Many companies who comply with a demand by a software publisher or industry association (such as the BSA or the SIIA) for an internal software audit end up facing significant settlement demands after forwarding their audit materials to the other side. One of the reasons the settlement demands often are so high is the fact that the auditing entities frequently base their demands, in part, on the “unbundled” price of software suites. Thus, where a company may expect to pay a fine based on the MSRP of, for example, one undocumented installation Microsoft Office Professional 2007 ($679), it likely will end up receiving a settlement demand based on the combined MSRPs of each of the components of that undocumented suite: Word ($229), Excel ($229), PowerPoint ($229), Outlook ($110), Publisher ($169), and Access ($229), all totaling $1195. In a typical case these difference add tens of thousands of dollars to the amount in controversy.

Another way in which publishers or auditing entities raise the amount in controversy in software audits is the attempt to assess separate “fines” for each allegedly infringing installation of a software product. Thus, a company reporting just ten undocumented installations of Office Professional 2007, with no other licensing shortfalls, may receive a settlement offer based on the combined, “unbundled” MSRPs of the component products totaling just shy of $12,000. Moreover, that is before the auditing entity applies any multipliers to that figure (yet another common tactic) or makes any assessments for their claimed legal fees, both of which factors may drive the opening settlement offer in the above example to $40,000 or more.

It is not difficult to see how owners of small to medium businesses who think that they have a handle on their financial exposure in a software audit matter often end up with truly unpleasant surprises after submitting audit materials to the BSA or SIIA that they may have believed would be negotiating on a more equitable basis.

If your business has been accused of software “piracy” and is responding to a software audit demand either from a software publisher like Autodesk or from the BSA or the SIIA, an experienced attorney can give you visibility into the process and help you avoid unpleasant surprises.

A variety of resolution frameworks are available to businesses involved in a software license dispute. An audit is the most common such framework and entails an analysis of the organization’s network for software installations compared against its licenses. The types of audits initiated by software publishers and trade associations include self audits, independent audits, software asset management (“SAM”) engagements, and publisher-staffed audits.

Self Audits
Self audits are the least disruptive of all software audits. They are a mechanism often employed by trade associations acting on behalf of software publishers. The trade associations, and in some instances, the publisher itself, requests that the target company conduct a self audit and report the results of the audit to the trade association or publisher. Companies that agree to conduct a self audit must inventory the applicable software on the computers within the scope of the audit and report the number of installations, the number of licenses, and the number of license deficiencies using software audit tools, such as Scott & Scott's Compliance Manager.

When evaluating whether you should cooperate or litigate after a request for a self audit, you should consider the benefits of a self audit compared to the other types of audits. For instance, in publisher and third-party audits, you usually have a contractual obligation to participate in the audit and provide information to the auditors. When conducting a self audit, you have some control over the timing of the audit and the allocation of resources. That flexibility is not always present in other types of audits.

Additionally, outside auditors are not always required to be impartial and may submit incomplete or inaccurate audit results. For these reasons, regardless of the type of audit requested by the software publisher, companies faced with an audit should request the opportunity to provide a self audit rather than an independent audit, a publisher-staffed audit, or (usually) a SAM engagement.

Independent Audits
An independent software audit involves the use of a third-party auditor to gather the facts relevant to the dispute. This audit method may be the most costly and time consuming option for the audit target.

Many software licenses incorporate audit provisions allowing the software publisher to request an independent audit. Such provisions must be carefully analyzed to determine the potential business impact of the audit and liability that may result from the audit.

In an independent audit, the organization has no input into the selection of the auditor, how long the audit will last, or the scope of the materials the auditors may review. The target company must also bear the costs of the audit if the auditor finds a licensing discrepancy of more than 5%. If the auditors conclude there is a discrepancy, the publisher has the contractual authority to unilaterally determine the license price for the software necessary to become compliant. Independent audits have significant business impacts and should be avoided if possible. Nonetheless, independent audits are preferred over SAM engagements and publisher-staffed audits because the auditor is usually ethically obligated to remain independent.

