Is the BSA "Grace Period" a Scam? 879
An anonymous reader asks: "I work at a small non-profit that has 18 employees plus a 13 seat computer lab. We received a form letter from the Business Software Alliance (BSA) telling us to do a self audit and if we find any unlicensed software to report it during our 'Grace Period' because 'if you organization's software is not licensed, it could become to focus of a BSA investigation'. Now this is obviously a method to scare up some business for the BSA members. If we ignore this, how likely is it that we will be 'investigated'. I know that I cannot produce the original CD's and/or documentation for some of the software that we HAVE paid for."
Lemmie get this straight... (Score:4, Funny)
Step 1: Promise not to sue people
Step 2: ????
Step 3: Profit!!!
Has to be said (Score:5, Funny)
Who's there?
BSA: (mumbles)
Who?
BSA: Unicef.
Oh! Why didn't you say that before?
BSA-landshark attacks pirate who opens the door.
Huh? Why is everyone having trouble with this? (Score:3, Interesting)
"Grace period" means they won't sue you if you come forward. It doesn't mean they'll let you continue to use pirated software; they just expect you to buy legitimate copies at this point. It's the same thing that the IRS does every few years. If you come forward they won't penalize you for not having filed your tax returns, but that doesn't mean you don't have to pay any back taxes.
Stole from them? (Score:5, Interesting)
Personally, I refuse to play. I will not purchase any software from any company that employs the services of collection agencies such as the BSA. Furthermore, I will do everything in my power to dissuade my clients from purchasing software from these companies.
Re:Stole from them? (Score:5, Interesting)
The comparisons to the IRS are pretty apt, though. What generally happens is that the BSA gets a tip from some disgruntled employee/ex-employee that company X is using pirated software. The BSA picks a few of those companies at random (or maybe they have some criteria) and takes 'em to court. Unfortunately, the onus is on Company X to prove that they have licenses for all the software they're using. If they can't, they have to pay for the software and generally get whacked with "punitive damages" as well.
The BSA uses those cases to threaten everyone else into doing those bogus "self-audits" and sending hush money to the BSA.
I don't mind paying for the software my company uses, but keeping track of all the licenses is a major pain in the ass. Every software seller has a different definition of what you have to be able to present to prove that you have a license. A piece of paper? Something with the serial number? The installation CD?
Then they all have different license terms. Some require you to buy one copy for each computer, some let you buy one copy for each concurrent user, some let you uninstall the software from one system and put in on a different one, some make you you buy a fresh copy for each system... it's a HUGE hassle, and the software vendors don't really seem to give a crap about how difficult they're making it for their customers.
Re:Stole from them? (Score:5, Interesting)
Just a real world example..
I'm the network schmuck at a small company. I got the job because after a year of ineptitude, they let the previous guy go.
About a week after I started, I got a menacing letter from the BSA. It said we might not be compliant....yadda yadda yadda.
Well, it turns out that the previous network admin had installed Windows 2000 and Office XP on a lot of computers without having licenses for them...
He installed the software while worknig there, knowing we didn't have licenses, then when he got fired, he called the BSA.
Explain to me again why this is the fault of the company, and not the individual who knowingly broke the rules? (And yes I am very hesistant to say "law")
Re:Stole from them? (Score:4, Informative)
IANAL, but it sounds to me like the company could sue his ass off, and possibly even get criminal charges brought against him.
It also seems to me that, if the comapny is forthright in admitting guilt and ignorance, the BSA may be willing to pursue the network admin instead.
Re:Stole from them? (Score:4, Funny)
Unfortunately, much as we would like to say "Sue the idiot!", the company does bear responsibility for the actions of its employees, when those actions were undertaken as part of the employees' responsibilities on the premises and during working hours.
The company has no requirement to give that ex-employee a good recommendation, though.
Just my opinions; I am neither anal nor a lawyer.
"it's a HUGE hassle" (Score:5, Insightful)
Just say no.
KFG
Re:Stole from them? (Score:4, Informative)
People don't get sued for GPL violations. They only get sued for Copyright violations. Once the GPL isn't worth sh*t (sh*t being what it's not worth once you violate it) you have no rights to distribute the associated GPL software that the DMCA doesn't otherwise give you. Once they show that you're distributing binaries of GPLed code, all they have to do is show that you're not making the source code available.
The GPL doesn't give the owner of the software's copyright any rights that they wouldn't otherwise have under copyright law. They simply give the recipient protection from copyright prosecution, as long as (s)he follows certain rules.
Re:Stole from them? (Score:5, Insightful)
Dude, you're way missing the point here. Sure a lot of people feel strongly enough against non-Free Software that they won't buy it, but this case is different.
The BSA is essentially running a protection scheme. Here's the scenario: Let's say you run a business that's large enough that it's difficult to keep total track of everything on every machine.
You don't (purposely) violate any software licenses, and take pains to follow them correctly. However there is significant overhead to keeping track of what you can and can't do with the software you've bought, and violations are sure to occur. There's just too much to do not to make an error.
Some employee you've pissed off (and if you're an employer you will piss off an employee) goes to the BSA and tells on you. They don't need actual evidence. To audit you. They 'nicely' tell you to audit yourself and give them money for anything that might not be compliant.
Let's say that you can't find proof that you purchased some of the software you purchased. You then have to pay for that AGAIN. If you don't pay them for it, and they audit you, you then have to pay for it anyway, plus exorbidant fines because you couldn't proove that you weren't guilty of a crime.
They also use this as a scare tactic to scare people from going to Open Source, or even competitors. If you are looking at not renewing a licence you get a message that you might be audited. Even if you are in total compliance, it's rather expensive and labor intensive to go and make sure. Were my university to be audited, it would cost around $2,000,000 just to double check, and given the number of people using computers (about 10,000) it is virtually guaranteed that someone somewhere either wasn't careful with licensing proof, or just flat out pirated something.
What they are doing is no different than the Mafia vandalizing someone's business and then asking money to make sure such things don't happen again. It's protection money, nothing more nothing less. They just couch it in a slightly less ominous sounding name.
Many Open Source advocates have no problems with paying for software, music, movies or books. What causes problems is when someone tells me I can't do what I want with the media I've bought that I get a little upset.
If I want to make a mix for my car, the law says I have that right. They're trying to stop me. If I want to use software on a different machine, I have that right. Under strict copyright law (may be different under DMCA now), I can put software on any number of machines as long as they aren't being used concurrently. I can copy movies or cd's (as many times as I want) as long as I don't distribute them. As long as I dont' redistribute what I do, I can do whatever I want with what I've purchased.
Under the Constitution of the United States, it is not my responsibility to prove my innocence, it is your responsibility to prove my guilt. If you can't prove my guilt, I am to be considered innocent. The BSA has neatly ignored this, and gotten courts to go along with unconstitutional legislation. Fines are imposed without trial, and without proof of guilt, in direct opposition to the Constitution.
More than a Boycott needs to be done to the members of the BSA. There needs to be a trial that addresses flagrant violations of the constitutional rights of individuals all over the United States, and an appropiate punishment needs to be given.
I disagree (Score:5, Insightful)
I say all this because the shrink wrap license ("EULA") - through which the BSA claims to derive its authority - is thus on extremely thin legal ice. In fact, I am on a neverending quest to find reference to any (any) case where any of the more onerous terms of a shrinkwrap license have prevailed in court. (UCITA, of course, changes everything - but that's a subject for another post.)
Almost all users of computers never properly understand the "contract" they have supposedly "agreed to" by using their software. They are ignorant of the need to keep and maintain records (as if their word processor was a firearm or motor vehicle), and the idea of granting some organization permission to enter their premises and inspect, demand documentation, and otherwise claim supra-police-like powers just to "insure" that they're not violating their "agreement" must profoundly, breathtakingly, and absolutely fail the test of "reasonable expectation."
In the case of copyright violations, there are criminal and civil penalties. You can sue me for stealing your software. You can also call the police on me, who may choose to arrest me and try me for said same. But enter my place of business uninvited to "inspect" or "audit" on the basis of a shrink wrap license? I don't think it flies.
Let's sum up.
