Stay in the loop with the most important updates
Statistical data has shown that, when it comes to software, the piracy rate in Serbia in 2017 went up to 66% . Although there is a visible tendency towards reducing that number by about 2% per year, the use of unlicensed computer programs has become part of everyday life up to such an extent that it has created an illusion that such behavior is acceptable and justified. However, not being informed well enough in this matter can have a detrimental effect on everyone who decides to use software not obtained following the terms and conditions of the software license.
The experience has taught us that there are 2 groups of legally problematic situations:
1) The use of illegally obtained software;
2) The use of software that is legally obtained but by another entity (for example, when within a group of companies, the parent company obtains a software license, which is then used by its subsidiaries).
Both of these situations will be further analyzed in the first part of the blog, whereas the second part will provide a clarification of the procedure conducted by the inspection authorities and the possible consequences if the inspector notices certain irregularities.
Software, as an original intangible creation, is primarily protected by copyright and can be protected by other intellectual property rights as well, as you have already read in our blog Legal Protection of Software – This Is what You Need to Know. For this reason, the use of the so-called “cracked” software does not differ from stealing someone’s items, such as a bike or a car, so the consequences of its use can be very unfavorable.
The penal provisions of the Law on Copyright and Related Rights prescribe high fines for companies that illegally use the authorizations of the holders of intellectual property rights on computer programs and databases.
The amounts of fines differ depending on the type of the perpetrator, so the fine for the commercial offense, i.e. a misdemeanor (if we are speaking of an entrepreneur) can be imposed in the following range:
Besides that, the Law on the Organization and Jurisdiction of Government Authorities in the Suppression of Organized Crime provides for the possibility of initiating criminal proceedings, in the following cases:
- if the number of illegally copied software used by the supervised entity in their business exceeds 2,000, or
- if the material damages arising out of such activities exceed 1,000,000 dinars.
Such activities represent criminal offenses against intellectual property rights, whose suppression is in the competence of a specialized department for fighting against high-tech crime within the Serbian Higher Public Prosecutor’s Office. The fact proving there are potential, serious consequences due to the violation of the mentioned regulations is also evidenced by the fact that the threatened punishments for committing these criminal offenses range up to 5 years in prison.
Having in mind the large number of foreign companies that establish branches and subsidiaries in the Republic of Serbia, the question of whether a foreign parent company is allowed to transfer, i.e., sublicence their license rights to a local subsidiary frequently comes across. The answer depends on the specific conditions of the obtained license, so the response differs depending on each case. Generally, there are 3 groups of situations:
In most cases, the transfer of a license to legally obtained software is not permitted. Many companies that develop software that is massively used explicitly prescribe such a rule – such as Adobe, Microsoft 365 for Business, and others. Most often, as a condition for transfer, you need the consent of the company that developed the particular software. For example, Adobe considers unauthorized sublicensing or transfer of rights to third parties, a misuse of the services provided.
It is particularly important to pay attention to the version of the software that is used: namely, the rules of transferring the license can differ depending on the plan you purchased. For instance, Postman offers free and three different paid plans: Basic, Professional, and Enterprise. Depending on the option chosen by the user, the scope of the obtained rights differs, so it is always necessary to examine the distinctions between the available plans in order to determine whether and how much of the rights can be transferred to another (affiliated) party.
In addition to companies that strictly forbid the transfer of a license, there are types of software where the transfer of a license is somewhat more liberal, in the sense that it allows for the founding company to transfer their right of use onto another legal entity. However, as a rule, one condition is imposed: it has to be an affiliated company, under which the Terms of Service of the company providing the license define ’affiliated company’ in accordance with their own rules.
For example, Google Workspace Terms stipulate that sublicensing is allowed only after notifying Google of such change, as well as provided that the affiliate accepts the terms in writing. From Google’s point of view, an affiliate is any entity directly or indirectly controlling the licensee, or the entity under the control of the licensee, as well as an entity under common control with the licensee. It is interesting that Google explicitly states in its Terms that in such an event, Google might also (automatically) transfer the agreement to another Google entity located in the country of residence of the new licensee (i.e., the affiliated party). In other words, an Australian company will obtain the license from the Google entity from Australia, but if the license is sublicensed to the affiliate from the USA, in that case, Google LLC will act as a licensor, given that the USA is under its competency.
