Slashdot Mirror
Is the BSA "Grace Period" a Scam?
An anonymous reader asks: "I work at a small non-profit that has 18 employees plus a 13 seat computer lab. We received a form letter from the Business Software Alliance (BSA) telling us to do a self audit and if we find any unlicensed software to report it during our 'Grace Period' because 'if you organization's software is not licensed, it could become to focus of a BSA investigation'. Now this is obviously a method to scare up some business for the BSA members. If we ignore this, how likely is it that we will be 'investigated'. I know that I cannot produce the original CD's and/or documentation for some of the software that we HAVE paid for."
Perhaps some pertinent questions:
Supposing the BSA does perform an investigation, I'm wondering what the actual legal procedures are.
Are you required to maintain documentation of every last opened piece of software? I know at the CIT department I worked in for school, we had Windows 95 manuals stacked up in storerooms, even though there was a school wide license. I don't know if this is required though.
Furthermore, what happens if they find you're missing a couple documents, and decide to take you to court. Is any jury going to decide, based on either a "preponderance of the evidence" or "beyond a reasonable doubt" standard that this software was obtained and/or used illegally?
Any legal experts out there?
If it's somewhere in a license they can show we bought, that we have to allow access to the installed software, then for every license they can show, I can provide an adequate installation.
I checked their About page and found the following statement:
Promoting a safe and legal online world
The Business Software Alliance (BSA) is the foremost organization dedicated to promoting a safe and legal online world.
We are the voice of the world's software, hardware and Internet sectors before governments and with consumers in the international marketplace. BSA members represent the fastest growing industries in the world.
BSA educates computer users on software copyrights and cyber security; advocates public policy that fosters innovation and expands trade opportunities; and fights software piracy.
Nothing in there suggests any legal authority. They are advocates not enforcers. Those letters strike me as very misleading. Anyone want to post a copy?
We got one of these...
They called a 'truce' in our town of 500. We are a 2 employee show, run from a basement.
We bought a bunch of stuff, but never sent in the registration cards. We registered some stuff back in '97-'98 probably, and nothing since. We haven't gone out of business, so they figure we're probably pirating something. We are not, but since we haven't registered anything in a while (Microsoft Tech support is sooo valuable!), and are continually considering the move to Linux (just a matter of time...) we come up in their database as a possible pirate. Oh the miracles of databases!
All we did was make a file of receipts and certificates, and they can wade through it if they come a knockin. We're sure it's all there, and we can hopefully sue if they end up siezing a computer, especially since we are legal.
We had to look real hard for the licenses, but we found them. The certificates are useless without a receipt.
I work in an enterprise environment. Last year, I registered for one of those free magazine subs and a few weeks later... viola, a letter from the BSA using the same name/address pair.
The BSA must be getting names from those lousy online surveys (company size, whats your position, how much software will you be buying in 6,12,24 months).
Sounds more like SPAM to me !
"Whoever would overthrow the liberty of a nation must begin by subduing the freeness of speech."--Benjamin Franklin
Some one wrote this the last time the BSA came up on Slashdot- sorry, I saved the quote but not the poster. The conventional wisdom thus far from other posters seems to be 'ignore it,' but if it goes further, consider this:
I know someone that was audited by the BSA and decided to fight it. Basically they countered by stating they wanted full disclosure of who reported them so as to determine the validity of the claim prior to wasting internal resources and dollars. They also argued that the reporting tools are a violation of privacy. Yes, they expected them to place some software on their network which scans their entire network not to mention each machine's registry. Third, they also argued that even if they were in violation of license, the license is between them and the vendor (after all, the license does not allow for the BSA as having legal proxy interests) and unless the vendor in questions decides that they'd like to personally persue the issue, the BSA does not have legal authority or the legal grounds to persue the action. Furthermore, they argued that even if something odd was discovered and they lost, only the government has the right to impose fines on legal matters as such and they would be within their legal rights to simply purchase any outstanding licenses or settle directly with the vendor in question and completely dismiss the BSA altogether thereby eliminating the need to pay any fines or added fees.
Last I heard, even though two ex-employees had turned them in, the BSA simply walked from the issue as, from what I gathered, they really don't have a legal leg to stand on.
Alcohol, Tobacco and Firearms should be the name of a store, not a government agency.
