Published on:
9 Mar 2023
2
min read
On being sued, for the software-related sins of employees, and steps smart employers should take.
PW is employed by IPL, a manufacturing company. While PW was teaching himself how to use a particular industrial software for work, he found a way to install a full version of the software without paying for it.
PW installed the software in an unused laptop left in company premises, and proceeded to use the software at least 15 times. He did this without anyone else in the company knowing.
The software's distributor, SISI, found out about the unauthorised use, and managed to track down IPL through its IP addresses.¹ IPL was informed of the infringement, and the offending software was uninstalled.
SISI suggested that matters could be made right if it was paid $79,587 for a software license.² No payment was made. SISI sued.
---
Now, you might have expected SISI to sue PW. After all, it was PW who installed the software without anyone else knowing.
But, surprise - SISI sued IPL. Not PW.
And - IPL was found to be liable to SISI, and was ordered to pay damages to SISI.³
---
At this point, some of you might be wondering: why should IPL have to pay a single cent to SISI for the unauthorised acts of its employee?
That's because of a concept known as "vicarious liability".
Under "vicarious liability", companies can be liable for the wrongful acts of their employees, even if the company has not been negligent at all.⁴
There are, of course, limits to this concept. But in this case, the Court imposed vicarious liability for various reasons, including:
a) IPL's lax supervision of PW afforded PW the latitude and opportunity to commit the infringing acts;
b) one of IPL's managers had mismanaged and not properly secured the laptop on which the offending software was installed, which created and enhanced the risk of PW's acts; and
c) if IPL was made liable, that would incentivise employees to take steps to reduce their employees' copyright infringement.
---
So. Some takeaways for employers:
a) Have an anti-software piracy policy in place. If you have not already implemented one, consider it an urgent priority. And don't just generate one from ChatGPT! Reach out if you need advice.
But! It is not enough to merely have a policy in place. The policy should also be brought to employees' attention, who should provide signed acknowledgments. Employees should also be reminded of the policy at regular intervals.⁵
b) Have a device management policy in place. There is no point in imposing administrative controls in company-issued computers if employees can use random laptops lying around to bypass them.
c) Consider obtaining Public Liability insurance. But check the fine print. If it only covers personal injury or property damage, consider whether to expand the scope of coverage, especially if there is an unavoidable risk of employees going on a frolic.
Disclaimer:
The content of this article is intended for informational and educational purposes only and does not constitute legal advice.
¹ To which I say: way to go, Sherlock!
² Compared to this, Microsoft 365 Personal looks like a real bargain at just $69.99 per year.
³ Albeit significantly less damages than what SISI had sought.
⁴ This is, as usual, a gross over-simplification.
⁵ In the present case, PW was last reminded of the policy 5 years before the incident took place, which the Court held was insufficient.
[2023] SGHC 50
