Psssst--This is a subject few want to discuss

Vice President Al Gore brought renewed attention to the issue last month when he
directed the Chief Information Officers Council to draft standards for auditing agency
software and dealing with illegal copies.


Gore said the government should hold itself accountable because it insists that other
countries abide by U.S. copyright laws.


Agencies and software vendors alike told GCN they are reluctant to publicize cases of
software piracy. Many vendors prefer to go through industry trade groups to get
compensation rather than take the offending agencies to court.


Almost all out-of-court settlements stipulate that vendors must not publicly disclose
information about the offenders.


The Defense Department formally instituted an antipiracy policy in a 1993 memo by
Emmett Paige Jr., then assistant secretary of Defense for command, control,
communications, computers and intelligence.


Paige was following up on the recommendations of a DOD inspector general's report that
found in 1993 that more than 51 percent of 1,000 audited DOD computers lacked
documentation to prove software had been acquired legally.


"That was the tip of the iceberg," said Terry Miller, president of Government
Sales Consultants Inc. of Great Falls, Va., and things haven't improved, he said.


"I don't think half the agencies have a written policy" on software piracy,
Miller said. "I have never seen a government employee fired, put on probation or
fined for stealing software."


But Steve Yohai, outgoing chief information officer for the Housing and Urban
Development Department, said the issue is serious even though no unauthorized software has
been identified at HUD.


"We'd probably get the inspector general involved" if unauthorized use and
distribution of software or office suites were found, Yohai said. "That's theft, and
it's very serious."


He said HUD controls software distribution by metering products from servers or handing
out copies manually. The Office of Information Technology maintains a software inventory,
he said, and the agency buys site licenses to reduce the risk of piracy.


Maintaining standardized desktop configurations for HUD's 10,000 employees has also
helped the department comply with licensing agreements, he said.


The Software Publishers Association recommends that organizations also appoint a
software manager to carry out guidelines and conduct a piracy education program.


Miller said he has worked on behalf of vendors almost two dozen times during the past
decade to recover payment for unauthorized software use.


In one case, a vendor collected $10 million from the Army after threatening to sue for
software piracy, he said. In another case, the National Institutes of Health paid a vendor
$385,000 after the company charged NIH with using $500,000 worth of its products, he said.


One of the top five commercial software vendors, according to Miller, gets 20 percent
of its annual federal revenue from settlements by agencies that used software illegally.


Miller, who has tracked federal software piracy cases since 1974, criticized the
Business Software Alliance and Software Publishers Association for metaphorically
"picking on the easy guys but not the Marines" and shying away from prosecution.


The Business Software Alliance rarely receives calls about illegal software at federal
agencies, said Bob Kruger, the organization's vice president for enforcement, but said he
hasn't seen anything concrete happen in the past three or four years to indicate that
things have improved. He said Commerce Department officials have consulted with him about
their software management policies.


The most infamous case of alleged federal piracy was Inslaw Inc.'s case against the
Justice Department, in which the company claimed that Justice officials illegally copied
millions of dollars' worth of Inslaw's Unix case tracking software and distributed it to
other agencies and to foreign governments.


Inslaw went bankrupt in 1983, but its owners have continued to fight the case--with
little success--to this day. Justice officials closed the case after a federal claims
court's decision last August that Inslaw's case had no merit. Miller said Inslaw is filing
an appeal.


inside gcn

  • IoT security

    A 'seal of approval' for IoT security?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above