BSA's Tactics and Motives Questioned

_Hellfire_ sends us over to Baseline Magazine for a longish article entitled After 20 Years, Critics Question the BSA's Real Motives, which paints the Business Software Alliance in the same colors as the RIAA. "A recent Associated Press story highlighted the fact that 90 percent of the $13 million collected by the BSA in 2006 came from small businesses. Since 1993 the group has collected an estimated $89 million in damages from businesses on behalf of its members, every penny of which it keeps. 'I don't know of a business where you can get away with raiding a customer with armed marshals and expect them to continue to do business with you...' said [Sterling] Ball, who shifted his company to open source software after the raid."

BSA?

[Geoffrey.landis]

I have to say, I read the headline and really wondered why slashdot was interested in the Boy Scouts of America.

Re:BSA?

[UbuntuDupe]

Their position on homosexual Scoutmasters.

I mean, this story wasn't about the Boy Scouts, but *when* /.ers are interested in *that* BSA, that's why.

(To errant mods that have been targeting me for downmods: please have mercy. I will pay your tribute. Just cut it out.)

Re:BSA?

[jtroutman]

I read it and wondered why Slashdot had an article on motorcycles...BSA (Birmingham Small Arms) was a British motorcycle manufacturer. Back in the day, the bikes were called "beesers", which is why BMWs are now called "beemers" (though, the cars should be called "bimmers", "beemer" only refers to the motorcycles).

Re:BSA?

[ILuvRamen]

hey the girlscouts got their cookies but what do the boyscouts have? I think they should merge with the other BSA and be junior company raiders. That'd be a real fund raiser and everyone knows boys like guns.
Speaking of that, how can private armed people run into a company? Dunno about your work but at the hospital where I worked if anyone but the government walked in with guns, we killed them.

Re:BSA?

[veganboyjosh]

...but what do the boyscouts have?

The boy scouts sell popcorn.

Re:BSA?

[TheJerg]

Just don't eat it.

Re:BSA?

[ILuvRamen]

well they must not have put heroin and/or crack in theirs like the girlscouts

Re:BSA?

[NetNed]

I read it and thought it was a BSA red dot scope that had gotten the gaze of the slashdot eye. They are a lot cooler then the business software alliance, and would be a great tool for any boy scout in the wilderness.

Re:BSA?

[infonography]

Well these guys ain't Boy Scouts by any means. If anything they have gone over to the Dark Side and been Darth Vader'ed. They just don't have the cool uniforms or that neat mask with the James Earl Jones Voice.

But lucky for them they aren't from the New movies, that would be just cruel.

Re:BSA?

I thought this was about the Brazilian Space Agency.

Play choose your own BSA!

Obligatory:

Fuck the BSA.

Re:Obligatory:

[ScrewMaster]

Fuck the BSA.

I wouldn't, if I were you. You don't know where they've been.

Re:Obligatory:

[jamstar7]

Damn, my mod points died this morning.

Same again

[Wowsers]

It's the same situation in the UK, the little guys get screwed over software licenses that for example, may have expired and nobody keeping an eye on things, whilst the big companies have big lawyers to get away with it.

Should make Linux a bit more of an interesting proposition.

Re:Same again

[jorghis]

I dont think this is a big company having the resources to defend themselves kind of issue. Its more likely that big companies have more money and are more inclined to go out of their way to minimise their chance of getting sued. Therefore a big company is likely to have an IT department that does a good job of making sure it has licenses for everything and doesnt cut corners to save a few bucks here and there.

Re:Same again

[Chris+Burke]

Therefore a big company is likely to have an IT department that does a good job of making sure it has licenses for everything and doesnt cut corners to save a few bucks here and there.

Yes, that's very true, the big company can afford to pay people solely to look after their licensing.

It also has to do with the kinds of licensing small business vs large ones can afford. A large corporation can afford site licenses or bulk-licenses where a large number of users are covered by a single license. It's much easier to keep track of, and to know whether any particular user of the software is legal (either they all are, or any machine that can get a license from the license server is), and easy to know when it expires (there's one date).

Whereas a small company that has to buy individual licenses (especially in the form of shrink-wrapped boxes which means the license is in paper form) has a lot more to keep track of, like when each piece of software was purchased and thus when it expires, and more documentation to dig up when the BSA comes knocking. Plus the BSA is notorious for going after technical violations of licenses where things like moving a hard drive from one machine to another is against the terms, so even though Software In Use == Legal Software Licenses and thus the software vendor got all the money they deserve, the BSA will still force them to pay a fine.

Re:Same again

[Opportunist]

It's more a matter of revenue.

You have a small company that you could either get to buy a handful of licenses or pay a steep fine.
You have a huge company that you could either get to buy a ton of licenses or pay about the same fine.

Question for 500: Which one of those is going to get sued, and which one gets the option to "correct" their licenses?

Re:Same again

[Herby+Sagues]

I've seen plenty of such BSA actions around businesses I work with. In most cases where steep fines were applied the companies were basically above 90% pirate. It's not about lack of dedication to counting licenses, but about either complete disregard for IP and law, or absolute carelesness. In the cases where there was a low percentage of piracy, either no fines were applied (strong notes and recommendations to legalize were received though) or small fines ammounting to somewhat more than the missed licenses were received. I see no parallel with RIAA actions. RIAA has not only been way more abusive and disproportionate in the legal actions, but also having not offered a legal alternative to illegal music downloads for almost a decade, lost the moral ground to such actions.

Re:Same again

[dpninerSLASH]

These folks are pros; within 15 minutes of speaking with you they'll know whether or nor you run running legitimately-purchased software or not. If you're out of compliance you're up a creek and you had better believe that they won't even think of letting go.

If you are in compliance, be cooperative and let them look over your inventory. The moment they start demanding payment politely escort them off your property, and remind them if they continue to push the matter you'll have every consumer advocate group imaginable breathing down their neck.

These folks RELY on your blind adherence; don't be foolish and succumb to their demands. Drag them out into the light for public scrutiny and they'll scatter like cockroaches.

Remember, the first thing they do is size you up morally. If you're a thief, you're dinner. If you're honest, they KNOW they'll come across as self-serving bullies and won't want the trouble.

Re:Same again

[simontek2]

You would think so, but I have worked for small companies and Large ones that don't care about licenses. Heck I know of a very large company that sues everyone on the planet, that isn't 100% legit on their licenses.

Re:Same again

I've seen this type of thing myself. The question always became "Well, how are they going to know?" Since the software didn't have to be activated, the mentality was that no one was going to find out unless a disgruntled employee told someone.

They're finally coming around though.

All I need to know...

[symbolset]

They quote d'Idiot. Wasted click.

Sterling Ball

Do you think he has brothers named Brass and Steel?

Re:Sterling Ball

[Trespass]

Twins. Both named 'Blue'.

Him again?

[Otter]

...said [Sterling] Ball, who shifted his company to open source software after the raid.

Perhaps a more accurate title would be "After Eight Years, We've Found a Second Person to Put In a Story With Sterling Ball"?

Admittedly, the new guy, who seems to have been knowingly using unlicensed software, isn't the most sympathetic figure, but at least it's a break from extrapolating Sterling Ball to the entire business world.

Re:Him again?

So the BSA has taken the entire $98 million dollars from just these two individuals?

If you're being raided...

[stygian]

...then you probably weren't actually a customer, so I doubt the software company would be very depressed to lose your business.

Not that I condone the BSA....

Re:If you're being raided...

[larry+bagina]

not true. A lot of it is paperwork compliance. Like installing Photoshop on 1 computer. The graphic designed gets a new computer and the old one is sent to a different department without uninstalling. If you're a big company with site licenses and an IT staff that reimages computers daily, no problem. If you're a small business, oops.

Re:If you're being raided...

I'm going to go ahead and guess the violations resulting in a "raid" were far more egregious than your example. More like, say- the company I used to work for that bought a single license of Office 2000 and installed it on 150 users' machines. Had we been busted, I would hardly describe it as a good customer getting screwed because of paperwork.

Re:If you're being raided...

[erroneus]

...uhm, According the Sterling Ball, he was only out of compliance by 8%. This would mean he was 92% legitimate. This would seem to indicate that they WERE actually customers.

I find it interesting that there is such a strangle-hold in the software world. It's ridiculously oppressive. It's also amazing to find what people will tolerate. I guess some of the reality is that you rarely know anyone directly who has had the worst of experiences. But it amazes me still that even after a BSA run-in, companies continue to use the software of companies that enable the BSA to operate. In some respects, it seems unavoidable, but it's all about how we got where we are and looking at what it would take to over-throw the systems we have in place now. It would take LOTS to overthrow Microsoft, Adobe, Apple, Autodesk and the rest and switch over to F/OSS or something along those lines. It would lead to better things in the future, but people aren't willing to take short-term, personal hits for long-term, social benefit. Lots of people saw it all coming from far away and long ago, but people wouldn't listen and they still won't listen.

But things seem to be changing... slowly...

Re:If you're being raided...

[Cheerio+Boy]

I'm going to go ahead and guess the violations resulting in a "raid" were far more egregious than your example. More like, say- the company I used to work for that bought a single license of Office 2000 and installed it on 150 users' machines. Had we been busted, I would hardly describe it as a good customer getting screwed because of paperwork. Sorry but in more than one place I've worked the management at the time got info from the other small businesses that got raided. (Customers, suppliers, etc.) The majority of them were raided either because of a disgruntled employee snitching to the BSA or because the business in question was stupid enough to answer one of the BSA's infamous letters and tell told them that they were "in compliance and did not need their services".

Either way in a lot of cases the Bullsh!t Stealing Alliance raided them and hosed them seriously for minor infractions.

The only ones that didn't get hosed were the ones that up and paid a fine outright. Sound familiar?

Re:If you're being raided...

[MMC+Monster]

Not at all true (Okay, I'm probably responding to a troll). It's not easy to keep in compliance with licenses is many situations. Is a license transferable? Does a new install on the same computer need a new license? How do you define a new computer? (New hard drive? CPU? Motherboard?) If you upgrade (or downgrade) the OS, do you need a new license? I'd be surprised (ands suspicious) if *any* company of 50+ people that run proprietary software exclusively is in 100% compliance with all their license requirements.

Re:If you're being raided...

[justasecond]

Oppressive??? Over-throw (sic)??? You seem to be conflating private businesses with governments. You *do* realize that no one is putting a gun to these people's heads and forcing them to use Microsoft/Adobe/Apple/Autodesk products, right? Or don't you? It seems like you think that these companies have governmental powers compelling businesses to use their software.

Of course, the fact you're trying to ignore is that for the majority of business applications there's no F/OSS adoption because, well, the F/OSS alternatives just plain suck. (Seriously, is anyone in the mainstream engineering community actually using PyCADD? How many graphic designers are using GIMP?). This isn't going to change; F/OSS authors are almost universally uninterested in adapting their software to meet business needs (or do not have the time or talent or resources).

Re:If you're being raided...

[Ricin]

So it's the OSS folks' fault that businesses commit to extreme licensing terms and get beat up by the BSA for doing so? That's an, erm. interesting POV.

Re:If you're being raided...

[erroneus]

Early versions of your examples pale in comparison to present-day alternatives to the same apps. When those apps became the more widely accepted standards, they sucked worse. It's not the quality of the product that made them what they are. And even if F/OSS wares were "better" they'd still be "different" and people would not be inclined to migrate. It's not the quality that makes things happen. It's pricing and other marketing tactics that make things happen. Just look at MS Word versus Word Perfect. Look at Lotus 123 versus Excel too. Word was NEVER better than Word Perfect and it took quite a bit of leverage to get Word Perfect out of the legal offices even after the 'war' was over. And once Word was the victor, Lotus 123 fell simply because MS Office shipped with Excel. If it was about quality, the players in the game would be a lot different and IBM OS/2 would still be running on servers and desktops today.

