×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Ask Slashdot: Dealing With the Business Software Alliance?

Soulskill posted more than 2 years ago | from the sharp-sticks-and-harsh-language dept.

Software 519

Kagetsuki writes "We've just gotten a letter from an attorney representing the Business Software Alliance stating someone (we're certain it's a disgruntled former employee) submitted information we are using illegally copied software. The thing is... we're not using illegally copied software. We have licenses for all the commercial software we are using. Still, according to articles on the BSA, that's irrelevant and they'll end up suing us anyway. So we now need a lawyer to deal with their claims and we don't have the money — this will surely be the end of the company into which I've sunk all my savings and three years of my life. Has anybody dealt with the Business Software Alliance before? What action should I take? Is there any sort of financial recourse, or at least a way cover our legal fees?"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

519 comments

Audit? (-1)

wsxyz (543068) | more than 2 years ago | (#36934824)

Could you invite them to come do an audit of your software?

Yeah. (4, Insightful)

Anonymous Coward | more than 2 years ago | (#36934840)

Everything I've heard about the BSA is that they employ our now corporate police departments to force audits/etc.

If they don't find shit, they don't have shit.

With that in mind, do your own audit first .

You have licenses for everything? Really? Even the software that wanker down in the mail room installed on his PC? Not yours? Not for work? Wasn't you, was just the employee?

Doesn't matter.

Re:Audit? (0)

Anonymous Coward | more than 2 years ago | (#36934842)

Isn't this idiotic? Show us your company internals or we kill you? Is it not a civil trial - if they lo

Re:Audit? (4, Funny)

neokushan (932374) | more than 2 years ago | (#36935022)

Shit, boys, I think they got to this one!

Usual "asking legal advice on Slashdot" post (5, Insightful)

Dogtanian (588974) | more than 2 years ago | (#36935180)

Posting near the top to state the bleeding obvious- 99% of Slashdotters are IANALs [wikipedia.org] and many will offer advice that sounds sensible to them, but may turn out to be woefully misguided and possibly have unintended consequences and land you in hot water (e.g. advice like this [slashdot.org]). This is because the legal system does not always actually work like geeks think it does [slashdot.org] (regardless of whether it *should* work that way).

Bottom line- unless the person is a lawyer, or has actual experience of having gone through this (and the consequences that ensued), you should not be taking their advice. And as I said in the post linked above, the problem is sorting out the ones who *actually* know what they're talking about from the armchair lawyers arrogant enough to think that they do.

Re:Audit? (0)

Anonymous Coward | more than 2 years ago | (#36934858)

Tell them what the situation is, give them a scan of your licenses, and remind them politely that if you do have to shut down because of them you will then have nothing left to lose?

Re:Audit? (2)

MoFoQ (584566) | more than 2 years ago | (#36934860)

if u do go the "audit" route.....use an independent auditor so it's not "rubber-stamped"

Re:Audit? (1)

Sylak (1611137) | more than 2 years ago | (#36934886)

I would think an audit SHOULD be standard procedure of any BSA filings, especially if it's brought up in criminal court. At the very least, they should hire an external auditor for the investigation that they can use as evidence, or so they can try and settle out of court in the even there was illegal software without their knowledge.

Re:Audit? - Hell no (4, Insightful)

haus (129916) | more than 2 years ago | (#36934888)

My guess is that if you let them in the door you will be screwed.

Keep in mind that while they like to act as if they are a government / law enforcement agency they are merely a private party that is hoping that people will be impressed enough with their act to hand over enough information to hand themselves.

But first, get a lawyer. (2)

khasim (1285) | more than 2 years ago | (#36934898)

The BSA will be sure to send a lawyer.
You'll need one who has experience in this.

And remember, it isn't just about the audit. You also have to prove (this is civil, not criminal) that all the software you're running is legit. Which means receipts from verifiable vendors.

Just because you have a license key does not mean that you have a "legit" copy (according to the BSA).

Re:But first, get a lawyer. (0)

hedwards (940851) | more than 2 years ago | (#36934994)

You've got that backwards, the BSA has to prove that the software isn't properly licensed. If they can't prove that the license keys aren't likely to be legit they don't have anything.

Re:But first, get a lawyer. (4, Insightful)

PCM2 (4486) | more than 2 years ago | (#36935126)

Not really. That's why the GP pointed out that this is a civil, rather than a criminal matter. In criminal cases we have the principle of "innocent until proven guilty," but that's not true in civil cases. For civil cases, the judgment is supposed to go to the party that offers the preponderance of evidence in favor of their argument. If the BSA comes in and says it has an affidavit from a former employee that says he was eyewitness to license violations, and you come in with "no, we're fine"... well, that might not cut it. You'll want to provide some evidence in your favor.

Do you have a receipt for every copy of Photoshop or Office your company is using? Do you have the original media with the label showing the serial number? No? Well how did you get those serial numbers, then?

If it gets to the point that you're going to trial and you allow the BSA to determine the terms and nature of the audit, you will probably lose. What company doesn't have a few license violations here and there? Whether the violations are intentional or not, if you come before a judge and swear you are in absolute compliance and you have no reason to deal with the BSA, and the BSA shows proof of license violations, it will look bad for you.

Re:But first, get a lawyer. (1)

HungryHobo (1314109) | more than 2 years ago | (#36935178)

I'd be surprised if there's a single reasonably sized company in the US which doesn't have some piece of software on some old machine, cell phone or clock radio for which they lack the original proof of purchase.

Re:But first, get a lawyer. (2)

HungryHobo (1314109) | more than 2 years ago | (#36935150)

In court possibly, their strategy however is that they use the threat of legal action which would bankrupt small companies like the OP's to force you to agree to one of their audits.

they audit your business outside of court system and if you don't have the receipts well you'll just have to buy another copy to satisfy them.

Don't like it? well back to court and they can drag it out for hundreds of thousands of dollars so that you go bankrupt and they win by default.

If you agree to the audit then they also get the bonus of a chance to trawl through everything, even stuff a court wouldn't normally let them and use that as ammo later.