The BSA claims a variety of privileges (from the EULA) which it doesn't really have. It threatens you with actions which are almost certainly illegal. Software users are unaware of their "obligations" under their "licenses" even if you consider them binding (which is asinine), and even when they attempt to follow the rules, there are many cases where it will not be possible to provide documentation "to the satisfaction of the auditor" - whose standard is arbitrary, and purposefully engineered to make it unlikely you can meet it. You are frequently given a very short time in which to reply to the ultimatum - purposefully short, to insure you will not have time to properly inspect your facilities before making a decision. Then there is the oft-cited case of schools and charities which use donated equipment for which the paperwork is not, and probably can never be, in order.
The cost of self-defense is borne by the defender in civil court. Knowing one is on the receiving end of a legally specious and improper legal challenge is one thing. Being able to afford your defense against some of the world's richer companies is quite another.
Most victims who receive this have done everything right, but have not retained all their receipts, and/or cannot afford the considerable manpower and expertise it will take to insure "not one single unlicensed copy of anything" exists on any of the machines in their organization. Consider... will even one violation, even when made by an employee in violation of a company policy, result in punitive damages?
Generally the BSA gets what it wants: a "settlement" in which they are paid not to "report" to federal authorities and/or file a questionable lawsuit. The victim pays again (perhaps many times again) for what they already own.
We have come a long way from the simple world of Best Buy which you describe.
The fact that no one understood their options or the consequences of their choices is the very thing at issue here. Extortion, coercion, and foul play describe these practices perfectly.
Groups like the BSA are not a "price to pay for preventing theft." Their tactics are both immoral and unnecessary. They have no place in the enforcement of copyright. The police are the ones whose job it is to handle software thieves. But then there'd be no money in it for anyone, eh?
Recieved the same thing... (Score:5, Interesting)
Re:Recieved the same thing... (Score:5, Informative)
The article stated that all of the BSAA members' licence agreements had this clause (audit by a third party agent of the member) so the legal standing was firm. Fortunatly I believe this practice targeted large firms only..
What a GREAT reasone to dump Microsoftware! (Score:3, Interesting)
The article stated that all of the BSAA members' licence agreements had this clause (audit by a third party agent of the member) so the legal standing was firm.
So if you have any Microsoft (or other BSA member software) in your shop, they can randomly decide to audit you AND CHARGE YOU FOR THE AUDIT.
What a great way for them to suck money out of other companies whenever they're in trouble - or when the other company might be developing a competing product and they want to shut it down (or at least suck out some of its blood, disrupt its operations, and maybe steal its product-under-developement.)
And what a great thing to use to beat around the head and shoulders any corporate exec who made a decision to use a Microsoft (or other BSA affiliate) product - mission critical or otherwise.
B-)
Re:Recieved the same thing... (Score:5, Informative)
Did you know that about 90% of the IRS investigations are brought about by people reporting other people? They give you a percentage of the uncollected funds. I am sure these type companies have an even higher ratio of reports to investigations not to mention a collectors fee.
Re:Recieved the same thing... (Score:4, Interesting)
Anyways, I put this up on my site [kb9mci.net]. Go have a look at Asok talking about his new invention that makes all copyrighted material available for free. It's sad.
Re:Recieved the same thing... (Score:5, Insightful)
I once was a fan of his comic and wrote a Comic->Avantgo->Palmpilot filter for Dilbert. I sent a message about it to the dilbert.com webmaster and told them that a) I am the only user and don't intend to make it public and b) if they wish, they can have this filter for their web site and use it there, for free.
No reply. I totally forgot about it, then months later I got a threatening letter from Scott Adams' lawyer, telling me that my script was a copyright violation, demanding that I send them a list of every person who ever used it and announcing me how much I'll have to pay in licenses for the expected number of users of my script.
And this for a script that I offered to dilbert.com for free, for their own use, without any malicious intent at all. For something that I told them as "hey, look at this, I use this personally, it's neat, you can have it, check it out."
I wrote a reply to the lawyer, telling them how disappointed I was that they send a lawyer first instead of just saying "sorry, no interest, and please take the script offline as we'd consider it a copyright violation if you made it public to other Avantgo users". Scott Adams replied, apologized, but his message was clear that he had no clue why I was so disgruntled about it.
Well, one reader less to worry about, Mr. Adams.
Re:Recieved the same thing... (Score:5, Interesting)
And I admit that there was one whiner on the staff who absolutely insisted on having MSOffice so instead of buying ten licenses, they only ended up buying one and the rest of the staff was quite happy as long as they still had their e-mail and could get on the web. The BSA is the best thing that ever happened to Linux.
Re:Recieved the same thing... (Score:5, Interesting)
I signed up for a free subscription to a magazine that focuses exclusively on "open" source advocacy and products. Part of the questionare was if I owned a buisness. I did, enough to say so on the response card. I put a name on there somewhat arbitrarily. I chuckled when I saw that same name on the BSA letter.
I still operate as a self-employed consultant, so I never needed to file for a liscence under that name.
-------------------
OnRoad [onlawn.net]: Reporting what happens in America when police get out of hand.
Re:Recieved the same thing... (Score:3, Interesting)
Everyone was ordered to back away from the keyboards and stand against the wall in plain view while the BSA guy went to each PC and ran a program on a floppy that would inventory all the software on the PC. He then compiled all the information they got and marched straight to accounting and had them show proof of purchase for every piece of software. Whatever couldn't be proven had to be paid for on top of a stiff penalty.
I would say yes they do have power over your business and it would be wise to avoid a visit by them.
----
Working in Canada but not Rest of World (Score:4, Informative)
CAAST -- a nonprofit industry alliance group that counts among its members Adobe Systems, Apple Canada, Microsoft Canada, and Symantec -- said that one in every three business software applications in the country was pirated in 2000.
On a positive note, the report showed a four-year decline in the software piracy rate, dipping to 38 percent last year from 41 percent in 1999 and 40 percent in 1998.
"Although the piracy rate has decreased, software piracy continues to signify lost jobs, wages and tax revenues in Canada," said CAAST president Allan Steel. "Organizations need to realize the importance of implementing policies and procedures in order to achieve and maintain compliance."
The rest of the world, on the other hand, is not quite as obedient
The BSA and CAAST studies, which were conducted by the independent International Planning & Research Corporation (IPR), also found that for the first time in six years, the world piracy rate increased, edging up to 37 percent in 2000.
yeah but... (Score:5, Insightful)
one, it doesn't cost the software companies a thing. you steal a car, it takes steel, rubber, plastic from somewhere. you make a DIGITAL copy, it costs software co. nothing. and many of the "pirates" wouldn't have bought the software.
two, the people using the software are not using a cheaper alternative. why would you use OO.org, when ms office is "free". so, piracy destroys competition. i remember there used to be at least three major office suites. corel, lotus, and office. in fact, office 97 offered wordperfect and lotus 123 keystrokes, BECAUSE THEY HAD TO. but "piracy" reduced the market share of the other two to nil
three, "piracy" promtes sales. as one program and one format becomes the "standard", especially if it is closed, peopole eventually all have to get on board. and not everyone or every business can "pirate".
i am as big a free market economy guy as you can get. i am as low tax and low regulation as you can get. but this whole piracy thing is bullshit. and they know it.
Economics for BSA Haters, 101 (Score:4, Insightful)
A brief note about economics is probably in order. The cost of making a physical CD is not what you are paying for when you buy a CD. You are paying for the cost of developing, testing, marketing, researching both that program and future programs.
That means that pirating software costs the developer the chance to recover the costs of making that software in the first place.
And before anyone mods this Flamebait, give a moment's thought to what this means for the (non-BSA member) Linux companies out there: companies with (as a rule) very good chances of going out of business each year. They spend time researching, fixing, improving the OSS software that you use regularly... but since most people download this without actually paying a penny for it, they have to find alternative routes to make money.
Now I think that there are lots of arguments for OSS, but it does make the economics much more complicated for all involved.
Re:Working in Canada but not Rest of World (Score:3, Insightful)
THe goal of the organisation is to reduce software piracy. The fact that the people who work for them get paid has no bearing.
Re:Working in Canada but not Rest of World (Score:3, Interesting)
Or, it can just continue as it has been. The wealthy have always paid for research & development -- once we spend a billion dollars figuring out how to do something, keeping that knowledge from everyone else out of spite is pretty pointless.
Google news... (Score:5, Insightful)
A Google new search [google.com] reveals all sorts of interesting articles, including some cases where people were [itnews.com.au] busted [dailytimes.com.pk].
And this little gem: [212.100.234.54]
The people who were busted... (Score:5, Interesting)
...actually installed illegally pirated software, though. Show me a case where a group with genuinely bought software but a couple of misplaced certificates was successfully sued?
