It feels like the recipient company did an awful lot of work in response to what was at best a fishing expedition. A serious complaint about licensing that demanded a real response would have been sent by post. It's not clear to me that scattershot LinkedIn messages deserve any response at all. The fact that the initial message lies about trying to contact him another way is another check in the "ignore this completely" column.
The same way that I wouldn't bother to fact-check a spam phone caller, why give any credence to this kind of thing?
The author explains this - initially, responding to the Mootype rep was not really given much thought or concern, for the same reasons you point out.
But then the rep started emailing EVERYONE, until eventually someone's manager started to panic about it. And when managers start to panic, it becomes everyone's problem.
So really this ended up being simply a successful scare tactic by Monotype.
But when it turns out to be a basically fraudulent report, now they suffer reputational damage both internally to this company (who I expect would now instruct any design agencies they use to not use any Monotype fonts in their projects), and now externally as this is reported on! So the 'scare tactic' might have been successful but the overall exercise actually seems pretty damaging to Monotype all in all...
- [deleted]
I always assumed ppl deleted this sort of spam. It was kind of interesting to hear what happens if you indulge it.
I agree. Reading through this seems like a long winded way of putting off telling some random person on LinkedIn to bugger off. If there’s a supposed licensing issue, send a legal letter, not a LinkedIn message. Big waste of time for everyone involved
If you continue reading, you will find out that’s what the author did.
It was a new employee in the company who was eventually tricked to respond, and that’s why the author had to get involved again.
I know how much fun it is to rag on lawyers, but this is pretty much exactly why companies have legal departments.
This should have been referred to the company’s legal department, who could have coordinated the response and/or investigation (if either were warranted), and then decided how to deal with something that sure looks a lot like invoice fraud.
This wasn’t a technical issue or a business issue; as soon as Monotype alleged a license violation, they made it a legal issue, and the lawyers should have been involved from that point on. It makes no sense for some random tech guy to be taking a meeting or handling the response on a licensing dispute.
> companies have legal departments
except that most don't, and the lawyers they can call are much more expensive than their internal employees
And quite likely more expensive than the spurious license fee. Lawyers and businesspeople might pay them to go away, it takes a (self-proclaimed) nerd scorned to go for justice here!
I very much doubt it would be more expensive, even for whatever the going rate is for a spray-and-pray license scheme. In a half hour phone call, a decent lawyer can learn the facts and assess this fact pattern and say “this is a fishing expedition, don’t respond, call me back when they send a demand letter (they won’t) or file a lawsuit (they won’t do that either).”
This tactic is not surprising. Monotype has been bought by Palo Alto private equity firm HGGC in 2019. Since then they have been trying to corner the market.
They buy absolutely every independent type design company they can (actually they just buy the IP if possible). They likely own every typeface/foundry you can think of. They own myfonts.com too. Somewhere there is a long term business plan to leverage all that IP in future so i would watch out.
Personally will absolutely not touch anything from Monotype/HGGC. Solutions? Besides the obvious open source SIL licensed typefaces. There are bunch of smaller high quality type companies that stayed independent even though they for sure got offers from HGGC by now. Mostly swiss/european companies likes of Grilli type, Lineto, Dinamo, Klim type, Florian Karsten, Swiss typefaces… companies with often just few employees. I find it better and safer long term when licensing creative work from some real humans and not corporation that uses AI shakedowns to waste everyones time.
In 1999-2000, the Business Software Alliance (BSA) started something similar in my country (Paraguay) trying to fight "piracy", but with real teeth. They had access to judges and the whole law enforcement system. They targeted a company, they sent a polite letter requiring the company to grant them access to the company's full IT systems to "audit" them for piracy. This meant, of course, running some foreign software in company IT, and of course getting access to the whole company data. If you refused, they could get a court injunction in a matter of hours and they would forcefully enter the premises, with police, press, the works. Most companies had to comply. The main player behind this was a certain azure copilot company.
Granted, most companies here at the time had unlicensed software, but this tactic pissed me off so much, that I decided to begin to use Linux and try to use Free Software for all my computing needs. In May 2000 I ordered from the U.S. a boxed set of Red Hat Linux 6.2 Deluxe Edition (at an enormous expense, given currency exchange rates and shipping expenses to Paraguay). When it arrived, I installed it on my PC. The rest is history.
I still have a Windows partition but I just use it to test compatibility with MS Office documents required by my clients, some light gaming, and nothing else.
