How does the BSA bust companies for pirating software? (1 Viewer)

[Jonathan Burk]

There have been a lot of commercials on the radio recently for the "Business Software Alliance". They're saying that until mid-November, businesses with unlicensed software on their computers can make good and not get penalized. After that, they face huge fines (they mention $150,000, per instance).
My question is, how do they catch companies? I mean, how do they get access to the companies' computers, and under who's authority do they fine them? They would need a warrant to force themselves into an office, so do they work with law enforcement? Do the cops really care if Joe Accountant has an unlicensed copy of Word on his office computer? I can see law enforcement getting involved with the distribution side of things, and shutting down replicators and sellers of illegal stuff, but I can't see how nailing small businesses is going to stop the problem.
Of course, the company I work for is way squeeky clean in this regard, so I'm just curious.
http://www.bsatruce.com/

 

[brian a]

Most of the reports I've seen have come from ex-employees. People get pissed off that that they were let go and call and report the company. That's based only on microsoft related busts that I know of. I don't know if that holds true for other types of violations.
As for enforcement, it is breaking the law so of course law enforcement is involved. But it's not pulling some traffic cop off the street or a homicide detective off a case. There are task forces that deal with issues like this.
And it is serious to get busted on this stuff, at least with microsoft stuff.
brianca..

 

[Joseph S]

Most of the reports I've seen have come from ex-employees.

I can't wait till Ballmer get the boot for his antics and he rats out Gates for spending his time using a pirated copy of Photoshop to reproduce the Apple's stuff for Windows.

Once a pirate, always a pirate.

 

[Don Black]

Brian is 100% correct. It's mostly annoymous tips from disgruntled employees (including charities, non-profits, and schools). Most companies find it cheaper to simply buy new licenses once "summoned" by BSA-member companies than to perform a full audit of their system.

 

[Michael St. Clair]

If the BSA came after me, I'd sue them immediately for fraud and harrassment, and I would absolutely refuse to do an audit, which would cost me money.
If the BSA were the government, they wouldn't be able to get away with what they do.

 

[Don Black]

If I recall correctly, most EULAs have audit provisions in them that require you to submit to an audit. I'm certain Microsoft products have it at least.

 

[Shayne Lebrun]

They pick a company. Any company. They send a letter saying 'pony up for an audit.' The company, quite rightly, says 'two fingers to the lot of you. We have work to do.' The BSA goes back to the gov't, says 'we have reason to believe...' and shows up at your door with an ARMED FEDERAL fucking AGENT, who says 'stand up, walk away from the keyboards' and you're let back into your office, three days or so later, to repair the damage.
Here's a story gleaned from this Slashdot story .

