Software Infringement Litigation Updates - Ansys files copyright infringement suit in Pennsylvania Federal Court
In this age of the global pandemic, as a software license compliance attorney, I see many publishers becoming really aggressive in software enforcement efforts. Think about it, when businesses are downsizing or worried about finances and what the future holds, they may not be investing in new growth, hiring, and new technology, such as software. Even software companies have "bottom lines" and they need to report to their shareholders. This may be one reason I am seeking more companies use what I refer to as "phone home" software which alerts a software company if you have unlicensed software installed. This can lead to compliance and legal problems (not only for the company, but also officers and directors who may be sought to be held "personally liable for software piracy despite the existence of the corporate veil."
This blog will show you one example of what can happen if you receive a audit letter from Ansys or one of their law firms, and refuse to come to the table with good faith settlement (remediation) efforts.
We have handled hundreds of software audits including handling federal court litigation. If you receive a letter accusing your company of infringement contact us to discuss at (877) 276-5084. We offer a free initial consultation.
Sample allegations in the Complaint
Case citation: Civil Action Number 2:20-cv-1694 - Ansys v. Actox
Here are some of the allegations (of interest to me) as a software piracy defense lawyer in the Ansys v. Actox case:
- Plaintiff is a global leader in engineering simulation software. With its portfolio of engineering simulation software, Plaintiff helps its customers solve complex design challenges and engineer products. Plaintiff provides services in a wide range of industries, including the Aerospace and Defense, Automotive, Construction, Consumer Goods and Energy industries. 20. Two of Plaintiff s flagship products are the ANSYS HFSS and the Electronics Desktop modular suite of software programs (hereinafter the "ANSYS Software"). The ANSYS Software is protected by the asserted copyrights
- ANSYS HFSS is a 3D electromagnetic simulation software for designing and simulating high-frequency electronic products such as antennas, antenna arrays, RF or microwave components, high-speed interconnects, filters, connectors, IC packages and printed circuit boards. Engineers worldwide use ANSYS HFSS to design high-frequency, high-speed electronics found in communications systems, radar systems, advanced driver assistance systems, satellites, internet-of-things (IoT) products, and other high-speed RF and digital devices
- ANSYS Electronics Desktop is a comprehensive platform that enables electrical engineers to design and simulate various electrical, electronic and electromagnetic components, devices and systems. It is a unified interface which creates and analyzes electromagnetic, thermal and circuit designs. Engineers can access gold-standard tools such as ANSYS HFSS, ANSYS Maxwell, ANSYS Q3D Extractor and ANSYS Icepak using electrical CAD and mechanical CAD workflows
- Plaintiff licenses ANSYS Software to its customers. Customers may purchase single user licenses or multi-user licenses. In either case, the number of simultaneous users or end-users may not exceed the number of licenses purchased. Plaintiff prevents unauthorized access of its software through the use of a Security Mechanism. Plaintiff s license agreement states that customers are not allowed to use the software without the Security Mechanism, and that the software can detect the installation or use of illegal copies ofthe software and collect and transmit data about those illegal copies.
- Piracy of software occurs when users access software for which they have not purchased a valid license. The ease of digital replication of software lends itself to illegal copying of software, where users may make multiple copies of a software program, and then distribute the copies to users who have not made a legal purchase of the software (i.e., either distributing the software for free, or selling the copies of the software at deeply discounted prices). The licensing associated with ANSYS Software limits how many licensed versions of ANSYS Software can be used at once, but Plaintiff allows those licensed organizations to install ANSYS Software on an unlimited number of computers.
- In an effort to reduce the use of illegally copied software, software providers implement license verification technology where the software will not function unless a license has been legally purchased. The license verification technology may be a software mechanism or a physical mechanism to be attached to a single computer. The license verification technology may be in the form of a key (i.e., a series of numbers and letters) that a user types in during the software installation process, or a hardware device, where the software will only operate correctly when the hardware device is attached to the computer executing the software. The license verification technology is provided by the software provider to the buyer when the software is purchased legally. Users who have not made a legitimate purchase of the software will not have access to the key or hardware device provided by the software provider, and therefore the software will not function properly. Plaintiff provides license verification technology as a component of the above-mentioned Security Mechanism.
- Software hackers reverse engineer the security mechanism and then provide processes and utilities to bypass the license enforcement in order to allow unauthorized use of the software. These processes and utilities mimic the license verification technology (i.e., keys, hardware devices, etc.) as a means to allow pirated software to function fully as legally purchased software. Software utilities that mimic the license verification technology are often referred to as "crackee licenses." Software hackers may also create hacked versions of the software such that a license is not needed during installation. NOTE: See my video on use of illegal Autodesk crack codes.
