Microsoft Software Audit Defense – Microsoft SAM Audit “True-Ups”
One of the things that can arise in the world of software audits is a request from Microsoft asking a company to submit to a voluntary “software licensing verification process.” Also known as a SAM audit (software asset management). When companies get this they might often ask “is this legitimate or is it a scam?” Sometimes this request comes directly from a Microsoft representative to the Client (for example by email which looks like a scam, but which uses a Microsoft domain name (example [email protected]). This email (or it might be a software audit letter) raises several questions, especially if there is an ongoing edit. We are informed, but cannot confirm, that some of these companies are located out of the country, for example in India, and that the Microsoft representatives or “partners” may receive a commission or percentage of any software you are forced to purchase once you complete the audit and deficiencies in licensing or shortages are identified.
The audit may be sold as a “benefit” to your company, but could be a way to make your company nervous, get you to admit to software piracy, and to force you to upgrade and purchase more software from Microsoft resellers and vendors. Some clients assume they can just handle this themselves or use independent software consultants to help out, but we would recommend companies act cautiously and prudently when engaging one of the world's largest software companies in responding to one of these audits and the request to complete a deployment summary.
This blog will help you identify some of the potential legal issues and seeking the advice of a software compliance lawyer may be money well spent. We offer low flat rate fees to take the pain out of the process.
ASSURANCES I LIKE TO GET FROM MICROSOFT BEFORE ALLOWING A SAM AUDIT TO PROCEED
Is this a scam?
This has to be checked of course, but usually you will find it is legitimate and the email does come from Microsoft, or an affiliated company who was hired to do the audit. There is often a phone number you can call to verify with Microsoft that the person named on the letter is authentic and not a scam. You should call Microsoft to confirm before handing any money or audit results over.
Should I throw the letter away or delete the email?
While it may be tempting to just want to throw the letter in the trash and ignore the problem, you should look at it closely because it may have you some opportunities to get your software into compliance and WITHOUT ANY PENALTIES, ATTORNEY FEES, FINES, or other damages to your company. The letter will often indicate that if you self-audit your computers, laptops, networks and “true-up” or identify any shortages, and then go purchase valid software licenses from approved Microsoft vendors and resellers then you will not have any penalties. It is always advisable to get this in writing from the Microsoft representative of course so there are no misunderstandings.
Do I need a software compliance or copyright lawyer?
When you are dealing with Microsoft and their copyright team, you should be aware that legal issues are always lurking, and having a business and intellectual property lawyer on your team (they have many on theirs) is a sound business decision. While you can try to handle this SAM verification process on your own, we offer a low flat rate fee service that is designed to take this headache off your plate and to provide the following copyright law services:
1. Get you a confidentiality agreement in place so that Microsoft will not try to publicize your software shortages (or piracy as some may call it) on their website. We do this through the use of a FRE 408 confidentiality agreement. Most of our clients do not know how to handle this on their own, although we do sell a sample 408 confidentiality agreement by clicking on the link. You do not want to admit to having shortages and put that in writing without any protection.
2. We can help obtain a time extension to respond (so that you can review your options, discuss it with your board of directors, IT team, etc.)
3. Get written confirmation from the Software Asset Management consultant or agent that there will be no penalties if copyright infringement or piracy is noted in the self-audit.
4. Help with reviewing your spreadsheet before turning it in and seeking to close the matter and dealing with any threats to elevate the issue to the Microsoft legal team or department (or to BSA counsel – Microsoft is a member of the Business Software Alliance).
5. Closing the case with a confidential settlement communication or confirmation to close the case..
Don't go it alone. We offer a low cost (flat rate fee to help you close this out as quick as possible without incident).
Are there any circumstances where Microsoft might drop or withdraw their request for a audit?
Possibly. Two potential areas are:
- Where your company purchases software from a company headquartered overseas
- Where your company is a certified Microsoft partner (you will need your partner ID)
According to Wikipedia:
A Microsoft Certified Partner (MCP) is a firm that provides Microsoft-related products or services, or support for such. They are confirmed byMicrosoft to be official, and that they work effectively, and help customers with a range of information technology (IT) projects and specific products and services.”
There may be others, contact our software audit lawyer to discuss at (877) 276-5084.
If Microsoft finds out I have a lot of unlicensed software could they conduct a full software raid?
