Agencies fall prey to software-license fraud

Unwittingly or not, government agencies are among the most susceptible to buying counterfeit software licenses, but they may also be one of the only groups trying to remedy that fact.

Last week, Microsoft Corp. filed its first major round of lawsuits for distributing illegal software licenses against seven resellers across the country. And according to Microsoft, at least 24 federal agencies unknowingly bought more than 850 of those counterfeit licenses.

"I think government agencies are particularly susceptible to this type of fraud because of the regulations that require them to purchase software from the lowest bidder unless there is a clear reason not to," said Tim Cranton, a corporate attorney at Microsoft. "So if they are not aware of the problem, the lowest bidder can easily be selling them counterfeit EULAs [end-user license agreements]."

But federal agencies also are much more aware of the problem of software and licensing fraud than most, thanks to high-level attention from the president, the Office of Management and Budget and the CIO Council.

Last year, President Clinton signed an executive order that required agencies to put policies and procedures in place to ensure that they did not "acquire, reproduce, distribute or transmit computer software in violation of copyright laws."

The executive order not only placed a responsibility on federal agencies but also requires federal contractors and organizations that receive federal grants or loans to have systems and controls in place to ensure that federal money is not used to violate copyright laws.

The CIO Council, as directed by the executive order, also is developing a set of guidelines for agencies. Through its Outreach Committee, the council has been working with industry and state and local governments to determine how agencies can implement the requirements laid out in the executive order. A final vote of the guidelines is expected next month, according to Alan Balutis, co-chairman of the CIO Council's Outreach Committee.

Many government agencies already have some kind of policy in place to handle illegal software and licenses, said Mario Correa, manager of trade policy at the Business Software Alliance, which is working with the CIO Council on the guidelines. But the policies often are not centralized, and there is no procedure for employees to follow as is now required by the executive order, he said.

"I think the executive order has really energized the efforts," Correa said. "We've seen an incredible impact."

Microsoft also is seeing a definite effect at the federal level. "We're in a better position now because we have this executive order and the increased awareness at agencies," Cranton said.

Question the Numbers

The number of incidents reported at the federal level may be disproportionately high because of the increased attention. Agencies that are aware of the problem and are looking for it are reporting many more instances than those who are not as conscious of the problem in the commercial and consumer markets, Cranton said.

The executive order has raised attention at the federal level, but Correa said he does not believe the numbers would be affected too much because industry and state and local managers also are looking into how to solve the problem.

"I think that any time the attention is focused on software management or illegal software use that [it raises] awareness.... But any organization is likely to have problems with illegal software in the absence of a clear software management policy," he said. The executive order's concept has also spread around the world as the U.S. Trade Representative talks with other countries such as China, Taiwan and Columbia, Correa said.

Microsoft is working closely with the Justice Department and many U.S. Attorneys offices to prosecute people or companies found selling illegal software or licenses, Cranton said. The company also will work with law enforcement to send "cease-and-desist" letters as a first warning to companies suspected of selling counterfeit software.

The Justice Department and the U.S. Customs Service last week also announced the Intellectual Property Rights Initiative. The initiative is a joint effort to raise awareness about intellectual property rights and to prosecute the theft of software and other copyrighted works.