Publication
Road to COP29: Our insights
The 28th Conference of the Parties on Climate Change (COP28) took place on November 30 - December 12 in Dubai.
Australia | Publication | 5月 2021
The global economic uncertainty resulting from COVID-19 and its flow-on impacts has presented many issues and challenges for Government and the private sector in 2020 – particularly in terms of business continuity, contract performance, increased costs, reduced revenues and financial distress. These issues and challenges are continuing into 2021, with no signs of slowing down any time soon.
In this climate, businesses often look for alternate or “complementary” revenue streams in an attempt to maintain profitability until Government spending and business confidence stabilises. For software licensing companies, one legitimate alternate stream of revenue is found in compliance.
Compliance-related revenue relates to the (sometimes significant) additional payments that IT vendors can be entitled to claim if a customer is found not to have strictly complied with its software licensing obligations.
It is not unusual for large IT vendors to have separate business divisions responsible for sales and compliance. When sales revenue is down, for some IT vendors their compliance-related activities such as audits and true-ups can generate substantial alternative payment streams. And while key customer relationships are often critical for business sales, they become less important in the compliance space where the focus is on strict enforcement.
If you licence software from an IT vendor, it is critically important that you are aware of any restrictions that apply to its use.
A computer program is a "literary work" under the Copyright Act 1968 (Cth) (Copyright Act), and so the programmer is the owner of copyright in the program. Copyright protection also extends to published materials accompanying software such as user documentation, website content and software user interfaces.
Under the Copyright Act, the software owner has the exclusive right to:
The act of installing software on a device typically involves some kind of copying. Alternatively, if you use a software-as-a-service product, this may involve the right of communication, which under the Copyright Act means making available online or electronically transmitting.
Copyright owners seek to protect their exclusive ownership rights by putting in place licence agreements (often, in the form of an end user licence agreement, or EULA) that describe the extent to which licensees may use their software. To undertake these activities without a licence in place, or in a manner that is contrary to the rights granted, constitutes a breach of the rights of the copyright owner.
Over the past 10+ years software licensing models offered by IT vendors have become increasingly diverse. Licence types vary from the simpler user-based licences (e.g., named user) to the more complex enterprise, capacity, client device and resource value unit (RVU) licence models. The technical and commercial requirements that apply to each of these licence types are often complex and can be difficult to navigate. They regulate a broad range of matters such as the types of technology that must be used to deploy and manage software; the audit tools that must be used; the environment in which software can be deployed; the particular products that can be deployed in bundles; the use of associated technologies; and the physical characteristics and scope of key concepts such as enterprise, users, machines and devices.
To add to this complexity, IT vendors also frequently set out software licensing terms in multiple tiers of documents, most of which are only available via web libraries or through online tools, many of which change regularly. This can make the task of understanding your compliance obligations challenging.
When you factor all of this in with the current global environment and the dynamic way in which organisations are working, it becomes clear that software licence compliance requires significant effort to manage (especially in the case of large organisations), and the risks if you get it wrong can be substantial.
There are many examples of claims being brought by IT vendors against customers for the exercise of software licence rights beyond the scope of a licence that has been granted. This includes the recent case of Bitmanagement Software GMBH v United States (https://ecf.cofc.uscourts.gov/cgi-bin/show_public_doc?2016cv0840-132-0) in the U.S. Court of Federal Claims, in which the Court dismissed a USD $600,000,000 copyright infringement claim against the U.S. Navy for copying more than 400,000 times despite being licensed for only 38 copies.
More recently, the Federal Court in Minnesota has heard claims from health system provider Fairview Healthcare Services (Fairview) against Quest Software, Inc. (Quest) (and its affiliate, One Identity LLC) arising out of an audit by Quest. Fairview argued that after it notified Quest that it was cancelling maintenance services as part of their licensing arrangement, Quest immediately issued an audit notice and made non-compliance findings (in the multi-millions) for exceeding the number of licences allowed, which Fairview disputed. Quest counterclaimed copyright breaches largely stemming from the over-deployment.
Perhaps most interestingly, however, is that Quest (as part of a related transfer order) argued that the click-through agreements that came with new purchases, annual maintenance and support or product updates superseded and replaced previous perpetual licence agreements. It was to Quest’s advantage to do so, as with each passing year it made its licence agreements more favourable to Quest. However, Fairview sought to keep the benefits of what it bought and paid for as part of the earlier perpetual licence agreements. The judge ultimately found in favour of Fairview by reasoning that Quest could not apply later licence agreements to earlier perpetual licences simply by virtue of new purchases, annual maintenance and support or product updates.
In the current environment, it is critical for Government departments and agencies to be aware of their software compliance obligations, vendors’ entitlements to audit, and how to respond to any non-compliance issues or threatened actions.
So what should Government departments and agencies do? The simple answer is to get your house in order, including by:
It is an understatement to say that we are currently experiencing unprecedented change. As this uncertainty carries over into 2021, it is important that we learn from the past and, as history has shown, economic uncertainty can lead to IT vendors shifting their focus from sales to compliance. In such circumstances, it is important that Government departments and agencies consider their software compliance obligations under their contracts and, in particular, are aware of any restrictions that apply.
Given the potential financial, operational and reputational impacts for Government, it is imperative that departments and agencies get their house in order and are ready to respond to any non-compliance issues or threatened actions.
Publication
The 28th Conference of the Parties on Climate Change (COP28) took place on November 30 - December 12 in Dubai.
Subscribe and stay up to date with the latest legal news, information and events . . .
© Norton Rose Fulbright LLP 2023