Still, some companies allow free sublicensing and software transfer. Typically this is the case with free, open-source software, such as Visual Studio Code.
To sum up, if, for instance, a foreign company affiliated with your Serbian company wishes to allow your company to use software that has been initially obtained by the foreign company, it is necessary to previously study in detail how this issue is regulated in the Terms of the license itself, in order to determine whether such transfer is permitted.
Considering the recent reorganization of the Tax Authority, amendments, and addendums of the Law on Special Jurisdiction for Effective Protection of Intellectual Property Rights, the jurisdiction of Tax Authorities in this domain was transferred to the Ministry of Internal and Foreign Trade in 2021.
However, the Tax Authority remains competent concerning all cases that it received and started working on until October 6, 2022.  Therefore, we might expect a blend of competencies of the Tax Administration and the Ministry in this transitional period, while the Ministry will be competent for all future illegal use of the software by conducting inspectional supervision. The Ministry of Internal and Foreign Trade will use the current software decision of the Tax Administration, which is planned to be updated and improved in 2023. To unburden the Tax Administration, and after the training of inspectors in the Ministry, we might expect a more frequent and thorough inspection of legal entities.
To contribute to an easier understanding of this issue, the Tax Authority published a control list of the legality of the software on its website in the past. Even though these competencies have been transferred to the Ministry, this control list may still be of great use for all who is the subject of inspection, since the Ministry has received the software decisions from the Tax Authority, and since the Tax Administration officials train the inspectors of Ministry.
The control list represents a standardized, publicly-available document, which the Tax Authority drafts and publishes, thus ensuring the transparency of the requirements for the companies’ business to be accordant to the law. Most importantly, this list contains certain guidelines which can be helpful to all potential entities awaiting a visit by the inspectors, since they can self-evaluate beforehand.
With the questions listed on the control list, you can form a clear picture of what the supervision procedure is like – i.e., what questions will be asked, which actions will be taken, and the like. By filling out the list, the subjects of inspectional supervision get a picture of the level of risk of their business, so they get a chance to act and measures to reduce that risk promptly.
The advantage of the list is that the legal requirements are made more accessible and understandable for software users, which significantly contributes to their education, better awareness, and certainly the prevention of unlawful business activities.
The questions in the list are divided into several parts:
1) Bookkeeping records of electronic computers and software license use
The answers in this section are not subject to scoring since they do not affect the level of risk from the point of view of the legality of software. The main purpose of this part is to state the general state of the computer equipment from the accounting aspect and in reality.
2) Determining the legality of installed computer programs and databases
This section’s answers are scored to serve as a determination point of the risk level. In this group included are questions related to determining the legality of the particular software used by the company, which are classified under several categories:
- Microsoft products,
- databases (such as Oracle),
- computer-protection programs (such as anti-viruses and firewalls),
- CAD/CAM computer programs (for instance, Autodesk),
- computer programs for image editing, graphics, and print (such as Adobe),
- other computer programs.
3) Awareness of the software copyright protection
The answers in this section are also not scored since they do not affect the level of risk from the point of the legality of software but serve prevention and advisory purposes.
After completing the control list, the total number of points you have collected will determine the level of risk from the point of view of the legality of the software: marginal, low, middle, high, or critical.
The Law on Inspection Supervision prescribes several types of inspection supervision: regular, irregular, combined (combination of the previous two), control, and additional. Per the prescribed provisions, the inspector is obliged to inform the supervised subject in writing of a planned control at least 3 days in advance, unless there is a justified concern that the supervised entity will damage the upcoming control by their actions, or another legally prescribed reason occurs. Simultaneously, the inspector notifies the supervised subject about the internet page on which the software control list is published.
Thus, in most cases, a prior notice by the inspector and a written warrant for control (when its use is required) are two preconditions that, once fulfilled, open the door for the competent inspector to carry out supervision in accordance with their powers.
- The first step includes checking basic information about the company, which the inspector will carry out by inspecting the documentation kept in the company’s seat, such as public documents, or certificates from the register of business entities.
- After checking the basic information, the inspector will proceed to determine the number of computers that the company possesses and keeps in its business facilities. This is done based on the inventory list for the previous year and physical insight into the number of computers.