A scam, probably not. Is it smart, also probably not. Im in the chicagoland area and have been hearing the commercials for BSA on the radio everywhere across the dial. What they are aiming for is to get people turned in by relying on an unhappy employee to rat them out.
That being said, keep in mind that the BSA is just an organization set up to find pirated software and collect fees. Fees that they no doubt get a cut of. They seem to have no problem using peoples fear and turning it into the driving force of their biz.
You are under NO obligation to report anything to them, unless they hand you a court order. They are an independent entity and have no more ability to legally inspect your systems than I would. so it would be in their best interest to make it seem that they do have that ability
This seems to be a page right out of the RIAA playbook, pretend something is true and youll fool at least some of the people
You can fool some of the people some of the time, all of the people some of the time, but never all of the people all of the time
I got confused when I read about the BSA and software. I was wondering what the Boy Scouts of America had to do with is. My best advice: Be Prepared.
I think you are correct in that they just get a bunch a mail lists and start firing off the letters. We started getting these letters when my wife passed the bar.
Who's there?
BSA: (mumbles)
Who?
BSA: Unicef.
Oh! Why didn't you say that before?
BSA-landshark attacks pirate who opens the door.
Actually, this campaign was going on two years ago. In the fall, I think. Same scam.
I've seen these letter before from clients. If they do not specifically charge you with piracy, stealing or whatever, throw it out and don't bother downloading their spyware.
You have the same rights you always had. They have to have probable cause to get a warrant, and they have to have a warrant before they can come into your office forcibly. A warrantless vampire cannot come in unless you invite them in.
IANAL, but I believe that as long as you have practiced due diligence and can show that you took reasonable steps to not break the law, then no judge with an actual brain would rule against you.
That being said, the BSA is looking for those who buy one copy and load it all across the office. I know of a company that did that, got ratted on by a disgruntled employee. Bottom line: they paid big. These are the fish they want to fry, and there are plenty of them out there.
Now, if you've been pirating software, and get a letter, and throw it out, and they still come after you, you won't get any sympathy from me!
-- I am. Therefore, I think!
A friend of mine owns a very small niche vertical intergration software company. He has a canned response for all threats of lawsuits, BSA investigation, etc. The only people he doesn't use this on is the government, since they don't need any help getting any more fucked up.
"Can I please have your lawyers contact number, I have a fax machine, and will send all information I have to your lawyer." He then sends one piece of information (a page, one liscence, etc) at a time, every hour on the hour, to said lawyer, to cause their clients legal bills to explode. Considering that he logs everything he does and has backups dating back for the last 15 years, he has a lot of information that he can send. Legal bills are quick ways to empty someone's pockets.
And that's when I tell them "prove I didn't". The burden of proof is on them. The only organization in the US that this DOES NOT apply to is the IRS. The BSA only has as much power as you give them. Has anyone else seen the page on their web site where you can rat your employer/friend/etc. It has a picture of some idiot with an evil *I stuck it to da man* smirk on his face and the whole bit. Gimme a break.
Here is the letter we got, mispellings are mine, formatting isn't perfect:
BSA, 1150 18th Street NW, Suite 700, Washington, DC 20036
Is your business using unlicensed software? If so, the Business Software Alliance is offering a one-month opportunity to get licensed. Your BSD Grace Period Participation ########
January 22, 2002
MY ADDRESS
Dear FOO,
You may have heard that the Business Software Alliance is investigating ANYTOWN area organizations that use unlicensed software. If your organization's software is not licensed, it could become the focus of a BSA investigation. So, audit your software now. Unauthorized copying is the same as stealing. The penalties for copyright infringement are serious - sometimes totaling hundres of thousands of dollars - and in this economy, can your business affort that risk?
BSA is an association representing the leading software companies: Adobe, Apple, Autodesk, Avid, Bently Systems, Borland, CNC Software/Mastercam, FileMaker, Internet Security Systems, Macromedia, Microsoft, Network Associates and Symatec. Together with our memebers, we educate the public about software compliance and protect intellectual property rights.
Would you be able to tell if an employee had installed an unlicensed software program? Your business has until February 28 to get licensed.
BSA recognizes that, for whatever reason, your company may not have managed its software assets properly. That's why from February 1-28, BSA is offering a Software Grace Period to business like yours in ANYTOWN. Please take this time to review your software installations and usage and, if necessary, acquire the licenses your business needs. If, after you have participated in the Grace Period, your organization becomes the focus of a BSA investigation, BSA will not seek to impose penalties for any unauthorized copying that occurred before February 28, (unless your organization has already been informed that it is under investigation). If BSA contacts you, just show your Grace Period Participation Nuber and the software purchase receipts. [Please see the reverse for terms.]
