Is Your Firm Using Pirated Software?

Because software is easy to duplicate, software “pirates” will frequently make a copy of the original program for additional computers. What many of these pirates don't realize is that software is automatically protected by the same federal copyright law that governs other familiar mediums such as books and music. The duplication constitutes copyright infringement, whether it is done for sale, for free distribution or for the pirates own use.

There are many ways that software can make its way onto a firm's server or workstation, and most are far removed from the traditional notions of software piracy. They are, rather, lapses in policy. Quite often, using software that has not been licensed is a result of ignorance rather than a willful attempt to break the law. The penalties for copyright infringement are stiff, including fines of $100,000 to $250,000 and jail terms up to five years. Nevertheless, software piracy is on the rise.

An industry watchdog group estimates that as much as forty percent of the software used by business entities worldwide is pirated. These groups dedicate themselves to preventing software piracy. With software giants like Microsoft, Symantec and Macromedia as their members, the groups have deep pockets and an endless list of targets to pursue for violations.

What's more, these watchdog groups, on behalf of their members worldwide, have the power of attorney to their rights under the copyright law and they can also assist law enforcement agencies in the investigation and criminal prosecution of offenders. They have been extremely effective on behalf of their members and some software companies have even deployed their own resources with regard to licensing auditing and enforcement. The penalties can be steep, with many settlements exceeding $100,000, and the publicity can be embarrassing as well as damaging.

Many law firms now believe the wise course of action is to have their software licenses “audited” to identify potential violations so that they can be corrected. Internal policy can be verified, or if needed, a set of guidelines can be properly established.

Three Steps to Ongoing Compliance

Software vendors are generally within their rights to demand an audit at any time. Law firms can spend tens of thousands of dollars to prove compliance ' plus hours of lost productivity from the IT staff and end users. Furthermore, this does not include possible fines or unexpected software purchases to bring the organization into compliance.

The most cost-effective approach is to proactively implement an asset management program and avoid compliance uncertainty ' or any unpleasant surprises. An asset management program typically encompasses automated asset tracking and management software plus the related business processes. Asset tracking supplies organizations with configuration, location, and usage information about their hardware and software, as well as how those assets are changing over time. Asset management software allows organizations to better control the contractual and financial side of the assets they have leased or purchased, across their entire lifecycle.

1. Determine what is installed and in use.

There are two critical components to determining software license compliance: 1) knowing how many copies and which versions of the software are installed and in use in your firm; and 2) how many copies and versions you have purchased. Without accurate, comprehensive answers to both parts of this equation, you cannot perform a reconciliation of the two to determine how many copies you have in use that are legally owned by the firm.

2. Determine what you own.

Once you know how many copies are installed, you need to consider the other side of the equation: the numbers and versions of each application that have been purchased plus the terms of each relevant software license agreement.

3. Validate compliance.

The final step in determining whether your firm is in compliance with the terms of the software license agreements is to compare the number of total installations, by version, with the number of licenses that have been purchased.

Given the billions of dollars that experts estimate are lost to software piracy each year, software manufacturers have become serious about enforcing software license agreements and asking that customers produce a self audit. In response, organizations are more and more hard-pressed to prove their software licenses are in compliance. The best course of action that a firm can take is to engage an independent software auditor.

The publisher of this newsletter is not engaged in rendering legal, accounting, financial, investment advisory or other professional services, and this publication is not meant to constitute legal, accounting, financial, investment advisory or other professional advice. If legal, financial, investment advisory or other professional assistance is required, the services of a competent professional person should be sought.

John Dodge is the Director of Management Consulting Services for ABA Consulting LLC, located in New York City. John is a Certified Information Systems Auditor with over 15 years of IT/Business consulting knowledge and experience.

Recently, in selected metropolitan areas, law firms and their clients, began receiving letters from the Business Software Alliance (BSA), an industry watchdog group that cracks down on the illegal use of the world's software. The letter warned its recipients of the risks and implications of pirating software. It may have been dismissed as a veiled threat by some, while others were left scratching their heads, asking, “Can anything really happen to us from pirating software?”

