Contact Us Today! (877) 276-5084

Attorney Steve® Blog

Facing a BSA software audit? Ask them what information they have on you via the CCPA

Posted by Steve Vondran | Nov 16, 2019 | 0 Comments

Software Audit Defense Essentials - CCPA Privacy Law allows you to "access" information a company holds on you and allows you to request deletion. 

Business Software Alliance audit strategy



California has recently signed the CCPA into law (California Consumer Privacy Act).  This is a new law that is set to go into effect on January 1, 2020.  Many companies in CALIFORNIA and outside of California (if they handle data of California residents or consumers) will have to comply with this new privacy rights law.  Some of the rights of the include:

1. The right to know what information a company has in their possession (what they have collected from you).

2.  You have a right to make 2 requests per year, and the data holder is required to provide a response within 45 days or risk a violation (the Attorney General will enforce, but there is also a provision for a private lawsuit.

3.  You have the right to access your information and request that it be deleted (the right to be forgotten)

4.  You have the right to opt-out of any information sharing

QUESTION:  Does this mean when you learn (either directly from a company like Microsoft, Adobe, or Autodesk), or through the BUSINESS SOFTWARE ALLIANCE ("BSA") their software trade association, that you are the target of an investigation (often claimed to be driven by certain "information" they have on you, for example an informant software piracy report - does this means you have a right under California law to request that information and to demand that it not be shared with any third party?  Meaning, you can opt out of Microsoft or Autodesk sharing piracy reports with the BSA?  This seems reasonable and perhaps a letter to Microsoft or the BSA is required when you find yourself in this position.  As this article shows - Microsoft intends to comply with the CCPA in ALL STATES, not just California.   So, wherever your architect, engineering, design firm,  or other type of company is located, Microsoft said they will comply.

PODCAST - Click here to learn more specifics about the CCPA - California Privacy Law and the Rights it Grants

California Privacy Lawyer

The Software Alliance (BSA) represents many software companies

The Software Alliance represents many different software companies.  Some are located in CA and some are not.  The CCPA applies to any company that collects personal information from California consumers and residents.  Thus, it is good to know that Microsoft will comply with the CCPA in all fifty states.  That would appear to mean that any company that receives an audit demand letter (or email) no matter where they live, will be able to access the Microsoft data and see what information Microsoft already has, and what they know about your licensing information (which I would argue is a form or personal information especially for solo persons running a business).

What to do if you receive a demand letter from a Copyright Law Firm

 Here is a potential way this may play out. 

1. You are an individual who has purchased Microsoft Software.

2.  Microsoft collected your information on the date of purchase (they should have the "receipts" to prove valid software licensing)

3.  They also know what software you purchased, how much you paid, and when the software was activated (which might trigger the copyright infringement 3 year statute of limitations)

4.  Since they claim they will comply with the California CCPA in all 50 states, you can may a request to know what information they have accessed (ex. the "informant" piracy report), and proof of past licensing.  See if they will provide this information or not.  It remains to be seen.

5.  You might also wish to request that Microsoft not share any information with third parties, such as the Software Alliance. (opt-out of information sharing).

6.  See if they comply within 45 days

7.  Review your options with your Software Audit Defense counsel (us).

For more information call us at (877) 276-5084 or email us using the contact form. 

About the Author

Steve Vondran

Thank you for viewing our blogs, videos and podcasts. As noted, all information on this website is Attorney Advertising. Decisions to hire an attorney should never be based on advertising alone. Any past results discussed herein do not guarantee or predict any future results. All blogs are written by Steve Vondran, Esq. unless otherwise indicated. Our firm handles a wide variety of intellectual property and entertainment law cases from music and video law, Youtube disputes, DMCA litigation, copyright infringement cases involving software licensing disputes (ex. BSA, SIIA, Siemens, Autodesk, Vero, CNC, VB Conversion and others), torrent internet file-sharing (Strike 3 and Malibu Media), California right of publicity, TV Signal Piracy, and many other types of IP, piracy, technology, and social media disputes. Call us at (877) 276-5084. AZ Bar Lic. #025911 CA. Bar Lic. #232337


There are no comments for this post. Be the first and Add your Comment below.

Leave a Comment

Contact us for an initial consultation!

For more information, or to discuss your case or our experience and qualifications please contact us at (877) 276-5084. Please note that our firm does not represent you unless and until a written retainer agreement is signed, and any applicable legal fees are paid. All initial conversations are general in nature. Free consultations are limited to time and availability of counsel and will depend on the type of case you are calling about (no free consultations for other lawyers). All users and potential clients are bound by our Terms of Use Policies. We look forward to working with you!
The Law Offices of Steven C. Vondran, P.C. BBB Business Review