Cooperate... Carefully (4, Informative)

cmholm (69081) | more than 2 years ago | (#36934910)

Google is your friend, turning up this 2008 advice column [baselinemag.com].

Abstracted:
- 1. Retain a lawyer, don't go it alone.
- 2. Cooperate—carefully, the BSA's attorneys stay on retainer by maintaining a high recovery rate.
- 3. Don't let the BSA's rhetoric intimidate you.
- 4. Don't rush out and buy any software.
- 5. Preserve evidence with confidentiality.
- 6. Find your allies.
- 7. Create a compliance plan.
- 8. Negotiate non-monetary aspects.

Re:Cooperate... Carefully (4, Informative)

dpilot (134227) | more than 2 years ago | (#36935206)

9. If you survive this, carefully investigate the potential to move your entire company to free, as in speech, software. If the only licenses you have to comply with are GPL, BSD, etc, the BSA won't have anything to audit.

Re:Audit? (1)

6ULDV8 (226100) | more than 2 years ago | (#36935162)

Why on earth would you ever invite anyone in to do something that has absolutely no benefit to you?

The OP says he doesn't have money for a lawyer. I say it's time to find some.

Re:Audit? (0)

Anonymous Coward | more than 2 years ago | (#36935212)

You're right - the OP needs to rob a bank!

Re:Audit? (1, Interesting)

funnyguy (28876) | more than 2 years ago | (#36935284)

We had this happen all the time. We just entered into an audit agreement. They gave us software to scan our systems, we ran it in a GPO script. Voila. It spits back a report of how many instances there are.

Get a lawyer... (0)

Anonymous Coward | more than 2 years ago | (#36934854)

...who will take all the earnings from a counter-suit, the amount of which would be their fee.

Get legal representation (5, Insightful)

mysidia (191772) | more than 2 years ago | (#36934866)

Don't agree to any BSA demands or requests. Find a lawyer experienced with dealing with the BSA.

If you agree to an audit, it's highly probable they will find something illegal, regardless of whether you did anything illegal or not. You need a proof of purchase for every copy of an installed software product. If you use a Windows environment, you need proof that you had sufficient CALs for everything, on effective audit date.

If anything's not in order, or you can't find one proof of purchase for 1 license of XXX, the BSA will insist the software is pirated (even if you bought it good and legal), tack on huge fines, etc

"We've just gotten a letter from an attorney representing the Business Software Alliance stating someone (we're certain it's a disgruntled former employee)"

Be prepared to sue that former employee, for all damages and costs your business incurred as a result of their allegation, If they made a frivolous/false claim that hurt your business, and you can show who it is, take them to court. Maybe they (and others) will think twice, before making false reports to the BSA racket people.

The BSA needs their evidence to sue you, make sure you force the BSA to divulge the identity of the person reporting. Again, you will need legal counsel to help you with this

Re:Get legal representation (4, Funny)

SuperKendall (25149) | more than 2 years ago | (#36934914)

If you agree to an audit, it's highly probable they will find something illegal, regardless of whether you did anything illegal or not.

Yeah, I heard they carry throw-down CD's of Word in their trousers.

"Well Frank, look what I found over here tucked behind the water cooler".

Those bastards!

Re:Get legal representation (1)

slothman32 (629113) | more than 2 years ago | (#36935244)

"Those bastards!"

The first time I read that I thought of South Park.

D'oh; oh wait that's a different show.

Re:Get legal representation (1)

sribe (304414) | more than 2 years ago | (#36934926)

Be prepared to sue that former employee, for all damages and costs your business incurred as a result of their allegation, If they made a frivolous/false claim that hurt your business, and you can show who it is...

If you can show that the claim is false, you should be able to subpoena the employee identity from the BSA>

Well, for starters... (-1)

Anonymous Coward | more than 2 years ago | (#36934868)

I'd pursue some form of extralegal remediation against that disgruntled former employee. And then follow it up with the same against the BSA lawyers. If the legal system doesn't protect the little guy, then nobody should be surprised when the little guy takes care of business without it.

TIme to PANIC NOW!!! (-1)

gavron (1300111) | more than 2 years ago | (#36934874)

Respond back to the letter being factual and honest. Tell the lawyer you're not using any unlicensed or unlawfully copied software.
SAY NO MORE THAN THAT.

Thank him for his time, and wait for his next letter. DO NOT sit there in a panic. Wait for his next letter and see what he says. It's too early for you to engage a lawyer if you've done nothing wrong.

Here's a draft

Dear BSA Attorney,
Thank you for your note of the 29th. We've reviewed software use at OurCompany and we have no unlicensed nor unlawfully copied software.

Thank you for bringing this matter to our attention so we can put it to rest,

Best regards,

You

Re:TIme to PANIC NOW!!! (3, Insightful)

UnknowingFool (672806) | more than 2 years ago | (#36934930)

While you would think that being reasonable and cordial is the right thing to do, you've given the BSA a letter they can use against you. If they find even one copy of software which you can't find the receipt, they'll use the letter. Get a lawyer first which will advise you of what to do. Remember, the BSA has started out with a threat not a cordial letter themselves. From that stance I would surmise that even if they are wrong, they don't care.

Re:TIme to PANIC NOW!!! (1)

Pinky's Brain (1158667) | more than 2 years ago | (#36935008)

Since no BSA case has ever gone to court how can you know if the judge will be as anal about receipts as the BSA's lawyers?

You're not presumed innocent in a civil case, but you're not presumed guilty either ...

Stupidest advice ever! (5, Informative)

Anonymous Coward | more than 2 years ago | (#36934944)

NO! NEVER SAY ANYTHING YOU HAVEN'T RUN THROUGH YOUR OWN ATTORNEY TO AN ATTORNEY ON THE OTHER SIDE. There are so many problems with it. Anything you say can be twisted by them. At a minimum, the "Thank you for bringing this matter to our attention so we can put it to rest," could be construed as an admission that you thought you may have had piracy. Thereby negating any counterclaim and potentially surviving different motions to get rid of it earlier.

Short answer: don't say anything until you get an attorney.