Re:The people who were busted... (Score:5, Interesting)
Re:The people who were busted... (Score:3, Interesting)
Low Key (Score:5, Funny)
Required to produce documentation? (Score:5, Insightful)
Supposing the BSA does perform an investigation, I'm wondering what the actual legal procedures are.
Are you required to maintain documentation of every last opened piece of software? I know at the CIT department I worked in for school, we had Windows 95 manuals stacked up in storerooms, even though there was a school wide license. I don't know if this is required though.
Furthermore, what happens if they find you're missing a couple documents, and decide to take you to court. Is any jury going to decide, based on either a "preponderance of the evidence" or "beyond a reasonable doubt" standard that this software was obtained and/or used illegally?
Any legal experts out there?
Re:Required to produce documentation? (Score:5, Informative)
The main thing that confuses me is that I keep reading stories about the Marshalls coming with search warrants while some administrative person runs an investigation. This does not make sense to me, because it is either a criminal matter where the BSA person should not be involved at all (only the police and the attorney general or district attorney will be involved in a warrant search), or it is a civil matter where the search and seizure happens after a hearing, and after the plaintiff has received an order granting specific permission for seizure of assets.
If anyone entered a place of business where I had responsibility, they would be asked to leave at once. The State Police would be called if they did not leave at once. If the person thinks he has some contract with me granting him the right to snoop in my office, he can discuss that with my lawyer or with a judge at a hearing where we will discuss this contract.
Simply having an agreement in your hand does not magically give you the right to trespass or seize property.
Now, if the police are investigating a criminal matter, that is worlds apart from what we've descibed so far. But the standards of evidence collection, the consequences of flawed procedure, and the burdens of proof are also very different in a criminal case. If the complainant does not also happen to be the peace officer who was granted the warrant, laws are being broken if he is the one performing the search. That's enough error to get the case thrown out and the plaintiff arrested or fined.
A trade organization's demands do not trump an individual's constitutional and civil rights. You DO have to submit to signed orders by a court. You DO NOT have to submit to enforcement tactics which circumvent due process of law. Ever.
Every time you give in to thugs, you diminish MY rights.
I'm not a lawyer, (Score:5, Interesting)
If it's somewhere in a license they can show we bought, that we have to allow access to the installed software, then for every license they can show, I can provide an adequate installation.
Re:I'm not a lawyer, (Score:5, Informative)
As my lawyer told me, replying to it simply gives them a name and address to send more correspondance to.
So I threw mine away.
Re:I'm not a lawyer, (Score:3, Informative)
Re:I'm not a lawyer, (Score:3, Interesting)
I remember one Slashdot poster years ago describing how a clueless auditor had to ask for help because the Windows warez-finding software they were using didn't seem to be running properly. . . on a Sun Ultra 10.
Re:I'm not a lawyer, (Score:4, Informative)
"Beyond a reasonable doubt" is only for criminal charges, for a civil case they only need to be able to prove their side better than you can prove yours. One fired loser is a weak hand, but it still beats a zero...
Consider an Apartment Lease (Score:4, Insightful)
Still, even if you rent rather than own, even your local police department needs a search warrant to enter your apartment. Also, if a person legally consents to a search, that consent can be withdrawn at any time. At that point, a search warrant is required. How is some kind of private "trade group" going to bypass that little requirement? Even if you clicked some EULA, I don't see how you can give up your Fourth Amendment rights with the click of a mouse. The police have much more power than some trade group, and if they need a warrant, how can some trade group skate by without one? Any lawyers want to comment?
I'd like to see these guys try it, quite honestly... just like that rental car company that was levying fines based on their GPS spy-unit speed measurements... they were denied. Private organizations/businesses don't have the power to levy a fine; that power belongs to the State.
If they were bold enough barge into your home unannounced, with no legal authority to do so, it would be at least Breaking and Entering, or even Burglary (if you were home at the time). If they threatened you in the process, it would be Aggravated Burglary, and you might even be justified in some self-defense. Somehow, I suspect a bunch of software-licence-hunting bean counters are not up for that kind of action.
Even if they do have some sort of "compliance inspection" in their EULA, it's just begging for a court challenge if they force the issue.
If you click a button saying "it's OK to shoot me," don't doubt for one minute that somebody would go to prison for a very long time if they actually pulled the trigger.
Ignore it (Score:5, Insightful)
Since they are wanting you to perform a self audit and report any installs you can't find the correct documentation for, it's the same situation. Just an attempt for them to drum up some money for the BSA members.
We received that same letter about a year ago and I chose to ignore it, so far no one has followed up on it.
Now, if you get a certified letter from them, then I would take it more seriously, but just a bit more
Re:Ignore it (Score:3, Funny)
Last I knew, slavery was illegal, dude. I'm sure some people think their bosses own them, but in all actuality, usually they're just rented for 40 hours a week.
What investigative powers/authority do they have? (Score:5, Informative)
Promoting a safe and legal online world
The Business Software Alliance (BSA) is the foremost organization dedicated to promoting a safe and legal online world.
We are the voice of the world's software, hardware and Internet sectors before governments and with consumers in the international marketplace. BSA members represent the fastest growing industries in the world.
BSA educates computer users on software copyrights and cyber security; advocates public policy that fosters innovation and expands trade opportunities; and fights software piracy.
Nothing in there suggests any legal authority. They are advocates not enforcers. Those letters strike me as very misleading. Anyone want to post a copy?
Sample Letter (Score:5, Informative)
Here is the letter we got, mispellings are mine, formatting isn't perfect:
BSA, 1150 18th Street NW, Suite 700, Washington, DC 20036
Is your business using unlicensed software? If so, the Business Software Alliance is offering a one-month opportunity to get licensed. Your BSD Grace Period Participation ########
January 22, 2002
MY ADDRESS
Dear FOO,
You may have heard that the Business Software Alliance is investigating ANYTOWN area organizations that use unlicensed software. If your organization's software is not licensed, it could become the focus of a BSA investigation. So, audit your software now. Unauthorized copying is the same as stealing. The penalties for copyright infringement are serious - sometimes totaling hundres of thousands of dollars - and in this economy, can your business affort that risk?
BSA is an association representing the leading software companies: Adobe, Apple, Autodesk, Avid, Bently Systems, Borland, CNC Software/Mastercam, FileMaker, Internet Security Systems, Macromedia, Microsoft, Network Associates and Symatec. Together with our memebers, we educate the public about software compliance and protect intellectual property rights.
Would you be able to tell if an employee had installed an unlicensed software program? Your business has until February 28 to get licensed.
BSA recognizes that, for whatever reason, your company may not have managed its software assets properly. That's why from February 1-28, BSA is offering a Software Grace Period to business like yours in ANYTOWN. Please take this time to review your software installations and usage and, if necessary, acquire the licenses your business needs. If, after you have participated in the Grace Period, your organization becomes the focus of a BSA investigation, BSA will not seek to impose penalties for any unauthorized copying that occurred before February 28, (unless your organization has already been informed that it is under investigation). If BSA contacts you, just show your Grace Period Participation Nuber and the software purchase receipts. [Please see the reverse for terms.]
Not sure if your organization is fully licensed? BSA can help you find out.
Visit our Web site at www.bsagrace.com for more information and to download the free Software Audit Tool, or call our special Grace hotline at 1-877-536-4BSA (1-877-536-4272). If you find that your business isn't 100% licensed, contact your software vendor immediately and buy the software licenses you need before the Grace Period ends on February 28.
Sincerely,
Bob Kruger, Vice President, Business Software Alliance
Grace Period Participation Terms
Bsd is offering a one-month Grace Period between February 1-28, 2003.
1. For your organization to qualify for the Grace Period campaign:
2. If, after you have participated in the Grace Period, your organization becomes the focus of a BSA investigation, BSA will not seek to impose penalties for any unauthorized copying that occurred prior to February 28, 2002 (unless your organization has already been informed that it is under investigation). If the BSA should contact you, just show your Software Grace Period Participation Number and software purchase receipts.
3. For the purpose of the Grace Period, BSD members are: Adobe, Apple, Autodesk, Avid, Bently Systems, Borland, CNC Software/Mastercam, FileMaker, Internet Security Systems, Macromedia, Microsoft, Network Associates and Symatec.
