Tech Audit

Computer Cops on the Case

  • Print.

The business software alli­ance is the equivalent of Amer­ica’s software police, but it has a serious problem. Nobody knows it exists.

“When people say there’s no such thing, that really gets our backs up. We don’t exist? We do,” says an emphatic Bob Kruger, vice president for en­forcement with the alliance. “And we want to drive home the point that software compliance is important.”

Software licenses are usually wrapped around every software CD or, if software is downloaded from the Net, you have to click a but­ton that says you agree to the license, so it is often called “shrink­wrap” or “clickwrap.”

But just because you have to get past the licenses to get to the software doesn’t mean people actually read them. And that is not necessarily a good idea: Software licenses tend to be much more restrictive than just about any other kind of license. They can limit things like where software may be installed, how long it can be used, whether it may be copied, and who can use it for what purpose.

If you visit the Web site of the Business Software Alli­ance, you’ll occasionally find press releases with titles like this: “Houston-Area Companies Pay Software Watchdog $110,000.” Last year the organization took in $12 million in settlements in the United States, and it claims to have as many as 500 active investigations at any time.

There is no indication law firms are at any more or less risk than other types of businesses. “I would venture to say law firms are not a big component, probably roughly proportionate to the number of law firms in the corporate environment,” says Kruger. “Law firms get tripped up over this issue like any other business.”

The alliance typically gets tips from former or current employees, generally the disgruntled ones. It has taken action against firms as small as a half-dozen employees. “Some are ignorant of the law and some ignore the risk. They’re surprised that the liability is up to $150,000 for each copyrighted work,” says Kruger. “Some think they won’t get caught, but all it takes is one unhappy employee. I’ll venture a guess that even law firms have unhappy employees.”

Software compliance issues can arise from something as simple as having more people use a program than are licensed or installing a program with a single license on multiple computers. It may also arise in unexpected ways, such as when mergers-and-acquisitions attorneys overlook software liabilities during the due-diligence phase of a buyout. After the firms merge, lawyers may suddenly find their client firm is in trouble because the merger partner did not manage its software licenses.


Microsoft, the world’s largest software provider, warns that anyone buying software should watch for software marked with a phrase such as “For distribution with a PC only” or “Special CD for licensed customers only.” When buying software it also suggests checking for the proper certificate of authenticity, which is designed to say whether the software and components are genuine.

To check for problems, Microsoft recommends firms perform a software inventory and match software installations with licenses. The company also points out that keeping track of licenses helps ensure that firms buy only what they need, saving money and also providing the information necessary to set budgets for future technology needs.

Software compliance is not considered a pressing problem at most firms, but it is one that could seriously hurt a firm if caught unprepared for an alliance investigation.

“If you have fewer than 12 employees, not only do you have no dedicated IT staff but most likely [you] outsource, so the whole issue of software compliance falls between the cracks,” says Kruger.

“But it’s something that’s worth the effort, unless you want to learn the hard way.”

Give us feedback, share a story tip or update, or report an error.