Attachmate / Micro Focus software audit overview & lawsuit update.  BEWARE of those END USER LICENSE AGREEMENTS!  Violating them could be VERY COSTLY!!  If you received a letter regarding RM/COBOL call US before you call THEM!!!

Introduction

Did you receive a letter from a copyright infringement or intellectual property law firm (or from the consulting firm Deloitte and Touche) asking your business to submit to a software compliance audit?  If so, contact our firm, we can help you explore your software audit rights and help in responding to their letter.  If you have a volume license agreement (“VLA”) that requires you to contractually submit to an audit, then you may find yourself obligated to review your computers, servers and laptops.  If there is no VLA, technically software audits are “voluntary” (however, if the Microfocus has strong information of infringement – usually through the use of an “informant” – then the business owner, CEO, officers and directors have to be concerned about a lawsuit being filed alleging willful copyright infringement.  Where “willful” infringement is shown (often the subject of debate and argument), the copyright laws allow for statutory damages of up to $150,000 per infringed title.

General information about Attachmate & Micro Focus International

According to Wikipedia:

“Attachmate, founded in 1982 by Frank W. Pritt and Julia Pritt focused initially on the IBM terminal emulation market, and became a major technology employer in the Seattle area. Based in Bellevue, Washington, the company became one of the largest PC software companies in the world, with offices in more than 50 cities in North America and in 30 countries. The company made several acquisitions, through mergers and purchases, to expand its range of host access hardware and software solutions…..On 15 September 2014, the British firm Micro Focus International announced that it would acquire the Attachmate Group for US$1.2 billion in shares.”

Common products that could be subject to audit

According to Google:

Micro Focus International plc is a United Kingdom-based global software company. The Company is engaged in delivering and supporting software solutions. The Company enables customers to utilize new technology solutions while maximizing the value of their investments in information technology (IT) infrastructure and business applications. The Company's portfolio includes identity access and security solutions, common business-oriented language (COBOL) development and mainframe solutions, development and IT operations management tools, host connectivity solutions, and collaboration and networking solutions. The Company's products include Access Manager, Access Review, AccuRev, AccuSync, Acu4GL, AcuBench, ACUCOBOL-GT, AcuConnect, AcuServer, AcuSQL, AcuXDBC, Aegis, AppManager, Artix, Atlas, Business Continuity Clustering, Caliber, Client for Windows, Cloud Manager and CloudAccess. The Company caters to various industries, such as Federal, airlines and healthcare.

These, and other products, could be subject to audit.  In some cases, a EULA will contractually obligate a company to submit to an audit of their IT environment.  This could be as the result of a “shrinkwrap” license or “clickwrap” license agreement.

Is a “shrinkwrap” end user license agreement (“EULA”) enforceable?

When your company receives a legal demand letter seeking to initiate an audit, one question that often arises is whether or not there is a legal obligation to comply with the demand, or whether you can just throw the letter away (and hope they go away).  The answer to this question may turn on whether or not the EULA agreement that permits auditing is enforceable.  One case that addressed this issue was the “ProCD case.”  According to Wikipedia:

“ProCD, Inc. v. Zeidenberg, 86 F.3d 1447 (7th Cir. 1996), is a United States contract case involving a “shrink wrap license”. One issue presented to the court was whether a shrink wrap license was valid and enforceable. Judge Easterbrook wrote the opinion for the court and found such a license was valid and enforceable.”

Here is some language from the Court's holding:

“Must buyers of computer software obey the terms of shrinkwrap licenses? The district court held not, for two reasons: first, they are not contracts because the licenses are inside the box rather than printed on the outside; second, federal law forbids enforcement even if the licenses are contracts.  The parties and numerous amici curiae have briefed many other issues, but these are the only two that matter—and we disagree with the district judge's conclusion on each. Shrinkwrap licenses are enforceable unless their terms are objectionable on grounds applicable to contracts in general (for example, if they violate a rule of positive law, or if they are unconscionable). Because no one argues that the terms of the license at issue here are troublesome, we remand with instructions to enter judgment for the plaintiff…….following the district court, we treat the licenses as ordinary contracts accompanying the sale of products, and therefore as governed by the common law of contracts and the Uniform Commercial Code. Whether there are legal differences between “contracts” and “licenses” (which may matter under the copyright doctrine of first sale) is a subject for another day. See Microsoft Corp. v. Harmony Computers & Electronics, Inc., 846 F.Supp. 208 (E.D.N.Y.1994).

