Effective Dates in Software Audits are Critically Important
Businesses that receive software audit demand letters from auditing entities such as the BSA or SIIA, or from software companies like Autodesk or Microsoft, often contend they cleaned up their network after receipt of the letter and should be released from any further obligation to conduct an audit or communicate with the auditor. Audited business should keep in mind, however, that the auditing entities typically are focused only on the targeted businesses’ software license-compliance status as of the audit effective date – the date on the first letter those entities send to a targeted business. The auditing entities usually will seek confirmation that the businesses were compliant on the effective date, and on no other date.
Because computer networks may change rapidly, the auditors need to identify a moment in time for which they can ask the audited business, “Did you have all of the licenses for the software installed on your computers?” If the answer is yes, the auditing entity will typically close its file. If the answer is no, the auditing entity will claim the business engaged in copyright infringement on the effective date. The business’ representation that it was compliant after the effective date has no bearing on whether the business engaged in copyright infringement on the effective date. If the matter proceeds to a lawsuit, the auditor likely would claim that the business infringed its or its members’ copyrights on the effective date.
The auditing entity typically demands proof of purchase documentation that demonstrates the ownership of a sufficient number of licenses on or before the effective date. Software purchased after the effective date is not relevant to the audit. Locating, reviewing, and compiling the proof of purchase documentation is a collective effort that often requires coordination among various individuals and departments within an organization. In addition, identifying and listing all of the software on the company’s computers as of the effective date may be made doubly difficult when computers contain large amounts of software irrelevant to the audit. It is also important to keep in mind that software environments change as computers are added, decommissioned, and rebuilt with the ebb and flow of HR turnover.
If you have been contacted by an auditing entity such as the BSA, the SIIA, or a software publisher, you should proceed with caution and should familiarize yourself with the typical process for such software audits. Experienced counsel can help to guide you through that process and to avoid unnecessarily large expenses.