By Dee A. Ware
While there are prescribed standards for conducting several types of audits, external software license audits remain unregulated and ripe for legislative intervention. Until then, companies must fend for themselves. From our experience, a software publisher’s motivation to conduct an audit falls into at least one of the following buckets:
From a legal perspective, the first line of defense is to negotiate a license agreement that contains clear definitions, such as, what constitutes “use” of a license, who qualifies as a “user,” the environment where the software can be deployed and, if applicable, how the software can be incorporated, marketed, sold or distributed. Once the parameters are established, the company should adopt internal processes to ensure compliance. In the absence of federal or state regulation, the parties to a licensing agreement can also agree in advance how a software audit is to be conducted, allowing the company to negotiate terms that offer some protection from unreasonable demands or spurious results. For example, the audit provision in the license agreement can address:
Lastly, what should a company do if the software publisher demands an audit? Remember that the best defense is (sometimes) a good offense. The company should not automatically capitulate to an audit request without first seeking legal counsel to evaluate the applicable audit provision and guide the company through the process to minimize exposure and reduce the risk of subsequent litigation.
0 Comments
In a significant legal victory for Tactical Law Group's client River Supply, Inc. ("RSI"), a federal district court in California has rejected Oracle's argument that the Economic Loss Rule bars RSI's fraud based claims, including a claim under Penal Code Section 496 for theft of money. In her ruling, Judge Beeler granted in part and denied in part Oracle's motion to dismiss RSI's Second Amended Complaint ("SAC"). A copy of the Court's Order can be found here. RSI will be allowed to proceed with its claims against Oracle for fraud in the inducement, negligent misrepresentation, breach of contract, breach of warranty, negligence and for violation of California Penal Code Section 496.
Like a dog on a bone and citing a number of products liability cases, Oracle had argued vehemently in both its first and second motion to dismiss that because RSI had not suffered personal injury or damages to property, the Economic Loss Rule precluded its claims. The Court soundly rejected this argument. According to the Court, "Again citing product-liability cases, Oracle contends that there must be personal injury or property damage for extracontractual recovery. That makes sense in product-liability cases: what other damage is there. See Yarber v. Kia Am. Inc. No. 22-CV-03411-HSG, 2023 WL 2654186, at *2 N.D. Cal. Mar. 27, 2023) (automobile-defect case that claimed fraudulent concealment, not fraudulent inducement; the economic-loss doctrine barred the claim because the plaintiff alleged only economic loss, not personal injury or damage to property); Barela v. FCA US, LLC, No. EDCV-22-01444 (JGB), 2022 WL 19333334, at *2 (C.D. Cal. Oct. 11, 2022) (automobile defect); Sum v. FAC US, LLC, No. 2:22-cv-00213-RGK-RAO, 2022 WL 2189628, at *2–3 (C.D. Cal. Apr. 25, 2022) (automobile defect). But it does not follow that that extracontractual recovery allows recovery only in cases involving injury to person or property because the economic-loss doctrine does not bar claims for fraud in the inducement." In her ruling the Court further reasoned that: "In concluding that the economic-loss doctrine did not preclude the misrepresentation claims here, the court rejected Oracle’s argument that courts apply the fraud exception only in product- liability cases. The fraud exception does make sense in product-liability cases: as a matter of policy, it allows recovery for extra-contractual injury (injury to person or property) and allocates the duty to the party most able to identify the risk of that injury (the manufacturer).15 See Erlich, 21 Cal. 4th at 550–51 (contract law enforces the intentions of the parties to the agreement, and “tort law is primarily designed to vindicate ‘social policy.’”). But no binding authority categorically limits the doctrine to product-liability cases." And this part of the Court's ruling is key and important for Oracle/NetSuite customers who believe that they have been defrauded by an aggressive Oracle's sales team who promised them that Oracle could deliver all the functionality they required, and only after contract execution learned that the functionality did not exist and the expensive system they had invested in to run their business was a bust and not a boon. "The economic-loss rule exists because the parties to a contract have agreed to allocate risk. A party that is the victim of fraud has not assumed contract risk voluntarily. Here, River Supply relied on Oracle’s misrepresentations, exposing it to a loss that exceeded its contract damages (given the limitation of liability), at least somewhat analogously to a customer who does not assume the risk of personal injury from a defective product. And it is bad policy if a party can induce a contract that limits its liability by lying about its product’s capabilities." If you are an Oracle or NetSuite customer who believes that Oracle misrepresented the capabilities of its product in pre-contract discussions, we would be happy to talk to you about your case. By Pam Fulmer
