Lawsuit: Trial version of CAD software includes spyware

A trial version of a 3D CAD software package includes "phone-home" functionality that allows the vendor to contact downloaders months later and demand thousands of dollars in licensing fees, according to a class-action lawsuit filed recently in Massachusetts.

Plaintiff Miguel Pimentel, downloaded a trial version of TransMagic's CAD conversion software in 2010, then deleted it the same day, according to the lawsuit. About three months later, ITCA, a Curacao firm specializing in intellectual property enforcement, contacted Pimentel and demanded he pay $US10,000 in licensing fees plus recurring maintenance fees or face a $150,000 lawsuit.

ITCA, which lists Microsoft, Siemens and McAfee among its clients, used "various coercive techniques" to attempt to get Pimentel to pay for the software, according to the complaint in the lawsuit, filed March 30 in U.S. District Court in Massachusetts. "ITCA made it clear it knew where [Pimentel] worked and, as long as payment was made, ITCA would not disclose the 'piracy' to his employer," the complaint said.

The tracking software alleged in the case goes beyond reasonable efforts of software vendors to protect themselves, said Scott Kamber, a lawyer representing Pimentel. ITCA efforts were "pretty aggressive," said Kamber of KamberLaw in New York. "This is certainly a version of DRM [digital rights management] gone too far."

The alleged phone-home functionality is not unique to TransMagic, said lawyer Robert Scott, with the Scott & Scott law firm of Southlake, Texas. Software vendors are increasingly turning to similar technology to track unauthorized use of their products, said Scott, who defends people accused of software piracy but is not involved in this case.

This case could set a precedent for the use of these tracking techniques by software vendors, Scott said. "It really is the first case that I'm aware of where there's a direct assault on the industry use of phone-home technologies without end-user consent," he said. "If if turns out it's illegal to do it ... that's going to present a very significant problem for the industry and their trade groups."

Software vendors could avoid potential lawsuits by warning customers in EULAs they will track the users of the software, he said. "The real issue with this case is, does the publisher have to say to the customer, 'we're going to do this'?"

TransMagic CEO Todd Reade disputed the allegations that his products have spyware on them. "TransMagic does not and never has employed any phone home technology or spying software in any products distributed by our company," he said.

The Colorado software vendor does collect contact information, including an e-mail address and phone number, when a customer downloads a trial version from its website, Reade said. "Our standard practice is to attempt to follow-up with these people within a week or two," he said. "If we connect with them, we offer to answer any questions about our products, schedule webinars or training, provide technical support and generally determine if there is a match between their needs and our products."

If the potential customer does not buy the software, they get an e-mail from TransMagic a few months later, and they can then opt out of future communications, Reade said.

"TransMagic is like most software companies," he added. "We want to earn our business by delivering a high-quality product that solves problems. I don't think we are very different than other software companies."

A representative of ITCA declined to be interviewed unless he could see part of the news story before it was published. "There are all these wild speculations and conspiracy theories on the Internet," he said.

The lawsuit alleges that TransMagic and ITCA use an anticopying and licensing software package called Sheriff, from vendor Licensing Technologies, which allows users of the package to record user activities to log files.

Pimentel, who works for an architect firm, downloaded the software from a different website than TransMagic.com, but he believed the software to be similar to the trial version offered by the company, according to the complaint. Pimentel did not provide contact information when he downloaded the software, but TransMagic and ITCA were able to gather detailed information about him, including his IP (Internet Protocol) address, the media access control address associated with his computer and his e-mail address, the complaint said.

The lawsuit accuses TransMagic, ITCA and Licensing Technologies of violating the U.S. Computer Fraud and Abuse Act, the Massachusetts Consumer Protection Act and the Massachusetts Privacy Act. Pimentel's lawyers are asking for the court to order a halt to the alleged tracking activities and asking for an undisclosed amount of money.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

• Bookmark this page
• Share this article
  •  
  • facebook
  • slashdot
  • digg
  • Reddit
  • stumbleupon
  • linkedin
  • twitter
• Got more on this story? Email CIO
• Follow CIO on twitter

• Share
  Share this article

  •  google+
  • facebookfacebook
  • slashdotslashdot
  • diggdigg
  • RedditReddit
  • stumbleuponstumbleupon
  • linkedinlinkedin
  • twittertwitter
• print
• email
• Bookmark