Not sure if your organization is fully licensed? BSA can help you find out.
Visit our Web site at www.bsagrace.com for more information and to download the free Software Audit Tool, or call our special Grace hotline at 1-877-536-4BSA (1-877-536-4272). If you find that your business isn't 100% licensed, contact your software vendor immediately and buy the software licenses you need before the Grace Period ends on February 28.
Sincerely,
Bob Kruger, Vice President, Business Software Alliance
Grace Period Participation Terms
Bsd is offering a one-month Grace Period between February 1-28, 2003.
1. For your organization to qualify for the Grace Period campaign:
2. If, after you have participated in the Grace Period, your organization becomes the focus of a BSA investigation, BSA will not seek to impose penalties for any unauthorized copying that occurred prior to February 28, 2002 (unless your organization has already been informed that it is under investigation). If the BSA should contact you, just show your Software Grace Period Participation Number and software purchase receipts.
3. For the purpose of the Grace Period, BSD members are: Adobe, Apple, Autodesk, Avid, Bently Systems, Borland, CNC Software/Mastercam, FileMaker, Internet Security Systems, Macromedia, Microsoft, Network Associates and Symatec.
Original at http://www.eweek.com/article2/0,3959,19093,00.asp
... That was a fishing expedition."
July 30, 2001
Truce or Dare
By Michael R. Zimmerman
If you're a small or medium-size company, there's a good chance you've heard from the Business Software Alliance about getting your software compliant with its licenses. If not, you probably will. The group is well into a nationwide letter and radio campaign to do just that.
But what you probably don't know is that, like so many of the companies that stuff your mailboxes with junk mail, the BSA, which represents such software giants as Microsoft Corp., Adobe Systems Inc. and Apple Computer Inc., has no intention of following up on its letters--regardless of how threatening and personal they may seem. It won't phone. And it won't pop in for a surprise audit.
Instead, an eWeek investigation reveals, the BSA's campaign is primarily a marketing effort essentially designed to scare people into buying more software. But for many enterprise customers who are quickly becoming fed up with the group's hardball tactics, the campaign is having the reverse effect: compliance, then departure to alternative products, like open source.
The reason the BSA Truce Campaign is more bark than bite is simple: As part of each Truce Campaign, the group sends out hundreds of thousands of letters at a time to businesses in a handful of cities. For the month of July, for example, it mailed 700,000 letters to businesses in five cities between New York and Portland, Ore. As such, it would be virtually impossible to contact even a sample of those companies to check up on their progress or lack of progress.
Indeed, one of the only ways the BSA is gauging the success of the Truce Campaign is by the size of the spike in software sales for various cities as the BSA passes through, which so far total 19.
"Everywhere we've run the Truce Campaign, we're seeing dramatic increases in sales," said Bob Kruger, vice president of enforcement for the BSA, in Washington. "So it's being successful."
But a deeper look into the Truce Campaign, as well as an ongoing and almost identical anti-piracy campaign by Microsoft, a founding member of the BSA, reveals something more complex: the possible beginning of an entirely new business model built around anti-piracy and fear. The bottom line: There's money in anti-piracy, and plenty to go around.
To be sure, piracy results in major losses of revenue for the software industry. According to the BSA, $2.94 billion was lost to piracy in North America alone last year, while $11.75 billion was lost to it globally for the same period. But so far this year, those figures have declined.
Since the launch of its enforcement campaign in North America in 1993, however, the BSA has brought in about $70 million in settlements, a mere drop in the bucket compared with the overall total. Now it seems the industry, with the help of the BSA, is taking a new tack, with its focus on generating revenue the old-fashioned way.
Consider the following: Microsoft has been busy constructing a network of support services through distributor and licensing partners to assist customers in assessing and auditing their software to comply with their licenses.
One Microsoft partner, License Online Inc., of Bellevue, Wash., tracks where the BSA is headed and rounds up as many of its 36,000 registered channel partners as it can for those cities to swoop in and sell licenses.
"When we know what area the BSA is going into, we're going in scrambling to piggyback on their marketing efforts," said Sharon Erdman, vice president of marketing for License Online.
