Don’t Let Software Piracy Shipwreck Your Company You Can Be Liable if Your Employees Use Unlicensed Programs Many companies’ software policies go something like this: “Employees should not download, install, use or copy software without authorization or a license, except once in a while — after all, everybody does it. Besides, who would ever know if an employee loads a program on 17 computers when we paid for only 16? (Just don’t tell management about violations, so they can’t be held liable.)” Does that sound a bit like your company’s software policy? If so, now is the time to write a new policy, educate your employees about the law and the dangers of violating it, and make sure you’re ready to enforce it. Recognizing the Penalties Software developers and sellers now combat software piracy more aggressively. Many have formed a coalition, the Business Software Alliance (BSA), to detect license and copyright violations and take violators to court. Under the U.S. copyright statute, civil penalties for software piracy may include damages of up to $150,000 for each program illegally copied or installed. Criminal penalties range up to five years in prison and may include fines of up to $250,000. Under the statute’s “vicarious liability” clause, you as an employer can be held liable and fined for illegal acts your employees commit, even if you didn’t know about them when they occurred. And you can be held vicariously liable even if no employer-employee or employer-independent-contractor relationship exists. Under this theory, all someone would have to prove is that you 1) had the right and ability to control an infringer’s acts, and 2) benefited financially from the infringement. “Softlifting” a Program Before we discuss the basic elements of a good software policy, here is a summary of the copyright statute as it relates to software you acquire from an outsider. (It doesn’t apply to programs that your company creates in-house or those written exclusively for your company under a work-for-hire contract.) When you buy software — whether on a disk or downloaded from the Internet — you must abide by the accompanying license terms. The license serves as a contract between you and the copyright owner. A license typically specifies, among other things, how many copies of the program you may make or how many computer workstations or terminals you may use it on. If you make unauthorized copies, or use the program on unlicensed terminals, you are committing a crime, breaching a contract or both. And each unauthorized copy and each unauthorized installation may constitute a separate criminal act. You may also be liable if your employees: o Take advantage of an offer to upgrade software when you don’t have a legal copy of the version to be upgraded, o Use an academic or other restricted version of software for commercial purposes without a license, or o Share unlicensed software with outsiders. Even if you outsource your information-technology (IT) function to an IT consulting firm, you are still responsible for complying with software licenses. Writing a Software Policy A good software policy can go a long way toward eliminating piracy in your company and relieving managers and owners of liability when employees steal applications. Your policy should include: o A clear purpose statement in the introduction that the company won’t tolerate illegal acts or infringements and that it will strictly enforce the policy, o Proper procedures for software acquisition, including: 1) what sorts of vendors or developers to contract with, 2) who in the company may authorize purchases, and 3) guidelines on complying with copyright law, o Instructions for registering and installing software in accordance with license agreements, o A list of acts barred by copyright law — including usage, copying, installation and downloading, o Directions on how to find copyright law online for further reference. o Procedures for reporting violations, o Reprimands and penalties for violations, o A signature line where each employee must sign the agreement, and o Updates yearly or as needed. Because every company, every computer system and every software product is unique, tailor your policy to your particular situation. We can help you fill in policy details. Bringing Your Company Into Compliance Software developers and sellers and their organizations are getting better at catching pirates. Some now offer rewards, for example, to encourage people — often disgruntled employees — to report violators via toll-free hotlines. Also, help desks and technical support workers can often detect whether a customer is running too many copies of a program on its network. If you find that your company is currently using unauthorized software, don’t ignore it. Contact us as soon as possible, and we’ll help you decide how to bring your company into compliance. Sidebar: How To Avoid Buying Illegal Software You are responsible for ensuring that the applications you buy, install and use don’t infringe on someone’s copyright. Here are some steps to take before buying business software: o Buy from reputable developers or vendors only. The vendor’s full name, address and phone number — as well as a live customer service rep — should be readily available. If in doubt, do business only with vendors who sell familiar brand names. o If the price of the software seems too good to be true, check it against leading retail prices. If much lower, it could be pirated or counterfeit. o Avoid software packaged in plain jewel cases (plastic CD containers) without commercial labels or documentation and software whose packaging doesn’t describe the product you’re buying. o Don’t buy software labeled “For distribution with a new PC only” or “Special CD for licensed customers only” unless you’re a licensed customer. o Make sure the product includes a license with: 1) terms of use, and 2) a warranty stating a deadline for returning defective products for refunds. Contact | Legal Disclaimer