Re:What investigative powers/authority do they hav (Score:4, Informative)
Did you register your software recently? (Score:5, Interesting)
They called a 'truce' in our town of 500. We are a 2 employee show, run from a basement.
We bought a bunch of stuff, but never sent in the registration cards. We registered some stuff back in '97-'98 probably, and nothing since. We haven't gone out of business, so they figure we're probably pirating something. We are not, but since we haven't registered anything in a while (Microsoft Tech support is sooo valuable!), and are continually considering the move to Linux (just a matter of time...) we come up in their database as a possible pirate. Oh the miracles of databases!
All we did was make a file of receipts and certificates, and they can wade through it if they come a knockin. We're sure it's all there, and we can hopefully sue if they end up siezing a computer, especially since we are legal.
We had to look real hard for the licenses, but we found them. The certificates are useless without a receipt.
Ignore it, it's more like SPAM that a real letter! (Score:5, Interesting)
The BSA must be getting names from those lousy online surveys (company size, whats your position, how much software will you be buying in 6,12,24 months).
Sounds more like SPAM to me !
Re:Ignore it, it's more like SPAM that a real lett (Score:5, Interesting)
BSA (Score:3, Interesting)
I think the only question that went through my head was what if any legal power would the BSA actually have if they did decide to audit me. Seeing as I don't own a company
One particular experience... (Score:5, Insightful)
I know someone that was audited by the BSA and decided to fight it. Basically they countered by stating they wanted full disclosure of who reported them so as to determine the validity of the claim prior to wasting internal resources and dollars. They also argued that the reporting tools are a violation of privacy. Yes, they expected them to place some software on their network which scans their entire network not to mention each machine's registry. Third, they also argued that even if they were in violation of license, the license is between them and the vendor (after all, the license does not allow for the BSA as having legal proxy interests) and unless the vendor in questions decides that they'd like to personally persue the issue, the BSA does not have legal authority or the legal grounds to persue the action. Furthermore, they argued that even if something odd was discovered and they lost, only the government has the right to impose fines on legal matters as such and they would be within their legal rights to simply purchase any outstanding licenses or settle directly with the vendor in question and completely dismiss the BSA altogether thereby eliminating the need to pay any fines or added fees.
Last I heard, even though two ex-employees had turned them in, the BSA simply walked from the issue as, from what I gathered, they really don't have a legal leg to stand on.
Re:One particular experience... (Score:4, Insightful)
I'm curious to know if the registry scanner has the capability to differentiate between actively installed software and previously installed software that failed to correctly uninstall itself? My guess is no.
Re:One particular experience... (Score:3, Interesting)
its not a scam.... (Score:5, Informative)
A scam, probably not. Is it smart, also probably not. Im in the chicagoland area and have been hearing the commercials for BSA on the radio everywhere across the dial. What they are aiming for is to get people turned in by relying on an unhappy employee to rat them out.
That being said, keep in mind that the BSA is just an organization set up to find pirated software and collect fees. Fees that they no doubt get a cut of. They seem to have no problem using peoples fear and turning it into the driving force of their biz.
You are under NO obligation to report anything to them, unless they hand you a court order. They are an independent entity and have no more ability to legally inspect your systems than I would. so it would be in their best interest to make it seem that they do have that ability
This seems to be a page right out of the RIAA playbook, pretend something is true and youll fool at least some of the people
You can fool some of the people some of the time, all of the people some of the time, but never all of the people all of the time
More Confusion... (Score:5, Funny)
Re:More Confusion... (Score:3, Funny)
Birmingham Small Arms Motorcyles [btinternet.com]
Shakedown (Score:4, Insightful)
--Mike--
We've had this discussion before and... (Score:4, Interesting)
Re:We've had this discussion before and... (Score:3, Informative)
I know the CompUSA drill pretty well by now, but I still occasionally get sort of annoyed when some half-asleep kid wants to frisk me on the way out of the store, even when I purposefully stop at his little podium and hand him a receipt for my purchases while waving a transparent bag under his nose.
Last time I was down there, that was exactly the situation, so I asked the guy, "Are you serious? What would you do if I refused?"
He said, "I'd tell you to have a nice day."
'Nuff said.
Re:We've had this discussion before and... (Score:3, Informative)
I haven't been to a CompUSA, but Fry's does the same thing. A while back, I saw a post by a person who said he just ignored the receipt-checkers and calmly kept walking out, and they gave him no trouble.
So I tried it at my local Fry's... and I got no hassle.
My advice? Ignore them and just walk out. If they stop you, ask if you are under arrest, and if so on what charge.
Oh, wait, that's offtopic. Ummm...
BSA bad! No biscuit!
*whew* That's better.
Me and the Boys (Score:5, Funny)
Actually, this campaign was going on two years ago. In the fall, I think. Same scam.
Maybe not scam, more like racketeering. (Score:5, Interesting)
Nailing them for mail fraud would be nice too, if you can find them deliberately transmitting false statements.
They are scum only out to extort a buck.
Ignore Them! (Score:3, Informative)
Of course you should be paying for the software, and if you do not have the licenses I suggest you get this resolved. A receipt should be sufficient enough to track down when/where the software was bought. You have 20 computers, and a receipt for 20 copies of MS-Office..well guess what, no lawyer in their right mind would go to a judge with this. Do not tell me you have no receipts for the software,, what kind of mickey mouse outfit are you working for? The IRS is going to be your next problem!
So in the long run I would just ignore them. Go ahead and do an internal audit of which you lose the documentation, then I would start buying software in a one and two a month type scenario. Nothing to break the bank.
In any case DO NOT LET THEM COME DO AN AUDIT! They have no right to enter your buisness, and they will not do this without a court order. And if they have a court order your lawyers can fight this easily. It is impossible for them to prove they have a shread of proof, and anything that an disgruntal ex-employee has said is hearsay.
We think the reason they contacted us is because an ex-employee wanted a raise since he just graduated a CCNA course and was Cisco certified (I find this amuzing since he took a class for 2 years on the CCNA test which has a book of less then 500 pages), problem is that it was not his job to work with Cisco equipment and we have no positions available for him. Since he was an asshole and demanded a raise we fired him, so we think he called the BSA and said we were illegal for Adobe software because the software cabinet the IT department has only has 2 copies of the Adobe Acrobat software, what the moron does not know is that we have 15 copies of it in different departments maintained by that department since it is specialized software and only a few people get (The IT department maintains a copy of the license and screen prints, also copies of the receipts are filed in the IT office which he would not know about since he was a tech, and shitty one at that!). It is installed currently on about 10 peoples computers.
The odds? (Score:5, Insightful)
The odds?
0.
Literally.
0.
If they had any intention of "auditing" people (which, btw, is illegal in and of itself! It violates property laws, search & seizure laws, as well as laws against extortion, to name a few) they would have just gone ahead and done so already. Instead, they've put millions into cranking out form letters to people as scare tactics, since they know they're effectively powerless.
If auditing companies produced any meaningful monetary award, they would already be doing so...which they aren't. And even if they did, they sure as hell wouldn't tell you or I about it in advance.
Logic prevails.
No leg to stand on. (Score:5, Interesting)
You have the same rights you always had. They have to have probable cause to get a warrant, and they have to have a warrant before they can come into your office forcibly. A warrantless vampire cannot come in unless you invite them in.
IANAL, but I believe that as long as you have practiced due diligence and can show that you took reasonable steps to not break the law, then no judge with an actual brain would rule against you.
That being said, the BSA is looking for those who buy one copy and load it all across the office. I know of a company that did that, got ratted on by a disgruntled employee. Bottom line: they paid big. These are the fish they want to fry, and there are plenty of them out there.
Now, if you've been pirating software, and get a letter, and throw it out, and they still come after you, you won't get any sympathy from me!
A friend's solution to BSA, lawsuit threats, etc. (Score:5, Funny)
"Can I please have your lawyers contact number, I have a fax machine, and will send all information I have to your lawyer." He then sends one piece of information (a page, one liscence, etc) at a time, every hour on the hour, to said lawyer, to cause their clients legal bills to explode. Considering that he logs everything he does and has backups dating back for the last 15 years, he has a lot of information that he can send. Legal bills are quick ways to empty someone's pockets.
A useful article on this... (Score:5, Informative)
July 30, 2001
Truce or Dare
By Michael R. Zimmerman
If you're a small or medium-size company, there's a good chance you've heard from the Business Software Alliance about getting your software compliant with its licenses. If not, you probably will. The group is well into a nationwide letter and radio campaign to do just that.