License Online offers its partners across the United States a 12 percent commission on any licenses they sell through License Online. To get the contractors rolling, the company supplies them with a list of companies Microsoft has sent its anti-piracy letters to. In addition to commissions, the contractors are told the companies contacted have the potential to become "long-term" customers.
"Microsoft has absolutely partnered with businesses who can address the concerns," according to Devin Driggs, a Microsoft spokeswoman in Lake Oswego, Ore. "It feels a responsibility to its customers to address any issues with compliance they may be experiencing."
As far as the anti-piracy fight becoming a business unto itself, Driggs said Microsoft views the subject as an industry issue.
Kruger acknowledged that the BSA's letter campaign is a direct marketing campaign designed to encourage users to get in compliance and not directed at any company in particular. The group uses common mailing list companies such as Dun & Bradstreet Inc. to generate the lists.
Microsoft's campaign is more deliberate, company officials said.
"I don't think we're doing anything that's random," said Nancy Anderson, associate general counsel for the company, in Redmond, Wash. As part of Microsoft's licensing agreements for its products, Anderson said, "the customer agrees to assure us they are current. The obligation is on them to assure them and to undertake an audit if requested by Microsoft."
Not surprisingly, however, the hardball tactics are having a negative effect on customers.
"We were nailed for tens of thousands of dollars," said Cary White, an IT manager at a financial services company in San Diego who acted on a letter from Microsoft. "We received a letter addressed to our CEO that they received a tip we were not compliant with Windows, Word and Excel.
"My company is to completely go away from Microsoft," White said. "We're not going to buy any more Microsoft products. It's my decision. They're alienating their customers. I don't trust them."
The fear factor
For the BSA and Microsoft campaigns to work, the fear factor is essential, according to letter recipients contacted by eWeek.
"[Fear] is the first emotion when you get the letter. It's like, 'Oh my God, the Gestapo's coming,'" said Robert Fuller, president and chief operating officer of R.E. Fuller Engineering Consulting, a one-man company in Camas, Wash.
The BSA has struck fear in customers' minds through carefully worded, but threatening letters and an accompanying radio ad blitz warning businesses to beware of disgruntled employees dropping dimes on them.
According to the BSA's Kruger, the Truce Campaign is merely a 30-day grace period companies can use to get their software in compliance. If a company does use the time to get in compliance, it will avoid any potential future BSA investigation that may spring up as a result of its radio ad blitz.
But that doesn't explain the BSA's use of what many are calling threatening language. What's troubling to businesses, besides not being informed on how they were selected for the mailing list, is the letter's accusatory tone. For example, one line reads: "If you're caught [with unlicensed software], your organization could face penalties totaling hundreds of thousands of dollars."
And while Kruger insists the Truce Campaign is not a vehicle for generating leads or tips, that contradicts the thrust of the BSA's radio spots.
For example, at one point, the announcer in a radio spot for the Truce Campaign currently running in New York asks Kruger how the BSA receives most of its leads. Kruger responds: "Most of the calls come from current or former employees. I would say to businesses that, unless you have no current or former unhappy employees, you are only one phone call away from becoming the target of a BSA investigation."
"My management's concern was that there was almost a bit of paranoia about [the Truce Campaign]," said Peter Rassmussen, a technology manager at a Midwest retailer. "There were radio ads going on at the same time that sounded like Joe Stalin encouraging you to turn in your parents."
As for Microsoft, Anderson said, it's not in the company's interest to frighten customers. "We don't want to create anxiety," she said. "It's not our interest."
Misleading the pack
Exacerbating the anxieties for companies contacted by eWeek that have received Truce Campaign letters was the seemingly intentional vagueness of the letters, vagueness that is compounded by misleading information.
For example, though the Truce letter establishes a 30-day deadline for software reviews and includes a line that states, "If the BSA contacts you, just show your Truce Participation Number and software purchase receipts to take advantage of the Truce," the BSA has no intention of contacting any letter recipient.
But at least one radio spot, the one currently playing in New York, implores letter recipients to "review your software installations and acquire the licenses you need before the Business Software Alliance returns to New York City!"
Still, Kruger insists: "We don't visit any of these companies. The ones getting the letters are not under investigation."
When asked if these discrepancies were misleading or at least confusing, Kruger said any letter recipient who is confused can go to the BSA Web site or call the Truce hot line for information.
