Go On--Declare Tech Interdependence: But, do it Very Carefully or You're in Software Piracy Country!
Go Ahead and Declare Technology Interdependence from your Shadow IT Environment: But, if you don’t do it carefully, you are in for a world of software piracy audit hurt.
I’ve been following the series of CIO Magazinearticles addressing the realities of Shadow IT and, until, “The Declaration of Interdependence” appeared in the July issue, the logic was pretty solid. However, as I read this article, I could easily visualize the collective drooling of the well-funded and incredibly powerful copyright enforcement industry players across the country. If ever there was a commentary that literally guaranteed a punitive software piracy audit, this would be it.
“If I were an employee of one of the enforcement groups I would frame this material and hang it proudly in my office as a reminder of how secure my profession is and how very wealthy I will become.”
Here is why I am extremely concerned with the underlying message this article conveys: IT professionals, as a whole, do not have any idea how easily they expose their company—and their own professional futures—when they “…secure the network and (do) not worry about client devices…” or “...so I protect the institution, not the individual…”
“Sorry, Dave, but here be some serious legal dragons!”
2008 Update - For some odd reason the original article that I have referred to in this commentary has essentially disappeared from the CIO.com web site--and, yes, I have conducted a pretty extensive search. The article is, however, the cover story in the July 1, 2007 print issue of CIO magazine (pgs 38-46). If you locate the online version: Go Ahead - Declare Tech Interdependence, please let us know where it has landed. Unfortunately, however, the problems relating to Shadow IT practices will continue to plague us all.
Real World - There are more than 26 active copyright enforcement industry players in the United States (Over 100 globally). Many of these groups are aggressively hunting down violators. Two U.S. enforcement players are offering whistle-blower rewards of up to $1,000,000. These folks do not care how the incorrectly licensed products came to be present on your computers. They do not care who put those products on the systems. The collective software police and copyright cops honestly believe in the letter of the copyright-related laws and, for the most part, those laws clearly state that the owner of the device is responsible for all violations.
In other words your company is being set up to lose a software piracy enforcement audit when, as noted in the CIO Research sidebar (page 43) of CIO, 85% of the respondent IT leaders’ employees use downloaded programs and (on page 44) “…61% of IT organizations allow end users to find and use their own software applications...”.
How Much Do You Want to Lose Today? When you permit employees to place incorrectly licensed copyright protected products on your systems, you are violating Federal Copyright Law (Titles 17 and 18 of the United States Code). If you permit these acts knowingly, you could be liable for criminal fines of up to $250,000 per copyright infringed. If you didn’t know about the violations, you might be covered by the civil fine of up to $150,000 per copyright.
Real World – Buried within the 26+ entities referred to as the software police and copyright cops are groups that actively search for—and punish—violations of font, graphic, music/sound, video, and game copyrights—in addition to operating systems and software. And, please, don't assume that you don't have any of these items floating around your systems.
The Bottom Line is This: CIOs and IT personnel may be peripherally aware of the risks associated with copyright violations but the realities and risks we take in not monitoring—and intelligently controlling—copyright protected products are significant. As part of our evolving roles and responsibilities within our enterprises and our cultures we need to become clearly aware of how aggressive the software piracy and copyright violations enforcement groups are playing the game.
Want a More Personal Bottom Line? I have communicated with well over one hundred companies that have endured punitive software license non compliance audits. There are two consistent themes for nearly every one of those confrontations: The target companies will pay six and seven figure fines and penalties; and someone in the IT departments of those companies will be looking for a new job.
Please Accept My Apologies:
In a single Briefing I can’t possibly supply you with all of the reasons that these perspectives are valid.
I can’t explain how easily you can become trapped by the concepts of vicarious liability and contributory infringement.
I can’t clearly document how the product license and related agreements bind your company to terms and conditions that literally set you up to lose enforcement audits.
I can’t reveal the intricate web of onerous clauses contained in those invisible click-through licenses governing all of those unknown downloaded products.
I can’t step you through an actual enforcement audit and identify the many risk factors or provide you with matching suggestions of how to avoid being targeted.
I can’t demonstrate how proactive software asset management (SAM) can save your company as much as 25% or how those same proactive methods (ITAM) can help you avoid as much as 90% of the audit confrontations.
However, what I can do—what I am already doing—is develop and deliver a series of Knowledge Briefings and professional development opportunities that give you a significant edge against a multitude of smoke and mirror problems you wouldn’t even know you had until you were knee deep in a hostile enforcement audit.
I’m Alan Plastow and, through The Business Technology Consumer Network (BizTechNet.org), we are working to change this industry. Let us know what you think. Feedback is encouraged. Disagree? Agree? If you don’t speak up we can’t help you protect and defend yourself and your company. Until someone opens the blinders, we’ll never understand the sheer power and costs of the copyright enforcement industry sucker-punch audits.
“At BizTechNet.org we provide the knowledge you need to succeed!”