Litigation Risks of Ignoring Software Audits
Software audits are a means for software publishers to enforce and regulate use of their copyrighted software, and publishers regularly outsource enforcement of their copyrights to law firms or entities such as the BSA| The Software Alliance (“BSA”) or Software & Information Industry Association (“SIIA”).
The BSA and SIIA often send a letter to targets of a software audit directly or through an attorney, requesting a complete audit of all software published by the companies it represents, which are frequently Autodesk, Adobe, Microsoft, and many others.
In many circumstances, recipients of these audit letters from the BSA or SIIA requesting a software audit to investigate potential copyright infringement claims choose to ignore the requests, assuming these entities have no legal authority. Instead of requiring the BSA and SIIA to prove they have power of attorney to pursue copyright infringement claims, these companies risk potential copyright infringement litigation against the company and its principals.
The auditing entities typically will not simply agree to disengage from a software audit except in very limited circumstances, which usually involve a conflicting audit, an audit rights provision in publisher’s license agreement, or a valid, current release of liability.
In evaluating the cost-benefit analysis with complying with the audit request, it is important to note that these entities will often pursue not just the company, but also the officers, shareholders, and principals of the company individually as well. Litigation costs will generally exceed six figures, regardless of the outcome of the copyright infringement claims.
It is important to respond to software audit requests, and if in doubt, request that the auditor establish and prove its right to audit. Once established, it is highly beneficial to consult an expert in dealing with software audits to understand the parameters involved, scope, and to assist with obtaining accurate inventory information and records of licenses. Regular internal, self-audits are a great way to mitigate and reduce potential copyright infringement exposure related to over-deployment of software, and to ensure compliance with the relevant license agreements.