Re:TIme to PANIC NOW!!! (0)

Anonymous Coward | more than 2 years ago | (#36934958)

I disagree. Best to have another lawyer respond. Lawyers know 'sneaky' things. Honesty doesn't matter - defensive and offensive strategy from someone in the profession matters. A letter shouldn't cost more than a few hundred dollars.

Re:TIme to PANIC NOW!!! (4, Interesting)

Zadaz (950521) | more than 2 years ago | (#36935140)

Respond back to the letter being factual and honest

No, do not do this. Do not have any contact with them that's not through a lawyer. This is very important if it should ever go to court. And yes, BSA hates going to court. That's exactly why you should do it this way. Document the hell out of everything.

Have a lawyer draft a letter saying you're in compliance, have them send it, registered mail, to the BSA. This should not coast more than $150 or so.

There is a 90% chance that the BSA will back off when you do this. They will see you aren't a pushover. If they ever show up at your door without a subpoena, ask them to leave. Then call the cops.

Re:TIme to PANIC NOW!!! (1)

Anarchduke (1551707) | more than 2 years ago | (#36935192)

+1000 This is the best course to take.

I had a former employer who received a letter from the BSA under exactly the same circumstances. The difference is that we all knew the name of the former employee, and we all knew that the company was in fact, using unlicensed software. But he sent a return letter certified back to the BSA stating that he indeed did legally license all his software. And that was the end of the matter.

The BSA is used to getting disgruntled employees making claims, whether bogus or not. Right now they are fishing. If you bite their bait, they will hook you and reel you in, and fry you up.

Send the letter, say ONLY that you have properly licensed all your software. Then perform an audit yourself in case things progress to the next stage.

protection racket (0)

Anonymous Coward | more than 2 years ago | (#36934876)

How much does it cost to buy into their protection racket... errrr, I mean "join their organisation"?

Re:protection racket (0)

Anonymous Coward | more than 2 years ago | (#36935070)

Just your soul & self-respect.

Re:protection racket (1)

Dunbal (464142) | more than 2 years ago | (#36935242)

I understand that this is like the RIAA where the money only flows in one direction. And don't worry, that is not towards you.

You are screwed. (-1)

Anonymous Coward | more than 2 years ago | (#36934878)

Your company is doomed. Deal with the whistleblower abruptly. Your time is limited.

Re:You are screwed. (1)

dingen (958134) | more than 2 years ago | (#36935018)

He says it's a former employee, so what are you suggesting when you're saying "deal with the whistleblower"? You obviously can't fire him. What else can you do? Kill him?

Re:You are screwed. (1)

BitterOak (537666) | more than 2 years ago | (#36935040)

He says it's a former employee, so what are you suggesting when you're saying "deal with the whistleblower"? You obviously can't fire him. What else can you do? Kill him?

Well, if the statements aren't true, he can sue the former employee for everything he's worth.

Change the biz name (0)

cultiv8 (1660093) | more than 2 years ago | (#36934884)

shut down the business, incorporate a new business with a similar name, and transfer all assets from old business to new. Shouldn't cost anything more than a couple thousand bucks. A little shady and legally gray, but hey, so is the BSA.

Re:Change the biz name (2)

mysidia (191772) | more than 2 years ago | (#36934928)

Maybe instead of preemptively shutting down the business he should actually contact an asset protection expert, for advice.

There are ways to structure a business to protect it against dubious legal threats, like the BSA.

A common example would be.... one corporation owning the building.... another corporation owning the computers... etc

You can't just open a new business, move the assets, close your existing one, and evade legal problems. There are many considerations, tax issues, and otherwise.

If you intentionally undercapitalize your existing business, you might be at risk of having a court find you had committed a fraudulent transfer, or they might pierce the corporate veil. Therefore, you should see an attorney about all that as well

Re:Change the biz name (1)

rubycodez (864176) | more than 2 years ago | (#36934976)

What a cowardly waste of money. A lawyer's reply denying wrongdoing, promising counter-suit for false allegations and expenses incurred thereof, is the way to go.

Prima facie evidence? (2)

Harold Halloway (1047486) | more than 2 years ago | (#36934896)

This is both a question and a point but don't US courts require at least basic evidence before a suit can be brought?

Re:Prima facie evidence? (-1)

Anonymous Coward | more than 2 years ago | (#36934964)

You're obviously new here. It hasn't been that way ever since the Republicans and their Robber Baron masters took over.

Re:Prima facie evidence? (1)

rubycodez (864176) | more than 2 years ago | (#36934982)

you should have noticed by now the Democrats are also the bitches of the Robber Barons; we have oligarchy

Re:Prima facie evidence? (1)

lennier1 (264730) | more than 2 years ago | (#36935036)

^^ Pretty much. Corrupt assholes on both sides of the alley, but at least you still get to choose the label.

Re:Prima facie evidence? (1)

lennier1 (264730) | more than 2 years ago | (#36934980)

don't US courts require at least basic evidence before a suit can be brought?

And yet companies are constantly being sued over patents which are so broad or trivial they should've never been granted in the first place.

Re:Prima facie evidence? (1, Interesting)

couchslug (175151) | more than 2 years ago | (#36935024)

The rich own the courts and the cops. Unless you are willing to use violence against your enemies, you are screwed.

These conditions are what gave birth to the Mafia in the US. When the masters own the judges and the cops, the only way to redress is through a gang of your own.

The IRA had a fine old custom for dealing with problems. It's called "kneecapping". It's frightful, it's not murder, and the victim will never forget it.

Re:Prima facie evidence? (0)

Anonymous Coward | more than 2 years ago | (#36935222)

Amazingly close to my own thoughts.

Find out where they live. Tell them "You never fuck with another man's livelihood." Then break their legs.

Re:Prima facie evidence? (2)

RingDev (879105) | more than 2 years ago | (#36935044)

For criminal cases, yes. For civil cases (torts), not so much. Unless you have a lawyer, in which case their first avenue of defense is dismissal.

-Rick

Re:Prima facie evidence? (2)

silas_moeckel (234313) | more than 2 years ago | (#36935152)

Binding arbitration with non disclosure clauses, it's built into the software they did buy and agree to. They also agreed to the audit.

