IT consultant Dan Rosenthal runs across pirated software on his clients’ computers a couple of times a month. Last fall, for example, he discovered his customer had installed the same copy of Microsoft Office on five computers.
The office didn’t want to spend $300 for software for each computer because staff members used some of the computers so rarely. So Rosenthal found the client less-expensive software and installed it for them at a small cost.
“It’s so much easier to be proactive with the customer, and then there is no question about my liability,” said Rosenthal, whose company, HCOS, Inc., provides consulting services to healthcare organizations and other businesses.
As long as he can help his customers find a solution to software piracy that’s not too expensive, Rosenthal said, most of them cooperate. IT consultants who turn a blind eye to pirated software are taking a difficult path, he said.
Trade groups estimate that as many as one in three software programs in the United States is pirated. The software industry estimates that it loses $12 billion a year to piracy.
Meanwhile, efforts to weed out software piracy are increasingly aggressive. The Business Software Alliance (BSA), the world’s primary enforcement agency for software piracy, collected $12.8 million in settlements last year. As the number of tips that BSA receives grows, the consortium has committed more resources to following up on them, said Bob Kruger, vice president of enforcement for BSA.
Most complaints BSA investigates come from companies’ employees. Less than one in 10 come from IT consultants, said Kruger, who theorized that IT consultants are more concerned about maintaining a business relationship than reporting illegality.
Talk to your client
BSA advises IT consultants who spot pirated software to follow Rosenthal’s example: Raise the problem with clients first and offer to help fix the situation. Kruger said that the IT consultant should call BSA—or a member company—directly if the company refuses to address the issue. BSA’s members include Adobe Systems, Apple Computer, Microsoft, and Symantec.
“Your first obligation would be to see if you can bring the company into compliance,” Kruger said.
Some IT consultants see dollar signs when they run across illegal software. Kruger recalled an IT consultant who called BSA several years ago to report that one of his longtime customers was buying large numbers of computers and very little software from him.
“When he asked who was meeting their software needs, the consultant was told, with a wink and a nod, ‘don’t worry about it. We take care of it internally.’”
Kruger said the consultant wanted BSA to investigate and to keep his identity a secret, “Because he wanted to sell them the software when they wanted to get into compliance.”
The company cooperated with BSA, paid a fine, and put policies in place to help it stay compliant.
But Kruger said BSA would have preferred that the consultant had helped his customer follow the law instead of turning him in. That outcome would have been better for the client, Kruger said. If the consultant had helped his client reach compliance, the company wouldn’t have had to pay a fine.
“If companies wait until they become the target of a BSA investigation before taking action, then they cannot resolve the matter merely by doing what they should have done in the first place,” Kruger said.
Fines range from $25,000 to $150,000, depending on the size of the company and the amount of unlicensed software in place, he said.
No duty to report
Despite the BSA’s stand, it’s easy to understand why an IT consultant would want to avoid telling his clients about the consequences of pirated software, especially since consultants have no legal duty to report unlicensed software they discover on clients’ computers, said Bradley Gross, a former assistant state attorney in Miami-Dade County's Economic Crimes Division. Gross now works with the tech law group of Becker & Poliakoff in Miami, FL.
Complicating matters are the confidentiality agreements that many IT consultants routinely sign at their clients’ request. The agreements typically prohibit them from discussing information about their clients’ businesses, noted Michael Overly, a partner in the Los Angeles law office of Foley & Lardner and a member of its IT group.
Nonetheless, Overly and other lawyers say IT consultants should be upfront with their clients when they find pirated software. The best strategy is to approach your client about the situation.
In the conversation, be clear about the consequences for unlicensed software—that the damages the company would have to pay if it were caught would be up to $150,000 per copy of unlicensed software.
If the company still doesn’t take any action, put your concerns in writing, said Joseph Norvell, a lawyer who is chair of the copyright practice group at the law firm Brinks Hofer Gilson & Lione in Chicago.
A bigger problem
Being asked to install illegal software, install hardware with illegal software, or design software with pirated software development tools is an even bigger problem for an IT consultant, Norvell said.
If your client asks you to install unlicensed software, Norvell recommends asking the client to get a license before you install it.
If your client balks, Norvell recommends terminating the relationship. “There is such a thing as contributory infringement, and in that situation the IT professional could be liable for statutory damages up to $150,000 per copy,” said Norvell, who has been representing software companies for 10 years.
Helping your clients get into legal compliance is a good business practice. It has the added benefit of making you more valuable to your customers, said Rosenthal.
“The best advice for the long run is you have to take a stance and you have to take a stance on the legal side,” Rosenthal said. “If you are going to install unlicensed software, you better realize you are open to liability and you could pay for it.”