But what you probably don't know is that, like so many of the companies that stuff your mailboxes with junk mail, the BSA, which represents such software giants as Microsoft Corp., Adobe Systems Inc. and Apple Computer Inc., has no intention of following up on its letters--regardless of how threatening and personal they may seem. It won't phone. And it won't pop in for a surprise audit.
Instead, an eWeek investigation reveals, the BSA's campaign is primarily a marketing effort essentially designed to scare people into buying more software. But for many enterprise customers who are quickly becoming fed up with the group's hardball tactics, the campaign is having the reverse effect: compliance, then departure to alternative products, like open source.
The reason the BSA Truce Campaign is more bark than bite is simple: As part of each Truce Campaign, the group sends out hundreds of thousands of letters at a time to businesses in a handful of cities. For the month of July, for example, it mailed 700,000 letters to businesses in five cities between New York and Portland, Ore. As such, it would be virtually impossible to contact even a sample of those companies to check up on their progress or lack of progress.
Indeed, one of the only ways the BSA is gauging the success of the Truce Campaign is by the size of the spike in software sales for various cities as the BSA passes through, which so far total 19.
"Everywhere we've run the Truce Campaign, we're seeing dramatic increases in sales," said Bob Kruger, vice president of enforcement for the BSA, in Washington. "So it's being successful."
But a deeper look into the Truce Campaign, as well as an ongoing and almost identical anti-piracy campaign by Microsoft, a founding member of the BSA, reveals something more complex: the possible beginning of an entirely new business model built around anti-piracy and fear. The bottom line: There's money in anti-piracy, and plenty to go around.
To be sure, piracy results in major losses of revenue for the software industry. According to the BSA, $2.94 billion was lost to piracy in North America alone last year, while $11.75 billion was lost to it globally for the same period. But so far this year, those figures have declined.
Since the launch of its enforcement campaign in North America in 1993, however, the BSA has brought in about $70 million in settlements, a mere drop in the bucket compared with the overall total. Now it seems the industry, with the help of the BSA, is taking a new tack, with its focus on generating revenue the old-fashioned way.
Consider the following: Microsoft has been busy constructing a network of support services through distributor and licensing partners to assist customers in assessing and auditing their software to comply with their licenses.
One Microsoft partner, License Online Inc., of Bellevue, Wash., tracks where the BSA is headed and rounds up as many of its 36,000 registered channel partners as it can for those cities to swoop in and sell licenses.
"When we know what area the BSA is going into, we're going in scrambling to piggyback on their marketing efforts," said Sharon Erdman, vice president of marketing for License Online.
License Online offers its partners across the United States a 12 percent commission on any licenses they sell through License Online. To get the contractors rolling, the company supplies them with a list of companies Microsoft has sent its anti-piracy letters to. In addition to commissions, the contractors are told the companies contacted have the potential to become "long-term" customers.
"Microsoft has absolutely partnered with businesses who can address the concerns," according to Devin Driggs, a Microsoft spokeswoman in Lake Oswego, Ore. "It feels a responsibility to its customers to address any issues with compliance they may be experiencing."
As far as the anti-piracy fight becoming a business unto itself, Driggs said Microsoft views the subject as an industry issue.
Kruger acknowledged that the BSA's letter campaign is a direct marketing campaign designed to encourage users to get in compliance and not directed at any company in particular. The group uses common mailing list companies such as Dun & Bradstreet Inc. to generate the lists.
Microsoft's campaign is more deliberate, company officials said.
"I don't think we're doing anything that's random," said Nancy Anderson, associate general counsel for the company, in Redmond, Wash. As part of Microsoft's licensing agreements for its products, Anderson said, "the customer agrees to assure us they are current. The obligation is on them to assure them and to undertake an audit if requested by Microsoft."
Not surprisingly, however, the hardball tactics are having a negative effect on customers.
"We were nailed for tens of thousands of dollars," said Cary White, an IT manager at a financial services company in San Diego who acted on a letter from Microsoft. "We received a letter addressed to our CEO that they received a tip we were not compliant with Windows, Word and Excel.
"My company is to completely go away from Microsoft," White said. "We're not going to buy any more Microsoft products. It's my decision. They're alienating their customers. I don't trust them."
The fear factor
For the BSA and Microsoft campaigns to work, the fear factor is essential, according to letter recipients contacted by eWeek.
"[Fear] is the first emotion when you get the letter. It's like, 'Oh my God, the Gestapo's coming,'" said Robert Fuller, president and chief operating officer of R.E. Fuller Engineering Consulting, a one-man company in Camas, Wash.
The BSA has struck fear in customers' minds through carefully worded, but threatening letters and an accompanying radio ad blitz warning businesses to beware of disgruntled employees dropping dimes on them.
According to the BSA's Kruger, the Truce Campaign is merely a 30-day grace period companies can use to get their software in compliance. If a company does use the time to get in compliance, it will avoid any potential future BSA investigation that may spring up as a result of its radio ad blitz.
But that doesn't explain the BSA's use of what many are calling threatening language. What's troubling to businesses, besides not being informed on how they were selected for the mailing list, is the letter's accusatory tone. For example, one line reads: "If you're caught [with unlicensed software], your organization could face penalties totaling hundreds of thousands of dollars."
And while Kruger insists the Truce Campaign is not a vehicle for generating leads or tips, that contradicts the thrust of the BSA's radio spots.
For example, at one point, the announcer in a radio spot for the Truce Campaign currently running in New York asks Kruger how the BSA receives most of its leads. Kruger responds: "Most of the calls come from current or former employees. I would say to businesses that, unless you have no current or former unhappy employees, you are only one phone call away from becoming the target of a BSA investigation."
"My management's concern was that there was almost a bit of paranoia about [the Truce Campaign]," said Peter Rassmussen, a technology manager at a Midwest retailer. "There were radio ads going on at the same time that sounded like Joe Stalin encouraging you to turn in your parents."
As for Microsoft, Anderson said, it's not in the company's interest to frighten customers. "We don't want to create anxiety," she said. "It's not our interest."
Misleading the pack
Exacerbating the anxieties for companies contacted by eWeek that have received Truce Campaign letters was the seemingly intentional vagueness of the letters, vagueness that is compounded by misleading information.
For example, though the Truce letter establishes a 30-day deadline for software reviews and includes a line that states, "If the BSA contacts you, just show your Truce Participation Number and software purchase receipts to take advantage of the Truce," the BSA has no intention of contacting any letter recipient.
But at least one radio spot, the one currently playing in New York, implores letter recipients to "review your software installations and acquire the licenses you need before the Business Software Alliance returns to New York City!"
Still, Kruger insists: "We don't visit any of these companies. The ones getting the letters are not under investigation."
When asked if these discrepancies were misleading or at least confusing, Kruger said any letter recipient who is confused can go to the BSA Web site or call the Truce hot line for information.
Also at issue is ironing out exactly what authority the BSA has to present deadlines, request software reviews or even conduct audits. According to Kruger, the only authority the BSA has, as power of attorney for its members, is to seek court orders on behalf of its members to conduct software audits on businesses suspected of using pirated or unlicensed software. But even then, the BSA does not seek such court orders frivolously.
"We only proceed on the basis of reliable information," Kruger said. "We take pretty good pains here to make sure our cases are based on solid information before going forward."
Indeed. Despite the tone in the Truce Campaign letters and radio ads to the contrary, the task of proving guilt lies with the BSA.
"The burden's on the BSA to prove itself to the court," said Peter Baruk, director of anti-piracy at Network Associates Inc., in Santa Clara, Calif., and former vice president of piracy for The Software & Information Industry Association, another software advocacy group in Washington that conducts piracy investigations. "If you're contacted by the BSA and doing the right thing, you have nothing to worry about. So, why respond? You can and be a good corporate citizen. [But] there's no reason why you'd have to react to a letter like this."
It works (Score:3, Interesting)
It happened to us (Score:5, Interesting)
Did my company take the letter seriously, yes. My recommendation was to ignore the letter. The higher ups decided to create the tally and show the licenses. Now, at this point they "know" we dont have enough licenses. Its hell trying to find licenses for machines purchased at company buy-outs. So the letter goes back to BSA saying here's what we DONT have.
