Slashdot Mirror
Is the BSA "Grace Period" a Scam?
An anonymous reader asks: "I work at a small non-profit that has 18 employees plus a 13 seat computer lab. We received a form letter from the Business Software Alliance (BSA) telling us to do a self audit and if we find any unlicensed software to report it during our 'Grace Period' because 'if you organization's software is not licensed, it could become to focus of a BSA investigation'. Now this is obviously a method to scare up some business for the BSA members. If we ignore this, how likely is it that we will be 'investigated'. I know that I cannot produce the original CD's and/or documentation for some of the software that we HAVE paid for."
If it's somewhere in a license they can show we bought, that we have to allow access to the installed software, then for every license they can show, I can provide an adequate installation.
We got one of these...
They called a 'truce' in our town of 500. We are a 2 employee show, run from a basement.
We bought a bunch of stuff, but never sent in the registration cards. We registered some stuff back in '97-'98 probably, and nothing since. We haven't gone out of business, so they figure we're probably pirating something. We are not, but since we haven't registered anything in a while (Microsoft Tech support is sooo valuable!), and are continually considering the move to Linux (just a matter of time...) we come up in their database as a possible pirate. Oh the miracles of databases!
All we did was make a file of receipts and certificates, and they can wade through it if they come a knockin. We're sure it's all there, and we can hopefully sue if they end up siezing a computer, especially since we are legal.
We had to look real hard for the licenses, but we found them. The certificates are useless without a receipt.
I work in an enterprise environment. Last year, I registered for one of those free magazine subs and a few weeks later... viola, a letter from the BSA using the same name/address pair.
The BSA must be getting names from those lousy online surveys (company size, whats your position, how much software will you be buying in 6,12,24 months).
Sounds more like SPAM to me !
"Whoever would overthrow the liberty of a nation must begin by subduing the freeness of speech."--Benjamin Franklin
I think you are correct in that they just get a bunch a mail lists and start firing off the letters. We started getting these letters when my wife passed the bar.
Would be nice to crucify the BSA with the RICO Act under the "conduct or participate, directly or indirectly, in the conduct of such enterprise's affairs, through a patter of racketeering activity" section, for misrepresenting the legal system for the express purpose of intimidation.
Nailing them for mail fraud would be nice too, if you can find them deliberately transmitting false statements.
They are scum only out to extort a buck.
...actually installed illegally pirated software, though. Show me a case where a group with genuinely bought software but a couple of misplaced certificates was successfully sued?
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
I've seen these letter before from clients. If they do not specifically charge you with piracy, stealing or whatever, throw it out and don't bother downloading their spyware.
You have the same rights you always had. They have to have probable cause to get a warrant, and they have to have a warrant before they can come into your office forcibly. A warrantless vampire cannot come in unless you invite them in.
IANAL, but I believe that as long as you have practiced due diligence and can show that you took reasonable steps to not break the law, then no judge with an actual brain would rule against you.
That being said, the BSA is looking for those who buy one copy and load it all across the office. I know of a company that did that, got ratted on by a disgruntled employee. Bottom line: they paid big. These are the fish they want to fry, and there are plenty of them out there.
Now, if you've been pirating software, and get a letter, and throw it out, and they still come after you, you won't get any sympathy from me!
-- I am. Therefore, I think!
Personally, I refuse to play. I will not purchase any software from any company that employs the services of collection agencies such as the BSA. Furthermore, I will do everything in my power to dissuade my clients from purchasing software from these companies.
Need a Linux consultant in New Orleans?
We had the BSA sicced on us by a disgruntled ex-employee. We didn't receive one of those mass mailed letters, we received a bona-fide messenger delivered packet from the BSA, naming specific software titles. Also in the letter was their "gracious" offer to do a self-audit and orders to report the results of the audit to them. Failure to comply with their demands would result in the BSA taking us to court, getting a court order to come in and conduct an audit themselves, with their software and people,and under the eyes of either the State Troopers or US Marshals to make sure that we didn't interfere.
So we did an audit and found out that we were only one copy of a certain software title out of compliance. We sent back the results of our audit, along with copies of our licenses to the BSA, along with an offer to buy the extra license at full retail price. They replied that our licenses and audit results were not good enough, that they also wanted us to produce the receipts for the software.
The receipts. Apparently, having the licenses are not good enough. Or maybe the BSA figured they could strongarm some money out of us, so they leaned a little harder. I had heard that before the BSA sends out these demands, they research the company to see if they have enough cash to make their efforts worthwhile. Having recently completed a series of capital funding, I suppose we looked mighty tempting.
