India's software industry lost nine billion rupees last year to piracy. For a decade, the National Association of Software and Service Companies has educated users on the need to purchase legal software, emphasizing the risks associated with pirated software - viruses, bugs, the lack of documentation, technical support and upgrades. NASSCOM's focus has so far been on persuading clients to trade pirated software for legal versions, rather than on prosecution. Now it has stepped up its campaign by installing a nationwide toll free hotline at 1-600-334455 where reports of suspected piracy can be lodged anonymously. Since most hotline calls are from disgruntled employees, executives of many of India's best known organizations face the prospect of being charged with nonbailable criminal offences under sections 51, 63 B and 69 of the Indian Copyright Act. These carry a jail term between six months and three years. Company officials may find they are personally liable for jail terms of at least six months for any illegal software found on their firm's computers or premises, even if the piracy was done by a junior employee or an independent contractor without their permission. Leave aside wilful piracy by companies to save on costs, many employees genuinely believe that because their employer bought one software package, they can make copies. For lack of court decisions at home, Indian courts will rely on precedents from other countries with similar copyright laws, especially the United Kingdom and the United States. That employers are liable for copyright infringement by their employees has long been established in English common law. In 1926, Falcon vs Famous Players Film Company, the judges held, 'A person is liable for any infringement of copyright which his servants or agents may commit in the course of their duty and within their authority, even though he has no knowledge of the act of infringement and despite the fact that he has given a general order to his servants prohibiting the doing of acts which might amount to infringement.' C ourts in the UK have gone further. They have said any person in authority who should have known that copyright infringement was possible under certain circumstances, and who did not attempt to prevent it, can be held liable. In the 1924 case, Performing Right Society Limited vs Ciryl Theatrical Syndicate Limited, the judges said, 'If anything in the nature of even indirect evidence of permission or countenance of the performance of the works could be found, it would be sufficient to constitute authorizing of the infringement. The court may infer an authorization or permission from acts which fall short of being direct and positive.'' They added that 'indifference exhibited by acts of permission or omission may reach a degree from which authorization or permission may be inferred'. When such permission is implied, 'it is clearly unnecessary' that the authorizing party know that the actual act of infringement will be done. This principle was stretched further. In the 1975 case, Moorhouse vs University of New South Wales, it ruled, 'A person who had under his control the means by which an infringement of copyright may be committed - such as a photocopying machine - and who made it available to other persons knowing or having reason to suspect that it was likely to be used for the purpose of committing an infringement and omitting to take reasonable steps to limit its use to legitimate purposes, would be held to have authorized any infringement that resulted from its use.'' Knowledge of or reason to suspect 'any one of a number of acts, rather than the particular act of infringement actually committed'' was sufficient. Although Indian courts give much higher weightage to UK precedents than to US ones, the latter have extended third party liability even more. They have developed the theories of vicarious and contributory infringement, even though these are not mentioned in the 1976 US Copyright Act. Vicarious infringement was formulated by a US court of appeals in 1963 in Shapiro, Bernstein and Company vs H.L. Green Company. It is based on the common law doctrine of respondent superior and may be imposed on any person 'who has the legal right to inspect or supervise the actions of the primary infringer provided he also receives a direct financial or other benefit from the infringement'. The supervisor does not have to know of the infringing activity, or even have reasonable grounds for suspecting piracy was occurring. According to Leslie Berkowitz , LawInfo Forum, 'An employer will be vicariously liable for an employee's copyright infringement, even if the employer has no knowledge and no intent to infringe. '' It does not matter if the employee has been directly told not to do the dirty deed. Contributory infringement was formulated by a US court of appeals in 1971 in Gershwin Publishing Corporation vs Columbia Artists Management. It may be imposed on anyone 'who, with knowledge, induces, causes, or materially contributes to the infringing activity or provides services or equipment to the primary infringer.'' The person need not actually know the third party. The court held that it was sufficient 'if a reasonable person would have known that the underlying infringing act was possible under the same circumstances'. A contributory infringer is jointly and severally liable along with the direct infringer. In the 1988 Telenate Systems vs Caro, a company was found liable for contributory infringement when its customers copied software using equipment it provided. There are many measures Indian organizations can take to reduce their liability for copyright infringements by employees, consultants and contractors. These include adopting an organization wide anti-piracy policy which specifically states that any employee who infringes copyrights will be dismissed, and will also indemnify the employer for any acts of infringement. Second, clauses prohibiting use of pirated software in all contracts with computer vendors, contractors, system integrators and consultants, with indemnification for liabilities. Third, purchase an adequate number of authorized copies of all software, either under site licences or concurrent use licenses; maintain a record of all software on each computer, register these with the respective software publishers, and conduct regular audits. They could place a notice beside each computer that pirated software should not be used or downloaded from the internet - and that any employee who does so will be dismissed. Also, segregate hard drives into application and workspace partitions with write protection. This will prevent the unauthorized installation or downloading of application software. Any unauthorized application must necessarily be loaded into the workspace domain, allowing piracy to be quickly identified. Such measures are not a defence against liability. But they would probably persuade a copyright holder to agree to an out of court settlement. If the matter goes to trial, employers may be shocked to find that the measures taken above do not constitute a valid defence, at best they can mitigate the quantum of punishment. Both UK and US courts have held that clauses in employment or consulting contracts prohibiting the use of pirated software and indemnifying the employer have no legal validity and provide no protection to the employer. On the contrary, a US court recently ruled: 'Such a 'hold harmless' clause does not represent a good faith effort to avoid copyright infringement, but is actually an attempt to circumvent the copyright law.' An employer was liable even if illegal copying violated 'an expressly documented and circulated company policy'. It is not even a valid defence that it is not technically or physically feasible to supervise every action of every employee, contractor or consultant.