UK Judge Rules COA is Not Evidence of a License

blane.bramble writes "In a ruling against a company selling counterfeit and genuine licenses, a UK judge seems to have ruled that the Certificate of Authenticity is not itself sufficient proof of license possession. This could have major ramifications for UK businesses that consider keeping the COA as proof of being licensed. The quote in question is 'Thus it can confer no license for the use of any Microsoft software by passing on the COA (certificate of authenticity), nor can the COA be evidence of, or itself confer, such a license'."

Get lawyers on staff

[Trigun]

And maybe a notary as well. Some videographers would help out for all those business deals.

I think I'll go into the market of blood-filled pens. I think blood is still binding, but I am (thankfully) not a lawyer!

Re:Get lawyers on staff

[level_headed_midwest]

It isn't the *lawyer's* blood in those pens...

Out of Context? You screwed buddy

[neonprimetime]

"I can do you an Office 2003 [Microsoft software] without a licence for eighty-five quid. The licensed version is one hundred and eighty-five quid. With the eighty-five quid one we're not lining Bill Gates's pocket. If he's installing it in a business or something he might want to do the licence. He might want to do it properly." Hill claimed that his remarks were taken out of context

What? How possibly could this be taken out of context???? Unless of course you were saying something to the effect of "Well, if you want to get sued by Microsoft then I can do you an Office 2003 [Microsoft software] without a licence for eighty-five quid. The licensed version is one hundred and eighty-five quid. With the eighty-five quid one we're not lining Bill Gates's pocket. If he's installing it in a business or something he might want to do the licence. He might want to do it properly."

Now that is ridiculous

[drinkypoo]

But I guess it supports the idea that you don't buy software, you buy a license.

I guess first sale law doesn't apply to software in the UK any more.

The sad part is that aside from the receipt, with which microsoft (for example) might or might not give you a new code, the only important part of buying windows or other software is getting the COA with the reg code. The CD is utterly unimportant if all you bought was a license to use the software; you have a license, so you have a legal right to make backup copies. The CD that came in the package doesn't mean shit.

Assuming you even got a CD...

Should have been a different ruling

[moorcito]

It would have been much better had the judge ruled that the EULA is not evidence of a license.

Uh, so what's left?

[jandrese]

If the certificate is not enough proof of your ownership of a license to run a particular piece of software, what is? The original recipt? I mean if the BSA raids my office and the certificates are not good enough, then we're totally boned, since it's the only thing Microsoft has ever given us to prove that we are legally running our software. If we fail to prove that we're legally running the software, the fines would be in the hundreds of millions of dollars given the number of OS installs we have on the desktops here.

While I don't think MS would want to alienate their customer base, but if they wanted to they could really turn that ruling into a money factory.

Re:Uh, so what's left?

[Mr.+Underbridge]

While I don't think MS would want to alienate their customer base,

Why would they stop now?

Implicit sadness

[Sparr0]

The real problem here is that this judge, if the quote is truly from a judge, implicitly acknowledges the concept of a license to use software, a right that is not (under US and UK copyright law) the copyright holder's to license.

Re:Implicit sadness

[roystgnr]

That is what you buy when you buy software from anyone, the Right to Use the software.

No, you buy a copy of the software. The right to use that copy is implicit; nowhere does copyright law restrict that right to copyright holders, and it's as fundamental as the right to read a legally purchased copy of a book. Software companies originally tried to use a "you can't use our software without making a copy in RAM, so you need a license!" argument, but in the USA at least that was made explicitly legal in Title 17 a. 1. 117.

Of course, this is assuming that you walk into a store, pick out some software, hand them some money, and don't sign anything except a credit card receipt. If you buy anything by specifically agreeing to a license beforehand, then certainly the license terms apply.

Re:Well, duh

[morgan_greywolf]

Because Microsoft itself seems to imply that the COA will be your guarantee that you are using a non-pirated version of Windows. If you want to make sure that your software is licensed properly and not pirated, you need to check your COA, according to Microsoft.

Boiling down my understanding

[hanshotfirst]

The defence argued that if a large organisation, such as a bank, bought a large number of computers and never used the bundled Microsoft software and sold on the licences, that a company such as Digital could sell those licences, for which Microsoft had already been paid.

The judge rejected the argument. "The fallacy in the argument is that if the bank does not accept the EULA [licence] terms [by operating the software and agreeing the terms], it receives no licence. Thus it can confer no licence for the use of any Microsoft software by passing on the COA (certificate of authenticity), nor can the COA be evidence of, or itself confer, such a licence. Thus, provided that the licensing system is enforceable in law, the circumstances exemplified cannot give rise to a legitimate trade in COAs."

