Are you Covered? – Why Insurance Should be a Part of Your SAM Program

By Paul Paray, Willis HRH

Being a crucial component of any IT asset management program, a properly run software asset management (SAM) program provides significant value to a company. Indeed, according to Gartner Group, “organizations can realize cost savings of between 5 percent and 35 percent [from their IT budget] by implementing focused software asset management practices. “1It goes without saying, in the midst of a down economy; the ability to trim expenses becomes a critical survival strategy for just about any IT department head. This article focuses on four reasons why your SAM program would get a critical boost if your company purchased an insurance policy that reimburses it for infringement claims based on the use of unlicensed corporate software. In other words, this article outlines why buying software infringement insurance benefits your company’s bottom line and indirectly your job security.

1. A Funding Mechanism for Audit and Settlement

The first major benefit of an insurance product that covers software copyright infringement is that it provides an independent funding mechanism for the defense of a software audit and payment of a settlement. As it stands, the audit and settlement can possibly fall into the IT, compliance, legal, risk management, or “general corporate” budgets. It is easy to argue that funding should come from the IT budget because the IT department is tasked with making sure corporate IT is properly run. It is only fair that they pick up the tab. Compliance and legal involvement is necessary when facing software audits, compliance due diligence, or entering into a software licensing deal. Therefore, it should not be surprising if the costs incurred during a software audit and settlement were to come out of the compliance or legal department budgets. On the other hand, an IT asset management program can be part of the company’s overall corporate risk management program because it allows companies to anticipate and plan for future risk and expenses. Accordingly, the risk management department could very well pick up the freight.

Trade associations like the Business Software Alliance (BSA) and the Software and Information Industry Association (SIIA) or any large software publisher seeking licensing fees will not wait while budget questions are sorted out. And, if a SIIA, BSA, or software publisher audit is at hand, the amount needed to fund a settlement payment and attorneys’ fees may easily exceed seven figures. Indeed, according to the online BSA Defense Fine Calculator, an audit that uncovers the unlicensed use of just 1,000 Adobe® Acrobat® Professional programs will yield a demand of over $1.3 million. Law firms such as Donahue Gallagher & Woods, which brags on its website that it has recovered over $170 million from software copyright violators, will vigorously litigate software disputes without regard to how a defense is funded. On the flip side, having an aggressive law firm defend your interests – and one that is being paid directly by an insurance company – allows legal decisions to be made solely on the basis of the best defense strategy and not how funding may impact the budget of any particular corporate department.

2. A Protective Measure While New Compliance Processes are Being Instituted

According to an article written six years ago by Holland & Hart attorney, Daniel Glivar, “software piracy generally is the unintended result of one or more of the following circumstances: (1) software previously purchased by a company for one workstation routinely was copied onto new computers and servers purchased by the company without purchasing new licenses or additional “seats” for such software; (2) the person or department responsible for software purchases and/or installation did not retain the license agreements, purchase orders, invoices, or receipts proving that the company purchased such software; and/or (3) software or computer purchase receipts do not specify the type of software purchased or the number of permitted users of such software.” Is Your Company Committing Software Piracy?, American Bar Association Intellectual Property Newsletter (Spring 2002).

Little has changed in six years. Indeed, according to attorney Robert Scott of Scott & Scott, LLP, a Dallas law firm that has defended hundreds of software licensing audits, BSA and SIIA often claim that a company is liable simply because it cannot produce the required dated proof of purchase for those copies of software installed on its network. “Some Software Police Tactics are Questionable”, accessed 16 January 2009 . The irony in this is that the employee who failed to obtain adequate proof of purchase may be the same person who was terminated because of his or her lack of diligence regarding software licensing. On the heels of being terminated, such employee may next choose to turn on the former employer and contact BSA or SIIA in order to obtain a financial reward for information regarding the former employer’s use of unlicensed software. In fact, during an audit, SIIA or BSA will routinely choose not to identify the source of its information – which, according to Messrs. Glivar and Scott, is almost always obtained from an online form or a confidential hotline that allows for anonymous tips. Software copyright penalties may end up being based on software titles that a company legally owns and has properly acquired – it just does not have the proof.

While the company is inching towards compliance by fixing the mistakes of the terminated employee, it is obviously very vulnerable. Making sure you have insurance in place prior to the start of the critical time period of investigation/audit/settlement will provide corporate peace of mind by transferring significant potential liability to an insurance company. If given the option, a company will almost always take the initiative to ensure compliance with software licensing requirements. The fact remains, however, until potential process failings can be fully resolved, insurance will always remain the best possible backstop.

3. Access to Seasoned Counsel and Audit Consultants Willing to Zealously Advocate on Your Behalf

After choosing not to give credit for valid software because there is no dated proof of purchase, software compliance organizations will also generally apply a “penalty” multiple of 1.5 to 3 times the full retail price for a software title. Such hard tactics often go unchallenged given that smaller companies do not have the resources to fight and larger companies do not want to taint their publisher relationships. Given the global recession, you can expect these hard tactics to continue in 2009. In addition, during 2009 there will likely be an increase in enforcement by software publishers because they will be seeking to offset a drop in corporate software procurement.

An insurance company will treat the software compliance penalties sought by BSA, SIIA and software publishers just like any other negotiable settlement offers. Only settlements that are fair and equitable to the insured will be accepted. The benefit in having access to a litigation-savvy insurance company with experienced legal counsel is something that cannot be underestimated. For example, the IAITAM IT Asset Insurance Program has access to seasoned litigation counsel, Scott & Scott, to resolve software copyright claims brought against those who have purchased the IAITAM Software Protection Insurance Agreement. When it comes to resolving software licensing disputes, having the right legal counsel and experts in place will always remain the first major step in getting a prompt and fair resolution.

4. The Negligence of Employees is Typically Mitigated with Liability Insurance

When software licensing problems turn up, they are usually not the result of intentionally bad conduct but more a function of negligence. It is not difficult for honest mistakes to be made when the provisioning of desktops is combined with self-audits, maintenance, and long-term procurement initiatives. More to the point, an employee may not even realize the open source product that was just downloaded is provided under a valid copyright license. In the same way Errors and Omissions and General Liability insurance covers the negligence of employees, software infringement insurance picks up claims based on negligence involving corporate software licensing. This does not mean the company gets a free pass when it comes to doing the right thing or that an employee’s activities are performed in a vacuum. It remains crucial that employees understand what is expected of them. Not surprisingly, in most every SAM program, the policies and procedures for utilizing corporate software are conveyed to employees via a combination of corporate communications and training. In today’s economy, it has just become an important additional “best practice” to have the right specialty insurance in place before licensing mistakes are made.