Yes, we do have companies behaving in shameful and sometimes even illegal behaviors in building and maintaining their dominance in the markets. Not only that, they've manged to have laws written and have various enforcement departments operating at their beck and call with very little if any due process of law... in fact, internationally, causing armed law enforcement in other countries to violate their OWN laws in order to enforce the desires of companies here in the U.S. (Did you not hear about the pirate bay?) And even in cases where F/OSS software is 'winning' or at least gaining ground, these commercial entities have done immoral and illegal acts through bribery and corruption of foreign governments in order to reverse any deals involving F/OSS software.

I'm not ignoring any facts.

Your references to CAD software are irrelevant as even other commercial products cannot presently compete with Autodesk and not for reasons related to 'quality' and everything to do with compatibility being encumbered by the same laws written and paid [sponsored] for by these same industry leaders. Your reference to the GiMP is also pretty interesting in that the primary reason GiMP can't compete has nothing to do with its quality and everything to do with anti-competitive laws dealing with software patents that prevents the GiMP from incorporating the features needed to make it useful in a professional environment.

The point is that they play dirty... very very dirty. It's never been about quality. It has been about marketing practices, both legal and illegal, and their eventual practice of writing laws and paying politicians to make them happen. (It has also been their practice of abusing the patent and trademark laws to stifle competition... yes, I said trademark laws! 'Common words' cannot be trademarked and yet somehow Microsoft still has a trademark on the word "Windows" which is clearly in violation of the rules for trademarks.)

Re:If you're being raided...

[that+this+is+not+und]

Your whole world seems centered on a bunch of 1980's and early 90's software. AutoCad, for gods sake! Have you ever heard of any of the software real engineers use today, and not just the civil engineers in small towns in Iowa??? You also seem immersed in some sort of a Lotus 123 world.

Better stock up on printer ribbons.

Re:If you're being raided...

[Opportunist]

"Nice business you got here. Wouldn't it be a shame if its credit rating went to shambles because of, say, a lawsuit for copyright infringment?"

Re:If you're being raided...

[HiThere]

Well, you can guess what you want. Perhaps you're right in this instance. But *I* wouldn't bet on it. The BSA has a long time rep as a gang of rapacious extortionists.

N.B.: Last I heard they almost only checked for Microsoft violations. I wonder if this is still true? (They know who pays their bills.)

Re:If you're being raided...

[Bigjeff5]

I don't think you understand the way licenses work.

For most regular programs like the Adobe suite of software, Microsoft Office, or other stand alone software, licenses are simple. 99% of the time it is a single license for a single machine. Sometimes you can get sitewide licenses for these, sometimes not.

When dealing with servers, however, licenses get hairy.

With server software, you generally need one license per server, one license per machine accessing the server, and often one license for each user accessing the server. Exceptions are webservers, and that's about it, heh.

So, lets take a look at a fairly typical breakdown for a small to medium sized company.
Say your company has an MS server to act as a DC (that's domain controller), a dedicated DNS/Cache server, an Exchange server, a server for data storage/server apps, and a webserver.

Say your company has 100 employees, with 100 desktop computers and 15 laptops for travel use.

How many licenses do you need?

Well, you only need one license for the webserver, that one's easy. You need 120 licenses for the DNS server (don't forget the servers! They need licenses too), not too bad there. For the DC, you need 100 for the users, and 120 for the desktops and servers. It's the same for the Exchange server (may need a license for each email account, you'd have to dig through the license agreement, but it's at least 1 per user and 1 per machine for the windows software as well). The data server also needs 100 licenses for the users, and 120 licenses for the machines.

Add it up, that's 781 licenses just in getting your network set up for 100 users. And I combined servers to make things simpler, often the DNS server will be completely seperate from the cache server, and there will often be multiple data servers for redundancy. Any server based applications accessible to users will also require a per-user license to access it. So it's not hard to have an application server with 4 or 5 applications on it that require 700-800 licenses by itself, and that's IN ADDITION to any client software that goes on each individual machine.

It's downright EASY to end up with 15,000+ licenses for different commonly used software for a company with only 100 users.

Keeping track of that is a nightmare, since often these companies don't give you an easy way of keeping track of things.

A lot of these functions can be replaced by FOSS, but if your server guy only knows microsoft, then he's going to have a very hard time setting things up for linux, and you can forget about Unix, because they are very different. But even if you can replace most of this with FOSS, you can't replace all of them. A lot of business software simply has no open source alternative, or if it does it is not equivalent. One example would be PhotoShop, while the free alternative Gimp works for 85% or so of what Photoshop can do, if you need something in that last 15% you can't substitute Gimp for Photoshop. You have to have the Adobe product.

A small company with 15,000+ licenses to keep track of, it's not hard to lose a few, and with a maximum penalty of $90,000 per license infraction, it doesn't take much to put a small company under. (Granted, companies rarely recieve the full fine, that's for people who are blatantly and purposely stealing software, but $3000 for a $200 program really, really hurts).

Re:If you're being raided...

[prezkennedy.org]

If they aren't using AutoCAD then what are they using?

Re:If you're being raided...

[that+this+is+not+und]

Where I work they all use Pro-E.

AutoCAD is a kludge and you have to bolt ugly hacks on the side to do things like 3-D modeling. It's, uh, PeeCee software that tries to 'grow up' into Workstation software, but not very well. It's rooted in the world of the PeeCee and will remain there forever.

There is a lot of Engineering CAD software out there. Most of it doesn't have it's roots in autoexec.bat and config.sys.

After 20 years?

[fahrbot-bot]

How about: After 20 Minutes

Re:After 20 years?

[ScrewMaster]

Yeah ... I was (ahem) "suspicious" of their motives the first time I heard about them.

Bloodsucking leeches.

I have been in an Audit once

[QuantumRiff]

We got "anonymously tipped" a week after I took over the job of an incompetent admin, who was in charge of all the licensing, and kept telling everyone it was fine to install this and that, when it wasn't. The fun thing was that even if/when you pay the fine, you have to get back into compliance. I remember calling around to MS about some licensing issues for SQL server. Talked to 3 different people, got 3 totally different answers about how many licenses we would need. I read the info from a script, to make sure I was keeping it the same. If the company that SELLS the damn software can't understand their own licensing, how can they expect us to? We ended up having our lawyers and the BSA lawyers figure it out.

Re:I have been in an Audit once

We ended up having our lawyers and the BSA lawyers figure it out.

Ouch, wouldn't it have been cheaper to pay developers to move to open source alternatives? I am only half kidding here.

Re:I have been in an Audit once

[QuantumRiff]

Not really, our "dot-com" product was pretty much Windows/Office based. (I really did try to convince them to move to Linux on the backend...) Funny thing was that MS was an angel investor in the company....

Re:I have been in an Audit once

[RobBebop]

Funny thing was that MS was an angel investor in the company....

Microsoft funded business pirates Microsoft SQL.... story at 11.

Re:I have been in an Audit once

Lots of stories like this.

Guess what? It's the responsibility of the *company* to do business legally, whether that means not buying stolen goods, ensuring that products they sell are safe, or buying licensed software.

In your case, the company was clearly in blatant violation--it's not the "we just lost a PO" story that others are doing here. I'm not sure it's a poster case for evoking sympathy (though you deserve some, for having cleaned up the mess you didn't cause).
    And the Microsoft story simply sounds like there are multiple licenses that could have covered your situation--also not too surprising. That's what happens when you buy them ahead of time, too. The perspective is different, of course, when you're buying one retroactively.

Do you really think the company was treated unfairly? The management hires someone who's breaking the law, and pay him to continue breaking the law--out of ignorance or collusion, or just because its more convenient--they (ie, the company) are responsible. This is pretty cut and dry in the corporate world in every area. And there are all sorts of laws you have to follow--tax, accounting, employment, access, environmental, and so on. Knowing what the rules are, and what it takes to follow them, is part of running a company.

The piracy business.

[kevin.fowler]

The piracy business seems to be a lucrative one, all around.

Re:The piracy business.

[Opportunist]

In the current climate of copyright craze, it seems to me you can make more money with legal extortion than piracy.

adversaries

[SoupGuru]

Is it only in the technology world where it seems that vendors and their customers are more like adversaries? Is there any other realm where the manufacturer demonizes the very people that buy the products that pay the rent? I'm sure the fact that 0s and 1s are easy to replicate makes this standoff easy to achieve but it's to point where a valid business model would include giving something away and then suing everyone to pay the bills. Of course, it already is a business model, I suppose. When it comes to patent trolls, the music and movie industry, and software producers it just seems like they are able to get away with treating their customers like dirt more than anywhere else.

Re:adversaries

[jorghis]

Is there any other realm where the manufacturer demonizes the very people that buy the products that pay the rent? Thats the problem though, they arent buying it, they are pirating it. This whole slogan about sueing "their customers" whenever talking about a big company that owns intellectual property of whatever type seems silly to me. Obviously they arent their customers or the guy getting sued would have paid for the item and not gotten sued.

And I am pretty sure that if you stole a tv from best buy they would be demonizing you too. :)

Re:adversaries

Obviously they arent their customers or the guy getting sued would have paid for the item and not gotten sued. So you're saying that the *only* two classes of people are those who pay for every piece of software, and have perfect accounting for each and every one, and those who pirate every piece of software they've ever used?

What color is the sky in your world - is it white or black?

Re:adversaries

[Todd+Knarr]

But what happens when I do buy a TV from Best Buy. I hand them my credit card, the charge is approved, it shows up on my bill and I pay it, in short I bought and paid for that TV. 2 years later, Best Buy comes around demanding that I prove to them that I really did pay for that TV, and if I can't they're going to charge me with theft. I show them my credit-card statement showing their charge for the price of the TV, and they say "Not enough. You need to show us a printed store receipt for it.". Now, after 2 years the warranty's expired. The credit-card charge is long since paid and history. The TV's not something I can take as a deduction on my taxes or anything. Why in the world would I have the receipt still around? But Best Buy still says that they'll charge me with theft if I can't cough up that receipt.

Now, should Best Buy be demonizing me, calling me a thief? Or should I be demonizing them as clueless nut-cases?

Re:adversaries

[timmarhy]

it's not stealing, it's infringment, because they are using something without permission and doing so doesn't actually cost the owner anything. unlike a TV whih cost best buy money to buy and is a direct loss.

and obviously with 92% compilance they ARE customers aren't they. BSA is nothing more then a witch hunt organisation

Re:adversaries

[Todd+Knarr]

You haven't dealt with the BSA, have you? Having unique product keys isn't enough, the BSA says that outright. All you having that key means is that someone somewhere paid for that software. The BSA wants proof that it was you that paid for that product, not your friend down the street who gave you a copy of his stuff. You can wave product keys and certificates of authenticity around all you want, they won't accept those without the receipt to go with them.

And no, they will get upset with you if it's only one computer missing the receipt. Maybe especially if that's all they can find. After all, if they don't find something to pin on you, you might very well be able to sue them for the (rather high) costs you had to incur. Ask Sterling Ball about that.

Re:adversaries

[Bert64]

And just how practical is it to install 500 separate systems with 500 separate product keys, and also to keep track of 500 separate product keys and which machines they belong to for when these machines break and need to be wiped and reinstalled?

Product keys are a huge pain in the ass, i know many people who have bought software but lost the product key, and been told to buy it all again, or who have to reinstall for whatever reason and spend hours searching for all the product keys among all the other bullshit literature.

Re:adversaries

[jorghis]

My understanding is that the BSA wants to see unique licenses. Where do you get this idea that they want a receipt from best buy from x number of years ago? That would be much easier to forge than a set of unique valid keys. Do you have a source for that?

Re:adversaries

[Torvaun]

Or one of your competitors made an anonymous tip, figuring that it'd waste your time even if you were in perfect compliance (which is really freaking unlikely). Hey, the BSA pays a bounty, doesn't it? Maybe I could make some extra cash fingering random companies around here...

Re:adversaries

[timmarhy]

licenses don't mean shit. reciepts DO because they can cross check them with bestbuy.

thanks for playing.

Re:adversaries

[jorghis]

1) If you are large enough to have 500 users and your IT guy(s) cant keep track of 500 keys you should fire them.

2) For large numbers of installs you would typically get a site license anyways.

3) If the product is installed on your computer it probably wanted a product key on installation. This means its on the computer, you cant lose it so if you get audited you dont have to worry about missing cd keys. As long as you didnt break the rules when you installed you are ok.

