Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is the BSA "Grace Period" a Scam?

Posted by Cliff on from the examining-shady-practices dept.

An anonymous reader asks: "I work at a small non-profit that has 18 employees plus a 13 seat computer lab. We received a form letter from the Business Software Alliance (BSA) telling us to do a self audit and if we find any unlicensed software to report it during our 'Grace Period' because 'if you organization's software is not licensed, it could become to focus of a BSA investigation'. Now this is obviously a method to scare up some business for the BSA members. If we ignore this, how likely is it that we will be 'investigated'. I know that I cannot produce the original CD's and/or documentation for some of the software that we HAVE paid for."

6 of 794 comments (clear)

  1. What investigative powers/authority do they have? by citog · · Score: 5, Informative

    I checked their About page and found the following statement:

    Promoting a safe and legal online world

    The Business Software Alliance (BSA) is the foremost organization dedicated to promoting a safe and legal online world.

    We are the voice of the world's software, hardware and Internet sectors before governments and with consumers in the international marketplace. BSA members represent the fastest growing industries in the world.

    BSA educates computer users on software copyrights and cyber security; advocates public policy that fosters innovation and expands trade opportunities; and fights software piracy.

    Nothing in there suggests any legal authority. They are advocates not enforcers. Those letters strike me as very misleading. Anyone want to post a copy?

  2. its not a scam.... by PhreakOfTime · · Score: 5, Informative

    A scam, probably not. Is it smart, also probably not. Im in the chicagoland area and have been hearing the commercials for BSA on the radio everywhere across the dial. What they are aiming for is to get people turned in by relying on an unhappy employee to rat them out.

    That being said, keep in mind that the BSA is just an organization set up to find pirated software and collect fees. Fees that they no doubt get a cut of. They seem to have no problem using peoples fear and turning it into the driving force of their biz.

    You are under NO obligation to report anything to them, unless they hand you a court order. They are an independent entity and have no more ability to legally inspect your systems than I would. so it would be in their best interest to make it seem that they do have that ability

    This seems to be a page right out of the RIAA playbook, pretend something is true and youll fool at least some of the people

    You can fool some of the people some of the time, all of the people some of the time, but never all of the people all of the time

  3. Re:I'm not a lawyer, by gmerideth · · Score: 5, Informative

    Microsoft is part of the BSA and in their agreement they can damm well do this. Still didn't stop me from ignoring it.

    As my lawyer told me, replying to it simply gives them a name and address to send more correspondance to.

    So I threw mine away.

    --
    Why do overlook and oversee mean opposite things?
  4. Sample Letter by Anonymous Coward · · Score: 5, Informative

    Here is the letter we got, mispellings are mine, formatting isn't perfect:

    BSA, 1150 18th Street NW, Suite 700, Washington, DC 20036

    Is your business using unlicensed software? If so, the Business Software Alliance is offering a one-month opportunity to get licensed. Your BSD Grace Period Participation ########

    January 22, 2002

    MY ADDRESS

    Dear FOO,

    You may have heard that the Business Software Alliance is investigating ANYTOWN area organizations that use unlicensed software. If your organization's software is not licensed, it could become the focus of a BSA investigation. So, audit your software now. Unauthorized copying is the same as stealing. The penalties for copyright infringement are serious - sometimes totaling hundres of thousands of dollars - and in this economy, can your business affort that risk?

    BSA is an association representing the leading software companies: Adobe, Apple, Autodesk, Avid, Bently Systems, Borland, CNC Software/Mastercam, FileMaker, Internet Security Systems, Macromedia, Microsoft, Network Associates and Symatec. Together with our memebers, we educate the public about software compliance and protect intellectual property rights.

    Would you be able to tell if an employee had installed an unlicensed software program? Your business has until February 28 to get licensed.

    BSA recognizes that, for whatever reason, your company may not have managed its software assets properly. That's why from February 1-28, BSA is offering a Software Grace Period to business like yours in ANYTOWN. Please take this time to review your software installations and usage and, if necessary, acquire the licenses your business needs. If, after you have participated in the Grace Period, your organization becomes the focus of a BSA investigation, BSA will not seek to impose penalties for any unauthorized copying that occurred before February 28, (unless your organization has already been informed that it is under investigation). If BSA contacts you, just show your Grace Period Participation Nuber and the software purchase receipts. [Please see the reverse for terms.]

