When consumers speak out about licensing sharp practices, we're belligerent. When the industry acts belligerently, they're justified?

Definition:  “Belligerence” - aggressive or warlike in nature.  

“…your belligerence is commendable…”

This discussion is a result of a LinkedIn post regarding a shortage in skilled SAM practitioners. Not sure how we moved to this topic but my reply was too in-depth for the LinkedIn word count.

Thanks, Paul!  Just so you understand, this has been an enjoyable interaction. I genuinely wish we could all sit down as a group & discuss these topics – without interference from the software industry players & their friends. Unfortunately, these groups have managed to divide the business technology consumers so that very little coordinated resolutions will be forthcoming anytime soon.

Let’s take your questions one at a time:

It never ceases to astound me how many people perceive anyone who pushes back at the predatory software industry enforcement groups as belligerent. A majority of licenses is specifically designed to be nearly impossible to comply with; license terms & conditions can be changed at will, as frequently as desired, and with little or no notification to the consumer; online licenses are intentionally designed to be nearly impossible to read as well as impossible to print and those of us who speak out against such sharp practices are belligerent? Gee… I guess that would be me, except I have spent years trying – and failing – at the “Renaissance man” approach. 

It’s beyond time that our IT execs & the CEOs/CFOs woke up to discover that it’ll be THEIR names on the non compliance settlement papers. Has anyone READ Sarbanes Oxley or related due diligence regulations? It is beyond time to haul our heads out of that fascinating hole and lead with intelligent awareness.

“…with your process how do you propose to deal with a CEO of an End User who is looking for compliance when his view follows the logic that he does not need to understand electricity to be able to turn a light on and off…”

My clear statement for over a decade has been to require the enforcement industry to publish their audit process, their audit results, and their audit records. As long as these people continue to intentionally hide audit activities – humorously entitling them as “educational”, our executives will never become well aware of the entire range of compliance issues.

Example: Even while “advertising” their $1,000,000 whistle-blower reward programs, the US enforcement groups are actually only handing out around $4,500 in rewards in less than a tenth of the audit action events. Very few people will actually read the fine print in the offer, or actually hear the whispered “up to” in the heavily published ads. In fact, sincewe began teaching SAMs to track enforcement industry press releases, those releases are becoming more & more difficult to locate. (I wonder why?)

I’m sorry but, if a CEO, or any C-suite executive of even a partially sophisticated enterprise is still unaware of at least the fringes of the license compliance environment, they do not belong in their position. At the next level of the org chart, if the IT people, or purchasing, or whoever is working with the licenses is not aware enough to communicate the issues to the C-suite, then THEY do not belong in their position. Let’s see… The real world demonstrates that license compliance & audit costs are serious business & ethical issues. One would reasonably believe that genuine leaders, not figureheads, should be aware of the topics by now.

Example: Any effective captain of a ship is trained & capable of a clear awareness of all aspects of operating & managing that ship. They even know better than to stick a screw driver into a live electrical outlet. That’s called leadership and it’s in rather short supply.

“Why over complicate an issue when we should be feeding the ‘need to be compliant’ story at the User end rather than creating confusion and complexity at the MSP end….”  

Precisely “who” is going to “feed” this information to the end users? I recognize that MSPs are relatively new on the scene but if they cannot fully define their industry perhaps they shouldn’t be in that industry in the first place. In order to sell in a managed service, shouldn’t a key performance indicator be to educate the buyers of root cause & critical underlying operational issues? We can bet the enforcement industry isn’t going to “educate” the end user – there’s WAY too much money to be made in conducting punitive audits for the auditing groups to deliver any thoroughly meaningful awareness campaign.

Example: SAM training programs that are managed by, or reliant upon, the software or enforcement industry players do not teach SAMs how to negotiate audit clauses OUT of licenses. Most of these same programs don’t even discuss negotiating agreements for more favorable terms. And THESE SAMs are the “qualified people” that IT Directors have to call upon for advice?

How many people are aware that the generations & industries who are responsible for a majority of incorrectly licensed products being used on systems are also the most “educated” generations on the planet. The average sixth grader probably knows more about piracy and copyright than our average executive? (Now THAT is scary.) Since the software industry, recording industry, video industry & general copyright enforcement industry began their “education” campaign, incorrectly licensed software & other copyright violation use has soared.

Example: These problems aren’t easy to resolve. However, when a clear majority of end users cannot understand the licenses, they are at minimal fault for not knowing how to behave.(Oh, wait. I nearly forgot. The compliance auditors are “letter of the law” people. Consumers are expected to have a fully legal understanding of all compliance issues.) When these same “end users” are intentionally confounded by shifting terms & conditions; shifting audit procedures; and clueless leaders, what is the logical result? Lots & lots of non compliant companies to audit?  Lots & lots of easy audit issues for levying fines & penalties?

