Attachmate / Micro Focus software audit overview
Did you receive a letter from a copyright infringement or intellectual property law firm (or from the consulting firm Deloitte and Touche) asking your business to submit to a software compliance audit? If so, contact our firm, we can help you explore your software audit rights and help in responding to their letter. If you have a volume license agreement (“VLA”) that requires you to contractually submit to an audit, then you may find yourself obligated to review your computers, servers and laptops. If there is no VLA, technically software audits are “voluntary” (however, if the Microfocus has strong information of infringement – usually through the use of an “informant” – then the business owner, CEO, officers and directors have to be concerned about a lawsuit being filed alleging willful copyright infringement. Where “willful” infringement is shown (often the subject of debate and argument), the copyright laws allow for statutory damages of up to $150,000 per infringed title.
General information about Attachmate & Micro Focus International
According to Wikipedia:
“Attachmate, founded in 1982 by Frank W. Pritt and Julia Pritt focused initially on the IBM terminal emulation market, and became a major technology employer in the Seattle area. Based in Bellevue, Washington, the company became one of the largest PC software companies in the world, with offices in more than 50 cities in North America and in 30 countries. The company made several acquisitions, through mergers and purchases, to expand its range of host access hardware and software solutions…..On 15 September 2014, the British firm Micro Focus International announced that it would acquire the Attachmate Group for US$1.2 billion in shares.”
Common products that could be subject to audit
According to Google:
Micro Focus International plc is a United Kingdom-based global software company. The Company is engaged in delivering and supporting software solutions. The Company enables customers to utilize new technology solutions while maximizing the value of their investments in information technology (IT) infrastructure and business applications. The Company’s portfolio includes identity access and security solutions, common business-oriented language (COBOL) development and mainframe solutions, development and IT operations management tools, host connectivity solutions, and collaboration and networking solutions. The Company’s products include Access Manager, Access Review, AccuRev, AccuSync, Acu4GL, AcuBench, ACUCOBOL-GT, AcuConnect, AcuServer, AcuSQL, AcuXDBC, Aegis, AppManager, Artix, Atlas, Business Continuity Clustering, Caliber, Client for Windows, Cloud Manager and CloudAccess. The Company caters to various industries, such as Federal, airlines and healthcare.
These, and other products, could be subject to audit. In some cases, a EULA will contractually obligate a company to submit to an audit of their IT environment. This could be as the result of a “shrinkwrap” license or “clickwrap” license agreement.
Is a “shrinkwrap” end user license agreement (“EULA”) enforceable?
When your company receives a legal demand letter seeking to initiate an audit, one question that often arises is whether or not there is a legal obligation to comply with the demand, or whether you can just throw the letter away (and hope they go away). The answer to this question may turn on whether or not the EULA agreement that permits auditing is enforceable. One case that addressed this issue was the “ProCD case.” According to Wikipedia:
“ProCD, Inc. v. Zeidenberg, 86 F.3d 1447 (7th Cir. 1996), is a United States contract case involving a “shrink wrap license”. One issue presented to the court was whether a shrink wrap license was valid and enforceable. Judge Easterbrook wrote the opinion for the court and found such a license was valid and enforceable.”
Here is some language from the Court’s holding:
“Must buyers of computer software obey the terms of shrinkwrap licenses? The district court held not, for two reasons: first, they are not contracts because the licenses are inside the box rather than printed on the outside; second, federal law forbids enforcement even if the licenses are contracts. The parties and numerous amici curiae have briefed many other issues, but these are the only two that matter—and we disagree with the district judge’s conclusion on each. Shrinkwrap licenses are enforceable unless their terms are objectionable on grounds applicable to contracts in general (for example, if they violate a rule of positive law, or if they are unconscionable). Because no one argues that the terms of the license at issue here are troublesome, we remand with instructions to enter judgment for the plaintiff…….following the district court, we treat the licenses as ordinary contracts accompanying the sale of products, and therefore as governed by the common law of contracts and the Uniform Commercial Code. Whether there are legal differences between “contracts” and “licenses” (which may matter under the copyright doctrine of first sale) is a subject for another day. See Microsoft Corp. v. Harmony Computers & Electronics, Inc., 846 F.Supp. 208 (E.D.N.Y.1994).
