By Pam Fulmer
Envisage Technologies, LLC (“Envisage”) has filed a counterclaim against Defendants Oracle America, Inc., and Oracle International Corporation (collectively, “Oracle”) requesting declaratory relief of no copyright infringement and asserting a second claim for unjust enrichment due to payments made to Amazon Web Services (“AWS”) under the RDS "License Included" model. Tactical Law has previously blogged on this case brought by Oracle, which Oracle contends involves hosting.
According to the counterclaim, Envisage’s legacy product was an on-premises version where Envisage customers hosted and maintained the Acadis software product on their own hardware. Under this model Envisage customers were responsible for acquiring their own licenses to the Oracle software. However, in 2019 Envisage opted to change this model in favor of cloud-based software hosted on Envisage’s own hardware. To support the cloud-based hosting of Acadis, Envisage turned to Amazon’s Relational Database Service (“Amazon RDS”) offered by AWS.
Envisage alleges that it chose to go with the RDS “License Included” model due to representations made by AWS that the model would work for its Acadis service offering. Envisage pleads that it “relied in good faith on representations made by AWS regarding the scope of the license to Oracle Database provided under AWS’s “License Included” service model for Amazon RDS for Oracle.” Envisage also asserts that in meetings in 2019 and 2020 with representatives of AWS, Envisage explained the technical details of its Acadis offering and further relied on AWS representations that it could cost effectively leverage the RDS “License Included” model for Envisage’s intended use of the software. Envisage also asserts that Oracle authorized AWS to act on Oracle's behalf under the “License Included” model, and presumably either did or should have approved the representations being made by AWS to its customers concerning the permissible uses of the Oracle software. Envisage seeks a declaration that it is not infringing Oracle’s copyrights and that it was authorized to use the Oracle software for hosting when it went with the RDS "License Included" model. Envisage also asserts a claim for unjust enrichment against Oracle, to the extent that Oracle has already been compensated by AWS for Envisage’s use of the software.
But here is the rub. The AWS Service Terms at Section 10.3.1 provide that the RDS "License Included" customer cannot “use the Oracle Software for rental, timesharing, subscription services, hosting, or outsourcing”. And it appears from the face of the counterclaim that this is exactly what Envisage has done.
What does this all mean for AWS and Oracle customers? It means that licensing Oracle through AWS is complicated and should be done very carefully. Both the technical and legal issues need to be thoroughly vetted before significant investments are made. Also, Oracle appears to be actively looking for AWS “License Included” customers who may be non-compliant with the AWS Terms of Service, and reaching out to them directly demanding payment. Clearly that is what Oracle has done in this lawsuit. Oracle also appears to be demanding information from AWS customers as if it had an audit clause to rely upon. But AWS "License Included" customers do not have a contract directly with Oracle, which is most likely why many of these customers are resisting Oracle’s demands for information. Instead, their contract is with AWS, and the AWS agreements do not have an audit clause. For its part, Oracle may be relying on the AWS Service Terms that provide “[n]otwithstanding anything to the contrary elsewhere in the Agreement, Oracle is an intended third-party beneficiary of the Agreement, but solely with respect to this Section 10.3.1 of these Service Terms.” However, it should be noted that AWS Service Term 10.4 relating to Microsoft software on AWS, specifically provides that “Microsoft is an intended third-party beneficiary of this Section 10.4, with the right to enforce its provisions.” Why the difference and can this be leveraged by AWS customers when Oracle comes knocking?
In short, Envisage has quite the mess on its hands. A high-profile lawsuit by Oracle seeking damages of at least $3 million and perhaps an expensive arbitration with AWS either pending or about to be filed. Meanwhile, Envisage’s entire business model may be up in the air and the legal fees doubtless keep racking up. All of this trauma and expense could have been and should have been avoided upfront with a little planning and investment by Envisage. Other AWS RDS customers should take note and be careful to avoid falling into the hosting trap. And for those AWS customers who believe that by using the RDS License Included model, they can avoid dealing with Oracle all together, these recent lawsuits by Oracle prove otherwise.