As to an executive not needing to know how electricity works to be able to plug in a light; let’s see how well they learn when they short out the circuit by incorrectly inserting the plug. Don’t suppose someone had to teach them, somewhere, what the hazards of electric current could be… Go back to my knife in the socket analogy.

“If the IT Director has trained staff who are educated to remain compliant in the software deployed on his estate and also trained in the basics which enable the User to follow a path that ensures correct software usage ie not overspending, surely that is panacea? “

This is the key point I have been trying to make: A clear majority of IT Directors does NOT have a staff genuinely trained in compliance. Well over ¾ of existing SAMs have been trained & certified in literal “overnight” certification mills. An additional 70% – have been trained by the enforcement groups or software industry players themselves. Does anyone genuinely believe that these special interest groups are actually delivering the full SAM perspective in less than 12 hours of actual training?

Example: The Institute SCCA & SAM programs deliver over 29 individual online, on-demand, sessions that teach credential candidates the basics of over 42 different types of software licenses. We cover more than 30 specific key license clauses that SAMs must know & understand. We walk candidates through two actual audit scenarios to help them understand what they’ll need to know/do. We discuss how to negotiate many clauses that are onerous OUT of licenses as well as how to insert many clauses that are necessary but missing INTO the license. A majority of SAM certifications – including so-called “standards” – do not touch these topics…

“Are you stating that the ‘Just In Time’ process is not right for SAM?”

Anyone who is foolish enough to play a “just in time” license compliance game does not belong in our industry. Licensing begins when the enterprise identifies an initial need and continues until all products & derivative products relating to the original agreement have been eliminated from all enterprise systems. Compliance issues must also be carefully tracked & managed for as many as ten years after the last product or derivative has been removed.

Maybe you are correct. While I prefer to be labeled as “passionate” about these topics, maybe belligerence is the only method to gain the attention of people who are being robbed blind by an industry that has created the problem, continues to find new methods of enhancing the problem, and continues to conceal their actions behind self-righteous “educational woe is me” public relations campaigns. Anyone who has suffered through a conversation with an enforcement agency or software publisher auditor is well aware that this industry has declared war on its own consumers. My apologies if my “push back”, “know your rights”, and “openly proactive SAM training” frameworks are not gentle enough.

SAM Standards & Best Practices - Great for the big guys. Not so great for the SME...

I've seen small- to medium-sized enterprises around the globe spend tens of thousands of completely wasted dollars attempting to conform to software asset management and/or software license compliance standards & best practices that had virtually nothing to do with their unique environment.

Evidently, Dogbert agrees. This quote from a recent Dilbert comic:

Dogbert: "I'll teach you the best practices of companies that have nothing in common with yours. Those practices will fit your company like a foot in a glove."

While best practices are useful as general guidelines, they are more frequently too complex, to costly, & too dependent on highly controlled environments & high level technicians to genuinely work.

Tired of throwing away good money attempting to implement global standards or best practices?

Do this: Determine what your actual goals are for your software license compliance, software asset management or systems asset management initiative. Conduct a GAP analysis to identify where you need to apply your efforts. Prioritize the efforts to minimize risks & deliver rapid value. Then, permit the process to work for a month or so to stabilize. 

Once stable, repeat. Don't forget to allow for your unique enterprise culture when you initiate these types of changes. Human & organizational change management are critical to your license compliance, SAM, & ITAM/TAM success. 

Take a look at your personal SCCA & SAM credential roadmaps HERE.  Keep in mind that The Institute delivers the only competency-based credentials in the world. These are the skills that employers are genuinely searching for. Credentials that deliver the knowledge you need to succeed - only from The Institute!

Onerous tech agreements are killing your company

Beware: Many software licenses are DESIGNED to ensure you will violate the terms & conditions. Existing SAM certifications minimize this issue, apparently brushing off comprehensive license definitions; terms & conditions detailing; and document management as if these topics are virtually irrelevant.  This "partial" coverage gives you a false sense of security while leaving you defenseless.

Here's the thing: The agreements that legally bind your company to copyright protected products are carefully designed by well-paid lawyers representing the software industry players to ensure that you - the software consumer - have no rights while the software publisher retains all rights. On the flip side of the equation? The software publisher has none of the responsibilities and the software consumer has ALL of them.