Another federal court saw things slightly differently.  In SoftMan Prod. Co., LLC v. Adobe Sys., Inc., 171 F. Supp. 2d 1075, 1088 (C.D. Cal. 2001) the Central District court noted:

“Whether contracts such as Adobe's EULA, often referred to as “shrinkwrap” licenses, are valid is a much-disputed question. A number of courts that have addressed the validity of the shrinkwrap license have found them to be invalid, characterizing them as contracts of adhesion, unconscionable, and/or unacceptable pursuant to the Uniform Commercial Code. Step–Saver, 939 F.2d 91; Vault Corp. v. Quaid Software Ltd., 847 F.2d 255 (5th Cir.1988). These courts have refused to recognize a bargain in shrinkwrap license that is not signed by the party against whom it is enforced. In Step–Saver, the Third Circuit found that the terms of a contract were formed when the parties shipped, received and paid for the product. Therefore, the software shrinkwrap agreement constituted additional terms to the contract, and under Uniform Commercial Code § 2–207 (governing commercial counter-offers), these terms were invalid without express assent by the purchaser. In contrast, other courts have determined that the shrinkwrap license is valid and enforceable. ProCD, 86 F.3d at 1453; Harmony, 846 F.Supp. at 212.”

Another court talked about the validity of “Clickwrap” licenses (as opposed to “shrinkwrap”).  The Court in Smallwood v. NCsoft Corp., 730 F. Supp. 2d 1213, 1226–27 (D. Haw. 2010) noted:

“Validity of Click Agreements – Plaintiff asserts that “defendants' resort to the click agreement should not be countenanced in that such agreements are declared void and unconscionable under the law of NC Interactive's home state in the context of consumer protection claims. As discussed infra, Plaintiff apparently relies on the Texas Act in support of this statement.  The type of User Agreement at issue here is often called a “ clickwrap” agreement.   See Specht v. Netscape Communications Corp., 306 F.3d 17, 22 n. 4 (2d Cir.2002) (explaining “this kind of online software license agreement has come to be known as ‘ clickwrap' (by analogy to ‘shrinkwrap,' used in the licensing of tangible forms of software sold in packages) because it “ presents the user with a message on his or her computer screen, requiring that the user manifest his or her assent to the terms of the license agreement by clicking on an icon. The product cannot be obtained or used unless and until the icon is clicked).” The court Smallwood court continued: “These agreements have routinely been upheld. See Guadagno v. E*Trade Bank, 592 F.Supp.2d 1263, 1271 (C.D.Cal.2008) (explaining that a party may be bound by a ‘clickwrap' agreement if the terms are clear and acceptance is unambiguous, regardless of whether he actually reads them); see also Inter–Mark USA, Inc. v. Intuit, Inc., No. c–07–04178, (N.D.Cal. Feb. 27, 2008) (dismissing complaint based upon Software License Agreement and noting that, in addressing whether ‘ clickwrap' agreements are valid, courts apply “traditional principles of contract law and focus on whether the plaintiff had reasonable notice of and manifested assent to the ‘clickwrap' agreement”).

So whether you purchased Attachment or Micro Focus software subject to a clickwrap or shrinkwrap license, these will be some of the issues as to whether or not the license agreement that requires a softwrae audit are enforceable.

What types of things constitute “unconscionable” contracts?