Re:adversaries

[jorghis]

You have got to be kidding. Do you really think that the BSA is cross referencing every receipt with every software retailer? Especially when they give out unique keys that are extremely easy to check?

Re:adversaries

[Todd+Knarr]

Go look at the BSA's website. What they want is two parts: proof that your copy is legitimate (product key or certificate of authenticity) and proof that your copy was paid for (actual receipt made out to you). Note that this is entirely reasonable, the unreasonable part is the BSA's standards of proof being far more strict than the law allows for. They then use the cost of your going into court and proving that they don't have a case to get a settlement from you.

Re:adversaries

[jorghis]

Can you point to a single instance where someone collected a bounty for pointing the finger at people who they didnt know were infringing?

Re:adversaries

[fireboy1919]

What about if you do this:
1) Buy five licenses of Windows XP, and $2000 worth of other software. Five copies of each, mind you.
2) You install it on one machine.
3) To save yourself time, you clone your install four times.

Or how about this:
1) Buy 30 machines that come with Windows XP, Office 2007, and Word.
2) Five of the machines get hit by a meteor. You buy five new machines, and install your original copies of XP and office 2007 on these machines.

Depending on the draconianness of the install license, you might get fined by the BSA. Hard to be sure. You have exactly the same number of licenses as installs, but you still get fined because the laws don't protect against stupid technicalities.

*Tons* of businesses end up with things like this. Probably more as VMs become more popular.

I think we need some kind of area of law that specifically deals with COTS software licensing. I want to see a legal requirement to the tune of "all licenses are transferable (making the second case allowable), and fall into distinct categories - per user, or per computer, and licensing is based on license type, not license number (making the first case allowable)" Further, if the license is only valid for a specific period of time, then it should have an expiration date built into the software itself so that it stops working. This confusing unintentional license violation needs to go away.

Re:adversaries

[timmarhy]

oh please enough with the strawman arguments.

my point is these people maybe partly unlicensed but they are STILL CUSTOMERS, where the IRS don't consider you a customer at all and it's not like there's any other tax agency competing with them.

If you think sending legal attack dogs after 92% of your business in order to collect on 8% is good business tactics then your cut from the same cloth as SCO, and we all saw how that ended up.

this is just like (but on a much smaller scale) the time the local video store sent me threating legal letters over $20 of over due fines. I used to rent a movie from there every weekend, after that letter I stopped giving them my business. they lost 100's of $ in business over $20 in fees, and it's all part of a new business culture that's been emerging where the customer is considered the enemy.... but that's a topic for another day.

Re:adversaries

[ScrewMaster]

When it comes to patent trolls, the music and movie industry, and software producers it just seems like they are able to get away with treating their customers like dirt more than anywhere else.

I dunno ... have you driven a GM car lately?

Re:adversaries

[haystor]

The major difference there is I pay the difference plus interest.

With the BSA, you owe up to $150k per violation, attorney fees and then you still have to buy your way back into compliance.

Re:adversaries

The only way that the BSA is going to come after you is if they get tipped off that you are violating your license. Not true, but let's pretend it is.

If that happens it means that people at your company knew they were infringing. So also in your world, nobody ever lies? Interesting world you live in.

Having one valid license to a software product that was copied 200 times doesnt make it "gray". Ahh - finally back to the point. But you appear to be backtracking: you stated - quite bluntly - that the people who the BSA goes after are *NOT* customers - which means that they must *never* have purchased *anything*. But if they have *ANY* "valid" licenses, they obviously are customers.

How much does the BSA pay you to shill for them?

Re:adversaries

[techno-vampire]

Note that this is entirely reasonable, the unreasonable part is the BSA's standards of proof being far more strict than the law allows for.

If so, and your records are up to what the law allows, make them take you to court. You'll have all the evidence the law requires you to have to prove your side, and the BSA is going to have a rough time proving that this isn't enough. Then, sue them for all the costs of defending themselves plus punitive damages.

Re:adversaries

So basically, you're defended the BSA on the basis that you don't actually know the first thing about what happens when you're audited by the BSA?

Re:adversaries

[timmarhy]

you ARE aware the BSA doesn't disclose those details, right?

Re:adversaries

[Ricin]

+5 bull's eye!

Re:adversaries

[jorghis]

Of course I realise that anonymous means they arent disclosing it. My point is that you are just speculating, I doubt that there is any more of a problem here than there is in any other area where people are anonymously pointing fingers. By the same token I could phone in an anonymous tip to the FBI that my neighbor is growing drugs, does the fact that someone could theoretically make a false accusation mean that this is a bad idea?

Re:adversaries

[timmarhy]

and in the mean time your cash flow takes the hit. yeah really fair.

Re:adversaries

[Chris+Burke]

The only way that the BSA is going to come after you is if they get tipped off that you are violating your license. If that happens it means that people at your company knew they were infringing.

If you're accused you must be guilty. Yeah, that's a safe assumption.

It couldn't possibly be that it's a disgruntled ex-employee who called in a bogus tip simply to harass their former employer. It couldn't possibly be a disgruntled ex-employee who was themselves responsible for the licensing and thus the lack of compliance, and they were the only ones who knew it.

I'm sorry, but in my world thats not gray, thats black. Having one valid license to a software product that was copied 200 times doesnt make it "gray".

And is having 200 valid licenses to a software product that was installed 201 times because someone forgot to delete one copy off an old computer black as well?

Is having 200 valid licenses to a software product that was installed 200 times, but someone didn't obey the specific terms of the EULA and moved the software from one computer to another also black?

Is having 200 valid licenses to a software product that was installed 200 times in complete accordance with the license terms, but not being able to meet the strict (and poorly specified) accounting to prove this to the BSA when they raid your company also black?

Is there any gray at all in your world?

Re:adversaries

[Torvaun]

If it were as easy to accidentally be growing drugs as it is to accidentally not be audit-ready, then yes, that would be a bad idea. It would also signal a need for drug law reform if it's easy for someone to accidentally be breaking those laws.

Re:adversaries

[jorghis]

OK, I went through all the "resources for IT managers" and "resources for employers" that they had on their website and I couldnt find anything about needing to save receipts. I must say that I really truly doubt that a receipt is needed. There are a million legitimate reasons you could obtain a license for free. They provide several checklists to make sure you are compliant and nowhere on there does it say you must retain all receipts indefinintly.

Everyone here is telling me I am wrong and modding me down, but I just dont see where this is a requirement. I do agree that IF it is a requirement then yes, it is ridiculous.

The BSA's website seems to indicate that they are looking only for licenses. (ie unique product keys) http://www.bsa.org/country/Tools%20and%20Resources/For%20IT%20Managers.aspx

If I am wrong, I will be happy to apologize here, but everything that I can find seems to indicate that saving receipts is not actually a requirement. (and I spent way more time looking thant I really should have on this) :)

Re:adversaries

[jorghis]

OK, I will give you the benefit of the doubt since everyone here is agreeing with you and modding me down. Do you have a source for this? The BSA's website claims all they want is licenses. Do you have a source showing that they expect to see receipts for every software product you use?

I will apologize if I am wrong, but I really doubt that I am. Everything I have ever heard in the past and everything I could find from looking around just now indicated that they have no bizarre "save your receipts" requirement. They just want to see licenses.

Re:adversaries

[jorghis]

If you're accused you must be guilty. Yeah, that's a safe assumption. I am not saying "guilty until proven innocent" or anything like that.

My point is that if someone is tipping off the BSA then SOMEONE at your company realises that you are not in compliance. If that is the case then it is very highly probable that you are deliberately violating the license. ie its not a case of bad bookkeeping. If it was an innocent error and noone realised that licenses were being violated then noone would have been tipping off the BSA.

Re:adversaries

[emilper]

BSA wants receipt and proof of purchase with your company's name on it. At least that's what they ask around here.

Re:adversaries

[jorghis]

Do you have a source for that claim? Their website says they only want to see a valid license. There are a million reasons you could have a valid license that you got for free. Everyone keeps saying that and modding me down, but I really dont think its true.

Re:adversaries

[Chris+Burke]

I am not saying "guilty until proven innocent" or anything like that.

Well if the BSA comes around you better believe they are operating under than philosophy.

My point is that if someone is tipping off the BSA then SOMEONE at your company realises that you are not in compliance.

Copypasta:

It couldn't possibly be that it's a disgruntled ex-employee who called in a bogus tip simply to harass their former employer. It couldn't possibly be a disgruntled ex-employee who was themselves responsible for the licensing and thus the lack of compliance, and they were the only ones who knew it.

Not copypasta:

Actually that last one has happened, I know of one case where a guy brand new to an IT job discovered that the guy he was replacing, who had been fired, had done a lousy job of keeping up with necessary license documentation. That being a big part of the job description and thus solely that person's responsibility. And then, lo and behold, an "anonymous" tip caused the company to be hit by a BSA audit for which they were completely unprepared. Despite, to their knowledge, having properly paid of all software and simply not being able to produce the documentation.

Re:adversaries

[dryeo]

There is a good chance that your neighbor is illegally growing drugs. Opium poppies http://en.wikipedia.org/wiki/Opium_poppy are very common, you can buy them from any seed house, and they self seed quite easy.
I had a couple of volunteers growing in a window box here.
Also there is all those stories that used to go around about the little old lady who bought some bird seed where the hemp seed wasn't sterilized and sprouted in the back yard.
Anyways excellent comparision, just like a large number of people are unwittingly breaking the drug laws so many businesses are unwittingly breaking software licensing.

Re:adversaries

[emilper]

I have the bloody law on Author Rights voted in 2000. No, it's not us. And here they don't come with a "marshal", they bring two policemen and a search warrant if you don't let them do their stuff willingly. No, it's not US.

Re:adversaries

Really they are only going to get upset with you if you have 500 computers all using the same product key. And if that happens you really deserve to get burned.

If a company uses volume licensing for their desktop/laptops (as is common in large companies), then they will all have the same product key for those OS'/applications so licensed and in all likelihood are made from the same image set (If using a product such as ImageUltra), or sets (if maintaining images by model)... and in some cases, the computer manufacturer is even in "collusion" with the company in doing this: They actually put the image onto the computers *at the factory* (gasp!)

HTH. HAND.

Re:adversaries

[rcw-home]

the laws don't protect against stupid technicalities

I would argue that they do. The BSA, however, does not concern itself with holding you to the letter of the law. The BSA concerns itself with getting as much money from you as possible under the threat of holding you to the letter of the law.

I want to see a legal requirement to the tune of "all licenses are transferable"

Feast thine eyes: First Sale Doctrine

Re:adversaries

[timmarhy]

multiple people on here who have been through BSA audits are telling you your wrong and you won't listen, it's no suprise you are modded down.

If you've ever deal with bastards like the BSA you'll learn it makes no difference what they put on their website has no bearing on what they will demand and how you'll be treated.

Re:adversaries

[jorghis]

You will have to forgive me if I am looking for a better source than "anonymous guy on slashdot who would never make up untrue stuff about the BSA". Dont you think that if it were actually true there would be a credibal source out there? And if something that outragous were actually true dont you think that a reputable news organization of some kind would have brought it up?

Re:adversaries

[timmarhy]

they aren't posting as anonymous cowards for one, and if you think main stream media are going to pick up on somethinglike the BSA your insane.

hell they've only JUST started to catch onto RIAA suing grandma's and small children.

besides, this isn't a court of law and not every single statment requires photographic proof. i've been through audits (not BSA) and i know exactly the kind of pricks you can expect to run into while doing them. your failure to understand this only shows your ingorance in the matter.

Re:adversaries

[Todd+Knarr]

Yes, but there's a problem: it's going to cost a lot of money to defend yourself in court, even if you win. And, except in very exceptional circumstances, you will not be allowed to counter-sue for your costs. If you manage to prove that you do have licenses for all the software the BSA wants to audit, you're guaranteed not to be able to recover costs. The EULA for the software you just proved you legally have (and whose EULA you accepted) is almost guaranteed to provide for BSA audits at your expense, and the court's very unlikely to rule that you aren't bound by the terms you accepted. The only way you'll have any chance at recovering costs is if you don't use even a single copy of any piece of software from a BSA member, have never at any point used such software, and can document the installation history of every bit of software on every machine your company owns in sufficient detail to convince a judge of this despite the best efforts of the BSA to poke holes in your records. And even in that case you'll have to spend large sums of money now, while any recovery you get (if you get it) will be years down the road after all the appeals are settled.