Software raids of businesses used to take place. I am not aware of many businesses that have been raided recently. However, we have had other IP lawyer threaten us with “seeking a court order” from a judge to go into a business and raid the company looking for pirated or unlicensed software. While I believe the legal risk in most cases would be low, it is important to realize that this is one remedy that could be pursued if there is a strong belief that your company has engaged in widespread copyright infringement by downloading mass amounts of software from bitToren websites without paying for it. In these cases, your company may be pursued for illegally copying and distributing software through BitTorrent. If your company falls into this category, you should definitely “lawyer-up” to make sure you are not falling into a legal liability trap that could result in a federal copyright lawsuit and claim for thousands if not millions of dollars in damages, which could injure your company's reputation, and in fact lead to a bankruptcy of the organization. Bear in mind however, there is always an argument that willful copyright infringement cannot be discharged in bankruptcy court (Chapter 7, 11, 13 and an adversary proceeding could be filed in the bankruptcy court by the software publisher to prevent discharge of the software infringement damages through BK).
What is the expected time frame to respond and complete the Microsoft deployment summary spreadsheet?
Here is a sample of a MICROSOFT SAM AUDIT TIMELINE. If you need more time, we can probably make that happen. Contact us at (877) 276-5084.
- Complete the deployment summary (for OEM you may only be asked to provide 5 proofs of purchases as samples. The same is true of FPP (full packaged product – ex. a Microsoft WORD or OFFICE disc you bought off the shelf in a retail store Bestbuy, Staples, Costco, Fry's or other computer shops that might sell the packaged software). For these, you may be asked to show 5 proofs of purchase for each different version of software you are using in your company.
- Microsoft reviews your deployment summary, and should review within 7 days and send you an “estimated license ownership position document.” This tells you what products they think you are properly licensed to use, and what you are short.
- Further clarifications may me made (for example, they may ask you to explain or defend a license or installation) – another 7-10 days
- Licensing gaps/shortages should be remedied with an authorized Microsoft reseller or partner within 14 days. This is the “true-up” process whereby you are asked to purchase any licenses which you were short.
- If you satisfy the foregoing, the concept is that there will be no infringement penalties, and no copyright lawsuit be filed for software piracy.
These of course are only general guidelines. Situations may vary, and this is why it can be important to have a SAM audit lawyer on your team.
Will our company be penalized if licensing shortages or software piracy are detected?
According to Microsoft's website, there is no penalty if you identify shortages, and true up with them (meaning buy the licenses you need). Again, this is something that you should get in writing. Why? People lie and handing over a written report that says “I am short 100 copies of Windows, 50 Microsoft Office, and short 250 CAL server licenses” may prompt Microsoft to want to initiate a more detailed software piracy investigation.Will I be penalized if I have license shortages?
What are the damages for software piracy?
The software infringement calculator for normal license shortages, should not apply since Microsoft claims it will not penalize you. You should not be paying other costs, attorney fees, damages, etc. You should only have to pay the retail costs of the software from an approved vendor and provide the proofs of purchase to Microsoft.
SAM audit resources
- License ownership position
- Microsoft SAM explanation
- Documents and Templates from Microsoft
- Article detailing how SAM agents can be a “pain in the ass”
- Overview of license audit emails from Microsoft
- Microsoft helpful materials
Contact a software compliance / copyright infringement lawyer
When you receive a letter or email from a representative of Microsoft asking you to submit to a voluntary audit and to fill out a deployment summary, contact our intellectual property firm to help guide you through the process. Know your software audit rights. We can help protect your business from unwanted allegations of software infringement, copyright violations, and other claims that can lead to a public relations disaster to your company. We offer low flat rate fees to take this hassle off your back and help you handle the software compliance legal issues that are necessarily implicated in dealing with your internal software usage and licensing. Call to discuss your case in confidentiality with our copyright lawyer. We can be reached at (877) 276-5084.
How to hire a software audit lawyer
Important: There seems to be new law firms with limited experience jumping into this space. Before you hire any IP law firm check them out on AVVO (we have 30 customer reviews as of this blog post). What is their lawyer ranking? How many years have they been handling software audits? How many cases have they handled? What types of successes have they had? Also check out their law firm website. It if looks like something that was put up in the last thirty days to one year (you can check out their domain name on the WHOIS lookup to see how long they have been around). Do not be fooled by an inexperienced law firm that seeks to convince you that they have handled a few cases in the software arena. We believe we are the best mix of experience, results, service and passion to help you protect your business! Call (877) 276-5084 to learn more about our flat rate fee programs.