UK Judge Rules COA is Not Evidence of a License

blane.bramble writes "In a ruling against a company selling counterfeit and genuine licenses, a UK judge seems to have ruled that the Certificate of Authenticity is not itself sufficient proof of license possession. This could have major ramifications for UK businesses that consider keeping the COA as proof of being licensed. The quote in question is 'Thus it can confer no license for the use of any Microsoft software by passing on the COA (certificate of authenticity), nor can the COA be evidence of, or itself confer, such a license'."

Well, duh

[kyouteki]

The Certificate of Authenticity is just that, it has never been billed as a Certificate of License. Why would anyone assume anything else?

Re:Well, duh

[HTH+NE1]

there are many other facts that need to be established in order to determine that you actually have a license (like the fact that you purchased the software at all).

And I'm sure everyone who has given someone a copy of Microsoft Windows XP Home Edition as a gift has always included a receipt, let alone one that was not printed on thermal paper which erases itself over time.

I would think it would be Microsoft's burden of proof to prove I obtained the valid certificate illicitly, not mine to prove I obtained it legally. Hasn't the UK adopted the premise "innocent until proven guilty" yet? Even in US civil proceedings that is true; only the concept of proof is watered down to "preponderance of the evidence" instead of "beyond a reasonable doubt".

Microsoft itself ensures there is a 1:1 correspondence between CoAs and licenses. That should be proof enough that ownership of a CoA conveys the right to agree to a license. The audit of operating copies provides the count of agreed-to licenses to compare to the count of CoAs.

This judge is wrong.

And the GP post was meant to be Funny (though to correctly invoke Colbert, I should have said "The Wørd"; I wasn't sure whether ø was an allowed entity here).

Now that is ridiculous

[drinkypoo]

But I guess it supports the idea that you don't buy software, you buy a license.

I guess first sale law doesn't apply to software in the UK any more.

The sad part is that aside from the receipt, with which microsoft (for example) might or might not give you a new code, the only important part of buying windows or other software is getting the COA with the reg code. The CD is utterly unimportant if all you bought was a license to use the software; you have a license, so you have a legal right to make backup copies. The CD that came in the package doesn't mean shit.

Assuming you even got a CD...

Re:Now that is ridiculous

[fermion]

All of this is set up so that a transactions can be conducted in a reletively free and secure manner. As a firm, I do not have to go to the MS main office and buy a license. I can in fact pop down to the corner software vendor and purchase a license. This license should have certain security features, and as long as I have something that any resonable person would consider a valid license, I as the consumer of the product should be protected. Now, perhaps the vendor has done something wrong, but not me.

If such a standard is not used, then why should I put myself at risk and use a product? If I am going to be hassled, when I have followed all procedures, what motivation do I have to follow legitimate procedures. If I am going to have trouble no matter what I do, why shouldn't I just buy a license out of the back of car.

This is why the WGA, and BSA audits, are so stupid. If the vendors are forging certificates, then MS should go after the vendor. If a consumer has a issue, then perhpas some action is justified as long as it is not a fishing expedition. But there is no reason that I, as a paying customer, should be regularly hassled becuase a manufacturer has set up unwidely guidlines.

Should have been a different ruling

[moorcito]

It would have been much better had the judge ruled that the EULA is not evidence of a license.

Trust no one? At all?

[zanderredux]

So, someone decided that, because contracts can be counterfeit, they cannot be trusted at all and therefore are legally void?

How in the world you can prove legality of anything, then?

What about the money in your wallet? Should it automatically lose its legal tender status just because some bills can be counterfeit?

Uh, so what's left?

[jandrese]

If the certificate is not enough proof of your ownership of a license to run a particular piece of software, what is? The original recipt? I mean if the BSA raids my office and the certificates are not good enough, then we're totally boned, since it's the only thing Microsoft has ever given us to prove that we are legally running our software. If we fail to prove that we're legally running the software, the fines would be in the hundreds of millions of dollars given the number of OS installs we have on the desktops here.

While I don't think MS would want to alienate their customer base, but if they wanted to they could really turn that ruling into a money factory.

Re:Uh, so what's left?