Sure as s$%t here comes the new letter from BSA saying we are coming after you. It sounds very threatening, like a mugger is breathing down your neck. Well.... then the higher ups look at the bill they owe, they scamble asking friends for licenses, but hell no dont buy them (talking close to $50K). After calling in the favors my company still is not compliant. The decide is at this point, drop it. So we do nothing.
(finally)
Result:
Absolutley nothing after the 2nd letter.
If you respond(like spammers), they have a live one
Letter from the NSA (Score:5, Funny)
WE ARE TOP OFFICIAL OF THE GOVERNMENT REVIEW PANEL ("BSA") WHO ARE INTERESTED IN PIRATED SOFTWARE INTO OUR COUNTRY. IN ORDER TO BECOME COMPLIANT WE SOLICIT YOUR ASSISTANCE TO ENABLE US TO AUDIT YOU.
HOWEVER, BY VIRTUE OF OUR POSITION AS BSA COMMITTE MEMERS, WE CANNOT ACQUIRE THIS SOFTWARE IN OUR NAMES. I HAVE THEREFORE, BEEN DELEGATED AS A MATTER OF TRUST BY MY COLLEAGUES OF THE BSA TO LOOK FOR AN UNDERLICENSED PARTNER WHO WE CAN AUDIT. HENCE WE ARE WRITING YOU THIS LETTER. WE HAVE AGREED TO SHARE THE MONEY THUS; 1. 20% FOR THE BSA 2. 80% FOR THE UNLICENSED SOFTWARE VENDOR 3. 2 - 5 YEARS FOR YOURSELF.
PLEASE,NOTE THAT THIS TRANSACTION IS 100% SAFE AND WE HOPE TO COMMENCE THE AUDIT LATEST SEVEN (7) BANKING DAYS FROM THE DATE OF THE RECEIPT OF THE FOLLOWING INFORMATIOM BY TEL/FAX; 234-1-7740449, YOUR COMPANY'S SIGNED, AND STAMPED LETTERHEAD PAPER THE ABOVE INFORMATION WILL ENABLE US WRITE LETTERS OF THREAT. THIS WAY WE WILL USE YOUR COMPANY'S NAME TO INTIMIDATE YOU WITH QUASI-LEGAL LETTERS.
WE ARE LOOKING FORWARD TO DOING THIS BUSINESS WITH YOU AND SOLICIT YOUR CONFIDENTIALITY IN THIS TRANSATION. PLEASE ACKNOWLEDGE THE RECEIPT OF THIS LETTER USING THE ABOVE TEL/FAX NUMBERS. I WILL SEND YOU DETAILED INFORMATION OF THIS PENDING PROJECT WHEN I HAVE HEARD FROM YOU.
YOURS FAITHFULLY,
DR CLEMENT OKON
How it works (Score:5, Informative)
http://www.bsa.org/usa/events/
Any sales increase in the city immediately after mailing of the letters gets BSA money. Now the letters don't really have an affect if they can't show they sometimes follow through.
The BSA will then go after certain targets either ones they think are particularly egriegous or they have pretty good proof of violations (the BSA has registration/purchase info from their member organizations plus any public informaion about companies so they can see a company with 1000 employees appears to only own 100 copies of Office -- this may be legit).
So, the BSA will ask for proof of purchase for software from their member organizations (their ability to do this given in the license agreement for most software). Note SERIAL NUMBERS AND CD'S ARE NOT PROOF OF PURCHASE. You MUST HAVE RECEIPTS!
If you refuse they can file an civil copyright infringement lawsuit against you and can ask the court to impound the computers as evidence. They can also ask the prosecuting attny's to bring criminal actions against you.
Details of why the BSA has the law on their side:
http://www.bsa.org/usa/antipiracy/law/
I'd say for a small organization you're probably safe -- unless you had somebody get pissed off at you and reported you to the BSA and raised their awareness of your company from mailing address to red light.
Under current US law the BSA acts legally. If you disagree with this you can choose software that has no such problems (i.e. open source, free software) or you can work to change the law while obeying it or you can start some kind of civil disobedience (just remember -- if you break the law you still have to pay the price for breaking it, even for good intentions. many civil rights fighters ended up in jail to prove their point, if you can't afford the price don't use this method).
I prefer a mix of 1 and 2. I don't think the right to copy other people's software is worth jail time to go the disobedence route.
Re:How it works (Score:3, Interesting)
http://www.bsa.org/usa/press/newsreleases//2003
Re:How it works (Score:3, Insightful)
Okay, lets hit netcraft (love you guys):
The site bsa.org is running Apache/1.3.27 OpenSSL/0.9.6g (Unix) AuthMySQL/2.20 PHP/4.1.2 on FreeBSD. FAQ
Why do I love the fact that a group that reps uber-commercial software interests uses
- A free Unix
- A free webserver
- A free web scripting language
- A free encryption library
Hrm, maybe its to save themselves the embarassement of accidentally mailing/civil-suiting themselves?
Ah, the joys of irony.
From someone who lived through a BSA audit (Score:5, Interesting)
So we did an audit and found out that we were only one copy of a certain software title out of compliance. We sent back the results of our audit, along with copies of our licenses to the BSA, along with an offer to buy the extra license at full retail price. They replied that our licenses and audit results were not good enough, that they also wanted us to produce the receipts for the software.
The receipts. Apparently, having the licenses are not good enough. Or maybe the BSA figured they could strongarm some money out of us, so they leaned a little harder. I had heard that before the BSA sends out these demands, they research the company to see if they have enough cash to make their efforts worthwhile. Having recently completed a series of capital funding, I suppose we looked mighty tempting.
This meant many days of going through three years of financial records. Eventually, we found most of our reciepts and purchase orders, except for a few things from the very beginnings of the company when the records weren't really kept. But we did have the licenses. Of course, the BSA, now really smelling blood, came down with an arbitrary amount to fine us along with a statement that if we did not pay this (ridiculous) sum for basically being one copy out of compliance, they would take us to court and demand far more.
I was never told how much exactly we had to pay the BSA, but I heard it was "not insignificant". It was somewhere in the 5-figure range. All for one copy of Visio, and some tossed receipts from three years ago.
I always argued that the BSA had no right to demand our receipts and financial records since we were able to produce the software licenses. It's a bunch of crap. I can't see how the BSA can legally operate in this country. There is another organization that operates in a similar fashion- it's called the Mafia. Bastards.
Fix the question (Score:5, Funny)
Remove "Grace Period" from the question.
Then the answer is a resounding "yes".
-Rob
Oh that reminds me (Score:5, Funny)
Then Microsoft sales came the other week and offered an attractive 'switch' packages. How Microsoft knew he need a switch is a mistery.
Comment removed (Score:3, Insightful)
BSA, MSFT, Clear channel (Score:4, Insightful)
Ever notice how everyone tries to be the enforcer? Corperations, media mogules, senators and even your local legislators? It seems these days people want to be in charge, or the authority trying for a power grab they can't achieve and throwing in some new speak to throw off the commoner who isn't educated enough to know the difference between REAL authority and a scam or fake.
The BSA is just another example to me.
Dunno, just my 0.02c. Mod away
Dear BSA (Score:4, Funny)
As you suspected, it was impossible for us to account for every software package and updates/sidegrades we acquired over the last 10 years.
We carefully considered the cost of a complete research of archives and archeological search at the municipal dump, as well as the cost of re-acquiring the missing licences.
We therefore advise you that your audit letter prompted us to move to a mostly open source and free software environement. We thank you for being the catalyst in that switch, the proverbial "last straw".
The few worksations still running software from BSA members are fully licenced and these licences are available for your viewing pleasure if you so desire.
Yours trully,
me
This is BULL comma SHIT period. (Score:5, Funny)
Oh, and if any idiot from the BSA has a problem with what I'm saying, my name is Robert Q. Campo, and my address is 881 West Harrisville Lane, Cleveland, OH 64113. Come and get me, asshole.
If only what you say were true (Score:4, Informative)
We shall need a nice BMW with a minority driver, innocent of any crime or criminal intent, who happens to draw attention by cruising through, say, a predominantly white upper middle class neighborhood or, alternatively, a predominantly non-white underclass neighborhood. As TV teaches us, he must be up to something.