Same Thing Happened To Us (4, Informative)

Anonymous Coward | more than 2 years ago | (#36934904)

We sent an affidavit stating that we had appropriately licensed software, detailed the number of employees, provided ****'d out license numbers, etc.

They then said they wanted to put a laptop on our network to verify all our license numbers. We told them to f@ck off, that we'd provided them more than enough information, and that we'd be happy to speak to the police if they thought a crime had been committed.

We never heard back from them.

Re:Same Thing Happened To Us (1)

gl4ss (559668) | more than 2 years ago | (#36935256)

so anyone can use BSA to find out what sw someone is using to run their business? the sw used could in many houses said to be the trade secret.
I'm puzzled about how a laptop on the network would prove anything of what's running the biz though.

it seems BSA is a purely an operation of playing chicken, supposedly you agree to this bullshit when buying SW from bsa members, but how would they know you did? and if BSA would know for example which sw some company is running...

also, do they do this extortion on behalf of non bsa members too?

Re:Same Thing Happened To Us (5, Insightful)

ragarwal (1391171) | more than 2 years ago | (#36935272)

Send and *affidavit* AND quoted *license numbers* to the BSA upon a request.
I am not wearing a tin-foil hat, but, you sir, you seem like someone who works for the BSA.

This sort of a letter will be the single most damaging piece of evidence against the victim in the court.

We had this happen at a previous job (4, Informative)

sirgoran (221190) | more than 2 years ago | (#36934940)

We had a lawyer and had him draft a letter requesting information on what they claimed was illegal. Then we offered to show them the results of an internal audit. We also offered to submit to a third party audit that BSA would have to pay for. After lots of meetings and lots of legal wrangling the BSA went away empty handed. One small difference was we were running non-licensed software and were in violation. It was a web design house with 8 graphic designers and not one legal copy of Photoshop, Illustrator, etc. Since the BSA provided us with the list they claimed was illegal, we scrubbed it from the offending boxes so as to appear legal. Then over the span of the next 2-years we bought all of the licenses needed to cover our butts. This cost over $120,000 in software licenses. Far cheaper than what the BSA wanted. But the lawyer was key. Check with the Bar in your area for a probono lawyer. Perhaps you can find someone willing to work on a sliding scale. Also check with the Small Business Administration for ideas for legal help. Good luck.

Re:We had this happen at a previous job (1)

Billly Gates (198444) | more than 2 years ago | (#36934970)

$120,000 is very steep for just 8 employees? WOW ... you can buy a whole office space for the price of that in the midwest or south. Assuming you buy $700 per worker that only ends up as $56,000. At least you get a tax write off from it but still.

Re:We had this happen at a previous job (1)

hedwards (940851) | more than 2 years ago | (#36935030)

Thankfully it wasn't the RIAA otherwise that would have easily run into the millions.

Re:We had this happen at a previous job (1)

wasabii (693236) | more than 2 years ago | (#36935052)

CS 5 Prem is like, $1700.

I'm a big fan of the subscription stuff they offer now.

Re:We had this happen at a previous job (1)

topham (32406) | more than 2 years ago | (#36935080)

120,000 / 8 = $15,000 per employee for licenses is expensive? really? It's not unheard of at all. A software package I supported was $5k/seat, and that was only 1 piece of software they needed.

Re:We had this happen at a previous job (0, Troll)

BitterOak (537666) | more than 2 years ago | (#36935064)

Since the BSA provided us with the list they claimed was illegal, we scrubbed it from the offending boxes so as to appear legal.

VERY BAD ADVICE!!!!! When the BSA goes after your company for software copyright violation, it is purely a CIVIL matter. The worst that can happen is your business can be sued out of existence. By destroying evidence, you are committing a CRIMINAL offense, and one that is prosecuted very vigorously, especially by the Feds. You can spend some serious time in jail for that sort of thing.

Re:We had this happen at a previous job (0)

Anonymous Coward | more than 2 years ago | (#36935182)

Destroying evidence, or destroying unlicensed copies of software which they would have to do to get back into compliance? It's not as if they were deleting an email from the CEO that said "Buying all this software legitimately could run into the six figures which we don't have, so fuck that and let's do it the expedient way."

Re:We had this happen at a previous job (1)

sofar (317980) | more than 2 years ago | (#36935238)

you're suggesting that leaving the invalidly licensed software on the machines is a better course of action? LOL

Seriously though, hit "uninstall" and claiming in a court later that there was an accidental issue, you discovered it and fixed it, seems a LOT smarter than telling the court that "for three years after sent notice, defendent continued to operate illegally licensed software".

Re:We had this happen at a previous job (0)

Anonymous Coward | more than 2 years ago | (#36935100)

The mafia calls it protection money, and yes it protects you from them.
My suggestion - Join the BSA. Offer to include references to their great
work on your website. Include their flyers in your product. Mention them
reverently in your advertising.

Invite them to help you better determine how you can best work together.
Your problem will vanish - I know.

Re:We had this happen at a previous job (0)

Anonymous Coward | more than 2 years ago | (#36935110)

120k??? It's cheaper to hire a contract killer for the whole lawyer team! And environmentally friendly too.

Re:We had this happen at a previous job (1)

cvtan (752695) | more than 2 years ago | (#36935216)

Recycling lawyers. Returning them to the primordial ooze from whence they came. I like it except for the slight lead contamination.

Re:We had this happen at a previous job (-1)

Anonymous Coward | more than 2 years ago | (#36935130)

Well then, in this case, they were right to go after you. If you profit from it, you should buy it. That's common courtesy. Way to be thieves. Also, way to be criminals by destroying evidence.

Re:We had this happen at a previous job (0)

Anonymous Coward | more than 2 years ago | (#36935230)

Then over the span of the next 2-years we bought all of the licenses needed to cover our butts. This cost over $120,000 in software licenses.

Wouldn't large print versions of the licenses have ended up cheaper? How big were your butts?