[Mr.+Underbridge]

While I don't think MS would want to alienate their customer base,

Why would they stop now?

interesting

[sum.zero]

eula's are not valid in many parts of the usa, so how exactly are you supposed to acquire your license from ms in these states?

sum.zero

Re:interesting

[Alsee]

In 1996 a federal court found that a shrink wrap license is an enforceable software license.

And 5 years later we have SoftMan Products Co. v. Adobe Systems Inc. 2001 stating that buying a box of software in fact gives you ownership of that copy, and that no EULA exists unless you in fact assent to be bound by that contract. Note the key letter A in EULA for agreement. If there is no agreement then there is no EULA and you are not bound by any of its terms. And of course that also means that you receive nothing the EULA offers.

There are cases on both sides of the EULA issue, and many of them are decided on specifics of a case that have absolutely no bearing on the fundamental validity of EULAs in general.

Two key points:
1) An EULA is nothing but a contract offer. You are always free to decline any contract offer (and receive none of the benefits that contract offers).
2) You generally do not need anything an EULA offers. If you have bought a copy of software US law explicitly states that it is not copyright infringment install and run that software, that you do not need any license at all.

So all attempts to impose an EULA turn on the issue of finding some other non-copyright legal mechanism of cornering people into agreeing to that contract offer. Finding some legal angle to claim that the End User has chosen to be bound by that contract.

And it is very important to note that any argument that EULAs are valid has absolutely nothing to do with copyright law and has abaolsutely nothing to do with software. Any legal rational for making EULAs binding would equally apply to Tomatos. According to the rational in the case you linked, your local supermarket could put a little sticker on a shrinkwrapped 6 pack of tomatos stating that the sale is subject to the enclosed EULA, and that you would be bound by the contract hidden inside that shrinkwrapped tomato pack merely by buying it with your daily groceries.

So between our two links, we have one judge stating that buying a normal item off a store shelf automatically binds you to the terms of any and all contracts printed in or on that box, and another judge saying that buying a product is buying a product which just happens to have a contract offer printed on it.

In my oppinion, the first judge's position is legally unreasonable and a disaster for the marketplace. That position also requires an insane Rube Goldberg / Schrodinger's Cat mess of logic and law where you become bound by the arbitrary terms of a contract you have never seen, but that is OK because you aren't bound by them because the contract might have some hidden terms allowing you to return the product and escape (some but not all) of the terms of the contract, but where the store is not a party to that contract and is perfectly free to refuse to accept any returns, in which case you may or may not be bound by that contract and you may or may not own that object.

-

Re:When what is?

[Kadin2048]

What does the judge think the license is? Is it the receipt? The media? The license key? Or some/all of these combined? IMHO the COA is the piece of paper saying "you are license for this product". It doesn't matter what media or license key you use providing the COA is valid.

I wondered the same thing. Okay, so when you buy software, you're not really buying the software, you're buying a license (or so they tell us). Fine; but where the hell is the license? What confers it? The purchase receipt? Possession of the original authentic media? The front page of the manual? The click-through license?

If the silly certificate isn't the license, then what is?

It's all well and good to say that I'm buying a license, but if that's the case, then I want to know exactly how it was conferred to me, and how I can transfer or sell it to somebody else.

Time for RedHat to move in for the kill

[MikeRT]

"Buy Linux. We don't use licensing like some companies *cough*Microsoft*cough* use. When you buy our Enterprise platforms, you are also buying the peace of mind of knowing that we value our customers to not treat them like criminals. Buy Linux today and the only documentation you will ever need to have on hand is your support contract."

Re:Out of Context? You screwed buddy

I assume by the "????" that you really, really want to know, but couldn't be arsed to read the next paragraph. When faced with significant cost or effort, most people are satisfied if they are at least obeying the spirit if not the letter of the law. If Microsoft has already been paid for a copy of software but the buyer cannot use it, should it then simply go to waste, or could it be passed on to someone else? (With the new buyer paying whatever was originally paid to MS to the original buyer of the software).

No question that the letter of it is being broken in that MS has structured their EULAs and bulk purchase agreements in such a way as to restrict this, but this is different I would argue than flat out piracy or counterfitting.

Have you ever purchased something expensive on a friend's Sam's Club card? Had a second rebate mailed to your friend's house for something you bought two of? Bought one of those "Do not sell Radio Promo CDs"?