Following is a brief video/audio example of the typical Warranty terms of a very common software product. As you listen, keep in mind that you are purchasing a business tool that could easily wipe out your company if it fails to deliver the value for which you purchased the product. Unfortunately, the Warranty clearly states that the product DOES NOT HAVE TO WORK.

You'll find the basic software Warranty slide deck (with sound) HERE.

The Institute for Technology Asset Management has identified over 42 distinct software license types - in the client-server environment alone. We've also disassembled several common licenses into individual terms & conditions to help practitioners better understand their relationships. Our object is to bring software asset management & compliance assurance training into the next generation of quality. When you genuinely understand the ROOT CAUSE of software licensing & compliance issues, you take the first major step in gaining maximum value with minimal risk from your software portfolio of goods, services, & contractual relationships.

Take a look at our Software &; Copyright Compliance Assurance (SCCA) and Software Asset Management (SAM) credential roadmaps. Merely click on the acronyms to download the PDF. Both programs are available as online, on-demand, professional development sessions.

Non-Commercial Use Clause - A Software Licensing Land Mine

At The Institute for Technology Asset Management, we’ve encountered the “Non-Commercial Use” clause in multiple instances of enterprises being audited for non-compliance. The bottom line behind this clause is its very “obtuse-ness” (if you will).

Much like the “right to audit” clause & its reliance on various nebulous (ever-shifting?) definitions of both “audit” & “compliance”, the Non-Commercial Use clause permits the copyright holder to write the rules as they encounter the instance – even up to selecting the most useful copyright law to cite in your legal notification - thus maximizing the potential for non-compliance settlement fines & penalties.

Further (& again, we believe intentionally), VERY few IT personnel have any clue how non-commercial applies to ownership of the system versus how the product is actually being utilized much less which systems in the enterprise contain these products. As software asset managers - SAMs - it's up to us to help educate the enterprise about this hazardous clause - one that is present in a wide range of licenses.

Result of Misinterpreting This Clause: You become an easy - & conveniently defenseless - audit target!

Bottom Line: Closely review the license terms. If the license has a Non-Commercial Use clause, recognize that the clause essentially applies to both where you put the product AND how you use that product. Essentially, do not place the product on a corporate system & do not use that product to produce any subsequent product or service.

Want a revealing experience relating to this type of clause (from the perspective of real live IT personnel)?  Read the following thread - it's long...but invest the time in clearly understanding this classic disconnect between licensees & licensors.  The organization initiating the thread used an evaluation licensed product – with a non-commercial use license caveat - in a production environment.  The odds are really high that your own IT personnel have done this, or are doing this… The thread is HERE.

A Software License Is NOT a Software License

I just read an excellent post on the ITAM Review. It's entitled "Oracle Customer Has Licensing Meltdown" and is located HERE.  Please take time to look it over. Both Martin & the original author have excellent points - points about software licensing issues that we continue to encounter yet never effectively address in the real world.

Software License Terms & Conditions Can Be Changed By The Licensor At Any Time & Without Directly Notifying You.

The key problem is this: As business technology consumers, specifically software consumers, we do not effectively negotiate our licenses. If we did, then we'd actually have to read the license. Having read a software license, and actually understood the inherent instability of the agreement, any sane negotiator would - or rather should - dump the product & the supplier right out of the supply chain and move on to their BATNA.

Instead, we either fail to read the license; or we do not understand what we're reading; or we assume that the copyright holder won't actually enforce the terms; or we treat the acquisition the same as a crack junky desperate for their latest fix - purchasing without regard to future problems.

Here's the bottom line: If you see a clause in a license that looks like this -

Modifications To This Agreement

"We reserve the right, at our sole discretion, to change, modify or otherwise alter these terms and conditions at any time. You can find the most recent version of these terms and conditions on the Site, with the date of last modification noted above. Such modifications shall become effective immediately upon the posting thereof. Therefore, we encourage you to check the date of our terms and conditions whenever you visit this Site to check if they have been updated. You must review this agreement on a regular basis to keep yourself apprised of any changes. If you do not agree to the revised terms and conditions, your sole recourse is to immediately stop all use of the Services. Your continued use of the Services following the posting of modifications will constitute your acceptance of the revised terms and conditions."

It means you do not have stability relating to your existing license terms. This basic wording will show up in your original license as well as contract renewals, updates, upgrades, (even patches) so look for it BEFORE installing. Once you have activated the license by installing (or even accessing) the product, you are stuck with the new terms.

Keep in mind that each of these license agreements also includes a "Right to Audit" clause that will be enforced by the licensor. During that audit, you will be responsible for conforming to the CURRENT terms & conditions for each product. If you are not up to speed on those changes, the auditors don't particularly care. You will pay the fines & penalties for being out of compliance.