Attorney Steve® Software Audit Essentials – Dealing with the defamatory “Informant” in anti-piracy investigations and audits.
Whistleblower Informant or Corporate Sabotage Defamer. You need to know the difference. Software audit case law.
July 2022 Updates: If you received a business software alliance audit letter, you should know it looks like the BSA is striking up the audits after it halted auditing once the pandemic started. We are now seeing the letters demanding audits starting to pick up again in 2022. If you received a notice, call us or a free consultation at (877) 276-5084. We have helped hundreds of clients confidentially resolve license compliance disputes.
The Business Software Alliance (“BSA”) as well as the SIIA are located in Washington, D.C. Here is one case that dealt with the issue of whether or not a software piracy “informants” identity is strictly confidential, or whether they can be UNMASKED with a subpoena (for example after receiving a BSA software audit demand letter from the Venable, Steptoe, Royer Cooper or a variety of other regional law firms that handle software compliance audits and investigations).
Who is the BSA?
BSA stands for the business software alliance. They are a software trade associate that has a team of law firms across the nation that send demand letters seeking legal audits. Firms such as the Venable, Warner Law Group, Steptoe, Weir Johnson, FDK law and others. We have dealt with their major law firms and helped many companies through the audit process. They can be very tricky to deal with and it is not well advised to "go it alone." We have seen settlement demands approaching one million dollars and since officers and directors may be held personally liable for software piracy under their watch.
Watch Attorney Steve® provide an overview of BSA software audits
Who is the SIIA?
According to their website:
“The Software & Information Industry Association is the principal trade association for the software and digital content industry. SIIA provides global services in government relations, business development, corporate education and intellectual property protection to the leading companies that are setting the pace for the digital age.”
Software Piracy According to SIIA
The SIIA website describes some of the compliance issues they may help companies with as part of their “corporate anti-piracy” work:
“Examples of Software Piracy Taking Place Within An Organization
- An organization purchases a single licensed copy of a software program and installs it onto several computers, in violation of the terms of the license agreement.
- An employee installs business software on their home computers in violation of the terms of the license agreement.
- A copy of a software program is copied onto an organization's servers and the organization's network “clients” are allowed to freely access the software in violation of the terms of the license agreement.
- An organization buys computers with preloaded software, but the vendor fails to provide the organization with purchase documentation to verify the legitimacy of the pre-loaded software.”
We can help software organizations and content distributors with Vondran Legal anti-piracy initiatives. Contact us below for more details. There are benefits to having an IP law firm (as opposed to a trade association) enforcing your intellectual property rights.
Now, let's get on to the case law.
Solers, Inc. v. John Doe, No. 05-3779 (D.C. Sup. Ct Aug. 16, 2006)
In this case the Court held that the identity of a software informant is confidential. Here's what happened:
- A tipster sent a tip to the Software Information Industry Association (“SIIA”) alleging that Solers, Inc. (“SOLERS”) was using unlicensed software in its business operations
- Just like the BSA (and architect and engineering software companies like Autodesk), these companies may assure the informant that their tip and their “piracy” information is confidential and will not be disclosed to anyone.
- SOLERS maintained its innocent and asked for the name of the informant
- SIIA decided not to take further action on the informant's tip and did not file a copyright infringement action.
- SOLERS did take action however, and they filed a “John Doe” lawsuit against the tipster alleging defamation and tortious interference with business operations and sought an injunction against further defamation.
- SOLERS then served a subpoena on SIIA
- SIIA filed a motion to quash the subpoena (see video below)
- The Court ruled the informants information was confidential and could not be forced to be handed over especially where: (a) the court felt the SOLERS did not have a plausible claim to defamation (no damages since SIIA called off its investigation), thus, they could not withstand a motion to dismiss and (b) SOLERS could not show it exhausted all reasonable efforts and sources to identify the informant before seeking to unmask the informant. (all SOLERS did was search their servers to see if the informant emailed defamatory statements to SIIA).
The Court stated that publishing a potentially defamatory statement only to SIIA would not be enough to withstand a motion to dismiss (not enough “risk of harm”). For more context on what it takes to have a valid defamation cause of action review our California defamation checklist.
This may be a big hurdle in software audit claims where you have the “corporate sabotage” informant who may be stating blatantly false claims to Autodesk, Adobe, Microsoft, the BSA or SIIA. The Courts may look at this like a non-actionable defamation case because it is not the same as blasting a company's reputation across the internet. The Court was demanding “actual harm.” Threatened harm is not enough.
Might this be different if trade secrets are being shared with a software compliance trade association?
A key factor seemed to be that SIIA decided to drop its claims and investigation. Perhaps, wisely so.
Keep in mind, this case could come out differently if filed in a jurisdiction where the software alliance or SIIA is NOT a local organization (like it was in the D.C. courts here). I think that local politics can sometimes have an influence in the overall determination.
Here is some case law from a federal court ruling in a :
“Federal Rule of Civil Procedure 45(c)(3) states that district courts must quash or modify a subpoena that “subjects a person to undue burden.” FRCP 45(c)(3)(A)(iv). The party moving to quash bears the burden of demonstrating that an “undue burden” would otherwise result. See, e.g., Malibu Media, LLC v. John Does 1-18, 2014 WL 229295, at *6 (D.N.J. Jan. 21, 2014) (citations omitted). Separately, Federal rule of Civil Procedure 26(c) authorizes district courts to issue protective orders “for good cause . . . to protect a party or person from annoyance, embarrassment, oppression, or undue burden or expense.” FRCP 26(c)(1).
“Defendant must demonstrate an “undue burden” in order to quash or modify a subpoena under Rule 45(c)(3)(iv). “In order to establish an undue burden, Defendant must show a ‘clearly defined and serious injury.'” Malibu Media, LLC v. John Does 1-18, 2014 WL 229295, at *8 (D.N.J. Jan. 21, 2014). Here, Defendant argues that becoming publicly associated with pornography will cause “embarrassment and damage to Defendant's reputation.” Def. Memo at 5. Courts in this district have held that broad claims of embarrassment and reputational damage do not amount to an “undue burden” sufficient to quash or modify a subpoena. See Plastic the Movie Ltd. v. John Doe Subscriber Assigned IP Address 184.108.40.206, 2015 WL 4715528, at *2 (D.N.J. Aug. 7, 2015); Malibu Media, LLC v. John Does 1-18, 2014 WL 229295, at *8 (“While the Court acknowledges that ‘there is some social stigma attached to consuming pornography … it is [nonetheless] the rare civil lawsuit in which a defendant is not accused of behavior of which others may disapprove.'”) (citations omitted). Further, “[i]f ‘any defendant could quash a subpoena based on the mere possibility that someone else has used the defendant subscriber's IP address to perpetuate the alleged infringement' then a plaintiff would be unable to enforce its rights.” Malibu Media, LLC, 2014 WL 229295.
Click here to learn more about software piracy rewards programs
The Washington D.C. Court placed a heavy burden on company's who want to sue the software informant in a BSA, SIIA or other software audit case. It instead protected the anonymity of the informant (who may have been malicious, maybe not), and QUASHED the subpoena and this discovery method was not allowed.
A Plaintiff should be able to withstand a motion to dismiss, and should pursue all other reasonable attempts to acquire the informant's identity before a subpoena to the trade association may be allowed.
If you need help defending in a software audit case, or are a Plaintiff rights holder seeking to establish and implement a software licensing recovery program to recapture lost software licensing fees, contact us at (877) 276-5084.
There is no substitute for experience in this complicated area of the law. We offer a not cost initial consultation for business owners.