Another federal court saw things slightly differently. In SoftMan Prod. Co., LLC v. Adobe Sys., Inc., 171 F. Supp. 2d 1075, 1088 (C.D. Cal. 2001) the Central District court noted:
“Whether contracts such as Adobe’s EULA, often referred to as “shrinkwrap” licenses, are valid is a much-disputed question. A number of courts that have addressed the validity of the shrinkwrap license have found them to be invalid, characterizing them as contracts of adhesion, unconscionable, and/or unacceptable pursuant to the Uniform Commercial Code. Step–Saver, 939 F.2d 91; Vault Corp. v. Quaid Software Ltd., 847 F.2d 255 (5th Cir.1988). These courts have refused to recognize a bargain in shrinkwrap license that is not signed by the party against whom it is enforced. In Step–Saver, the Third Circuit found that the terms of a contract were formed when the parties shipped, received and paid for the product. Therefore, the software shrinkwrap agreement constituted additional terms to the contract, and under Uniform Commercial Code § 2–207 (governing commercial counter-offers), these terms were invalid without express assent by the purchaser. In contrast, other courts have determined that the shrinkwrap license is valid and enforceable. ProCD, 86 F.3d at 1453; Harmony, 846 F.Supp. at 212.”
Another court talked about the validity of “Clickwrap” licenses (as opposed to “shrinkwrap”). The Court in Smallwood v. NCsoft Corp., 730 F. Supp. 2d 1213, 1226–27 (D. Haw. 2010) noted:
“Validity of Click Agreements – Plaintiff asserts that “defendants’ resort to the click agreement should not be countenanced in that such agreements are declared void and unconscionable under the law of NC Interactive’s home state in the context of consumer protection claims. As discussed infra, Plaintiff apparently relies on the Texas Act in support of this statement. The type of User Agreement at issue here is often called a “clickwrap” agreement. See Specht v. Netscape Communications Corp., 306 F.3d 17, 22 n. 4 (2d Cir.2002) (explaining “this kind of online software license agreement has come to be known as ‘clickwrap’ (by analogy to ‘shrinkwrap,’ used in the licensing of tangible forms of software sold in packages) because it “presents the user with a message on his or her computer screen, requiring that the user manifest his or her assent to the terms of the license agreement by clicking on an icon. The product cannot be obtained or used unless and until the icon is clicked).”
“These agreements have routinely been upheld. See Guadagno v. E*Trade Bank, 592 F.Supp.2d 1263, 1271 (C.D.Cal.2008) (explaining that a party may be bound by a ‘clickwrap’ agreement if the terms are clear and acceptance is unambiguous, regardless of whether he actually reads them); see also Inter–Mark USA, Inc. v. Intuit, Inc., No. c–07–04178, (N.D.Cal. Feb. 27, 2008) (dismissing complaint based upon Software License Agreement and noting that, in addressing whether ‘clickwrap’ agreements are valid, courts apply “traditional principles of contract law and focus on whether the plaintiff had reasonable notice of and manifested assent to the ‘clickwrap’ agreement”).
So whether you purchased Attachment or Micro Focus software subject to a clickwrap or shrinkwrap license, these will be some of the issues as to whether or not the license agreement that requires a softwrae audit are enforceable.
What types of things constitute “unconscionable” contracts?