SAM Engagements
SAM engagements are also conducted by third-party auditors or consultants, but there is no obligation that the auditor in a SAM engagement be independent. The software publisher requests that the target allow a third party to audit its software installations and report the results directly to the publisher. In these engagements, the publisher pays the auditor, and the target is required to purchase licenses to cover any deficiencies in its software licenses. Microsoft’s SAM engagement has been extensively used in lieu of traditional software audits with mixed reviews from the end user’s perspective.

Participation in a properly managed SAM engagement may be in the client’s best interest
because such engagements typically provide some flexibility and a lower total cost of resolution than self audits and independent audits. In many instances, the publisher seeks no compensation for alleged past infringements in exchange for an agreement to come into compliance on a go-forward basis.

Publisher-Staffed Audits
Publisher-staffed audits are the most intrusive and least impartial of all software audits. In these audits, the publisher’s employees collect information relevant to the dispute. In many instances, publishers request a company’s confidential information or access to a
company’s network to conduct the audit. Although a publisher may arguably have a contractual right to request that it be allowed to examine its customers’ computer network, it is never advisable to agree to a publisher-staffed audit without examining all of the alternatives first.

There are some software licensing disputes that do not lend themselves to amicable resolutions. When there are millions of dollars in controversy and each party believes that it has acted within its legal rights, litigation may be unavoidable. Many times, even when litigation seems certain, the parties evaluate the various litigation considerations and conclude that they should try pre-litigation resolution strategies to see if they can, at the very least, narrow the issues.

Amount in Controversy
Until a client understands its potential exposure in a software dispute, choosing a strategy is almost impossible. The difficulty in software disputes is that a tremendous of amount of work and analysis is required to estimate the amount in controversy.

In trade association audits conducted by the BSA and the SIIA, the amount in controversy may be relatively easy to estimate because agencies typically employ mature alternative dispute resolution processes that permit accurate estimates of not only the amount in controversy but also the probable settlement range.

The amount in controversy is much more difficult to determine in other types of audit because the contractual audit provisions contained in software licenses frequently do not specify a formula for resolving any license compliance gaps following an audit. Regardless of the nature of the dispute, helping the client determine the amount in controversy is an important role for in-house and outside counsel.

Switching Costs
Perhaps the most overlooked issue when developing a strategy for a software dispute is the costs to discontinue use of a publisher’s software and switch to a competitor’s product. High switching costs for enterprise products places the software publisher in a position of strength from a practical perspective. By contrast, low switching costs or changing business requirements places the negotiating strength in the hands of the client. For this reason, publishers who have a dominant market share, such as Autodesk, are generally more aggressive in their approach to audits and litigation than those publishers operating in highly competitive markets.

Switching costs are also critically important because most software licenses contain a termination provision that will almost certainly be invoked when litigation is commenced or just prior to litigation. Termination provisions give the publisher a great deal of leverage in litigation and if the publisher is able to demonstrate that it properly terminated a software license, can bolster the publisher’s copyright infringement claims in the litigation.

Before choosing a strategy, audit targets should work with experienced counsel to conduct a careful analysis of the licenses in question and a disciplined assessment of the alternatives to using the auditing publisher’s products.

Probability of Success on the Merits
The next step in the strategy development process is evaluating the strength of the claims on the merits. While software license disputes are generally pled as copyright infringement claims, the license agreements define the nature of the copyright holder’s grant of authority to use its products. Most matters that proceed to litigation arise because of ambiguous language in the license agreements defining the scope of the license, and it is this ambiguity that will determine the probability of success on the merits.

In some instances, publishers who suspect their intellectual property rights are being infringed will not request an audit of the target’s network. Instead, the publishers will send a legal notice to its customer attempting to terminate their license agreement and prevent the customer from using the product. Publishers often have a contractual right to terminate the license and require customers to immediately stop using the software. A sample termination provision is below.

