CIO Council adopts rules to fight software piracy

The CIO Council has voted to adopt a set of guidelines that would help agencies prevent employees and private government contractors from illegally pirating computer software.

The governmentwide policy, which was approved Aug. 24 by a near-unanimous vote, gives federal chief information officers the responsibility of organizing efforts to block software piracy within their agencies.

Agencies are urged first to assess their software piracy policies and to establish an inventory of their software holdings. Agencies then should develop a software management policy that prohibits employees from installing unlicensed software and that guards against the purchase of counterfeit software or software that violates licensing restrictions.

Among other things, the guidelines also recommend that agencies draft policies regulating the downloading of software via the Internet by agency employees, the use of employee-owned software on agency computers and the use of agency-owned software on home or remote computers. In addition, the guidelines urge agencies to draft standard agreements with private contractors that forbid contractors from using illegal software while working on government contracts.

The guidelines also endorse widespread training covering software piracy issues for federal employees.Alan Balutis, deputy chief information officer for the Commerce Department and co-chairman of the CIO Council's Outreach Committee, said the policy adoption stands as "another indication of the council's ability to develop governmentwide policies and standards."

The CIO Council moved to put together the policy after President Clinton signed Executive Order 1313 in October 1998, which directed the council to lead a governmentwide effort to deal with software piracy.Before the establishment of the CIO Council three years ago, it would have been much more difficult to respond to the executive order, Balutis said.

"In the past, 20-plus agencies would all go off in their own direction and prepare 20-plus sets of guidelines," he said. "This reflects our ability to begin to deal with issues from a governmentwide approach and view, as opposed to agency by agency."

Now, he said, the Office of Management and Budget will distribute copies of the guidelines to all federal agencies. After that, it is up to agency CIOs to draft their own software management programs. It is expected that many agencies will design plans based upon the guidelines, Balutis said.

The CIO Council worked closely with the Business Software Alliance, a nonprofit trade organization for the software industry, in drafting the guidelines. BSA spokeswoman Anne Gavin said the endorsement of a software management policy by the CIO Council effectively codifies the intent of the president's executive order and helps raise the profile of software issues within federal agencies.

"Governments are some of the biggest users of software and can be the biggest offenders when it comes to illegal software," she said. "When any organization does not have a software management program in place, there will be illegal software. This [policy] really helps us out in terms of setting standards and making people aware of the problem of illegal software."

The federal government, she said, is the biggest user of software in the country. She said that because the government as a whole has never been audited on its software use, it is impossible to gauge the degree to which software is being used illegally by federal workers. But the lack of a governmentwide plan for software management, she said, makes it certain that there has been some degree of software piracy.

Training, she said, will be one of the keys to make the new policy work. More often than not, she said, software piracy occurs not as a result of people conspiring to dupe software companies but because people do not know that they are breaking the law when they copy software.

"It's very easy to copy software," she said. "It's a disk, it's a CD-ROM. It's easy to pass software from one employee to another. Someone brings something from home and says, 'I've got this great software. Here, put it on your machine.' "Worldwide, she said, about 38 percent of the software used is pirated. BSA estimates that piracy costs the software industry about $11 billion per year, $2 billion of which occurs in the United States.

The trade organization plans to continue working with the CIO Council and agencies in setting up the guidelines, Gavin said. Among other things, individual software companies plan to help produce marketing materials to educate federal workers about software piracy, she said.