What is the DMCA anti-circumvention provision?

The Digital Millennium Copyright Act (DMCA) Section 1201 prohibits circumventing technological protection measures (TPMs) that control access to copyrighted works. This includes cracking software protection, bypassing license keys, disabling copy protection, or distributing circumvention tools. Violations can result in statutory damages of $200-$2,500 per act, or actual damages. Criminal penalties include up to $500,000 fine and 5 years imprisonment for first offense.

What damages are available for software piracy?

Software copyright owners can recover: (1) actual damages including lost license fees and lost profits, (2) disgorgement of infringer's profits attributable to the infringement, (3) statutory damages of $750-$30,000 per work, up to $150,000 for willful infringement if registered before infringement, (4) attorney fees and costs. For DMCA anti-circumvention violations, separate statutory damages of $200-$2,500 per violation apply.

Can source code theft also be a trade secret violation?

Yes, source code often qualifies as a trade secret if it derives economic value from being secret and the owner takes reasonable measures to maintain secrecy (NDAs, access controls, etc.). Trade secret claims under the Defend Trade Secrets Act (DTSA) or state law can be asserted alongside copyright claims. Trade secrets can provide protection for elements not covered by copyright, like algorithms and methods, and may allow for enhanced remedies including exemplary damages.

What is SaaS piracy and how is it enforced?

SaaS piracy includes unauthorized access to cloud software (credential sharing, account fraud), scraping or copying SaaS data, reverse engineering APIs, or cloning SaaS functionality. Enforcement combines copyright claims (for copied code/content), breach of Terms of Service (contract claims), Computer Fraud and Abuse Act violations (unauthorized access), and potentially trade secret misappropriation. Damages can include subscription fees, development costs, and unjust enrichment.

What constitutes software license violation?

Common license violations include: exceeding seat/user limits, using software beyond the licensed scope (e.g., internal use only, geographic restrictions), distributing licensed software without authorization, failing to comply with open source license terms (GPL, MIT, Apache), modifying software in violation of license terms, and continuing to use software after license expiration. Remedies depend on whether the license is treated as a contract (breach) or a bare license (copyright infringement).

Software & Source Code Piracy Demand Letters | DMCA, Trade Secret, Copyright

Q: Is software protected by copyright law?

Yes, software is protected as a 'literary work' under copyright law (17 U.S.C. 101). Both source code and object code are copyrightable. Copyright protects the expression of the code, not the underlying ideas, algorithms, or functionality. Registration with the U.S. Copyright Office, while not required for protection, is necessary to file an infringement lawsuit and to recover statutory damages and attorney fees.

Software Copyright & Protection Framework

Multiple Layers of Protection: Software can be protected under copyright (code as literary work), trade secret (confidential algorithms and methods), contract (license agreements), and the DMCA (anti-circumvention). Effective enforcement often combines multiple theories.

Legal Framework for Software Protection

Protection Type	Legal Basis	What It Covers
Copyright	17 U.S.C. 101-122	Source code, object code, screen displays, documentation (expression, not ideas)
Trade Secret	DTSA (18 U.S.C. 1836), State UTSA	Algorithms, methods, architectures, customer data, business logic
DMCA Anti-Circumvention	17 U.S.C. 1201	Copy protection, license keys, DRM, access controls
Contract/License	EULA, ToS, License Agreements	Usage restrictions, seat limits, distribution limits
CFAA	18 U.S.C. 1030	Unauthorized access to computer systems (SaaS piracy)

Types of Software Piracy

Piracy Type	Description	Primary Legal Claims
Source Code Theft	Copying proprietary source code (employee theft, hacking)	Copyright, Trade Secret, CFAA
Software Counterfeiting	Producing/distributing unauthorized copies	Copyright, Trademark (if branded)
License Violation	Exceeding license terms (seats, scope, duration)	Copyright, Breach of Contract
Cracking/Keygen	Bypassing copy protection, generating fake keys	DMCA 1201, Copyright
SaaS Piracy	Unauthorized access, credential sharing, scraping	CFAA, Breach of ToS, Copyright
Open Source Violation	Violating GPL/LGPL/Apache license terms	Copyright (license termination)

Trade Secret Requirements: To claim trade secret protection, you must show: (1) the information derives economic value from secrecy, and (2) you took reasonable measures to keep it secret (NDAs, access controls, encryption, "confidential" markings). Publicly released software generally cannot be a trade secret.

