Taking License

Are Microsoft's new software licensing rules a boon or bane?; what you should know about Internet privacy standards.
CFO StaffJuly 1, 2001

Taking License

When technology firms promise to simplify your life, be careful. On October 1, new software licensing rules go into effect at Microsoft Corp., which touts the “simplified” program as a way to streamline the smorgasbord of licensing options currently available to most corporate customers.

But many analysts say that Microsoft gains more from the move than customers do. “Microsoft has confused simplification with the elimination of options,” says Gartner analyst Alexa Bona. “The cheapest and most popular way of upgrading has simply been eliminated, leaving most organizations paying significantly more.”

Drive Business Strategy and Growth

Drive Business Strategy and Growth

Learn how NetSuite Financial Management allows you to quickly and easily model what-if scenarios and generate reports.

Under the new rules, companies will no longer be able to pay from 50 percent to 70 percent of the price of a new license to upgrade existing software. Instead, they must enroll in an ongoing maintenance contract called Software Assurance (SA) and pay an annual fee amounting to 25 percent to 29 percent of the cost of a full license–or simply buy a new license at full price. Moreover, any company that doesn’t have the most current version (Office XP and Windows 2000) in place on October 1, or that subsequently allows SA to lapse for more than 90 days, must buy a full license before it is eligible to join or rejoin.

Gartner estimates that upgrading Microsoft Office every four years will cost from 68 percent to 107 percent more under the new scheme; companies that upgrade every three years will pay from 35 percent to 77 percent more. For a firm with 5,000 desktops on a four-year cycle, that’s a bump from $900,000 to $1.7 million.

“I don’t know how they came up with those numbers,” counters Bill Henningsgaard, Microsoft’s vice president of worldwide licensing and pricing. He says that only 20 percent of customers will pay higher prices, and the maximum increase will be approximately 35 percent. Meta Group analyst Kurt Schlegel agrees with Henningsgaard that the net present value of SA is equivalent to upgrading every two to three years, but many companies don’t upgrade that frequently.

Bob Ksiazek, manager of PC administration and support for St. Louis­ based Graybar Electric, buys licenses for 10,000 PCs, and says he’s certain Graybar will pay more. “I feel like I’m staring down the barrel of a gun, and Microsoft is just asking me to hand over my wallet,” he says.

Schlegel predicts other software vendors will follow Microsoft’s lead. And Bona believes that SA is “a necessary stepping-stone to nonperpetual licenses,” or rent-as-you-go software, which may well become the industry norm. Ultimately, the predictable costs and off- balance-sheet expense of such programs may appeal to customers, but Bona warns that “the initially lower price point leads to a much higher total cost of ownership.”

In the near term, companies will need to study the new licensing options carefully. As confusing as the landscape may be, says Schlegel, at the very least, companies should make sure they are on an upgrade plan (Upgrade Advantage or Enterprise Agreement) by October or pay for a version upgrade; otherwise, they face what amounts to a “balloon payment” to get current. Some companies may be tempted to simply buy licenses outright and hold them for four years or longer, which looks to be the cheapest way out at the moment. However, Bona points out that since there is no way of knowing how often Microsoft will issue future upgrades, or how they will be priced, this approach is far from risk- free. 


Privacy Matters’s recent brush with the Federal Trade Commission over consumer privacy (the agency claimed the company’s practices were “deceptive” but did not take action, although Amazon did spend $1.9 million in legal fees as a result) is further proof that senior executives should take a hard look at their companies’ policies. A recent FTC survey estimates that 97 percent of all commercial Web sites collect personally identifiable information, a fact not lost on consumers or the government. Privacy and American Business (P&AB), a public policy think tank, is currently tracking 60 lawsuits brought against companies by state and federal agencies alleging violations of Internet privacy standards.

While there are laws that address medical and financial information, as well as information about children, the legal landscape is getting fuzzier, according to P&AB president Alan Westin. Dozens of bills are wending their way through Congress, and many states have or are attempting to pass laws that further restrict what companies can do with the data they collect via the Internet. On the global front, 49 countries, including most in the EU, have national data protection laws, many of which restrict the flow of consumer information to countries without similar safeguards.

To protect themselves, many companies begin by creating a privacy policy. About one-third of U.S. businesses have such a policy, a number that’s expected to increase to 50 percent by the end of 2002, according to Computer Economics, a research firm in Carlsbad, Calif. But complying with your own policy is essential. “If you have a privacy policy and then violate it, the FTC can come down on you like a ton of bricks,” says Chris Kelly, chief privacy officer (CPO) at Internet portal [email protected] He says cash-hungry Excite has turned away “six- and even seven-figure deals” in order to comply with the privacy policy on its Web site, which states that the company will share personally identifiable information with third parties only if a consumer has given permission.

When Kelly was appointed CPO last spring, he was among the first in the country to hold the title. Today there are about 350, and Westin predicts that there will be “hundreds to thousands” of such positions by 2003, since customer privacy concerns often fall outside the expertise of departments that typically handle data, such as IT and marketing.

Some companies are also trying to preempt federal standards by voluntarily submitting to third-party auditors. Online travel site, for example, has seals of approval from no fewer than three such firms: TrustE, BBBOnline, and PricewaterhouseCoopers LLP. Audits can cost from several hundred to tens of thousands of dollars. Privacy consulting, a $300 million business in 1999, is expected to grow to $1.8 billion by 2003, according to Gartner Dataquest.

Other options for privacy protection are still nascent. One item on the horizon is WebCPO, a software package developed by PwC and Watchfire Corp. Launched in May, the software will monitor Web pages for privacy violations and automatically alert managers when one is detected. Several other firms are developing products now, but most prospective buyers are likely to agree with Kelly that “it’s a great idea, but it’s a waiting game to see who puts the best package together first.” IDC Corp. analyst Jonathan Gaw says that privacy auditing tools will soon be part of most E-commerce suites. — Alix Nyberg

4 Powerful Communication Strategies for Your Next Board Meeting