I'm not saying any of these things are right, but the context you can't seem to find is that this software was bought from MS (they got paid) and because they couldn't use it they then resold it to someone else (prohibited by MS). The selective quote by the salesperson makes it sound like what's going on is on the far side of wrong, but with context it seems to be one of those gray in between things instead. (Assuming what was related was true.)

What Microsoft is doing here is taking legitimate software (they made it and they sold it) and by fiat converting it into pirated/counterfeit software solely by stint of how they have their EULA structured. The software hasn't been reproduced, isn't being used by multiple people, in fact the core of the argument rests on the fact that the software has been completely unused prior to the sale.

What do you show the auditors?

[dunstan]

This could have very far reaching implications: it has just raised the bar for corporate users in proving that they have no outstanding financial liability for software licensing. So before a company can have its books signed off, it must either prove the software licensing or go and buy new ones.

It complicates the issue of licence management for a great many businesses, providing another incentive for using libre software instead.

Option #1 is Correct

[mpapet]

They bought a computer, or maybe a software bundle that included an EULA to which they did not agree. That implies they do not have the right to transfer the license they did not agree to and therefore did not own.

I believe the intention is to elminate the ability to transfer -any- license, even the one you have when you agree to MS's EULA. Thereby increasing consumption of new OS licenses.

This is the logical step forward in a society that fully embraces capitalism. Microsoft/RIAA corporations own the content and allows you to use it temporarily and that's it.

It's a money grab

[Moraelin]

Well, in a nutshell, MS has a nice cash-cow selling software twice, and tries to protect it. The scam is sorta like this:

1. Thanks to MS anti-piracy lobbying and differential pricing, it's not even possible to buy a PC without Windows on it from a major OEM any more. Or not without paying for Windows anyway: see Dell's Linux PCs or PCs without an OS, that cost exactly as much or more than the same with Windows. (And if you managed to get one without an OS anyway, it would get added to BSA's piracy statistics anyway.) And

2. Most corporations prefer to have a small numbers of standard configurations, to minimize support and training costs. Mom and pop shops may just leave whatever OS was on that PC, but for a corporation supporting 10,000 PCs or more, they prefer to install their version of Windows, Outlook, Office, etc, on each of them. So they buy a corporate version of all that stuff.

The problem is that in the process that corporation has paid twice for Windows and maybe for a few other programs too. E.g., they bought 100 new Dell computers with Windows XP Home on them, and then went and installed their corporate Windows 2000 image on each of them. It paid for both.

And this is just one of the many episodes where MS tries to defend its right to fleece them twice. It tried repeatedly to get it its way that you can't stop paying twice by either:

1. just buying your computers without an OS, if you have your corporate license anyway. (Believe it or not, it actually went on record as saying that the corporate licenses were some sort of "upgrade" to the Windows OEM license bought with the computer, and hence illegal to install on a blank machine.)

2. selling your unwanted and unused OEM licenses (Like the bank in TFA did. This is all that this BS about COA not proving purchase is: being told that, nope, you're not allowed to sell those unwanted OEM licenses that you were forced to buy.)

It's a money grab. Plain and simple. It's fucking stupid to pay for an OS twice. (And it's even more fucking stupid to pay for an OS once when you don't use it: e.g., being unable to sell that Windows OEM license that came with the computer, when you really wanted to install Linux on it.) But for MS it's more money if they can keep forcing you to do just that.

And as long as they can, they and the BSA will do all they can to prevent people from finding a way out of this stupidity.

And don't think that such lawsuits are the only thrust in that war. The BSA isn't just the enforcing arm, it's also a useful source of BS and FUD in that campaign. As I may have mentioned before, even if you did manage to establish your right to buy a PC without an OS, the BSA will write it as a PC running pirated software anyway. That's how they make their infamous statistics: pull an assumption of how many PCs should have also caused a sell of Software X, and anything lower than that is automatically piracy. So if your company bought 1000 PCs without Windows, Office, etc (e.g., because you're installing Linux and OpenOffice on them), it _will_ be written by the BSA as 1000 PCs that are running pirated software.

Cue inflated statistics about rampant piracy and appeals to the governments and courts to give them more power.

Re:What about using paper currency?