This Software License Agreement may be terminated (a) by your giving Altova written notice of termination; or (b) by Altova, at its option, giving you written notice of termination if you commit a breach of this Software License Agreement and fail to cure such breach within ten (10) days after notice from Altova or (c) at the request of an authorized Altova reseller in the event that you fail to make your license payment or other monies due and payable. In addition the Software License Agreement governing your use of a previous version that you have upgraded or updated of the Software is terminated upon your acceptance of the terms and conditions of the Software License Agreement accompanying such upgrade or update. Upon any termination of the Software License Agreement, you must cease all use of the Software that it governs, destroy all copies then in your possession or control and take such other actions as Altova may reasonably request to ensure that no copies of the Software remain in your possession or control. The terms and conditions set forth in Sections 1(g), (h), (i), 2, 5(b), (c), 9, 10 and 11 survive termination as applicable. See http://www.altova.com/order_license4.html.

If the software product at issue is an enterprise-wide product that cost millions of dollars, an unexpected termination notice can interrupt the business and will almost certainly escalate the dispute. Furthermore, if the businesses has unanticipated switching costs associated with identifying and researching replacement software, acquisition of the software itself, and training for employees using and supporting the software, the consequences of a termination could be devastating.

Without a contractual provision to the contrary, ambiguous terms in a software license will be construed against the software publisher. Provided that there are no other business factors that would make litigation unwise, an ambiguous license agreement is the situation most likely to lead to litigation.

Construction against the Drafter
When dealing with ambiguities, it is important to determine whether the license in question contains a provision indicating that ambiguities will not be construed against the drafter. If there is no such provision, the general rule in most jurisdictions is that ambiguities in software license agreements will be construed against the drafter. If the contract is silent on construction against the drafter, it is important review any choice of law provision and determine if the specific jurisdiction follows the general rule.

Parol Evidence
The Parol Evidence Rule, which is applicable in most states, provides that when a court determines that a contractual provision is ambiguous, the parties may introduce extrinsic evidence to prove that their interpretations of the contract are consistent with the parties’ intent when entering into the contract.

In a software dispute, parol evidence will include testimony from both the software company and the end user regarding pre-contract discussions and negotiations as well as pre-contract writings including e-mails, faxes, purchase orders and draft license agreements. All of this evidence would be precluded in a contract dispute where there was no ambiguity in the contract. In such instances the court would be confined to what is called the “four corners” of the software license agreement when conducting its interpretation.

Software licenses often discuss technical matters, and are therefore frequently ambiguous. These ambiguities require the parties to develop and present extrinsic evidence in court. Typically, the evidence is developed through pre-trial discovery mechanisms such as requests for production of documents and depositions, which can be very expensive.

Triable Issues of Fact
Contract disputes, including those involving software licenses, are frequently resolved before the trial begins through motions for summary judgment. The interpretation of a non-ambiguous contract is decided as a matter of law by the court. In addition, because the parol evidence rule precludes the introduction of evidence in contravention of the plain meaning of an unambiguous contract, litigation costs are reduced because the extrinsic evidence regarding the parties’ pre-contract intent is not considered by the court.

2007 was an exciting and dynamic year for the software asset management industry.
As we enter a new year, the software industry will continue to evolve. Here are my predictions for what will happen in 2008.

1. BSA expands its “no-fine” self-audit program

I will remember 2007 as the year that the BSA increased its reward program for “anti-piracy” leads to up to $1,000,000. With approximately fifty-five million dollars in global revenue showing on its most recent tax return, BSA will continue to be the most important software police organization in the world. Recently, BSA has created a new audit flavor, it’s a self-audit with a twist. Targets are asked to conduct an audit, provide invoices for software purchased as a result of the audit and the BSA agrees to close its file. I call this the “no-fine” self-audit because once the audit is conducted and materials produced to BSA, the file is in fact closed without protracted settlement negotiations over fines and other terms. I predict that the “no-fine” audit will be used with greater frequency 2008.

