Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror
United States

Is the BSA "Grace Period" a Scam? 879

Posted by Cliff
from the examining-shady-practices dept.
An anonymous reader asks: "I work at a small non-profit that has 18 employees plus a 13 seat computer lab. We received a form letter from the Business Software Alliance (BSA) telling us to do a self audit and if we find any unlicensed software to report it during our 'Grace Period' because 'if you organization's software is not licensed, it could become to focus of a BSA investigation'. Now this is obviously a method to scare up some business for the BSA members. If we ignore this, how likely is it that we will be 'investigated'. I know that I cannot produce the original CD's and/or documentation for some of the software that we HAVE paid for."
This discussion has been archived. No new comments can be posted.

Is the BSA "Grace Period" a Scam?

Comments Filter:
  • by ajuda (124386) on Wednesday February 05, 2003 @09:36PM (#5237216)
    If you stole from them, and you admit it in the near future, they promise not to sue you. Yep, sounds like a scam to me.

    Step 1: Promise not to sue people
    Step 2: ????
    Step 3: Profit!!!
    • by stendec (582696) on Wednesday February 05, 2003 @09:51PM (#5237324)
      knock knock

      Who's there?

      BSA: (mumbles)

      Who?

      BSA: Unicef.

      Oh! Why didn't you say that before?

      BSA-landshark attacks pirate who opens the door.

    • Step 1: Promise not to sue people Step 2: ???? Step 3: Profit!!!

      "Grace period" means they won't sue you if you come forward. It doesn't mean they'll let you continue to use pirated software; they just expect you to buy legitimate copies at this point. It's the same thing that the IRS does every few years. If you come forward they won't penalize you for not having filed your tax returns, but that doesn't mean you don't have to pay any back taxes.
    • Stole from them? (Score:5, Interesting)

      by smartfart (215944) <joey.joeykelly@net> on Wednesday February 05, 2003 @10:43PM (#5237675) Homepage Journal
      You're kidding, right? The BSA doesn't produce any software. They only run this scam (IMHO, the whole thing is a scam, from beginning to end) because they can get cash from Microsoft and other companies that write software by threatening these companies' customers.

      Personally, I refuse to play. I will not purchase any software from any company that employs the services of collection agencies such as the BSA. Furthermore, I will do everything in my power to dissuade my clients from purchasing software from these companies.

      • Re:Stole from them? (Score:5, Interesting)

        by anon*127.0.0.1 (637224) <slashdot.baudkarma@com> on Thursday February 06, 2003 @12:26AM (#5238283) Journal
        You might want to check out who the BSA members are before you decide you're not going to buy software from any company that employs them. Lets see... Microsoft, Apple, HP, Adobe, Cisco, Novell... quite a collection.

        The comparisons to the IRS are pretty apt, though. What generally happens is that the BSA gets a tip from some disgruntled employee/ex-employee that company X is using pirated software. The BSA picks a few of those companies at random (or maybe they have some criteria) and takes 'em to court. Unfortunately, the onus is on Company X to prove that they have licenses for all the software they're using. If they can't, they have to pay for the software and generally get whacked with "punitive damages" as well.

        The BSA uses those cases to threaten everyone else into doing those bogus "self-audits" and sending hush money to the BSA.

        I don't mind paying for the software my company uses, but keeping track of all the licenses is a major pain in the ass. Every software seller has a different definition of what you have to be able to present to prove that you have a license. A piece of paper? Something with the serial number? The installation CD?

        Then they all have different license terms. Some require you to buy one copy for each computer, some let you buy one copy for each concurrent user, some let you uninstall the software from one system and put in on a different one, some make you you buy a fresh copy for each system... it's a HUGE hassle, and the software vendors don't really seem to give a crap about how difficult they're making it for their customers.
        • Re:Stole from them? (Score:5, Interesting)

          by Qrlx (258924) on Thursday February 06, 2003 @02:51AM (#5238800) Homepage Journal
          What generally happens is that the BSA gets a tip from some disgruntled employee/ex-employee that company X is using pirated software

          Just a real world example..

          I'm the network schmuck at a small company. I got the job because after a year of ineptitude, they let the previous guy go.

          About a week after I started, I got a menacing letter from the BSA. It said we might not be compliant....yadda yadda yadda.

          Well, it turns out that the previous network admin had installed Windows 2000 and Office XP on a lot of computers without having licenses for them...

          He installed the software while worknig there, knowing we didn't have licenses, then when he got fired, he called the BSA.

          Explain to me again why this is the fault of the company, and not the individual who knowingly broke the rules? (And yes I am very hesistant to say "law")
          • Re:Stole from them? (Score:4, Informative)

            by artemis67 (93453) on Thursday February 06, 2003 @09:20AM (#5240076)
            He installed the software while worknig there, knowing we didn't have licenses, then when he got fired, he called the BSA.

            IANAL, but it sounds to me like the company could sue his ass off, and possibly even get criminal charges brought against him.

            It also seems to me that, if the comapny is forthright in admitting guilt and ignorance, the BSA may be willing to pursue the network admin instead.
        • by kfg (145172) on Thursday February 06, 2003 @06:00AM (#5239293)
          And remember, the next time MS gives you that TCO crap, that this hassle, and its attendant expenses, are part of the TCO of using software that falls under the aegis of the BSA.

          Just say no.

          KFG
  • by Zephyre (111710) on Wednesday February 05, 2003 @09:39PM (#5237236)
    I used to work for a small computer repair shop in my town before I moved off to school. We recieved the same letter from the BSA, grace period and all. We completely disregarded it. If the BSA had looked closer at our small business, we definately would've been shut down. I can't see why the BSA would care about your non-profit organization.
    • by SectoidRandom (87023) on Wednesday February 05, 2003 @10:33PM (#5237619) Homepage
      I read a while back about the Australian version of the BSA (BSAA?), how it conducts these 'audits' basically goes like this: One of the BSAA members, eg Microsoft, would send a letter about doing such a 'self-audit' to a company. If the company declined then that company would receive a much more threatening letter from the BSAA saying something like; "As per your licence agreement we are going to conduct a random mandatory audit of all of your software." then following the audit you recieve the bill for services (profesional services / auditing people), licence compliance or not!!

      The article stated that all of the BSAA members' licence agreements had this clause (audit by a third party agent of the member) so the legal standing was firm. Fortunatly I believe this practice targeted large firms only..
      • "As per your licence agreement we are going to conduct a random mandatory audit of all of your software." then following the audit you recieve the bill for services (profesional services / auditing people), licence compliance or not!!

        The article stated that all of the BSAA members' licence agreements had this clause (audit by a third party agent of the member) so the legal standing was firm.

        So if you have any Microsoft (or other BSA member software) in your shop, they can randomly decide to audit you AND CHARGE YOU FOR THE AUDIT.

        What a great way for them to suck money out of other companies whenever they're in trouble - or when the other company might be developing a competing product and they want to shut it down (or at least suck out some of its blood, disrupt its operations, and maybe steal its product-under-developement.)

        And what a great thing to use to beat around the head and shoulders any corporate exec who made a decision to use a Microsoft (or other BSA affiliate) product - mission critical or otherwise.

        B-)
    • by Anonymous Coward on Wednesday February 05, 2003 @10:46PM (#5237695)
      We recieved one of those because the IT manager was fired and she decided to try to retaliate. She ended up speaking directly with Microsoft, which got Microsoft to call us. It never went much farther, but the Microsoft rep threatened our entire department with jailtime. We ended up spending a few thousand dollars on software to tell us what software we had.

      Did you know that about 90% of the IRS investigations are brought about by people reporting other people? They give you a percentage of the uncollected funds. I am sure these type companies have an even higher ratio of reports to investigations not to mention a collectors fee.
    • by Brymouse (563050) on Thursday February 06, 2003 @12:06AM (#5238142)
      I recived a Dilbert comic strip BSA threat in the mail a month back or so. I really hate to see Dilbert acting as a mouth piece for these thugs.

      Anyways, I put this up on my site [kb9mci.net]. Go have a look at Asok talking about his new invention that makes all copyrighted material available for free. It's sad.
      • by Hanno (11981) on Thursday February 06, 2003 @06:27AM (#5239350) Homepage
        Fuck Scott Adams.

        I once was a fan of his comic and wrote a Comic->Avantgo->Palmpilot filter for Dilbert. I sent a message about it to the dilbert.com webmaster and told them that a) I am the only user and don't intend to make it public and b) if they wish, they can have this filter for their web site and use it there, for free.