In order to try to invalidate a software audit clause on the grounds that it is “unconscionable” both “substantive” and “procedural” unconscionability must be shown.  This was discussed in Ingle v. Circuit City Stores, Inc., 328 F.3d 1165, 1170 (9th Cir. 2003) which noted:

“Because unconscionability is a generally applicable defense to contracts, California courts may refuse to enforce an unconscionable arbitration agreement. Unconscionability refers to “an absence of meaningful choice on the part of one of the parties together with contract terms which are unreasonably favorable to the other party.” A & M Produce Co. v. FMC Corp., 135 Cal.App.3d 473, 486, 186 Cal.Rptr. 114 (1982); see also U.C.C. § 2–302; Cal. Civ.Code § 1670.5; Restatement (Second) of Contracts § 208 (1981). Thus, a contract to arbitrate is unenforceable under the doctrine of unconscionability when there is “both a procedural and substantive element of unconscionability. Significantly, the California Supreme Court has noted that procedural and substantive unconscionability “need not be present in the same degree.”

To determine whether the arbitration agreement is procedurally unconscionable the court must examine “the manner in which the contract was negotiated and the circumstances of the parties at that time.” Kinney v. United Healthcare Servs., Inc., 70 Cal.App.4th 1322, 1329, 83 Cal.Rptr.2d 348, 352–53 (1999). An inquiry into whether Circuit City's arbitration agreement involves oppression or surprise is central to that analysis. A contract is oppressive if an inequality of bargaining power between the parties precludes the weaker party from enjoying a meaningful opportunity to negotiate and choose the terms of the contract. Stirlen v. Supercuts, Inc., 51 Cal.App.4th 1519, 1532, 60 Cal.Rptr.2d 138, 145 (1997) Substantive unconscionability centers on the “terms of the agreement and whether those terms are so one-sided as to shock the conscience.” Kinney, 70 Cal.App.4th at 1330, 83 Cal.Rptr.2d 348 (internal quotation marks omitted). In evaluating the substance of a contract, courts must analyze the contract “as of the time [it] was made.” A & M Produce, 135 Cal.App.3d at 487, 186 Cal.Rptr. 114.

 In looking at whether or not a EULA is “unconscionable” Courts will require a strong showing that the terms are not fair, otherwise, in my general estimation, prevailing on this defense is a tough one, but not to say impossible.

Other contractual grounds to try to void the EULA audit terms

Some other ways to attack a software audit clause contained in a EULA licensing agreement is to show that there was fraud in the procurement of the license.  Other contract defenses may also be applicable.  Call us to discuss your case as every case is different.  If the EULA is determined to be valid, two key questions regarding the legal enforceability and scope of clickwrap “rights to audit” clauses are:

(1) Did your company agree to the clickwrap?  Did a subsidiary agree? If the software was deployed on your networks, this could amount to an agreement to submit to an audit.  But perhaps it would be possible to restrict the audit to the software used by the subsidiary, department, or division that agreed to the EULA.

(2) What products or versions does the clickwrap give Micro Focus and their auditors (or other software vendors such as Autodesk and Microsoft – often cases pursued through the business software alliance) the right to  audit.

There are other questions to ask as well but if you received a letter demanding an audit, for example for using “FileExpress” or other products, give us a call.  It is important in audit cases to try to get a FRE 408 confidentiality agreement and try to limit the scope of the audit.

Micro Focus contractual audit terms

Here is one type of audit clause you may have agreed to:

AUDITS. Licensee agrees to:

(i) keep records of and provide the location, model and serial number of any and all machines on which the Licensed Software is installed or from which the Licensed Software is accessed, and the names of and how many users are accessing the Licensed Software,

(ii) implement a reasonable mechanism or process to ensure that Licensee?s use of the Licensed Software does not exceed the number of licenses granted,

(iii) take all necessary steps to destroy or erase all Licensed Software codes, programs and other proprietary information before disposing of any media containing the Licensed Software,

and

(iv) promptly provide written notice to Licensor if Licensee?s usage exceeds the license granted.

Upon Licensor?s reasonable request, but not more frequently than annually without reasonable cause, Licensee shall furnish Licensor with a statement signed by a director and/or auditor, as required by Licensor, verifying the above and shall permit Licensor to audit the use of the Licensed Software at such times as may be mutually agreed upon. In the event Licensee?s usage exceeds the license granted, without prejudice to any other rights or remedies Licensor may have, including without limitation injunctive relief, Licensee agrees to pay Licensor the then current license and maintenance fees for the use of the additional licenses. Further, if such usage exceeds the license granted by more than five percent (5%), Licensee shall also reimburse Licensor for the reasonable cost of such audit in addition to other amounts due.