The BSA knows all this. They count on it. If they think you're balking, the first thing they'll do is point out just how much more they can cost you if you don't co-operate. And most businesses do the short-term economic calculation and decide it's cheaper to roll over than to fight and win.

Re:adversaries

[cduffy]

Everything I have ever heard in the past and everything I could find from looking around just now indicated that they have no bizarre "save your receipts" requirement.

You haven't been looking very hard.

Re:adversaries

yes they only want receipts, I fought against ms bsa bastard lawyers for nine months and finally won, then i started usinf os/2 from ibm and then later used slackware linux. Everytime I give away a linux disk now I laugh in microsofts face, suck on that ms bastards

Re:adversaries

[Sproggit]

Mod parent up!!!
The MOST annoying part of watching my legal DVD's is the "You wouldn't steal a car etc etc etc, Piracy IS A CRIME!!" Crap I have to sit through (and not be allowed to skip ahead).
It's getting so that I'm ripping DVD's to my media server, just so I can get to the business of ACTUALLY WATCHING THE FUCKING MOVIE!!

Treat me like a criminal often enough, and pretty soon I'm going to start considering it.

Re:adversaries

[ErikZ]

Great. I got a copy of Office 2007 for doing the MS handwriting recognition study.

It was in exchange for my time. No receipt.

Guess I have to worry about the BSA now. :-(

Re:adversaries

[Technician]

After all, if they don't find something to pin on you, you might very well be able to sue them for the (rather high) costs you had to incur. Ask Sterling Ball about that.

I wonder if they have any idea of the chilling effects is for their actions. I haven't had a BSA action, but I have seen several of the high profile cases. I have been a little careless with licenses in the past as I would try to learn to operate some expensive software. This pratice has ended. It is a legal liability to do so.

The end result is I have no training on many programs. It's hard to sell me a program that I know nothing about, and would have a steep learning curve. I have learned the alternatives instead.

The chilling effects are directly the reason I moved to Ubuntu, and now Ubuntu Studio. I have just started doing Digital Audio Workstation stuff. Cubebase and Garage Band are a couple of programs I have heard of.. I use Audacity and Ardour instead as they run just fine on Linux. They don't come with the license risk. It does make hardware selection a little more difficult, but there is plenty of control surface and capture items well suited for the job.

I get along fine with Gimp. I would be totaly lost in Photoshop as I have never used it.

I have pretty much cleaned out all the high risk software from my stuff. Is this really what the BSA members wanted?

Re:adversaries

[Bert64]

1) If you are large enough to have 500 users and your IT guy(s) cant keep track of 500 keys you should fire them. 500 keys for each product... unnecessary extra burden.

2) For large numbers of installs you would typically get a site license anyways.

3) If the product is installed on your computer it probably wanted a product key on installation. This means its on the computer, you cant lose it so if you get audited you dont have to worry about missing cd keys. As long as you didnt break the rules when you installed you are ok. Until you come to reinstall the machine, and need to look up the original key again...

It's all a load of unnecessary hassle that only disrupts legit users... Pirates won't have any problems anyway.

Re:adversaries

[SuiteSisterMary]

Your first example, buy five XP copies, install one, clone it off, is fine. NT is specifically designed to allow you to do this in various ways.

Your second example probably not so much, if the OS and software are OEM copies, specifically licensed to the exact machine that they were sold on. If you've purchased X number of CALs, actual licenses independent of hardware, you're fine.

Re:adversaries

[urbanriot]

You're being modded down because you're wrong. Many people here have real life experience with the BSA and LAWYERS. They directly ask you for receipts for all purchases. Stop citing web pages, listen to those who have actual corporate experience dealing with these leeches.

Do you have a source for that claim? Their website says they only want to see a valid license. There are a million reasons you could have a valid license that you got for free. Everyone keeps saying that and modding me down, but I really dont think its true.

You call them damages - I call them extortion

[WillAffleckUW]

And the reason I don't have licenses for most of my software is I work for an educational institution and most of our software is exempt from license fees and most of the work I do at home is for non-profits.

But, hey, in the US Constitution, patents had a lifespan of something like 13 years maximum and copyright only lasted 17 years maximum ...

Re:You call them damages - I call them extortion

[jmauro]

By the US Constitution, Congress has the right to set the limits to anything they damn well please. The only restriction is that they must be limited (i.e. a set time, any time will do even if it's 1 million years). While the initial terms were 12-13 years for both, nothing in the Constitution said they had to stay that way. The Supreme Court also indicated that the whole thing was dumb in Eldred v. Ashcroft, but basicly came to the conclusion there was nothing in the Constitution that prevents Congress from doing dumb things.

Re:You call them damages - I call them extortion

[WillAffleckUW]

And yet, the EU which still outperforms the US on real pay and growth, has not done this.

Hmmmm.

Maybe patents shouldn't be made for software?

Maybe copyrights should expire after 17 years?

Re:You call them damages - I call them extortion

[everphilski]

And yet, the EU which still outperforms the US on real pay

Factor in taxes and it swings back in the US's favor. Majority of the middle class is paying 25% or less federal tax, even less on capital gains, and less than 10% state tax, before deductions (mortgage, etc.). Tell me again, how many European countries are paying in excess of 50% of their net to the state?

Re:You call them damages - I call them extortion

[WillAffleckUW]

and yet we get no health care. they do. there's a reason why my EU stocks outperform my US stocks.

So, that aside, I'd rather have privacy rights, no BSA gestapo on my door, and do better.

Re:You call them damages - I call them extortion

[AuMatar]

Now add in US sales tax and property taxes, and the difference becomes minor. Now add in the increased level of services they get in Europe, including health care. Sorry, the EU wins. And I say that as an American.

Re:You call them damages - I call them extortion

Not me here in the UK. I think you forgot to add small necessities like health insurance to your US calculations, too. It's amazing how many Americans "forgot" little details like that when they're making comparisons.

P.S: UK GDP per. capita is projected to surpass that of the US this year. Probably by quite a bit more than the current prediction too, if the US continues it's long slide into recession.

Re:You call them damages - I call them extortion

Sweden last year we had 57% total tax preasure. The goverments goal is 50%..

Re:You call them damages - I call them extortion

[Dirtside]

The Supreme Court also indicated that the whole thing was dumb in Eldred v. Ashcroft, but basicly came to the conclusion there was nothing in the Constitution that prevents Congress from doing dumb things.

As I understand it, the main problem with Lessig's argument was that he argued that by having repeatedly extended copyright, and making it so long, Congress had effectively made it unlimited. SCOTUS rightly rejected this argument -- even a 150-year term is still finite.

However, the argument he should have made is that these long terms in no way "promote the Progress of Science and useful Arts", which is pretty unarguably true (especially retroactive copyright extension; how exactly the hell is extending the copyright on something a dead person wrote going to encourage that person to write more?). There is no evidence of any kind to demonstrate that Progress is better served by 150-year copyright terms than by 20-year copyright terms.

Re:You call them damages - I call them extortion

The US on average is as well off as the richest countries in Europe (not just the EU), like Norway and Sweden. There are many countries in the EU that are piss poor and far worse off than any state in the US. I am basing this on several benchmarks like GDP per capita, corrected for purchasing power and also human development index. I have also lived on both sides.

Re:You call them damages - I call them extortion

[sjames]

Factor in taxes and it swings back in the US's favor. Majority of the middle class is paying 25% or less federal tax, even less on capital gains, and less than 10% state tax, before deductions (mortgage, etc.). Tell me again, how many European countries are paying in excess of 50% of their net to the state?

Factor in comprehensive health insurance, strong unemployment insurance, double or triple the paid vacation time, and the retirement plan and it swings right back and then some.

In the U.S. it's quite interesting that the most affordable tax (local) is the one that gets us police and fire protection. The most expensive gets us.....well, blowing up brown people.

Re:You call them damages - I call them extortion

[everphilski]

and yet we get no health care. they do. I got heath care. I pay about $250 a month, less than 5% of my gross income. If these other countries have to charge double, even the triple of taxation of the US to provide health care, then I want none of that.

there's a reason why my EU stocks outperform my US stocks. So, that aside, I'd rather have privacy rights, no BSA gestapo on my door, and do better.

Good luck. My foreign stocks did well last year, but so did my American stocks. In fact my best performer was an American mutual fund. Privacy rights? Good luck. America has it better than a number of nations who have cameras at every turn. I'm on a mailing list of people who build rockets as a hobby, and it's fairly straightforward to build small motors in the US. However in England, and many other parts of the EU, any amount of Ammonium Perchlorate (for instance) is illegal without a license. There are other heavy restrictions on much more benign compounds as well that aren't or are minimally regulated here in the states and other 'sane' countries. Welcome to the nanny-state.

Re:You call them damages - I call them extortion

[everphilski]

OK, I'll use my own numbers. I live in Alabama. I'm an engineer with a Master's a few years out of school who does fairly well.

Federal income tax bracket: 25%
State income tax bracket: 4.8%
State sales tax: 8%
State property tax: 0.4% of property value ... in my case, 0.8% of gross income
Health care (I pay, family of 4) as a function of gross: 4.6%

Remember the income taxes are based off of gross **adjusted** income, and sales tax based off of what you actually spend on consumables in-state (not your mortgage, credit card debt, student loans, etc.) so say the basis for that is 25% of your gross income. Your total tax basis is then 25+4.8+8*.25+0.8+4.6 = 36.4% of gross, and that is not accounting for the plethora of tax reductions most people have (kids? charitable donations? mortgage payments? tuition payments?). That's nothing compared to what most European countries pay, and I've covered your heath insurance. You're welcome.

They tried to shake us down once

[Stu101]

We had one of the BSA goons turn up and tried to sell us "software compliance services" with vailed threats that bad things happen to those who don't take up their offer.

My boss who stands for no sh!t literally threw him out the building.

I hate them as much as the next person but it hasn't hastened the move to Linux.

Re:They tried to shake us down once

[sgt+scrub]

We were in the same situation once. They sent us letters then showed up. The guys head was swinging from side to side looking at peoples monitors. Occasionally he would do a double take because someones shit looked Windowsy. There is a huge bucket in the corner of our build room with Windows95-XP and Windows Server bundles still in wrappers dribbling over the top and two boxes of crap like office, photoshop, AV software, intuit... ad nausium. My boss walked him in front of the heap and asked, "which license do you want? we usually throw shit away but since your an important person help yourself". The guy actually asked if we had any of it documented. I almost fell over. Every desktop he looked at had Solaris, Linux, or OS/X running on it. My boss looked at him all confused. He tried to explain to the guy, again with no luck, that we don't use windows or windows software.

The guy had to be acting ignorant or something. I think they make money off people being to confused, busy, or scared. It sucks you cant ignore them either because they supposedly act with some kind of government authority. I got stuck listing 200+ licenses for a shop that has under 50 employees.

Re:They tried to shake us down once

[ScrewMaster]

It sucks you cant ignore them either because they supposedly act with some kind of government authority.

They have the same "authority" as the RIAA. They lie to the courts and law enforcement and get the cops to do their dirty work.

Re:They tried to shake us down once

[IronChef]

Every desktop he looked at had Solaris, Linux, or OS/X running on it. My boss looked at him all confused. He tried to explain to the guy, again with no luck, that we don't use windows or windows software.

Why were they there, then? I mean, why did someone let them in to look around? Were The Authorities there with a warrant?

Regardless, sounds like it was teh suxorz.

Re:They tried to shake us down once

[sgt+scrub]

If your a technology company it is easy to assume you have large amounts of hardware, which requires software, which leads them to believe they might be able to profit by shaking you down.

The real motive

[Harmonious+Botch]

After 20 Years, Critics Question the BSA's Real Motives... The real motive? Money, obviously. I'm not trying to flame here, but their motives are just like almost every other business: they wanna make a buck. And they have found a market in which to do it. I'm not saying that they are angels, but if the market is what it is, we should not be surprised if someone satisfies it.