The case is Oracle America, Inc. et al v. Envisage Technologies, LLC., Case No. 3:21-cv-03540, Northern District of California. We will continue to monitor the case. Check back for updates.
By Pam Fulmer
Oracle America Inc. and Oracle International Corporation (collectively "Oracle") have filed a new lawsuit in the Northern District of California against their licensee NEC Corporation of America ("NECAM"). According to the Complaint, NECAM was a member of the Oracle Partner Network ("OPN") until Oracle terminated its licenses due to this dispute. Oracle seeks at least $7 million in damages, as well as any profits made by NECAM through its use of the Oracle software and distribution of the Oracle software to NECAM's customers. Oracle has asserted claims for breach of contract as well as copyright infringement and seeks treble damages as Oracle alleges that NECAM's copyright infringement was willful. Oracle also seeks an award of attorneys' fees and costs pursuant to the license agreement.
Oracle contends that NECAM has been a long standing partner of Oracle (15 years) and is therefore extremely familiar with the various contracts signed by Oracle partners, as well as with the approved distribution methods allowed depending on the type of license purchased. According to the Complaint:
"As a long-time OPN member and Oracle licensee, NECAM was (and is) intimately
familiar with the Oracle PartnerNetwork and the different distribution methods Oracle offers to its OPN members – ESL [Embedded Software License], ASFU [Application Specific Full Use License], and Full Use. In the past fifteen years, NECAM has distributed licenses to Oracle software using all three distribution methods – ESL, ASFU, and Full Use – under the agreements set forth above.
Essentially Oracle asserts, among other things, that NECAM was using the Oracle software and allowing its customers to interact with the software, in a way that was not authorized by the applicable license agreement and distribution method, and that NECAM failed to pay all the license and support fees due Oracle.
Oracle issued an audit notice to NECAM in December of 2019 pursuant to the audit clause and delivered its Final Audit Report in October 2020. According to the Complaint, Oracle asked "NECAM to resolve the compliance findings within 30 days" and advised NECAM that it "needed to procure (pay for) additional ASFU and Full Use licenses for its prior distributions." Oracle further advised NECAM that it had previously "failed to report (or had under-reported) certain distributions". Finally Oracle demanded that NECAM provide Oracle with additional information regarding its on-premise development environments to enable Oracle to determine the extent to which they exceeded NECAM’s rights."
Oracle alleges that NECAM failed to respond and pay the licensing and support fees that Oracle contends were owed within 30 days of notification of the amounts owing. As a result on January 19, 2021, Oracle sent a breach notice to NECAM. Oracle contends that NECAM did not cure the breach, and as a result on March 5, 2021 Oracle sent a termination letter, notifying NECAM that Oracle was, by its letter, "terminating NECAM’s membership in the Oracle PartnerNetwork, the 2018 MDA, and all related ASFU distribution addenda and ESL distribution addenda."
According to the Complaint:
"NECAM breached its contracts with Oracle by its acts and omissions, including failing to
pay license and support fees owed to Oracle under the contracts and failing to provide information to Oracle as required by the contracts’ audit provisions. For example, NECAM breached the 2013 MDA, the 2013 ASFU Addendum, the 2018 MDA, and the ASFU Addenda by failing to report and pay license fees (and support fees) owed under the ASFU Addenda for distributions of its Integra-ID 5 application with the Oracle Database and the Database Options and Packs that were not permitted by NECAM’s ESL Addenda. As another example, NECAM breached the 2013 MDA and the 2016 Full Use Addendum by failing to report and pay license fees (and support fees) owed under the Full Use Distribution Addendum for distributions of the Oracle Database (and other Oracle software) to the Ohio State Police that were not permitted by NECAM’s ASFU addendum. And, as another example, NECAM breached its duty under the OPN Agreement and the 2018 MDA to cooperate with Oracle’s audit and provide reasonable assistance and access to information, by failing to provide Oracle with additional information regarding its on-premise development environments to enable Oracle to determine the extent to which they exceeded NECAM’s rights, as Oracle repeatedly requested."
