INQUIRY ON ALLEGED UNLICENSED SOFTWARE USAGE

[LETTER TO LEGAL COUNSEL]

Dear Attorney,

I hope this message finds you well. I am writing on behalf of a private engineering consultancy (hereinafter referred to as the “Company”) to seek your legal advice regarding a pressing issue involving alleged unlicensed software usage. Recently, we received multiple emails and formal demand letters from a certain law firm claiming that the Company had continued to use an “illegal/pirated/unauthorized” copy of a structural analysis software, even after our original license period ended.

By way of background, in 2021, the Company purchased a single subscription license for this software to fulfill the requirements of a specific client project. After successfully completing that project, we chose not to renew the license because our subsequent contracts did not necessitate further use of the software. Despite this, the opposing party now contends that we have been running an unlicensed version of the software, based on logs allegedly obtained from our servers. Moreover, they are demanding a substantial sum in US dollars, presumably to settle this claimed infringement.

Our internal IT team has reviewed the logs in question, which appear to be dated back to 2021. At that time, our team recalls having been offered a 30-day free trial when the software was initially purchased. The Company had used the subscription license properly throughout its active period. We have not used any version of the software—trial or otherwise—beyond that point, nor do we believe we have done anything to violate the terms of the subscription agreement. Still, the law firm insists on payment, raising concerns about data privacy, specifically on how they managed to obtain logs or IP address information that belong to our internal network without our explicit consent.

Given these circumstances, we would greatly appreciate your expert legal guidance on the following matters:

  1. Validity of the Allegations: Whether the claim that we have used an unauthorized version of the software, post-license expiration, could stand under relevant laws, particularly when our records indicate no such usage.

  2. Evidence and Data Privacy Concerns: How we should address or challenge the law firm’s assertion that it has server logs or IP addresses, and whether obtaining and using such logs without our permission raises potential data privacy or other legal violations under Philippine law.

  3. Potential Legal Risks and Liabilities: What legal consequences we could face if the opposing party decides to escalate the matter, given that they are alleging software piracy or infringement under the Philippines’ intellectual property laws.

  4. Recommended Course of Action: Steps we should take to protect our rights and interests, respond formally to the demand letters, and ensure we remain fully compliant with applicable regulations.

Your immediate attention to this issue would be immensely helpful, as we wish to resolve the matter in a timely, fair, and legally sound manner. Thank you for your prompt consideration.

Respectfully,

[Name of Sender Withheld] Representative of a Private Engineering Consultancy

COMPREHENSIVE LEGAL ARTICLE AND ANALYSIS UNDER PHILIPPINE LAW
(Authored in the spirit of providing an in-depth understanding, as the best lawyer in the Philippines, for educational purposes only.)

I. INTRODUCTION
Software piracy, unauthorized installations, and unlicensed usage are matters governed by several key statutes in the Philippines, foremost of which is Republic Act No. 8293 (the Intellectual Property Code of the Philippines, or “IP Code”). Entities alleged to be involved in unlicensed software usage can face both civil and criminal liabilities, under certain conditions. In addition, concerns about unauthorized acquisition of IP addresses or server logs invoke provisions of the Data Privacy Act of 2012 (Republic Act No. 10173), which protects personal and sensitive personal information against unauthorized access and processing. This legal article addresses each of these concerns, outlines possible defenses, and discusses best practices for companies facing similar issues.

II. INTELLECTUAL PROPERTY CODE (R.A. 8293)

  1. Scope and Purpose
    The IP Code protects intellectual property rights in the Philippines. Software products, source codes, and their associated trademarks and copyrights fall under this broad legislative umbrella, which seeks to foster innovation and protect the rights of authors, inventors, and right holders.

  2. Types of Infringement
    Under the IP Code, copyright infringement can occur when a person or entity reproduces, distributes, or uses a copyrighted work without authorization. For software, infringement may include installing the program beyond the scope of a valid license or continuing to run it after the subscription or license has lapsed.

    • Civil Liability: The right holder may seek injunctive relief, damages, and other legal remedies.
    • Criminal Liability: In egregious cases—such as willful infringement on a commercial scale—criminal charges may be initiated.