We have previously blogged on the Daramola v. Oracle case brought by a former Oracle employee who blew the whistle on Oracle and NetSuite's fraudulent sales practices involving their ERP line of software solutions. Mr. Daramola's Complaint was dismissed not because a court found that his allegations about Oracle's alleged unlawful conduct was without merit, but instead on the grounds that the whistleblower anti-retaliation laws he was proceeding under could not be invoked by an Oracle employee who was a Canadian citizen, employed by an Oracle Canadian subsidiary, and who worked from Canada and not the U.S. The Ninth Circuit affirmed the lower court's ruling reasoning that "the employment relationship in this case is between a Canadian employer and Canadian employee, to be governed by Canadian law, with the employee residing in Canada. Any domestic duties he performed were incidental to his foreign employment" and that merely accessing Oracle servers in California was not enough to establish the needed domestic conduct such as to make the protections of U.S. whistleblower laws applicable to Mr. Daramola. The Ninth Circuit described the facts of the case as follows: By logging into Oracle’s computer systems, Daramola could conduct business and collaborate with colleagues in the United States, including employees of Oracle America. Both Oracle America and Oracle Canada are wholly owned subsidiaries of Oracle Corporation, a California-based company that develops and hosts software applications for institutional customers. One such Oracle product was the “Campus Store Solution,” a subscription software service for college bookstores. In July 2017, Daramola was assigned as lead project manager for the implementation of Campus Store Solution at institutions of higher education in Texas, Utah, and Washington. Daramola came to believe that Campus Store Solution was defrauding customers. The product was billed as an ecommerce platform with specific functionalities, but Daramola thought Oracle had no way of delivering the promised features, at least at the agreed-upon price. Daramola reported the suspected fraud to Oracle America and the SEC. After doing so, Daramola was removed as a project manager. Daramola’s supervisor at Oracle America, Douglas Riseberg, offered Daramola an opportunity to work on another Campus Store Solution project, but Riseberg revoked the offer when Daramola again expressed his unwillingness to take part in fraud. Riseberg also downgraded Daramola’s job performance rating. Believing he had no other option, Daramola resigned from the company. " For those who are interested, the entire Daramola Complaint can be found as Exhibit 1 to the Second Amended Complaint that we filed on behalf of our client River Supply Inc. If you are a company that has contracted with Oracle or NetSuite and had a similar experience to the experience of RSI set forth in the Second Amended Complaint, we would be interested in talking to you. By Pam Fulmer
Introduction In an era where digital transformation dictates the pace of business evolution, software has become the backbone of enterprise operations. This surge in software dependency, coupled with a complex web of licensing agreements, has set the stage for an inevitable increase in software audits by enterprise software publishers. This blog post delves into the reasons behind this trend, its implications for businesses, and strategies to navigate the future landscape of software compliance. The Rising Tide of Software Audits Why Software Audits Are on the Rise 1. Complex Licensing Agreements: As software solutions become more sophisticated, so do their licensing agreements. Enterprises often find themselves entangled in the complexities of these contracts, inadvertently breaching terms due to misunderstanding or oversight. This is especially true due to the extensive use of hyperlinks in enterprise software related agreements. Publishers such as Oracle, Microsoft and Quest extensively use hyperlinks to serve up key agreements. Before signing a license agreement, a prudent company should review and bring down PDF copies of these hyperlinked agreements and save them in one file. In addition, it is important to consider pushing back on language that would allow the publisher to unilaterally amend such agreements. 2. Cloud Migration: The shift towards cloud computing adds another layer of complexity to software licensing. The dynamic nature of cloud environments, with scalable resources, makes it challenging for businesses to maintain compliance. And if a publisher conducts an audit and claims non-compliance, even if the audit findings lack merit the customer must deal with the threat of the publisher cutting off access to the cloud for non-payment. 