        No reply. I totally forgot about it, then months later I got a threatening letter from Scott Adams' lawyer, telling me that my script was a copyright violation, demanding that I send them a list of every person who ever used it and announcing me how much I'll have to pay in licenses for the expected number of users of my script.

        And this for a script that I offered to dilbert.com for free, for their own use, without any malicious intent at all. For something that I told them as "hey, look at this, I use this personally, it's neat, you can have it, check it out."

        I wrote a reply to the lawyer, telling them how disappointed I was that they send a lawyer first instead of just saying "sorry, no interest, and please take the script offline as we'd consider it a copyright violation if you made it public to other Avantgo users". Scott Adams replied, apologized, but his message was clear that he had no clue why I was so disgruntled about it.

        Well, one reader less to worry about, Mr. Adams.
    • by ahfoo (223186) on Thursday February 06, 2003 @12:24AM (#5238268) Journal
      I worked for a small publisher that was audited by the BSA outside the US. The management was terrified because they had no clue as to what was on the machines and I offered to solve the problem by removing all Windows software from all of the ten or so machines in the office and installing KDE and OpenOffice. There is no way the management would have consented to that without the BSA. Take advantage of this opportunity.
      And I admit that there was one whiner on the staff who absolutely insisted on having MSOffice so instead of buying ten licenses, they only ended up buying one and the rest of the staff was quite happy as long as they still had their e-mail and could get on the web. The BSA is the best thing that ever happened to Linux.
  • by use_compress (627082) on Wednesday February 05, 2003 @09:40PM (#5237244) Journal
    from http://www.newsfactor.com/perl/story/9921.html [newsfactor.com]:
    CAAST -- a nonprofit industry alliance group that counts among its members Adobe Systems, Apple Canada, Microsoft Canada, and Symantec -- said that one in every three business software applications in the country was pirated in 2000.

    On a positive note, the report showed a four-year decline in the software piracy rate, dipping to 38 percent last year from 41 percent in 1999 and 40 percent in 1998.

    "Although the piracy rate has decreased, software piracy continues to signify lost jobs, wages and tax revenues in Canada," said CAAST president Allan Steel. "Organizations need to realize the importance of implementing policies and procedures in order to achieve and maintain compliance."

    The rest of the world, on the other hand, is not quite as obedient :
    The BSA and CAAST studies, which were conducted by the independent International Planning & Research Corporation (IPR), also found that for the first time in six years, the world piracy rate increased, edging up to 37 percent in 2000.
    • yeah but... (Score:5, Insightful)

      by b17bmbr (608864) on Wednesday February 05, 2003 @11:12PM (#5237846)
      so they "pirated" software. here is the result:

      one, it doesn't cost the software companies a thing. you steal a car, it takes steel, rubber, plastic from somewhere. you make a DIGITAL copy, it costs software co. nothing. and many of the "pirates" wouldn't have bought the software.

      two, the people using the software are not using a cheaper alternative. why would you use OO.org, when ms office is "free". so, piracy destroys competition. i remember there used to be at least three major office suites. corel, lotus, and office. in fact, office 97 offered wordperfect and lotus 123 keystrokes, BECAUSE THEY HAD TO. but "piracy" reduced the market share of the other two to nil

      three, "piracy" promtes sales. as one program and one format becomes the "standard", especially if it is closed, peopole eventually all have to get on board. and not everyone or every business can "pirate".

      i am as big a free market economy guy as you can get. i am as low tax and low regulation as you can get. but this whole piracy thing is bullshit. and they know it.
      • by bshuttleworth (178787) <brad@@@deimos...co...za> on Thursday February 06, 2003 @04:15AM (#5239025) Homepage
        <disclaimer>I am as fervent an opposer to the BSA as the next Slashdot Sheep, but...</disclaimer>

        A brief note about economics is probably in order. The cost of making a physical CD is not what you are paying for when you buy a CD. You are paying for the cost of developing, testing, marketing, researching both that program and future programs.

        That means that pirating software costs the developer the chance to recover the costs of making that software in the first place.

        And before anyone mods this Flamebait, give a moment's thought to what this means for the (non-BSA member) Linux companies out there: companies with (as a rule) very good chances of going out of business each year. They spend time researching, fixing, improving the OSS software that you use regularly... but since most people download this without actually paying a penny for it, they have to find alternative routes to make money.

        Now I think that there are lots of arguments for OSS, but it does make the economics much more complicated for all involved.

        /me removes Economics major hat :)

  • Google news... (Score:5, Insightful)

    by killthiskid (197397) on Wednesday February 05, 2003 @09:42PM (#5237254) Homepage Journal

    A Google new search [google.com] reveals all sorts of interesting articles, including some cases where people were [itnews.com.au] busted [dailytimes.com.pk].

    And this little gem: [212.100.234.54]

    The group said that last week's new piracy-fighting proposal from the European Commission is "inadequate in view of the magnitude of the piracy problem and fails to introduce urgently needed measures to hold back the epidemic of counterfeiting." The group claims that in Europe, film, video, music, business and leisure software industries alone suffer losses in excess of EUR4.5 billion annually due to piracy.
    • by Anonymous Brave Guy (457657) on Wednesday February 05, 2003 @10:00PM (#5237393)

      ...actually installed illegally pirated software, though. Show me a case where a group with genuinely bought software but a couple of misplaced certificates was successfully sued?

      • by ender81b (520454) <billd.inebraska@com> on Wednesday February 05, 2003 @10:37PM (#5237645) Homepage Journal
        I cannot find the link (it was 7-8 years ago) but my University was sued, big time, for 10's of millions of dollars. The BSA did a software audit found thousand of machines 'not properly licesned'.we HAD all the damm liscenes but we just ghosted all our machines with one image one we got them, figuring a long as we had enough certificates it would be OK. Wrong. They got out of it by paying a million or so and signing a Microsoft Campus Wide license agreement. So now we don't have to worry about the BSA...
  • Low Key (Score:5, Funny)

    by thedbp (443047) on Wednesday February 05, 2003 @09:42PM (#5237257)
    y'know, if you're trying to keep your warez on the down low, its not a good idea to post a slashdot story about it.
  • by assaultriflesforfree (635986) on Wednesday February 05, 2003 @09:42PM (#5237260)
    Perhaps some pertinent questions:
    Supposing the BSA does perform an investigation, I'm wondering what the actual legal procedures are.
    Are you required to maintain documentation of every last opened piece of software? I know at the CIT department I worked in for school, we had Windows 95 manuals stacked up in storerooms, even though there was a school wide license. I don't know if this is required though.
    Furthermore, what happens if they find you're missing a couple documents, and decide to take you to court. Is any jury going to decide, based on either a "preponderance of the evidence" or "beyond a reasonable doubt" standard that this software was obtained and/or used illegally?
    Any legal experts out there?
    • by fishbowl (7759) on Thursday February 06, 2003 @01:20AM (#5238531)
      I'm confused about the burdens of proof here as well, and I suspect that all the cases have been settled by the defense rather than going to trial.

      The main thing that confuses me is that I keep reading stories about the Marshalls coming with search warrants while some administrative person runs an investigation. This does not make sense to me, because it is either a criminal matter where the BSA person should not be involved at all (only the police and the attorney general or district attorney will be involved in a warrant search), or it is a civil matter where the search and seizure happens after a hearing, and after the plaintiff has received an order granting specific permission for seizure of assets.

      If anyone entered a place of business where I had responsibility, they would be asked to leave at once. The State Police would be called if they did not leave at once. If the person thinks he has some contract with me granting him the right to snoop in my office, he can discuss that with my lawyer or with a judge at a hearing where we will discuss this contract.

      Simply having an agreement in your hand does not magically give you the right to trespass or seize property.

      Now, if the police are investigating a criminal matter, that is worlds apart from what we've descibed so far. But the standards of evidence collection, the consequences of flawed procedure, and the burdens of proof are also very different in a criminal case. If the complainant does not also happen to be the peace officer who was granted the warrant, laws are being broken if he is the one performing the search. That's enough error to get the case thrown out and the plaintiff arrested or fined.

      A trade organization's demands do not trump an individual's constitutional and civil rights. You DO have to submit to signed orders by a court. You DO NOT have to submit to enforcement tactics which circumvent due process of law. Ever.

      Every time you give in to thugs, you diminish MY rights.

