61

I need to use Windows at work and I do not have a valid license. When I talked to my boss about this he said I don't need it and to use it the way it is. I would rather not keep ignoring the warnings and using it anyway.

How can I approach my management about this?

I should add that when I raised the issue they said

  1. We use lots of copies of Windows for a short time we don't need a license - this isn't really applicable to my case
  2. We have the licenses but are too disorganized to know which one to use with the machine.
enderland
  • 110,742
  • 49
  • 328
  • 478
Mac Easly
  • 853
  • 9
  • 13
  • 31
    You could let Microsoft know: http://www.microsoft.com/en-us/piracy/reporting/default.aspx – Andrew Walters Aug 25 '14 at 20:08
  • 5
    Mac, I've made some edits to your question to make it a better fit for our site. Broad "what should I do?" questions are off-topic here, but "how do I approach management about this?" is an answerable, on-topic question. Feel free to [edit] further after you've checked out [about]. Thanks. – Monica Cellio Aug 25 '14 at 20:28
  • So you're not concerned with the legal or ethical violations, you just want to crack it to stop it from complaining? –  Aug 25 '14 at 20:33
  • 3
    @JeffO I am concerned of those but asking would be off-topic – Mac Easly Aug 25 '14 at 20:43
  • 15
    I think it's important to know where the company is located. A totally professional reaction to this by e.g. US standards could result in the employee getting laughed off the face of the earth (or worse) in e.g. China. – Jon Aug 25 '14 at 21:54
  • 1
    @jon Without go to far, in Cuba all Windows copy are pirated. – Emilio Gort Aug 25 '14 at 22:08
  • @Jon: Agreed. In many parts of the world, using software without a licence is not even a legal grey area, but totally okay and the morality of this can be a divisive issue. The suggestion to press the issue, refuse to continue using the software, blow the whistle on your employer and look for a job elsewhere can range from appropriate to very poor, depending on whose side the law is on. – Marcks Thomas Aug 26 '14 at 01:19
  • 2
    What sort of organization would care about employee welfare and satisfaction if they don't care about paying for the things they use for getting their work done? Frankly, they don't even care about the sword of lawsuits hanging over their heads. Good luck with this job! – Rachcha Aug 26 '14 at 04:12
  • I don't agree that there's an actual risk of lawsuit here but personally point 2 seems much more risky and in need of addressing. If they have the licenses they have an obligation to make things organized especially for their employees. If they don't have the licenses then they ought to make this fact discrete but transparent to minimize risk – Brandin Aug 26 '14 at 07:57
  • @Brandin: Interesting; I'd have said point 1 is the much more severe one. It sounds like they pretend they don't need a license if the use is only for a short time (or even pretend the use is only for a short time in the first place). Point 2 sounds, while somewhat unprofessional, rather harmless in comparison: If they have enough licenses, then there is at least not ethical problem, and the legal one is questionable, given that they paid for everything they use. – O. R. Mapper Aug 26 '14 at 08:38
  • @O.R.Mapper OP said point 1 is not applicable in his case. I suspect maybe its true that the short time argument is just an excuse. If they organize their licenses like any other sane company should then it should be clear whether they have enough licenses or not. Comments already made about what the region is are relevant. In some regions where software licensing is typically not done or the license is not legally valid/enforceable in that region, then you may have to approach this differently – Brandin Aug 26 '14 at 08:44
  • @Brandin: At least as it's written in the question, point 2 explicitly states they do have enough licenses. (I agree the region is relevant for further considerations, though.) – O. R. Mapper Aug 26 '14 at 08:47
  • 1
    Don't worry, the NSA is already aware of your license issue. They will contact you if they feel concerned. – Gras Double Aug 26 '14 at 21:40
  • 2
    If you are using temporary copies for development and testing there are things like MSDN that would cover it. This doesn't mean you don't need licences at all, but it means the licence may not be immediately obvious to you. – JamesRyan Aug 27 '14 at 11:52
  • Out of curiosity, why do a company not have computers purchased with Windows? – Thorbjørn Ravn Andersen Aug 13 '19 at 15:12

4 Answers4

59

Software piracy is a problem, but it's not your problem.