3. Revenue Recovery: For software publishers, audits are a significant revenue source. In the post-pandemic economy, as publishers seek ways to recover lost revenue, audits present a lucrative opportunity to enforce licensing agreements and identify non-compliance. We see this each day in our legal practice. In addition to formal audits, software publishers such as Oracle are notorious for their “soft audits”. In fact, companies in the United States are getting hit each day with Oracle’s soft audits of Java. We have previously blogged on these predatory audit tactics engaged in by Oracle. Our phone is ringing off the hook with companies who have innocently provided information to Oracle due to a soft audit, only to be hit by a demand for payment of hundreds of thousands if not millions of dollars. And these demands have only been exacerbated by Oracle’s move to a “Total Employee” model, and Oracle’s expansive definition of who is included in the definition of “Employee”. We have also blogged on this issue previously. 4. Technological Advancements: The development of sophisticated tools and technologies has made it easier for publishers to monitor and enforce compliance remotely, increasing the frequency of audits. In fact, Oracle has included in its Java software the ability of the software to call home to Oracle. Oracle has been known to use this trail to contact companies and conduct a soft audit of Java. Implications for Businesses 1. Financial Risk: Non-compliance can result in hefty fines and the need to purchase additional licenses, significantly impacting a company's financial health. 2. Operational Disruption: The audit process can be time-consuming and disruptive, diverting resources from core business activities. 3. Reputational Damage: Being found non-compliant can tarnish a company's reputation, affecting customer trust and future partnerships. Navigating the Future Landscape Preparing for the Inevitable 1. Understanding Licensing Agreements: It's crucial for businesses to thoroughly understand their software licensing agreements. This may involve seeking legal advice to navigate the complexities of these contracts, including thoroughly reviewing all hyperlinks. 2. Implementing Software Asset Management (SAM) Tools: SAM tools can help businesses monitor software usage and compliance in real-time, providing insights to manage licenses effectively and avoid non-compliance. 3. Regular Audits and Compliance Checks: Conducting regular internal audits and compliance checks can help businesses identify and address potential issues before they escalate into major non-compliance findings during an external audit. 4. Hiring Experienced Software Audit Defense Counsel: Software licensing agreements are complex and attorneys who have dealt with the various intricacies of the agreements and have successfully pushed back on audit findings need to be retained early to assist the company in best positioning itself to successfully weather the inevitable audit. Conclusion The landscape of software licensing and audits is becoming increasingly complex, with audits by enterprise software publishers set to rise. This trend poses significant challenges for businesses in terms of financial risk, operational disruption, and reputational damage. However, by understanding the intricacies of licensing agreements, leveraging technology, and implementing robust software asset management practices, businesses can navigate this challenging landscape. The key to thriving in this new era lies in preparation, proactive management, and a strategic approach to software compliance. Final Thoughts As we move forward, the importance of software compliance cannot be overstated. The rise in software audits is a reflection of the changing digital landscape and the increasing value placed on intellectual property. For businesses, the path to compliance is not just a legal necessity but a strategic advantage that can safeguard financial health, operational integrity, and brand reputation in the long run. By embracing the challenges and opportunities presented by this trend, enterprises can position themselves for success in the digital age. Java Audits Likely Will Increase as Oracle Seeks to Move Java Users onto its Total Employee Metric12/17/2023 By Pam Fulmer
We at Tactical Law see signs that Oracle may be getting even more aggressive with its soft audits of Java, and we believe that 2024 may usher in more formal audits of Java as Oracle seeks to push customers into the total employee licensing metric that it announced in early 2023. As many commentators have noted, this metric can exponentially increase the licensing fees for those companies using Java. For example, Mr. Nitish Tyagi, co-author of the new Gartner research note in an article published in The Register, said, "For large organizations, we expect the increase to be two to five times, depending on the number of employees an organization has. Please remember, Oracle defines employees as part-time, full-time, temporary, agents, contractors as in whosoever supports internal business operations has to be licensed as per the new Java Universal SE Subscription model.” The same article went on to say that “Gartner has also estimated that by 2026, one in five organizations using Java applications will be audited by Oracle, leading to ‘unbudgeted noncompliance fees.’ By the same year, more than 30 percent of organizations using Java applications won't be compliant with their Oracle contracts.” Our phones are certainly ringing off the hook from Java users who have been contacted by Oracle with large licensing demands and claims of monumental non-compliance gaps. Oracle uses its VMware argument, which we have blogged on previously, to try to inflate the alleged non-compliance gap. Therefore, you need to be very careful to only give them relevant details concerning your use of VMware, and not your entire environment if it is not relevant to the licensing obligation. There may be a potential legal argument, however, that could cause a court to find this definition and any contract in which it is incorporated as invalid for being indefinite. This is because buried in the licensing definition itself may be a defect that could potentially be exploited against Oracle. Oracle’s definition of “employee” is breathtakingly broad: Employee “is defined as (i) all of Your full-time, part-time, temporary employees, and (ii) all of the full-time employees, part-time employees and temporary employees of Your agents, contractors, outsourcers, and consultants that support Your internal business operations. The quantity of the licenses required is determined by the number of Employees and not just the actual number of employees that use the Programs.” In trying to sweep in every possible contractor or consultant into its definition, Oracle may have created a problem for itself; an argument could be made that the contract is indefinite. For example, there could be litigation over what constitutes a contractor, outsourcer, or consultant in this context and what does it mean that they support a company’s “internal business operations”? Would a company need to count contract meal preparation services that provide the meals for the company cafeteria? Are these folks supporting a company’s internal business operations by feeding the employees so they can stay on campus and be even more productive? And, do you need to count every employee or contractor of the catering company, or only the ones that are on the corporate campus serving up the food? What about the grounds keepers that are mowing the lawn on the company grounds or pruning the trees on the corporate campus? Would these contract employees be included and are they supporting the company’s internal business operations? It is not very clear. I don’t anticipate that Oracle will get too into the weeds of these details when they license the Java initially. But what about three years into the Java subscription when the company is under audit, and Oracle might be able to use a large non-compliance gap to extract a new Java subscription? Would Oracle then take the position that the company had failed to disclose all of the contractors, outsourcers, etc., and needs to pay to cover a huge non-compliance gap? Would Oracle actually do this? I’ll let those of you out there who have experienced an Oracle software audit opine on the answer to that question. Most Oracle license agreements are governed by California law unless the parties agreed otherwise. California law requires that a contract must be reasonably definite in its terms to be enforceable. If a contract is so uncertain and indefinite that the intention of the parties in material particulars cannot be ascertained, the contract is void and unenforceable. A court will enforce a contract with an indefinite provision if the provision is not a material or essential term. The definition of “Employee” would seem to be very material to the contract. If the essential terms are so uncertain that there is no basis for deciding whether the agreement has been kept or broken, there is no contract. A contract may be rendered void where the indefiniteness is “so extreme as not to present anything upon which the contract may operate in a definite manner.” Whether a contract term is sufficiently definite to be enforceable is a question of law for the court. We are looking into these and other legal issues involving Java licensing. If you have a dispute with Oracle involving Java, we may be able to help. By Pam Fulmer
Oracle recently announced its earnings for the quarter ending November 30, 2023, and Big Red fell short of Wall Street’s expectation, causing its stock to drop at a time when most large-cap companies’ stock prices are soaring. Apparently, health data company Cerner, which was recently acquired by Oracle, was a drag on Oracle’s earnings; and its Cloud growth fell short of predictions. We at Tactical Law have no crystal ball of course, but it is our opinion observing market trends that 2024 may bring a push from Oracle to move legacy Cerner customers from on prem to the Oracle Cloud. In fact, one analyst stated that “on-premise databases migrating to the cloud… are expected to form the third leg of Oracle's near-term growth strategy.” If indeed this happens, we predict that Oracle’s tool of choice to get customers to make such a move will likely involve software audits. Prudent Cerner customers would do well to prepare now for what may very well be an inevitable Oracle audit. Tactical Law attorneys have deep experience defending Oracle software audits. By Pam Fulmer