2. Microsoft Expands SAM Engagement Program

Microsoft’s SAM initiatives have replaced what used to be contractual audits. Under this program, Microsoft hires a consultant to assist the customer in conducting and audit that is the results of which are reported to Microsoft. As many clients continue to struggle to manage compliance with Microsoft licensing, Microsoft will continue to invest time and resources in various SAM initiatives. Although, I have been a critic of the certain aspects of Microsoft’s SAM Engagement, I think publishers like Microsoft that help customers deal with SAM challenges will be most successful in the long run. I think the number of variety of global SAM engagements will increase dramatically in 2008.

3. Adobe to Focus Attention on Fonts

In the recent weeks, we have started to see BSA audit letters specifically requesting audit information regarding installed fonts. Depending on the nature of your business, you may be receiving files that contain proprietary fonts licensed by your company vendors, clients, and partners when they send you documents. Frequently, these fonts wind up remaining on your computers systems creating a potential compliance issue. Adobe has an extensive portfolio of fonts that are used in its industry leading design products. I think that in 2008 the focus on font licensing compliance will continue.

4. Industry Consolidation Accelerates
As we continue to experience the economic ripple effects of the sub-prime meltdown, I think there will be an increased credit squeeze in 2008. As smaller publishers find it harder to borrow funds to fuel growth, continued industry consolidation should occur in 2008. These same economic factors may lead to increased acquisition and divestiture work for software asset managers in all industries.

5. Autodesk Stays Aggressive

In addition to participating in audits conducting by the SIIA and BSA Autodesk maintains its own “anti-piracy” program implemented exclusively by Donahue Gallagher & Woods law firm. While other publishers search for kinder and gentler enforcement strategies, I predict that Autodesk will continue to be aggressive in its approach to enforcement working through the pre-eminent anti-piracy attorneys to implement its heavy-handed strategy.

6. End-Users Benefit from Soft Economy

If the economy weakens and revenue pressure on software publishers increases, end-users will enjoy greater negotiating and bargaining power. The smartest companies will negotiate aggressively with the software industry to secure favorable pricing and licensing terms custom tailored to their business needs. In my experience, senior management at software publishers are more likely to make licensing and pricing concessions when there is a new transaction and considerable cash on the table. A soft economy will force publishers to make concessions to end-users in 2008.

7. Resellers Expand Asset Management Services

To stay competitive, software resellers have had to offer value added tools and services to assist their customers with managing the hardware and software assets they sell. The smartest resellers are learning that the more asset management tools and services they can provide the greater wallet share they will enjoy for hardware, software, and services. Dell’s purchase of ASAP Software and Insight’s purchase of Software Spectrum have started a trend that will continue in 2008.

8. Third-Party Commercial Access Licenses Go Mainstream

In 2007 Microsoft greatly expanded its reseller network for its Service Provider License Agreement Program. This program provides commercial access licenses to Microsoft technology. Traditional client access licenses (CAL) are for internal use and access only. If you provide direct or indirect access to third parties including your customers, vendors, and business partners you should consider whether you need SPLA licensing. In 2008, third party access licensing will become increasingly important under Microsoft SPLA as well as other major publishers licenses.

The most common mistake we encounter in software audits is the failure to compile and produce accurate installation information. Like all technology projects, collecting the information to produce in response to a request for an audit can be very complicated and time consuming. To begin the audit process, it is necessary for the company to select an automated software discovery tool, such as Scott & Scott's Compliance Manager. Even for small environments, employing a manual process to review the software on each computer is time consuming and unreliable. Any automated discovery that is conducted directly by the client or by a third-party provider will not be protected by the attorney-work product privilege because the privilege only applies to communications between attorneys and their clients. Many tools capture information related to the software installations on a computer network, but produce the results in a format that the company cannot interpret. Even worse, many companies produce the audit results from the free tools provided by the trade associations. These tools, more often than not, inaccurately report the data and fail to exclude information that is outside the scope of the audit request.