  • I'm not a lawyer, (Score:5, Interesting)

    by sstory (538486) on Wednesday February 05, 2003 @09:43PM (#5237262) Homepage
    but as far as I know, a trade group like that cannot demand access to your computers, or your facilities. The BSA has no power to force any sort of audit of your licenses. We have old computers at work, and might not be able to locate proof that we paid for some of this stuff years ago. I manage the computers there, and if the BSA ever contacts me demanding an audit they'll be told to choke on it.

    If it's somewhere in a license they can show we bought, that we have to allow access to the installed software, then for every license they can show, I can provide an adequate installation.

    • Re:I'm not a lawyer, (Score:5, Informative)

      by gmerideth (107286) <gmerideth.uclnj@com> on Wednesday February 05, 2003 @09:46PM (#5237294) Homepage
      Microsoft is part of the BSA and in their agreement they can damm well do this. Still didn't stop me from ignoring it.

      As my lawyer told me, replying to it simply gives them a name and address to send more correspondance to.

      So I threw mine away.
    • Re:I'm not a lawyer, (Score:3, Informative)

      by CBravo (35450)
      however, if they have a witness that says the organisation has illegal software they'll get a court order.
    • Re:I'm not a lawyer, (Score:4, Informative)

      by LostCluster (625375) on Wednesday February 05, 2003 @09:55PM (#5237353)
      So long as they can find one (disgrunted former) employee willing to testify under oath that the you have unlicensed software, they can make you do the audit at your own expense.

      "Beyond a reasonable doubt" is only for criminal charges, for a civil case they only need to be able to prove their side better than you can prove yours. One fired loser is a weak hand, but it still beats a zero...
    • by The Tyro (247333) on Wednesday February 05, 2003 @10:49PM (#5237712)
      A landlord has the power to enter your "home," and is specifically granted this power under some state laws. At least in my state, they must have a reasonable justification, AND give advance notice; they can't just barge in willy-nilly (IANAL).

      Still, even if you rent rather than own, even your local police department needs a search warrant to enter your apartment. Also, if a person legally consents to a search, that consent can be withdrawn at any time. At that point, a search warrant is required. How is some kind of private "trade group" going to bypass that little requirement? Even if you clicked some EULA, I don't see how you can give up your Fourth Amendment rights with the click of a mouse. The police have much more power than some trade group, and if they need a warrant, how can some trade group skate by without one? Any lawyers want to comment?

      I'd like to see these guys try it, quite honestly... just like that rental car company that was levying fines based on their GPS spy-unit speed measurements... they were denied. Private organizations/businesses don't have the power to levy a fine; that power belongs to the State.

      If they were bold enough barge into your home unannounced, with no legal authority to do so, it would be at least Breaking and Entering, or even Burglary (if you were home at the time). If they threatened you in the process, it would be Aggravated Burglary, and you might even be justified in some self-defense. Somehow, I suspect a bunch of software-licence-hunting bean counters are not up for that kind of action.

      Even if they do have some sort of "compliance inspection" in their EULA, it's just begging for a court challenge if they force the issue.

      If you click a button saying "it's OK to shoot me," don't doubt for one minute that somebody would go to prison for a very long time if they actually pulled the trigger.
  • Ignore it (Score:5, Insightful)

    by Leme (303299) <jboyce@[ ]redding.ca.us ['ci.' in gap]> on Wednesday February 05, 2003 @09:43PM (#5237269)
    It's a lot like those DirecTV letters that were going out to people who had bought programmers or emulators. They wanted you to call them and confess, because once you did that, they got you.

    Since they are wanting you to perform a self audit and report any installs you can't find the correct documentation for, it's the same situation. Just an attempt for them to drum up some money for the BSA members.

    We received that same letter about a year ago and I chose to ignore it, so far no one has followed up on it.

    Now, if you get a certified letter from them, then I would take it more seriously, but just a bit more :-)

    • by Indras (515472)
      "...people who had bought programmers..."

      Last I knew, slavery was illegal, dude. I'm sure some people think their bosses own them, but in all actuality, usually they're just rented for 40 hours a week.
  • by citog (206365) on Wednesday February 05, 2003 @09:44PM (#5237272)
    I checked their About [bsa.org] page and found the following statement:

    Promoting a safe and legal online world

    The Business Software Alliance (BSA) is the foremost organization dedicated to promoting a safe and legal online world.

    We are the voice of the world's software, hardware and Internet sectors before governments and with consumers in the international marketplace. BSA members represent the fastest growing industries in the world.

    BSA educates computer users on software copyrights and cyber security; advocates public policy that fosters innovation and expands trade opportunities; and fights software piracy.


    Nothing in there suggests any legal authority. They are advocates not enforcers. Those letters strike me as very misleading. Anyone want to post a copy?
    • Sample Letter (Score:5, Informative)

      by Anonymous Coward on Wednesday February 05, 2003 @10:19PM (#5237505)

      Here is the letter we got, mispellings are mine, formatting isn't perfect:

      BSA, 1150 18th Street NW, Suite 700, Washington, DC 20036

      Is your business using unlicensed software? If so, the Business Software Alliance is offering a one-month opportunity to get licensed. Your BSD Grace Period Participation ########

      January 22, 2002

      MY ADDRESS

      Dear FOO,

      You may have heard that the Business Software Alliance is investigating ANYTOWN area organizations that use unlicensed software. If your organization's software is not licensed, it could become the focus of a BSA investigation. So, audit your software now. Unauthorized copying is the same as stealing. The penalties for copyright infringement are serious - sometimes totaling hundres of thousands of dollars - and in this economy, can your business affort that risk?

      BSA is an association representing the leading software companies: Adobe, Apple, Autodesk, Avid, Bently Systems, Borland, CNC Software/Mastercam, FileMaker, Internet Security Systems, Macromedia, Microsoft, Network Associates and Symatec. Together with our memebers, we educate the public about software compliance and protect intellectual property rights.

      Would you be able to tell if an employee had installed an unlicensed software program? Your business has until February 28 to get licensed.

      BSA recognizes that, for whatever reason, your company may not have managed its software assets properly. That's why from February 1-28, BSA is offering a Software Grace Period to business like yours in ANYTOWN. Please take this time to review your software installations and usage and, if necessary, acquire the licenses your business needs. If, after you have participated in the Grace Period, your organization becomes the focus of a BSA investigation, BSA will not seek to impose penalties for any unauthorized copying that occurred before February 28, (unless your organization has already been informed that it is under investigation). If BSA contacts you, just show your Grace Period Participation Nuber and the software purchase receipts. [Please see the reverse for terms.]

      Not sure if your organization is fully licensed? BSA can help you find out.

      Visit our Web site at www.bsagrace.com for more information and to download the free Software Audit Tool, or call our special Grace hotline at 1-877-536-4BSA (1-877-536-4272). If you find that your business isn't 100% licensed, contact your software vendor immediately and buy the software licenses you need before the Grace Period ends on February 28.

      Sincerely,

      Bob Kruger, Vice President, Business Software Alliance

      Grace Period Participation Terms

      Bsd is offering a one-month Grace Period between February 1-28, 2003.

      1. For your organization to qualify for the Grace Period campaign:

      • it must obtain a Grace Period Participation Number either through receipt of a BSA letter or from the Grace Period Web site - www.bsagrace.com;
      • its headquarters must be located within the following zip code: ANYTOWN 99999
      • it must not have previously received notice that the BSA or its members (listed below) have received a report of infringement and are investigating it; and
      • prior to, or during the Software Grace Period (February 1-28, 2002), it must have acquired sufficient software licenses to ensure that all software published by BSA members installed on its computers is properly licensed.

      2. If, after you have participated in the Grace Period, your organization becomes the focus of a BSA investigation, BSA will not seek to impose penalties for any unauthorized copying that occurred prior to February 28, 2002 (unless your organization has already been informed that it is under investigation). If the BSA should contact you, just show your Software Grace Period Participation Number and software purchase receipts.

      3. For the purpose of the Grace Period, BSD members are: Adobe, Apple, Autodesk, Avid, Bently Systems, Borland, CNC Software/Mastercam, FileMaker, Internet Security Systems, Macromedia, Microsoft, Network Associates and Symatec.