The real culprits here are the legislators who make the laws that cause such a market to exist.

Re:The real motive

What market are you referring to? The software market? Shouldn't a 10 person software shop with a good product be allowed to charge users for the privilege of having a copy? Or are you changing the rules and saying that software companies are only allowed to profit by selling open source support or placing Google ads?

Re:The real motive

[ScrewMaster]

... their motives are just like almost every other business: they wanna make a buck.

You could just as easily apply that premise to the Mafia. Look, the desire to make a buck does not make every such effort acceptable. An organization whose only product is intimidation, extortion and litigation cannot be considered a legitimate business entity in any civilized society.

So far as the BSA is concerned, the term "racketeer" comes much closer to the mark. Sooner or later they're going to piss off the wrong person and end up on the wrong end of a RICO suit.

Re:The real motive

[Harmonious+Botch]

...the desire to make a buck does not make every such effort acceptable. I never said that it should be acceptable. I did say that it should be expected, and I also indicated where one should look to cure the root causes.

I like the Mafia metaphor here. They too make a buck satisfying certain markets. In particular they make a bundle with drugs and prostitution. And we expend a lot of time and money trying to stop them rather than dealing with the root legislation that makes their behavior profitable. All we would have to do would be to legalize drugs and sex among consenting adults, and many of the Mafia's unpleasant behaviors would cease.

Back to the BSA: I'm not sure exactly what legislation would be neccesary to stop them, for I have not studied copyright as much as I have studied sex and drugs. But if you change the laws so that their behavior is not profitable, they will quit.

Re:The real motive

[Yetihehe]

An organization whose only product is intimidation, extortion and litigation cannot be considered a legitimate business entity in any civilized society.

In soviet america BSA legitimizes YOU?

Re:If you're being raided... (you are a customer)

A) much of the time they get their authority to raid you from the agreements you signed when you became a customer; not being a customer makes you much safer

B) most of the people they get actually had licenses but have no clue how to fulfill the strict audit requirements. No the stickers on the back of your machine are not enough. You must have a purchase agreement for _everything_

C) most of the time the they threaten jail sentences (for the IT managers and staff) and accept money.

People just don't bother to fight because it's not worth it unless you are whiter than white, which is almost impossible in any company actually working and not spending it's entire time preparing for a BSA audit.

In other words, the best way to avoid the BSA is to stop being a Microsoft customer and switch over entirely to free software like Linux. Even if you claim the proprietary stuff is better (which it isn't) is it really worth destroying your life for a few bucks more of your employer's time?

Armed Marshals? WTF?

[0racle]

BSA isn't a law enforcement agency, how on earth do they swing armed marshals for their shakedowns?

Re:Armed Marshals? WTF?

[joeyspqr]

because when you pay the legislature to write laws to your benefit, enforcement is part of the deal

Re:Armed Marshals? WTF?

[arizwebfoot]

Because the US Marshall's are tasked with it. I don't remember how they got that way, but they take it very seriously.

Re:Armed Marshals? WTF?

[ianare]

Didn't you get the memo? The police, like most other government agencies, have been on sale to the highest bidder for quite some time now. This is especially true for local departments, but the feds are not immune from it.

Note that when the legislators are bought also (as appears to be the case here) it makes the process much, much easier for the buyer.

Re:Armed Marshals? WTF?

[rahvin112]

All marshals are armed. Having a marshal present means that it's an armed Marshal. Specifically placing the term Armed in front of Marshal implies they aren't normally armed or that somehow they drew guns or something. It's call sensationalizing the situation. Under every EULA you agree to of a company that is a member of the BSA has terms that authorizes the BSA to come in and audit you at any time at your expense. What normally happens is the BSA gets a tip and they show up at the office and demand an audit of the software licenses, if you fail to comply and kick them out they come back with a court order and the marshal to make sure you let them do what they need to. If you make them get the court order they make things a lot more costly both in wasted time and money for you.

Re:Armed Marshals? WTF?

[geekoid]

ALso, if you say thisn isn't a good time, can you come back in a week? they go get marshals. And they WILL say "Armed Marshals"

Re:Armed Marshals? WTF?

[ScrewMaster]

ALso, if you say thisn isn't a good time, can you come back in a week? they go get marshals.

Sure, because they don't want to give you time to clean house.

the BSA?

[MadAnalyst]

Did anyone else first read this and think horrible things about the Boy Scouts? At slashdot, I have a suspicion more than a few of us have a merit badge or two.

what gives BSA the right to "fine" companies?

[RelliK]

BSA is not the government. What gives them the right to bust into your office and demand fines?

Court Orders

They get a court order.

No, I don't like it either. Even my captcha is "bribed" ...

Copyracket

[hexonut]

'I don't know of a business where you can get away with raiding a customer with armed marshals and expect them to continue to do business with you...'

Well... in some (cough) countries this is business-as-usual.

put BSA out of business

[pbjones]

either pay for the software that you use or use open source. Sorry no-one gets my support in this type of issue.

Re:put BSA out of business

[domatic]

What ever happened to the punishment fitting the crime? Yeah it's wrong if some guy is short a license for a $300 dollar piece of software but it shouldn't cost $300,000 to make that right.

Re:put BSA out of business

[ScrewMaster]

These assholes (just like the RIAA) aren't out for redress of grievance ... they want deterrence. That means you have to royally fuck over company after company, and hope that the word gets out and scares other people into "compliance" (whatever that actually means.) The only difference in methodology is that the RIAA targets individuals, and the BSA targets organizations. In either case, it's virtually indistinguishable from more traditional forms of racketeering.

Re:put BSA out of business

[vux984]

either pay for the software that you use or use open source. Sorry no-one gets my support in this type of issue.

A lot of those BSA audits fine people who have legitimately purchased and licensed software.

I know of a company that got nailed because they'd been with a product a long time and gradually growing. So each time a new version come out they bought x upgrade licenses plus y new licenses. After a decade or so and some 7 or 8 upgrades, their last of which was like 150 upgrades and 20 new licenses they got nailed...

They couldn't properly show that every single license had a proper upgrade trail going all the way back to version 1 some 15 years ago. Some one had long since thrown away the floppies and receipts showing that those had been purchased.

Of course the vendor had changed names and been bought out at some point, and they certainly didn't have any records going back that far either.

So some 50 of their 150 upgrades had been ruled in 'non-compliance' simply because they were upgrades of upgrades of upgrades that could only be traced back 4 or 5 versions, but not back to an original purchase in the early 90's.

So, even if you pay for the software that's not enough. You have to cover your own ass so carefully its absurd.

Even the government doesn't require you to keep records that far back.

The BSA's tactics would be roughly akin to the RIAA showing up in your home, grabbing your ipod full of 5000 songs you ripped from your CD collection and demanding you prove you own it all.

So you confidently walk over to your CD's and start handing them over...but you've only got maybe 100 on hand... you put the rest in storage in your basement and attic. Now its a royal hassle... but you start digging through your boxes of stuff and passing those CDs over too.

And when its all done you've found the original CD for some 4900 songs... but you just can't locate the last 8 CDs. Maybe they were in your previous cars glove box when you sold it? Maybe you lent them to your brother? Maybe you stepped on them, broke them, and tossed them? Who knows... they're gone.

Too bad for you: Only 98% compliance... prepare to be fined big time for the balance...

And that's when they look at the stack of 494 CDs you spent the last several hours digging out when they say, "Now what about these? Do you have receipts?"

Re:put BSA out of business

[frank_adrian314159]

So you're saying that it's a pretty easy choice between Open Source and the alternative?

Re:put BSA out of business

[that+this+is+not+und]

Part of the problem is, we as regular people should demand, yes DEMAND even _stricter_ enforcement of the rules as they be.

If businesses don't want these worms crawling through their IT infrastructure the easy alternative is to pitch ALL the proprietary crap and switch to OSS. I know that a bunch of turds will now chime in about "it isn't ready and will never be ready" but 1/100 of the money businesses dump down the rathole of Proprietary software would be enough to make it so. OSS is convergent. It just keeps getting better and better. Only the ignorant do not recognize that. And it only needs to be done right one time, and then a whole additional category of proprietary-fuck software is outta business.

Nobody pays royalties today to the inventor of the paper clip. It won't be much longer before that is the case for basic things like spreadsheet functionality.

Re:put BSA out of business

[sjames]

Paying for the software you use and being able to PROVE it years later are two different things. Some of the licensing schemes are so complex that even the seller can't decide how many licences you need for a given situation. Sometimes you're in perfect compliance (so you think) but the company posts a "public notice" of a change in licensing requirements 20 clicks deep in their website somewhere (a right they reserved in the ultra fine print on the margins of page 497 of the EULA) and BOOM! you're busted you dirty crook! Now bend over and grab your ankles.

Re:put BSA out of business

[pbjones]

I worked for a company, the biggest Telco in Australia, they really liked a particular terminal app, they bought a couple of copies, then just let illegal copies filter out through the org, not the only example but it meant that the company held 1000's of illegal copies of just one item, there were a whole lot more examples. My sister has worked for many companies on contract, one company actually boasted to her that they never buy any software, they just use stolen copies. They make money using stolen material. As I said, I have no sympathy for either side.

Expiring licenses

[nurb432]

Thats why you never get involved with a software lease. You are tied to them forever then, having to be forced upgrades, etc.

It may cost more in the short term, but at least its yours to use 20 years from now if you feel like it, and turns to to be cheaper in the long run.

Re:Expiring licenses

[Vancorps]

How many computers do you keep around for 20 years? Same with servers, a 3 year lease leaves you paying for 80% of the value of the product and you get refreshed with new hardware after the term is up. As a result you always have hardware under warranty and you get to take advantage of increased processing ability. Of course not every business grows as fast as the one I'm responsible for. We just started leasing hardware as we're finding it to be far simpler all around. Don't have to worry about Windows or Office licensing, it's all built-in.

Leasing makes a lot of sense, especially when you consider that you're not forced to run the new software on the new hardware. You always have the ability to use an older version. That is the reason a Vista license is valid for XP with a simple phone call if you're a single sap at home or through the VL site if you're a business customer.

Of course you do pay for the convenience but it's quite worth while. That NT4 license from the 90s isn't all the useful to me now. Same with Netware 3, of course I do get a number of servers without an OS and use Debian for my workhorse servers. Then I don't have to worry about expiring licensing and all I have to do is remap the LUN when I get the new server to replace it.

Re:Expiring licenses

[nurb432]

Due to advancements 10 year old computers and software are still viable today ( office 97, PIII 900, for example ) and today's machines will be useful in another 10 if not longer.

ALso lots of agreements force you to upgrade within a certain amount of time after the old release is retired. I suppose a lease may be fine for some, but ill *never* lease if i have any say-so in the matter. I want ownership of the software and hardware and retain the freedom of choice down the road.

Re:Expiring licenses

[Abreu]

Sorry, but you don't have ownership of software you did not produce... you may own a license to use it, but unless you code it yourself (or pay a coder to do it for you), you do not own the software.

Re:Expiring licenses

[Opportunist]

20 years? Try to explain that span of time to a manager, concerned only about his quarter year reports.

If he is in any position to make a decision like this, he is most likely not going to bother thinking what will be in 20 years. He will progress in his career, either moving up the corporation ladder or moving to another company altogether. Do you think he cares that his successor in his chair in 20 years will feel the doom of his faulty decisions today that only gave him a short term benefit?

Re:Expiring licenses

[ozmanjusri]

How many computers do you keep around for 20 years?

I have an Amiga 2000/040 with a Vlab Motion card that still does occasional live genlock/chromakey duties.

The obsolescence of most computer gear happens because it is poorly designed, not because it fails.

Re:Expiring licenses

[jamstar7]

The obsolescence of most computer gear happens because it is poorly designed, not because it fails.

No, they become obsolete because new technology is developed, then software to take advantage of it. Truth be told, the computer that hits the shelf tomorrow morning at the local box store is already 6 months obsolete.

Re:Expiring licenses

[ozmanjusri]

So how come my Amiga still does live chromakey as well or better than the new machines?