Companies also err in the audit process by relying on their IT staff to respond to the request for an audit. Members of IT departments typically prepare audit reports containing information that is incorrect or beyond the scope of what is required to adequately respond. This is particularly problematic because the release of liability contained in most software audit settlement documents is contingent on the accuracy of the results produced during settlement negotiations. If the technology department improperly reports the software installations, the monetary portion of the settlement will be inflated, and the release of liability will be jeopardized.

Another common error audited companies make is submitting improper documentation in an attempt to demonstrate proof of ownership for software licenses. Contrary to popular belief, trade associations and publishers only accept dated proofs of purchase, with an entity name matching that of the audited company, before acknowledging that the company owns a license for a particular product. For this reason, companies should avoid purchasing additional licenses of installed software in response to a request for an audit as these purchases will be irrelevant to the audit. Companies should seek the advice of counsel regarding the purchase of additional software during the audit process and the impact that it may have on the pre-litigation audit and any subsequent litigation that may arise.

Because most clients are not able to properly interpret copyright laws and software licenses without specialized legal assistance, it is critical to involve experienced counsel in the process of interpreting the software installation information gathered by the automated discovery tool and reconciling that data with all available proof-of-purchase information. Once the installation information has been collected, it should be reviewed to determine whether it only includes information within the scope of the audit. Additionally, licensing models are often dependant on the actual use of the product in the company’s specific environment. In other words, you cannot interpret the license without a thorough understanding of the computing infrastructure and how the software is being used from a technical perspective. Other licensing considerations that require specialized knowledge and expertise include client access licensing, upgrade and downgrade rights, and licensing for non-concurrent laptop use.

One of the first things I ask a prospective client is: What is the date on the initial letter you received from the SIIA? The date on the initial in a SIIA letter is often referred to as the Audit Effective Date. This date is important for many reasons. I like to tell my clients that a software audit measures a snap-shot in time – what SIIA member software was installed on the company’s computers as of the Audit Effective Date. Once you have an accurate inventory of what was installed on the Audit Effective Date, the next step is to determine what proofs of purchase are available to establish purchases prior to the Audit Effective Date.

When a software audit matter is settled, the target is required to certify that the audit results provided during the course of negotiations are true and correct as of the Audit Effective Date. For this reason uninstalling software that was installed on the effective date, or purchasing software products after the effective date have no impact on the calculation of fines in software audits. It is critical to obtain an accurate inventory of the software installed on the target company’s computers as quickly as possible, using a software inventory tool such as Scott and Scott's Compliance manager, following receipt of the initial letter from the SIIA. Failure to understand the importance of the Audit Effective Date, has caused companies to go on software buying sprees in response to a software audit and to report results to the SIIA reflecting the software installed on a date after the Audit Effective Date. I believe that both of these strategies are mistakes that should be avoided.

One of the top ten questions asked by my clients is “How long does the self-audit process take from start to finish?” Of course I give the standard lawyer answer: it depends. Here are the steps to a typical software audit.

Preparation of Audit Materials (3 to 6 months)
A software audit is a request, under threat of litigation, to compile a listing of software products installed on the audited entity’s computer network as of the Audit Effective Date. The Audit Effective Date is the date on the initial letter requesting an audit. The first step in preparing this information is conducting an automated inventory of the software products installed on all computers owned or leased by the target company, using a software inventory tool such as Scott & Scott's Compliance Manager. Once an accurate inventory is completed, the next step is to reconcile the software inventory information with proofs of purchase dated prior to the audit effective date. While there are various ways to prove ownership of a software license, typically an invoice is considered the best evidence of ownership in a software audit. In the typical case, the software inventory and reconciliation process takes three to six months.

