How the BSA Squeezes the Little Guys

netbuzz writes "Actually, 90% of the Business Software Alliance's revenue is squeezed from small businesses accused of using unlicensed software. A lawyer who represents some of them says his clients often suspect that it was the IT guy who just left — and was responsible for maintaining the licenses — who ratted them out for a big BSA reward."

Sure, blame the IT guy

[winkydink]

My experience with small/medium businesses has been that the CEO/CFO don't want to spend the bucks necessary to get everybody legal and the poor IT guy gets stuck having to ignore the problem or find a new job. To the defense of C-level guys, I did work for one 1000-person company that had a very ethical CFO who insisted on being compliant. The exception that proves the rule, I guess.

Re:Sure, blame the IT guy

[asuffield]

My experience with small/medium businesses has been that the CEO/CFO don't want to spend the bucks necessary to get everybody legal and the poor IT guy gets stuck having to ignore the problem or find a new job.

About once every two months, our director comes to me saying that he wants MS Office installed on some box or other, and I quote him the current list price for it (£320, last I checked). He says that he's already got a copy. I tell him that you have to buy one copy per box. He says that he's got an old copy that didn't have that restriction. I tell him that the rule has always been there, and the only thing that's changed is that the new versions have the silly "activation" nonsense added. He says he never knew that.

Two months later, we do this again. Bizarre.

IT guys not eligible for reward ...

[AHumbleOpinion]

"... his clients often suspect that it was the IT guy who just left -- and was responsible for the maintaining the licenses -- who ratted them out for a big BSA reward ..."

People responsible for licenses in some manner are not eligible for the reward. IT guys doing this are disgruntled and just trying to "get even".

Keep in mind that small business was not chosen merely because they have fewer resourced available to defend themselves, but they were also the worst offenders. Betting that their size would keep them under the radar of Microsoft, Word Perfect, Lotus, Borland, etc back in the day. I'm not defending the BSA's actions, but their targeting is not entirely devoid of reason.

Re:IT guys not eligible for reward ...

[AK+Marc]

The IT guy said "you need X licenses" and the owner said "just install the same copy on every machine."

Here, it was "I need X licenses." The owner said "OK, just submit a work order." The IT guy thought it was easier to just illegally copy software than actually get the stuff approved, so he never officially asked for it. Then, when he left, he called the BSA and we paid fines. He's the one that coppied programs without permission. He lied to the owners that were happy to do the right thing. Now all computers have tracking software and must be left on all night for the midnight scans of all company hard drives. And if you are in IT and are ordered to do something illegal, you are a criminal if you do it. Period. Doing it then turning them in doesn't make you not a criminal. Telling them to send you the request in writing so you can document it will either get you something to report them before it happens (or get you a large settlement if you are fired for not doing it) or they will be unwilling to write it out and tell you to do what's legal. I know IT people that pirate Acrobat because explaining the free PDF writers is more trouble than just stealing, and they don't tell anyone what they did. The IT people are usually the cause, not the innocent saps caught in the middle. I've never seen anyone ordered to pirate software, but I've seen numerous companies do it after the IT person offered it as a solution or did it without telling anyone.

I.T. guys fault? I don't tihnk so.

Infinitely more likely it was the poor I.T. guy, denied access to funds to legitimise the software in the company, and unable to do anything about it with the threat of no job over his head, who finally either found a way out, or was creatively dismissed, and is now either being scape-goated, or maybe he was that pissed off he really did turn them in.

I don't believe for a second the company wouldn't know if large amounts of their software wasn't paid for. It's very common for small time I.T. guys to be, for example, pressured into installing the same software multiple times on machines, with no corresponding license, they may even be told by the boss that it's fully licensed, but you can bet your ass the boss wont take the blame if anything happens.

Any I.T. guy with even the tiniest clue would purchase all software if given the ability, and wouldn't risk his career on installing unlicensed software unless they were pressured into doing, most likely with thought of losing their job.

It's one of the biggest reasons more and more places has under qualified I.T. staff.
The qualified ones don't want the crappy pressure laden jobs, or aren't offered them as they'll be more picky about licensing.
The under qualified ones will take the job, but then feel stuck in the belief they can't get much better, and won't be able to afford the cost or time of further training.

I've seen it happen a lot, despite knowing the problem in advance it ended up happening to me after, and I still keep seeing it today after getting the hell out as my advice was simply never taken, despite it being what I'd been employed for. It was the subject of a slashdot article years back when I was stuck in a job-from-hell too.

I'd imagine something vaguely similar (but not likely to do with legitimate software, just general I.T. problems) has contributed to the UK's recent data protection issues too.

Re:I.T. guys fault? I don't tihnk so.

[rtechie]

You absolutely positively have to hire a lawyer (well, not really, but you should) - if you get audited. You hit part of the nail on the head. The trick of dealing with audits is to NOT deal with them.

Never, ever, ever, agree to an audit by the BSA under any circumstances. It's the same as admitting liability. If they threaten you, hire a lawyer and threaten them back. Increasing the cost of the audit keeps it from being profitable and eventually they back off. If you keep stalling, you can drag the process out for years.

Exactly.