A few observations about this case and other recent audit cases brought by Oracle that readers of our blog may find interesting:
By Pam Fulmer
Readers of this blog will remember that I previously posted on the shocking case brought by whistleblower Paul Cimino against IBM arising out of a predatory software audit conducted by IBM of the Internal Revenue Service ("IRS"). Although Cimino worked for IBM he was apparently so horrified by IBM's complete fabrication of non-compliance findings in order to force the IRS into a new and more expensive ($265 million to be exact) license agreement that he blew the whistle and filed a claim under the federal False Claims Act ("FCA"). You can read our previous blog post here. The district court dismissed the key fraudulent inducement claim finding that it was not credible that the IRS would enter into a new and more expensive contract with IBM just to get out from under substantial audit penalties. The D.C. Circuit Court of Appeal disagreed and found that Mr. Cimino had plausibly alleged that "but for" the fraudulent audit, the IRS would never had entered into the new license agreement. The court remanded the case back to the trial court for further proceedings. This is a big win for Cimino and although decided under the FCA, can be instructive for all those companies out there who have suffered through predatory audits by major software publishers.
The Court explained the case as follows:
"This qui tam action began when Paul Cimino filed a complaint alleging that IBM violated the FCA. As a former senior sales representative for IBM, Cimino helped sell software to the IRS. Based on knowledge acquired on the job, Cimino alleged that IBM fraudulently induced the IRS to enter a $265 million license agreement for “unwanted, unneeded” software.
Faced with the possibility of losing significant revenue, IBM allegedly devised a scheme to pressure the IRS into another long-term deal. IBM planned to conduct a “friendly” audit, anticipating that the IRS was overusing the software and therefore would owe a significant amount in compliance penalties. IBM would then leverage the penalties by offering to waive them in exchange for a new agreement.
IBM retained Deloitte LLP to perform the audit. Contrary to IBM’s expectations, Deloitte’s initial audit showed the IRS was not significantly overusing the licenses and owed only $500,000 in compliance penalties—a relatively small amount for a contract of this size. IBM never released these audit results to the IRS. Instead, IBM worked with Deloitte to manipulate the results. For example, IBM counted licenses on discontinued servers as in constant use, even though they were never used. Deloitte first presented the number of overused licenses from this manipulated audit to Adam Kravitz at the IRS. Cimino alleged that “Kravitz rejected the audit findings because, in his words, ‘IBM cannot substantiate that the IRS is out of compliance.’” IBM then manipulated the audit again to show an outstanding $292 million in compliance penalties. IBM shared this number with the IRS, despite the fact that one IBM employee considered the number “ridiculous,” and another “was ‘not comfortable representing’ that number to the IRS.”
As we have warned before, avoid "friendly" software audits by software publishers as there is nothing friendly about them. If Oracle or IBM or whatever software company wants to conduct an audit, then they should issue a formal audit notice and do so. These "friendly" audits are often nothing more than fishing expeditions where the sales team hopes to turn non-compliance findings into a big payday and a big contract. Licensees should stand on their contractual rights and not fall into these traps.
Another interesting aspect of the case is how IBM allegedly was attempting to charge the IRS by claiming licensing fees for non-use of the IBM software. The court pointed to allegations that IBM claimed fees for discontinued servers for constant use even though they were never used. We see similar attempts by Oracle and others to charge customers a licensing fee on servers where no Oracle software is being used, such as in the case of Oracle's expansive VMware assertions, which involve non-contractual and non-binding policies. Customers under audit should carefully review license agreements and challenge during audit resolution negotiations policies that are not expressly incorporated into the contract. Careful attention should be paid to assertions that payment must be made for non-use by the customer of the auditing company's software, or for potential future use that has not yet occurred.