- Additionally, all installed software is listed to control the entry of software into a ledger account, based on which the number and types of installed software on the computers are determined.
In the event the taxpayer possesses a great number of computers, the inspectors may selectively list the installed software only on particular, randomly selected computers. If it is determined that there is unlicensed software on any of them, every software the company possesses shall be checked.
- Finally, the tax inspector examines the software’s legality, depending on the software type and the manufacturer. While conducting the examination, the inspector will follow the rules prescribed by the particular software manufacturer, hence, the control itself can differ accordingly, depending on the computer program in question.
For example, when it comes to the Windows operating system, the following are checked:
- the original package of purchased software;
- the existence of COA on the chassis of the computer or the FPP box, if the operating system wasn’t purchased simultaneously with the computer;
- the existence of a volume licensing agreement and comparison of the number of purchased licenses listed in the agreement with the number of installed programs on the computers;
- invoice issued when the software has been purchased.
Furthermore, do not be surprised in case the inspector calls for you to declare a certain fact or circumstance, in case the determination of a particular fact is not possible even after the factual control has been completed.
Where certain irregularities and illegalities in the use of software are found, the inspector may impose some administrative measures on the subjects of inspection supervision, following the powers prescribed by the Law on Inspection Supervision. These measures may include:
1) Prevention measures, aimed at instructing you to decrease the risk of unlawful conduct, such as:
- warning of legal obligations and sanctions for non-compliance,
- ordering the undertaking of certain actions or restraining harmful actions,
- indicating the possibility of negative consequences.
2) Measures for eliminating illegalities per special laws
These measures are imposed by a separate decision by the inspector in case the supervised entity fails to remove the irregularities found during the inspection supervision within the given deadline. Such a possibility remains at the inspector’s disposal for 60 days, starting from the day when the taxpayer received the record of the performed supervision. In case the taxpayer fails to take action as instructed within the additional 15 days from the day of determination, the tax inspector shall file a report for a commercial offense or misdemeanor report, following the Commercial Offenses Act, i.e., the Law on Misdemeanors.
3) Special measures of orders, prohibitions, and confiscation, such as:
- prohibition of business operations,
- prohibition to carry out activities,
- confiscation of items, documents, and goods.
4) Measures for the protection of the rights of third parties, to introduce third parties, who were harmed by the actions of the subject of the control, with the findings of the inspection and issued measures.
In other words, if the inspectional supervision shows that you have unauthorizedly installed company A’s software, that means that you have violated its right. In such case, the inspector is authorized to inform company A of such an event, as well as of the measures that were imposed on you.
It can be concluded that in case it is determined that you have committed any unlawful activities about the software use, the inspector has a wide range of powers at their disposal to use. In addition to the abovementioned, eventual criminal, misdemeanor, or commercial offense proceedings initiated because of the conducted inspection supervision, may result in imposing some of the aforementioned fines.
Therefore, the Market Inspection will conduct the inspectional supervision ex officio or at the request of a right holder who believes that his intellectual property right over a specific computer program has been violated, as has been the case so far.
In light of the issues we deal with in this blog, it is inevitable to ask the following question: how safe is the inspection control from the aspect of business entities that are supervised?
On one side, all data that is being kept on the computers of the supervised entities becomes available to the inspector, which may be very risky for confidential or other important data. The explanation of the Tax Authority about the supervision of illegal software does not include any guarantee that the inspector will not, during control, invade the privacy of the supervised entity to an extent greater than necessary.
Even though the general principle of proportionality can be considered applicable in that case, we believe that no company would be glad to leave its valuable information unprotected from unauthorized disclosure, modifications, or destruction.
Not only that – but, what about the safety of the control that the inspector will carry out on the computers of the business entity that is the subject of control? Is there a possibility of damaging the operating system, the transmittance of viruses, or otherwise disrupting the established flow of information within the controlled entity? Could that result in harming its business?
These questions should be answered to make the entire procedure of software legality control transparent and clear to taxpayers. It is certain that clarifying the existing doubts would contribute to greater engagement of business entities in terms of self-checking and would also increase their motivation to cooperate with the competent authorities. We hope that the competent authorities will soon see the need to provide answers to these questions.