Said driver has a malfunctioning tail light (grounds for the stop). Said driver is heard to say "Shit" in angry exasperation as the white cop, just like the last white cop before him, approaches the car (grounds for the "reasonable suspicion" of personal or public danger). Thus the cop, now fearful, orders driver out of car and tells him to submit to a frisk. Driver protests, "Hey! Why are you picking on me?" This triggers heightened suspicion in cop who, later, will state in court that the defendant resisted -- grounds for use of physical force in effecting the frisk and arrest, and subsequently for a search incident to arrest that allows the cop to dig widely through concealed areas and containers in the car. Thus far, we have an arrest, a lot of searching, and probable cause hasn't even entered into it. We're getting by quite nicely on the very flexible "reasonable suspicion" standard without any of the bothersome probable cause tests or a search warrant.
Now the the car's impounded, and what happens? The trunk is opened. It's the precinct's policy to inventory everything. And that search -- again, warrantless and without probable cause -- is constitutionally permissible because the cops aren't specifically looking for criminal evidence; oh, no, they're merely impounding and inventorying the vehicle. Bad luck for our driver if he actually had anything illegal in there...
Within recent memory the U.S. enjoyed a brief period of rich protection under the Fourth Amendment, chiefly due to the wisdom of the Warren Court, between the 1960s and early 1980s. Since that time the Rehnquist Court and other conservative benches have seen to it that the police are able to conduct warrantless searches with wider and wider authority, holding variously that the public interest is served by abrogating personal privacy and increasing investigatory protections and abilities. That has been the theory, anyway; the Drug War has been its practice. Today, your actual freedom against unreasonable search and seizure is a function of many factors, not limited to the exception-riddled case law, your skin color, the attitude of the cop who stops you, your ability to afford effective counsel, and the temper of the court.
Here's how I saw it happen... (Score:3, Interesting)
Anyway, here's what happened:
We are about 1,800 employees big. We go the BSA letters about a year ago. Our legal people consulted with outside legal specialists regarding this. The result was that we caught up on licensing real fast, and we produced documentation to the BSA that proved we were legal and that was the end of the legal hassle. Of course this took about 9 months :-)
Several comments:
1) We were big enough to atract attention, and we are profitable, so we were the perfect "target."
2) No one in our company considers this a "scam." We willingly decided on our own to use commercial software and we intended to pay for it (honestly!). We did find inaccuracies on our purchasing: We had too much of some stuff, too little of other stuff. We purchased what we needed to.
3) In response to some dumb comments on here: The BSA deals with the software of its vendor members, not ALL software vendors. We were sent a list of the software producers whose products were in question.
4) Some people here have said that EULAs are invalid: Bullshit. There have been court decisions going BOTH ways, but the more recent antecedents have all been in favor of EULA validity. It can't get much clearer: If you agree to the EULA terms, you are bound by them.
5) The old "prove it" reprise: Someone here said to just ask the BSA to prove that you stole software. This is inaccurate/misleading. If you say to the BSA "prove it," then the BSA IMMEDIATELY will subpoena your receipts for your purchases (Which, they will successfully argue in court, they need to "prove it"). They CAN do this, and they DO do this. If you get to be too much of an asshole about this, they can get the court marshal to seize your computers. It has happened before...
6) There are federal statutory guidelines that indicate collectible damages. If you are an asshole to the BSA (or a software producer), they can be assholes back: I believe it was Snapple that got fined a couple million bucks because they were assholes to the BSA... Technically it is a copyright violation every time you load an unlicensed program into RAM (every time you run it). Normally this would fall under the "reasonable uses" clause thing, but since the copyright is being violated, there is no "reasonable use" to it... Therefore every time you run the program you incurr the federally-mandated minimum fine... In case you feel like bitching about this, you should know this case went to court, and was not settled out of court, as far as I know it was not successfully appealed either.
7) Does the BSA have the right to send these letters? OF COURSE! What are you going to say, "No! I want to hear these threats from Adobe!" Just get it over with... It's easier to deal with one entity, you will get it over with quicker. Ovbiously, the BSA members give the BSA authority to sue on their behalf! The EULA has nothing to do with this.
8) Lastly: If you use commercial software, it is understood by definition that you must pay for it. What the hell is the problem with that? No one held a gun to your head to force you to use AutoCAD!
BSA contacted my company (Score:3, Interesting)
She told them to phuck off as she gets these kinds of sales techniques all the time.
The very next day a Mocrosoft rep called out of the blue. Our MS licences werent up for renewal and we never bought anything from them recently. Coincidence?
The BSA is just a trade body (Score:4, Insightful)
He got the letter from the BSA mentioning the grace period, thretening a surprise audit etc. He reponded by informing the BSA if they made any attempt to enter any of his premises he would treat the matter as aggravated tresspass and use whatever means necesary to te remove them. The was followed up with a "We are sorry you are taking this attitude, but we have a right blah, blah" letter, but after that he heard nothing.
The BSA may have a (questionable) contractual right to audit your software, what they don't have is the right to enter buildings and act like they have legal backing. I know someone who was at the sharp end of such and audit and aparently it is not very pleasant. The BSA folks do act as if they are policemen and they are very upfront.
The BSA is just a trade body, the software equivalent of the Taxidermists Association of Scotland or the Charterd Institute of Accountants. They exist only to represnt the interests of MS, Adobe etc. They have no legal powers whatsoever. Their powers of enforcement as an organisation are exactly the same as mine as an individual. If they hassle you, ignore them and tell them to sue you or go away, simple as that.
Whatever your moral stance, legally speaking software piracy is wrong. However there are existing mechanisms in place to deal with piracy. The BSA approach seems to be to squeeze the biggest amount of cash out of the existing customers of its members. What about the many SME's that have never, ever bought legit software? How does the BSA deal with these types, given that the BSA probably doesn't even know they exist? I know of several businesses who don't have one single piece of legit software, the BSA doesn't even know they exist. BTW I won't snitch on these businesses, I live in Northern Ireland and I like having knee caps.
The BSA duses extortion to make money for its members. Its picks on those who are largely 100% legit, but may have made mistakes, these are easy targets. It would seem to ignore those who are serial pirates, those who do not intend to now or ever buy software. This approach is easy for the BSA, they really should sort their priorities out.
Hang on a minute... (Score:5, Informative)
...This is the BSA, in the UK, right?
So how exactly do they propose to check up on me anyway? On what legal basis can they force me to let them into my business to perform an "audit" to their satisfaction? Who the hell do these people think they are anyway?
This is just the usual scare-mongering. It's about time someone stood up to people like this and made them produce some evidence and go to court. Better yet, let them go after a legit company, and sue them for some form of defamation afterwards.
Re:Hang on a minute... (Score:3, Insightful)
Bill of Rights (Score:3, Interesting)
You haven't agreed to a single legally binding thing. In no way does signing (let alone just reading and clicking OK) ANY sheet of paper (outside of a confession of treason) cause you to give up any of your legal rights. Such a contract is completely unenforceable and would be thrown out the second it enters court.
They can put in a clause to allow agents to crash at my house on the weekends and eat my dorritos but it doesn't mean it's in any way enforceable. Talk to an attorney. No matter how hard you try you can't sign your rights away. When it comes down to it most EULA's are slightly more valuable than toilet paper due to this fact. Hell, check your state laws. Many states have clauses in their local civil or criminal codes that basically say something to the effect that "contracts that are partially in violation of any participants rights are wholely illegal"
Do your research. Especially when it comes to your local right to privacy and to unsolicited mailings, phone calls, etc. Has it occured to anyone that "shotgun" tactics might in fact be considered SPAM. Let's get some anti-spam lawyers after their ass. Under my own state and city laws, unless I decide to bend over and say "oh yes please come in and dont' use lube" they can piss and moan all they want and that's about the limit to their "legal" recourse.
Re:Hang on a minute... (Score:3, Interesting)
Re:Hang on a minute... (Score:5, Insightful)
Sure I did. Of course, whether they have any legal basis or not, and if so whether it confers rights on the BSA rather than the software vendor(s), are different questions. The BSA can find out in court, if they really want to know whether I've got any illegal software installed (I haven't) and they're prepared to risk a test case that could destroy their whole threat model (I doubt it).
Re:Hang on a minute... (Score:5, Interesting)
Sure I did. Of course, whether they have any legal basis or not, and if so whether it confers rights on the BSA rather than the software vendor(s), are different questions. The BSA can find out in court, if they really want to know whether I've got any illegal software installed (I haven't) and they're prepared to risk a test case that could destroy their whole threat model (I doubt it).