DMCA Anti-Circumvention (Section 1201)

Prohibited Acts:

Circumventing access controls (1201(a)(1))
Trafficking in circumvention tools (1201(a)(2))
Trafficking in tools to bypass copy protection (1201(b))

Penalties:

Civil: $200-$2,500 per violation (statutory)
Criminal: Up to $500K fine, 5 years prison
Repeat offenders: $1M fine, 10 years

Damages & Remedies

Copyright Damages for Software

Damage Type	Amount	Requirements
Actual Damages	Lost license fees + lost profits	Prove causal connection to infringement
Disgorgement	Infringer's profits attributable to infringement	Owner proves gross revenue; infringer proves deductions
Statutory Damages	$750 - $30,000 per work	Registration before infringement or within 3 months
Willful Statutory	Up to $150,000 per work	Prove defendant knew conduct was infringing
Attorney Fees	As court deems appropriate	Registration before infringement

Trade Secret Damages (DTSA)

Actual Loss: Damages caused by misappropriation
Unjust Enrichment: Benefit to misappropriator not captured by actual loss
Reasonable Royalty: Alternative measure in lieu of actual damages
Exemplary Damages: Up to 2x damages for willful and malicious misappropriation
Attorney Fees: Available for willful misappropriation or bad faith claims
Injunctive Relief: Including ex parte seizure in extraordinary circumstances

Calculating Software Damages: For commercial software, damages often equal (number of unauthorized copies) x (retail license price). For enterprise software, consider lost maintenance fees, support revenue, and competitive harm. Expert testimony on damages calculation is often essential.

Sample Demand Letters

Sample 1: Source Code Theft Demand (Former Employee)

CEASE AND DESIST - TRADE SECRET MISAPPROPRIATION & COPYRIGHT INFRINGEMENT

[COMPANY NAME / LAW FIRM] [Address] [Email / Phone] [Date] VIA CERTIFIED MAIL, EMAIL, AND HAND DELIVERY [Former Employee Name] [Address] [New Employer Name] [Address] Attn: General Counsel Re: Misappropriation of Trade Secrets and Copyright Infringement Demand for Immediate Preservation and Cease and Desist Dear [Former Employee] and [New Employer]: This firm represents [Company], a software company specializing in [description]. [Former Employee] was employed by [Company] as [Title] from [Start Date] until [Termination Date]. CONFIDENTIALITY OBLIGATIONS During employment, [Former Employee] had access to [Company]'s proprietary source code, algorithms, customer data, and technical documentation. [Former Employee] signed an Employment Agreement and Confidentiality Agreement dated [Date], copies of which are enclosed, acknowledging that all work product belongs to [Company] and agreeing not to disclose or use confidential information after employment ends. TRADE SECRET MISAPPROPRIATION We have evidence that [Former Employee] copied [Company]'s proprietary source code and related materials prior to departure and has used or disclosed this information to [New Employer]. Specifically: 1. Access logs show [Former Employee] downloaded [X] GB of source code on [Date], days before resignation 2. [Former Employee] accessed repositories not related to assigned duties 3. [Company]'s [specific technology/feature] has appeared in [New Employer]'s recently released [Product] 4. [Additional evidence if available] This conduct constitutes misappropriation under the Defend Trade Secrets Act (18 U.S.C. 1836) and [State] trade secret law. COPYRIGHT INFRINGEMENT [Company]'s source code is protected by copyright and registered with the U.S. Copyright Office (Registration No. [TX________]). Unauthorized copying, use, and creation of derivative works infringes [Company]'s exclusive rights under 17 U.S.C. 106. LEGAL EXPOSURE [Former Employee] and [New Employer] face exposure to: - Trade secret damages including actual loss, unjust enrichment, and exemplary damages up to 2x for willful misappropriation (DTSA) - Copyright statutory damages up to $150,000 per work for willful infringement - Injunctive relief including product recalls and development cessation - Attorney fees under both DTSA and Copyright Act - Potential criminal prosecution under DTSA (up to 10 years imprisonment) IMMEDIATE DEMANDS Within seven (7) days of this letter: 1. PRESERVATION: Preserve all evidence including [Former Employee]'s devices, accounts, emails, and any materials containing [Company] information. Litigation hold notice is hereby given. 2. CEASE ALL USE: Immediately cease all use of [Company]'s proprietary information in any products, services, or development activities. 3. RETURN/DESTRUCTION: Return all [Company] materials in [Former Employee]'s possession and certify destruction of any copies. 4. FORENSIC EXAMINATION: Allow a neutral forensic examiner to image [Former Employee]'s devices and accounts to determine the scope of misappropriation. 5. CONTACT COUNSEL: Contact the undersigned to discuss resolution before we are compelled to seek emergency injunctive relief. Failure to comply will result in immediate filing of a federal lawsuit seeking TRO, preliminary injunction, and expedited discovery. Very truly yours, [Attorney Name] Counsel for [Company] cc: [Company] Enclosures: Employment Agreement, Confidentiality Agreement

