• PC World
• »Security

ORLANDO, FLORIDA -- The Business Software Alliance, the chief watchdog for U.S. software publishers, rarely raids enterprise customers with federal marshals and court orders, according to Robert M. Kruger, chief enforcement officer for the Washington, D.C.-based nonprofit organization.

But that doesn't mean Kruger and other BSA piracy cops are easing up on their investigations. Even though the incidence of software piracy worldwide has dropped, the BSA still has 700 active investigations into software piracy across the United States, says Kruger. The incidence of piracy has gone from roughly 50 percent of all software being used ten years ago to about 33 percent today.

"I don't think I'm out of a job anytime soon," quips Kruger, a former federal prosecutor who joined the BSA as its top enforcement agent in 1993. Kruger discussed the scope and nature of the piracy problem, as well as the triggers behind a BSA investigation, at Gartner's IT & Software Asset Management Summits here in Orlando.

Enterprise Offenders

Kruger says software that's illegally copied by corporate and government employees accounts for "the lion's share" of the $29 billion in revenue that software publishers lose annually to piracy. Still, he pointed out, piracy rates are much higher in Eastern Europe and Southeast Asia, where the percentage of software that's illegally used is 71 percent and 53 percent, respectively, versus 23 percent in North America.

Even so, software piracy continues to be a significant problem in the United States. Kruger estimates that 95 percent of the e-mail spam that people receive with offers of free software comes from a single location in Russia, "and it's very hard to stop."

Add to that the pirated software being offered through auction Web sites and peer-to-peer networks, and the problem is compounded, Kruger says. "People go to a cuddly Web site like BearShare [which features an image of an animated bear], and they figure, 'I must not be doing anything wrong if I'm downloading a $695 photo-copying program for free.'"

According to Kruger, BSA investigations against enterprise customers are usually triggered by calls to the BSA hotline (888/NO-PIRACY), reports sent to the BSA Web site, and referrals from BSA member companies.

"When I took the job [in 1993], I was told that the primary basis for referrals were disgruntled employees, and I thought, 'Gee, here's a reliable course for a career change,'" said Kruger. Sure enough, a week into his job, Kruger received a phone call from someone who said, "Hi, I'm a disgruntled employee."

And while BSA gets its share of those calls, tips on illicit software use come from a variety of sources. Kruger pointed to a recent call he received from a senior IT manager at a large New England-based real estate firm informing the BSA that the firm was "considerably" out of compliance under the parameters of its software licensing agreements. "Now they're legal, and to my knowledge, [the senior IT manager is] still in his job."

Piracy Carries High Penalties

The penalty for individuals or organizations found guilty of illegally copying or using software "is not a traffic ticket," Kruger says. Copyright owners can sue for damages, including actual damages and any profits obtained by the infringing organization that can be tied to the pirated software. In addition, copyright owners can also sue organizations for statutory damages of up to $150,000 for each work pirated.

Kruger offered some basic tips to avoid software audits, such as adopting effective software management policies, conducting internal audits on at least a yearly basis, and erasing illegally copied software.

Kruger acknowledges that some companies that are caught red-handed often cry foul when the BSA publicizes their cases in the press. He has a different take on it.

"We want to get a little bit of buzz, send a message out there," says Kruger. "It's viewed as hardball, but it's necessary."