We were pleased to see that the appellate court reversed the lower court's dismissal and is allowing this whistleblower suit to proceed past the pleading stage. Only when predatory software vendors are held to account by the courts will such behavior end. Tactical Law will continue to monitor the case. Please check back here for periodic updates.
By: Pam Fulmer
Oracle America, Inc. and Oracle International Corporation (collectively “Oracle”) have filed a new lawsuit for copyright infringement against Oracle customer Envisage Technologies, LLC (“Envisage”) in the Northern District of California. The case was brought by the Norton Law Firm, a boutique law firm in Oakland, California, whose lawyers have a long history of representing Oracle in its IP litigation cases, including in Oracle’s cases against SAP, Google and Rimini Street to name just a few. Readers of this blog will remember that the Norton Firm represented Oracle in the short lived Oracle v. Perry Johnson & Associates litigation, which was dismissed by Oracle a little less than two months after it was filed, likely in this author’s view due to a settlement. Like this new case, Perry also involved hosting, which is an area that seems to be getting lots of attention from Oracle lately, and the Norton Firm appears to be Oracle’s “go to” firm for litigation on hosting related issues.
Oracle essentially contends that Envisage has not bought enough licenses from Oracle to cover its use of Oracle database software that it uses for cloud hosting of its Acadis Readiness Suite on Amazon’s RDS platform. According to the Complaint, “Envisage develops software directed to the needs of public safety leaders. Its Acadis Readiness Suite software is advertised as providing software solutions for training, compliance, internal affairs case management, professional development, legal defensibility, and public accountability.” Oracle uses public facing documents found on Envisage’s own website along with documents that may have been posted by governmental entities or acquired under the Freedom of Information Act, which Oracle contends show that Envisage’s use of Oracle database software is well in excess of the number of licenses it has purchased from Oracle. Oracle claims that Envisage’s infringement is willful and seeks at lease $3 million in damages.
For example, Oracle pleads on information and belief that Envisage obtains “subscription revenue from its customers” and that to provide the software and services that it advertises, “Envisage is running Oracle Database on eight or more processors as an Amazon RDS customer.” Oracle claims that it contacted Envisage in March of 2021 to engage in discussions about properly licensing the Oracle software, and that Envisage initially agreed to enter into discussions, but later changed its mind. According to the Complaint:
“Because Envisage has refused to engage in discussions, Oracle does not yet know the
details of Envisage’s software architecture. On information and belief, given the magnitude of its customer base and the hosting services it provides through Amazon RDS, Envisage’s use of the Oracle Database exceeds the scope of the license that Envisage purchased in 2006 to use Database SE1, a license planned for use for one account as a pilot. On information and belief, the scope and nature of Envisage’s use requires a license for at least Oracle Database SE2 and, more likely, for Oracle Database EE. Envisage, however, never obtained a license or authorization from Oracle directly or indirectly to use either Oracle Database SE2 or EE. Upon information and belief, Envisage’s 2006 Database SE1 license does not authorize its current use of Oracle Database through Amazon RDS.”
It appears from Oracle activity that we are seeing that Oracle may be investing significant resources in investigating both Oracle customers that use the AWS Bring Your Own License model for using Oracle software as well as the AWS License Included model, and that these hosting issues will continue to attract Oracle’s attention and perhaps spawn further lawsuits.
If you have been approached by Oracle about a hosting issue on Amazon RDS and Oracle is requesting information about your usage, you need to proceed with caution and have a game plan in place. Or if you are thinking about using Amazon RDS to host your application, make sure that you understand the potential licensing traps. Tactical Law advises companies on these and similar issues and can help.
The case is Oracle America, Inc. et al v. Envisage Technologies, LLC., Case No. 3:21-cv-03540, Northern District of California. We will continue to monitor the case. Check back for updates.