The short answer is “yes” ' ranging from significant fines and penalties, to possible jail terms, for every act of piracy. Not to mention the embarrassing publicity your law firm would likely get as a result. If you are a partner, or shareholder, it is likely that these consequences will fall on you, as personal responsibility is ascribed to these acts.

Current U.S. law states that software programs may be legally installed on computers for which software licenses have been issued. To install that same program on additional computers would require purchasing additional licenses. Failure to purchase those additional licenses will result in criminal activity commonly referred to as software piracy.

Because software is easy to duplicate, software “pirates” will frequently make a copy of the original program for additional computers. What many of these pirates don't realize is that software is automatically protected by the same federal copyright law that governs other familiar mediums such as books and music. The duplication constitutes copyright infringement, whether it is done for sale, for free distribution or for the pirates own use.

There are many ways that software can make its way onto a firm's server or workstation, and most are far removed from the traditional notions of software piracy. They are, rather, lapses in policy. Quite often, using software that has not been licensed is a result of ignorance rather than a willful attempt to break the law. The penalties for copyright infringement are stiff, including fines of $100,000 to $250,000 and jail terms up to five years. Nevertheless, software piracy is on the rise.

An industry watchdog group estimates that as much as forty percent of the software used by business entities worldwide is pirated. These groups dedicate themselves to preventing software piracy. With software giants like Microsoft, Symantec and Macromedia as their members, the groups have deep pockets and an endless list of targets to pursue for violations.

What's more, these watchdog groups, on behalf of their members worldwide, have the power of attorney to their rights under the copyright law and they can also assist law enforcement agencies in the investigation and criminal prosecution of offenders. They have been extremely effective on behalf of their members and some software companies have even deployed their own resources with regard to licensing auditing and enforcement. The penalties can be steep, with many settlements exceeding $100,000, and the publicity can be embarrassing as well as damaging.

Many law firms now believe the wise course of action is to have their software licenses “audited” to identify potential violations so that they can be corrected. Internal policy can be verified, or if needed, a set of guidelines can be properly established.

Three Steps to Ongoing Compliance

Software vendors are generally within their rights to demand an audit at any time. Law firms can spend tens of thousands of dollars to prove compliance ' plus hours of lost productivity from the IT staff and end users. Furthermore, this does not include possible fines or unexpected software purchases to bring the organization into compliance.

The most cost-effective approach is to proactively implement an asset management program and avoid compliance uncertainty ' or any unpleasant surprises. An asset management program typically encompasses automated asset tracking and management software plus the related business processes. Asset tracking supplies organizations with configuration, location, and usage information about their hardware and software, as well as how those assets are changing over time. Asset management software allows organizations to better control the contractual and financial side of the assets they have leased or purchased, across their entire lifecycle.

1. Determine what is installed and in use.

There are two critical components to determining software license compliance: 1) knowing how many copies and which versions of the software are installed and in use in your firm; and 2) how many copies and versions you have purchased. Without accurate, comprehensive answers to both parts of this equation, you cannot perform a reconciliation of the two to determine how many copies you have in use that are legally owned by the firm.

2. Determine what you own.

Once you know how many copies are installed, you need to consider the other side of the equation: the numbers and versions of each application that have been purchased plus the terms of each relevant software license agreement.

3. Validate compliance.

The final step in determining whether your firm is in compliance with the terms of the software license agreements is to compare the number of total installations, by version, with the number of licenses that have been purchased.

Given the billions of dollars that experts estimate are lost to software piracy each year, software manufacturers have become serious about enforcing software license agreements and asking that customers produce a self audit. In response, organizations are more and more hard-pressed to prove their software licenses are in compliance. The best course of action that a firm can take is to engage an independent software auditor.

The publisher of this newsletter is not engaged in rendering legal, accounting, financial, investment advisory or other professional services, and this publication is not meant to constitute legal, accounting, financial, investment advisory or other professional advice. If legal, financial, investment advisory or other professional assistance is required, the services of a competent professional person should be sought.

John Dodge is the Director of Management Consulting Services for ABA Consulting LLC, located in New York City. John is a Certified Information Systems Auditor with over 15 years of IT/Business consulting knowledge and experience.