Print

Internal Audit reminder: Observe copyright, software licenses

BY MICHAEL PEÑA

Stanford computer users are being asked by the university's Internal Audit Department to respect copyrights and software license agreements, as stated in Administrative Guide Memo No. 62, which specifically prohibits unlawful copying of software.

In recent years, the increase in legal action by software publishers to protect their software licenses—including conducting surprise raids by federal marshals at the offices of alleged violators—demonstrates the importance of carefully observing the rule, according to Eric Nakagawa, information security controls specialist in Internal Audit.

The office is reminding computer users that software copyright violations can subject the university and individual employees, including faculty, to severe penalties. Educational institutions are not exempt from software licensing restrictions or the costly penalties resulting from violations, according to Nakagawa.

Software licenses vary considerably among publishers. But it is safest to assume that there must be one licensed copy of a software product for every personal computer or workstation on which the software is activated, according to Nakagawa. Exceptions to this rule may exist, but Nakagawa stressed the importance of first ascertaining whether or not that is actually true on a case-by-case basis.

Information on university-licensed and/or approved software products is provided by the Information Technology Services Software Licensing office at http://www.stanford.edu/services/softwarelic/ and the Procurement Department's Campus Wide Agreements office at http://purchasing.stanford.edu/cwa/softtips.html.

"Respect for the intellectual work and property of others has traditionally been an essential element of Stanford's research mission. As members of the academic community, we value the free exchange of ideas," Nakagawa said. "Just as we do not tolerate plagiarism, we do not condone the unauthorized copying of software, including programs, applications, databases and code."

Systems administrators and individual users alike are responsible for demonstrating that the software on a computer is properly licensed. Nakagawa listed three questions that should help determine this:

  • Has my department appointed someone to be in charge of software-management issues?
  • Has my department discussed software policies and instituted other departmental controls?
  • Is all software licensing verification (purchase orders, invoices, receipts, original CDs/DVDs or the licenses themselves) filed and readily accessible?
  • Internal Audit routinely checks observance of the software licensing requirements of Guide Memo No. 62 as part of its ongoing departmental compliance audit program. Anyone with questions about software license compliance or other matters should contact Internal Audit at internal-audit@stanford.edu or 725-0074.

    More information on anti-piracy is available on the web at http://www.spa.org/piracy/ (Software and Information Industry Association) and at http://www.bsa.org/usa/antipiracy/ (Business Software Alliance).