Software license agreements almost always include language that allows the vendor to audit a customer’s use of the software to determine compliance with the license grant. Standard vendor language is usually broadly drafted in favor of the vendor. Typical language allows the vendor to conduct audits at will and capture revenue for any inadvertent usage or unintentional expansion of the license grant by the customer. Inadvertent breaches by software customers are common where the license grant is confusing or vague.
While there are a number of strategies for dealing with a software vendor audit once it begins, drafting language at the outset of the relationship that narrowly defines the scope of the software audit and clearly identifies the consequences of exceeding the license grant is a good strategy for dealing with a software audit before it even happens.
Typical vendor language looks something like the following:
“During the term of this Agreement and for 5 years thereafter, Vendor or its authorized representative, shall have the right upon notice to Licensee to audit and inspect Licensee’s utilization of the Software, in order to verify compliance with the terms of this Agreement.”
While this language seems innocent enough, note that: (i) there is no requirement that the audit be conducted upon prior written notice; (ii) there is no requirement that the audit be conducted during normal business hours with minimal business interruption; (iii) there is no requirement that the vendor or its representatives comply with any security or confidentiality obligation of the customer; and (iv) there is no mechanism for disputing the results of the audit.
What happens if there is a breach of confidentiality and the vendor accesses the customer’s proprietary or confidential information? It is also unclear if third parties employed by the vendor for purposes of the audit can access the customer’s site. Further, under the above language, the vendor may conduct an unlimited number of audits in any given time period.
Something also not addressed is if an on-site audit by the vendor is even necessary. It might be acceptable to the vendor for the customer to self-report. The vendor may also be able to allow the customer to use software tools supplied by the vendor to determine compliance with minimal intrusion.
Finally, what happens if the license grant has been exceeded by the customer? For the customer, it is desirable to negotiate in advance any payment obligation for any users accessed by the customer in violation of the grant.
Getting hit with a software audit can be intimidating. The prospect of a team of auditors descending on your office to determine compliance with the threat of paying additional license fees is very real. By having a well drafted contract that outlines the auditing process from the outset, you greatly reduce unexpected issues, costs and liabilities.
Contact the software licensing attorneys at Marcus Stephen Harris, LLC if you have any questions about your licensing agreement and to prepare to show that you are compliant with your vendor.