Slashdot Mirror
Is the BSA "Grace Period" a Scam?
An anonymous reader asks: "I work at a small non-profit that has 18 employees plus a 13 seat computer lab. We received a form letter from the Business Software Alliance (BSA) telling us to do a self audit and if we find any unlicensed software to report it during our 'Grace Period' because 'if you organization's software is not licensed, it could become to focus of a BSA investigation'. Now this is obviously a method to scare up some business for the BSA members. If we ignore this, how likely is it that we will be 'investigated'. I know that I cannot produce the original CD's and/or documentation for some of the software that we HAVE paid for."
If it's somewhere in a license they can show we bought, that we have to allow access to the installed software, then for every license they can show, I can provide an adequate installation.
We got one of these...
They called a 'truce' in our town of 500. We are a 2 employee show, run from a basement.
We bought a bunch of stuff, but never sent in the registration cards. We registered some stuff back in '97-'98 probably, and nothing since. We haven't gone out of business, so they figure we're probably pirating something. We are not, but since we haven't registered anything in a while (Microsoft Tech support is sooo valuable!), and are continually considering the move to Linux (just a matter of time...) we come up in their database as a possible pirate. Oh the miracles of databases!
All we did was make a file of receipts and certificates, and they can wade through it if they come a knockin. We're sure it's all there, and we can hopefully sue if they end up siezing a computer, especially since we are legal.
We had to look real hard for the licenses, but we found them. The certificates are useless without a receipt.
I work in an enterprise environment. Last year, I registered for one of those free magazine subs and a few weeks later... viola, a letter from the BSA using the same name/address pair.
The BSA must be getting names from those lousy online surveys (company size, whats your position, how much software will you be buying in 6,12,24 months).
Sounds more like SPAM to me !
"Whoever would overthrow the liberty of a nation must begin by subduing the freeness of speech."--Benjamin Franklin
I got the same form letter about a week ago. I'm just a student so I'm not really sure why I got sent one. I do have all the receits for the software I use. After reading it several times, I'm just assuming it's a scare tactic to drum up sales.
...
I think the only question that went through my head was what if any legal power would the BSA actually have if they did decide to audit me. Seeing as I don't own a company
I think you are correct in that they just get a bunch a mail lists and start firing off the letters. We started getting these letters when my wife passed the bar.
... disregarding the obvious problems I have with the BSA which other are sure to point out (and that I have ranted about before) legality, authority and such. It seems very odd to me that anyone should have to PROVE they bought something. CompUSA pulls the same shit when your walking out of the store, I get pretty irate and being stopped and having my purchases searched at the door, especially when I took only TEN STEPS from the register. But that's a little more understandable than the BSA's tactics, after all if I'm in the store with no receipt it's more likely that I didn't just lose it (though it is possible). When you buy site licenses I can imagine you have to show that you have a valid license, as far as proving you didn't buy it after the letter was sent, they can fuck off. If your legal now there's nothing they can do. But what about off the shelf purchases? What about backup copies (allowed by law) that were kept in a firesafe when the originals were destroyed. Like someone commented earlier, you are innocent until proven guilty, the burden of proof is on the prosecution. Hell I'd demand a jury of my peers.
I'm the big fish in the big pond bitch.
Would be nice to crucify the BSA with the RICO Act under the "conduct or participate, directly or indirectly, in the conduct of such enterprise's affairs, through a patter of racketeering activity" section, for misrepresenting the legal system for the express purpose of intimidation.
Nailing them for mail fraud would be nice too, if you can find them deliberately transmitting false statements.
They are scum only out to extort a buck.
...actually installed illegally pirated software, though. Show me a case where a group with genuinely bought software but a couple of misplaced certificates was successfully sued?
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
I've seen these letter before from clients. If they do not specifically charge you with piracy, stealing or whatever, throw it out and don't bother downloading their spyware.
You have the same rights you always had. They have to have probable cause to get a warrant, and they have to have a warrant before they can come into your office forcibly. A warrantless vampire cannot come in unless you invite them in.
IANAL, but I believe that as long as you have practiced due diligence and can show that you took reasonable steps to not break the law, then no judge with an actual brain would rule against you.