Sample 2: Software License Violation Demand

LICENSE COMPLIANCE DEMAND - SOFTWARE AUDIT

[SOFTWARE COMPANY] [Address] [Email / Phone] [Date] [Company Name] [Address] Attn: IT Director / CTO / General Counsel Re: License Compliance - [Software Product Name] License Agreement dated [Date] Account/Customer ID: [Number] Dear [Recipient]: [Software Company] has identified a potential license compliance issue regarding [Company]'s use of [Product Name]. YOUR LICENSE According to our records, [Company] holds the following license(s): - Product: [Product Name] [Version] - License Type: [Perpetual/Subscription/Enterprise] - Licensed Users/Seats: [Number] - Licensed Locations: [Locations if applicable] - License Term: [Dates] - Annual Maintenance: [Status] COMPLIANCE CONCERN Our monitoring systems and/or audit of publicly available information indicates that [Company] may be: [ ] Using the software on more devices than licensed ([X] detected vs. [Y] licensed) [ ] Exceeding licensed user count ([X] active users vs. [Y] licensed) [ ] Using the software at unlicensed locations [ ] Continuing use after license expiration [ ] Using features not included in the licensed edition [ ] Distributing or sublicensing without authorization Under Section [X] of your License Agreement, [Company] agreed to [specific license restriction]. Our information suggests this limitation may not be observed. AUDIT RIGHTS Section [X] of the License Agreement grants [Software Company] the right to audit [Company]'s use of the software upon reasonable notice. We hereby provide notice of our intent to conduct a license compliance audit. RESOLUTION OPTIONS To resolve this matter efficiently, we offer the following options: Option A - Self-Audit: Complete the enclosed License Compliance Certification within 30 days. If over-deployment is confirmed, purchase additional licenses at standard pricing plus [X]% compliance fee. Option B - Independent Audit: Allow an independent auditor to verify deployment. If compliant, [Software Company] bears audit cost. If non-compliant, [Company] bears audit cost plus license true-up. Option C - Enterprise License Upgrade: Upgrade to an Enterprise License Agreement covering all current and anticipated use at a negotiated rate, resolving compliance concerns prospectively. FAILURE TO COOPERATE If [Company] does not respond within 30 days or refuses to cooperate with audit, [Software Company] will: 1. Terminate [Company]'s license rights under Section [X] 2. Pursue copyright infringement claims with statutory damages up to $150,000 per work 3. Seek injunctive relief prohibiting continued software use 4. Pursue breach of contract damages We prefer to resolve this matter cooperatively. Please contact [Name] at [Phone/Email] to discuss compliance options. Sincerely, [Name] [Title] License Compliance Department Enclosure: License Compliance Certification Form

Sample 3: DMCA Anti-Circumvention Demand

DMCA SECTION 1201 VIOLATION - CEASE AND DESIST

[SOFTWARE COMPANY / LAW FIRM] [Address] [Email / Phone] [Date] VIA EMAIL AND CERTIFIED MAIL [Defendant Name/Company] [Address] Re: Violation of Digital Millennium Copyright Act Section 1201 Distribution of Circumvention Tools for [Software Name] Dear [Recipient]: We represent [Software Company], developer and copyright owner of [Software Name], enterprise software used by [description of use/industry]. DMCA SECTION 1201 VIOLATIONS It has come to our attention that you are distributing tools designed to circumvent the technological protection measures protecting [Software Name]. Specifically: - Website: [URL] - Product: "[Crack/Keygen Name]" - Description: [How advertised - "generates valid license keys," "bypasses activation," etc.] [Software Name] employs technological measures including [describe protection - license key validation, online activation, hardware fingerprinting, encryption] to control access to the copyrighted software and prevent unauthorized copying. Your distribution of circumvention tools violates multiple provisions of the DMCA: 17 U.S.C. 1201(a)(2): Trafficking in technology primarily designed to circumvent access controls 17 U.S.C. 1201(b)(1): Trafficking in technology primarily designed to circumvent copy protection LEGAL CONSEQUENCES DMCA violations carry severe civil and criminal penalties: CIVIL (17 U.S.C. 1203): - Statutory damages: $200 to $2,500 per act of circumvention - Actual damages and profits - Injunctive relief - Impoundment and destruction of circumvention tools - Attorney fees and costs CRIMINAL (17 U.S.C. 1204): - First offense: Up to $500,000 fine and 5 years imprisonment - Subsequent offense: Up to $1,000,000 fine and 10 years imprisonment Additionally, you may be liable for contributory copyright infringement for the infringing copies made using your tools. DEMAND Within five (5) days of this letter: 1. REMOVE all circumvention tools, keygens, cracks, patches, and related materials for [Software Name] from your website and any other distribution channels 2. DISABLE any download links and delete all copies in your possession 3. PRESERVE records of downloads, sales, and distribution for potential litigation 4. PROVIDE a written statement confirming compliance and identifying any third parties to whom you distributed the tools 5. CEASE all development, distribution, and promotion of circumvention tools targeting [Software Company]'s products ONGOING MONITORING We actively monitor for circumvention tools targeting our products. Any continued or resumed distribution will result in immediate legal action without further notice. This matter has been referred to our outside litigation counsel with authorization to file suit if compliance is not confirmed by [Deadline Date]. Regards, [Name] [Title/Counsel]

