Regardless of their industry, size and geographic location, all companies have an ongoing relationship with at least one or more software vendors. With this pervasiveness comes a steep global price tag — Gartner predicts that worldwide enterprise software costs will account for $750 billion in 2022, an 11% surge from 2021 — Software licensing is truly omnipresent.¹

Software license audits are also omnipresent. According to a 2018 survey conducted by the International Business Software Managers Association, seventy-five percent of small organizations reported being audited 1 to 3 times in the past 3 years. Forty percent of large companies had experienced 4 to 10 audits in the same time frame, a 25 percent increase.²

With increasing complexities in emerging technologies (such as virtualization and third-party cloud computing), most companies have little confidence in their own compliance. In Logicworks "2019 State of Cloud Compliance" report, 77% of Information Technology Decision Makers (ITDMs) did not believe that their company would be found compliant in an audit, with 49% believing that cloud providers were responsible for their company's compliance.³

As such, with this increase in audits comes will come an inevitable increase in audit spend. The Flexera 2022 "State of IT Asset Management Report" states that 24 percent of companies surveyed paid more than $1 million in audit-related costs and penalties in the previous three years with an additional 10 percent spending over $5 million. Only 17 percent paid less than $100,000.00 during the same time period.⁴

According to Dealogic, private equity had an unprecedented year of tech deals in 2021, and as of mid-December 2021, they had backed a record number of such deals totaling $401.71 billion.⁵

Among these deals, software firms have been the most targeted in the past year.⁶ Private equity firm Thoma Bravo made the news last year by announcing what reports called "the biggest cloud buyout ever" in a deal valued at $12.3 billion, coming on the heels of its $10.2 billion purchase of RealPage (and thereby breaking its own recently set record).⁷

Additionally, Francisco Partners, a private equity firm with a portfolio of more than 400 tech companies, recently acquired part of IBM's Watson Health business with financial details not yet disclosed.

Robust merger and acquisition activity in enterprise technology is far from limited to private equity. At the beginning of 2022, TechCrunch tallied the top 10 deals of 2021, with Oracle's $28.3 billion purchase of health records company Cerner topping the list. Of the $121 billion spent on the top ten, TechCrunch noted that only four were driven by private equity.⁸

The software license troll wears the multiple disparate hats of an interested party, a fierce advocate, the supposedly neutral fact finder and ultimately, the beneficiary of the dispute it started.

Taking their cues from patent trolls, software license trolls often rely on greatly exaggerated, if not baseless, allegations of under-licensing while extracting fees and penalties that beleaguered licensees deem easier to pay than to spend energy disputing. They can increasingly be characterized by having a disinterest in and separation from the software technology that is being asserted.

Software licenses are routinely being held and enforced by myopically profit-oriented entities that are disconnected from the actual development of the software. That can manifest itself through private equity steering towards a short-term payout or long-time vendors acquiring software divisions with no historical knowledge of time investment.

However, in many ways, software license trolls are a greater and more immediate threat than patent trolls. Sidestepping the cumbersome court process that slowed down patent trolls, a software vendor need only initiate a low-cost, low-commitment audit against any one of its licensees to begin asserting shortfalls and demanding cash payment.

Because they typically operate outside the court system and subject audit proceedings to confidentiality provisions, it is difficult for companies to determine which vendors are exhibiting troll-like behavior until it is too late.

Finally, most software license agreements allow the vendor to unilaterally terminate a license agreement if it deems the licensee to be in breach of the agreement's terms. Once terminated, a licensee is forced to proceed either as a copyright infringer or cease using the software entirely. In some instances, such as services provided via the Cloud, the vendor can simply terminate access to the software and the data within.

Aggressive and "troll-like" vendor behavior is readily found across the software industry. As long as vendors such as Oracle, Microsoft, IBM and SAP retain control of their operations and evade private equity, they lack the disconnect that we believe characterizes software license trolls as the successor to patent trolls.