Beware (1)

Anonymous Coward | more than 2 years ago | (#36934946)

I have yet to see a single company that didn't break software licenses. You might think you don't but that's just not necessarily true. For the day i arraived i pointed out they had unlicensed fonts among other things. But the owners were adamant that thy had never violated a single license, after all they said they live off such things too. Well yes i said do you have a central registry of all your licenses they said no.

As a summary they had about 20,000$ worth of unlicensed stuff in a simple inventory. Mainly because they dint keep track of their licenses, and some of them had expired, by moving on to different licenses etc. Still they were in license violation. So a word of warning, most likely you DO have unlicensed stuff, even stuff you are aware of but didn't think about earlier. So unless you have a central registry of all installed stuff somewhere with pointers to your licensing agreements your most likely screwed anyway, make a deal.

As someone who turned in another (5, Interesting)

sregor (1513645) | more than 2 years ago | (#36934948)

I worked for an engineering company who said they couldnt justify the 25 licenses of autocad civil3d they were pirating (but also said they needed them to maintain the workflow they had) and said that they didnt care about my liability in the matter being the only IT person in the company. I turned them in. The BSA offers a reward, and at first they tell you that if they have to use your testimony they cant give you anything (it would be like paying for testimony) but they tell you that its rare that you ever have to actually use your testimony as the companies generally settle. If it gives you any comfort, the person that turned you in will not get any reward. the BSA find ways to make it so they dont have to pay out the reward for ratting you out. Now as far as your legally obtained software. Scan your PCs for software installed and make sure you have Purchase Records of all software installed that requires a license. this is what any lawyer you hire is going to want. the purchase records are there to prove you had the licenses prior to them coming to you stating that you didnt. the legal group the engineering company I worked for used was Scott and Scott, iirc they are a bit pricey but they will minimize any fines or fees that could hit you from them. I say do your own due diligence first, then see where you stand. just because you didnt authorize the install of software doesnt mean you have not had an employee installing any and everything they could get a serial generator for, which on your machines, means you are responsible for it. Oh also dont go formatting and reinstalling the OS on all of your machines. this looks bad if it goes to court like you were trying to hide something according to the lawyers at scott and scott. I regret doing this to the engineering company myself, but in the end, they are better off for it. Autodesk gave them a huge break on network licenses for their CAD software, and they are now operating 100% legit on the software side for less in fines than it would have cost to buy the stuff out right.

No, the can't (-1)

Anonymous Coward | more than 2 years ago | (#36934956)

I don't know what court system your dealing with but the law of the land does not state they can sue without cause. An accusation is not cause. They cannot audit you without a warrant. If they are not within your jurisdiction, they cannot enforce a warrant. Basically you can tell them to "F" off and refuse them to enter your business. BSA is nothing but a scare tactic for people who don't know their rights. Stand up to them, tell them to f off. Hell, I would even dare them to mess with you. They have no legal recourse or foundation.
Also, you need to contact the former employee and inform them that they are liable for slander and libel and can be prosecuted for making false claims. To make sure to know who it is just simply ask the BSA. They have to tell you who made the accusation...it is in the Constitution.....you have the right to know your accuser. If they refuse, then they cannot investigate you. It is the law. SO, relax, they can not touch you and will back off if you show them resistance.

Re:No, the can't (2)

LVSlushdat (854194) | more than 2 years ago | (#36935134)

See? If you'd been running Linux and all gpl'ed software, you'd have the absolute JOY of telling BSA to go take a flying leap at a rolling donut.. or other phrases I'm thinking but rather not say on a PG site.. As long as you're sure you have no BSA-repped commercial s/w on any machine, DARE them to come in for an audit.. Then when they find nothing sue them for harrasment. (and let the air out the tires of the audit teams tires)

No Lawyer? (1)

ObitMan (550793) | more than 2 years ago | (#36934962)

you have a business and no lawyer?
Hire a lawyer. don't screw yourself further.
If you are confident that you have all invoices and reciepts for the BSA member software you are using, Get a lawyer who can verify that you have the proper licensing and can draft a response. If you can't afford this, you are out of business.
If you don't respond, they may get a court order and seize your stuff to investigate, then you are out of business anyway.
Even If you close up shop they will still come after you. this will probably cost you more money than a lawyer.

Re:No Lawyer? (1)

hedwards (940851) | more than 2 years ago | (#36935074)

Unfortunately in modern America it's a good idea to have both an attorney as well as an auditing firm that you do business with for these sorts of occasions. An independent auditor is invaluable when things like IRS audits and letters like this come in because it's much less likely that there's going to be something going on that you don't know about. And in many cases you can have them do a run through to find anything that may have been missed prior to having to respond to the letter.

It's difficult for an attorney to deal with these sorts of things when he's not completely sure if there is any unlicensed software on the network. He's not going to have to report you for it, but it is important for him to know if there's likely to be any surprises if it comes to an independent audit or subpoenas start flying.

Re:No Lawyer? (1)

Anonymous Coward | more than 2 years ago | (#36935250)

He is a small business. Laywers are very expensive and like he said it would bankrupt him to hire one. In this recession many businesses are just trying to break even with the owner making less than that of a McDonalds until the recovery comes back.

Not everyone works in a fortune 500 company.

No one expects the Spanish Inquisition (0)

Anonymous Coward | more than 2 years ago | (#36934986)

Among our weapons are Surprise and Fear. And an almost fanatical devotion to the Pope.

Countersue (1)

funkatron (912521) | more than 2 years ago | (#36934990)

Find some dirt on the BSA and chase them with it. You already have a false accusation letter which will cost you money to deal with maybe you could hound them for those costs until you find something bigger to take them on with. And remember, discovery is your friend, use it on anything and everything, it'll make them squirm.

Re:Countersue (1)

ColdWetDog (752185) | more than 2 years ago | (#36935084)

Find some dirt on the BSA and chase them with it. You already have a false accusation letter which will cost you money to deal with maybe you could hound them for those costs until you find something bigger to take them on with. And remember, discovery is your friend, use it on anything and everything, it'll make them squirm.