    Not sure if your organization is fully licensed? BSA can help you find out.

    Visit our Web site at www.bsagrace.com for more information and to download the free Software Audit Tool, or call our special Grace hotline at 1-877-536-4BSA (1-877-536-4272). If you find that your business isn't 100% licensed, contact your software vendor immediately and buy the software licenses you need before the Grace Period ends on February 28.

    Sincerely,

    Bob Kruger, Vice President, Business Software Alliance

    Grace Period Participation Terms

    Bsd is offering a one-month Grace Period between February 1-28, 2003.

    1. For your organization to qualify for the Grace Period campaign:

    • it must obtain a Grace Period Participation Number either through receipt of a BSA letter or from the Grace Period Web site - www.bsagrace.com;
    • its headquarters must be located within the following zip code: ANYTOWN 99999
    • it must not have previously received notice that the BSA or its members (listed below) have received a report of infringement and are investigating it; and
    • prior to, or during the Software Grace Period (February 1-28, 2002), it must have acquired sufficient software licenses to ensure that all software published by BSA members installed on its computers is properly licensed.

    2. If, after you have participated in the Grace Period, your organization becomes the focus of a BSA investigation, BSA will not seek to impose penalties for any unauthorized copying that occurred prior to February 28, 2002 (unless your organization has already been informed that it is under investigation). If the BSA should contact you, just show your Software Grace Period Participation Number and software purchase receipts.

    3. For the purpose of the Grace Period, BSD members are: Adobe, Apple, Autodesk, Avid, Bently Systems, Borland, CNC Software/Mastercam, FileMaker, Internet Security Systems, Macromedia, Microsoft, Network Associates and Symatec.

  5. A useful article on this... by bagofbeans · · Score: 5, Informative

    Original at http://www.eweek.com/article2/0,3959,19093,00.asp
    July 30, 2001
    Truce or Dare
    By Michael R. Zimmerman

    If you're a small or medium-size company, there's a good chance you've heard from the Business Software Alliance about getting your software compliant with its licenses. If not, you probably will. The group is well into a nationwide letter and radio campaign to do just that.

    But what you probably don't know is that, like so many of the companies that stuff your mailboxes with junk mail, the BSA, which represents such software giants as Microsoft Corp., Adobe Systems Inc. and Apple Computer Inc., has no intention of following up on its letters--regardless of how threatening and personal they may seem. It won't phone. And it won't pop in for a surprise audit.

    Instead, an eWeek investigation reveals, the BSA's campaign is primarily a marketing effort essentially designed to scare people into buying more software. But for many enterprise customers who are quickly becoming fed up with the group's hardball tactics, the campaign is having the reverse effect: compliance, then departure to alternative products, like open source.

    The reason the BSA Truce Campaign is more bark than bite is simple: As part of each Truce Campaign, the group sends out hundreds of thousands of letters at a time to businesses in a handful of cities. For the month of July, for example, it mailed 700,000 letters to businesses in five cities between New York and Portland, Ore. As such, it would be virtually impossible to contact even a sample of those companies to check up on their progress or lack of progress.

    Indeed, one of the only ways the BSA is gauging the success of the Truce Campaign is by the size of the spike in software sales for various cities as the BSA passes through, which so far total 19.

    "Everywhere we've run the Truce Campaign, we're seeing dramatic increases in sales," said Bob Kruger, vice president of enforcement for the BSA, in Washington. "So it's being successful."

    But a deeper look into the Truce Campaign, as well as an ongoing and almost identical anti-piracy campaign by Microsoft, a founding member of the BSA, reveals something more complex: the possible beginning of an entirely new business model built around anti-piracy and fear. The bottom line: There's money in anti-piracy, and plenty to go around.