Readers of this blog know that our firm is engaged every day in advising governmental entities and companies of all sizes how to successfully defend against aggressive enterprise software audits where software publishers often seek to unfairly inflate their audit findings by conducting predatory audits. Unfortunately, these audits are only on the rise, as enterprise software companies seek to maximize revenue, by often taking baseless legal positions not grounded in the contract, or even surreptitiously trying to switch out the old contract for a newer, more favorable one without proper notice. We advise our clients to stand firmly against capitulating to such tactics, because by giving in rather than fighting back, companies only find themselves victimized again a few years down the road. Rather than buying peace by making a large software purchase, many of the most notorious of these predatory software publishers will only view the company as an easy target in a future audit and strike again. A recent lawsuit filed in Utah state court against Quest Software, Inc. (“Quest”), an enterprise software company that we have dealt with often and that is notorious for conducting predatory audits, illustrates the point. On September 18, 2023, HealthEquity, Inc. (“HealthEquity”), a business services company designated by the IRS as a health savings trustee for health savings accounts for individuals and businesses, filed a complaint against Quest seeking various declaratory relief and asserting a claim against Quest for breach of the implied covenant of good faith and fair dealing. In its lawsuit, HealthEquity tells the story of its recently acquired subsidiary, WageWorks which underwent a Quest audit in 2019. The Complaint alleges that WageWorks recognized that it did not have ideal controls in place to monitor usage of the Quest software. So rather than defend the audit aggressively, WageWorks made a large license purchase and in subsequent discussions with Quest asked for Quest’s advice as to what controls to put in place to ensure future compliance. The Complaint alleges that WageWorks and later HEI followed that advice and created a tracking system for Toad software access and “complied with those instructions to tightly control the number of employees who could access the Toad software products.” The Complaint goes on to allege that: “This level of control was accomplished with the use of assigned serial keys provided to WageWorks by Quest for each seat license it purchased. Despite doing as Quest instructed just a few years prior, HealthEquity was being told in 2023 that licenses were required for every employee who could potentially access any server or individual device on which the software products were installed, regardless of whether those individuals could, or did, actually access and utilize the Toad software itself. This was contradictory to the direction previously provided by Quest, and contrary to the governing contractual terms.” Comp. ¶ 9. Companies that have suffered through a Quest audit will recognize this argument immediately. Quest, and other companies such as Oracle when making its VMware argument, appear to be executing on strategies to attempt to charge companies a licensing fee even when the software is not being used. According to the Complaint: “HealthEquity soon discovered that Quest’s audit processes were intentionally designed to include numerous individuals in its audit numbers who should not have been included as requiring licenses under the terms of the parties’ agreements. Specifically, HealthEquity’s audit report included any users who could access the servers on which the software was installed, rather than the users who could actually access and utilize the software products themselves. This over-inclusion resulted in the grossly inflated numbers in Quest’s “Reconciliation Summary.”” Compl ¶35. Upon information and belief, Quest’s audit practices and interpretation of contract terms to its customers have been intentionally designed for the bad faith purpose of over-estimating the extent of the customer’s deployment and license requirements. This provides the basis for Quest to make an inflated demand for payment of over-deployment fees contrary to the terms of the parties’ agreements. Quest then leverages these inflated audit results to push its customers to purchase additional licenses and extend the terms of their licensing relationship with Quest for an additional period of years.” Compl. ¶36. HealthEquity then alleges that although the Quest software contains tools that can confirm that no usage occurred, Quest ignores these tools because it prefers to use the inflated amounts as leverage to obtain the highest settlement possible. In the case of Quest, this strategy is helped along by the fact that almost every year Quest changes the language of its standard licensing agreement, known as the Software Transaction Agreement (“STA”). These changes make the agreement more favorable to Quest and seek to take away rights from its licensees. In addition, Quest customers with older license agreements such as the one at issue in this lawsuit, govern the perpetual licenses purchased and contain clauses that say that no amendment to the agreement can occur without a writing signed by both parties. Nonetheless, and in contravention of its older agreements, Quest takes the position that by downloading updated versions of the software the customer is agreeing to the acceptance of the more recent STA, such as the 2018 STA promoted by Quest in this