Also at issue is ironing out exactly what authority the BSA has to present deadlines, request software reviews or even conduct audits. According to Kruger, the only authority the BSA has, as power of attorney for its members, is to seek court orders on behalf of its members to conduct software audits on businesses suspected of using pirated or unlicensed software. But even then, the BSA does not seek such court orders frivolously.
"We only proceed on the basis of reliable information," Kruger said. "We take pretty good pains here to make sure our cases are based on solid information before going forward."
Indeed. Despite the tone in the Truce Campaign letters and radio ads to the contrary, the task of proving guilt lies with the BSA.
"The burden's on the BSA to prove itself to the court," said Peter Baruk, director of anti-piracy at Network Associates Inc., in Santa Clara, Calif., and former vice president of piracy for The Software & Information Industry Association, another software advocacy group in Washington that conducts piracy investigations. "If you're contacted by the BSA and doing the right thing, you have nothing to worry about. So, why respond? You can and be a good corporate citizen. [But] there's no reason why you'd have to react to a letter like this."
BSA targets particular cities and/or business types and sends out blanket letters to companies that meet the requirements. You can get a list of targeted cities on BSA's web site:
http://www.bsa.org/usa/events/
Any sales increase in the city immediately after mailing of the letters gets BSA money. Now the letters don't really have an affect if they can't show they sometimes follow through.
The BSA will then go after certain targets either ones they think are particularly egriegous or they have pretty good proof of violations (the BSA has registration/purchase info from their member organizations plus any public informaion about companies so they can see a company with 1000 employees appears to only own 100 copies of Office -- this may be legit).
So, the BSA will ask for proof of purchase for software from their member organizations (their ability to do this given in the license agreement for most software). Note SERIAL NUMBERS AND CD'S ARE NOT PROOF OF PURCHASE. You MUST HAVE RECEIPTS!
If you refuse they can file an civil copyright infringement lawsuit against you and can ask the court to impound the computers as evidence. They can also ask the prosecuting attny's to bring criminal actions against you.
Details of why the BSA has the law on their side:
http://www.bsa.org/usa/antipiracy/law/
I'd say for a small organization you're probably safe -- unless you had somebody get pissed off at you and reported you to the BSA and raised their awareness of your company from mailing address to red light.
Under current US law the BSA acts legally. If you disagree with this you can choose software that has no such problems (i.e. open source, free software) or you can work to change the law while obeying it or you can start some kind of civil disobedience (just remember -- if you break the law you still have to pay the price for breaking it, even for good intentions. many civil rights fighters ended up in jail to prove their point, if you can't afford the price don't use this method).
I prefer a mix of 1 and 2. I don't think the right to copy other people's software is worth jail time to go the disobedence route.
Personally, I refuse to play. I will not purchase any software from any company that employs the services of collection agencies such as the BSA. Furthermore, I will do everything in my power to dissuade my clients from purchasing software from these companies.
Need a Linux consultant in New Orleans?
We had the BSA sicced on us by a disgruntled ex-employee. We didn't receive one of those mass mailed letters, we received a bona-fide messenger delivered packet from the BSA, naming specific software titles. Also in the letter was their "gracious" offer to do a self-audit and orders to report the results of the audit to them. Failure to comply with their demands would result in the BSA taking us to court, getting a court order to come in and conduct an audit themselves, with their software and people,and under the eyes of either the State Troopers or US Marshals to make sure that we didn't interfere.
So we did an audit and found out that we were only one copy of a certain software title out of compliance. We sent back the results of our audit, along with copies of our licenses to the BSA, along with an offer to buy the extra license at full retail price. They replied that our licenses and audit results were not good enough, that they also wanted us to produce the receipts for the software.
The receipts. Apparently, having the licenses are not good enough. Or maybe the BSA figured they could strongarm some money out of us, so they leaned a little harder. I had heard that before the BSA sends out these demands, they research the company to see if they have enough cash to make their efforts worthwhile. Having recently completed a series of capital funding, I suppose we looked mighty tempting.
This meant many days of going through three years of financial records. Eventually, we found most of our reciepts and purchase orders, except for a few things from the very beginnings of the company when the records weren't really kept. But we did have the licenses. Of course, the BSA, now really smelling blood, came down with an arbitrary amount to fine us along with a statement that if we did not pay this (ridiculous) sum for basically being one copy out of compliance, they would take us to court and demand far more.