I'm trying to get my head around this ruling. On one hand it makes sense, on the other hand it doesn't. My question: if the bank receives no license because it paid money but didn't accept the EULA, then what did it receive for the money it paid?
Possible answers I can come up with:
1. The bank bought a computer, and chose not to use some software bundled with it, the same as if I "bought" Norton Antivirus with a new computer but never used it because I choose to use AVG. Dell won't refund to me their cost of the Norton software just because I don't choose to use it. Arguable, but not overly evil.
2. The bank bought a computer which was probably loaded with an OEM "only for sale with a new computer" license for Windows. The license should travel with the hardware, then. Arguable, moderately evil because of the whole "only with a computer" distinction.
3. ???
4. The judge got it wrong, and the bank should be able to sell the unused license the same as if they bought too many office chairs and sold the ones they never used. Non-evil, but IANAL.
Thoughts?

Dump Microsoft

[Attaturk]

I'm not trolling - we're in the same boat. We still have a few MS machines in our company but we've been slowly getting rid of them over the last couple of years. With Vista, Windows Genuine "Advantage" etc., MS licensing paranoia etc. it's pretty self-evident that simply owning Microsoft licenses is an increasing risk - not to mention added burden on your IT team. Dump them. The alternatives are there and it's definitely worth it, if only to be free from the yoke of oppression. ;-)

Re:Dump Microsoft

[cyber-dragon.net]

We are in the same situation at my company. Management did an analysis of risk and TCO of running windows, which thanks to me included probability of getting sued by Microsoft, security etc and decided it was not a good business decision to stay with them. And yes, I gave a fair an impartial analysis and was realistic about training and maintenance times caused by the switch. Over the last year we have been slowly replacing all computers with either Linux for engineers or Macs for execs. Well, some of the engineers wanted Macs after the first couple came in too.

Bottom line... we have dropped IT costs in just machines and setup time by about 20k a year, and we are not a large company. It used to take one person an afternoon to set up two windows machines since they had to wipe and re-install to get rid of all the pre-installed crap. Then run bandwidth intensive updates, install and update virus software etc. We could not use an image as the hardware was always just enough different it did not work, but even if we did it would not reduce the time much as a lot if it is updates which need to be monitored.

With Linux we have an image we copy from CD onto the machine which has everything pre-done and bam, one machine out the door in 20-30 minutes (10 of which was getting it out of the box).

The Macs are just as easy... the only thing we install is Office (necessary evil for execs, they MUST have their powerpoint) and that is done via copying a folder and inputting a key. No complicated process. Hell it even picks up our wireless network during install (gigabit landline reserved for engineers) and considers it a native interface rather than a hack like Windows.

Now instead of spending 80% of my day troubleshooting Windows I spend maybe 15% on maintenance tasks and the rest adding value to the company by implementing new things like the VOIP phones that we can use thanks to the network not having so much unnecessary traffic on it, which incidentally is going to save us another $5k a year or so while we pay for the hardware and $10k a year after.

All made possible by dumping Microsoft Windows XP.

What about using paper currency?

[rdmiller3]

Instead of reinventing the wheel, companies could use an existing "certificate" with built-in anti-counterfeit measures... common paper currency.

For example...

To complete your registration, label an ordinary envelope,
"WidgiCorp SuperApp Registration". Then choose a [US]$1.00 bill
and enter the full serial number from that bill: _________________
Press the "Register Now" button to send the serial number.

Put this bill into the envelope and store it with your copy of
the license agreement. This serial number will be added to a
publicly accessible list of registrations so that posession of
this bill will prove that you have licensed this software.

And there you have a counterfeit-resistant, anonymous, verifiable proof of registration.

Re:Out of Context? You screwed buddy

I assume by the "????" that you really, really want to know, but couldn't be arsed to read the next paragraph. When faced with significant cost or effort, most people are satisfied if they are at least obeying the spirit if not the letter of the law. If Microsoft has already been paid for a copy of software but the buyer cannot use it, should it then simply go to waste, or could it be passed on to someone else? (With the new buyer paying whatever was originally paid to MS to the original buyer of the software).

No question that the letter of it is being broken in that MS has structured their EULAs and bulk purchase agreements in such a way as to restrict this, but this is different I would argue than flat out piracy or counterfitting.

Have you ever purchased something expensive on a friend's Sam's Club card? Had a second rebate mailed to your friend's house for something you bought two of? Bought one of those "Do not sell Radio Promo CDs"?

I'm not saying any of these things are right, but the context you can't seem to find is that this software was bought from MS (they got paid) and because they couldn't use it they then resold it to someone else (prohibited by MS). The selective quote by the salesperson makes it sound like what's going on is on the far side of wrong, but with context it seems to be one of those gray in between things instead. (Assuming what was related was true.)

What Microsoft is doing here is taking legitimate software (they made it and they sold it) and by fiat converting it into pirated/counterfeit software solely by stint of how they have their EULA structured. The software hasn't been reproduced, isn't being used by multiple people, in fact the core of the argument rests on the fact that the software has been completely unused prior to the sale.

What do you show the auditors?