Re:Expiring licenses

[Simon+Brooke]

How many computers do you keep around for 20 years? Same with servers, a 3 year lease leaves you paying for 80% of the value of the product and you get refreshed with new hardware after the term is up. As a result you always have hardware under warranty and you get to take advantage of increased processing ability. Of course not every business grows as fast as the one I'm responsible for. We just started leasing hardware as we're finding it to be far simpler all around. Don't have to worry about Windows or Office licensing, it's all built-in.

Leasing makes a lot of sense, especially when you consider that you're not forced to run the new software on the new hardware. You always have the ability to use an older version. That is the reason a Vista license is valid for XP with a simple phone call if you're a single sap at home or through the VL site if you're a business customer.

Of course you do pay for the convenience but it's quite worth while. That NT4 license from the 90s isn't all the useful to me now. Same with Netware 3, of course I do get a number of servers without an OS and use Debian for my workhorse servers. Then I don't have to worry about expiring licensing and all I have to do is remap the LUN when I get the new server to replace it.

Looking in my server rack, there's nothing there less than eight years old and one machine which is twelve years old (and that one is still serving the same system it served twelve years ago, which says something for stability). All of them except the old one run Debian. The thing is, except for big databases, few server-side tasks are actually that demanding - they're all bandwidth limited, not processor limited (even big database systems are more likely to be IO-bound than mill-bound). I agree a twenty year old machine is still a rarity, but there's really no need to upgrade machines on a three year cycle - unless they aren't doing the job you need them to do.

Re:Expiring licenses

So if I'm paying for a license to use, when I am no longer allowed to use it, can I have my money back? After all, you've now stolen my licens to use the software.

Re:Expiring licenses

[pentalive]

Perhaps this is why Commodore is out of business.

Re:Expiring licenses

[ncc74656]

How many computers do you keep around for 20 years?

I still have the Apple IIe my parents bought new in 1985. If push came to shove, I could press it back into "daily-driver" use. I've even knocked together some new apps for it now that there's a not-bad C cross-compiler that targets the Apple II.

tell them to go fish

[SuperBanana]

'I don't know of a business where you can get away with raiding a customer with armed marshals and expect them to continue to do business with you...

If the BSA ever shows up at your door, unless they have a court order, tell them to get lost. If they refuse, slam the door in their face and call the police. Write down every license plate number you can see.

For extra giggles, when you call the police, complain that the people who won't leave are dressed like police officers (the BSA guys wear those black nylon rain jackets with big yellow letters to try and look like government agents), and if they're armed, make sure to mention that too. Cops don't take kindly to people pretending to be them.

Re:tell them to go fish

[QuantumG]

They show up with court orders dude.. do you honestly think people are letting them in to audit their computers without one?

I don't know which is more fucked.. that courts are happy to give private citizens warrants to search the premises of other private citizens or that the police are often more than happy to help them execute the warrants.

Re:tell them to go fish

[blind+biker]

That really is fucked up. Is this not an issue on a constitutional level?

Re:tell them to go fish

[nobodyman]

They show up with court orders dude..

Civilians with court orders? I doubt it, unless they're being escorted by law enforcement.

Re:tell them to go fish

[Qzukk]

I doubt it, unless they're being escorted by law enforcement.

And thus, the armed marshals in the quote in the summary.

Re:tell them to go fish

[QuantumG]

It's perfectly legal for them to hire private security if the police are not willing to help.

Re:tell them to go fish

[SuperBanana]

They show up with court orders dude.. do you honestly think people are letting them in to audit their computers without one?

The BSA's modus operandi is:

1)Get a tip from a disgruntled ex employee. 2)Show up with a team of people, unannounced, and use ignorance, surprise, and fear to their advantage. 3)Threaten legal action if they're not permitted to run their auditing tools.

Then, 4)Blackmail you into paying huge arbitrary fees that are way above what it'd cost to buy licenses, but plausibly less than fighting a court case (especially since you just voluntarily handed over piles of evidence.)

Always, always, ALWAYS tell them to go away. It's like cops asking "can I search your car, sir? have a look around?": if they have to ask, it's because they don't have justification to just do it.

Re:tell them to go fish

[MrNemesis]

Wow, getting your office raided by armed police... on the strength of an anonymous tip-off... for (alledgedly) having unlicensed software?! Call me a cynical commie, but I'm not exactly quaking in my boots that the chain of local corner shops might be using a dodgy version of office. Not that this system is open to abuse or anything...

Hello, BSA? I have reason to believe that my ex-company are using illegal software!
    What?! What's the address?
1 Microsoft Way. They're using using modified GPL code in a *shipping operating system*
    *click*
Was it something I said?

Re:tell them to go fish

[nobodyman]

It's perfectly legal for them to hire private security if the police are not willing to help.

Since when can a citizen or private institution perform a raid? Let's assume that we're talking about the USA here... please cite a source for that. Only a bounty hunter comes close, and even then they only come into play once someone has been convicted for a crime.

Re:tell them to go fish

[QuantumG]

Seriously, are you guys fucking blind or what? The BSA goes to court and gets a court order to collect evidence for a civil lawsuit that is likely to be destroyed if they just sequester the evidence.. they then take the court order to the local police and ask them to enforce the court order for them. If the local police refuse they are legally allowed to hire private security and do it themselves.. the court order authorizes it. And it's not just the BSA.. I've know people who were "raided" by former employers because they refused to hand over source code that the company claimed they owned. The fact that federal marshals are taking this on now is probably a good thing.. as least you can expect them to be more professional than private security firms.

Re:tell them to go fish

[hcdejong]

Show up with a team of people, unannounced, and use ignorance, surprise, and fear to their advantage.

In other words, nobody expects the BSA?

Re:tell them to go fish

Since when can a citizen or private institution perform a raid?

Since they got a court order. You're arguing in circles over the apparent assumption that they couldn't have had a court order because then they would have been "escorted by law enforcement". Were you not aware that the US Marshals IS a law enforcement agency and not a tap dance squad?

GPL = One Size Fits All

The GPL is the only license you need. Everything you're paying $150 to $150,000 for software to do can be done by free (libre) software.

What's that you say? You've got requirement X, and no free software exists to do it? Get together with your competitors, pool your money, and hire a software company to make the GPL software you need.

There's no excuse for proprietary software anymore; it's an inefficient waste of money. You hire a plumber to install a toilet so you can use it whenever nature calls. Would you hire a plumber to install a pay toilet in your house? Then why do you hire a programmer to install the equivalent in your computer?

Re:GPL = One Size Fits All

What? Get together with your COMPETITORS? Sorry bud, but in no industry does anyone do that without a damn good reason.

There's no excuse for proprietary software anymore; it's an inefficient waste of money. You hire a plumber to install a toilet so you can use it whenever nature calls. Would you hire a plumber to install a pay toilet in your house? Then why do you hire a programmer to install the equivalent in your computer? That's not even the same example. Most software doesn't charge you every time you start it, which means paying for software is about the same as... well, paying to get a toilet installed. And paying for upgrades is like paying for the toilet to be fixed out of warranty.

I'm sure we'd all like to see lots more free software, but seriously, stop using bullshit excuses to justify it. And DEFINITELY stop fabricating reasons that there is no excuse for proprietary stuff, because that's just bollocks.

Re:GPL = One Size Fits All

[Tarwn]

At least you threw in the 'competitors' comment this time, so I'll have to extend my normal argument.

Show me the Open Source industrial data historian and HMI/QA suite. The tool suite must have:
  HMI software
  a logic engine to work with real-time process data using programmable objects
  additional components or packages to track downtime, performance, utilization/efficiency, order management, recipe management, traceability
  SPC and SQC tools
  Be accessible for import into some basic tools like spreadsheet tools
  Be accessible from a database server/reporting server
  Have drivers for: Start With This list and then finish this one

Whoops, we need a reporting server too, so add that to the list also.

Could I write all of this software? Yep, with some help from other software types and some EE's and licenses from just about every company listed on the above websites to allow me to write drivers that talk their proprietary languages (which I doubt they would allow to be Open Sourced). However the cost would end up being much greater, especially in this vertical market, The 'competitors' you mention would need to each be paying for developers and EEs for the rest of their lives in order to keep their software tools up to market standards, continue to port them to new systems as they come out, etc. In the far off future it might be worth it, provided licensing fees to AB, Siemens, etc don't hurt too badly. The real question is how many manufacturing companies (not even real competitors) band together to bring the price down and how do you justify double or tripling their licensing costs for the at least the first 3-5 years (they're paying to continue to use what they have and for development of new software) just to barely do less than break even from then out? Assuming you get a good following of consultants to do training and installs for your product, how do you provide them with support on top of the development?

I could continue, but the point is that every time I see someone make a generalized comment about companies banding together to replace their software with Open Source, I notice that the entire manufacturing segment is left out of the equation. I'm not saying it would be impossible or that there aren't some tools out there already, only that Open Source isn't even close to being on the radar in this area right now at the level of paid-for alternatives, and would require companies to throw significant money away in order to catch up quickly while still leaving them dealing with the equivalent of thousands of broadcom drivers.

Re:GPL = One Size Fits All

[Lincolnshire+Poacher]

> What? Get together with your COMPETITORS? Sorry bud, but in
> no industry does anyone do that without a damn good reason.

If your company uses Microsoft products, you're doing that right
now; just indirectly. Your company is contributing financially
to fund products that other companies leverage, so in essence your
company is giving-away any competitive edge that could have been
gained by commissioning their own software.

Re:GPL = One Size Fits All

[kitgerrits]

Get together with your competitors, pool your money, and hire a software company to make the GPL software you need. What have you been smoking and where can I get it?

Writing custom software is not the problem, designing the thing and its functionality is the issue.
This means collaborating with your competition on workflows, record-keeping and probably sharing vast amounts of data.
Have you ever seen 2 companies sit down together and decide nicely which one has the better operating structure?

After the program has been written, it will have to be maintained.
Do you know any companies that can properly maintain software for more than a few years, after the thing has been written?
Even the bigger companies have personnel on rotation and internal documentation of programming is spotty at best.

I have been there and there's a few things to keep in mind:
1/ Developing software takes a considerable amount of time out of -everyone- involved.
2/ Someone new will have to study the code every time, before doing maintenance.
    (Unless your software is under constant (expensive) maintenance)
3/ Every time a new management team is 'conceived', the thing will have to be rewritten, due to new ideas.
    someone new will have to study the code every time, before doing maintenance.
4/ Using the program between the 2 companies means at least one will have to change the way it works.

These are just a few of the things you might want to keep in mind.
The last (only) time I heard about a manager who was happy with his software,
    they had a programmer in-house to maintain their software.

criminal motive

[gnutoo]

You can say the same thing about murder and rape. At some point, society has to take steps to defend itself from fraud. Everyone involved should be ashamed and punished.

Huh?

[Martz]

Why did they even let the BSA auditors into their company in the first place?

AFAIK in the UK, the BSA doesn't have any legal powers to enforce such an audit to take place. Microsoft/Adobe/Foo are all businesses and so is the organisation I work for. What gives software companies special privileges to demand an inspection of someone else's business?

If I sell chairs, am I allowed to go to Microsoft HQ and make sure that Ballmer isn't throwing them around, breaking the licence agreement printed on the underside? If a finger can agree to a supposedly legally binding contract, why can't the derrière?

Re:Huh?

[Tranzistors]

BSA tends to do raids accompanied by law enforcements. Or was it the other way around? Not sure, but the legal part is on police side, expertise is on BSA side.
Prosecution doesn't take place on site. If police gets suspicious, the ugly part starts (confiscation of hardware, thorough examination etc.).
Ideally, BSA trains police to do this on their own, thus ripping costumers indirectly.
N.B. This is how it works in Latvia (In EU? The state nobody knows about? Never mind). I doubt it differs much from rest of Europe.

What goes around comes around....

[ankarbass]

"We hired a guy to go through and audit and get us legal, but he didn't work out," the business owner said. "So we fired him and that's when he went and ratted us out."