Following are a few of the key players that are coupling the aggressive tactics of larger, more established vendors with the disconnected antagonism that is so redolent of patent troll behavior.

Micro Focus and Quest Software are "Tier Two" vendors both of which are largely controlled by venture capital, have been at the center of a dizzying array of mergers and acquisitions and have earned a reputation for predatory audits.

Micro Focus. Founded in 1976, Micro Focus had $3 billion in 2020 revenue and has acquired over 40 different software companies including The Attachmate Group in 2014 and Hewlett Packard Enterprise's software branch in 2016. Around the time of the Attachmate acquisition, Wizard Parent LLC (consisting of four investment groups, including Elliott Management Corporation and Francisco Partners) became the parent corporation for Micro Focus. Today, Micro Focus is a "notorious vendor in SAM circles" and is considered a "high risk" by FisherITS.^{9, 10}

Quest. Founded in 1987, Quest is known for developing the Toad family of software and currently controls over 200 software titles.¹¹ Quest was acquired by Dell in 2012, and four years later, Dell was acquired by Elliott Management and Francisco Partners, which subsequently rebranded the collection of entity as Quest. After the rebranding, Quest built out a robust software compliance team and gained notoriety as an aggressive auditor and was again purchased by private equity in 2021 — this time by Clearlake Capital Group LP.¹²

Beware of a heightened litigation risk: Both Quest and Micro Focus have pushed auditing disputes into litigation. Micro Focus sued Express Scripts and was sued by Cox Communications, and Quest sued Nike and was sued by Fairview. Included were allegations that the vendors wildly overstated deployment based on users having access to software regardless of whether they were using it and allegations that the vendors swapped out less favorable licensing agreements through inadvertently executed "click wrap" agreements.

OpenText is Canada's largest software company. Over the last several years, it has spent over $4.79 billion on 27 acquisitions, the latest being the $860 million acquisition of Zix.¹³ While not under private equity control and due to the fact that it is "acquiring a non-complementary suite of software products," at least one investment analyst has noted that OpenText operates as "more of a private-equity firm" than software platform.¹⁴

Mirroring Micro Focus and Quest's post-acquisition behavior, OpenText appears to treat its licensees similar to how a disconnected private equity firm treats theirs. OpenText has joined the ranks of vendors most likely to audit, most difficult to work with and most consistently extractive of audit revenue. One industry analyst commented that OpenText's auditing practices are so "over-the-top aggressive" it seems as if they don't "care about maintaining a long-term relationship with customers."¹⁵

Among the myriad of complaints include allegations that its auditors improperly count users twice, insist upon count disabled users and constantly refine contractual language to more easily assert non-compliance.¹⁶

If you have not yet become the target of a software license troll, it is only a matter of time. A few considerations to keep in mind:

•Constantly reevaluate previously trusted vendors. A change of ownership can cause licensing troubles with a vendor that had been trouble-free for years. Be aware of any acquisition of the software that your company uses.

•Exercise extreme caution when executing any agreements. Even a routine technical support renewal or license purchase can hide material changes to your license agreement.

•Get your licensing agreements in order. Collect your agreements, including all ordering documents and ancillary materials.

•Beware of audit triggers. While your company should always be on alert for the inevitable audit, certain things (such as decreasing support, mergers/acquisitions and cancellation of subscriptions) serve as audit triggers for many vendors. Be vigilant and aware.

•Whether in an audit or not, handle vendor information requests carefully. Be cautious and study your agreement. Volunteer no more information than required, and always understand scripts before running and submitting the output.

•When audited, take your time to respond (but not too much time). software license trolls thrive in uncertainty, shock and surprise. Take all the time you are allowed to kick off the audit and respond to information requests. Hasty responses invariably divulge too much, and once disclosed, shared information can be impossible to retract.

•Be aware of the increasing risk of litigation. Whereas the risk of litigation erupting from a licensing dispute used to be negligible, it is increasingly becoming a pervasive threat. Always involve counsel early on to protect the record and minimize escalation.