I worked in an industrial park last year, and company next door got raided. That was a small chemical and mechanical engineering firm that specializes in sensors. Their biggest money maker is sensors for airport bomb-detection machines. They just make the sensors, and have tiny 1 microgram samples of many kinds of explosives for testing, as well as small radioactive sources for calibrating sensors, and a few other hazmat materials on the premises. All legal and above board, and all the companies in the park handle similar materials. Except for a handful of windoze machines, this company was almost all *nix and specialty boxes. Almost all of their software was written in house, or was licensed copies of mathematica or some chemical modeling software. There was a custom grown database for tracking customers, because the company had been "computerized" since the 1960's. There was also a handful of BSD machines for internet services, but most of their 400 machines are not connected to the internet. All the engineers are *nix or big-iron bigots.
They had received a total of three letters in advance of the raid. The first was a demand from microsoft for an audit and a per-user license for all 300 employees of the company, despite there only being 17 windoze machines. You may have only one NT server, and 16 machines in sales and accounting, but you still have to pay for everyone, even the janitor, and you can have a 20% discount if you pay immediately.
The company sent the sysadmin around the building, checking each computer for any "unauthorized" software. He may have removed a few packages and some cute screen savers, but for the most part every machine was still running the original OS installed by the OEM, and they had the original hologram booklets for proof. They wrote back a letter telling microsoft that all was in order, and needed no more licenses. Two weeks after that, the BSA sent a letter asking for an audit. A letter was sent in reply that no audit was needed, as one had just been completed.
The third letter was a demand for an original copy of a licensed auditors report, to be delivered in 48 hours, but was sent the same day the BSA had received a court ruling asking for police action to assist in raiding a software piracy firm. There was no time to reply to the third letter.
They were raided with a full gang of police, since the complaint officially filed with the court was that they were an arms manufacturer (they were, when founded in 1943, but not since 1953), and held explosives onsite. The "informant" was supposed to be a disgruntled ex-employee, who quoted exactly from public county records for hazmat storage and building permits. The "informant" is certainly fictitious. The company hadn't lost an employee in over three years, they're a pretty loyal bunch. The BSA couldn't produce a name, or any detailed records, when law enforcement turned against them a while later. The BSA had gone to the court asking for a civil injunction against the company, based on this known "anonymous" informant and they have this routine well oiled, and structure the court dates to ensure the defendant can't possibly be represented in the courtroom.
The BSA had told the court that the company was an unlicensed arms manufacturer, had literally tons of explosives stocked inside, and that the entire staff were survivalists who had pirated millions of dollars worth of software and had brazenly ignored several audit demands and a bill from microsoft for the per-seat licenses. None of it was true, but the police noticed this description and instead of sending just 2 officers, decided to send most of the department when nobody would be in the building, thus the raid was delayed until the next morning. The raid started at 6:45 AM, with the police storming the building after getting the night security guard to open the doors for them and luring him outside. After searching the entire premises for about 45 minutes, and not finding a single weapon or explosive, they let the BSA auditors take over the building. The cops were pretty relieved to find nothing but a bunch of computers, and scientific instruments like spectrometers. When the boss finally did show them the collection of "explosives", 50 or 100 tiny vials locked in a safe, along with all the records of working with the FBI crime lab, the cops were very pissed at the BSA. But they had to obey the court order and let the BSA shut down the company for a few days for the audit. I think the local fire department was called in by the boss later in the morning, to make sure the software idiots didn't release a cloud of poisonous gas or start a fire.
By 7:30AM, some of the employees had called in the boss. But the BSA court order allowed them exclusive access to the building for up to 30 days. The company lawyer only got a modification to the court order on the second day of the raid, allowing company reps to observe the audit and for hazmat professionals to get in and ensure the dangerous stuff was still in the safes and fireproof cabinets. But by the second day, most of the damage had been done.
The morning of the raid no work got done here, we were all watching the commotion going on next door. Everyone standing around watching the cops, and the fire department, and all the employees sitting in their cars waiting for a word from their boss.
During the raid, the phones went unanswered, leading to some worried customers. The BSA actually cut the T1 line where it entered the PABX, and the telco repairman said they do the exact same thing in every raid, about once per week in the area. The sales people had to work from home, they weren't allowed into the building to retrieve customer lists in order to contact important customers, but the most important they knew by heart, so no great loss. The company slipped a number of contracted dates, causing them to lose at least one bonus for on-time delivery of an order, but the other customers were rather understanding.
After the raid, the place was a shambles. The first thing the boss did was call in the police from outside, and got a photographer from the insurance company to document all the damage. Although the physical damage was less than $10000, none of the *nix machines were functional afterwards. All the disks had been wiped, many were pulled out of machines and left sitting on desks, and some of the machines had been opened and left with their guts hanging out. The BSA auditors were not a very professional lot, since they only know about microsoft machines. None of the windoze machines was hurt during the raid, but every one of them had some unknown software installed, possibly a keystroke logger.
The BSA auditors were upset when the fire department showed up the morning of the raid, and apparently when they were ordered to stay away from the chemical storage areas and the mainframe, they became very childish and vindictive. One of the BSA people made a specific threat against the children of the boss, while a plainclothes police detective was sitting in the next cubicle filling out paperwork. He was arrested for verbal assault and resisting arrest, everyone resists arrest around here, and recently served 30 days. Ooops. Apparently the BSA completely abandoned him to the courts, by telling him they would defend him, and then the lawyer never showed up on the court date. The guy had to defend himself since he didn't have any money for a lawyer, but he had already waved his rights to a public defender. Hahahahahaha.
The BSA techies after the raid started to help the sysadmin by explaining what they did to each machine, but they clammed up as soon as their lawyers got wind of yet another claims lawsuit as the result of yet another raid gone wrong. They all just got up and left the building on the third morning of the raid, instead of finishing the audit or helping reassemble the systems. It took the sysadmin, plus some contractors, about 2 weeks to get most of the machines back to functioning and with various amounts of data restored. The company has never got back to normal since the raid, there is a lot of historical data that can never be recovered. The only positive note is that the sysadmin had the luxury of partitioning every disk correctly before re-installing.
After the raid, the BSA refused to say if there was any pirated software on the premises.
There is now a civil suit going against the BSA. The BSA lawyers have tried every stalling tactic in the book, knowing that it is costing the small engineering firm a fortune to keep the suit going. But the owner is not going to allow the arrogant microsoft cock-suckers to destroy his business just because he refused to upgrade to the latest microsoft everything for every person in the company. The last I heard, the judge has ordered the trial to go ahead at the end of the summer, whether the BSA is ready or not. It sounds like the company will only be able to reclaim about 40% of what they lost. The civil courts do not take into account lost business, just the total amount spent to restore the systems. The several months of complete disruption and near bankruptcy of a once very profitable company aren't admissable to this judge, but a second trial might get them punitive money out of the BSA. The BSA tried to settle out of court by offering $200000 worth of microsoft licenses for one year, and it was of course rejected.
The BSA has claimed that it is a not-for-profit benevolent organization that does its raids for the good of american industry, and it has no money to pay if it loses the court case. The court case may take 6 months before a judgement against the BSA, and court records show that the BSA hasn't once paid on a judgement in this state, instead they lodge appeal after appeal.
I've agreed to post anonymously, because the sysadmin is a drinking friend of mine, and they are under court order not to publicize the case in any way. Their lawyer thinks that the BSA will break this ruling the moment it becomes clear they will lose, and will spin the case as one of an incompetent bunch of lusers blaming their computer problems on an innocent BSA raid. They have done this in other cases, but mostly the media doesn't report these cases because microsoft is such a big advertiser.