What, are we supposed to feel sorry for the business owner aka software pirate? Watch out, here comes the clue bat...don't fire people who you hire to clean up your illegal messes. What is it with incompetent business owners who blame their employees. If you don't have the competence to manage your company's finances without breaking the law, maybe it's NOT the guy you hired who isn't working out.

Re:I'll never pay those I didn't pay anyway, now!

Nick you, really need to, cut down on, the number of, commas you, use.

Tactics & Motives are Questioned ?????

[queenb**ch]

I don't really see what you have to question. The BSA has been pretty blatant that they're *all* about collecting money via any means possible from any one that they can basically extort it from.

Quite frankly, a quick look at their business model shows them to be what they are - the new corporate raiders.

2 cents,

QueenB.

Re:Tactics & Motives are Questioned ?????

Quite frankly, a quick look at their business model shows them to be what they are - the new corporate raiders.

sed /s/raider/pirate/ would be quite an appropriate substitution there... but it would also add confusion to the matter.

A heartwarming story

[mattpalmer1086]

I was told this heartwarming story a few years ago by someone involved in creating the system described below. A very large, well known organisation (call them B) was threatened by a visit from either the BSA or FAST (can't remember which), on the grounds that yet another large software house (call them A) thought that B was using far more copies than they were paying for. B was a very large customer of A's software - they literally couldn't run their business without it, and A certainly knew it.

They had the usual problems of any large organisation - software would get installed and not removed, people would move desks, jobs, etc. They weren't knowingly in violation, but they couldn't really honestly say how many licenses were in use or where everything was installed.

They decided to write a system that would track all the licenses and software in use across the organisation, and allow it to be fully managed - installed and removed on demand. It could handle many different kinds of licensing for many different bits of software. There was nothing commercially available at the time that could do what they needed.

Anyway, after doing this, they found out that not only had they had been over-buying company A's software licenses, the flexibility of the new management system allowed them to have far fewer licenses anyway. Effectively, they had been buying enough to cover installs in all the remote offices, for their more mobile staff, of which there were a lot. Apparently, it was a very pleasant moment when they told A they didn't need any more licenses for the next year or two.

Using open source instead of BSA; Priceless!

[stabiesoft]

I've never used microsoft (or any BSA stuff for that matter) stuff so it has not impacted me at all. Maybe finally the "suits" will have a reason to switch to linux.

Of course not...

They want dated purchase orders. They're not going to confirm them, they're just going to make sure you have them.

If you don't, they assume you're a pirate. They're total assholes and I say that as someone who has never been audited by them.

Re:Of course not...

[jorghis]

Everyone here is claiming this and modding me down, but I cannot find any source that indicates that this is the case. The BSA's website pretty explicitly states that they just want licenses. Do you have a source that indicates that they want purchase orders/receipts/whatever from X number of years ago?

Re:Of course not...

Thats becuase all these fucktards are making shit up out their ass! Stuff they hear about from a friend of a friend, or read from a open source website, no direct knowledge of any kind.

Re:Of course not...

[urbanriot]

You're probably getting modded down by people that know better than you.

Do you have a source that indicates that they want purchase orders/receipts/whatever from X number of years ago? Yes, I have a letter right here, from the BSA, that states that I require a receipt for every copy of a Microsoft product that's in use at our network. The letter further, explicitly states that a product key, COA sticker or product media is not valid proof of a legitimate license.

Re:Of course not...

[HiThere]

My original source for this kind of information was Information Weekly (now, I think, InfoWeek). Since then I have occasionally encountered other stories from other sources.

Check into how they shut down a city in South Carolina. (I want to say Charleston, but I can't believe that's right. My memory is probably playing tricks.)
Check into how they shut down school districts in Washington State the weak before school started.

I don't know whether these cases were exceptional or not, I didn't hear what the results of the aggression were. But these weren't organizations that were going to destroy the records and flee the country. Maneuvering to shut them down (and the timing) is a pure exercise in evil. These agencies could be as guilty as anything and there wouldn't be any excuse for their tactics. And being totally clean wouldn't protect them from horrendous damage.

Re:Of course not...

[bill_mcgonigle]

Yes, I have a letter right here, from the BSA, that states that I require a receipt for every copy of a Microsoft product that's in use at our network. The letter further, explicitly states that a product key, COA sticker or product media is not valid proof of a legitimate license.

Would you mind scanning and posting that? I believe you, but I'd like to have something to show folks who think I'm crazy when I talk about the BSA. If you want to send it to me I'll happily do the redacting work and get your approval of that before posting.

Re:Of course not...

[urbanriot]

For legal reasons, I'd prefer to err on the side of caution and not publicly share this letter as our case is ongoing. However, the letter is a cookie cutter letter sent by many lawyers representing the BSA, and it can be found word for word elsewhere on the net. The only difference will be the software they've accused us of pirating. Dealing with the BSA has been an eye opener into the worlds of licensing. Things that you and I might consider licensed, they won't let pass. Things the sane world would consider legitimate, they don't. If you don't have receipts, it's not legit. If you didn't purchase your OEM Microsoft Office from a certified Microsoft OEM Partner, it's not legit. If you didn't purchase your Autocad from a licensed dealer, who didn't purchase it from a licensed distributer? Sorry, that's not legit (even though you have a receipt, with media and a serial number!) We're obviously contesting some of the above, but whatever these pesky companies put in their licensing disclaimers is considered licensing law.

Would you mind scanning and posting that? I believe you, but I'd like to have something to show folks who think I'm crazy when I talk about the BSA. If you want to send it to me I'll happily do the redacting work and get your approval of that before posting.

Re:Of course not...

[bill_mcgonigle]

For legal reasons, I'd prefer to err on the side of caution and not publicly share this letter as our case is ongoing. However, the letter is a cookie cutter letter sent by many lawyers representing the BSA, and it can be found word for word elsewhere on the net.

Understood. My Google searches haven't been too fruitful for the text or images of letters (there are plenty of news stories and rants!) and I'm not usually such a Google'tard. Could you toss me an anonymous phrase or two?

Every penny of which it keeps?

[Trogre]

What, are these guys above taxes as well as the law?

Re:Every penny of which it keeps?

[pimpimpim]

They don't keep every penny, I found an inflatable plastic cushion from the BSA in my previous office. I guess the idea was that you sleep better with the BSA.

What no-one didn't mention so far is that they collected ONLY 89 milion since 1993. That's 6.3 million per year, is that even enough to pay for their own employees? I also wonder how many damages they managed to get per year, it seems to me that either the damages are very low, or they good only get damages from a few companies.

I have the impression that the BSA is in itself only costing money for the cooperations who make use of it. But I guess the feeling of making your costumers shit in their pants every time they buy your software is priceless.

Re:Every penny of which it keeps?

[barzok]

I have the impression that the BSA is in itself only costing money for the cooperations who make use of it. But I guess the feeling of making your costumers shit in their pants every time they buy your software is priceless.

Don't forget the extra revenue generated when your customers over-buy licenses out of fear of a BSA audit. Or the licenses they have to buy after "failing" an audit (which will probably be an over-buy).

Even if it does work out as a net loss for the BSA's members, it's a small price to pay to get all that extra revenue & claiming how many seats you have installed for a particular package.

Re:I'll never pay those I didn't pay anyway, now!

[bored_engineer]

Sterling Ball claims otherwise. The problem is that they weren't removing UNUSED software from engineers' machines that were transferred to clerical staff. They were apparently paying for what they were using.

http://www.news.com/2008-1082_3-5065859.html

no

[geekoid]

I can't speak to this guy specifically, but the BSA has raided people who are perfectly legit. Costing them a lot of money in disrupted business. Business get no recourse and employees find themselves being yelled at by people with guns.

Re:I'll never pay those I didn't pay anyway, now!

[FroBugg]

Or, if you read the article, you could see that he was 92% in compliance. And this doesn't necessarily mean that the other 8% were pirated, just that they weren't properly documented. Maybe they installed Office on one too many computers. Maybe they lost a receipt or two. But they were most definitely customers.

If only you guys really worked in IT

I've both seen and heard about tons and tons of companies where software acquisition is piracy by unwritten policy. One guy I know, he asked the PRESIDENT of his company about getting software, and the dude asked him why he couldnt just download it off the internet. This was at a company which makes a few million a year.

The difference between the BSA and the RIAA is that, in almost every case, those companies were using unlicensed software. Now while conservatives, as most Slashdotters are, see nothing wrong with allowing companies to steal everything which isn't nailed down, a real economy can't function like that. And that piracy morality will eventually infect every aspect of the country until nobody has any more rights than what they can purchase. Just ask Russia, which has desended into a country run by criminals.

Re:If only you guys really worked in IT

[Dun+Malg]

Just ask Russia, which has desended into a country run by criminals. Please. Russia has ALWAYS been a country run by criminals. It's been that way for centuries.

Take the log out your own eye ..

[artg]

Or, to misuse another word for dramatic effect :

"I don't understand this idea of 'real true rape,'" she said. "Unlicensed use of software is rape and selling unlicensed software is rape, and they all cause damage. When you talk about financial harm, the use of software that is unlicensed through the company is an enormous damage to the industry."

Sure, you can find arguments to misuse words in this way, but not without diminishing the original meanings and equating the real crimes with the trivia that the BSA is concerned with. By their definition, 'Piracy' is what they're guilty of, too - stealing the meaning of words.

Re:Yes, Him Again. That's Good News.

Hey twitter! How's karma treating ya?

Kinder capitalism?

[VampireByte]

So is Bill Gates going to dissolve the BSA now that he's touting this idea of kinder capitalism?

You're doing it wrong. Let me help.

This in an interesting piece of communication. The author has recently taken an interest in the BSA, including this recent article that promotes their Fear Uncertainty and Doubt message.

Quoted in the fine article are a director of enforcement for the BSA and as counterpoint noted analyst Laura DiDio. Ms. DiDio was originally famous for her role promoting the Amityville Horror hoax. These days she is perhaps better known for her astonishing (and curiously persistent) analysis of the SCO debacle in which she promoted SCO's position in front of the press and wound up a creditor in their bankruptcy(pdf) for her trouble. Her employer is alternately given as Yankee Group and G2 Computer Intelligence.

One can only wonder whether Erika Chikowski bothered to check her sources or if this is a case of envelope journalism.

I read all the way through the article. I want my five minutes back.

If you're going to trudge through it at least skip the ads and vote it down.

In 2002 scandal broke out when it was found that a European Commission proposal on software patents was actually written by a BSA official, as discovered by whistleblowers who found evidence in the Microsoft.

And this would be a worthwhile part of the article if she hadn't omitted the final "Word document".

Sexist tag

[smokejive]

"bunchofcunts" Wow, holy sexist tag. What gives? Sorry this is offtopic, but it had to be sent. Holy crap. So, I'm to take it that BSA tactics are like those of vaginas? They bleed once a month and are otherwise generally warm and inviting? Oh, but I'm guessing that you meant "cunt" as a derogatory word for a woman. Good job people. Oh, but it was not used in that context? I see. So I can just as well substitute "bunchofcunts" with "bunchoffags" or "bunchofjews" ? Good to know. Keep up the amazing work.

Re:Sexist tag

So "cunt" is sexist but "dick", "prick", and the millions of other words for the penis, most of which can be used in a similar way, are just fine?

But why?

[PCM2]

Anonymous tip or no anonymous tip, why did your company agree to the audit? If I rang your doorbell and asked to see your accounts payable for the last 12 months, you'd laugh me out of the lobby.

Re:But why?

[QuantumRiff]

Yes, but when big lawyers send a nasty letter, demanding a response, or your offices will be raided with the help of armed US Marshals, and the executives can be arrested/booked in jail, You'd be surprised how quickly an executive will demand action.

Re:But why?

[belmolis]

Where does the BSA get the authority to raid with armed US marshalls? They aren't the FBI. And even the FBI needs a warrant to do that.

Re:But why?

[sjames]

In some cases, they "agreed" to the audit in the fine print on the license.

Personally, I consider that to be an unacceptable business risk since simply being audited, even if found to be 100% in compliance can be a terrible disruption.

Re:But why?

