If you are a small or medium sized business in the United States, one of the major hassles you might find yourself involved in is a BSA or SIIA licensing audit. This blog will help you understand one way to respond.
2018 Update – We have been informed by one BSA counsel that Business Software Alliance Audits (at least those featuring Microsoft) are NOT VOLUNTARY in nature and if you used Microsoft products (have them installed) then you are bound by their audit clause. Which means, if Microsoft knows you have windows installed (uh yeah, that's a ton of people), and assuming they believe one or more copies are not licensed, they can send you an audit demand letter per the audit clause in the product (ex. Windows 10) and shift the burden to your company to prove up a license. Yes, its that simple to put your company under a Microsoft authorized software license investigation brought on by one of the BSA's regional IP law firms. Amazing.
There is a battle going on over unlicensed software use in corporate America. From what we have seen, the epicenter is largely focused around small to medium sized businesses (oten targeting companies that may be perceived as not having the financial means to hire a copyright counsel. Keep in mind, they usually have lawyers on their end and it is probably a good feeling for some of these compliance lawyers to try to bully your company around and force them to submit to a “voluntary” audit often at the threat of a $150,000 copyright lawsuit as the letter will usually point out in no uncertain terms.
If you recently received a letter, here are the top five things to do:
- Print out this incredibly valuable software audit checklist. This has 30 questions every business owner MUST be thinking about.
- Once you review the checklist, call us to discuss your case with a lawyer. We offer a free initial strategy session to discuss your case, and to discuss our affordable flat rate legal fees that is the best in the industry. Be careful to just pick up the phone and start talking to their lawyers. They are tough and this is their playing field. Prominent IP firms like Donahue Fitzgerald, Klemchuk, Weir-Johnson, Troutman Sanders, Saul Ewing, The Venable and others know how to handle these cases and may use your words against you in future negotiations, or a future lawsuit.
- If you decide to handle compliance audit yourself without hiring a lawyer make sure to review our free legal guide to the unrepresented business.
- Assess your estimated license ownership position (proofs you can produce to justify your installations), and weigh that against the potential damages and penalties for the missing licenses. Decide if you want to engage or refuse to participate in the audit.
- Try to limit the scope of the audit, obtain FRE 408 confidentiality protection, engage in audit, negotiate a settlement and software settlement.
These are some of the main steps. At step #4 above you may also want to consider who the informant might be. Many of these cases are initiated by a whistleblower informant seeking a financial reward to report software piracy. Sometimes they are flat out lying in the hope of retaliating against the company. This could raise defamation claims, and may actually breach employment, severance or trade secret agreements.
Based upon an alleged “informant” (I say alleged informant because the attorneys for the software companies will not give you their names) your business might receive a letter asking you to “voluntarily” audit your computer networks, laptops, iPads a(for all company locations) and anything else for number of software installs for popular software programs such as Microsoft Office, Microsoft CAL license, Autodesk (AutoCad), Symantec, IBM, SAP, Oracle, Ansys, Bentley, Vero, Rosetta Stone and and other software packages. We can help you defend these cases.
When you receive the “love letter” as I jokingly call it, this is where the action unfolds, nerves are tested, and you wonder what, if any, liability your business will have if you cannot find your receipts or you have missing licenses (i.e. shortages). Will the BSA or SIIA or another individual software company sue you for copyright infringement in federal court? Will you be able to settle your issues for a fair and reasonable amount? Is this just a shake-down, extortion or violation of Civil RICO statutes? These are good questions. This blog discusses one possible response, and a sample response letter that might be appropriate depending upon your case.
Sample response letter to a request for a “voluntary” software compliance audit by the BSA or its representatives
This is a sample letter we have used, (slightly modified), when responding to a BSA software audit letter from a representative of the BSA.
October 1, 2014
Software Audit Law Firm
455 Embarcadero Street
San Francisco, CA
THIS IS JUST A SAMPLE. DO NOT USE WITHOUT FIRST OBTAINING LEGAL ADVICE.