    • by jonnyelectron (180211) on Wednesday February 05, 2003 @10:25PM (#5237560)
      As someone who provided the BSA with information that lead to legal action and a $250,000 settlement against a former employer, I can tell you first hand that it is not something to be taken lightly. They do periodically run these "grace periods" to give companies a chance to police themselves. But if you get a letter addressed to your company specifically that doesn't refer to a grace period, chances are they have inside information about your licensing situation. The BSA does enforce copyright law for software companies and maintains an army of lawyers to investigate and litigate allegations of software piracy.
  • by Anonymous Coward on Wednesday February 05, 2003 @09:44PM (#5237274)
    We got one of these...

    They called a 'truce' in our town of 500. We are a 2 employee show, run from a basement.

    We bought a bunch of stuff, but never sent in the registration cards. We registered some stuff back in '97-'98 probably, and nothing since. We haven't gone out of business, so they figure we're probably pirating something. We are not, but since we haven't registered anything in a while (Microsoft Tech support is sooo valuable!), and are continually considering the move to Linux (just a matter of time...) we come up in their database as a possible pirate. Oh the miracles of databases!

    All we did was make a file of receipts and certificates, and they can wade through it if they come a knockin. We're sure it's all there, and we can hopefully sue if they end up siezing a computer, especially since we are legal.

    We had to look real hard for the licenses, but we found them. The certificates are useless without a receipt.
  • by Dave21212 (256924) <dav@spamcop.net> on Wednesday February 05, 2003 @09:44PM (#5237278) Homepage Journal
    I work in an enterprise environment. Last year, I registered for one of those free magazine subs and a few weeks later... viola, a letter from the BSA using the same name/address pair.

    The BSA must be getting names from those lousy online surveys (company size, whats your position, how much software will you be buying in 6,12,24 months).

    Sounds more like SPAM to me !
  • BSA (Score:3, Interesting)

    by Agent_Eight (237857) on Wednesday February 05, 2003 @09:44PM (#5237279) Homepage
    I got the same form letter about a week ago. I'm just a student so I'm not really sure why I got sent one. I do have all the receits for the software I use. After reading it several times, I'm just assuming it's a scare tactic to drum up sales.

    I think the only question that went through my head was what if any legal power would the BSA actually have if they did decide to audit me. Seeing as I don't own a company ...

  • by dfenstrate (202098) <{dfenstrate} {at} {gmail.com}> on Wednesday February 05, 2003 @09:45PM (#5237289)
    Some one wrote this the last time the BSA came up on Slashdot- sorry, I saved the quote but not the poster. The conventional wisdom thus far from other posters seems to be 'ignore it,' but if it goes further, consider this:


    I know someone that was audited by the BSA and decided to fight it. Basically they countered by stating they wanted full disclosure of who reported them so as to determine the validity of the claim prior to wasting internal resources and dollars. They also argued that the reporting tools are a violation of privacy. Yes, they expected them to place some software on their network which scans their entire network not to mention each machine's registry. Third, they also argued that even if they were in violation of license, the license is between them and the vendor (after all, the license does not allow for the BSA as having legal proxy interests) and unless the vendor in questions decides that they'd like to personally persue the issue, the BSA does not have legal authority or the legal grounds to persue the action. Furthermore, they argued that even if something odd was discovered and they lost, only the government has the right to impose fines on legal matters as such and they would be within their legal rights to simply purchase any outstanding licenses or settle directly with the vendor in question and completely dismiss the BSA altogether thereby eliminating the need to pay any fines or added fees.

    Last I heard, even though two ex-employees had turned them in, the BSA simply walked from the issue as, from what I gathered, they really don't have a legal leg to stand on.
    • by ChangeOnInstall (589099) on Wednesday February 05, 2003 @10:04PM (#5237420)
      "Yes, they expected them to place some software on their network which scans their entire network not to mention each machine's registry."

      I'm curious to know if the registry scanner has the capability to differentiate between actively installed software and previously installed software that failed to correctly uninstall itself? My guess is no.
    • I also recall people posting that they had some success offering to ban all BSA-member software from the workplace in order to be able to prove compliance. Basically, they're just trying to get you to buy more licenses, and if you demonstrate a preference for changing platforms over paying their clients more for the software you're currently using, they're likely to shut up, and likely to offer you better deals anyway. After all, MicroSoft is better off with people running Windows illegally than people not running Windows; people running it illegally might actually pay them something at some point, and it doesn't cost MicroSoft anything for someone to run their software.
  • its not a scam.... (Score:5, Informative)

    by PhreakOfTime (588141) on Wednesday February 05, 2003 @09:46PM (#5237292) Homepage

    A scam, probably not. Is it smart, also probably not. Im in the chicagoland area and have been hearing the commercials for BSA on the radio everywhere across the dial. What they are aiming for is to get people turned in by relying on an unhappy employee to rat them out.

    That being said, keep in mind that the BSA is just an organization set up to find pirated software and collect fees. Fees that they no doubt get a cut of. They seem to have no problem using peoples fear and turning it into the driving force of their biz.

    You are under NO obligation to report anything to them, unless they hand you a court order. They are an independent entity and have no more ability to legally inspect your systems than I would. so it would be in their best interest to make it seem that they do have that ability

    This seems to be a page right out of the RIAA playbook, pretend something is true and youll fool at least some of the people

    You can fool some of the people some of the time, all of the people some of the time, but never all of the people all of the time

  • by Smelly Jeffrey (583520) on Wednesday February 05, 2003 @09:46PM (#5237293) Homepage
    I got confused when I read about the BSA and software. I was wondering what the Boy Scouts of America had to do with is. My best advice: Be Prepared.
  • Shakedown (Score:4, Insightful)

    by ka9dgx (72702) on Wednesday February 05, 2003 @09:50PM (#5237323) Homepage Journal
    The proper term is shakedown [reference.com]. The idea is to rattle the cages of people in the hopes that they will cough up money.

    --Mike--

  • by jgerman (106518) on Wednesday February 05, 2003 @09:53PM (#5237343)
    ... disregarding the obvious problems I have with the BSA which other are sure to point out (and that I have ranted about before) legality, authority and such. It seems very odd to me that anyone should have to PROVE they bought something. CompUSA pulls the same shit when your walking out of the store, I get pretty irate and being stopped and having my purchases searched at the door, especially when I took only TEN STEPS from the register. But that's a little more understandable than the BSA's tactics, after all if I'm in the store with no receipt it's more likely that I didn't just lose it (though it is possible). When you buy site licenses I can imagine you have to show that you have a valid license, as far as proving you didn't buy it after the letter was sent, they can fuck off. If your legal now there's nothing they can do. But what about off the shelf purchases? What about backup copies (allowed by law) that were kept in a firesafe when the originals were destroyed. Like someone commented earlier, you are innocent until proven guilty, the burden of proof is on the prosecution. Hell I'd demand a jury of my peers.
    • So treat the BSA the same way you would CompUSA.

      I know the CompUSA drill pretty well by now, but I still occasionally get sort of annoyed when some half-asleep kid wants to frisk me on the way out of the store, even when I purposefully stop at his little podium and hand him a receipt for my purchases while waving a transparent bag under his nose.

      Last time I was down there, that was exactly the situation, so I asked the guy, "Are you serious? What would you do if I refused?"

      He said, "I'd tell you to have a nice day."

      'Nuff said.
    • CompUSA pulls the same shit when your walking out of the store, I get pretty irate and being stopped and having my purchases searched at the door, especially when I took only TEN STEPS from the register.

      I haven't been to a CompUSA, but Fry's does the same thing. A while back, I saw a post by a person who said he just ignored the receipt-checkers and calmly kept walking out, and they gave him no trouble.

      So I tried it at my local Fry's... and I got no hassle.

      My advice? Ignore them and just walk out. If they stop you, ask if you are under arrest, and if so on what charge. :) Resist this tyrrany before it becomes any more common.

      Oh, wait, that's offtopic. Ummm...

      BSA bad! No biscuit!

      *whew* That's better.
  • by Anonymous Coward on Wednesday February 05, 2003 @09:55PM (#5237359)
    "Me and the boys would really hate for something to happen. We can sell you insurance to prevent, say, that vase that Frankie is leaning against from getting broken. Oops, like that."

    Actually, this campaign was going on two years ago. In the fall, I think. Same scam.

  • by nyet (19118) on Wednesday February 05, 2003 @09:57PM (#5237373) Homepage
    Would be nice to crucify the BSA with the RICO Act under the "conduct or participate, directly or indirectly, in the conduct of such enterprise's affairs, through a patter of racketeering activity" section, for misrepresenting the legal system for the express purpose of intimidation.

