Slashdot Mirror
Is the BSA "Grace Period" a Scam?
An anonymous reader asks: "I work at a small non-profit that has 18 employees plus a 13 seat computer lab. We received a form letter from the Business Software Alliance (BSA) telling us to do a self audit and if we find any unlicensed software to report it during our 'Grace Period' because 'if you organization's software is not licensed, it could become to focus of a BSA investigation'. Now this is obviously a method to scare up some business for the BSA members. If we ignore this, how likely is it that we will be 'investigated'. I know that I cannot produce the original CD's and/or documentation for some of the software that we HAVE paid for."
A Google new search reveals all sorts of interesting articles, including some cases where people were busted.
And this little gem:
Perhaps some pertinent questions:
Supposing the BSA does perform an investigation, I'm wondering what the actual legal procedures are.
Are you required to maintain documentation of every last opened piece of software? I know at the CIT department I worked in for school, we had Windows 95 manuals stacked up in storerooms, even though there was a school wide license. I don't know if this is required though.
Furthermore, what happens if they find you're missing a couple documents, and decide to take you to court. Is any jury going to decide, based on either a "preponderance of the evidence" or "beyond a reasonable doubt" standard that this software was obtained and/or used illegally?
Any legal experts out there?
Some one wrote this the last time the BSA came up on Slashdot- sorry, I saved the quote but not the poster. The conventional wisdom thus far from other posters seems to be 'ignore it,' but if it goes further, consider this:
I know someone that was audited by the BSA and decided to fight it. Basically they countered by stating they wanted full disclosure of who reported them so as to determine the validity of the claim prior to wasting internal resources and dollars. They also argued that the reporting tools are a violation of privacy. Yes, they expected them to place some software on their network which scans their entire network not to mention each machine's registry. Third, they also argued that even if they were in violation of license, the license is between them and the vendor (after all, the license does not allow for the BSA as having legal proxy interests) and unless the vendor in questions decides that they'd like to personally persue the issue, the BSA does not have legal authority or the legal grounds to persue the action. Furthermore, they argued that even if something odd was discovered and they lost, only the government has the right to impose fines on legal matters as such and they would be within their legal rights to simply purchase any outstanding licenses or settle directly with the vendor in question and completely dismiss the BSA altogether thereby eliminating the need to pay any fines or added fees.
Last I heard, even though two ex-employees had turned them in, the BSA simply walked from the issue as, from what I gathered, they really don't have a legal leg to stand on.
Alcohol, Tobacco and Firearms should be the name of a store, not a government agency.
The odds?
0.
Literally.
0.
If they had any intention of "auditing" people (which, btw, is illegal in and of itself! It violates property laws, search & seizure laws, as well as laws against extortion, to name a few) they would have just gone ahead and done so already. Instead, they've put millions into cranking out form letters to people as scare tactics, since they know they're effectively powerless.
If auditing companies produced any meaningful monetary award, they would already be doing so...which they aren't. And even if they did, they sure as hell wouldn't tell you or I about it in advance.
Logic prevails.
Bowie J. Poag
And that's when I tell them "prove I didn't". The burden of proof is on them. The only organization in the US that this DOES NOT apply to is the IRS. The BSA only has as much power as you give them. Has anyone else seen the page on their web site where you can rat your employer/friend/etc. It has a picture of some idiot with an evil *I stuck it to da man* smirk on his face and the whole bit. Gimme a break.
Sure I did. Of course, whether they have any legal basis or not, and if so whether it confers rights on the BSA rather than the software vendor(s), are different questions. The BSA can find out in court, if they really want to know whether I've got any illegal software installed (I haven't) and they're prepared to risk a test case that could destroy their whole threat model (I doubt it).