In order to try to invalidate a software audit clause on the grounds that it is “unconscionable” both “substantive” and “procedural” unconscionability must be shown. This was discussed in Ingle v. Circuit City Stores, Inc., 328 F.3d 1165, 1170 (9th Cir. 2003) which noted:
“Because unconscionability is a generally applicable defense to contracts, California courts may refuse to enforce an unconscionable arbitration agreement. Unconscionability refers to “an absence of meaningful choice on the part of one of the parties together with contract terms which are unreasonably favorable to the other party.” A & M Produce Co. v. FMC Corp., 135 Cal.App.3d 473, 486, 186 Cal.Rptr. 114 (1982); see also U.C.C. § 2–302; Cal. Civ.Code § 1670.5; Restatement (Second) of Contracts § 208 (1981). Thus, a contract to arbitrate is unenforceable under the doctrine of unconscionability when there is “both a procedural and substantive element of unconscionability. Significantly, the California Supreme Court has noted that procedural and substantive unconscionability “need not be present in the same degree.”To determine whether the arbitration agreement is procedurally unconscionable the court must examine “the manner in which the contract was negotiated and the circumstances of the parties at that time.” Kinney v. United Healthcare Servs., Inc., 70 Cal.App.4th 1322, 1329, 83 Cal.Rptr.2d 348, 352–53 (1999). An inquiry into whether Circuit City’s arbitration agreement involves oppression or surprise is central to that analysis. A contract is oppressive if an inequality of bargaining power between the parties precludes the weaker party from enjoying a meaningful opportunity to negotiate and choose the terms of the contract. Stirlen v. Supercuts, Inc., 51 Cal.App.4th 1519, 1532, 60 Cal.Rptr.2d 138, 145 (1997)
Substantive unconscionability centers on the “terms of the agreement and whether those terms are so one-sided as to shock the conscience.” Kinney, 70 Cal.App.4th at 1330, 83 Cal.Rptr.2d 348 (internal quotation marks omitted). In evaluating the substance of a contract, courts must analyze the contract “as of the time [it] was made.” A & M Produce, 135 Cal.App.3d at 487, 186 Cal.Rptr. 114.
In looking at whether or not a EULA is “unconscionable” Courts will require a strong showing that the terms are not fair, otherwise, in my general estimation, prevailing on this defense is a tough one, but not to say impossible.
Other contractual grounds to try to void the EULA audit terms
Some other ways to attack a software audit clause contained in a EULA licensing agreement is to show that there was fraud in the procurement of the license. Other contract defenses may also be applicable. Call us to discuss your case as every case is different. If the EULA is determined to be valid, two key questions regarding the legal enforceability and scope of clickwrap “rights to audit” clauses are:
(1) Did your company agree to the clickwrap? Did a subsidiary agree? If the software was deployed on your networks, this could amount to an agreement to submit to an audit. But perhaps it would be possible to restrict the audit to the software used by the subsidiary, department, or division that agreed to the EULA.
(2) What products or versions does the clickwrap give Micro Focus and their auditors (or other software vendors such as Autodesk and Microsoft – often cases pursued through the business software alliance) the right to audit.
There are other questions to ask as well but if you received a letter demanding an audit, for example for using “FileExpress” or other products, give us a call. It is important in audit cases to try to get a FRE 408 confidentiality agreement and try to limit the scope of the audit.
How to beat a software vendor audit?
One of the best ways to get your case settled when dealing with any software company including MICROFOCUS (formerly Attachmate), IBM, ORACLE, or SAP is to have a defensible position. These companies are generally known to be aggressive in enforcing their licensing terms and copyrights. We have discussed possible defenses and mitigating factors to software compliance investigations in other blogs. Here are a few other things to note if you are a software asset manager:
- Attachmate grew its company by acquiring other companies along the way – example by acquiring NetIQ, WRQ and Novell (meaning they grew more by acquisition than organically). Thus, they MIGHT not have the most accurate licensing records prior to 2003 so that is something that could possibly be a factor in your case.
- Microfocus may audit its users randomly, every two years or until they suspect the amount of unlicensed software (infringement) is worth the time and money investment to conduct an audit.
- If your company is found to be out of compliance with licensing terms, you could be subject to paying additional costs, maintenance fees, and lost interest at 18% or more from the time the software was released to the public.