That being said, the BSA is looking for those who buy one copy and load it all across the office. I know of a company that did that, got ratted on by a disgruntled employee. Bottom line: they paid big. These are the fish they want to fry, and there are plenty of them out there.
Now, if you've been pirating software, and get a letter, and throw it out, and they still come after you, you won't get any sympathy from me!
-- I am. Therefore, I think!
I worked at a small, poorly-run brokerage firm this summer, and witnessed the stupefying power of the BSA first-hand. They drummed up a lot of publicity by having the local papers run several stories about regional busts they had made (both of which were the result of disgruntled ex-employees turning in their former employees), and buying some ad space on local radio stations. Then the letter came, and my boss, not knowing much about the ways of legality and whatnot, promptly allocated over $15k for systematic re-purchase of all software currently installed on the computers. Most of the progs were fairly up-to-date, and many (but not all of them) were properly licensed. Moral of the story; this is a scam, albeit a very effective one, as it is supported by legitimate businesses engaged in an underhanded approach to bolster their own sales, and I have a feeling that many more bosses than just my own went out and needlessly spent large sums of money in fear of being found "not in compliance".
Personally, I refuse to play. I will not purchase any software from any company that employs the services of collection agencies such as the BSA. Furthermore, I will do everything in my power to dissuade my clients from purchasing software from these companies.
Need a Linux consultant in New Orleans?
We had the BSA sicced on us by a disgruntled ex-employee. We didn't receive one of those mass mailed letters, we received a bona-fide messenger delivered packet from the BSA, naming specific software titles. Also in the letter was their "gracious" offer to do a self-audit and orders to report the results of the audit to them. Failure to comply with their demands would result in the BSA taking us to court, getting a court order to come in and conduct an audit themselves, with their software and people,and under the eyes of either the State Troopers or US Marshals to make sure that we didn't interfere.
So we did an audit and found out that we were only one copy of a certain software title out of compliance. We sent back the results of our audit, along with copies of our licenses to the BSA, along with an offer to buy the extra license at full retail price. They replied that our licenses and audit results were not good enough, that they also wanted us to produce the receipts for the software.
The receipts. Apparently, having the licenses are not good enough. Or maybe the BSA figured they could strongarm some money out of us, so they leaned a little harder. I had heard that before the BSA sends out these demands, they research the company to see if they have enough cash to make their efforts worthwhile. Having recently completed a series of capital funding, I suppose we looked mighty tempting.
This meant many days of going through three years of financial records. Eventually, we found most of our reciepts and purchase orders, except for a few things from the very beginnings of the company when the records weren't really kept. But we did have the licenses. Of course, the BSA, now really smelling blood, came down with an arbitrary amount to fine us along with a statement that if we did not pay this (ridiculous) sum for basically being one copy out of compliance, they would take us to court and demand far more.
I was never told how much exactly we had to pay the BSA, but I heard it was "not insignificant". It was somewhere in the 5-figure range. All for one copy of Visio, and some tossed receipts from three years ago.
I always argued that the BSA had no right to demand our receipts and financial records since we were able to produce the software licenses. It's a bunch of crap. I can't see how the BSA can legally operate in this country. There is another organization that operates in a similar fashion- it's called the Mafia. Bastards.
Sure I did. Of course, whether they have any legal basis or not, and if so whether it confers rights on the BSA rather than the software vendor(s), are different questions. The BSA can find out in court, if they really want to know whether I've got any illegal software installed (I haven't) and they're prepared to risk a test case that could destroy their whole threat model (I doubt it).
First, you agreed to the EULA and the BSA can hold it to you. Simply by giving their corporate member a call and asking for the necessary credentials (if they don't have them already). They only have to become a "designated representative of the company" or something like that. The same reason the guy who answers your tech support call has to provide you tech support even though you didn't personally make your agreement with him. (Does this imply that the BSA is on Microsoft's payroll? Yes, of course, read on)
Second, the BSA is using a long-practiced business model. Extortion. They are using the tried and true model of, say for example, the Italian Mob. Here's an example:
Guido: Mr. Chapman, if you don't pay us for protection, there are many criminal elements in this neighborhood who will do serious damage to your business.