lawsuit. Compl. ¶39. This is problematic as later versions of the STA change key terms such as the choice of law and dispute resolution clauses. They also include language that allows Quest to charge the current list price for alleged over usage rather than the formerly negotiated price, and also includes penalties such as back maintenance & support and interest. Based on these and other contradictions in the various agreements, HealthEquity has sought declaratory relief. This is a good thing as it would be really helpful to have a court weigh in and hopefully put an end to some of these predatory tactics. In addition to the declaratory relief, HealthEquity has asserted a claim for breach of the implied covenant of good faith and fair dealing. In that regard, the Complaint has the following to say: “Quest violated this covenant by, among other things, providing instruction to HealthEquity as to how its license requirement would be calculated, how its compliance with license entitlement could be controlled, and the effects of installing Toad software products on a shared server in its environment. Quest then later asserted HealthEquity had violated its license agreements and was out of compliance with its license entitlement despite the fact that HealthEquity had closely followed Quest’s former guidance and tightly controlled access to the software products in its environment. Quest has harmed HealthEquity by intentionally, and with bad faith, using a so-called audit to wrongly accuse HealthEquity of software over-deployment in an attempt to coerce HealthEquity into paying significant sums of money to Quest to which Quest is not entitled. Quest’s bad faith and unfair dealing have forced HealthEquity to expend significant sums of money to defend against Quest’s illegitimate audit claims. Demonstrating its bad faith and unfair dealing, upon information and belief, Quest, as a matter of company policy and business strategy uses its audit group primarily to drive significant additional and undeserved revenue for Quest, not to ensure customer license compliance. Quest has executed this wrongful policy and strategy against HealthEquity. Quest did not comply with its obligation to act in good faith and to deal fairly with HealthEquity, and to act consistently with HealthEquity’s justified expectations arising from the parties’ agreements and prior dealings. Quest has failed to deal fairly and honestly with HealthEquity and has intentionally or purposefully destroyed and injured HealthEquity’s right to receive the fruits of its license purchases. For example, Quest’s actions, as alleged herein, have injured HealthEquity’s right to use its licenses within the terms of the parties’ agreements for the agreed upon purchase price.” Compl. ¶¶ 90-94. In our view, the fact that this case needed to be filed shows how badly some enterprise software companies have run amuck with their audit abuses and unfair trade practices, and hiding the ball concerning various contractual provisions in undisclosed and hidden agreements. They are literally turning the entire law of contract on its head. Once upon a time, two companies would sit down at arm’s length and negotiate a deal and then they would document the deal in a writing. During the negotiation process risk would be accessed and allocated through price and other contractual means. Everything was above board, and the parties were rational actors knowing what they were getting in their bargained for exchange. That is the entire theory on which contract law is based. Our entire commercial system rests on this foundation. However, recently some enterprise software companies are turning this entire regimen on its head. Apparently, Quest tries to replace legacy agreements by surreptitiously slipping in new agreements with maintenance & support updates. Updates that are often performed by low-level employees who have no idea that Quest or another software company is going to claim that the agreement accompanying the maintenance & support update is the new governing agreement. Agreements that never reach the legal department and that the lawyers working for the company don’t even know exist until it is presented in the audit as a basis for a multi-million-dollar non-compliance claim. There is no fair notice here. Switching out choice of law, venue, audit clauses at will without sitting down and even notifying true decision-makers at the company that if they update their software they are agreeing to an entire new contract is not the way that contract law is supposed to work. Courts should put a stop to it and not let these abuses continue. We hope that HealthEquity wins its case. Tactical Law will continue to monitor the progress of the lawsuit and provide updates periodically. The case is HealthEquity Inc. v. Quest Software Inc., Case Number 230906993 venued in the Salt Lake District, State of Utah. On July 24, 2023 in a major win for Oracle, Chief Judge Miranda Du of the District of Nevada entered a 197 page bench order that gives Oracle a sweeping victory in the case that Rimini Street brought against Oracle requesting a declaration that Rimini did not infringe Oracle's copyrights and seeking other relief. The Court dismissed Rimini's case, and found for Oracle on its counterclaim.