- Having proof for your licensing rights (for installed software) and entitlements is essential. This means all proofs going back to NetIQ, Novell and WRQ if your business licensed products from these entities. Dated proofs of purchase are what I have seen software vendors to be the most comfortable with accepting in my experience handing software cases. At any rate, you should keep a copy of all communications, emails, text messages, and other proof that you are properly paying for their services, including support and maintenance. For example, you would not want to use support and maintenance and later be accused of not being licensed for that. SAM managers should take care to keep detailed and accurate records, and keep them in a safe place.
- If your company is or has acquired other companies, you should keep Micro Focus records up to date so that your existing organization is properly licensed to use their software products at all times.
- Sometimes there are other mitigating factors that should be considered even where there is no proper proof of licensing.
- If you are not using Attachmate software, you might want to consider uninstalling the software, removing all remnants and registry files. You can uninstall unused titles and search for remaining files to ensure everything is removed.
Hopefully these general tips will come in handy.
Attachmate Cases in the News
- Following Deloitte audit Attachment sues Mobistar for $6 million (alleged illegal use of “ReflectionX” a terminal emulator product that allows users to connect to legacy mainframe operating systems such as IBM, UNIX, OpenVMS, and HP from a Windows machine).
- Be prepared to be audited by Micro Focus – Reddit article
- Covance sues Attachmate claiming it doesn’t owe 22 million in past licensing fees, maintenance and interest
Convance v. Attachmate case
Here is a snippet from the Complaint filed for Declaratory Judgement against Attachmate showing what Covance was alleging.
“This action arises out of a dispute concerning multiple Attachmate software products. For many years, Covance and its constituent and/or predecessor facilities (collectively referred to in this Complaint as “Covance”) have purchased numerous Attachmate software licenses. In 2011, Attachmate contacted Covance and asked for a formal license verification, or audit, of Covance’s use of Attachmate software products. Covance fully cooperated and voluntarily participated in this audit, the results of which mistakenly led Attachmate to conclude that Covance engaged in copyright infringement and/or breached the alleged terms of the license(s). Attachmate asserts that Covance has tens of thousands of unlicensed deployments of Attachmate software on its computers and/or computer systems, and for which Covance owes Attachmate over $22 million in license fees, interest and maintenance charges. Covance disagrees, and moreover asserts that it is Attachmate who breached its obligations to Covance. Therefore, to resolve these disagreements, Covance brings this Complaint for declaratory and other relief.”
It was also alleged that:
“Attachmate has a documented history of suing many of its largest customers for copyright infringement and breach of contract after conducting license verifications, or audits, of customers’ uses of Attachmate software products. Customers against whom Attachmate has brought such litigations include: Northwest Community Hospital; Tarmac Ltd.; Sentry Insurance; Jeld-Wen Inc.; United Technologies Corp.; Windstream Communications Inc.; Dell Inc.; Juniper Networks, Inc.; Carnival Corporation; Health Net, Inc.; Public Heath Trust of Miami-Dade County Florida d/b/a Jackson Memorial Hospital; Cel-Com Axiata Berhad; the District of Columbia government; and others.”
You can find the case on Pacer online by searching for Case 3:12-cv-04088.
If you received a audit demand letter from Micro Focus Attachmate, do not panic. Give us a call to discuss your position. Hiring a copyright lawyer does not “make you guilty” it makes you smart and helps you best protect your legal rights. We have helped many companies, large and small, throughout the United States handle and defend against copyright infringement threats, and audit demand letters. We offer a free initial consultation for SAM managers and business owners, CEO’s, CFO’s and other officers and directors. Call (877) 276-5084.
Latest posts by Vondran Legal - Business, Real Estate, Insurance, Technology & Civil Litigation Counsel (see all)
- What type of proof do you need to show software license compliance? - January 18, 2017
- How Harry Houdini used copyright to build his fortune and fame - January 14, 2017
- Unauthorized commercial use of model photos on facebook can lead to right of publicity win - January 8, 2017
- Linda’s Lyrics “Dash Poem” Copyright Infringement, seriously? Yep. - January 7, 2017
- SOFTWARE INFRINGEMENT QUESTIONNAIRE - December 30, 2016