I was never told how much exactly we had to pay the BSA, but I heard it was "not insignificant". It was somewhere in the 5-figure range. All for one copy of Visio, and some tossed receipts from three years ago.
I always argued that the BSA had no right to demand our receipts and financial records since we were able to produce the software licenses. It's a bunch of crap. I can't see how the BSA can legally operate in this country. There is another organization that operates in a similar fashion- it's called the Mafia. Bastards.
one of my client did return the audit form with a letter saying that the only license they got is GPL and a copy was attached for their reference.
Then Microsoft sales came the other week and offered an attractive 'switch' packages. How Microsoft knew he need a switch is a mistery.
When the BSA does decide to do an audit (as opposed to a mass mailing), it's because they already have some evidence of illegal software use. Most of the time, this is from a former employee, disgruntled employee, or the like (i.e. a contractor you pissed off, former customer, etc.).
If you don't let them in, then they go before a judge and get a warrant, and then US Marshals come in, and you won't refuse the marshals entry (for very long).
I know because a friend of mine got raided. The "tip" came from a business rival. The Marshals found everything was in order and the tipster got billed for the cost of the raid.
IANAL. That said, there is a generally accepted legal theory that two parties cannot enter into a binding agreement if one of them could not be expected to understand that agreement, is not properly represented when entering into that agreement, or the agreement contains "fine print" conditions which defy common sense or expectation, or which are intended to deceive. There are other exceptions as well, but these are the important ones for the moment.
I say all this because the shrink wrap license ("EULA") - through which the BSA claims to derive its authority - is thus on extremely thin legal ice. In fact, I am on a neverending quest to find reference to any (any) case where any of the more onerous terms of a shrinkwrap license have prevailed in court. (UCITA, of course, changes everything - but that's a subject for another post.)
Almost all users of computers never properly understand the "contract" they have supposedly "agreed to" by using their software. They are ignorant of the need to keep and maintain records (as if their word processor was a firearm or motor vehicle), and the idea of granting some organization permission to enter their premises and inspect, demand documentation, and otherwise claim supra-police-like powers just to "insure" that they're not violating their "agreement" must profoundly, breathtakingly, and absolutely fail the test of "reasonable expectation."
In the case of copyright violations, there are criminal and civil penalties. You can sue me for stealing your software. You can also call the police on me, who may choose to arrest me and try me for said same. But enter my place of business uninvited to "inspect" or "audit" on the basis of a shrink wrap license? I don't think it flies.
Let's sum up.
The BSA claims a variety of privileges (from the EULA) which it doesn't really have. It threatens you with actions which are almost certainly illegal. Software users are unaware of their "obligations" under their "licenses" even if you consider them binding (which is asinine), and even when they attempt to follow the rules, there are many cases where it will not be possible to provide documentation "to the satisfaction of the auditor" - whose standard is arbitrary, and purposefully engineered to make it unlikely you can meet it. You are frequently given a very short time in which to reply to the ultimatum - purposefully short, to insure you will not have time to properly inspect your facilities before making a decision. Then there is the oft-cited case of schools and charities which use donated equipment for which the paperwork is not, and probably can never be, in order.
The cost of self-defense is borne by the defender in civil court. Knowing one is on the receiving end of a legally specious and improper legal challenge is one thing. Being able to afford your defense against some of the world's richer companies is quite another.
Most victims who receive this have done everything right, but have not retained all their receipts, and/or cannot afford the considerable manpower and expertise it will take to insure "not one single unlicensed copy of anything" exists on any of the machines in their organization. Consider... will even one violation, even when made by an employee in violation of a company policy, result in punitive damages?
Generally the BSA gets what it wants: a "settlement" in which they are paid not to "report" to federal authorities and/or file a questionable lawsuit. The victim pays again (perhaps many times again) for what they already own.
We have come a long way from the simple world of Best Buy which you describe.
The fact that no one understood their options or the consequences of their choices is the very thing at issue here. Extortion, coercion, and foul play describe these practices perfectly.
Groups like the BSA are not a "price to pay for preventing theft." Their tactics are both immoral and unnecessary. They have no place in the enforcement of copyright. The police are the ones whose job it is to handle software thieves. But then there'd be no money in it for anyone, eh?
Want to Know How to Cheat the GPL? Read On!