  3. Importance of License Agreements
    Most software licenses detail the scope of permissible usage, the number of installations allowed, duration of validity, and the legal redress available to the licensor in cases of unauthorized use. Courts often look at the license terms to determine liability.

  4. Potential Defenses

    • Expired vs. Unused License: Merely having a license that expired does not automatically translate to continued infringement if the software is no longer actively used. Demonstrating non-use can be a valid defense.
    • Trial Period Discrepancies: If a trial period was granted, the user may raise the defense that usage during the specified trial period does not constitute unauthorized use, assuming no usage continued beyond that term.
    • Good Faith / Absence of Knowledge: In civil litigation, a defendant may mitigate liability by showing good faith or by proving they had no knowledge or reason to believe the license had lapsed or was otherwise unauthorized.

III. SOFTWARE PIRACY AND THE PHILIPPINE ANTI-PIRACY TEAM
Software enforcement is often spearheaded by the Philippine Anti-Piracy Team (PAPT), a coalition that includes representatives from government agencies such as the National Bureau of Investigation (NBI) and the Optical Media Board (OMB). Private sector organizations, including law firms representing software companies, sometimes act on behalf of the right holders. They may send demand letters and propose settlements before initiating more formal processes.

  1. Preliminary Investigation & Searches
    Law firms may conduct investigations with or without official assistance. They often rely on specialized technological tools or external data to detect unauthorized installations.

    • Legitimacy of Evidence: If the data was obtained illegally—without court order or lawful authorization—it may be challenged as inadmissible, though practical realities vary.

  2. Settlement vs. Litigation
    Receiving a demand letter often indicates the software owner’s preference to settle. However, if the alleged infringer refuses, the next step could be a criminal complaint or a civil action. Consulting a lawyer promptly is crucial.

IV. DATA PRIVACY ACT OF 2012 (R.A. 10173)
The unauthorized use of server logs or IP addresses may raise concerns under the Data Privacy Act. While IP addresses can be considered personal information in certain contexts (especially if it can be traced to an identifiable individual or entity), the legal thresholds can be complex.

  1. Applicability

    • Data Subject: The Company or its employees might be data subjects if personal information is obtained, used, or processed by an external entity (such as a software provider or law firm) without consent.
    • Personal vs. Non-Personal Data: IP addresses might not always be classified as “personal data,” but where they can reveal the identity or location of individuals, the question becomes more complicated.
    • Consent and Lawful Grounds: The collecting party should generally have consent or a legal basis (e.g., court order, ongoing litigation) for accessing and processing such data.

  2. Data Privacy Violations
    If a company believes that its data has been accessed improperly, it may lodge a complaint with the National Privacy Commission (NPC). Potential violations include unauthorized processing, data breach, or failure to implement adequate security measures to protect personal data.

  3. Overlap with IP Investigations
    While software licensors may argue legitimate interest in verifying license compliance, it does not automatically legalize any method of obtaining IP addresses or server logs. Proper protocols, such as notice to the alleged infringing party or a court-issued warrant, may be necessary.

V. POTENTIAL LEGAL STRATEGIES FOR THE COMPANY

  1. Conduct an Internal Audit

    • Technical Audit: Verify whether the software in question remains installed on any company device. If so, remove it immediately if you no longer have a valid license.
    • Log Analysis: Investigate any anomalies in the logs provided by the law firm. Compare them against company records to confirm usage dates and times.

  2. Review License Terms and Contract History

    • Scope of Past License: Examine the license that was purchased in 2021, including the terms of renewal and conditions for trial usage.
    • Document Non-Use: Collect internal documentation (meeting notes, memos, or server records) to demonstrate that the software was not used beyond the license period.

  3. Respond to the Demand Letter

    • Request for Evidence: Politely but formally request more detailed evidence. Ask how they obtained IP addresses, logs, and usage data.
    • Notice of Data Privacy Concerns: Express the Company’s concern about any possible data privacy violations.
    • Offer to Cooperate in Good Faith: Indicate willingness to clarify facts or rectify any bona fide misunderstanding.

