Given the current state of the economy, it should come as no surprise that software vendors are closely monitoring and auditing the usage of their software products. They're looking for both intentional and unintentional licence violations, and finding such violations can be an easy source of revenue in these tough times. Finding revenue from existing customers is easier than finding new customers.

If you're intentionally violating the usage terms of your software licences, then this article is not for you. Expect to hear from your software vendor sometime soon, and expect to wind up paying fees, penalties and even back software support.

There are many reasons a company might be using software that they're not entitled to run. Tracking hundreds or even thousands of software licences is no easy matter. Even well-managed companies can be using unlicensed software through bookkeeping errors or simple mistakes. These errors are usually caused by a company mismanaging software assets, or employees loading software without the proper licences.

So be proactive and conduct your own software audits to ensure your compliance, and add your technology lawyer to your audit team. By auditing yourself you can save time and money, and gain significant negotiation power should your vendor claim you are out of compliance with your licences.

Statute of limitations

The best way to protect yourself from audits is to negotiate - forcefully - the terms of the original licence agreement. Never sign any standard vendor form. Such forms are heavily slanted in your vendor's favour, but are nearly always negotiable. Negotiate with your vendor and bring the audit provisions back towards the middle.

The audit section is usually thrown in near the end of the contract. Unless you're careful, it is easy to overlook this section and the audit rights you're giving to your vendor. This is important because often the vendor's original audit section will broadly grant them the right to audit your systems without any limitations. The only rights the vendor has to audit your licence usage are those granted in your software licence, so push hard to constrain them by defining specific limitations.

You can negotiate a variety of audit terms in your favour. For example, you can:

• Specify the time, place and manner of such audits, and ensure the vendor can only audit you at your headquarters or data centre  
• Limit the tools the vendor can use during the audit, and eliminate any technologies that you think might impact your systems and normal operations
• Require advance notice (to eliminate surprise audits)
• Help to ensure minimal disruption of your operations by insisting the vendor conducts the audits outside of normal business times
• Place the costs of such audits solely on your vendor
• Specifically exclude a right to access your data
• Specify appropriate security requirements if the vendor will be auditing you remotely
• Limit or eliminate the vendor's ability to use subcontractors or software industry organisations (such as the Business Software Alliance) to conduct audits
• Limit or eliminate the vendor's right to interview your current and former employees
• Establish the right to correct and eliminate problems that are identified by the audit without being penalised.

These limitations are merely a starting point. But if you are stuck with existing contracts that don't limit the vendor rights, then do work with your technology lawyer to develop a response to any audit request. Each audit is unique, as are the appropriate responses.

Mark Grossman is head of the Florida-based Grossman Law Group. He began focusing his practice on technology, telecoms and outsourcing deals two decades ago. He is the author of Technology Law - What Every Business (and Business-Minded Person) Needs to Know. Tate Stickles, a partner in the group, specialises in ecommerce and legal IT, with an emphasis on the drafting and negotiation of complex contracts.

Illustration: Michael Kirkham