Court Rules Sunrise Firefighters’ Securities Fraud Lawsuit Allowed to Proceed Against Oracle and its Senior Management
By Pam Fulmer
Oracle and its senior management suffered a significant loss in federal court yesterday involving Oracle’s Audit, Bargain, Close (“ABC”) predatory sales and audit tactics. In a sweeping 54 page opinion, Judge Freeman of the Northern District of California has granted in part and denied in part Oracle’s motion to dismiss a class action securities fraud lawsuit, which alleged that Oracle used predatory software audits to drive sales of its cloud products, and then omitted to tell the public about all the potential reasons for Oracle’s increasing and later decreasing cloud sales. The Plaintiff will be allowed to pursue only its omission based securities fraud claims against Oracle and senior management Larry Ellison, Mark Hurd, Safra Catz, and Ken Bond. All other securities fraud theories alleged in the SAC were dismissed. Defendants Thomas Kurian and Steve Miranda were dismissed from the lawsuit with prejudice. The remaining Defendants have 30 days to file an Answer to the Second Amended Complaint (“SAC”).
Judge Freeman's Order sets out the background facts alleged in the SAC.
“Oracle allegedly employed a strategy called “Audit, Bargain, Close,” also referred to as “ABC.” SAC ¶¶ 16, 95-128. Under this strategy, Oracle would install its software on on-premise client ecosystems “with a variety of preferences automatically enabled that, unbeknownst to the customer, caused the customer to arguably—and unknowingly—exceed the limits of its license.” Id. ¶ 16. The company would then initiate an audit of an on-premises customer for violations of its on-premises software license. Id. When it found violations, Oracle would “threaten to impose extremely large penalties” that it would abate only if “the customer agreed to accept a short-term cloud subscription.” Id. The SAC alleges that customers “neither desired nor intended to use” the cloud products but purchased them to avoid the hefty penalties. Id. ¶¶ 16, 151-198. Second, Oracle allegedly engaged in a tactic known as “attached deal[s].” Id. ¶¶ 17, 129-150. Oracle offered its customers “a significant discount” on its on-premises products, provided the customer also agreed to receive a short-term cloud subscription – “even though the customer neither wanted nor intended to use the attached cloud product.” Id. ¶ 17. The SAC alleges that the attached deals thus served to disguise legacy on-premise revenue as cloud revenue. Id. ¶¶ 129-150.
Starting in 2014, “market participants voiced early concerns that Oracle and its auditing department should not attempt to extract ‘cloud’ revenues through their audits of its licensees’ ‘on- premises’ software licenses.” SAC ¶¶ 51, 54-60, 62, 64. Oracle executives, however, denied that the company was misusing its audit process to gin up purported cloud sales, id. ¶¶ 61, 63, 64, instead tracing sales successes to Oracle’s superior cloud products and business practices, id. ¶¶ 66-71. Oracle’s stock price rose almost 24% between 2017 and 2018 as investors and analysts celebrated the strength of Oracle’s cloud business. Id. ¶¶ 72-73. The representations of Oracle executives stood in stark contrast to reality according to the SAC, id. ¶¶ 74-94, as Oracle’s cloud products were “deeply flawed,” limiting customer’ ability to use the products effectively and forcing the company to lean on financially engineered deals, id. ¶ 74, 95.”
Oracle customers reading this description may recognize this familiar pattern, as many customers around the world have complained in the business press and otherwise that they have been subjected to these predatory ABC audits and forced to buy Oracle cloud software to resolve the audit.