    Nailing them for mail fraud would be nice too, if you can find them deliberately transmitting false statements.

    They are scum only out to extort a buck.
  • Ignore Them! (Score:3, Informative)

    by Anonymous Coward on Wednesday February 05, 2003 @09:59PM (#5237384)
    Well first off we received a phone call from them after we first ignored the three letters they sent us. Then we basicaly said okay sure sure sure to them on the phone, have a nice day- Click. Then we ignored them some more, and that was 2 years ago and we have not heard back from them.

    Of course you should be paying for the software, and if you do not have the licenses I suggest you get this resolved. A receipt should be sufficient enough to track down when/where the software was bought. You have 20 computers, and a receipt for 20 copies of MS-Office..well guess what, no lawyer in their right mind would go to a judge with this. Do not tell me you have no receipts for the software,, what kind of mickey mouse outfit are you working for? The IRS is going to be your next problem!

    So in the long run I would just ignore them. Go ahead and do an internal audit of which you lose the documentation, then I would start buying software in a one and two a month type scenario. Nothing to break the bank.

    In any case DO NOT LET THEM COME DO AN AUDIT! They have no right to enter your buisness, and they will not do this without a court order. And if they have a court order your lawyers can fight this easily. It is impossible for them to prove they have a shread of proof, and anything that an disgruntal ex-employee has said is hearsay.

    We think the reason they contacted us is because an ex-employee wanted a raise since he just graduated a CCNA course and was Cisco certified (I find this amuzing since he took a class for 2 years on the CCNA test which has a book of less then 500 pages), problem is that it was not his job to work with Cisco equipment and we have no positions available for him. Since he was an asshole and demanded a raise we fired him, so we think he called the BSA and said we were illegal for Adobe software because the software cabinet the IT department has only has 2 copies of the Adobe Acrobat software, what the moron does not know is that we have 15 copies of it in different departments maintained by that department since it is specialized software and only a few people get (The IT department maintains a copy of the license and screen prints, also copies of the receipts are filed in the IT office which he would not know about since he was a tech, and shitty one at that!). It is installed currently on about 10 peoples computers.
  • The odds? (Score:5, Insightful)

    by Bowie J. Poag (16898) on Wednesday February 05, 2003 @10:00PM (#5237392) Homepage


    The odds?

    0.

    Literally.

    0.

    If they had any intention of "auditing" people (which, btw, is illegal in and of itself! It violates property laws, search & seizure laws, as well as laws against extortion, to name a few) they would have just gone ahead and done so already. Instead, they've put millions into cranking out form letters to people as scare tactics, since they know they're effectively powerless.

    If auditing companies produced any meaningful monetary award, they would already be doing so...which they aren't. And even if they did, they sure as hell wouldn't tell you or I about it in advance.

    Logic prevails.

  • No leg to stand on. (Score:5, Interesting)

    by dentar (6540) on Wednesday February 05, 2003 @10:04PM (#5237424) Homepage Journal
    I've seen these letter before from clients. If they do not specifically charge you with piracy, stealing or whatever, throw it out and don't bother downloading their spyware.

    You have the same rights you always had. They have to have probable cause to get a warrant, and they have to have a warrant before they can come into your office forcibly. A warrantless vampire cannot come in unless you invite them in.

    IANAL, but I believe that as long as you have practiced due diligence and can show that you took reasonable steps to not break the law, then no judge with an actual brain would rule against you.

    That being said, the BSA is looking for those who buy one copy and load it all across the office. I know of a company that did that, got ratted on by a disgruntled employee. Bottom line: they paid big. These are the fish they want to fry, and there are plenty of them out there.

    Now, if you've been pirating software, and get a letter, and throw it out, and they still come after you, you won't get any sympathy from me!

  • by Anonymous Coward on Wednesday February 05, 2003 @10:10PM (#5237452)
    A friend of mine owns a very small niche vertical intergration software company. He has a canned response for all threats of lawsuits, BSA investigation, etc. The only people he doesn't use this on is the government, since they don't need any help getting any more fucked up.

    "Can I please have your lawyers contact number, I have a fax machine, and will send all information I have to your lawyer." He then sends one piece of information (a page, one liscence, etc) at a time, every hour on the hour, to said lawyer, to cause their clients legal bills to explode. Considering that he logs everything he does and has backups dating back for the last 15 years, he has a lot of information that he can send. Legal bills are quick ways to empty someone's pockets.
  • by bagofbeans (567926) on Wednesday February 05, 2003 @10:24PM (#5237545)
    Original at http://www.eweek.com/article2/0,3959,19093,00.asp
    July 30, 2001
    Truce or Dare
    By Michael R. Zimmerman

    If you're a small or medium-size company, there's a good chance you've heard from the Business Software Alliance about getting your software compliant with its licenses. If not, you probably will. The group is well into a nationwide letter and radio campaign to do just that.

    But what you probably don't know is that, like so many of the companies that stuff your mailboxes with junk mail, the BSA, which represents such software giants as Microsoft Corp., Adobe Systems Inc. and Apple Computer Inc., has no intention of following up on its letters--regardless of how threatening and personal they may seem. It won't phone. And it won't pop in for a surprise audit.

    Instead, an eWeek investigation reveals, the BSA's campaign is primarily a marketing effort essentially designed to scare people into buying more software. But for many enterprise customers who are quickly becoming fed up with the group's hardball tactics, the campaign is having the reverse effect: compliance, then departure to alternative products, like open source.

    The reason the BSA Truce Campaign is more bark than bite is simple: As part of each Truce Campaign, the group sends out hundreds of thousands of letters at a time to businesses in a handful of cities. For the month of July, for example, it mailed 700,000 letters to businesses in five cities between New York and Portland, Ore. As such, it would be virtually impossible to contact even a sample of those companies to check up on their progress or lack of progress.

    Indeed, one of the only ways the BSA is gauging the success of the Truce Campaign is by the size of the spike in software sales for various cities as the BSA passes through, which so far total 19.

    "Everywhere we've run the Truce Campaign, we're seeing dramatic increases in sales," said Bob Kruger, vice president of enforcement for the BSA, in Washington. "So it's being successful."

    But a deeper look into the Truce Campaign, as well as an ongoing and almost identical anti-piracy campaign by Microsoft, a founding member of the BSA, reveals something more complex: the possible beginning of an entirely new business model built around anti-piracy and fear. The bottom line: There's money in anti-piracy, and plenty to go around.

    To be sure, piracy results in major losses of revenue for the software industry. According to the BSA, $2.94 billion was lost to piracy in North America alone last year, while $11.75 billion was lost to it globally for the same period. But so far this year, those figures have declined.

    Since the launch of its enforcement campaign in North America in 1993, however, the BSA has brought in about $70 million in settlements, a mere drop in the bucket compared with the overall total. Now it seems the industry, with the help of the BSA, is taking a new tack, with its focus on generating revenue the old-fashioned way.

    Consider the following: Microsoft has been busy constructing a network of support services through distributor and licensing partners to assist customers in assessing and auditing their software to comply with their licenses.

    One Microsoft partner, License Online Inc., of Bellevue, Wash., tracks where the BSA is headed and rounds up as many of its 36,000 registered channel partners as it can for those cities to swoop in and sell licenses.

    "When we know what area the BSA is going into, we're going in scrambling to piggyback on their marketing efforts," said Sharon Erdman, vice president of marketing for License Online.

    License Online offers its partners across the United States a 12 percent commission on any licenses they sell through License Online. To get the contractors rolling, the company supplies them with a list of companies Microsoft has sent its anti-piracy letters to. In addition to commissions, the contractors are told the companies contacted have the potential to become "long-term" customers.

    "Microsoft has absolutely partnered with businesses who can address the concerns," according to Devin Driggs, a Microsoft spokeswoman in Lake Oswego, Ore. "It feels a responsibility to its customers to address any issues with compliance they may be experiencing."

    As far as the anti-piracy fight becoming a business unto itself, Driggs said Microsoft views the subject as an industry issue.

    Kruger acknowledged that the BSA's letter campaign is a direct marketing campaign designed to encourage users to get in compliance and not directed at any company in particular. The group uses common mailing list companies such as Dun & Bradstreet Inc. to generate the lists.

    Microsoft's campaign is more deliberate, company officials said.

    "I don't think we're doing anything that's random," said Nancy Anderson, associate general counsel for the company, in Redmond, Wash. As part of Microsoft's licensing agreements for its products, Anderson said, "the customer agrees to assure us they are current. The obligation is on them to assure them and to undertake an audit if requested by Microsoft."