Secure a Confidentiality and Federal Rule of Evidence 408 Agreement (1 week)
With very limited exceptions, we advise the targets of software audits to cooperate with the self-audit process but to do so in a way that does not compromise their position in the event that an out of court settlement is not possible. We do not disclose any information to the audting entity until it signs an agreement regarding the confidentiality of the information disclosed and specifically limiting the entity's ability to introduce the information as evidence in court. In the typical case, this is signed within one week.

Audit Entity Analyzes Self-Audit Materials and Makes a Settlement Demand (3 to 6 months)
After the self-audit materials are submitted by the target, the auditing entity typically takes three to six months to respond. The response provides its interpretation of the self-audit materials and applies a formula for its initial settlement proposal. In many instances, the settlement proposal is substantially more than the target may have expected due to differences of opinion regarding what constitutes valid proof of ownership. In our experience, the auditing entity usually takes three to six months to make substantive response following the submission of the self-audit materials.

Negotiation of Monetary and Non-Monetary Terms of Settlement (6 to 24 months)
After the auditing entity makes its initial settlement demand, there are various monetary and non-monetary terms that need to be negotiated. The obvious material term in every software audit negotiation is the monetary amount to be paid to the auditing entity for alleged past infringement. The most significant non-monetary issue is whether the auditing entity will agree to a confidentiality provision. Such provisions require the auditing entity to keep the existence and details of the audit confidential and preclude the them from issuing a press release. The length of the negotiation process differs from case to case but generally lasts between six months and two years.

Like all audits, success in a SIIA software audit depends less on what you own and more on what you can prove that you own. Although not required by law, the SIIA takes the position that a target company is out of compliance for each installation of SIIA member software products for which the target company cannot produce a dated proof of purchase. Many clients are dismayed to discover what does and does not constitute valid proof of purchase according to the SIIA.

Not Considered Valid Proof
1. Copies of Checks to Software Vendors
2. Dated Purchase Orders
3. Undated Software Licenses
4. Credit Card Statements Evidencing Software Purchases
5. Certificates of Authenticity
6. Media, Manuals, or Key-Codes
7. Invoices Bearing and Entity Name Other than the Entity Named in the SIIA’s Initial Letter

Valid Proof of Purchase
1. Dated Invoices in the Name of the Audited Entity
2. Soft Records (online account statements) from Recognized Resellers
3. Signed and Dated License Agreements
4. Soft Records from SIIA Member’s such as Microsoft Licensing Statements
5. Cash Register Receipts for Retail Sales where Product, Version, Quantity and Price Paid are Included.

Understanding how the SIIA analyzes software audit materials is critically important to achieving the most favorable outcome. In our experience, it is the most time consuming and difficult part of the process for clients to handle on their own.

Scott & Scott, LLP is not affiliated in any way with the SIIA

One of the most controversial tactics the software policing agencies use when calculating its settlement demands is its practice of unbundling software suites such as Microsoft Office and Adobe Creative Suite. Unbundling occurs when the target of an agency audit is unable to provide acceptable proof of purchase for one or more installation of a software suite.

The effect of unbundling is to dramatically and artificially inflate the monetary component of an agency settlement because the fines are based upon the MSRP of each component part of the software. In an agency software audit involving Microsoft Office for example, they unbundle the suite by separating Microsoft Outlook, Microsoft Word, Microsoft Excel, Microsoft PowerPoint, and Microsoft Access and then calculate its proposed fine on the basis of the MSRP of each component. This practice results in a proposed fine per installation of approximately $2,000 for a product with a market price ranging from $150 to $350, depending on the version.

In my opinion, the practice of undbundling is completely contrary to law because the software suites of an agency's member publishers are compilations under the copyright law and therefore constitute a single work for purposes of calculating statutory damages for infringement. The U.S. Copyright Act 17 U.S.C. § 101(c) defines a compilation as follows:

A "compilation" is a work formed by the collection and assembling of preexisting materials or of data that are selected, coordinated, or arranged in such a way that the resulting work as a whole constitutes an original work of authorship. The term "compilation" includes collective works.”