You've raised your concerns with your employer, and they have stated that they may have licences, but haven't kept track of it. As other posters have stated, it's important that you raise the liability issue with your employer but, unless your responsibilities at the company include licencing compliance, don't press the issue.

Because they may be correct that they do have enough licences, in which case blowing the whistle will bring unnecessary auditing on the company and if they take a hit from it, they will look for the person who blew the whistle and if you've pressed them about the matter they'll pretty easily figure out it was you.

If you are seriously concerned about the matter, get their response in writing - email the IT department and ask clearly and concisely that you need a Windows licence. If they reply with a licence, great.

If they don't provide you with a licence, print a copy of the email, make sure you keep an electronic copy, and go on with your life. Make sure you have a clear paper trail that shows your diligence and you are in the clear.

Update based on comments:

In the comments people have mentioned the level of responsibility of an employee regarding ethical matters. Obviously with ethical dilemmas there is a sliding scale to how responsible you are to your company, the aggrieved party (in this case software vendors) and society at large.

If you can demonstrate due diligence by properly raising this within your company, it is very unlikely that a group like the BSA would consider you at fault. Considering the BSA has come under criticism in the past for their heavy-handedness, if you can show that you raised your concerns internally, they would consider you having done your duty.

This is especially true if your role within the company isn't an IT role, or one that explicitly covers software licencing.

Community
  • 1
  • 5
    "you are in the clear" -- sounds like a statement of legal fact, "an employee who uses unlicensed software on the instructions of an employer incurs no legal liability provided they raise the issue with the employer". Are you certain that it's true? – Steve Jessop Aug 26 '14 at 08:52
  • @SteveJessop th eother Q is would such a sketchy employer blame the employee if they got caught – Pepone Aug 26 '14 at 09:42
  • 2
    @SteveJessop, if the employee notices something that looks dodgy (which may or may not be piracy), and gets a satisfactory reply why the use of the software is legal (which may be correct, incorrect, or based on lies), then I think the employee would be in the clear. Sure the employee should raise concerns - after all this keeps damage away from a company making a mistake. But the employee is not a private detective working for the software maker. If the bosses explanation is "we never pay, and we'll never get caught", that may be different. – gnasher729 Aug 26 '14 at 09:52
  • 5
    @SteveJessop "you are in the clear" is worded to me like an assessment of risk from a non-legal professional (which is all anyone should be expecting here). This answer is right "it's not your problem". I don't see any reason why employees are themselves responsible for licenses of company software. If you bring in your own software thats maybe another story – Brandin Aug 26 '14 at 10:30
  • 4
    This is the most professional approach. Managing licences is the company's job. This responsibility should fall to whomever is in charge of IT resources. Raise the concern and move on. Microsoft regularly conducts audits of medium and larger sized businesses - once the IT person has had to suffer through one with licencing records in shambles they will be much more responsive, I think, about keeping his or her house in order in the future. – J... Aug 26 '14 at 12:53
  • 1
    I would be careful with this advice; depending on the context, employees may be legally liable for unethical or illegal behavior, even if the employer essentially requires said behavior. Keeping a paper trail is always a good idea and you don't need a lawyer to tell you that, but it would be prudent to do whatever it takes to get clarity on your legal situation (consult a lawyer, read the employee manual, read the law). – Ben Collins Aug 26 '14 at 18:29
  • This completely depends on the legal situation of your country. For instance, in my country, Turkey, since the computer is property of the company, the company owner and IT manager is responsible for licensed software, not the employee (by law). So, again, in case of legal action, company owner and IT manager will face charges in court, but not the employee. Laws in other countries may (and probably will) differ. – Tuncay Göncüoğlu Aug 27 '14 at 09:17
  • Recent events makes me want to chime in with an update? If you are using an unlicensed Windows machine chances are it is under-patched. WannaCry attacks being a recent virus makes your machine and casual behavior possibly impart damage to the local system and/or others touching your company data/network. Wanting to patch and be secure is very reasonable. I would look to keep the machine current and see how that unfolds. Working with illegal software per an employers instruction has some fringe legal issues for the company and less so for the user. Very sticky indeed! – Marc Jul 10 '17 at 20:20
31

No. No, no no, 100x no.

This is illegal and in my opinion completely unethical.