Mr. Chapman: I'm sorry, but isn't that what the police are for? I won't pay.
-- later --
Guido: Say Boss, Chapman didn't pay up.
Boss: Send out an enforcement team.
-- later --
Enforcement team thrashes Chapman's business and beats him within an inch of his life.
-- later (in the hospital) --
Guido: What happened, Mr. Chapman? Did you get assaulted by those criminal elements I warned you about?
Mr. Chapman: Yes. I'll pay! I'll pay!
-- end 1 act play --
The BSA have no grounds, really. They are enforcing Intellectual Property law, and they are assessing fines, and searching (and seizing, no doubt) private and public property without a warrant. They are not a law enforcement agency, however. They are a private agency. Their NP status is only to prevent the government from attacking them (and probably helps a lot with taxes and so forth), but I'll bet many of their employees receive paychecks from more than one company. In any case, they exist to enforce EULAs that were not made into law in the first place. Effectively, they threaten to bring the law against you. Kinda like "Hey bro, if you don't give me $20, I'll tell the cops you sell dope, and that'll cost you a lot more."
The BSA is a group of vigilante lawmakers and enforcers, and even though they're not a government agency they must be stopped! THEY are the Lex Luthors and <insert favorite super-villain here>s of the present, and they *must* be destroyed.
Stand up to them. Tell them to fuck off. Instead of doing an audit, spend your money implementing free solutions. Don't worry about price of implementation, or function, or anything like that. Enact the FIRST RULE OF BUSINESS, and COVER YOUR ASS. Destroy all copies of any proprietary software within your organization and install nothing but free software. Then tell them they can't audit you because you canceled your end of the agreement.
When they assess a fine, tell them "I won't pay it. You're not a judge appointed by a duly elected representative, and I sure in the fuck didn't vote for you or any politician that created you." When they drag you into court, you COUNTERSUE them, and charge them with extortion! (if you can, extortion might be rigidly defined as threatening physical harm, but i'm not a lawyer)
When the BSA knocks on your door, you have a perfect opportunity to fight for your freedom, and it's not only a fight that means something, it's also a fight worth winning.
Like what I said? You might like my music
Anyway, here's what happened:
We are about 1,800 employees big. We go the BSA letters about a year ago. Our legal people consulted with outside legal specialists regarding this. The result was that we caught up on licensing real fast, and we produced documentation to the BSA that proved we were legal and that was the end of the legal hassle. Of course this took about 9 months :-)
Several comments:
1) We were big enough to atract attention, and we are profitable, so we were the perfect "target."
2) No one in our company considers this a "scam." We willingly decided on our own to use commercial software and we intended to pay for it (honestly!). We did find inaccuracies on our purchasing: We had too much of some stuff, too little of other stuff. We purchased what we needed to.
3) In response to some dumb comments on here: The BSA deals with the software of its vendor members, not ALL software vendors. We were sent a list of the software producers whose products were in question.
4) Some people here have said that EULAs are invalid: Bullshit. There have been court decisions going BOTH ways, but the more recent antecedents have all been in favor of EULA validity. It can't get much clearer: If you agree to the EULA terms, you are bound by them.
5) The old "prove it" reprise: Someone here said to just ask the BSA to prove that you stole software. This is inaccurate/misleading. If you say to the BSA "prove it," then the BSA IMMEDIATELY will subpoena your receipts for your purchases (Which, they will successfully argue in court, they need to "prove it"). They CAN do this, and they DO do this. If you get to be too much of an asshole about this, they can get the court marshal to seize your computers. It has happened before...
6) There are federal statutory guidelines that indicate collectible damages. If you are an asshole to the BSA (or a software producer), they can be assholes back: I believe it was Snapple that got fined a couple million bucks because they were assholes to the BSA... Technically it is a copyright violation every time you load an unlicensed program into RAM (every time you run it). Normally this would fall under the "reasonable uses" clause thing, but since the copyright is being violated, there is no "reasonable use" to it... Therefore every time you run the program you incurr the federally-mandated minimum fine... In case you feel like bitching about this, you should know this case went to court, and was not settled out of court, as far as I know it was not successfully appealed either.