How to survive a software vendor audit?

One of the best ways to get your case settled when dealing with any software company including MICROFOCUS (formerly Attachmate), IBM, ORACLE, or SAP is to have a defensible position.  These companies are generally known to be aggressive in enforcing their licensing terms and copyrights.  We have discussed possible defenses and mitigating factors to software compliance investigations in other blogs.  Here are a few other things to note if you are a software asset manager:

1.  Attachmate grew its company by acquiring other companies along the way – example by acquiring NetIQ, WRQ and Novell (meaning they grew more by acquisition than organically).  Thus, they MIGHT not have the most accurate licensing records prior to 2003 so that is something that could possibly be a factor in your case.
2.  Microfocus may audit its users randomly, every two years or until they suspect the amount of unlicensed software (infringement) is worth the time and money investment to conduct an audit.
3.  If your company is found to be out of compliance with licensing terms, you could be subject to paying additional costs, maintenance fees, and lost interest at 18% or more from the time the software was released to the public.
4. Having proof for your licensing rights (for installed software) and entitlements is essential.  This means all proofs going back to NetIQ, Novell and WRQ if your business licensed products from these entities.  Dated proofs of purchase are what I have seen software vendors to be the most comfortable with accepting in my experience handing software cases.   At any rate, you should keep a copy of all communications, emails, text messages, and other proof that you are properly paying for their services, including support and maintenance.  For example, you would not want to use support and maintenance and later be accused of not being licensed for that.  SAM managers should take care to keep detailed and accurate records, and keep them in a safe place.
5. If your company is or has acquired other companies, you should keep Micro Focus records up to date so that your existing organization is properly licensed to use their software products at all times.
6. Sometimes there are other mitigating factors that should be considered even where there is no proper proof of licensing.
7. If you are not using Attachmate software, you might want to consider uninstalling the software, removing all remnants and registry files.  You can uninstall unused titles and search for remaining files to ensure everything is removed.

Hopefully these general tips will come in handy.

Does Micro Focus file software copyright lawsuits?

Yes.  Here are a few cases I located.

1.  Micro Focus v. American Express

Plaintiffs, Micro Focus (US), Inc. and Micro Focus IP Development Limited (together, “Micro Focus”), by their undersigned attorneys, sue American Express Company (“American Express”) for compensatory and statutory damages in an amount to be established at trial and currently estimated to exceed $14,024,694, and for other relief.

This action arises from American Express's use of Micro Focus's copyrighted software products known as Server Express and Application Server for Server Express. American Express has exceeded its rights by using the Micro Focus software beyond what was permitted by American Express's license to use the Micro Focus software. American Express's continued use of Micro Focus software without the required licenses constitutes an infringement upon Micro Focus's registered and valid copyright in violation of 17 U.S.C. $ s01.

Micro Focus Application Server for Server Express software is the software required to execute object code items created during the compiling process. In certain cases, the object code can include this software directly, and in such cases it is known as the ” application server components. ” Micro Focus requires persons who wish to deploy application server components that are embedded in compiled COBOL source code to purchase separate Micro Focus application server licenses commonly referred to as “runtime” licenses. At the time during which American Express began using Server Express, Micro Focus's application server components were known as “Application Server for Server Express.” The current version of that product is now known as “Server for COBOL

Application Server for Server Express is an original and proprietary software product belonging to Micro Focus. Specifically, Micro Focus IP Development Limited is the claimant under valid copyright registrations for the version or versions of Application Server for Server Express pertinent to this action, including version 2.2 andlor version 4.0. Micro Focus (US), Inc. has the right to license and distribute this copyrighted software.

Under the Micro Focus End User License Agreement (“EULA”) applicable to American Express's use of Server Express or Application Server for Server Express from 2009 to present, American Express is required, because the current version of the First Logic Application performs operations known as “batch processing,” to purchase a license type known as a “Server License for CPUs.” Under the Micro Focus EULA applicable to use of Server Express or Application Server for Server Express from 2009 to present, American Express was required to purchase a Server License for CPUs for each “core” in the server.  A “core” is a self-contained processing unit within a computer microchip. A single server can contain numerous cores.