A company's management of its software entitlements and deployments is ultimately driven by intel. As with the heyday of patent trolls, knowing who you are dealing with is a crucial element of that intel.

Though licensing terms and negotiations are often subject to confidentiality obligations and kept from the public eye, a licensee company must understand the history and practices of their software vendor. With the continued emergence of software license trolls and their dubious practices, business as usual is a relic of the past.

Your business interests cannot be protected when interfacing and negotiating with software vendors, even trusted ones, without an up-to-date evaluation of their licensing and auditing behavior. Once armed with that necessary intel, you can then take the steps required to protect those interests.

1 Hurst, A. (Jan. 18, 2022), "Gartner Forecasts Worldwide IT Spending to Grow 5.1% in 2022," Information Age. https://bit.ly/3sdPEzO.

2 Russman, S. (Feb. 16, 2018), "Your Software Audit Chances are Higher in 2018. Here's Why," LinkedIn. https://bit.ly/3KYZpuh.

3 State of Cloud Compliance Annual Survey 2019, Logicworks. https://bit.ly/3AQ3tZ6.

4 Flexera 2022 State of ITAM Report, Flexera. https://bit.ly/3rkUAU1.

5 Cooper, L. & Singh, P. (Jan. 3, 2022), "Private Equity Backs Record Volume of Tech Deals," Wall St. J. https://on.wsj.com/34apLJ7.

6 Balezou, M. (Mar. 30, 2021), "Private Equity's Taste for Tech Spurs $80 Billion Deal Spree." Bloomberg. https://bit.ly/3grdD9f.

7 Levi, A. (Apr. 26, 2021), "Thoma Bravo's $12.3 Billion Purchase of Proofpoint is the Largest Private Equity Cloud Deal," CNBC. https://cnb.cx/3ulQDQZ.

8 Miller, R. (Dec. 27, 2021), "2021's Top 10 Enterprise M&A Deals Reached $121 Billion," TechCrunch. https://tcrn.ch/3umcW9a.

9 Oestergaard, J. (Jan. 26, 2021), "Micro Focus Software License Audits — Everything You Need to Know," ITAM Channel. https://bit.ly/3HioWfD.

10 Among a myriad of other questionable auditing practices, Micro Focus has aggressively leveraged a licensee's use of Citrix to inflate the number of licenses needed (See https://bit.ly/3HrNK54). Of interest, Elliott Investment Management (which, in part, controls Micro Focus) and Vista Equity Partners are purportedly in "advanced talks" to buy leading remote access company Citrix Systems Inc. (See https://bloom.bg/3GrIe0O). If this transaction goes forward, companies are advised to carefully watch how software vendors continue to leverage Citrix use in future audits.

11 Russell, D. (Feb. 27, 2019). "How to Prepare for a Quest Audit," Anglepoint. https://bit.ly/3J35KTH.

12 Reportedly, Francisco Partners and Elliot Partners purchased Quest in 2016 for approximately $2 billion, which would mean that the two investment firms more than doubled the value of their investment in a little over six years (See https://tcrn.ch/3ofpGuz). If true, Quest could become a troubling object lesson for the future investment control of software vendors.

13 Acquisitions by OpenText. (Jan. 26, 2022). Tracxn. https://bit.ly/3gkWfCQ.

14 "OpenText is Private Equity, Not a Software Platform" (June 8, 2022), Seeking Alpha. https://bit.ly/3HrOqr8.

15 Larsen, T. (May 24, 2021,), "An Insider's Guide on Where to Target Your Software Asset Management Efforts," ClearEdge Partners. https://bit.ly/32S0rH6.

16 According to one case study, OpenText allegedly took a "single screen shot of an application," based its entire audit on the screen shot, then demanded rapid resolution by insisting that audit fees would be "$550K if you pay by Friday, $7M if you pay in two weeks, and it's $14M thereafter." (See https://bit.ly/3GhkUTz).