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
so they "pirated" software. here is the result:
one, it doesn't cost the software companies a thing. you steal a car, it takes steel, rubber, plastic from somewhere. you make a DIGITAL copy, it costs software co. nothing. and many of the "pirates" wouldn't have bought the software.
two, the people using the software are not using a cheaper alternative. why would you use OO.org, when ms office is "free". so, piracy destroys competition. i remember there used to be at least three major office suites. corel, lotus, and office. in fact, office 97 offered wordperfect and lotus 123 keystrokes, BECAUSE THEY HAD TO. but "piracy" reduced the market share of the other two to nil
three, "piracy" promtes sales. as one program and one format becomes the "standard", especially if it is closed, peopole eventually all have to get on board. and not everyone or every business can "pirate".
i am as big a free market economy guy as you can get. i am as low tax and low regulation as you can get. but this whole piracy thing is bullshit. and they know it.
My problem? I was perfectly gruntled, until some numbnuts came by and dissed me.
before you mod me down, really read this post because it fits a theme I've been noticing lately.
Ever notice how everyone tries to be the enforcer? Corperations, media mogules, senators and even your local legislators? It seems these days people want to be in charge, or the authority trying for a power grab they can't achieve and throwing in some new speak to throw off the commoner who isn't educated enough to know the difference between REAL authority and a scam or fake.
The BSA is just another example to me.
Dunno, just my 0.02c. Mod away
When I go to Best Buy, and give a company like Apple - who is a member of the BSA IIRC - $129 for a copy of MacOSX how is that extortion? How are my rights being violated? Why is that idea so offensive to so many people?
Dude, you're way missing the point here. Sure a lot of people feel strongly enough against non-Free Software that they won't buy it, but this case is different.
The BSA is essentially running a protection scheme. Here's the scenario: Let's say you run a business that's large enough that it's difficult to keep total track of everything on every machine.
You don't (purposely) violate any software licenses, and take pains to follow them correctly. However there is significant overhead to keeping track of what you can and can't do with the software you've bought, and violations are sure to occur. There's just too much to do not to make an error.
Some employee you've pissed off (and if you're an employer you will piss off an employee) goes to the BSA and tells on you. They don't need actual evidence. To audit you. They 'nicely' tell you to audit yourself and give them money for anything that might not be compliant.
Let's say that you can't find proof that you purchased some of the software you purchased. You then have to pay for that AGAIN. If you don't pay them for it, and they audit you, you then have to pay for it anyway, plus exorbidant fines because you couldn't proove that you weren't guilty of a crime.
They also use this as a scare tactic to scare people from going to Open Source, or even competitors. If you are looking at not renewing a licence you get a message that you might be audited. Even if you are in total compliance, it's rather expensive and labor intensive to go and make sure. Were my university to be audited, it would cost around $2,000,000 just to double check, and given the number of people using computers (about 10,000) it is virtually guaranteed that someone somewhere either wasn't careful with licensing proof, or just flat out pirated something.
What they are doing is no different than the Mafia vandalizing someone's business and then asking money to make sure such things don't happen again. It's protection money, nothing more nothing less. They just couch it in a slightly less ominous sounding name.
Many Open Source advocates have no problems with paying for software, music, movies or books. What causes problems is when someone tells me I can't do what I want with the media I've bought that I get a little upset.
If I want to make a mix for my car, the law says I have that right. They're trying to stop me. If I want to use software on a different machine, I have that right. Under strict copyright law (may be different under DMCA now), I can put software on any number of machines as long as they aren't being used concurrently. I can copy movies or cd's (as many times as I want) as long as I don't distribute them. As long as I dont' redistribute what I do, I can do whatever I want with what I've purchased.
Under the Constitution of the United States, it is not my responsibility to prove my innocence, it is your responsibility to prove my guilt. If you can't prove my guilt, I am to be considered innocent. The BSA has neatly ignored this, and gotten courts to go along with unconstitutional legislation. Fines are imposed without trial, and without proof of guilt, in direct opposition to the Constitution.
More than a Boycott needs to be done to the members of the BSA. There needs to be a trial that addresses flagrant violations of the constitutional rights of individuals all over the United States, and an appropiate punishment needs to be given.