2. Microfocus vs. Change Healthcare (alleging both breach of contract and software infringement)

This is an action for breach of contract and copyright infringement arising out of certain software license agreements entered into between Micro Focus and McKesson. The agreements are governed by Maryland law and control the scope of McKesson's use of copyrighted software developed by Micro Focus and/or its predecessors-in-interest.

McKesson and/or McKesson Corporation have breached and continue to breach the EULA by failing to pay Micro Focus the required license fees for their actual deployment of StarTeam Software, which far exceeds the scope granted to McKesson under the EULA.  McKesson and/or McKesson Corporation also breached and continue to breach the EULA by failing to pay Micro Focus the required license fees for McKesson's and/or McKesson Corporation's facilitation of third-party Allscripts' access to, and use of, the StarTeam Software.

McKesson and/or McKesson Corporation made unauthorized copies and distributions of the StarTeam Software when they exceeded the scope of the EULA's license grant, and such actions infringed and continue to infringe Micro Focus's exclusive rights granted by the Copyright Act, 17 U.S.C. § 106.

Attorney Steve Tip:  read our article about whether a breach of EULA is a copyright infringement or a breach of contract.  Very important article.

Attachmate Cases in the News

1.  Following Deloitte audit Attachment sues Mobistar for $6 million (alleged illegal use of “ReflectionX” a terminal emulator product that allows users to connect to legacy mainframe operating systems such as IBM, UNIX, OpenVMS, and HP from a Windows machine).
2. Be prepared to be audited by Micro Focus – Reddit article
3. Covance sues Attachmate claiming it doesn't owe 22 million in past licensing fees, maintenance and interest

Convance v. Attachmate case

Here is a snippet from the Complaint filed for Declaratory Judgement against Attachmate showing what Covance was alleging.

“This action arises out of a dispute concerning multiple Attachmate software products. For many years, Covance and its constituent and/or predecessor facilities (collectively referred to in this Complaint as “Covance”) have purchased numerous Attachmate software licenses. In 2011, Attachmate contacted Covance and asked for a formal license verification, or audit, of Covance's use of Attachmate software products. Covance fully cooperated and voluntarily participated in this audit, the results of which mistakenly led Attachmate to conclude that Covance engaged in copyright infringement and/or breached the alleged terms of the license(s). Attachmate asserts that Covance has tens of thousands of unlicensed deployments of Attachmate software on its computers and/or computer systems, and for which Covance owes Attachmate over $22 million in license fees, interest and maintenance charges. Covance disagrees, and moreover asserts that it is Attachmate who breached its obligations to Covance. Therefore, to resolve these disagreements, Covance brings this Complaint for declaratory and other relief.”

It was also alleged that:

“Attachmate has a documented history of suing many of its largest customers for copyright infringement and breach of contract after conducting license verifications, or audits, of customers' uses of Attachmate software products. Customers against whom Attachmate has brought such litigations include: Northwest Community Hospital; Tarmac Ltd.; Sentry Insurance; Jeld-Wen Inc.; United Technologies Corp.; Windstream Communications Inc.; Dell Inc.; Juniper Networks, Inc.; Carnival Corporation; Health Net, Inc.; Public Heath Trust of Miami-Dade County Florida d/b/a Jackson Memorial Hospital; Cel-Com Axiata Berhad; the District of Columbia government; and others.”

You can find the case on Pacer online by searching for Case 3:12-cv-04088.

Conclusion

If you received a audit demand letter from Micro Focus Attachmate, do not panic.  Give us a call to discuss your position. Hiring a copyright lawyer does not “make you guilty” it makes you smart and helps you best protect your legal rights.  We have helped many companies, large and small, throughout the United States handle and defend against copyright infringement threats, and audit demand letters.  We offer a free initial consultation for SAM managers and business owners, CEO's, CFO's and other officers and directors.  Call (877) 276-5084.