 

[Deane Johnson]

IMO, software has gotten so relatively cheap that it hardly pays to run unlicensed copies.
We run a business out of our home and have no employees to rat on us, still, every piece of software we have is a puchased, licensed copy. Since it's all tax deductable, the actual out of pocket cost is low. And I can sleep better at night knowing it legal and I didn't steal from someone, something I'm morally opposed to.
Deane

 

[BrianB]

IMO, software has gotten so relatively cheap that it hardly pays to run unlicensed copies.

Relatively cheap? Looking at the software I have on my work machine (all legal!), I estimate about $10,000 for it, not including the ~$15,000 "licence" for my PS2 tool.
------------------
Nothing In Particular

 

[Glenn Overholt]

Deane - They sound just like the ATF, but I won't get into that.
I think this is why XP is coming out, but MS blew it with this one. I had always thought that if a company put one piece of MS software into 600 machines that sooner or later, MS would figure out that more than one user had the same IP address, and would thus 'flag' them for violations.
But yes, disgruntled employees would be the first ones to do this. As for Deane's raid, maybe it was a competitor that did that. I think the real question is: Just how many companies are out there that don't realize that they need a copy for every user? Upper management might not have a clue.
Glenn

 

[Jeff Ulmer]

I can't understand the requirement to have more licenses than you have machines - this makes no sense at all - in fact, the last time I read a license agreement, I got the impression that you could install the same license of the software on more than one computer, as long as they weren't being used simultaneously. Photoshop and Quark will not launch if a copy with the same serial number is in use on the network.
------------------
Link Removed | Burt Lancaster is Link Removed | dOc