    Not surprisingly, however, the hardball tactics are having a negative effect on customers.

    "We were nailed for tens of thousands of dollars," said Cary White, an IT manager at a financial services company in San Diego who acted on a letter from Microsoft. "We received a letter addressed to our CEO that they received a tip we were not compliant with Windows, Word and Excel. ... That was a fishing expedition."

    "My company is to completely go away from Microsoft," White said. "We're not going to buy any more Microsoft products. It's my decision. They're alienating their customers. I don't trust them."

    The fear factor

    For the BSA and Microsoft campaigns to work, the fear factor is essential, according to letter recipients contacted by eWeek.

    "[Fear] is the first emotion when you get the letter. It's like, 'Oh my God, the Gestapo's coming,'" said Robert Fuller, president and chief operating officer of R.E. Fuller Engineering Consulting, a one-man company in Camas, Wash.

    The BSA has struck fear in customers' minds through carefully worded, but threatening letters and an accompanying radio ad blitz warning businesses to beware of disgruntled employees dropping dimes on them.

    According to the BSA's Kruger, the Truce Campaign is merely a 30-day grace period companies can use to get their software in compliance. If a company does use the time to get in compliance, it will avoid any potential future BSA investigation that may spring up as a result of its radio ad blitz.

    But that doesn't explain the BSA's use of what many are calling threatening language. What's troubling to businesses, besides not being informed on how they were selected for the mailing list, is the letter's accusatory tone. For example, one line reads: "If you're caught [with unlicensed software], your organization could face penalties totaling hundreds of thousands of dollars."

    And while Kruger insists the Truce Campaign is not a vehicle for generating leads or tips, that contradicts the thrust of the BSA's radio spots.

    For example, at one point, the announcer in a radio spot for the Truce Campaign currently running in New York asks Kruger how the BSA receives most of its leads. Kruger responds: "Most of the calls come from current or former employees. I would say to businesses that, unless you have no current or former unhappy employees, you are only one phone call away from becoming the target of a BSA investigation."

    "My management's concern was that there was almost a bit of paranoia about [the Truce Campaign]," said Peter Rassmussen, a technology manager at a Midwest retailer. "There were radio ads going on at the same time that sounded like Joe Stalin encouraging you to turn in your parents."

    As for Microsoft, Anderson said, it's not in the company's interest to frighten customers. "We don't want to create anxiety," she said. "It's not our interest."

    Misleading the pack

    Exacerbating the anxieties for companies contacted by eWeek that have received Truce Campaign letters was the seemingly intentional vagueness of the letters, vagueness that is compounded by misleading information.

    For example, though the Truce letter establishes a 30-day deadline for software reviews and includes a line that states, "If the BSA contacts you, just show your Truce Participation Number and software purchase receipts to take advantage of the Truce," the BSA has no intention of contacting any letter recipient.

    But at least one radio spot, the one currently playing in New York, implores letter recipients to "review your software installations and acquire the licenses you need before the Business Software Alliance returns to New York City!"

    Still, Kruger insists: "We don't visit any of these companies. The ones getting the letters are not under investigation."

    When asked if these discrepancies were misleading or at least confusing, Kruger said any letter recipient who is confused can go to the BSA Web site or call the Truce hot line for information.

    Also at issue is ironing out exactly what authority the BSA has to present deadlines, request software reviews or even conduct audits. According to Kruger, the only authority the BSA has, as power of attorney for its members, is to seek court orders on behalf of its members to conduct software audits on businesses suspected of using pirated or unlicensed software. But even then, the BSA does not seek such court orders frivolously.

    "We only proceed on the basis of reliable information," Kruger said. "We take pretty good pains here to make sure our cases are based on solid information before going forward."

    Indeed. Despite the tone in the Truce Campaign letters and radio ads to the contrary, the task of proving guilt lies with the BSA.

    "The burden's on the BSA to prove itself to the court," said Peter Baruk, director of anti-piracy at Network Associates Inc., in Santa Clara, Calif., and former vice president of piracy for The Software & Information Industry Association, another software advocacy group in Washington that conducts piracy investigations. "If you're contacted by the BSA and doing the right thing, you have nothing to worry about. So, why respond? You can and be a good corporate citizen. [But] there's no reason why you'd have to react to a letter like this."
  • It works (Score:3, Interesting)

    by captainbocephus (648007) on Wednesday February 05, 2003 @10:27PM (#5237573)
    I worked at a small, poorly-run brokerage firm this summer, and witnessed the stupefying power of the BSA first-hand. They drummed up a lot of publicity by having the local papers run several stories about regional busts they had made (both of which were the result of disgruntled ex-employees turning in their former employees), and buying some ad space on local radio stations. Then the letter came, and my boss, not knowing much about the ways of legality and whatnot, promptly allocated over $15k for systematic re-purchase of all software currently installed on the computers. Most of the progs were fairly up-to-date, and many (but not all of them) were properly licensed. Moral of the story; this is a scam, albeit a very effective one, as it is supported by legitimate businesses engaged in an underhanded approach to bolster their own sales, and I have a feeling that many more bosses than just my own went out and needlessly spent large sums of money in fear of being found "not in compliance".
  • It happened to us (Score:5, Interesting)

    by bozojoe (102606) on Wednesday February 05, 2003 @10:30PM (#5237602) Journal
    At my last firm the EXACT same thing occured. We received a letter from the BSA stating the grace period and turn yourself in routine. More importantly the letter listed some of the "suspected" software licenses that we did have. Granted the list of software was close the standard microsfot office/ ms platform company. BUT it also listed a specfic version of a certian database and devleoper platform.

    Did my company take the letter seriously, yes. My recommendation was to ignore the letter. The higher ups decided to create the tally and show the licenses. Now, at this point they "know" we dont have enough licenses. Its hell trying to find licenses for machines purchased at company buy-outs. So the letter goes back to BSA saying here's what we DONT have.

    Sure as s$%t here comes the new letter from BSA saying we are coming after you. It sounds very threatening, like a mugger is breathing down your neck. Well.... then the higher ups look at the bill they owe, they scamble asking friends for licenses, but hell no dont buy them (talking close to $50K). After calling in the favors my company still is not compliant. The decide is at this point, drop it. So we do nothing.
    (finally)

    Result:
    Absolutley nothing after the 2nd letter.
    If you respond(like spammers), they have a live one

  • by m00nun1t (588082) on Wednesday February 05, 2003 @10:36PM (#5237640) Homepage
    FIRST, I MUST SOLICIT YOUR STRICTEST CONFIDENCE IN THIS TRANSACTION. THIS IS BY VIRTUE OF ITS NATURE AS BEING UTTERLY CONFIDENTIAL AND 'TOP SECRET'.

    WE ARE TOP OFFICIAL OF THE GOVERNMENT REVIEW PANEL ("BSA") WHO ARE INTERESTED IN PIRATED SOFTWARE INTO OUR COUNTRY. IN ORDER TO BECOME COMPLIANT WE SOLICIT YOUR ASSISTANCE TO ENABLE US TO AUDIT YOU.

    HOWEVER, BY VIRTUE OF OUR POSITION AS BSA COMMITTE MEMERS, WE CANNOT ACQUIRE THIS SOFTWARE IN OUR NAMES. I HAVE THEREFORE, BEEN DELEGATED AS A MATTER OF TRUST BY MY COLLEAGUES OF THE BSA TO LOOK FOR AN UNDERLICENSED PARTNER WHO WE CAN AUDIT. HENCE WE ARE WRITING YOU THIS LETTER. WE HAVE AGREED TO SHARE THE MONEY THUS; 1. 20% FOR THE BSA 2. 80% FOR THE UNLICENSED SOFTWARE VENDOR 3. 2 - 5 YEARS FOR YOURSELF.

    PLEASE,NOTE THAT THIS TRANSACTION IS 100% SAFE AND WE HOPE TO COMMENCE THE AUDIT LATEST SEVEN (7) BANKING DAYS FROM THE DATE OF THE RECEIPT OF THE FOLLOWING INFORMATIOM BY TEL/FAX; 234-1-7740449, YOUR COMPANY'S SIGNED, AND STAMPED LETTERHEAD PAPER THE ABOVE INFORMATION WILL ENABLE US WRITE LETTERS OF THREAT. THIS WAY WE WILL USE YOUR COMPANY'S NAME TO INTIMIDATE YOU WITH QUASI-LEGAL LETTERS.