[14CharUsername]

Well maybe they could give you an activation code when you license the software. So basically you download the software, go to the website and put in your credit card number and the serial number from your dollar and get an activation code. You get charged for the software and your serial number is stored in a database at the company at the same time. The activation code could be some kind of hash based on your serial number or whatever, depending on how paranoid the software company is.

Then when its time for a BSA audit or whatever, you show them your dollar, they check the database and verify that you own a license. The dollar is legal tender and has security measures to prevent counterfeiting so its reasonably safe.

You could make up a number when registering, but then when you get audited you have no proof you own the software, so its kinda going against your own interests.

The main weakness is when the intern trades your license for thousands of dollars of software for a coke.

OR ...

[CagedBear]

They could allow anyone to download, install and use their software for free for personal use. Charge a reasonable, transferable licensing fee for commercial use and OEM distribution. And make the real money on support, training and customizations. It just sounds so much simpler, doesn't it?

Well, that's fucking stupid

[Moraelin]

This has always been the case in the US. You need a receipt of purchase to prove licensing, not a COA or the original box or the CDs. Proof of purchase only.

So let me get this straight...

I've made a point to buy all software I use, if buying a license or CD is even possible. So, yes, even the SuSE Linux 10.0 that I'm writing this on is bought and I have the CDs and manual next to me. (Hey, lip service is cheap. I prefer to vote for OSS with my wallet.) I also have bought a copy of Windows for each of my two computers, because I do play games a lot. At any rate, I have the COAs and CDs and everything. I also have these three bookcases full of games I've bought. With original case, CD, manual, whatever. I've also bought all music I'm listening to, and I can show you an original CD for any MP3 you might find on my hard drive.

So now you're telling me that someone could come and say that in the eyes of the law I'm a bigger pirate than Blackbeard? Just because I didn't keep the receipts from EBGames and whatnot? That someone could look at all those hundreds of games in their original cases and all, and count them _all_ as pirated software?

Nothing personal, and please understand that my anger isn't directed at _you_, but I find that bloody stupid and offensive. Essentially then the US is calling me a pirate and a thief, in spite of my efforts to be a honest lawful gamer, and in spite of the ample evidence to the contrary. I find it utterly insulting.

Whatever happened to innocent until proven guilty, ffs? It seems to me like the current attitude is basically the exact opposite: you're by default a pirate, and from there it's your uphill battle to prove yourself innocent. And, oh, let's also make it nearly impossible to prove that. You may have the original CD, the box, the manual, the certificate of authenticity and everything else that a sane person would have guessed would be enough, but if you can't find the receipt you're a thief anyway. I mean, seriously, wtf?

And what next? Should I expect that my washing machine or TV also count as stolen, because I threw away the receipts once they got out of warranty? Should I start keeping the receipts for the groceries I buy, or be considered a thief that lived on stolen food for the last decade? WTF?

Something interesting about this...

[cr0sh]

In America, the receipt of purchase is also meant to prove ownership of physical items purchased, in addition to "proof of licensing". Where this gets "interesting" (and most people have no clue about it) is when it comes to automobiles. Do you have the receipt of purchase for your automobile?

Most likely, you don't. What you probably have, if you have anything, is receipt of purchase from the dealer - not the receipt of purchase from the manufacturer. This document is known as the "Manufacturer's Statement of Origin" (MSO).

Most people "purchase" their vehicles through a dealer, via a loan or credit. A payment schedule is set up, a down payment is made, and the new "owner" drives off with the vehicle and a dealer "receipt". The MSO (among other documents) is transferred to the Motor Vehicle Department of the owner's state of residence. When the loan is paid off, the owner may get a copy of the MSO sent to him, but more likely he just gets a note and/or receipt saying the loan is paid in full. The state still has the original MSO. The dealer receipt is not valid proof of ownership of the vehicle - only the MSO is. If you don't have the MSO, and the state does, guess who really owns your vehicle?

The only way (that I know of) to get the MSO of a vehicle is to buy the vehicle directly from the manufacturer, and not the dealer. You can pay cash, credit, or have a private loan to do this, but you will need a trailer to move the vehicle, since it isn't licensed in any way. Actually, this is somewhat false - in theory, you can drive it, without insurance or a license, under the doctrine of "Right to Travel" - but you must have that MSO with you to have any chance of beating this in court when you are hauled in.