There is a civil war coming in the United States. Remember which side has most of the guns
IANAL. That said, there is a generally accepted legal theory that two parties cannot enter into a binding agreement if one of them could not be expected to understand that agreement, is not properly represented when entering into that agreement, or the agreement contains "fine print" conditions which defy common sense or expectation, or which are intended to deceive. There are other exceptions as well, but these are the important ones for the moment.
I say all this because the shrink wrap license ("EULA") - through which the BSA claims to derive its authority - is thus on extremely thin legal ice. In fact, I am on a neverending quest to find reference to any (any) case where any of the more onerous terms of a shrinkwrap license have prevailed in court. (UCITA, of course, changes everything - but that's a subject for another post.)
Almost all users of computers never properly understand the "contract" they have supposedly "agreed to" by using their software. They are ignorant of the need to keep and maintain records (as if their word processor was a firearm or motor vehicle), and the idea of granting some organization permission to enter their premises and inspect, demand documentation, and otherwise claim supra-police-like powers just to "insure" that they're not violating their "agreement" must profoundly, breathtakingly, and absolutely fail the test of "reasonable expectation."
In the case of copyright violations, there are criminal and civil penalties. You can sue me for stealing your software. You can also call the police on me, who may choose to arrest me and try me for said same. But enter my place of business uninvited to "inspect" or "audit" on the basis of a shrink wrap license? I don't think it flies.
Let's sum up.
The BSA claims a variety of privileges (from the EULA) which it doesn't really have. It threatens you with actions which are almost certainly illegal. Software users are unaware of their "obligations" under their "licenses" even if you consider them binding (which is asinine), and even when they attempt to follow the rules, there are many cases where it will not be possible to provide documentation "to the satisfaction of the auditor" - whose standard is arbitrary, and purposefully engineered to make it unlikely you can meet it. You are frequently given a very short time in which to reply to the ultimatum - purposefully short, to insure you will not have time to properly inspect your facilities before making a decision. Then there is the oft-cited case of schools and charities which use donated equipment for which the paperwork is not, and probably can never be, in order.
The cost of self-defense is borne by the defender in civil court. Knowing one is on the receiving end of a legally specious and improper legal challenge is one thing. Being able to afford your defense against some of the world's richer companies is quite another.
Most victims who receive this have done everything right, but have not retained all their receipts, and/or cannot afford the considerable manpower and expertise it will take to insure "not one single unlicensed copy of anything" exists on any of the machines in their organization. Consider... will even one violation, even when made by an employee in violation of a company policy, result in punitive damages?
Generally the BSA gets what it wants: a "settlement" in which they are paid not to "report" to federal authorities and/or file a questionable lawsuit. The victim pays again (perhaps many times again) for what they already own.
We have come a long way from the simple world of Best Buy which you describe.
The fact that no one understood their options or the consequences of their choices is the very thing at issue here. Extortion, coercion, and foul play describe these practices perfectly.
Groups like the BSA are not a "price to pay for preventing theft." Their tactics are both immoral and unnecessary. They have no place in the enforcement of copyright. The police are the ones whose job it is to handle software thieves. But then there'd be no money in it for anyone, eh?
Want to Know How to Cheat the GPL? Read On!
A brief note about economics is probably in order. The cost of making a physical CD is not what you are paying for when you buy a CD. You are paying for the cost of developing, testing, marketing, researching both that program and future programs.
That means that pirating software costs the developer the chance to recover the costs of making that software in the first place.
And before anyone mods this Flamebait, give a moment's thought to what this means for the (non-BSA member) Linux companies out there: companies with (as a rule) very good chances of going out of business each year. They spend time researching, fixing, improving the OSS software that you use regularly... but since most people download this without actually paying a penny for it, they have to find alternative routes to make money.
Now I think that there are lots of arguments for OSS, but it does make the economics much more complicated for all involved.
And remember, the next time MS gives you that TCO crap, that this hassle, and its attendant expenses, are part of the TCO of using software that falls under the aegis of the BSA.
Just say no.
KFG