Righto! A small businessman should take the time out of his presumably busy day to befriend LulzSec and / or brush up on hacking techniques, burrow into the BSA servers and find all manner of incriminating emails and the 100 pirated copies of Word Perfect 5.1. Or hire a private investigator to follow the BSA executives and get compromising pictures of them purchasing Girl Scout Cookies. Or better yet, plant 10 kilos of pure cocaine in the CEO's executive washroom.

What could possibly go wrong?

Hire the mafia (1)

Anonymous Coward | more than 2 years ago | (#36935004)

They have a lot of experience dealing with this sort of scam and might be cheaper and more reliable.

BSA and how they work (2)

kilodelta (843627) | more than 2 years ago | (#36935028)

Ok, you must have a profitable company if the BSA is actually coming at you. I know because a former employer of mine was using tons of unlicensed software despite the advice of both myself and the company controller warning him that it wasn't right. So I dropped the dime to the BSA. Know what they told me? The company wasn't healthy enough financially to bother going after. So start hiding assets.

Re:BSA and how they work (1)

ShakaUVM (157947) | more than 2 years ago | (#36935098)

>>The company wasn't healthy enough financially to bother going after.

How do they know, if it isn't a publicly traded company? Does the BSA have access to IRS records or something?

The whole thing seems like a scam to me.

Re:BSA and how they work (1)

Anonymous Coward | more than 2 years ago | (#36935184)

So I dropped the dime to the BSA

You are an asshole.

Step by step (5, Informative)

wombatmobile (623057) | more than 2 years ago | (#36935032)

We've just gotten a letter from an attorney representing the Business Software Alliance stating someone (we're certain it's a disgruntled former employee) submitted information we are using illegally copied software.

Reply to the letter like this:

We are in receipt of your correspondence reference ____ dated _____. Could you please advise details of the claim. What software is claimed to be in breach?

Send the reply by registered mail and then do nothing more until you receive a reply.

Engage a lawyer who is experienced with the BSA.

The BSA is great advertising for the FSF. (4, Informative)

Anonymous Coward | more than 2 years ago | (#36935042)

As soon as you are done with your BSA nightmare, I advise you to stop using proprietary software. If Ernie Ball can do it, so can you.

Dealing with the BSA (0)

Anonymous Coward | more than 2 years ago | (#36935056)

"... we're not using illegally copied software. We have licenses for all the commercial software we are using."

Then what's the problem? Let the suit(s) from the BSA do his/her futile work; as long as you can prove
your position why should that cost you anything? Go back at them with harassment and intimidation.

BSA = bad (0)

Anonymous Coward | more than 2 years ago | (#36935086)

As far as I know there is one, and only one, way to keep the BSA out: Do NOT use commercial software.

The BSA has no legal authority to enter your premises. What they have is a contract from certain (but by no means all, or even most) software companies to police their licenses. As part of a EULA a software company specifies that use of their software means you allow them (or their agents) access to your systems for the purposes of license validation. They have no legal authority to levy a fine either. What they can do is collect "damages, potential or actual" from software licensees. If push comes to shove they would have to take you to court, prove all the contracts, prove all the software violations, etc etc and then the COURTs could levy a fine. The BSA are racketeers who persuade you that paying them money now saves you from all this court hassle and expense later. And they are correct in saying that.

However, I just checked the GPL, and there are no clauses that give the BSA any authority whatsoever over you, your software, your company, or your money.

Imagine that...

just tell em to GTFO! (1)

FudRucker (866063) | more than 2 years ago | (#36935114)

if they want to come in and look around tell them to GTFO, stand up for yourself and dont let them treat you like a chump and dont let them give you the bum's rush...
they have to show the burden of proof since they are the accuser, do your own auditing of your computers and make sure you have licenses for all commercial software installed on all computers...

BSA letters are sometimes complete BS (0)

Anonymous Coward | more than 2 years ago | (#36935124)

I got a letter from the BSA when I was running a one man company. I was the only employee, and I used a GNU/Linux system with entirely free software. A got a BSA standard-looking letter said I was somehow using pirated software. BSA=BullShit Agency.

Don't give them ANYTHING (1)

Arrogant-Bastard (141720) | more than 2 years ago | (#36935156)

The BSA is an extortion racket, which routinely threatens people/companies in order to shake them down for cash. (I've received my own letter, even though I've used free/ open-source software for decades and am in full compliance with the relevant licenses.) Make sure you're in compliance and can prove it -- to a court, not to the BSA. Do not respond to them. If they're actually serious about suing you, then let them do it...because they will have to prove their claims in court...which means that they'll have to state their claims...which means that they'll have to reveal where their information is coming from. Then countersue them AND the ex-employee. You should also blacklist their domain so that they can't send your email -- after all, you're require to provide them with email acceptance service unless they have a valid contract for that service (with you). Make sure you blacklist it outbound as well so that nobody can accidentally send them anything. In other words: force them to put up or shut up, and force them to do it court. My guess is that like most bullies and cowards, they won't press it.

Re:Don't give them ANYTHING (0)

Anonymous Coward | more than 2 years ago | (#36935198)

What do you do about using free software? For example lets say I download and use Chrome on my desktops. Do I need to have Google print me a license to run Chrome or is it guilty until proven innocent? I am asking because I want to start a business and it will be web based with PostgreSQL, CentOS, and I will need Firefox and Chrome. I do plan on buying licences for Office 2010, Windows 7, and Adobe Dreamweaver eventually, but I want to make sure I have nothing the BSA can go after since a EULA is all I get for downloading the free software packages.

Re:Don't give them ANYTHING (1)

Anonymous Coward | more than 2 years ago | (#36935266)

> If they're actually serious about suing you, then let them do it...because they will have to prove their claims in court.

Actually no, they have the police kick in the door and take the servers, and you'll have to prove your innocence to get them back. That's how they operate.

Damn Glad We're on Linux (4, Insightful)

Alpha Prime (25709) | more than 2 years ago | (#36935218)

I'm really glad the software shop I'm working with is on Linux. No Windows crap in sight. We could get one of those BSA letters and all have a good laugh.

