BSA, Microsoft scare tactics target small fish
How likely are you to find the Business Software Alliance's (BSA's) compliance police at your door one day, warrant in hand to check for pirated software? Your risk may have less to do with the amount of unlicensed software you have and more to do with the size and location of your company.
Last week's revelation that the BSA's "truce" campaigns are tied to Microsoft's anti-piracy mailings raises questions about the software industry's compliance-enforcement tactics. To readers in Boston, Chicago, Cleveland, Dallas, and Denver (who might be getting their letters from the BSA and/or Microsoft about the time they read this): It may be a good time to look at these issues.
BSA truce campaigns offer letter recipients 30 days to "get legal" and avoid any penalties for past infringement. In and of itself, I've actually thought the truce campaign was a pretty reasonable approach. It's not as heavy-handed as previous mailings by the BSA and other software industry associations in terms of implying the recipient is a notorious criminal, and is therefore most likely to scare only those who should be scared: organizations that are knowingly using software illegally.
But when you add in the fact that Microsoft is double-teaming many of the truce recipients with one or more letters of its own, the truce campaign takes on a slightly different flavor. Microsoft officials just confirmed that they also are conducting follow-up phone calls to some recipients of its mailings. Readers had complained about getting calls from Microsoft to "update our database" in which they were asked a lot of nosy questions about how many workstations and servers they have. (If you get such a call, you are under no obligation to answer, and I'd personally advise you not to give that kind of information on the phone to any stranger.)
In the name of fighting piracy, the software industry claims that all's fair. But those with real-world experience dealing with the BSA -- either as targets of a piracy raid or as whistle-blowers concerning their company's illegal use of software -- raise interesting questions about the organization's tactics.
Several readers who said they'd been the target of a BSA investigation felt that they were selected more for PR reasons than anything else. "I honestly think everything they fined us for was software we had purchased properly ... we just couldn't document that we had all the licenses," wrote one reader of his previous company's experience. "They didn't care, because they knew we were too small to fight. I think all they really wanted was to reach a settlement so they could get a story about us in the local newspapers."
Although the targeted companies were small, other readers reported bigger fish that got away. "Over two years ago, I informed the BSA about a company that was in clear violation of all sorts of licenses," wrote another reader about a large company at which he'd been the IT manager. "At the time, I had just been let go from that company because I refused to go along with their piracy. During my time, they purchased over 150 laptop computers without any software licenses for them. ... For the next two years, BSA has been in 'negotiations' with the company. They refuse to give me any status updates, except to say that negotiations are ongoing. They haven't filed any lawsuits and from what I see, the company has gotten away scot-free. ... The BSA has no teeth."
If you look through the settlement announcements in the BSA's press release archives, you get the impression that they only pick on little guys. But Bob Kruger, BSA's vice president of enforcement, says his organization investigates every tip it receives. "We investigate them to the hilt, and we'll go wherever the evidence takes us," he says, adding that the BSA's press releases account for only a fraction of its settlements. "Very often we don't announce settlements, and one of the reasons we don't announce every case is that we don't want to saturate the media. Our goal is to get publicity, and there is a limited amount of interest in the media in reporting our message."
So what have we learned from this? How much is the BSA's campaign really about fighting piracy, and how much is it just more marketing hype for Microsoft? And how can you avoid becoming the next subject in a BSA release? I'm not sure. I'd like to say, "Make sure you don't pirate any software and you're OK," but that may not be enough. If you're not a big company, get big. And it wouldn't hurt to move to an area where the media's been saturated with stories about the evils of software piracy. If you're really worried, go open source -- you won't have to worry about associations of big software companies that want to count your licenses.