Only the Omission Based Securities Fraud Theory Survived Oracle’s Motion to Dismiss
Although Judge Freeman found that in many instances Plaintiff failed to set forth facts that would support many of its securities claims, the Court focused on Oracle’s representations to investors about the reasons for its increasing and later decreasing cloud sales. Unlike the First Amended Complaint (“FAC”), the Court found that Plaintiff had plausibly pleaded facts in the SAC establishing an omission based fraud theory under Section 10 of the Securities Act. According to the Court:
“Plaintiff also contends that Defendants misleadingly attributed Oracle’s cloud revenue growth to the quality and competitiveness of its cloud offering, while failing to disclose that engineered deals were a material driver of those results. See SAC ¶ 267, 358, 361, 418, 424; see also Opp. at 10-11. As the Court explained in its prior order: [O]nce Defendants made statements about the drivers of Cloud revenue growth, the investors would have been interested to know that “a material driver” of Cloud Sales was Oracle’s Sales Practices. MTD Order at 25. However, the Court ultimately found that Plaintiff failed to establish the materiality of Oracle’s Sales Practices. Id.
The SAC has overcome this hurdle. Plaintiff has provided additional allegations from the CWs (“Confidential Witnesses”) along with new allegations from industry members that establish the materiality of revenue generated through Sales Practices. See Order at 27-30 ( “CW Allegations” and “Industry Member Allegations”). Oracle does not have an independent duty to disclose its sales tactics; nevertheless, once Defendants made statements about the drivers of cloud revenue growth, investors would have been interested to know that Oracle’s allegedly coercive sales practices were “a material driver” of cloud sales.”
In other words, the Court is saying that Oracle was touting its growing sales of cloud products in the marketplace as being due to customers' finding that the Oracle software was a quality product, which could go toe to toe with AWS and other competitors. Once Oracle started making statements to the public as to why sales of Oracle cloud were increasing, they owed investors a duty to disclose that Oracle’s use of hard ball audit tactics may also have been a material driver of increased cloud sales. By omitting to do so, Plaintiff has stated a plausible securities fraud claim that Oracle may have violated the securities laws by omission.
Once Oracle’s sales of Oracle cloud began to decrease, Oracle also had a duty to disclose other reasons why those sales were slowing, including the decreasing success of their predatory audit tactics. According to the Court:
“The Court, again, emphasizes that Oracle does not have a stand-alone duty to disclose its sales practices. However, as with Defendants’ statements about drivers of cloud growth, once Defendants made statements about the reasons underpinning cloud growth deceleration, investors would have been interested to know that the dwindling efficacy of Oracle’s sales practices had a material impact on this decline. (citation omitted) At this stage, the allegations relating to cloud growth deceleration are adequate to state an omission-based claim under Section 10.
Plaintiff has successfully pled a narrow omission theory of securities fraud. This theory centers on Defendants’ statements about Oracle’s cloud growth deceleration and the drivers of cloud growth. Statements at FAC ¶¶ 363, 367, 390, 404, 416, 418, 422, 424, 433, 434, 443, 446, and 453 support this theory. The Court emphasizes that this theory is not based on a stand-alone duty to disclose allegedly coercive sales tactics; rather, Oracle’s affirmative representations about cloud growth deceleration and drivers of cloud growth “affirmatively create[d] an impression of a state of affairs that differs in a material way from the one that actually exist[ed].” Brody, 280 F.3d at 1006. This is particularly true during a Class Period where the nascent cloud market exploded and Oracle competitors enjoyed robust growth. With the exception of this theory and associated statements, the Court DISMISSES the SAC.”
Importantly the Court rejected Oracle’s arguments that Plaintiff had not pled facts sufficient to state a claim that Oracle and its top management had the requisite scienter needed to hold them liable under the securities laws. According to the Court, “[a] defendant is liable for making false statements under Section 10(b) and Rule 10b-5 when he acts with scienter, a “mental state that not only covers intent to deceive, manipulate, or defraud, but also deliberate recklessness. (citation omitted) [D]eliberate recklessness is ‘an extreme departure from the standards of ordinary care ... which presents a danger of misleading buyers or sellers that is either known to the defendant or is so obvious that the actor must have been aware of it.’” (citation omitted). As such, “[f]acts showing mere recklessness or a motive to commit fraud and opportunity to do so provide some reasonable inference of intent, but are not sufficient to establish a strong inference of deliberate recklessness.” In other words, this is a very hard pleading standard to meet. Judge Freeman recognized that the Plaintiffs “must “plead with particularity facts that give rise to a ‘strong’—i.e., a powerful or cogent—inference.” Id. at 323. In evaluating whether a complaint satisfies the “strong inference” requirement, courts must consider the allegations and other relevant material holistically, not “scrutinized in isolation.”