I feel sorry for anyone that has to deal with the BSA. My condolences, but you should have chosen software without licensing issues. The idea of keeping track of the sales receipts as well as the licenses themselves is ridiculous. What would they do if you paid cash for the licenses? The source of the license does not matter as long as the license itself is not a forgery.

Do not say anything. (2)

loxosceles (580563) | more than 2 years ago | (#36935224)

Do not say anything. Tell them to fuck off and don't address in particular or in general anything they alleged.

The *only* time you open your mouth to an agency (public or private) that is investigating you, whether it's the IRS, police, feds, or the BSA, is through a lawyer. That would typically take the form of a *response* to a demand letter.

A consultation and getting a response letter written by a good lawyer may run you circa $1-2k, but if the alternative is getting sued by the BSA or shutting down your company, it may be worth it.

... we're not using illegally copied software. (1)

NemoinSpace (1118137) | more than 2 years ago | (#36935232)

Look again.
These guys may rely on fear and intimidation, but they don't make this shit up. If your former employee dropped the dime on you, he didn't do it so he would go to jail for lying. He did it to screw you over. I would bet he knows something you don't. Hell - he could have put the stuff on there himself. It's time to wipe all your machines and re-audit them. While your waiting for that to get done, you can pretty much tell them to FOAD. Next time give your employees a better severance package.

Do not despair (5, Informative)

stephanruby (542433) | more than 2 years ago | (#36935234)

Still, according to articles on the BSA, that's irrelevant and they'll end up suing us anyway.

First off, do not despair. That's not going to do you any good.

Don't be afraid to tell the lawyer that you don't have any money during your free initial 30 minutes consultation (assuming you're in the US, call your local State bar association for a referral). I'm sure that you'll be able to work something out with him or her.

For now, read the article quoted below. The point of that article is that you can do a lot of this work yourself, but that you should still hire a lawyer to at least "supervise" the self-audit process and act as a go-between.

Now the article doesn't mention it, but if I were you I'd check that any old computer laying around the closet has current valid licenses. Whatever happens, make sure you do not get penalized for super old hardware that you're not even using anymore. Also, start inspecting any computer the disgruntled employee has had access to. You never know what he may have installed on there without your knowledge. It's good to go in this with your eyes wide-open.

And then, try contacting the same types of companies in the same niche industry as yours, chances are that they're not just targeting you -- since they recently increased their volume of enforcement letters. So if you can find others within the same jurisdiction as yours, with a similar predicament, you may be able to band together and pool resources.

http://www.baselinemag.com/c/a/Projects-Management/What-to-Do-When-You-Receive-a-BSA-Audit-Letter/

Let's face it, software asset management (SAM) might be a best practice, but there are still plenty of organizations out there who haven't instituted SAM due to a lack of resources or initiative. If your organization is one of them and the Business Software Alliance (BSA) hasn't come calling yet, there's still time to get your house in order. But once that BSA threat letter hits the mailbox, the ballgame changes.
The BSA is known to be a persistent enforcement agency which rarely grants clemency to organizations once it begins settlement proceedings. The following eight tips are offered by two attorneys who specialize in BSA defense cases; they give advice on what to do once your business receives a letter requesting a BSA audit.

1. Retain a lawyer.
The BSA is an efficient organization when it comes to extracting punitive damages from companies found to be in a non-compliant licensing situation—its experts and lawyers know copyright laws inside and out because that is all that they do. For that reason, Scott recommends seeking legal counsel as soon as an audit request is received from the BSA.

"Whether the attorney is working in-house or outside the firm, don't go it alone," you have an audit," said Rob Scott, partner at Houston-based Scott and Scott. Scott said. "The BSA has very experienced attorneys working for it and this is a very complicated process. It involves not only the legal issues related to copyright law, but also it subsumes with it all of the software licensing rules because the copyright claim that lies underneath the BSA audit matter is related to the software licensing rules."

2. Cooperate—carefully.
As much as a business person would love to screw up their eyes and wish the BSA away, the trouble will only multiply through inaction. Though the BSA is not a law enforcement agency it is acting on the behalf of the software companies and it will take matters to civil court if a business does not cooperate with the self-audit process and settlement negotiations.

"When you get a letter from the BSA do not throw it away," said Steve Helland, partner at the Minneapolis-based law firm of Fredrikson and Byron. "That is a serious tip, because some people think that 'Oh if I ignore this it will just go away, but the cases where the BSA is most likely to file in court are where they think there has been infringement and they don't get any response." Scott agrees.

"You really are in a position of either cooperating with the self audit process or facing litigation," Scott said. "Between the two most clients choose the self audit process because it has a lot of advantages over litigation."

According to Jenny Blank, director of enforcement at the BSA, timely cooperation is likely to improve a business' chances for a reduced settlement. "If we have to fight and argue and try to persuade someone to do an audit and it goes on for month after month after month, that's not a cooperative company and that company is not going to get, maybe, the lowest number available," Blank said. "The company that comes out and works with us and says, 'You know what? I'm going to do an audit and we're going to discuss the results like adults and we're going to come to a fair agreement,' well, when it comes time to making that final number, it is going to be noted that this was a cooperative company who wanted to do the right thing."

But Scott and Helland warn businesses to tread carefully during negotiation. "Remember the sole propose of the BSA is to get as much money from your business as possible," Helland said. "The way that those lawyers stay on the retainer of the BSA is by having a high recovery rate it is not their incentive to be your friends."

One of the first things Scott says he does for his clients starting the process is draft a contract with the BSA that protects them should matters end up in court.

"We basically enter into a contract with whoever the auditor is that says we'll agree to produce the audit materials if you agree to keep it confidential and agree that information exchanged is for settlement purposes only and there is no admission here that you could use against us in court," Scott said.

3. Don't let the BSA's rhetoric intimidate you.
The BSA's threat letter can be a pretty scary item when it is addressed to your business, but Helland says that businesses shouldn't despair. "Things are probably not as bad as the bsa suggests they are," he said. "If you've seen a sample of the bsa's threat letters, they say that copyright law allows for $100,000 in damages per infringement, but what they don't tell you is that the number of cases in which that level of damage is awarded is extremely rare."