    WE ARE LOOKING FORWARD TO DOING THIS BUSINESS WITH YOU AND SOLICIT YOUR CONFIDENTIALITY IN THIS TRANSATION. PLEASE ACKNOWLEDGE THE RECEIPT OF THIS LETTER USING THE ABOVE TEL/FAX NUMBERS. I WILL SEND YOU DETAILED INFORMATION OF THIS PENDING PROJECT WHEN I HAVE HEARD FROM YOU.

    YOURS FAITHFULLY,

    DR CLEMENT OKON

  • How it works (Score:5, Informative)

    by Kevinv (21462) <.ten.neraahnav. .ta. .nivek.> on Wednesday February 05, 2003 @10:37PM (#5237644) Homepage
    BSA targets particular cities and/or business types and sends out blanket letters to companies that meet the requirements. You can get a list of targeted cities on BSA's web site:

    http://www.bsa.org/usa/events/

    Any sales increase in the city immediately after mailing of the letters gets BSA money. Now the letters don't really have an affect if they can't show they sometimes follow through.

    The BSA will then go after certain targets either ones they think are particularly egriegous or they have pretty good proof of violations (the BSA has registration/purchase info from their member organizations plus any public informaion about companies so they can see a company with 1000 employees appears to only own 100 copies of Office -- this may be legit).

    So, the BSA will ask for proof of purchase for software from their member organizations (their ability to do this given in the license agreement for most software). Note SERIAL NUMBERS AND CD'S ARE NOT PROOF OF PURCHASE. You MUST HAVE RECEIPTS!

    If you refuse they can file an civil copyright infringement lawsuit against you and can ask the court to impound the computers as evidence. They can also ask the prosecuting attny's to bring criminal actions against you.

    Details of why the BSA has the law on their side:
    http://www.bsa.org/usa/antipiracy/law/

    I'd say for a small organization you're probably safe -- unless you had somebody get pissed off at you and reported you to the BSA and raised their awareness of your company from mailing address to red light.

    Under current US law the BSA acts legally. If you disagree with this you can choose software that has no such problems (i.e. open source, free software) or you can work to change the law while obeying it or you can start some kind of civil disobedience (just remember -- if you break the law you still have to pay the price for breaking it, even for good intentions. many civil rights fighters ended up in jail to prove their point, if you can't afford the price don't use this method).

    I prefer a mix of 1 and 2. I don't think the right to copy other people's software is worth jail time to go the disobedence route.
    • Re:How it works (Score:3, Interesting)

      by Kevinv (21462)
      forgot to mention. when bsa busts somebody they like to make the point as much as possible to make sure everyone knows they mean business so you'll see press releases like this:

      http://www.bsa.org/usa/press/newsreleases//2003- 01 -26.1439.phtml?type=policy
      • Re:How it works (Score:3, Insightful)

        by SirSlud (67381)
        .phtml?

        Okay, lets hit netcraft (love you guys):

        The site bsa.org is running Apache/1.3.27 OpenSSL/0.9.6g (Unix) AuthMySQL/2.20 PHP/4.1.2 on FreeBSD. FAQ

        Why do I love the fact that a group that reps uber-commercial software interests uses .. hrm:

        - A free Unix
        - A free webserver
        - A free web scripting language
        - A free encryption library

        Hrm, maybe its to save themselves the embarassement of accidentally mailing/civil-suiting themselves?

        Ah, the joys of irony.
  • by TheCabal (215908) on Wednesday February 05, 2003 @10:45PM (#5237688) Journal
    We had the BSA sicced on us by a disgruntled ex-employee. We didn't receive one of those mass mailed letters, we received a bona-fide messenger delivered packet from the BSA, naming specific software titles. Also in the letter was their "gracious" offer to do a self-audit and orders to report the results of the audit to them. Failure to comply with their demands would result in the BSA taking us to court, getting a court order to come in and conduct an audit themselves, with their software and people,and under the eyes of either the State Troopers or US Marshals to make sure that we didn't interfere.

    So we did an audit and found out that we were only one copy of a certain software title out of compliance. We sent back the results of our audit, along with copies of our licenses to the BSA, along with an offer to buy the extra license at full retail price. They replied that our licenses and audit results were not good enough, that they also wanted us to produce the receipts for the software.

    The receipts. Apparently, having the licenses are not good enough. Or maybe the BSA figured they could strongarm some money out of us, so they leaned a little harder. I had heard that before the BSA sends out these demands, they research the company to see if they have enough cash to make their efforts worthwhile. Having recently completed a series of capital funding, I suppose we looked mighty tempting.

    This meant many days of going through three years of financial records. Eventually, we found most of our reciepts and purchase orders, except for a few things from the very beginnings of the company when the records weren't really kept. But we did have the licenses. Of course, the BSA, now really smelling blood, came down with an arbitrary amount to fine us along with a statement that if we did not pay this (ridiculous) sum for basically being one copy out of compliance, they would take us to court and demand far more.

    I was never told how much exactly we had to pay the BSA, but I heard it was "not insignificant". It was somewhere in the 5-figure range. All for one copy of Visio, and some tossed receipts from three years ago.

    I always argued that the BSA had no right to demand our receipts and financial records since we were able to produce the software licenses. It's a bunch of crap. I can't see how the BSA can legally operate in this country. There is another organization that operates in a similar fashion- it's called the Mafia. Bastards.
  • by rknop (240417) on Wednesday February 05, 2003 @10:49PM (#5237714) Homepage

    Remove "Grace Period" from the question.

    Then the answer is a resounding "yes".

    -Rob

  • by jsse (254124) on Wednesday February 05, 2003 @10:56PM (#5237752) Homepage Journal
    one of my client did return the audit form with a letter saying that the only license they got is GPL and a copy was attached for their reference.

    Then Microsoft sales came the other week and offered an attractive 'switch' packages. How Microsoft knew he need a switch is a mistery.
  • Making the Case? (Score:3, Insightful)

    by smagruder (207953) <stevem@webcommons.biz> on Wednesday February 05, 2003 @11:37PM (#5237982) Homepage
    Is the BSA almost single-handedly making the case for the adoption of open-source in non-profit orgs?
  • by zoloto (586738) on Wednesday February 05, 2003 @11:47PM (#5238044)
    before you mod me down, really read this post because it fits a theme I've been noticing lately.

    Ever notice how everyone tries to be the enforcer? Corperations, media mogules, senators and even your local legislators? It seems these days people want to be in charge, or the authority trying for a power grab they can't achieve and throwing in some new speak to throw off the commoner who isn't educated enough to know the difference between REAL authority and a scam or fake.

    The BSA is just another example to me.

    Dunno, just my 0.02c. Mod away
  • Dear BSA (Score:4, Funny)

    by Ducon Lajoie (30475) on Wednesday February 05, 2003 @11:50PM (#5238067)
    Dear BSA, following your letter suggesting a self audit of our compagny, I am glad to inform you that we did indeed complete the required process.

    As you suspected, it was impossible for us to account for every software package and updates/sidegrades we acquired over the last 10 years.

    We carefully considered the cost of a complete research of archives and archeological search at the municipal dump, as well as the cost of re-acquiring the missing licences.

    We therefore advise you that your audit letter prompted us to move to a mostly open source and free software environement. We thank you for being the catalyst in that switch, the proverbial "last straw".

    The few worksations still running software from BSA members are fully licenced and these licences are available for your viewing pleasure if you so desire.

    Yours trully,

    me
  • by rice_burners_suck (243660) on Thursday February 06, 2003 @12:12AM (#5238187)
    If any son of a bitch shows up at the door to any property of yours, included but not limited to your business, your home, or any other property, and says they're there to perform an audit of your computer software, you firmly but politely tell them that you will not allow any such thing to take place. If asked why, answer that you cannot let non-company personnel in due to trade secrets and nondisclosure agreements with customers. And show them the door. Nobody can compell you to show them ANYTHING of yours without a search warrant. You're not a public company. You have committed NO crime. And if they claim that you have agreed to such a search in the license agreements of software you have purchased, tell them it's bullshit and good day gentlemen. Let's see these scamming sons of bitches PROVE that you have entered into any such agreement. No warrant. No probable cause. And they don't have your permission. Just like the police: If an officer pulls you over and your entire trunk is full of cocaine with a street value of $1,000,000,000.00 (one billion dollars and 00/100), and the officer says, "May I search your trunk," and you say, "No, thank you," then unless the aforementioned officer can produce a search warrant or prove probable cause, he CANNOT look in the friggen trunk. If a friggen PO-LICE officer can't look in the damn trunk when it's overflowing with cocaine, what makes you think some geeky-faced piece of shit Associate Engineer Fuckup Specialist from the BSA has any right to bring his ugly ass into your fucking business?