So I'm now a quarter-century Linux user thanks to these heavy-handed tactics.
I wonder if it’s possible to demand vendors send billing agreements before running an audit like this:
We’re reasonably sure your report is incorrect, and it doesn’t contain compelling evidence to back up its claims.
Our standard auditing fee for requests like this is $10,000, pre-paid to an escrow account and refundable if we find the use of an unlicensed font.
Or something. Not a lawyer.
Have to insert my regular rant that while I wholeheartedly support compensating font creators, pay-per-view licensing for fonts is ridiculous and must end. Offer manageable flat fees, more people will license. Continue this license policy and stuff like in this article, even more people will run to open fonts.
I will not pass on the opportunity to agree with you. Webfont licenses are a joke and type designers who sell typefaces that way should feel ashamed. You're selling a digital asset. Set a price and be done with it.
Allegations of copyright infringement where the person making the allegation hasn't done due diligence need to be illegal and subject to civil penalty. The penalties for actual copyright infringement can be so severe that we cannot allow all the copyright wolf-crying that happens.
I think this should become harder to do in general, not just for copyright infringement. A third party alleges an infringement, they do little work since it's AI generated, and then you need to do TONS of work to fix their s*t. THAT needs to be fixed by AI legislation - use AI at your own peril and under your own responsibility.
This reminds me of the Blue Jeans Cable / Monster Cable shakedown nonsense.
https://www.bluejeanscable.com/legal/mcp/index.htm
I wish I could find the original writeup from Blue Jeans, it was frickin' magnificent.
Wikipedia suggests:
Letter: https://www.bluejeanscable.com/legal/mcp/monsterletter.pdf
Exhibits: https://www.bluejeanscable.com/legal/mcp/exhibits.pdf
Response: https://www.bluejeanscable.com/legal/mcp/response041408.pdf
I think there was a single web page that summarized all of that. IIRC it was extremely well written and gave me warm happy fuzzy schadenfreude vibes.
Do these tactics ever work out for companies in the long term?
Over my 20 years in tech, I've seen a couple cases where someone installed something they shouldn't have and we got threatening emails from the companies who somehow caught wind.
It's always resulted on our side with a total corporate ban on using anything from that company, even things that are otherwise OK / open source.
For instance at a previous company I worked, Oracle came calling for "VirtualBox Tools" trying to charge us some asinine amount because like one user had it installed and they wanted us to pay seats for the entire company. This resulted in a swift and decisive total corporate ban on VirtualBox.
I've seen this at a couple companies and can't imagine we're alone in this. You're trading long-term business for short-term gains.
I had this case too, in a very big company. They were very aggressive.
We put a ban on their products and the company was coming back for years trying to get a business, this case was always handy to send an answer.
The problem is not that they wanted us to pay for a few installations (individual decisions of some employees), but that they immediately went nuclear with legal, threatening us with the court if we do not buy an enterprise license for everyone. It pissed us off.
The funny thing is that we somehow discovered their products this way and should that just said "you have a few installs of our products, wanna talk?", they would have had a great deal with much more installs
Oracle is still in business despite using these type of tactics for decades.
Oracle is, Rambus is still around, Qualcomm appears to be quite strong.
I feel for font foundries, it's hard work to make great fonts. People want great fonts. Actually paying for them is kind of an afterthought. It sort of seems like some of the big ones should put together an MPEG like group, get all the major foundaries to join and then have a couple licensing options. Some annual fee based upon your use and application and you get to use all the fonts. If it was like $120 or less for personal use, I think I'd buy the license for the family. I suspect they'll want 10x what I think is reasonable.
It feels like enough people know about their tactics that it must hurt their adoption. Can you imagine a YCombinator startup using Oracle?
It absolutely does. I've never met anyone with a positive opinion of Oracle, and I know many companies avoid dealing with Oracle.
I think this strategy only works if you have enough marketshare and vendor lock-in that customers can't easily leave and you have enough money that you can get new customers by acquiring other companies.
The primary product of these enshitified companies is a perpetually rising stock price. Beyond a certain size it becomes more profitable to play bureaucratic, legal, financial, and other corporate games at the expense of the nominal service that's being sold.
They're a bizarre economic phenomenon. They basically sell casino chips (stocks) and use bureaucracy (friction and complexity), PR (lies), and intimidation to goose their value.
Sure, but is that down to these tactics or in spite of?