- Sophisticated websites exist where illegally obtained software, the software utilities that mimic the license verification technology, and hacked versions of the software may be downloaded and installed by those who do not want to pay for properly licensed software. Each hacked version of the software represents a lost sale and/or license for the company that owns the software, and for resellers of the software (who may provide hardware installation and support, and software configuration, customization, and maintenance). A study by the Business Software Alliance reported that properly licensed software has a positive impact on national economic activity that is more than three times the impact of pirated software
- Software that has been hacked or modified to use a cracked license may also contain malware that can damage computer systems, and/or infiltrate the computer network and the data on that network. In a report commissioned by the Business Software Alliance, the higher the pirated software rate in a country, the more malware generally encountered on computers in that country. Software that has been hacked may also not operate properly, negatively impacting the reputation of the software company that now has no oversight or control over the quality of the hacked versions of its software in use, and/or the products produced by that software.
- Piracy Detection and Reporting Security Software (PDRSS) exists to identify instances of pirated software in use and provides the identity and location of organizations utilizing the pirated software to the software providers. Identification of pirated software allows the software providers to take legal action against intentional software piracy, notify unwitting organizations of the illegal use of the software (and the potential malware problems that can accompany pirated software), and sell valid software licenses in the place of the previously illegally obtained software programs to recoup lost sales. Plaintiff identifies instances of pirated software in use through PDRSS which, along with the license verification technology, is a component of the Security Mechanism.
- PDRSS providers also identify the means by which software hackers have thwarted the license verification technology (i.e., the aforementioned cracked license) for a particular software program. For example, PDRSS providers may accomplish this by downloading pirated software from the above-mentioned websites and determining how the software hackers were able to bypass the license verification technology. Once the software hackers methods are identified, the PDRSS providers then work with software providers, such as Plaintiff to map out a plan for determining when pirated software is in use. This includes identifying when the pirated software is using a cracked license.
- The plan may include a variety of forms for identifying software piracy. The plan may also include defining software use patterns that are indicative of software piracy. PDRSS providers work with software providers to determine various patterns that are indicative of pirated software use, and thresholds at which the PDRSS software should begin to gather and report data on the computer using the pirated software. For example, it is common for a potential customer to test out a software program for a short period of time before deciding to purchase the software package legally. However, an organization that continues to use illegally downloaded software for an extended period (i.e., beyond a reasonable test period as defined by the software provider) has breached the threshold of a trial period. Another threshold might be the detection of a cracked license which is an indication of an anomaly within the software, or other suspicious patterns of use of the software.
- Software providers, such as Plaintiff, embed the PDRSS (according to the plan tailored specifically for that software provider) within their software, validate that the patterns and thresholds will trigger on pirated software (and will not trigger on validly purchased software), and then release the software. The software that contains the embedded PDRSS also provides a clear notice within the Software License Agreement (SLA") of the existence of the PDRSS within the software. Once new versions of software are released, both legally purchased software and the eventually pirated software will contain the embedded PDRSS that triggers data reporting when suspicious patterns and thresholds are detected.
- Cracked versions of ANSYS Software downloaded from a pirate website still contain a Clickwrap version of the SLA that the user of the pirated software must agree to before gaining access to the software program.
- The serial number of the license is a unique identifier and helps in identifying unauthorized versions of the software. Multiple versions of software using the same serial number are indicative of unauthorized versions of software using a cracked license. In some cases, illegal license generators create license files having serial numbers that are inconsistent with the serial numbers generated by the software providers, which is also indicative of a cracked license
- The IP address is a unique address used to identify computers on the global network of the internet. An IP address is the numerical sequence by which a computer on the public internet can identify another computer on the public internet. IP addresses are in the form xxx.xxx.xxx.xxx where each xxx must be a number between 0 — 255
- The identifying name of a computer is typically a name an organization gives to each computer in the organization for easy identification within the organization. For example, identifying computer names Computer_Lab_1 and Computer_Lab_2 are easy to remember, and help employees within the organization easily reference particular computers, rather than, for example, referring to computers by a serial number associated with the computer hardware
- A Media Access Control (MAC") address is a unique hardware identifier assigned to network interfaces. Every device that makes a physical connection to the network, whether it is an Ethernet card or port or wireless connection has a unique and specific address. Thus, a computer with both an Ethernet connection and a wireless connection has two unique MAC addresses. A MAC address is a series of numbers and letters. When a network device is manufactured, it is assigned a MAC address at the factory. The first six digits of a MAC address represent the device manufacturer, which can be looked up on the Internet.
- Reporting data from the embedded PDRSS includes a variety of information to identify the software that has been pirated and the organizations utilizing the pirated software, such as the version of the software being used, the license serial number, the Internet Protocol (Ip") address of the organization where the pirated software is running, the identifying name of the computer, and a MAC address. Through the Security Mechanism, Plaintiff collects the aforementioned identifying information to determine when pirated and unlicensed versions of its software are being utilized.
- Software providers may track their own reporting data or may use third party providers to track the reporting data. Once pirated copies of software are identified, software providers can notify the organizations using the software, and request that they purchase validly licensed copies of the software instead of using the pirated software. Through the use of PDRSS, Plaintiff has identified Defendants as using unlicensed and pirated ANSYS Software.