    To be sure, piracy results in major losses of revenue for the software industry. According to the BSA, $2.94 billion was lost to piracy in North America alone last year, while $11.75 billion was lost to it globally for the same period. But so far this year, those figures have declined.

    Since the launch of its enforcement campaign in North America in 1993, however, the BSA has brought in about $70 million in settlements, a mere drop in the bucket compared with the overall total. Now it seems the industry, with the help of the BSA, is taking a new tack, with its focus on generating revenue the old-fashioned way.

    Consider the following: Microsoft has been busy constructing a network of support services through distributor and licensing partners to assist customers in assessing and auditing their software to comply with their licenses.

    One Microsoft partner, License Online Inc., of Bellevue, Wash., tracks where the BSA is headed and rounds up as many of its 36,000 registered channel partners as it can for those cities to swoop in and sell licenses.

    "When we know what area the BSA is going into, we're going in scrambling to piggyback on their marketing efforts," said Sharon Erdman, vice president of marketing for License Online.

    License Online offers its partners across the United States a 12 percent commission on any licenses they sell through License Online. To get the contractors rolling, the company supplies them with a list of companies Microsoft has sent its anti-piracy letters to. In addition to commissions, the contractors are told the companies contacted have the potential to become "long-term" customers.

    "Microsoft has absolutely partnered with businesses who can address the concerns," according to Devin Driggs, a Microsoft spokeswoman in Lake Oswego, Ore. "It feels a responsibility to its customers to address any issues with compliance they may be experiencing."

    As far as the anti-piracy fight becoming a business unto itself, Driggs said Microsoft views the subject as an industry issue.

    Kruger acknowledged that the BSA's letter campaign is a direct marketing campaign designed to encourage users to get in compliance and not directed at any company in particular. The group uses common mailing list companies such as Dun & Bradstreet Inc. to generate the lists.

    Microsoft's campaign is more deliberate, company officials said.

    "I don't think we're doing anything that's random," said Nancy Anderson, associate general counsel for the company, in Redmond, Wash. As part of Microsoft's licensing agreements for its products, Anderson said, "the customer agrees to assure us they are current. The obligation is on them to assure them and to undertake an audit if requested by Microsoft."

    Not surprisingly, however, the hardball tactics are having a negative effect on customers.

    "We were nailed for tens of thousands of dollars," said Cary White, an IT manager at a financial services company in San Diego who acted on a letter from Microsoft. "We received a letter addressed to our CEO that they received a tip we were not compliant with Windows, Word and Excel. ... That was a fishing expedition."

    "My company is to completely go away from Microsoft," White said. "We're not going to buy any more Microsoft products. It's my decision. They're alienating their customers. I don't trust them."

    The fear factor

    For the BSA and Microsoft campaigns to work, the fear factor is essential, according to letter recipients contacted by eWeek.

    "[Fear] is the first emotion when you get the letter. It's like, 'Oh my God, the Gestapo's coming,'" said Robert Fuller, president and chief operating officer of R.E. Fuller Engineering Consulting, a one-man company in Camas, Wash.

    The BSA has struck fear in customers' minds through carefully worded, but threatening letters and an accompanying radio ad blitz warning businesses to beware of disgruntled employees dropping dimes on them.

    According to the BSA's Kruger, the Truce Campaign is merely a 30-day grace period companies can use to get their software in compliance. If a company does use the time to get in compliance, it will avoid any potential future BSA investigation that may spring up as a result of its radio ad blitz.

    But that doesn't explain the BSA's use of what many are calling threatening language. What's troubling to businesses, besides not being informed on how they were selected for the mailing list, is the letter's accusatory tone. For example, one line reads: "If you're caught [with unlicensed software], your organization could face penalties totaling hundreds of thousands of dollars."

    And while Kruger insists the Truce Campaign is not a vehicle for generating leads or tips, that contradicts the thrust of the BSA's radio spots.

    For example, at one point, the announcer in a radio spot for the Truce Campaign currently running in New York asks Kruger how the BSA receives most of its leads. Kruger responds: "Most of the calls come from current or former employees. I would say to businesses that, unless you have no current or former unhappy employees, you are only one phone call away from becoming the target of a BSA investigation."

