Staying in compliance with software licenses can be quite difficult. Given the type of instant gratification that various popular file-sharing services have given users over the history of the Web, end users have developed a reputation for being cavalier with copying software, as it is staggeringly easy and convenient to do so. Naturally, the software industry has tried to raise awareness about this, though it quite often takes the form of cringe-worthy PSAs, most famously "Don't Copy That Floppy."
Perhaps a more immediate threat is the BSA's campaign formerly called "Bust Your Boss!" in which potentially aggrieved (ex-)employees can report license non-compliance for a company they worked for. While there are certainly companies that shirk their responsibilities for software licensing, the campaign is too easy to abuse, leaving companies facing the cost of complying with a software audit.
SEE: Software usage policy (Tech Pro Research)
Worse than the aforementioned examples are software companies that attempt to make licensing as vague as possible so they can squeeze their own clients for additional software licenses. In September 2014, Oracle started a "license review" of confectioner Mars Inc., which the company answered with a lawsuit after producing more than 230,000 pages of documentation at its own expense over the course of months to comply with Oracle's demands.
As part of the process, "Oracle demanded information to which it is not contractually entitled regarding servers that do not run Oracle software and Mars personnel who do not use Oracle software," according to the complaint Mars filed. "Oracle made these demands under false pretenses under false premises that non-use of software nonetheless somehow constitutes licensable use of software for which Mars owes Oracle."
Duncan Jones, the principal analyst for sourcing and vendor management at Forrester, noted:
Where some software companies do stray into unethical, legally dubious tactics is when they try to exploit genuine disagreements about the interpretation of obsolete contract language. The best salespeople negotiate reasonable compromises that are fair to both sides. The worst ones try to portray these legal shades of grey as black and white. They use a 'deliberate overuse' enforcement approach that is just not applicable to these genuinely unclear situations. For instance, if a shopper uses a self-checkout system at a supermarket, and the POS system then sends a message to update an inventory system, is the shopper 'using' the inventory system in the sense intended by the original contract? I say definitely not, but some vendors may disagree. I accept their right to try to persuade me that I'm wrong, I don't accept they can go legal about it and start issuing 'cease and desist' letters unless I pay them millions of dollars.
SEE: Beware of Microsoft sales representatives posing as auditors to sell Office 365 (TechRepublic)
With a bit of good fortune, your organization will not experience such a harrowing audit of software licenses. That said, making an effort to ensure that you are in compliance to begin with is an important first step in protecting against audits made in bad faith. You can establish guidelines for your organization by implementing a policy, such as the one offered by TechRepublic's premium sister site, TechRepublic.
- How one Spanish soccer app uses surveillance on its own users to fight piracy (TechRepublic)
- Enterprises learning to love cloud lock-in too: Is it different this time? (ZDNet)
- GDPR: A cheat sheet (TechRepublic)
- Tech companies to disclose foreign software probes under US Bill: Report (ZDNet)
- Vendor relationship management checklist (Tech Pro Research)
Has your company run into software licensing issues? Do you have a system or policy in place to help ensure compliance? Share your experiences and advice with fellow TechRepublic members.
James Sanders is a Tokyo-based programmer and technology journalist. Since 2013, he has been a regular contributor to TechRepublic and Tech Pro Research.