Paying for fonts is something I will never understand, I have a perfect vision but I'm nearly blind to fonts it makes nearly no difference to me (except for windings)
Wingdings isn't really a "font" in the same way that Times New Roman is a "font". Wingdings and and Webdings were basically proto-emojis, a vestige of the old "dingbats" publishers would put at the top of chapter pages to make them look nice.
Lucky for you the article makes it clearly understandable.
I'm not typically sensitive to AI-sounding text but those image captions leave me understanding others' issues with it.
It sounded like something a screen reader would say to help visually impaired visitors. But I don’t actually have a clue what screen readers do say.
“But before responding, the digital team would do their own investigation into the fonts we use and the licences we own so we could verify everything was in compliance. […] messaged a dozen or so more people from different parts of the business, hoping to hook just one person who would reply to the scary message they were sending.”
Piece of advice for the future: if you receive a message like this, and don’t want the sender to reach out to other people in your organization — acknowledge the message.
…I would think the appropriate behavior would be for the security team to send an announcement stating they've seen an uptick of phishing emails, with an example screenshot, and to please not respond to phishers.
The business has no contract with Monotype, has conducted no business with Monotype, and has also (as they double checked) committed no infringement against Monotype. In short, the Monotype sales rep has no entitlement to any of the business' time.
And yet they managed to get quite a lot of it. It looks like double digit humans spent double digit hours, some of that totally in parallel to each other by accident.
In part, that's because all the people who got nerd-sniped by this didn't ever actually send a response back. In part, it's because several different business units decided to try to Handle It without doing the rational thing of centralizing to legal counsel.
> acknowledge the message
I think it is more nuanced than that -- they are sending a message via LinkedIn, is it really the company or a scam?
You should take time to respond appropriately and not be rushed in all cases. By acknowledging the message they'll want to continue the discussion. It's probably worth considering a standard response to approaches like this, along the lines of "Please contact us on generic-something@domain, I cannot discuss this on my personal social media account."
I thought the standard procedure is to forward the message to the appropriate department. Never give any acknowledgement.
By spamming multiple people at multiple departments, Monotype is probably relying on one department screwing up and responding with something that’d strengthen their (non-existent, apparently) case.
Since their behavior is indistinguishable from scammers, it probably makes sense to also ask procurement/design to additionally ban the vendor.
If they're following scam rules, they're not going to stop until they get someone hooked and engaged.
Why would someone ever respond to unsolicited spam concerning a legal issue from an unverified contact via a third-party social media network.
Even the rather small company I work with would have sent a reminder to everyone to not interact with these messages.
Does sending a personal LinkedIn message to a random employee even count as "contacting the company" in the eyes of the law?
Yeah especially when the unsolicited contact starts sending PDF attachments of "evidence".... felt like a classic phishing attempt
Wow. OP is being very generous with their time.
My approach would be along the lines of "you prove to me exactly what font me supposedly used then we'll look into it".
This is like the old IBM shakedown playbook "we have thousands of patents, if we dig enough we'll find one you infringe upon, so better pay for peace of mind". I do assume that like in the case of IBM, some companies do pay...
Wow, perhaps Nintendo/Konami actually learned this tactic from IBM, threatening smaller game developers with patents when their case for copyright is too weak...
One can only hope some journalist is reading this and decides to turn it into a news story
Journalistic attention can be very helpful at getting companies to reform bad behaviour (at least temporarily)
- [deleted]
In the United States if someone makes a false statement about you, comminicates that statement to a third party, and that statement can or has caused financial harm, you can reocover damages in court. If there are similar laws in your country. it's probably worth sending a demand letter to cover the time wasted on investigation.
I think monotype would argue they only sent the message to the company they were shaking down.
Of course, LinkedIn’s ToS might beg to differ. I wonder if the bar is worded like a big and statement like you said, or if the disclosure to the third party has to be part of the chain of harm or something (and what precedent says).
There are multiple relevant elements to defamation in the US: https://www.thefire.org/research-learn/defamation-and-first-...
What 3rd party was involved here?
The author of this post wasted so many people's time on a self indulgent quest to prove an automated linkedin message wrong.
Do these people have no actual work to do? Refer to legal if you really feel compelled, and just move on...
Comments like this make me think that a "downvote" button at HN would be quite handy.
You need to have enough HM karma to see the downvote button. A long time back it used to be 100, no idea if it still is. Have an upvote to get you a step closer.
You'll get a downvote at 500 karma.
I never downvote. Used to, but stopped.
I’m quite liberal with them, I think it’s one of the things that stops this place turning into Reddit.