7) Does the BSA have the right to send these letters? OF COURSE! What are you going to say, "No! I want to hear these threats from Adobe!" Just get it over with... It's easier to deal with one entity, you will get it over with quicker. Ovbiously, the BSA members give the BSA authority to sue on their behalf! The EULA has nothing to do with this.
8) Lastly: If you use commercial software, it is understood by definition that you must pay for it. What the hell is the problem with that? No one held a gun to your head to force you to use AutoCAD!
When the BSA does decide to do an audit (as opposed to a mass mailing), it's because they already have some evidence of illegal software use. Most of the time, this is from a former employee, disgruntled employee, or the like (i.e. a contractor you pissed off, former customer, etc.).
If you don't let them in, then they go before a judge and get a warrant, and then US Marshals come in, and you won't refuse the marshals entry (for very long).
I know because a friend of mine got raided. The "tip" came from a business rival. The Marshals found everything was in order and the tipster got billed for the cost of the raid.
How does a "low-level employee" have the authority to extend such an invitation? Let's say I send postcards to everyone at General Motors offering a free calendar, and the small print obliges the company to sell me all the cars I want for $1 apiece, and someone from the janitorial department sends one back. How far do you think I'll get when I show up with my carny roll?
"Patriotism is your conviction that this country is superior to all other countries because you were born in it." -- GBS
Yes and no. A few years back, the IRS used to audit people and make it a horrible experience. The few neighbors you had that got an audit made it so sooooo bad, people stopped cheating. Then 60 Minutes did a feature on this lady dying of a heart attack in an IRS office (all she had was a W-2and a 1040A) and then people going into mental hospitals. Some people went to prison. Prison?
BSA does audit, and they get you all upset because a few businesses got hammered in the local paper. Then they buy these big clean mailing lists of businesses and send out the letter. And people pay them.
If you have any "former" friends, they can trigger an audit and then it's skid row. AND they are ruthless. Unyielding and mean. The legal fees can put a business out of business.
Some guys have started a reform movement both in Europe and here. They say if this isn't tyranny, then what is?
Have you bought or sold software on eBay? Think about it.
Zap your hard drives and use free software. Their audit software picks up data even if you uninstalled it and reformatted your drive.
No, it's not a scam and for those of us who've lived through it, you either pay the price or spend two years in a BSA hell. I fought it (legal background).
The way to beat this is: do not download their stinking audit software. Do not respond to their letters. That will make any drop-by visits an invasion of privacy.
Next, wipe your every hard drive and use a Microwave to melt their CD roms. (Dangerous unless you've made coasters before.) Get a big fence cutter and break any floppies you have.
Get rid of everything.
I was arrogant. I gave away my rights agreeing to their amnesty.
I let them do an audit on us because we didn't have any M$ stuff. Woooops. A secretary had Windows 98 running. We paid for and produced receipts for all the software, but got hung up on an upgrade. We got something bundled with a piece of hardware, long since broke and gone. That software bundle costs thousands.
Now, we knew the piece of hardware, we knew the box, the packing slip, had the receipt and the packing materials. But, noooooooooo, we were criminals.
Use the grace period (hehe) and get rid of your stuff.But don't agree to or sign anything. And don't imagine your lawyer knows as much as the Boy Scouts of America (BSA - right?)
Will they audit you? Will the IRS?
Probably not. But do't think beause they have bigger fish to fry that they won't show up.
You might get 5 out of 6 on your lottery ticket. Or 6 out of 7. If you get 7 out of 7 look out.
Oh and if you do get a good lottery ticket, tell all your friends and they will buy thousands of lotto's. Heck, just get on stage on TV and thank everyone for contributing to you and lotto sales go through the roof.
That's the BSA's theory.
They're making big money!You think that $43 Billion Macrosoft has in the bank came from innovation? Innovation in the field of legal tyrany.
BTW, you won't find any on my Post. I go around and Zap the drives of anyone in my company that uses the stuff.
It's time for your Senator and Congressman to come to the aide of our Country and reform the damn copyright and patent laws.
Jeeze.
- Dal