His advice is to not allow these high initial numbers cloud your judgment during negotiation, because otherwise you could leave money on the table in the form of a better deal that just might have been accepted.

4. Don't rush out and buy any software.
When many businesses first receive an audit letter from the BSA the first impulse may be to panic and rush to action. Scott recommends strongly against buying a lot of software to 'make up' for the amount of non-compliant seats an organization may find once they're faced with an audit.

"Any software that you purchase after the date of the letter is not going to help you in the audit matter whatsoever," Scott said. "You can uninstall software that you don't need on a go-forward basis."

5. Preserve evidence with confidentiality.
As an organization goes through the self-audit process, it is critical to collect evidence so that it is protected from being discoverable evidence during litigation. Scott recommends having an attorney oversee the process to ensure the confidentiality of the audit information.

"Having the attorneys involved in controlling the collection of the information and the reporting imbues that information with certain privileges that help protect the client's interests," Scott said, "otherwise the resulting paperwork could be discoverable in court."

Having an attorney supervise the process will also ensure that an IT staff eager to be cooperative doesn't give the BSA more information than it needs.

"Prepare your audit response carefully, and with the legal assistance of counsel because otherwise the off the cuff audit response prepared by your IT staff alone will be the confession that will hang you," Helland said.

6. Find your allies.
Don't forget that it pays to ask for help when you need it. Helland suggests enlisting the help of software resellers or even the software vendor itself if there is a previous relationship.

"If you use a sales rep who helps you purchase a lot of software, get them on your side," Helland said. "Get your software reseller on your side, ask them for documentation. In some cases, if you have a relationship with the software vendor itself, leverage that."

7. Create a compliance plan.
The self-audit process will need to be completed quickly and the BSA will definitely make demands for an organization using unlicensed software to get into compliance. Scott believes the best way to negotiate is to prove the organization is serious about making amends by developing a compliance plan.

"It's just a basically a crash course in software asset management," he said. "Make sure that you're SAM folks are either cooperating with whoever you have working on the audit to do the work that is needed to complete the project in a way that is much faster than what typically it organizations are accustomed to dealing within terms with software license compliance and software asset management."

8. Negotiate non-monetary aspects.
One common mistake businesses make while negotiating with the BSA is they focus only on the amount of money they'll have to pay to settle. However, there are other non-financial factors at play as well.

Non-monetary aspects to a settlement may include agreements as to how and when the BSA can inspect a business in the future and whether or not the BSA can publicize the details of that business' case. Scott advises those negotiating a BSA settlement to carefully consider the future impact to the business that such settlement agreements may have before signing on the dotted line. Unless a business includes the right stipulations within the settlement, the BSA could end up issuing a press release for all to hear about the investigation and settlement fine.

"Certainly damage to brand is a major concern to anyone who has been accused of software piracy or being out of software license compliance and how the BSA publicizes a particular investigation may have a major negative impact on a particular company's brand," Scott said.

"Thank you for your letter of July 20 ..." (1)

Anonymous Coward | more than 2 years ago | (#36935258)

"We believe that you are in receipt of maliciously false statements about our firm. We read your letter (dated July 20) as indicating that you have fallen victim to false statements made about us, by some party who may intend to enlist your organization in wrongdoing against our firm.

"We expect, believe, and trust that you will not collude in such wrongdoing.

"As a gesture of your own good faith in the matter, we must insist that you forward to us all such statements or claims that you may have received regarding our firm, which may have motivated your letter of July 20. We expect to pursue civil and criminal action for libel against the parties responsible for disseminating such maliciously false claims.

"Should you decline to cooperate in this matter by forwarding to us the libelous statements in your possession, we may pursue the matter further to secure the evidence. You are hereby cautioned to retain any such evidence and not to destroy or discard it, as destroying or withholding this evidence from lawful investigation may constitute willful obstruction of justice."

(IANAL)

Tell them no (2)

nurb432 (527695) | more than 2 years ago | (#36935268)

Tell them to go to hell and prove it in front of a judge and get a warrant. Don't let them in just beacuse they want to. Take your documentation for licenses and installs to court and show it to the judge. "we did an audit, this is what we use and we are licensed for these copies"

Also assume this "disgruntled ex-employee" planted something somewhere, so do another audit NOW.

Yes, I've had experience. We lost (& kind of w (5, Informative)

urbanriot (924981) | more than 2 years ago | (#36935276)

First order of business, pull up information on the lawyer that initiated contact with you to determine how much experience they have at the firm. If you're a small company they may have someone with limited experience, say three years, and if so, argue as much as possible and you may distract them from one of my other points.

Secondly, forget anything you believe to be true about software licensing and forget about license agreements included with software. What Microsoft, Autodesk, Adobe, etc. licensing department tell you on the phone and what they state in their licensing terms is not true and will not hold up legally unless you have more money than the fines to afford lawyers to fight the big guns. It's not a legitimate license unless you have a receipt. This is important, I repeat, you do not have a legitimate license unless you have a receipt for it. It doesn't matter if it's past 7 years, you have product keys on the side of your chassis, or you have discs; you must have it on the receipt.

Thirdly, do not provide information unless you're specifically asked for it. Read what they've requested, interpret it as literally as possible and if that allows you to include some information and not include other information. This point may not seem relevant to you and I'm not going to get into detail, but I want you to consider this point for at least an hour as the outcome may have a huge monetary difference.

Fourth, you can't buy stuff now and attempt to pass it off as something you'd purchased before they served you. Don't even consider back-buying software you didn't own before. Date of receipt ties into point number two.

Fifth, consider how they obtained this information and how much the person who provided it really knows. I won't give you advice on what to do with the software this person may not be aware of but I'd ensure your file servers are Linux and if you've ever made a transition from Windows to Linux, hopefully it was a transparent process to the users.

I won't get into details over our case as it cost us a tremendous amount of money, five figures, and at the same time, they may have missed a lot of stuff (the site is certainly fully legal now). If you have any other questions, feel free to fire them off and I'll try to answer as well as possible. The best advice I can give you is to consider this a logic problem.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...