    "My management's concern was that there was almost a bit of paranoia about [the Truce Campaign]," said Peter Rassmussen, a technology manager at a Midwest retailer. "There were radio ads going on at the same time that sounded like Joe Stalin encouraging you to turn in your parents."

    As for Microsoft, Anderson said, it's not in the company's interest to frighten customers. "We don't want to create anxiety," she said. "It's not our interest."

    Misleading the pack

    Exacerbating the anxieties for companies contacted by eWeek that have received Truce Campaign letters was the seemingly intentional vagueness of the letters, vagueness that is compounded by misleading information.

    For example, though the Truce letter establishes a 30-day deadline for software reviews and includes a line that states, "If the BSA contacts you, just show your Truce Participation Number and software purchase receipts to take advantage of the Truce," the BSA has no intention of contacting any letter recipient.

    But at least one radio spot, the one currently playing in New York, implores letter recipients to "review your software installations and acquire the licenses you need before the Business Software Alliance returns to New York City!"

    Still, Kruger insists: "We don't visit any of these companies. The ones getting the letters are not under investigation."

    When asked if these discrepancies were misleading or at least confusing, Kruger said any letter recipient who is confused can go to the BSA Web site or call the Truce hot line for information.

    Also at issue is ironing out exactly what authority the BSA has to present deadlines, request software reviews or even conduct audits. According to Kruger, the only authority the BSA has, as power of attorney for its members, is to seek court orders on behalf of its members to conduct software audits on businesses suspected of using pirated or unlicensed software. But even then, the BSA does not seek such court orders frivolously.

    "We only proceed on the basis of reliable information," Kruger said. "We take pretty good pains here to make sure our cases are based on solid information before going forward."

    Indeed. Despite the tone in the Truce Campaign letters and radio ads to the contrary, the task of proving guilt lies with the BSA.

    "The burden's on the BSA to prove itself to the court," said Peter Baruk, director of anti-piracy at Network Associates Inc., in Santa Clara, Calif., and former vice president of piracy for The Software & Information Industry Association, another software advocacy group in Washington that conducts piracy investigations. "If you're contacted by the BSA and doing the right thing, you have nothing to worry about. So, why respond? You can and be a good corporate citizen. [But] there's no reason why you'd have to react to a letter like this."

  6. How it works by Kevinv · · Score: 5, Informative

    BSA targets particular cities and/or business types and sends out blanket letters to companies that meet the requirements. You can get a list of targeted cities on BSA's web site:

    http://www.bsa.org/usa/events/

    Any sales increase in the city immediately after mailing of the letters gets BSA money. Now the letters don't really have an affect if they can't show they sometimes follow through.

    The BSA will then go after certain targets either ones they think are particularly egriegous or they have pretty good proof of violations (the BSA has registration/purchase info from their member organizations plus any public informaion about companies so they can see a company with 1000 employees appears to only own 100 copies of Office -- this may be legit).

    So, the BSA will ask for proof of purchase for software from their member organizations (their ability to do this given in the license agreement for most software). Note SERIAL NUMBERS AND CD'S ARE NOT PROOF OF PURCHASE. You MUST HAVE RECEIPTS!

    If you refuse they can file an civil copyright infringement lawsuit against you and can ask the court to impound the computers as evidence. They can also ask the prosecuting attny's to bring criminal actions against you.

    Details of why the BSA has the law on their side:
    http://www.bsa.org/usa/antipiracy/law/

    I'd say for a small organization you're probably safe -- unless you had somebody get pissed off at you and reported you to the BSA and raised their awareness of your company from mailing address to red light.

    Under current US law the BSA acts legally. If you disagree with this you can choose software that has no such problems (i.e. open source, free software) or you can work to change the law while obeying it or you can start some kind of civil disobedience (just remember -- if you break the law you still have to pay the price for breaking it, even for good intentions. many civil rights fighters ended up in jail to prove their point, if you can't afford the price don't use this method).

    I prefer a mix of 1 and 2. I don't think the right to copy other people's software is worth jail time to go the disobedence route.