Software Piracy, You and Your Employer

by Gregg Berkholtz
PANUG president
president@panug.org

Did you know that software piracy by your employer, can affect your personal finances? When you are caught, there can be civil damages as high as $100,000 per violation levied against your employer. Criminal damages against those responsible for managing the inventory of the software can go as high as $250,000 and/or 5 years in jail. Due to the fact that the software industry is relatively new, and because copying software is easy, many people are either unaware of the laws governing software use or choose to ignore them.

Did you know that nearly one out every four installations of software are an unlicensed copy? Are you sure you are the exception, not the norm?

Enforcement

Did you know that if you are audited by a organization such as the BSA (Business Software Alliance) they will usally arrive on-site, without warning, and with a Federal Marshal to assist them in enforcing the warrants that they will have.

Usually the companies like the BSA act on a tip, these tips can come from disrungled employees, upset clients, or anyone who would have a reason to want to cause harm to you or your company. What makes this even more enticing for the ``Whistleblowers'' are laws like the Federal Whistleblower Act, that can grant the ``Whistleblower'' access to significant amounts of any damages collected from the company, or persons responsible. Did you know that over $40 million dollars have been awarded in fines and fees from companies that where caught? Something to think about...

Protection

How do you protect your company from becoming another statistic? First, you need to have a software management policy. What this policy will provide is guidelines for your organization to follow. It will include things such as:

  • How the software will be inventoried, and where will this central database reside?
  • Who will manage the inventory?
  • Who will be the SOLE person that receives and will manage distribution of the software within your organization? At the potential of $100,000 per infraction, can you afford not to hire someone(s) to manage this?
  • What are the purchasing procedures for the software? Software channels should be restricted so that what comes into the company can be controlled.
  • Document and implement how you will train your employees on the new policy. The BSA has a very informational video available, see the site for more information.

Next, you need to make sure you read, understand, and follow the terms of any license agreements. Surprisingly, many companies, school districts, and government organizations don't do these simple things, or set these tasks aside to be dealt with ``when there is time'', here lies the fatal flaw... No one is exempt from copyright law.

Always remember; software is an asset not an expense, it is a tool that helps you get your business done. Can you imagine a plumber without his wrench? Good, because you need to think of software in the same light.

You are the IT department, you are responsible for managing this asset of your company.

Conclusion

Now that you have that policy, you need to clearly communicate this policy to your employees and then document that they have read and understand the terms. Usually signing a small form will take care of this. There are some sample documents on the BSA and SIIA sites.

Now you need to begin building an inventory of the software that you have in your company. Both the BSA and SIIA offers some well written tools for doing this, visit their sites for further information.

Disclaimer: In no way should this document be considered de-facto legal advice, before you act, you should consult legal counsel. It is the responsibility of everyone to understand and adhere to copyright law. Ignorance of the law is no excuse.