- Plaintiff has detected at least two hundred seventy-eight (278) instances of unauthorized access of the ANSYS Software by Defendants through the use of PDRSS. The PDRSS reported three (3) computers located at Actox running an unauthorized version of the ANSYS Software between February 23, 2015 through March 26, 2020.
- On June 30, 2020, McInnes & McLane, LLP (M&M") sent a letter to Mr. Hatset via email and priority mail through the United States Post Office on behalf of Plaintiff. 50. The June 30, 2020 letter provided information related to the infringing use of the ANSYS Software, and a request that Actox contact M&M to discuss a resolution to the matter. The letter provided that if the parties could not come to a resolution, ANSYS would be forced to seek one through the Court
Actox denied any liability and it appears the case has been dismissed.
NOTE: The CEO of the company was also sued personally (as we have stated many times in other blogs, officers and directors can be named in copyright infringement lawsuits, and often are).
ALSO NOTE: Although Actox is a California company, the lawsuit was not filed there (which normally a Plaintiff counsel lawsuit would be filed where the Defendant company resides). Here was the reason given to support the proper exercise of jurisdiction.
"Plaintiff is informed and believes that this Court may properly exercise at least specific personal jurisdiction over the Defendants because under the terms of the ANSYS Software License Agreement (the "SLA"), the parties have agreed that all rights and use of ANSYS HFSS and the Electronics Desktop software are governed by and construed in accordance with the laws of the Commonwealth of Pennsylvania, and the sole and exclusive jurisdiction and venue for any litigation arising from or relating to the SLA and ANSYS software shall be in a state or federal court maintaining jurisdiction over Washington County, Pennsylvania. By agreeing to the terms of the SLA, and conducting business with Plaintiff within this District beginning in 2015, and having this litigation arise at least in part due to Defendants breach of the SLA, Defendants have purposely availed themselves to the privilege of conducting business within this District and thus have submitted to personal jurisdiction in the United States District Court for the Western District of Pennsylvania."
Their software license agreement notes:
"(f) The rights and obligations of the parties hereto will be governed by the substantive law of the Commonwealth of Pennsylvania, excluding the United Nations Convention on the International Sale of Goods and choice of law provisions.
(g) The parties hereto consent to the venue and jurisdiction of the federal and state courts maintaining jurisdiction over Washington County, Pennsylvania for purposes of any legal proceedings arising under or relating to this Agreement."
What is Piracy Detection Software?
Some clients who receive a copyright infringement notice ask "how did they find out about our unlicensed software installations (or over-installations)?" This was outlined above in their own words but if you take a close look at their license agreement (which was searched as of the date of this blog post) you will see they discuss this in their EULA:
11. LICENSE COMPLIANCE SOFTWARE Licensee is aware that Licensor may embed the Program(s) with third-party license compliance technology (“License Compliance Technology”) that reports information to both the third-party licensor of the License Compliance Technology (“Technology Provider”) and Licensor relating to unique user and network identification with respect to the use of the Program(s) (including, but not limited to, user names, e-mail addresses, IP addresses and the domains from which the use of the Program(s) originated). Licensor and the Technology Provider collect such information if modifications to certain code files of the Program(s) have been made or that the Program(s) are being accessed by a License Key that was not authorized by Licensor.
The top THREE things to do when you receive a software audit demand letter
Getting a letter from Ansys (or another other software publisher such as Microsoft, Vero, Siemens, Solidworks or Autodesk) makes many a CEO nervous, and for good reason. I would say the NUMBER ONE WORST THING TO DO is to just ignore the letter and hope the issue just goes away. While this COULD happen, in my experience it is probably not likely. Here is what I WOULD recommend you do in my experience:
1. Do not call their attorneys under any circumstance. Instead, assemble a team of officers and directors you can trust to be prepared to handle this matter.
2. Do not run out and immediately uninstall, destroy or delete software. Many times the software lawyers on the other side of the phone will tell me "we see they immediately stopped using our software once they got our letter, we know they have it installed." I have never seen a case where destroyed evidence was helpful to the case.
3. Call us for a free consultation. This may sound self-serving, but realize they have lawyers on their team in most cases, and so you should probably at least look into retaining counsel for yourself.
Our law firm was established in 2004. Since that time, we have helped hundreds of clients (both large and small) respond to allegations of copyright infringement, and respond to software audit letters from companies like Autodesk and the Business Software Alliance. We have been in the trenches are are experienced in protecting your company and officers and directors who may also face personal liability.
Call us for a free initial conversation if your company is facing a software compliance crisis, need to respond to a federal court lawsuit (we have appeared in over 200 federal copyright cases) or a software publisher is demanding a "EULA audit" that is "required by the terms of your EULA." These can be high pressure situations and we can help.
In many cases, we can set a flat-rate legal fee for non-litigation cases (ex. audits).
Call (877) 276-5084 or email us through our contact form.