This meant many days of going through three years of financial records. Eventually, we found most of our reciepts and purchase orders, except for a few things from the very beginnings of the company when the records weren't really kept. But we did have the licenses. Of course, the BSA, now really smelling blood, came down with an arbitrary amount to fine us along with a statement that if we did not pay this (ridiculous) sum for basically being one copy out of compliance, they would take us to court and demand far more.
I was never told how much exactly we had to pay the BSA, but I heard it was "not insignificant". It was somewhere in the 5-figure range. All for one copy of Visio, and some tossed receipts from three years ago.
I always argued that the BSA had no right to demand our receipts and financial records since we were able to produce the software licenses. It's a bunch of crap. I can't see how the BSA can legally operate in this country. There is another organization that operates in a similar fashion- it's called the Mafia. Bastards.
Sure I did. Of course, whether they have any legal basis or not, and if so whether it confers rights on the BSA rather than the software vendor(s), are different questions. The BSA can find out in court, if they really want to know whether I've got any illegal software installed (I haven't) and they're prepared to risk a test case that could destroy their whole threat model (I doubt it).
First, you agreed to the EULA and the BSA can hold it to you. Simply by giving their corporate member a call and asking for the necessary credentials (if they don't have them already). They only have to become a "designated representative of the company" or something like that. The same reason the guy who answers your tech support call has to provide you tech support even though you didn't personally make your agreement with him. (Does this imply that the BSA is on Microsoft's payroll? Yes, of course, read on)
Second, the BSA is using a long-practiced business model. Extortion. They are using the tried and true model of, say for example, the Italian Mob. Here's an example:
Guido: Mr. Chapman, if you don't pay us for protection, there are many criminal elements in this neighborhood who will do serious damage to your business.
Mr. Chapman: I'm sorry, but isn't that what the police are for? I won't pay.
-- later --
Guido: Say Boss, Chapman didn't pay up.
Boss: Send out an enforcement team.
-- later --
Enforcement team thrashes Chapman's business and beats him within an inch of his life.
-- later (in the hospital) --
Guido: What happened, Mr. Chapman? Did you get assaulted by those criminal elements I warned you about?
Mr. Chapman: Yes. I'll pay! I'll pay!
-- end 1 act play --
The BSA have no grounds, really. They are enforcing Intellectual Property law, and they are assessing fines, and searching (and seizing, no doubt) private and public property without a warrant. They are not a law enforcement agency, however. They are a private agency. Their NP status is only to prevent the government from attacking them (and probably helps a lot with taxes and so forth), but I'll bet many of their employees receive paychecks from more than one company. In any case, they exist to enforce EULAs that were not made into law in the first place. Effectively, they threaten to bring the law against you. Kinda like "Hey bro, if you don't give me $20, I'll tell the cops you sell dope, and that'll cost you a lot more."
The BSA is a group of vigilante lawmakers and enforcers, and even though they're not a government agency they must be stopped! THEY are the Lex Luthors and <insert favorite super-villain here>s of the present, and they *must* be destroyed.
Stand up to them. Tell them to fuck off. Instead of doing an audit, spend your money implementing free solutions. Don't worry about price of implementation, or function, or anything like that. Enact the FIRST RULE OF BUSINESS, and COVER YOUR ASS. Destroy all copies of any proprietary software within your organization and install nothing but free software. Then tell them they can't audit you because you canceled your end of the agreement.
When they assess a fine, tell them "I won't pay it. You're not a judge appointed by a duly elected representative, and I sure in the fuck didn't vote for you or any politician that created you." When they drag you into court, you COUNTERSUE them, and charge them with extortion! (if you can, extortion might be rigidly defined as threatening physical harm, but i'm not a lawyer)
When the BSA knocks on your door, you have a perfect opportunity to fight for your freedom, and it's not only a fight that means something, it's also a fight worth winning.
Like what I said? You might like my music
When the BSA does decide to do an audit (as opposed to a mass mailing), it's because they already have some evidence of illegal software use. Most of the time, this is from a former employee, disgruntled employee, or the like (i.e. a contractor you pissed off, former customer, etc.).
If you don't let them in, then they go before a judge and get a warrant, and then US Marshals come in, and you won't refuse the marshals entry (for very long).
I know because a friend of mine got raided. The "tip" came from a business rival. The Marshals found everything was in order and the tipster got billed for the cost of the raid.