Large companies that invest heavily in software licensing are familiar with the extremely one-sided nature of most software license audit clauses. It is a pleasant surprise when such clauses do not give software publishers rights to conduct audits at any time and for any reason, and when they do not require the audited companies to make punitive payments upon findings of even nominal or inadvertent usage in excess of licensed limits. It is therefore not surprising that those clauses often are among the most heavily negotiated sections of enterprise-level license agreements, especially when the licensee is a business with sufficient bargaining power to demand fairer terms. Here are three changes that can result in a much more equitable balance of audit rights and obligations:
- Frequency Controls In the past, it was common for license agreements to place limits on how often publishers could initiate audits. In recent years, however, those terms have tended to disappear from many publishers’ form agreements. Companies need to demand reasonable limits on how often they should be subject to the administrative burdens of license reviews. One important way to accomplish that goal is to require that audits be commenced within the terms of license-purchasing agreements (such as a Microsoft Enterprise Enrollments) and for limited periods of time thereafter.In addition, publishers should commit to commence audits no more than once per year (or two years or three years), unless they receive information reasonably indicating that licensees are out of compliance.
- Access Controls Some license agreements purport to give publishers the right to “access” licensees’ computing systems in order to conduct audits. These rights should be flatly rejected. Publishers have no reasonable basis to require the right to touch their customers’ computers. At best, they should be allowed to designate third-party auditors, subject to non-disclosure agreements, to ask questions and observe licensees’ employees gather relevant data from computer systems where the software products in question are deployed. Especially for companies in sensitive industries such as healthcare or financial services, intransigence by any publisher on this point should be considered a deal-breaker.
- Releases of Liability Software publishers *hate* to provide releases of liability, and in some circumstances,many will refuse to do so. Companies should not be expected to accept that outcome. If licensees are going to expose themselves to the administrative and legal burdens associated with software audits – which often result in questionable or disputed findings – then it is reasonable for them to expect to receive a release of past liability upon purchasing any required licenses or otherwise remediating any compliance deficiencies identified as a result of audits. License agreements therefore should obligate publishers to provide such releases.