First, you agreed to the EULA and the BSA can hold it to you. Simply by giving their corporate member a call and asking for the necessary credentials (if they don't have them already). They only have to become a "designated representative of the company" or something like that. The same reason the guy who answers your tech support call has to provide you tech support even though you didn't personally make your agreement with him. (Does this imply that the BSA is on Microsoft's payroll? Yes, of course, read on)
Second, the BSA is using a long-practiced business model. Extortion. They are using the tried and true model of, say for example, the Italian Mob. Here's an example:
Guido: Mr. Chapman, if you don't pay us for protection, there are many criminal elements in this neighborhood who will do serious damage to your business.
Mr. Chapman: I'm sorry, but isn't that what the police are for? I won't pay.
-- later --
Guido: Say Boss, Chapman didn't pay up.
Boss: Send out an enforcement team.
-- later --
Enforcement team thrashes Chapman's business and beats him within an inch of his life.
-- later (in the hospital) --
Guido: What happened, Mr. Chapman? Did you get assaulted by those criminal elements I warned you about?
Mr. Chapman: Yes. I'll pay! I'll pay!
-- end 1 act play --
The BSA have no grounds, really. They are enforcing Intellectual Property law, and they are assessing fines, and searching (and seizing, no doubt) private and public property without a warrant. They are not a law enforcement agency, however. They are a private agency. Their NP status is only to prevent the government from attacking them (and probably helps a lot with taxes and so forth), but I'll bet many of their employees receive paychecks from more than one company. In any case, they exist to enforce EULAs that were not made into law in the first place. Effectively, they threaten to bring the law against you. Kinda like "Hey bro, if you don't give me $20, I'll tell the cops you sell dope, and that'll cost you a lot more."
The BSA is a group of vigilante lawmakers and enforcers, and even though they're not a government agency they must be stopped! THEY are the Lex Luthors and <insert favorite super-villain here>s of the present, and they *must* be destroyed.
Stand up to them. Tell them to fuck off. Instead of doing an audit, spend your money implementing free solutions. Don't worry about price of implementation, or function, or anything like that. Enact the FIRST RULE OF BUSINESS, and COVER YOUR ASS. Destroy all copies of any proprietary software within your organization and install nothing but free software. Then tell them they can't audit you because you canceled your end of the agreement.
When they assess a fine, tell them "I won't pay it. You're not a judge appointed by a duly elected representative, and I sure in the fuck didn't vote for you or any politician that created you." When they drag you into court, you COUNTERSUE them, and charge them with extortion! (if you can, extortion might be rigidly defined as threatening physical harm, but i'm not a lawyer)
When the BSA knocks on your door, you have a perfect opportunity to fight for your freedom, and it's not only a fight that means something, it's also a fight worth winning.
Re:Hang on a minute... (Score:4, Informative)
WTF does that have to do with anything? On what legal grounds can someone walk into MY business and demand to see software licenses?
Suppose I don't run any such software (all OSS). Then your (weak) EULA argument is nullified anyway.
The point is, these people (the BSA, et al) are NOT a law-enforcement agency, have not been granted any power by the lawmakers, general public, or anyone else. And I certainly didn't sign any contract with them.
It's sad to see how many people comply with these people. Not that I'm for piracy, I'm really not -- but even moreso I'm against organisations like this using scare tactics, etc. It's damned-near misrepresentation.
So you say "Fuck off, BSA". Then what? Do you think they'd file a case, with no evidence or legal grounds? Do you think someone would be able to obtain a warrant?
If I send you a letter and say "If you've stolen any stereo equipment, tell me or I'll call the cops". You say "Fuck off". I tell the police. They tell me to get lost, end of story. This is, after all, the US, and we still do have some rights, for now anyway. Failure to prove innocence (or unwillingness to cooperate) is NOT itself evidence of guilt. Especially when it's NOT a law enforcement agency, rather some "alliance" sticking their nose in other people's business.
Re:How I *THINK* it works is... (Score:5, Insightful)
NOT just the IRS (Score:3, Insightful)
Re:Possibly not... (Score:4, Informative)
And on what grounds would they file this case? Because they accused you of stealing and you told them to get lost?
Sorry, but filing a civil case still requires some sort of evidence. Even if filed, what are they going to use in court?
Burden of proof *still* lies with the accusor. I can't just go around suing people, and having the court order that people prove their innocence by bringing in evidence -- and neither can the Bullshit^wBusiness Software Alliance.
Re:Non-profit does not mean unprofessional (Score:3, Informative)
Re:Non-profit does not mean unprofessional (Score:3, Funny)
Hah! They found a live one with you.
YHBS. (You Have Been Scammed.)
Re:Non-profit does not mean unprofessional (Score:3, Insightful)
It's a sad, sad day when the most important thing a computer lab administrator can take care of is CYA maneuvers for legally purchased software.
Just because it is so hard to prove software piracy doesn't mean the burden of proof falls on the defendent. Software makers by now have shunned the thing that could actually make this trivial: online registration of single codes. If you have codes that are in use outside of your IP block, or you are registering more machines than you have licences for inside of a reasonable upgrade cycle, you're busted. If you can't press the little "audit" button upon request to re-send the legitimate codes, you're busted. This technique has worked for many years in shareware, and is only avoidable if you stealth the thing and don't send information back upon first registration. But if you are audited, your stealth-mode fails, and you are forced to comply. Or at least, you *should* comply, and I don't know of any court who would consider a 10 minute walk around the lab pushing a little Help->Send Audit button an unreasonable request. It could even be exported to disk, for those machines not on the wider network, because what you are checking for is simply the existance of legitimate, non-duplicate registration codes.
Until such a time that the business software companies get their act in line with the higher practices of, of all people, shareware and videogame companies, they do not deserve to command the balance of proof.
It's very legitimate to lose your registration papers. Labs with high turnover rates or multiple location transfers lose lots of things... And it only takes one person forgetting to tell their successor that the Mathlab box from 1987 (which has since been upgraded to Mathlab 89, 92, 96, 99, and 2003) is the official box with all of the important recipts, and you've lost your registrations. Put it in a file folder? With the thousands of pages of documentation a Lab generates? That will be lost even quicker, relegated to a storage room somewhere and forgotten for eternity.
No, it's better if the software keeps track of its own legality, in a way that can't be faked. This would increase slightly the overhead on software companies, but THEY are the ones with the burden of proof. If it increases the cost of the software by 5 dollars, that's a lot cheaper than the thousands for a full software audit.
Comment removed (Score:5, Informative)
Re:BSA learned from the master (Score:4, Insightful)
If, on the other hand, you have gone out and negotiated and signed a legal agreement with a BSA member, then what a BSA member can do to/around your premises is limited by the terms of the written agreement. A written agreement is far more binding than any click-through agreement might be.
Re:BSA learned from the master (Score:5, Interesting)
When the BSA does decide to do an audit (as opposed to a mass mailing), it's because they already have some evidence of illegal software use. Most of the time, this is from a former employee, disgruntled employee, or the like (i.e. a contractor you pissed off, former customer, etc.).
If you don't let them in, then they go before a judge and get a warrant, and then US Marshals come in, and you won't refuse the marshals entry (for very long).
I know because a friend of mine got raided. The "tip" came from a business rival. The Marshals found everything was in order and the tipster got billed for the cost of the raid.
There are no contracts. (Score:4, Informative)
Such a company has vastly more legal options than a typical company that is Microsoft/Adobe all the way. Let's see:
1. Libel/Slander law. After all they have to have probable cause from someone to make that raid.
2. Laws regarding harassment. Their standard techniques are certainly harrassment if you are contractually obligated to permit it.
3. Their audits basically shut you down while they take your machines apart. There's a basis for a monstrous civil suit.
4. A really good lawyer could probably think up some criminal charges to go along with the civil charges you're going to nail them with. Get the local DA involved as well. Some people have mentioned RICO. A case could be made for it by an all OSS company.
With some perserverence their typical scenario could be turned back around on them. Settle with US and we won't break you over a wheel. The non-legal threat of extremely bad publicity for the member company they're acting on behalf of should generate some nice pressure as well. Actually, all of the above also applies to the members who think they're going to get a win for.
I say go for it.
Re:BSA letter may be a legal trap! (Score:4, Interesting)
How does a "low-level employee" have the authority to extend such an invitation? Let's say I send postcards to everyone at General Motors offering a free calendar, and the small print obliges the company to sell me all the cars I want for $1 apiece, and someone from the janitorial department sends one back. How far do you think I'll get when I show up with my carny roll?