As far as I have been able to research, this is all true. It is simply way more obscure than even the whole FIJA (fully informed jury) issue. "Right to Travel" is yet another one of those areas of law which make judges and the states seethe at the mere mention of it, because it is a Constitutionally protected sovereign right of a free man who owns property. At a certain level, it removes control of the state from an otherwise law-abiding person. This angers the state, but they are (currently) unable to do anything about it.

What has been done about it is a nearly institutionalized form of slavery of perpetual indebtedness of citizens via "easy credit" and loans, among other measures (such as the separation of selling mineral rights from property rights, for instance). If a man does not actually own his own property - is he really free, or is he merely another form of a slave?

Licenses, DRM, the DMCA, etc - it is all a part of a very real pattern to control the populace via removal of property ownership rights. Unfortunately, most of the citizens - er, consumers - are playing right along. It is even at a point now where people look at you strangely when you tell them you are paying off your credit, or you use cash, etc - a form of peer pressure to conform to economic slavery. You are suspected if you don't play along, or if you play differently (such as by "living within your means" instead of racking up credit debt). These are sad times we Americans live in - what is pathetic is that most people aren't even aware of what is happenning, and nearly ostracize you if you so much as suggest it...

What IS evidence of a licence?

[Sloppy]

The judge rejected the argument. "The fallacy in the argument is that if the bank does not accept the EULA [licence] terms [by operating the software and agreeing the terms], it receives no licence. Thus it can confer no licence for the use of any Microsoft software by passing on the COA (certificate of authenticity), nor can the COA be evidence of, or itself confer, such a licence. Thus, provided that the licensing system is enforceable in law, the circumstances exemplified cannot give rise to a legitimate trade in COAs."

One of the funny things about EULAs, is that there never is any direct evidence of a license. The copyright holder never has any evidence (i.e. a signed contract) that the user agreed to the terms. The user's only evidence, is a piece of paper which doesn't even say to whom the license has been granted, so they really don't have any serious proof either.

EULAs are a nearly invisible contract that one side never consents to, and neither side can proove exists.

So while this case appears to be a win for Microsoft, I think this is a double-edged sword. EULAs were already pretty shady, and now a judge has gone on the record, saying that the COA is not proof of a license. This is another nail in the coffin of all EULAs' appearance of legitimacy.

In fact, there are circumstances in which disused or unwanted volume licences for some Microsoft software can be transferred; but this trade must be compliant with Microsoft's own transfer terms and conditions.

I also think it's hilarious that a bank can't transfer a license but a retail software store can. Neither party is Microsoft, neither party has a direct relationship or contract with Microsoft, neither party even breaks a seal with a sticker on it that says "by breaking this seal, you agree to..." and neither party clicks on a "by clicking on 'install' you agree to.." button. And yet they also (in addition to the end user) are bound by a contract that they have never even seen? EULAs are so cheesy and fake-looking, that I can't believe anyone takes them seriously. Wake up, judges. If fake contracts can be applied to people without their knowledge, how do you know I'm not going to make up a contract and apply it you you?

OK, what is this really saying?

[itsdapead]

I hate to sound like I support M$, but I think the stuff about COAs is just FUD.

IANAL of course.

All I think this is saying is that if person A sells you a "license" - and it then turns out that A had no right to sell you such a license - then you do not have a license, regardless of how many hologram-encrusted bits of paper person A gave you.

Now, say A aquired that paperwork along with a PC from vendor B, and B tried to impose on him a ridiculous Catch-22 clause that purports to say "you can't resell that as a license because you haven't accepted the license, and if you do accept the license you have to agree not to resell it". That stinks - but if A doesn't like it he needs to take that up with B - not sell the disputed item on to you. You can't take it up with B later because you are not party to any agreement with them.

For added complexity say that A was probably buying hundreds of computers under a negotiated commercial contract (i.e. not retail) and your dealings with them are actually indirected through allegedly-shady software dealer C and you have a right mess.

Note that the defence here was a long shot involving EU competition law, and that the Judge left a big caveat about "if the license is legally enforceable". It doesn't sound as if the actual fairness and enforcablility of the original OEM license was ever tested.