I seem to spend an inordinate amount of time both in my professional and personal spheres explaining to clients and friends the concept of how proprietary software is licensed, and why using it for business or potential business purposes outside of the license terms is generally an incredibly unwise (i.e. stupid) and extremely risky practice.
It’s also not helped by working in a huge institution which secures site licenses for what would otherwise be very expensive applications (or suites of applications) – and the confusion this creates (in creating a false impression that software is generally something that doesn’t cost a lot of money) requires double the effort in explaining to users why they can’t just use the site-licensed application wherever they please (e.g. at home, overseas etc.). Not to mention the sticker shock when you inform a user how much they would expect to pay retail for the same product (“What do you mean it costs $2000? I get it for free here!”)
I therefore thought it would be worth my while to blog something which is more a collection of links and recommended reading on this topic. If you’ve ended up here through means other than a general web search or a link from somewhere else, chances are I’ve directed you here myself – as I believe you are probably in need of some free advice. This entry is pertaining most to those who run small businesses, or contract work to businesses. Let’s start.
I was originally going to open by stating that the first misconception (as far as I am concerned) a lot of people have is that the BSA and other licensing enforcement (i.e. anti-piracy) agencies don’t bother going after small companies, instead focusing on much larger fish – but I realised that for a lot of people the concept that any enforcement at all takes place is probably an alien one (i.e. “What’s the BSA?”).
So, yes – commercial software vendors do have enforcement arms. Here’s one:
And here’s another:
Their member companies include every major software vendor whose products you’ve ever heard of and used.
Okay, but surely they would only bother with large businesses, right? Wrongo. Here’s a great article that states that in fact the BSA “…goes after medium, small and tiny businesses…the biggest myth is that small and medium businesses don’t need to worry. But actually they’re at greatest risk…BSA Director of Enforcement Jenny Blank says they’ve gone after companies with ‘a handful’ of computers…”
Read that again – “a handful of computers”. Run a small creative firm and not quite licensed for Adobe CS or Microsoft Office? Well, you should be especially worried.
But how would an agency like the BSA even find out? Well, they’ve figured out one quite nifty way of doing so, and it goes like this:
Know someone using hot software? Earn money now!! (and please, direct your gaze to the table headed “Reward Payment Guidelines”: potential reward payments of up to a million bucks US? Sounds like a no-brainer to me.)
On that note, if you’re a manager, either knowingly or unknowingly using hot software in your operation (the BSA et al don’t care either way) and you’ve pissed off your employees to boot – then you might just have extra cause for concern: “…What motivates people to call the BSA? Blank: ‘It’s hard to know. Often they are the stereotypical disgruntled former employee. But the issue is not what motivated them, but do they have a story to tell us’…”
Right, so when you eventually receive an audit notice from the BSA (for example), you get down to the nitty gritty of proving you’ve paid for a license or licenses for the software you are using (not that you own the software – it doesn’t work like that). Assuming you’ve kept your nose clean, should be a pretty straightforward task, right? Well think again, and read this: “…In my last column I mentioned some of the things you and I would consider proof that we acquired our software legally, such as having the original disks, packing material, and paper or folder with the Registration Key. Answer from the BSA: none of that proves you own your software…”
Finally (for now at least), here’s a fantastically entertaining read on what and what not to do when audited (including why you can’t just ignore an audit letter). This is recommended reading in full:
And lest any small business owner think it’s all about the money (as if the astronomical sums involved were not nightmare enough), there is some valuable advice given at the end of the piece, about the additional damage to a brand this sort of thing can cause. I mean, there’s nothing quite like having your company all over the industry press for using illegal software, regardless of whether you are a dentist or a door maker.
1) If you knowingly use illegally obtained software, don’t.
2) If you unknowingly use illegally obtained software, then find out stat.
3) Get compliant and stay that way.
4) And perhaps most importantly in my opinion: replace proprietary software with Free and Open Source Software equivalents where possible and practical.