You need to have a legitimate Windows copy and licence for the software and tools you use at work, full stop. Your employer is putting him/herself and you at serious risk for lawsuits.

You should absolutely not ignore the warning and press your employer for licensed software. If not, please look to @David Segonds' answer about reporting offenders. The BSA site has a wealth of information about penalties, fines and rules that use can use to drive home your point when talking to it with your boss.

There is a chance they may not understand how big of a problem it is. It would also be worthwhile to make sure these conversations are documented somehow...preferably via email (and backed up locally) so should your employer tell you to to continue this illegal activity, you have some proof that you tried to fix the situation when you report it. I'm not a lawyer, so I don't know if this would get you out of trouble completely, but covering your own behind is never wasted time when it comes to a situation where you could be thrown under the bus.

Edit for added bullet points check out Microsoft's Volume Licence Programs

Community
  • 1
Bmo
  • 1,242
  • 9
  • 17
  • 11
    This is all good, but there isn't anything that is preventing the employer from firing the original poster after he blows the whistle, especially if he works in a right-to-work state. Even if he does it anonymously, it wouldn't be difficult for his boss to connect the dots. – Ege Ersoz Aug 25 '14 at 20:39
  • 1
    @EgeErsoz Then he can put on his resume/CV he was fired for blowing the whistle on illegal software. If I was given illegal software and told to deal with it I would start looking for a new job immediately anyway. – Bmo Aug 25 '14 at 20:55
  • 14
    I would too. Not sure about putting it on my resume however. Last thing you want to do when looking for a job is to give people the impression that you're a troublemaker. The places that would hire you for having "strong principles" or whatever are pretty rare. – Ege Ersoz Aug 25 '14 at 21:01
  • 14
    Software piracy isn't illegal, its a civil matter. –  Aug 26 '14 at 01:23
  • 3
    @LegoStormtroopr It is illegal. The law protects civil rights along with punishing criminal actions. The phrase "illegal" covers both. – Joe Aug 26 '14 at 04:02
  • 8
    @LegoStormtrooper That's jurisdiction specific. In the UK, copyright violations done as part of a business are a criminal offence. – Philip Kendall Aug 26 '14 at 04:35
  • 13
    This is not correct. Just because a warning message shows does not mean there is no license. If I reinstall my OS without an internet connection, it may show a warning message because it can't contact microsoft servers. That doesn't mean there's no license, it just means the program is warning you that you may not have a license. – Brandin Aug 26 '14 at 07:49
  • 3
    @LegoStormtroopr civil offences are sill Illegal just prosecuted slightly differently – Pepone Aug 26 '14 at 09:41
  • 1
    @EgeErsoz Fyi, I think you're confusing right-to-work and at-will employment. – Ajedi32 Aug 26 '14 at 14:28
  • @Brandin so you report them anonymously and the investigation finds there were licenses. Might scare those idiots in IT into doing their job for a change and making sure all machines are properly licensed and recorded. If there's such a lax attitude that they can't be bothered to distribute the licenses they have it's a more than even chance they don't know how many machines they need licenses for (and yes, I've seen that frequently). – jwenting Aug 26 '14 at 15:07
  • 2
    How do we know that the OP asked the right person? In a big IT department, responsibility for MSFT licensing may run through one or two people, and it's likely that only those people would have an accurate view of things. This is another case of "workers should work - managers should manage". Reporting as "piracy" without any actual knowledge is a decidedly bad-faith action - a nuclear option - and could very justifiably lead to OP's dismissal. – Roger Aug 26 '14 at 17:52
  • 4
    What is illegal about the OP using software that was provided by your employer that your employer claims is licenced as directed by his employer? – IDrinkandIKnowThings Aug 26 '14 at 19:54
  • @ReallyTiredOfThisGame I'm not sure I understand. Are you asking what is illegal about using unlicensed software? Just because your employer claims it is licensed does not make it so. His workstation is telling him that it is not. This from BSA explains quite a bit. Regardless if they have enough licences, it's not being administered correctly and would be subject to fines should an audit occurred. – Bmo Aug 26 '14 at 20:05
  • 1
    @Bmo - I am asking what is illegal about an employee using software that his employer claims is licenced that is employer owned and the work product is the property of the employer. How is does that make the employee liable criminally or civilly? (you probably need an outside reference for this) I get that the employer is breaking the law, but can you show that the employee is as well? – IDrinkandIKnowThings Aug 26 '14 at 20:23
  • @ReallyTiredOfThisGame If it is licensed, it's not licensed properly and still in violation. From my perspective, bringing up the issue and leaving it be is being complicit to the act at a certain point. – Bmo Aug 26 '14 at 20:28
  • 2
    @Bmo - I get what you are saying but you are claiming in your answer that it is illegal to do so. And at least inferring that the OP is at risk for this. Can you back that up in your answer? And if the OP is in violation of the licence is there anything to back up that this is a crime or even unethical to use improperly licensed software? – IDrinkandIKnowThings Aug 26 '14 at 20:41
21

