On-site inspections conducted by the Market Inspectorate of Slovenia in the last decade have shown that approximately 9% of all software installed on company computers lack the necessary permission of the rightful copyright holders. At the same time, over 40% of inspected companies had at least one unlawful computer program installed when inspected. Results show that SMEs are especially prone to such practices.
Under Slovenian law merely the possession of unlawful software can constitute an infringement of copyright, provided that it is intended for commercial purposes and the holder knows or has a reason to believe that it is an unlawful copy (Article 116 (2) of Slovenian Copyright Act).
According to case law, possession of software is deemed unlawful if the software was obtained without a legal basis (for example, a license agreement, a franchise agreement, etc.). However, if software was obtained lawfully but the legal basis has expired, the possession of the software constitutes an infringement only if the company was under the obligation to remove the software upon its expiration (e.g., if this was explicitly foreseen in the license agreement or requested by the copyright holder after expiry).
Where infringement exists, the copyright holder is entitled to request that future use be prohibited, that the software be removed from the computer, and that the judgment be published.
Moreover, the copyright holder is also entitled to damages corresponding to the damage sustained or an appropriate license fee. If damages are claimed, general rules of damage liability apply: The copyright holder must prove all elements of damage liability, including the amount of damage sustained.
Where the infringement was committed intentionally or by gross negligence, the copyright holder is entitled to a penalty payment amounting to up to three times the value of an appropriate license fee, even if no actual damage was sustained.
Under the Copyright Act possession of unlawful software is punishable as an offense as well. The infringing company can be fined by the Market Inspectorate. The minimum amount of this fine is EUR 1,700, and no maximum has been set.
The Slovenian Market Inspectorate has developed a practice of carrying out inspections on random companies. Every year approximately 400 companies are informed about statutory provisions regulating the use of software and requested to provide a list of computers and installed or regularly used software. This is followed by an on-site inspection, conducted predominantly in those companies that do not respond to the Market Inspectorate’s request (27% in 2016).
In practice, however, fines are rarely imposed, as often the unlawful software is removed on-site or the infringement is remedied by acquisition of the required license following a warning or a decision issued by the Market Inspectorate. In 2015, for example, less than ten fines were imposed.
Furthermore, use of unlawful software with a value exceeding EUR 5,000 constitutes a criminal offense pursuant to Article 148 of the Slovenian Criminal Code. For legal persons this offense is punishable with a fine of up to EUR 500,000 or, if the value of the unlawful software used exceeds EUR 50,000, between EUR 50,000 and up to 200 times the value of the illegally obtained proceeds. It should be noted, however, that so far only acts of distribution of unlawful software have been prosecuted and punished, and no company in Slovenia has been convicted of the commercial use of unlawful software.
Another important aspect that should not be neglected, since it can have considerable financial consequences, concerns the security risks connected with the use of unlawful software. Users of unlawful software do not benefit from software updates, and out-of-date software is often seen as an invitation to unauthorized users (hackers) to gain access to a computer. Once access to one of the computers in a system is gained, the hacker may interfere with the operations and data of the whole system and, for example, lock and encrypt all files until a ransom is paid to recover and decrypt the files. This so-called “data highjack” is becoming more and more widespread in Slovenia. By keeping all software up-to-date, enterprises can considerably reduce the risk of such attacks, since software providers are constantly coming up with new patches, fixes, and updates to protect their software from malware breaches.
By Branko Ilic, Partner, and Neza Grasselli, Associate, ODI Law Slovenia
This Article was originally published in Issue 4.5 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.