The statutory damages provision of the U.S. Copyright Act 17 U.S.C. § 504(c) provides in pertinent part that:

For the purposes of this subsection, all the parts of a compilation or derivative work constitute one work.

Federal court’s have also interpreted these provisions to preclude recovery of statutory damages for the component parts of a compilation. For example, in XOOM v. Imageline, the Court of Appeals for the Fourth Circuit only made one statutory damage award for each compilation of electronic clip art, even though each compilation included thousands of works because “[a]lthough parts of a compilation or derivative work may be ‘regarded as independent works for other purposes[,]’ for purposes of statutory damages, they constitute one work.” XOOM v. Imageline at 285, citing H.R. Rep. No. 94-1476, at 162 (1976).

Similarly, in WB Music Corp. v. RTV Communications Group, 445 F.3d 538 (2d Cir. 2006) the Court of Appeals for the Second Circuit interpreted 17 U.S.C. § 504(c) and discussed the distinction between compilations authorized by the copyright holder that constitute “one work” for statutory damages purposes and collections of separate works compiled by the defendant and never authorized by the copyright holder. Because the software suites implicated in SIIA audits involve separately copyrighted works included in a compilation authorized by the copyright owners, section 504(c) applies and prohibits the award of statutory damages for the component parts of the suite.

One of the most common mistakes I encounter in software audits is what I call the post-effective date software buying spree. The buying spree occurs in response to a letter from a publisher or publisher's attorneys requesting a self audit. Many clients are discouraged to learn that software purchases made after the date of the initial letter have no impact in a software audit matter. For this reason, I advise my clients against scrambling to acquire software in response to a software audit.

The first thing a target of a software audit needs to do is preserve the evidence of software products installed on the company’s computers as of the audit effective date. Second, the software installed needs to be reconciled against proof of purchase information to determine whether there is gap between licenses owned and software installed. Third, a decision needs to be made regarding whether to purchase or uninstall any unlicensed software. The auditing entity is only concerned with those products installed as of the audit effective date, and accepts only proofs of purchase dated on or before that date.

I advise my clients that regardless of what was installed on the audit effective date, they only need to purchase software licenses for products that they need to use going forward. Although it will not resolve past liability, companies may choose to uninstall unlicensed products at the conclusion of the audit matter, rather than purchase unnecessary software simply because it was installed on the effective date. At the conclusion of a software audit matter, the target must certify that it has come into compliance through the combination of buying and\or uninstalling the products in question.

New Licensing Model for Microsoft Windows Web Server 2008

Microsoft will apply a new licensing model to Windows Web Server 2008. Microsoft will no longer restrict the number of users that can access the Web Server. Though Windows Web Server 2003 did not require Client Access Licenses (CALs), it did limit access to 50 users. CALs are licenses that allow a user or machine to access the functionality of the server software. A CAL is separate and distinct from the server software license and is generally required in addition to the software license. According to Microsoft’s web site, located at http://www.microsoft.com/windowsserver2003/howtobuy/licensing/priclicfaq.mspx, Windows Web Server 2003 does not require CALs.

The End User License Agreement for Windows Server 2003 also supports this conclusion. The License Agreement contains a provision excluding from the CAL requirement any user or device accessing the server solely through the internet that is not authenticated or otherwise individually distinguished by the server software. This allows internet users to access the server and request web pages from an internet browser. However, Microsoft did place a 50-user access limit in the Web Server license terms.

Microsoft will remove the 50-user access limit contained in Web Sever 2003 from Web Server 2008, provided that the server is deployed as a internet-facing, front-end server. Microsoft will also remove from Web Server 2008 restrictions on how its built-in database components may be used.

If your business needs assistance selecting a server product and understanding its licensing structure, you should contact counsel experienced with licensing issues and software compliance.