In conjunction with her bench order, Judge Du entered judgment for Oracle and issued a permanent injunction against Rimini Street finding that Oracle "mostly prevailed" and that Rimini Street won only as to non-infringement involving some EBS support processes. In addition to finding copyright infringement by Rimini, the court found for Oracle on Oracle's Lanham Act and DMCA claims. The permanent injunction entered by the Court provides that "Rimini may not copy, distribute, prepare derivative works from, or use any PeopleSoft software (or any portion thereof) or documentation (or any portion thereof) from any PeopleSoft software environment that Rimini reproduced or used as part of its Environments 2.0 (also referred to as Process 2.0) migration, including the PeopleSoft software environments listed in P-9008, and any subsequent copies of those environments." Rimini was also prohibited from copying, distributing or preparing derivative works involving other updates, tools and files. On Oracle's Lanham Act claims Rimini was enjoined from making certain advertising claims and ordered to issue a corrective press release. According to the injunction: “This press release is ordered by the Court in the Oracle v. Rimini litigation to provide customers and prospective customers of Rimini Street with information about false and misleading statements that Rimini Street has made in its advertisements and marketing campaigns. The press release must further state: “The following statements were made by Rimini in advertisements and marketing campaigns and were found by the Court to be false and misleading: 1. United States District Judge Larry R. Hicks’ rulings in the Oracle I litigation related to processes or software that were not in use at Rimini between February 2014 and January 2020. 2. Rimini did not copy or share Oracle software between clients between February 2014 and January 2020. 3. Security professionals have found that traditional vendor security patching models are outdated and provide ineffective security protection. 4. Oracle’s CPUs provide little to no value to customers and are no longer relevant. 5. Oracle’s CPUs are unnecessary to be secure. 6. It is not risky to switch to Rimini and forego receiving CPUs from Oracle. 7. Once an Oracle ERP platform is stable, there is no real need for additional patches from Oracle. 8. If you are operating a stable version of an Oracle application platform, especially with customizations, you probably cannot apply or do not even need the latest patches. 9. Virtual patching can serve as a replacement for Oracle patching. 10. Virtual patching can be more comprehensive, more effective, faster, safer, and easier to apply than traditional Oracle patching. 11. Rimini offers “holistic security” solutions for Oracle software for enterprises. 12. Rimini Security Support Services helps clients proactively maintain a more secure application compared to Oracle’s support program which offers only software package-centric fixes. 13. Rimini provides more security as compared to Oracle 14. Rimini’s Global Security Services can pinpoint and circumvent vulnerabilities months and even years before they are discovered and addressed by the software vendor. 15. There are no similarities between TomorrowNow and Rimini other than the fact that they both have provided third-party maintenance.” Rimini Street has appealed the Judgment, the Permanent Injunction, the Bench Order and all other previous orders to the Ninth Circuit. Tactical Law is in the process of analyzing the lengthy opinion to determine what if any impact it will have on companies relying on Rimini Street for maintenance & support of PeopleSoft software. Please check back for further updates. June 19, 2023. Tactical Law Group LLP filed a lawsuit Friday on behalf of our client River Supply, Inc. ("RSI") against Oracle America, Inc. and NetSuite, Inc. (collectively "Oracle") and certain of Oracle's third-party business partners arising out of a failed SuiteSuccess ERP implementation and Oracle cloud subscription. The lawsuit filed in federal court in the Northern District of California asserts claims for fraud in the inducement and other related torts and unfair business practices.
The Complaint alleges that Oracle targets small and medium size businesses such as RSI using predatory, unfair, and unlawful business practices. These allegations relate to Oracle's Suite Success cloud offering where Oracle allegedly misrepresents the capabilities of its existing software solution and the amount of time required to go live in order to lure potential customers into contracting with Oracle. RSI also claims that Oracle competes unfairly by offering steep discounts so as beat its competition, all the while intending to inflate the contract price through expensive change orders. RSI claims that Oracle deployed an aggressive sales team pre-contract who made misrepresentations to RSI by promising that Oracle had an existing software solution, which would meet all of RSI’s requirements with only minor customizations and that could go live quickly, when in fact they did not. RSI also alleges that Oracle promised that the contract price was fixed priced and “all in” and there would be no price increases. These representations too turned out to be false. RSI alleges that the Oracle team knew these representations were false when they made them, but made them anyway in order to induce RSI to enter into the contract. RSI seeks to rescind the contracts for fraud in the inducement and to get its money back, as well as other damages caused by Oracle’s improper conduct. The Complaint further details that Oracle provides contract documents for execution that are presented in a deceptive and confusing way so that the customer is unaware of entire contracts as well as key contract terms that are one sided and benefit Oracle to the detriment of the Oracle customer. These terms (contained in a Subscription Services Agreement) are presented in a disguised hyperlink on the Estimate Form. That link, which is not highlighted or underlined does not link directly