Software Auditing and License Management
On November 6, 2000 slightly more than a year ago my company received a letter in the mail from the Business Software Alliance that changed the way we've done business ever since. In case you don't know about this organization, the Business Software Alliance (BSA) is a non-profit organization formed to enforce software licensing agreements. In fact, the BSA pursues all kinds of tactics to make sure that large and small businesses adhere to the terms and conditions found in the licenses for the software they use, with heavy emphasis on stamping out software piracy.
The letter we received from the BSA, as I learned later, represented a major thrust by the BSA into secondary metropolitan areas to "encourage" license compliance from local businesses. At the same time that the letter hit our mailbox, similar letters were showing up in other mailboxes by the thousands in our hometown of Austin, Texas, but also in St. Louis, Missouri, and other cities with between one and three million inhabitants.
Campaigns for the largest US cities, such as New York, Los Angeles, Chicago, and so forth, have not only included targeted mailings like the one we received, but also billboards and print ads to alert organizations that if they are caught in violation of software licenses, they are liable for hefty fines and penalties. In fact, the letters and the ads point out almost gleefully that in addition to being forced to pay for all software used in violation of software licensing requirements, organizations caught committing piracy can be levied fines up to $150,000 per infraction for each illicit or pirated copy of software found on their premises. Big ouch!
Who's Pushing the BSA's Buttons?
Before I go any further, it's important to examine the BSA's mission statement: "The Business Software Alliance is the voice of companies developing the software, hardware and technologies building the Internet and electronic commerce" (italics are mine, for emphasis only). That's right, the BSA is funded by the very companies who seek to benefit from eliminating software piracy by selling legitimate copies of software to companies that may not be in compliance with licensing requirements for commercial software.
When considering who's behind the BSA, think about big software companies in this context for example, Microsoft, whose name shows up in tandem with the BSA in news stories and press releases more often than not. In fact, BSA worldwide members include Adobe, Apple, Autodesk, Bentley Systems, CNC Software/Mastercam, Macromedia, Microsoft, Symantec, and UGS, among others. There's even been speculation that member software companies contribute names and addresses of customers who've licensed software from them in the areas targeted for BSA mailings and advertisements. This may seem a bit paranoid, but it stands to reason that organizations willing to join those companies' registration databases may be law-abiding enough to be scared or forced into compliance by threats of legal action and financial penalties. Real pirates (the seagoing kind, that is) were also usually scofflaws, inclined to avoid and ignore the law except when compelled to admit its existence by superior force. I believe that hardened modern-day digital pirates probably have similar attitudes toward software licenses as well.
The tactic used in the letter we received from the BSA warned of potential spot-checks on companies in our area. It also indicated that the BSA was declaring an amnesty through November 30, 2000, for companies who could show proof of purchase and legitimate licenses for all software in use on their premises. In other words, we had just a little over three weeks to conduct a complete software audit, figure out our compliance posture, purchase any necessary software, and get our records in order. The letter made it clear that only by doing so could we safely withstand a potential hostile audit from the "software police."