Redmond Negotiator

Are Software Auditors ‘Shake-Down Artists’?

Scott responds to a reader’s call to action against the “black shirts.”

• By Scott Braden
• 01/18/2006

"I am stunned that Redmond's advice to those threatened with software audits is to roll over for these thugs. The BSA and SIIA are shake-down organizations, lacking the force of law. The proper response to such gross intrusions of privacy is to fight them tooth and nail. If the software audit ‘black shirts’ start harassing you, quickly move to open source software. Better to have an open source transition plan ready to go the moment a threatening letter appears in your mailbox then to have to deal with the likes of the BSA and SIIA marauders. Make it as costly as possible for them to audit you, and ensure that you move to products whose vendors are respectful of the fact that violated customers don't buy twice."

I suspect that many IT professionals agree with him. But they're wrong on several assumptions. And in this area, being wrong could be very bad for your career.

"The BSA and SIIA are shake-down organizations, lacking the force of law."

Let's take the second point first: "lacking the force of law." Actually, the BSA and SIIA, while not law enforcement agencies of the government, do have the law on their side. They are (to oversimplify a bit) acting as attorneys for the publishers. Their mission is to help the publishers protect their copyrighted property, which we as the IT pros have licensed (or not). So their activities are, in fact, fully legal, having been tested in court many times. Generally speaking, it's a bad idea to assume that a BSA or SIIA audit "lacks the force of law.” It's also a bad idea to say that to your company's executives.

So, they have the force of law with them, but are they shake-down artists? I guess that depends on your point of view. Mine is that people and corporations are responsible to honor their contracts and obey the law. If you don't, then you run the risk of audits, penalties and other unpleasant things.

If you don't pay your credit card bills, do you call the collection agent a shake-down artist? How about the cop that gives you a ticket for running a stop sign? The simple fact is that the creator of the software owns the rights to its use. When you “license” a product, you’re not buying the control of the product; you’re only buying the specific rights granted to you in the license terms.

"The proper response to such gross intrusions of privacy is to fight them tooth and nail."

Now this one, we're closer to agreement than Micah might think. Any good attorney will tell you that whether you're "in the right" or "in the wrong," you still need to mount an aggressive defense. So don't handle it yourself: This is a legal matter, so get the lawyers involved.

Is a BSA audit a gross intrusion of privacy? As long as the auditors follow the terms of your license agreement, which your company willingly agreed to, who can complain?

"If the software audit ‘black shirts' start harassing you, quickly move to open source software. Better to have an open source transition plan ready to go the moment a threatening letter appears in your mailbox then to have to deal with the likes of the BSA and SIIA marauders."

Also good advice, but by the time an audit notification arrives in your mail, it's too late to move to open source ( in order to wriggle out of the audit). But it's always a good idea to investigate alternatives to your current vendors, applications and toolsets. So don't wait for an audit to look at open source -- do it because of all the other good reasons.

Oh by the way, the BSA recently announced a few more audit settlements, with penalties up to $110,000.

What’s your take on software audits? Are you feeling a bit concerned about your compliance situation? Send me a note or post below and let me know!

Want More?
Confused? Frustrated? Well, help is on the way. You see, I'm speaking at the upcoming TechMentor conference in March, and I want to make sure you get the info you want. Take a minute to tell me what topics you'd most like to see me cover in a three-hour "Crash Course in Microsoft Licensing" session by clicking here and taking a quick, three-question survey. I'll send you a free “thank-you” gift.