As software audits increasingly become a way for software publishers to increase revenue, it is more important than ever to ensure that after a company has invested effort into resolving an audit, the company does not jeopardize the value of the release of liability. The following are suggestions for on how to identify, negotiate, and manage ongoing settlement obligations.
- Identify the auditing entity in order to determine which post-settlement obligations are negotiable.
Two major entities that pursue copyright infringement claims on behalf of software publishers is BSA| The Software Alliance “BSA”, and the Software & Information Industry Association (“SIIA”). Each of these organizations have power of attorney to pursue copyright infringement claims, conduct an audit, and negotiate a settlement with audit targets. Although the settlement agreements for the BSA and SIIA are similar, each contain slightly different provisions that a company will likely negotiate. The most common negotiating point in BSA audits is the BSA’s inclusion of a provision authorizing it to inspect the premises of the audit target for a period of three years with one week’s notice. Although the SIIA does not include a similar provision, it does require specific documentation and deadlines for software remediation and annual certifications of compliance.
In addition to these two groups, software publishers may pursue direct audits, which may follow a specific formula based on the audit rights granted in the applicable license agreement. Depending on the nature of the agreement with the software publisher, the audit rights may greatly vary. Some may authorize third party auditors, while others allow a self-audit. The penalties may range from statutory to a specific percentage of the MSRP value of the products in question.
2. Timing is important when negotiating certain provisions.
Typically, the BSA and SIIA send a draft settlement agreement with their initial settlement demand, so the terms can be negotiated at an early stage if necessary. During the standard process, the settlement payment is negotiating first, followed by revisions to any other provision. However, the BSA in particular charges are premium for certain provisions such as the confidentiality provision and removal of the inspections provision, so these two should be negotiated up front and built into the total settlement payment.
The remaining provisions, such as the timing of remediation, can be resolved once the payment is agreed upon.
3. Remediation requires specific documentation and deadlines.
Most initial drafts of settlement agreements require the audit target to remediate any unlicensed software within 30 days and provide documentation within 45 days. However, many companies are unable to meet such a tight deadline because of a number of reasons, ranging from an expansive, dynamic environment, to a lack of sufficient funds following a large settlement payment.
If a company knows in advance that it will not be able to complete remediation within the proposed time frame, it is important to request additional time during negotiations. Depending on the situation, a company can often expand the deadline to 75 or 90 days.
Because the release of liability provision specifically requires remediation to be complete, failure to meet the deadline could invalidate the release of liability. Without the release of liability, the BSA or SIIA could keep the settlement payment and still pursue the company for copyright infringement claims in court. After settlement and during the remediation period, if a company is concerned about meeting the deadline, it should request an extension in writing in order to remain in compliance.
Each settlement agreement is unique, so it is important to carefully review all of the terms, especially the release of liability provision. Some release provisions are contingent on all representations and warranties made in the agreement along with all post-settlement obligations, while others require completion of specific provisions. Understanding what is required is critical to protecting the company and ensuring all claims are released.