Software Piracy is a serious matter. Using pirated software is illegal and opens your organization to liability. Offering to crack software may expose you personally.

The first thing to do is to inform your management that software piracy will expose the company to serious liability. Microsoft has published a guide that can help you present your case to management and educate them on this important topic.

To be honest, the excuse that the IT department is disorganized is quite worrisome. Your management is basically telling you: You may have a problem, but we have not looked into it and we are accepting the associated liability risk. The article Bringing your company into software license compliance with this six-step process by Aaron Boggs may also be a good way to present the information to your management. The six steps presented in the articles are:

  1. Pick a license tracking method,
  2. Perform a software audit,
  3. Catalog all existing licenses,
  4. Organize your data,
  5. Maintain your license database,
  6. Review your company's software licensing policy.

In addition, referring to the Code of Conduct for your organization may help you on the proper way to approach this situation within your organization. Larger organization have hotlines that employees can use to report unethical behaviors within having to directly engage management.

If you are unable to convince your management that they need to purchase the necessary licenses for the software you are operating, the ethical thing to do is blow the whistle on your organization. The Business Software Alliance (BSA) allows you to report your organization anonymously:

In order to investigate your software piracy report, you will need to provide the name and address of the company being reported, what software is being pirated, and how you know the software is pirated. All information provided to BSA will be kept confidential.

Report Software Piracy Now

David Segonds
  • 4,340
  • 31
  • 41
  • 17
    Good answer, but I would point out that the odds of anyone not figuring out who the "anonymous" whistleblower was, after you have made a serious effort to convince your manager of the importance of proper licensing, are pretty slim. – Carson63000 Aug 26 '14 at 02:03
  • 1
    This is an answer to what the business should do about unlicensed software not what the OP should do about his company not providing him with a valid licence. this would be a good answer to how should a company deal with a library of unmanaged software. If you want ask that question. – IDrinkandIKnowThings Aug 26 '14 at 15:34
  • 3
    ***comments removed*** Remember what comments are for. For extended discussions, Get a Room (a chat room). – enderland Aug 26 '14 at 22:23
1

I would like to add a few other points to the otherwise great answers written here:

  1. It does not sound like you are the person responsible for purchase / compliance / IT - so your responsibility is limited to raising the concern with management and documenting their response or obtaining evidence as such.

  2. Your company, however, may be liable. In some jurisdictions any gains/profits obtained by using pirated software is considered the same as gains made by fraudulent means or deception. You have not mentioned where you are located and not all jurisdictions have the same level of enforcement for software piracy (or other IP infringement).

  3. If your company is under contract to develop software, your contract may stipulate that all software is developed using genuine and "fit for purpose" tools; but again - this may not apply to you but I have seen a case where this came to light under a random audit by the client. In the case, the licenses were there but not applied correctly (it was not a bad faith move but rather a lapse in accounting of licenses).

  4. Risk. Using pirated software puts you and your organization at a higher risk of security breaches. This is because most circumvention techniques specifically disable security controls in the software; others are simply just using a randomly generated key. However, from a risk standpoint it is never good to use pirated software as you are not entitled to any support from the vendor.

Keep in mind all this depends on perspective and scale. If you are talking about a 5-man software house, a lot of this doesn't matter at all.

As mentioned if there is no enforcement of IP laws - a large deterrent is not applicable to you and there may be no tangible consequences.

Burhan Khalid
  • 3,714
  • 1
  • 19
  • 24