[QuantumRiff]

I'm not sure of the legal stuff around it, but I think it boils down to the fact that they Present a federal judge evidence that piracy is going on, and ask for "evidence gathering" on premise, and ask the Federal Judge for the assistance of US Marshals (who work for the federal Judiciary). Then they show up. Google around they do about 50 raids a year.

Sterling's video re FOSS and the BSA is here

[christian.einfeldt]

I interviewed Sterling about this very topic in his home. His video is here. If you like hi-res, you might want to consider downloading it, rather than streaming it. This is raw video (raw meaning un-retouched, not raw .dv), for the world to rip, mix, and burn, as long as you comply with our Creative Commons Attribute-ShareAlike license. The first segment is here

http://www.archive.org/details/e-dv259_02_sterling_ball_001.ogg

Slashdot doesn't let me link all of the video, so I'll just tell you that the second segment is here:

http://www.archive.org/details/e-dv259_02_sterling_ball_002.ogg
And the third segment is here:

http://www.archive.org/details/e-dv259_02_sterling_ball_003.ogg

You get the pattern.

The last segment for that tape is here:

http://www.archive.org/details/e-dv259_02_sterling_ball_006.ogg

And the last segment in the whole interview is here:

http://www.archive.org/details/e-dv260_03_sterling_ball_001.ogg

This is the link to search for Sterling Ball's interviews:

http://www.archive.org/search.php?query=mediatype%3Amovies%20AND%20collection%3Adigitaltippingpoint%20AND%20subject%3A%22Sterling%20Ball%22

I think that it is really funny that this story still has legs. Microsoft and the BSA really shot themselves in the foot with this tactic. Sterling says that, as of 2005, he had saved $200,000.00 easily for his business by switching to Free Open Source Software.

Christian Einfeldt,
Producer, The Digital Tipping Point

Re:Sterling's video re FOSS and the BSA is here

[christian.einfeldt]

Ooops, that long URL to Sterling's interview got snipped. Here is the TinyUrl

http://tinyurl.com/ynp7c7

BSA or Microsoft one threatened schools systems

[Locutus]

I was a few years ago but I remember someone was threatening school districts across the country with some kind of audit which would have cost at the low end 10's of thousands of dollars and 100's of thousands for larger districts. Something about the Microsoft EULA or the BSA comes to mind but the real story was how the LTSP( Linux Terminal Server Project ) came to the rescue and stopped it. The timing of the threats was poor because there was some national conference around the time and the LTSP group met with many of those threatened. Some jumped onboard with LTSP and off Windows ASAP and others told Microsoft they were going too. Microsoft sent out apology letters and tried to make it look like a big mistake but the end result was that a handful of districts switched to Linux and the others did not but were left alone.

I'm surprised this hasn't been brought up since if it wasn't the BSA directly, it was Microsoft and those two are tied at the hip with how they do 'business'. IMO

LoB

My experience with the BSA

I worked for a company. With an... unstable boss.
I was basically told to install everything from the one copy of things we had.

Fast fwd a couple years and i get sick of this place and quit.
The unstable boss refuses to pay what i am legally owed upto the day i quit. (no contract or other issues involved)

After a round with the labor board i ended up getting 90% of what i was owed.
So i decided that other 10% was worth my time to cause trouble and report them to the bsa.

called the bsa. told them my story.

They showed up at the business with 2 federal marshalls and inspected EVERYTHING. And ended up fineing them almost $200 thousand dollars.

The company went broke a year later.

Since i reported them. The bsa sent me a nice fat check for around $5000 and change. Took several months all total... Well worth the few hundred i got fucked out of that started it all off.

As an employer... the bsa is an evil money grubbing org with no soul.

As an employee... the bsa is one big fucking hammer you can use to get back at your ex employer.

If you pirate your business software. You should REALLY treat your employees better. But the types of businesses that have license problems. are also pretty shitty to their employees.

So in the end. the bsa = good. (for me)

Re:My experience with the BSA

So you drove your employer out of business?

Grats, you really got that guy.

And file system checked the other people that worked there, too, at the same time! Good job!

BSA is another reason

[Phoenix666]

I am happy I use F/OSS.

Sure it would be good for the world of business if everyone switched over to it too, but on the other hand it gives me a competitive advantage to not ever worry about random virii, spyware, bloat, or the BSA coming knocking on my door.

Re:Yes, Him Again. That's Good News.

"Didiot"? That's not her name.

Got any evidence?

[HiThere]

Your statements run counter to everything I've ever heard about the BSA. Everything.

I've heard lots of stories where they essentially invented interpretations of the license, and badgered companies into admitting that they had done wrong and paying a fine, when looking at the license everything that the company did was legal. But the company didn't want to risk a fight in court.

I've never heard of a case where they negotiated reasonable terms for a company that was "essentially compliant", or which had purchase orders and accounting records and bills paid for all the software, but which couldn't locate all of the "proof of purchase" seals.

I'd need pretty convincing evidence to think of the BSA as other than a gang of crooks and extortionists. I'm not saying that it's impossible. Most of what I "know" about them is from news stories, and I know just how flagrantly wrong those can be. But you'd need good evidence, not hand waving.

Re:If you're being raided... (you are a customer)

[ivan256]

B) most of the people they get actually had licenses but have no clue how to fulfill the strict audit requirements. No the stickers on the back of your machine are not enough. You must have a purchase agreement for _everything_

Keeping certificates is not enough. I worked for a company that got audited once. It was a small business, but run by a pair of lawyers who were sticklers for details. They shredded old paperwork after some number of years, and they got nailed because they had the certificates that came with NT 4.0, but not the receipts.

I honestly believe you could do everything by the book, and they'd still find something to nail you for... Not to mention that the audit costs your business in both time and money.

Thanks

[symbolset]

It's hard to type all of that with one of these on your lap.

Re:If you're being raided... (you are a customer)

[Weedlekin]

"the best way to avoid the BSA is to stop being a Microsoft customer"

Microsoft are far from being the only member of the BSA, so simply steering clear of MS software won't be enough -- people will also have to avoid using anything by the others on the BSA's member list:

http://www.bsa.org/country/BSA%20and%20Members/Our%20Members.aspx

Re:If you're being raided... (you are a customer)

As someone who has gone through a rather extensive BSA audit, I cant agree with your comment - all we did to show compliance was produce the license certificates or electronic licenses (via Eopen or similar), no receipts were shown or asked for, and we had no problems with that at all. The audit took a week, they left accepting we were in compliance, and we had no fine to pay. All in all, while no audit is a pleasant experience, this was better than some others I have been through as they went out of their way to not get in our way.

Now, knowing the Slashdot populace, its almost certain that this post will be labeled either as a troll or a paid shill, but its neither - just a different point of view and a different experience.

Seen it at a client company..

Disgruntled IT manager is sacked (was incompetent git anyway). Reported former employers to BSA.

BSA audit was draconian intrusion. In the end the company was in compliance (EU subsidiary of US multi-national). Lots of time/money wasted. BSA had got lots of publicity for the raid (guilt by accusation). But media not interested in the subsequent vindication.

BSA are a shake-down outsourced thugs for M$ and others. They are M$, Adobe, etc. "secret police" by proxy.

Like RIAA and other similar racketeering outfits - the law is used by the strong to intimidate the weak (in relative terms).

you don't have to be Scooby-Doo to solve this...

[gonzoxl5]

The BSA was formed and initially funded by the major software companies as a revenue protection organisation, their only motive is and always has been to ensure that as many copies of software out in the commercial world are paid for as is possible, by whatever means achieved the desired result.

How could anyone beleive it was ever anything else ?

BSA preys on ignorance

[sr8outtalotech]

Small businesses for the most part don't give a crap about license compliance. I've consulted for over 20 businesses in the last 10 years and one thing I always offer to do is a license check. Besides a software audit team I was a part of at a fortune 500 company...I've never seen any business care about license compliance. I've had to explain more than once that buying one copy of a program doesn't mean you can install it on every machine. I point out the BSA whistle blower website and ask if they've fired anyone lately? This is when the, "It won't happen to me" mentality kicks in. It would take from a week to a month to audit a small enterprise (10-50) users. It doesn't cost that much and there's free tools available for tracking assets. The real problem are that small businesses are cheap, the owners resent anyone coming in and telling them that HAVE to do anything and the law in that area is hardly equitable since it was bought and paid for by the BSA.

Re:If you're being raided... (you are a customer)

[sckeener]

Keeping certificates is not enough. I worked for a company that got audited once. It was a small business, but run by a pair of lawyers who were sticklers for details. They shredded old paperwork after some number of years, and they got nailed because they had the certificates that came with NT 4.0, but not the receipts.

Keep modding parent because he is telling the truth. I was talking to a IP lawyer about what I needed to do to make sure scanning in my D&D books was legal. He was a software IP attorney so he gave me a software example. He said who could have everything, the manuals, the disks, & the certificates, but without the receipt you would be doomed. The reason is all those original materials could be counterfeits. Without the receipt you can't prove you bought the goods.

So back to my D&D scanning...basically I now include a scan of my receipt when I scan a book and attach it to the pdf.

Re:If you're being raided... (you are a customer)

[ivan256]

I'm curious as to when your audit was. The one I describe was in 1999. They may have changed practices since... Or you might have gotten lucky... Or somebody higher up on the chain from you might have greased some palms...

And it's not a matter of "agreeing." It happened exactly as I described.

For the conspiracy theorists out there, I'd like to add that the servers at said company ran Linux, even though the workstations were NT.

... Like all anologies

[pentalive]

I don't suppose you would ask them "How do you know I bought this TV from Best Buy?"

Re:... Like all anologies

[Todd+Knarr]

To which they'd respond "Our records show it's a Best Buy TV. If you bought it from someone else, produce the receipt proving that. If you can't, we're charging you with theft of Best Buy's TV.".

Re:If you're being raided... (you are a customer)

[blincoln]

I presume you're not distributing the PDFs you make, so why are you so concerned about documenting the legality of it? Are you worried that you might one day turn yourself into WotC or whoever owns the D&D franchise now?

EULA's

[bill_mcgonigle]

It sucks you cant ignore them either because they supposedly act with some kind of government authority.

They have no government authority other than that the government's job is to enforce legal private contracts. When you clicked on an EULA presented by a BSA member you agreed to that audit. So before he walks in the door you've already agreed to him doing so.

Just about every time you install an update on your OSX boxes you're doing just that.

I don't see that Sun is a member, but I'm not sure. Certainly with Linux you're on firm ground, along with Ernie Ball.

I find it surprising, too

[swb]

I find it surprising that on the strength of a possibly anonymous tip I can get both the cooperation of a court in the form of a court order allowing a search of private property AND the police to execute the tip without ever informing the private property owner in advance. By this logic, I should be able to search pretty much any private property I like with the full backing of law enforcement without showing almost any evidence.

I can't help but call BS on the entire premise (which has been circulating since at least '93 when I first heard of the BSA).

I can see a very, very tiny subset of situations where a *civil* court would allow a preemptive search without a trial or hearing involving the defendant. The plaintiff would have to show overwhelming proof of both the defendant being in breech of contract as well as showing serious damage to the plaintiff should the breech of contract continue. My guess is that a licensing dispute involving Microsoft software based on an anonymous tip wouldn't reach that level, since the evidence is weak and a multi-billion dollar business cannot show harm from even the loss of even a few million in licensing revenue.

My guess is that where there was even good proof (signed affidavit by *current* employee), the BSA would still have to file a lawsuit and the defendant would be notified and a hearing would be called to address the issue of discovery. It might just be that the BSA has killer arguments and in some courts with the right evidence they can get a discovery motion and law enforcement support that day, but even that sounds specious. Surely a plaintiff could challenge the credibility of the evidence presented at hearing (employee was fired for stealing/insubordination or is on probation, etc).

It just doesn't make ANY sense that a private party can arbitrarily gain a court order to enter private property against the will of the property owner or without their disputing the claim. "I know you're stealing from me and I demand the power to search you so that I can prove you're stealing from me."

ha ha

How's the monopoly going, bitch? Almost gone? Good.

By the way, you are going to be fired for letting Twitter get yet another front page story.

Re:ha ha

How's the monopoly going, bitch

ha ha

you are going to be fired

ha ha