Frequently Asked Questions

Yes, copyright protection attaches automatically when software is created and fixed in tangible form. Registration is not required for copyright to exist. However, registration with the U.S. Copyright Office is required before you can file an infringement lawsuit (for U.S. works), and registration before infringement occurs (or within 3 months of publication) is required to recover statutory damages and attorney fees. We strongly recommend registering all commercially significant software.

Copyright protects the expression of code (the specific way you wrote it) but not the underlying ideas, algorithms, or functionality. Anyone can independently create software with the same functionality if they don't copy your code. Trade secret protects valuable confidential information - including algorithms, methods, and architectures that copyright doesn't cover - but requires that you keep the information secret. Publicly distributed software loses trade secret protection but retains copyright. Many companies use both: copyright for distributed software, trade secrets for server-side code and internal systems.

It depends on how your license is structured. If the license grants a limited permission to use the software (a "bare license"), exceeding the license terms means the user has no license and thus commits copyright infringement. If the license is a contract with the right to use as consideration, exceeding terms is breach of contract but may not be infringement. Courts analyze the specific license language. Either way, you have legal remedies - copyright claims allow statutory damages, while contract claims may be limited to actual damages. Many software licenses are drafted to preserve copyright claims.

SaaS piracy can be addressed through multiple legal theories: (1) Breach of Terms of Service (contract claim), (2) Computer Fraud and Abuse Act violations for unauthorized access, (3) Copyright infringement if protected content is copied, (4) Tortious interference if competitors facilitate customer violations, (5) Unjust enrichment. Technical measures like rate limiting, device fingerprinting, and anomaly detection help identify abuse. Your ToS should clearly prohibit credential sharing and provide for termination and damages.

Open source licenses like GPL, LGPL, and Apache are still copyright licenses - violating their terms terminates the license, making continued use copyright infringement. For GPL violations (failure to provide source code, failure to include license notices), you can demand compliance and pursue copyright claims. Many open source projects prefer "compliance first" approaches: notify the violator, give opportunity to cure, and only litigate if they refuse. Organizations like the Software Freedom Conservancy can help enforce open source licenses.

Key evidence includes: (1) Proof of ownership - copyright registration, development records, employment/contractor agreements; (2) Proof of copying - access plus substantial similarity, or direct evidence like identical code, same bugs, same comments, metadata; (3) Proof of distribution/use - purchase of pirated copy, screenshots, website archives, log files; (4) Damages evidence - lost sales, defendant's profits, standard license fees. For trade secrets, you also need evidence that you maintained secrecy. Forensic analysis of code can establish copying even if variable names are changed.

Dealing With Software Piracy or Code Theft?

Protect your software assets with experienced legal counsel. Get a consultation on your enforcement options.

Schedule Consultation

🖩 Software Code Piracy Damages Calculator

Use this interactive calculator to estimate potential damages in your case. Enter your information below to get an estimate of recoverable damages.

Direct Financial Loss ($) Actual money lost or spent

Consequential Damages ($) Additional losses caused by the issue

Emotional Distress Level

Statutory Penalty Type

📈 Estimated Damages Breakdown

Direct Damages $0

Consequential Damages $0

Emotional Distress (Est.) $0

Statutory Penalties (Est.) $0

TOTAL ESTIMATED DAMAGES $0

Disclaimer: This calculator provides rough estimates for educational purposes only and does not constitute legal advice. Actual damages vary significantly based on specific facts, evidence strength, and many other factors. Consult with a qualified California attorney for an accurate case evaluation.

Software & Source Code Piracy Demands