[dunstan]

This could have very far reaching implications: it has just raised the bar for corporate users in proving that they have no outstanding financial liability for software licensing. So before a company can have its books signed off, it must either prove the software licensing or go and buy new ones.

It complicates the issue of licence management for a great many businesses, providing another incentive for using libre software instead.

It's a money grab

[Moraelin]

Well, in a nutshell, MS has a nice cash-cow selling software twice, and tries to protect it. The scam is sorta like this:

1. Thanks to MS anti-piracy lobbying and differential pricing, it's not even possible to buy a PC without Windows on it from a major OEM any more. Or not without paying for Windows anyway: see Dell's Linux PCs or PCs without an OS, that cost exactly as much or more than the same with Windows. (And if you managed to get one without an OS anyway, it would get added to BSA's piracy statistics anyway.) And

2. Most corporations prefer to have a small numbers of standard configurations, to minimize support and training costs. Mom and pop shops may just leave whatever OS was on that PC, but for a corporation supporting 10,000 PCs or more, they prefer to install their version of Windows, Outlook, Office, etc, on each of them. So they buy a corporate version of all that stuff.

The problem is that in the process that corporation has paid twice for Windows and maybe for a few other programs too. E.g., they bought 100 new Dell computers with Windows XP Home on them, and then went and installed their corporate Windows 2000 image on each of them. It paid for both.

And this is just one of the many episodes where MS tries to defend its right to fleece them twice. It tried repeatedly to get it its way that you can't stop paying twice by either:

1. just buying your computers without an OS, if you have your corporate license anyway. (Believe it or not, it actually went on record as saying that the corporate licenses were some sort of "upgrade" to the Windows OEM license bought with the computer, and hence illegal to install on a blank machine.)

2. selling your unwanted and unused OEM licenses (Like the bank in TFA did. This is all that this BS about COA not proving purchase is: being told that, nope, you're not allowed to sell those unwanted OEM licenses that you were forced to buy.)

It's a money grab. Plain and simple. It's fucking stupid to pay for an OS twice. (And it's even more fucking stupid to pay for an OS once when you don't use it: e.g., being unable to sell that Windows OEM license that came with the computer, when you really wanted to install Linux on it.) But for MS it's more money if they can keep forcing you to do just that.

And as long as they can, they and the BSA will do all they can to prevent people from finding a way out of this stupidity.

And don't think that such lawsuits are the only thrust in that war. The BSA isn't just the enforcing arm, it's also a useful source of BS and FUD in that campaign. As I may have mentioned before, even if you did manage to establish your right to buy a PC without an OS, the BSA will write it as a PC running pirated software anyway. That's how they make their infamous statistics: pull an assumption of how many PCs should have also caused a sell of Software X, and anything lower than that is automatically piracy. So if your company bought 1000 PCs without Windows, Office, etc (e.g., because you're installing Linux and OpenOffice on them), it _will_ be written by the BSA as 1000 PCs that are running pirated software.

Cue inflated statistics about rampant piracy and appeals to the governments and courts to give them more power.

Well, that's fucking stupid

[Moraelin]

This has always been the case in the US. You need a receipt of purchase to prove licensing, not a COA or the original box or the CDs. Proof of purchase only.

So let me get this straight...

I've made a point to buy all software I use, if buying a license or CD is even possible. So, yes, even the SuSE Linux 10.0 that I'm writing this on is bought and I have the CDs and manual next to me. (Hey, lip service is cheap. I prefer to vote for OSS with my wallet.) I also have bought a copy of Windows for each of my two computers, because I do play games a lot. At any rate, I have the COAs and CDs and everything. I also have these three bookcases full of games I've bought. With original case, CD, manual, whatever. I've also bought all music I'm listening to, and I can show you an original CD for any MP3 you might find on my hard drive.

So now you're telling me that someone could come and say that in the eyes of the law I'm a bigger pirate than Blackbeard? Just because I didn't keep the receipts from EBGames and whatnot? That someone could look at all those hundreds of games in their original cases and all, and count them _all_ as pirated software?

Nothing personal, and please understand that my anger isn't directed at _you_, but I find that bloody stupid and offensive. Essentially then the US is calling me a pirate and a thief, in spite of my efforts to be a honest lawful gamer, and in spite of the ample evidence to the contrary. I find it utterly insulting.

Whatever happened to innocent until proven guilty, ffs? It seems to me like the current attitude is basically the exact opposite: you're by default a pirate, and from there it's your uphill battle to prove yourself innocent. And, oh, let's also make it nearly impossible to prove that. You may have the original CD, the box, the manual, the certificate of authenticity and everything else that a sane person would have guessed would be enough, but if you can't find the receipt you're a thief anyway. I mean, seriously, wtf?

And what next? Should I expect that my washing machine or TV also count as stolen, because I threw away the receipts once they got out of warranty? Should I start keeping the receipts for the groceries I buy, or be considered a thief that lived on stolen food for the last decade? WTF?