that software over the time it was installed, but only in close proportion to the average return on investment ( Inflation + 3% ) .
Per package = Original_Price
+ ( Original_Price * Average_Return_on_Investment
/ 12 * Months_installed )
The certainty of the above scheme would greatly improve the public relations between the customers, BSA and software vendors. Organizations and individuals would also be far less reticent over voluntarily going back to the software vendors and purchase extra licenses, to avoid penalties, without the hassle of negotiation or fear of being targeted for future BSA audits.
Those arguing in the BSA's and Microsoft's favor who try to paint this solely as a pure black and white issue, guilty or not guilty of software piracy and theft, should remember Microsoft's own executives facing imprisonment for breaching the Sherman Antitrust Act.
This is not an excuse for "wholesale" software piracy. Any organization or individual who is knowingly distributing illegal copies of proprietary software to individuals or organizations to be installed outside the original organization, without the vendors consent, should be prosecuted to the full extent of the law.
There is another particular tactic used by the BSA which is directly harmful to the employer-employee relationship and society in general -- the targeting ex-employees for informants and the offering of bounties to informants.
http://www.pcworld.com/news/article/0,aid,54324,00.asp
[i] The group is promoting the program in radio advertisements. In them, Bob Kruger, the group's vice president of enforcement, says the BSA is looking for disgruntled employees to identify possible infringements and turn in their employers.
"Most of the calls come from current or former employees," he says in the radio ad, which is airing in each respective city. It can also be heard on the BSA's Web site.[/i]
This is just too open to abuse by disgruntled employees, disgruntled ex-employees and even the disgruntled competition. It is just too easy for an employees or anyone to walk in and install unlicensed software on a few computers and call in an accusation to the BSA. The whole thing creates a climate of fear and is a throwback to the worst excesses of the old soviet regimes.
One simliar scheme, in which Microsoft offered prizes to the employees of OEMs that notified it when corporate customers ordered PCs without its Windows operating systems, was quickly discontinued Microsoft.
http://www.aaxnet.com/news/M010425.html
http://seattlepi.nwsource.com/business/24393_reward24.shtml
[i] But Microsoft spokesman Matt Pilla said the program was "a super-brief pilot program that was admittedly stupid but absolutely didn't share information" with law enforcers. "It was just an opportunity to contact customers to explain the limits of their site licenses."[/i]
If it was so stupid for Microsoft to offer just prizes, how much more stupid is it to offer thousands in reward?
If you or your organization have been aversely effected by the threat or an actual audit by the BSA, please do not remain silent. If you wish to remain anonymous, seek out public forums that allow you to post anonymously and tell your story.
Under the current situation, Microsoft is still able to dictate terms to all but it's most largest customers. If you wish to avoid such threats in your future you should also consider making the shift to other vendors that offer more lenient licensing terms than that of Microsoft."
I do not support piracy - the only way programmers can eat and continue to provide quality software is if we're paying for it. (Don't write to me about those few notable exceptions who will never write quality software - we all know who those are) However, the tactics used in this case were to enter businesses with an armed police escort and threaten the general manager with jail if he did not immediately pay (in US dollars, no less - they didn't accept the local currency) a fine which was generally in the $20-50k range. And not surprisingly, many of those businesses targeted were supporters of the political party not then in power.
To the credit of the BSA member companies (and not the BSA itself), once this was raised to their CEOs this practice quickly stopped. However, I still find it offensive that these tactics were used and that education efforts were not implemented to the degree that they should be.
Be thankful if you're in the US, and make sure your licenses are up to date. And if anyone knocks at your door like this, call an attorney before allowing them in. These are just good business practices.
- The BSA is pushing the penguin
-
by shynes
September 22, 2004 10:21 AM PDT
- The very existence of this organization creates a powerful incentive to move to open source. My small technology company has about 20 seats, with a fair amount of fluctuation and lots of off site. Sure, we copy stuff. Co-ordinating hiring and transitions would be even harder and more time consuming were we to implement strict license control. So everywhere possible we run open source despite the awkwardness this sometimes causes. This is increasingly common in the companies we work with.
-
Reply to this comment
-
(5 Comments)It doesn't help that most of the laptops we have (Dell)will not operate with Linux, so despite our desire to work with open source, the equipment vendors have eliminated this option on a significant portion of our installed base. In these cases I feel that copyright infringement is perfectly justified.
Steve Hynes