    Oh, and if any idiot from the BSA has a problem with what I'm saying, my name is Robert Q. Campo, and my address is 881 West Harrisville Lane, Cleveland, OH 64113. Come and get me, asshole.

    • by Zhe Mappel (607548) on Thursday February 06, 2003 @02:29AM (#5238739)
      Just like the police: If an officer pulls you over and your entire trunk is full of cocaine with a street value of $1,000,000,000.00 (one billion dollars and 00/100), and the officer says, "May I search your trunk," and you say, "No, thank you," then unless the aforementioned officer can produce a search warrant or prove probable cause, he CANNOT look in the friggen trunk.
      I challenge you to test this theory. Not with $1 billion in coke (unless you're an ex-Enron executive). No, let us test with the following mundane example -- nothing original, merely run of the mill 21st century U.S. domestic law enforcement.

      We shall need a nice BMW with a minority driver, innocent of any crime or criminal intent, who happens to draw attention by cruising through, say, a predominantly white upper middle class neighborhood or, alternatively, a predominantly non-white underclass neighborhood. As TV teaches us, he must be up to something.

      Said driver has a malfunctioning tail light (grounds for the stop). Said driver is heard to say "Shit" in angry exasperation as the white cop, just like the last white cop before him, approaches the car (grounds for the "reasonable suspicion" of personal or public danger). Thus the cop, now fearful, orders driver out of car and tells him to submit to a frisk. Driver protests, "Hey! Why are you picking on me?" This triggers heightened suspicion in cop who, later, will state in court that the defendant resisted -- grounds for use of physical force in effecting the frisk and arrest, and subsequently for a search incident to arrest that allows the cop to dig widely through concealed areas and containers in the car. Thus far, we have an arrest, a lot of searching, and probable cause hasn't even entered into it. We're getting by quite nicely on the very flexible "reasonable suspicion" standard without any of the bothersome probable cause tests or a search warrant.

      Now the the car's impounded, and what happens? The trunk is opened. It's the precinct's policy to inventory everything. And that search -- again, warrantless and without probable cause -- is constitutionally permissible because the cops aren't specifically looking for criminal evidence; oh, no, they're merely impounding and inventorying the vehicle. Bad luck for our driver if he actually had anything illegal in there...

      Within recent memory the U.S. enjoyed a brief period of rich protection under the Fourth Amendment, chiefly due to the wisdom of the Warren Court, between the 1960s and early 1980s. Since that time the Rehnquist Court and other conservative benches have seen to it that the police are able to conduct warrantless searches with wider and wider authority, holding variously that the public interest is served by abrogating personal privacy and increasing investigatory protections and abilities. That has been the theory, anyway; the Drug War has been its practice. Today, your actual freedom against unreasonable search and seizure is a function of many factors, not limited to the exception-riddled case law, your skin color, the attitude of the cop who stops you, your ability to afford effective counsel, and the temper of the court.

  • by Anonymous Coward on Thursday February 06, 2003 @12:17AM (#5238223)
    I post this as anonymous coward because I want to avoid giving my employer anymore "attention"!

    Anyway, here's what happened:

    We are about 1,800 employees big. We go the BSA letters about a year ago. Our legal people consulted with outside legal specialists regarding this. The result was that we caught up on licensing real fast, and we produced documentation to the BSA that proved we were legal and that was the end of the legal hassle. Of course this took about 9 months :-)

    Several comments:

    1) We were big enough to atract attention, and we are profitable, so we were the perfect "target."

    2) No one in our company considers this a "scam." We willingly decided on our own to use commercial software and we intended to pay for it (honestly!). We did find inaccuracies on our purchasing: We had too much of some stuff, too little of other stuff. We purchased what we needed to.

    3) In response to some dumb comments on here: The BSA deals with the software of its vendor members, not ALL software vendors. We were sent a list of the software producers whose products were in question.

    4) Some people here have said that EULAs are invalid: Bullshit. There have been court decisions going BOTH ways, but the more recent antecedents have all been in favor of EULA validity. It can't get much clearer: If you agree to the EULA terms, you are bound by them.

    5) The old "prove it" reprise: Someone here said to just ask the BSA to prove that you stole software. This is inaccurate/misleading. If you say to the BSA "prove it," then the BSA IMMEDIATELY will subpoena your receipts for your purchases (Which, they will successfully argue in court, they need to "prove it"). They CAN do this, and they DO do this. If you get to be too much of an asshole about this, they can get the court marshal to seize your computers. It has happened before...

    6) There are federal statutory guidelines that indicate collectible damages. If you are an asshole to the BSA (or a software producer), they can be assholes back: I believe it was Snapple that got fined a couple million bucks because they were assholes to the BSA... Technically it is a copyright violation every time you load an unlicensed program into RAM (every time you run it). Normally this would fall under the "reasonable uses" clause thing, but since the copyright is being violated, there is no "reasonable use" to it... Therefore every time you run the program you incurr the federally-mandated minimum fine... In case you feel like bitching about this, you should know this case went to court, and was not settled out of court, as far as I know it was not successfully appealed either.

    7) Does the BSA have the right to send these letters? OF COURSE! What are you going to say, "No! I want to hear these threats from Adobe!" Just get it over with... It's easier to deal with one entity, you will get it over with quicker. Ovbiously, the BSA members give the BSA authority to sue on their behalf! The EULA has nothing to do with this.

    8) Lastly: If you use commercial software, it is understood by definition that you must pay for it. What the hell is the problem with that? No one held a gun to your head to force you to use AutoCAD!

  • by happyhippy (526970) on Thursday February 06, 2003 @01:04AM (#5238460)
    and said directly to the IT officer that she was going to jail by the next Monday if she didnt buy their audit.

    She told them to phuck off as she gets these kinds of sales techniques all the time.

    The very next day a Mocrosoft rep called out of the blue. Our MS licences werent up for renewal and we never bought anything from them recently. Coincidence?

  • by grundie (220908) on Thursday February 06, 2003 @08:52AM (#5239917)
    A man I know as a regular in my local pub owns a chain of estate agents. They have 4 branches and they own about 40 PCs and a server or two. The only BSA related software the agency uses is the Windoze OS and a few copies of MS Office which are only used by secretary's (all 100% legit). The main software used for running the agency is actually a bespoke application, developed locally by a small software house.

    He got the letter from the BSA mentioning the grace period, thretening a surprise audit etc. He reponded by informing the BSA if they made any attempt to enter any of his premises he would treat the matter as aggravated tresspass and use whatever means necesary to te remove them. The was followed up with a "We are sorry you are taking this attitude, but we have a right blah, blah" letter, but after that he heard nothing.

    The BSA may have a (questionable) contractual right to audit your software, what they don't have is the right to enter buildings and act like they have legal backing. I know someone who was at the sharp end of such and audit and aparently it is not very pleasant. The BSA folks do act as if they are policemen and they are very upfront.

    The BSA is just a trade body, the software equivalent of the Taxidermists Association of Scotland or the Charterd Institute of Accountants. They exist only to represnt the interests of MS, Adobe etc. They have no legal powers whatsoever. Their powers of enforcement as an organisation are exactly the same as mine as an individual. If they hassle you, ignore them and tell them to sue you or go away, simple as that.

    Whatever your moral stance, legally speaking software piracy is wrong. However there are existing mechanisms in place to deal with piracy. The BSA approach seems to be to squeeze the biggest amount of cash out of the existing customers of its members. What about the many SME's that have never, ever bought legit software? How does the BSA deal with these types, given that the BSA probably doesn't even know they exist? I know of several businesses who don't have one single piece of legit software, the BSA doesn't even know they exist. BTW I won't snitch on these businesses, I live in Northern Ireland and I like having knee caps.

    The BSA duses extortion to make money for its members. Its picks on those who are largely 100% legit, but may have made mistakes, these are easy targets. It would seem to ignore those who are serial pirates, those who do not intend to now or ever buy software. This approach is easy for the BSA, they really should sort their priorities out.

Line Printer paper is strongest at the perforations.

Working...