to the Subscription Services Agreement, but instead the Oracle customer is forced to search the Oracle website through several different and confusing webpages to locate the applicable contract. As a result, the Complaint alleges that RSI did not assent to the Subscription Services Agreement, as it did not even know of its existence. RSI further alleges that the manner in which Oracle presents the contract documents to its SuiteSuccess customers is deceptive and unfair and constitutes an unfair trade practice in violation of California Business & Professions Code Section 17200. RSI alleges that Oracle has deployed this unfair trade practice widely against many American small and medium size businesses, which have been damaged by Oracle’s deceptive presentation of the agreements and other improper conduct. At the end of the day and after paying Oracle and its partners a great deal of money and investing significant internal resources in the project, RSI has no working ERP solution. As a result of Oracle’s conduct, RSI alleges that it has suffered damages and seeks to hold Oracle to account for its failures, misrepresentations and other misconduct. RSI also alleges that the same wrongful acts and unfair trade practices that were deployed against RSI have been deployed against many American small and medium businesses who have entered into almost identical agreements with Oracle for its ERP related products. In fact, these very practices have been detailed and exposed in a separate whistle-blower lawsuit filed by a former Oracle employee, Mr. Tayo Daramola, which we have previously blogged about. A copy of Mr. Daramola's Complaint is attached as Exhibit 1 to RSI's Complaint. RSI seeks restitution of the monies paid, damages (including treble and punitive damages) and other relief. The lawsuit is River Supply, Inc. v. Oracle America, Inc., NetSuite Inc. et. al., Case No. 3:23-civ-02981(LB). A copy of RSI’s Complaint can be found here. By Pam Fulmer
On January 23, 2023 Oracle changed how it licenses Java SE moving away from named user plus and processor metrics and instead transitioning to an employee metric based on the total number of full and part time employees and contractors of a company. You can read more about the changes here. For many companies the prices for licensing Java exploded with the new metric as all employees need to be licensed rather than just the ones using Java. We have received reports that for many months prior to the price change the Oracle Java sales team had been reaching out aggressively to companies about licensing Java. As part of Oracle’s approach, the Java team requested detailed information about a company’s IT environment, including its virtual environment. Reportedly Oracle sales sought information about servers, even ones that were not running Java and where no Java software was installed. Many companies innocently provided the information not understanding that Oracle likely did not have a legal or contractual basis to demand such information. We have discussed this previously here. Often companies would seek to place an order for the number of Java licenses they believed that they needed based on where Java software was installed and/or running. But in some cases, the Oracle sales team apparently refused to provide an Ordering Document for the requested licenses, if the Oracle customer refused to capitulate to Oracle’s inflated licensing demands. In our opinion, Oracle may have run into some headwinds when demanding information about the entire virtual environment even where no Oracle software was installed from at least some of its targets. Perhaps that is what ultimately triggered Oracle to change its licensing to the employee metric so that it could claim exorbitant licensing fees without all of the complexities around Oracle’s non-contractual arguments around the use of VMware. We just can’t be sure. But for those customers who wanted to purchase the Java licenses and Oracle declined to sell the licenses unless the company provided the confidential information that Oracle demanded or paid the higher (and baseless) licensing fee demands, what about them? Oracle essentially forced these companies into being non-compliant when it refused to sell the requested licenses. In our opinion, Oracle should have sold the licenses and if it really believed that the company was inadequately licensed, it could have issued an audit notice and made its formal audit findings. Then the Oracle customer would have had the protections of the Oracle audit clause and would have had an orderly process for pushing back on Oracle’s assertions and demonstrating that the customer was actually compliant. Importantly, the Oracle customer also would have only needed to purchase licenses for its actual usage of Java, and not for its entire employee population. But that is not what Oracle did in some cases. We believe Oracle's actions may have damaged these companies, which are now faced with licensing Java on a total employee basis, which can be very expensive. Additionally, where Java SE is important to the business of the company, Oracle's actions may have caused uncertainty and cast a cloud over the business. If you are a company that was approached by the Oracle Java sales team and Oracle requested information about your IT environment even where no Java software was installed and/or running, we would like to talk to you. If you purchased Java licenses not based on where the software was installed and/or running but were instead misled by Oracle’s assertions and believe that you paid more than was required, we would like to talk to you as well. Finally, if Oracle refused to sell you Java licenses that you requested, and now you are facing either actual or potential demands by Oracle to license all of your employees and contractors we would also like to discuss your situation. We advise companies on licensing Java and in related disputes with Oracle concerning the licensing of Java, including disputes arising out of Java software audits. |
By Tactical Law Attorneys and From Time to Time Their Guests
|