I went thru three different employers where upper management *ORDERED* the IT guys to install the same copy of MS Office on all computers in the building. At the last job, I snagged an email off the server where the CEO was discussing the issue with his CFO and basically said that if they ever got caught they would feign ignorance and lay the blame on the IT guys "doing stuff behind their backs" and installing software without their executive permission. This was a few years ago, about the same time that the BSA started running radio advertisements and putting up billboards all over the Dallas/Fort Worth area to get employees to turn in their bosses for software piracy. I left that job as fast as I could, and now work in IT for a small city government near the D/FW metroplex where our own police department is now the ones who are so eager to pirate software.

*Sigh* It never ends.

How does the BSA

[jasen666]

force a company to allow an audit or "investigation"?
What do they do when a small business owner says, "I use strictly Linux on my computers, no, you can't come in and look around, go pound sand."

Re:How does the BSA

I know someone that was audited by the BSA and decided to fight it. Basically they countered by stating they wanted full disclosure of who reported them so as to determine the validity of the claim prior to wasting internal resources and dollars.

They also argued that the reporting tools are a violation of privacy. Yes, they expected them to place some software on their network which scans their entire network not to mention each machine's registry.

Third, they also argued that even if they were in violation of license, the license is between them and the vendor (after all, the license does not allow for the BSA as having legal proxy interests) and unless the vendor in questions decides that they'd like to personally pursue the issue, the BSA does not have legal authority or the legal grounds to pursue the action.

Furthermore, they argued that even if something odd was discovered and they lost, only the government has the right to impose fines on legal matters as such and they would be within their legal rights to simply purchase any outstanding licenses or settle directly with the vendor in question and completely dismiss the BSA altogether thereby eliminating the need to pay any fines or added fees.

Re:How does the BSA

[jimlintott]

How did that work out for them?

Re:Not many opportunities while employed

[morgan_greywolf]

Receipts aren't always what they're looking for, but they can help. For Microsoft applications and system software, they're often looking for the Microsoft 'Certificate of Authenticity' with the hologram on it. Only small businesses, many of which use whitebox PCs, often don't save their CoA's because no one told them to.

Anyway, small-to-medium businesses are easily the most likely to pirate software internally because they often don't have the budget for doing software audits and the like. Plus, in order to get a project out quickly, many small firms with tight budgets will pirate a copy of mission critical applications, with the idea that they'll buy the license later, when the project pays out. Unfortunately, they also usually forget to buy the license later, and personnel go on using the pirated software and become reliant on it -- and this happens in large part because they don't have the budget for doing software audits or license management!

If anyone's looking for a killer business idea, it's this: start a company that just does license management for small businesses. Sell the services in a high-volume, low cost subscription model that lets small businesses pay a small fee every month, say $20-30 in addition to the cost of software, to manage their license portfolio. IOW, provide enterprise-level software portfolio support ala Software Spectrum, at a small business price. Hire some guys from India or down South to do customer support and watch the revenue trickle in.

Re:So enforcing the law is now bad right?

I've dealt with the BSA first-hand. I worked at a small company of 20 people, we were ALL compliant. BSA sends a blanket letter to small companies saying "Prove you are compliant or feel our wrath. Or just go ahead and settle for $15,000 and we will call it even.". So we gather all the paper work and send it to them. Next they say "We still don't think you're compliant. Buy our $5000 software, run on all your machines to prove otherwise.".

How do I know it's a blanket letter? 3 other companies on our street also got it. This was back in 2001.

Re:Basic psychology

Sorry, I'm a coward in this post. I ratted out a former employer to the BSA. A dotted line manager (who was also a V.P.) was making my life a living hell when I left. Watching him hire college students so they could buy educational versions of software for the company was the source of my sweet revenge.

The dirty little secret about the BSA

[kilodelta]

Six years ago I was the I.T. Director for a manufacturing firm. I had numerous arguments with the company president about software licensing and how we were dancing on the edge of disaster. I finally left in disgust.

Once I'd left I contact the BSA and told them what I knew. A few days after my first contact they called me and told me they weren't going to pursue. The reason they weren't going to pursue is because the company was on shaky financial ground.

So if you're going to pirate, make sure you're financially unstable.

I enjoy nostalgia as much as the next guy...

[darken9999]

Not to nitpick, but I owned Turbo C++ and Turbo Pascal. They were about $100-130 each. Sure, most computer programs were $30-40, but it still wasn't that expensive.

And 386s with 32MB of RAM? Maybe there were some, but they hardly grew on trees. Christ, most hard drives back then were 40-80MB. My 4MB RAM upgrade cost me $400, so 32MB on a PC? Come on.

And there certainly was email. I ran a WWIVnet board, and another BBS in town had FidoNet (seemed overcomplicated for the end user). Sure, it took 7 days for a message to get from Michigan to Mexico, but it got there.

Re:Other Reasons...

[mabhatter654]

exactly, the whole thing is legal hostage taking if you ask me. Like you said, even with a straight business Dell with OEM office installed and the machine stickered properly, it's still not "enough" for the BSA if you donate it! The OEM licenses are transferable with the exact hardware, but if the next person doesn't have the actual bill of sale and paid receipt for that computer it's not "legally" been transfered. How likely are you to give out the paid receipt with your CC# on it as well as a letter of transfer to some charity? Businesses have all sorts of onerous restrictions they don't enforce (but are still in the EULA) for consumer customers. So even though charities get legally licensed machines, they still have to pay more.