  4. Consider Negotiation or Settlement

    • Risk Assessment: Evaluate the potential costs of litigation, including attorney’s fees, reputational risks, and time spent.
    • Legal Merits: If there is a genuine question of unauthorized usage, an amicable settlement might be cost-effective. If the Company strongly believes no wrongdoing occurred, a more assertive stance might be warranted.

  5. Explore Counterclaims and Data Privacy Complaints

    • Possible Countermeasures: If the law firm’s conduct or the software licensor’s methods of obtaining data appear illicit, the Company may explore lodging a complaint with the National Privacy Commission.
    • Evidence Preservation: Retain all communications and logs to substantiate any counter-allegations or defenses.

VI. TIMING AND PRESCRIPTION
Under Philippine law, civil actions may be subject to prescriptive periods. If the alleged infringement occurred only within a specific time frame (e.g., solely during the license validity or the free trial period), the opposing party might face difficulty in pursuing legal claims if a substantial period has elapsed. It is essential to confirm whether the action is timely filed.

VII. CRIMINAL VS. CIVIL LIABILITY
The Company should clarify whether the allegations are meant to lead to criminal charges, civil action, or both. Most software right holders prefer a civil approach focusing on damages, unless they have substantial proof of willful or commercial-scale piracy. Nevertheless, it is important to respond promptly and appropriately to avoid potential escalation.

VIII. POTENTIAL DEFENSES TO COPYRIGHT INFRINGEMENT

  1. No Unauthorized Copying or Distribution: If the software was installed and used strictly within the license term, proving no copies were made beyond that period is critical.
  2. Fair Use? While Philippine law recognizes certain fair use defenses, these typically apply to limited or transformative use, which rarely extends to using a full commercial software suite.
  3. Invalid or Inadmissible Evidence: If logs were obtained without a warrant or legal basis, they may be inadmissible, depending on the circumstances.

IX. PRACTICAL CONSIDERATIONS

  1. Legal Counsel
    Immediately consult a lawyer experienced in intellectual property and data privacy law. Early legal intervention helps in formulating a cohesive strategy, reviewing evidence, and engaging with the opposing party.
  2. Documentation
    Maintain thorough records of software installation, license payments, and renewal correspondence. Clear paper trails often prove decisive in intellectual property disputes.
  3. Company Policy
    • Software Policy: Ensure a robust internal policy covering software usage, prohibiting unauthorized installations, and requiring periodic compliance checks.
    • Employee Education: Train employees to observe licensing constraints, especially for specialized engineering or design software.

X. CONCLUSION
Facing a demand letter alleging unlicensed software usage is a serious matter under Philippine law. The Intellectual Property Code provides the legal framework for assessing whether an infringement took place. Simultaneously, the Data Privacy Act imposes constraints on how third parties may obtain and use personal or sensitive information, including potentially identifiable data such as IP addresses or server logs.

A company that previously held a valid license but subsequently let it lapse needs to examine whether any unauthorized usage truly occurred. If usage stopped altogether once the license expired, demonstrating that fact through accurate internal records can be an effective defense. Nonetheless, prompt and informed action is key: ignoring a demand letter can escalate matters, potentially leading to litigation or criminal complaints.

In formulating a legal response, consider both intellectual property compliance and data privacy implications. Collect all relevant documentation, conduct an internal audit, and engage in good-faith communication with the alleging party. If there is evidence of possible wrongdoing, weigh the risks and benefits of settlement against potential litigation. However, if the claims appear baseless, a firm legal stance—possibly coupled with a counterclaim related to unauthorized data gathering—may deter unwarranted demands.

Finally, adopting preventive measures and maintaining a proactive compliance culture around software licensing is crucial for any organization using third-party software applications. Reviewing and renewing valid licenses, properly uninstalling applications when no longer needed, and instituting strict protocols around software installation all help mitigate the risk of running afoul of intellectual property laws. Moreover, being aware of data privacy regulations ensures that an organization itself respects the privacy rights of its employees, customers, and business partners, while also protecting its own sensitive information from unjustified exposure.

Disclaimer: This article is for general informational purposes only. It does not create an attorney-client relationship nor constitute legal advice. Specific circumstances vary, and concerned parties are advised to consult with qualified counsel to address particular legal matters.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login