RE: Software licensing audit
Dear Software Compliance Attorney,
My firm represents Software Licensing Client XXX, in regard to the federal copyright software licensing matter (“BSA audit”) referenced in your letter to my client dated January 1, 2014. Please direct all future communications to our San Francisco office address set forth below. You may also email me directly at XXXXX.
At this time, I would like to request you provide me with the following:
- A copy of any documentation that you have that provides “probable cause” evidence that my client is believed to be using unlicensed copies of Microsoft or Adobe software (insert other brands that may be at issue for example Autodesk, IBM, Corel, Symantec, Attachmate, Rosetta Stone, etc). Surely you would be willing to share this information with us so that we can confirm that your request to interrupt my Client's business (at great cost and expense to my Client, not to mention the legal distraction) is legitimate and warranted.
- We also hereby demand you provide a copy of any and all software licensing agreements you believe provides you and your clients with the legal right to request a “voluntary” self audit of their software installs. If you are requesting that we audit my Client's networks for all of the pieces of software listed in your letter, please provide us with a clear, complete and legible copy of all licensing agreements that you believe to be operative and in effect. If these licenses have been amended from time to time, we hereby request all copies of each license agreement from its original draft, and including all amendments or alterations that were made. You may send this to my Sansome Street San Francisco address provided below.
- I am also hereby requesting to know the name and identity of any “informants” you may be relying on to support a right to audit my client's software installs. My client deserves to know the identity of the person that has allegedly obtained information about software piracy. We will need 14 days to examine the situation and determine if the ex-employee, consultant, or other person is in violation of the company policies and procedures, trade secret agreements, confidentiality agreements, or otherwise. If we find that the ex-employee has engaged in improper conduct while on the job, and/or off the job, we hereby reserve the legal right to cross sue them should any legal action become necessary. In that event, the witness will be required to submit to a deposition if grounds for cross-claim exists.
We are willing to look at this issue in good faith, but we would like to understand the grounds for requesting a time-consuming audit that will expend valuable internal time and resources of my client. I am sure you can understand and appreciate this request.
In addition, I would like to request in advance a stipulation that all of our conversations, communications, letters, and the exchange of any other documents or writings be deemed confidential under Federal Rules of Evidence as documents pertaining to settlement or potential resolution of this case. My client may have protected trade secrets and/or other proprietary information that they consider confidential and proprietary and these should be protected at this stage of our discussions. Please confirm if your firm, and specifically your client(s) are willing to agree to this. If so, I can forward you a FRE Rule 408 agreement. Of course, any discoverable information will be fair game.
If you have any other questions at this time, I can be reached at (877) 276-5084. Please suffice it to say if there is no evidence to support your claims, (i.e. this is a legal “shake-down” or “fishing expedition”) we reserve all rights to file a federal CIVIL RICO action against all appropriate parties. All other claims and legal defenses are hereby reserved.
Should you wish to discuss, I can be reached directly at XXX-XXX-XXXX.
Very truly yours,
Steven C. Vondran
This is just one sample letter that might be appropriate in a given software compliance case. Do not rely on this letter, or use this letter without first speaking with a software compliance lawyer.
Contact our Copyright Infringement Law Firm
If your business or organization is facing receipt of a law firm “love letter” asking you to submit to a voluntary compliance audit, contact us to review your case and discuss your legal rights. Remember, officers and directors of a company can be held liable for copyright infringement. We have represented other companies and we will fight to protect your legal rights, and to help you avoid an unjustified fishing expedition under the guise of a “software piracy investigation.” Call us at (877) 276-5084 or fill out the contact form below, leaving your name and phone number and one of our intellectual property lawyers or other representative will contact you, normally within the hour. We handle cases across the United States and international companies (ex. Canada, UK, Australia, France, Sweden, etc.) facing a audit or a federal lawsuit in the United States.