Applying this law to the facts, the Court found that the facts alleged in the SAC “give rise to a strong inference of scienter with regard to Hurd, Catz, Ellison, Bond, and Oracle”, but that Plaintiff’s allegations against Kurian and Miranda, fell short of meeting this standard. According to the Court:
“Plaintiff’s core claim is that Oracle knowingly foisted inferior cloud products on unwilling customers by threatening license audits that could produce penalties in excess of the price of the cloud products. While Oracle earned real revenue from these sales, unused and non-renewed one year cloud subscriptions dwindled over time as Oracle exhausted the list of customers it was able to strong-arm. When questioned why Oracle’s cloud sales rates skyrocketed at first and later slowed, Defendants affirmatively and falsely attributed Oracle’s success and subsequent slowed sales rates to false reasons, masking the material impact of engineered sales on cloud growth.”
In the end Judge Freeman found Plaintiff’s “overall fraud theory alleged in the SAC plausible, cogent and compelling.”
The Court went on to examine the statements and other allegations concerning the scienter of Ellison, Hurd, Catz and Bond. The Court analyzed each of these allegations and then stood back and looked at them holistically. Here’s what she had to say:
“As the Court detailed above, multiple kinds of evidence individually support a finding of, at the very least, deliberate recklessness as to Hurd, Catz, Ellison, and Bond. (citation omitted) A holistic review of the evidence confirms this conclusion. Although not every kind of evidence individually supports a finding of scienter, Plaintiff’s factual and CW allegations against Hurd, Catz, Ellison, and Bond are highly compelling. And while the core operations doctrine rarely succeeds, here it adds modestly to support the evidence supplied by the CWs given the centrality of engineered sales to Oracle’s bottom line and allegations of Hurd, Catz, Ellison, and Bond’s roles in the company and involvement in cloud sales. When viewed holistically, even Plaintiff’s compensation structure and stock sales allegations have some teeth to them. In sum, the inference that Hurd, Catz, Ellison, and Bond were deliberately reckless as to the truth of their public statements is “at least as compelling as any opposing inference.”
As our readers will see, it was a bad day in Court for Oracle and the top echelons of Oracle's management. It will be very interesting to see if the case settles now that Sunrise Firefighter’s have survived the motion to dismiss. Often these type of securities class action cases do settle quickly, when they are not dismissed at the pleading stage. If the case does continue, Tactical Law will bring you periodic updates about anything we find interesting in the public filings.
Oracle customers who have experienced a predatory ABC audit by Oracle may have remedies if they were forced by Oracle to purchase cloud software to resolve an audit. We would be happy to discuss your potential legal options and possible remedies.
The case is City of Sunrise Firefighters Pension Fund v. Oracle, et. al., Northern District of California, (Case No. 18-cv-04844-BLF)
By Pam Fulmer
Readers of this blog will remember that we have discussed previously a declaratory judgment lawsuit filed by Fairview Health Services against Quest Software, Inc. and Quest’s affiliate One Identity LLC arising out of an audit by Quest. Essentially Fairview contends that when it notified Quest that it was canceling maintenance & support, Quest immediately issued an audit notice and made multi-million non-compliance findings, which Fairview vigorously disputes. Tactical Law has been monitoring the case and we now have a ruling by Judge Susan Nelson on Quest’s Motion to Transfer Venue and Fairview’s Motion to Dismiss Quest’s Counterclaims. Quest lost its motion to transfer venue but successfully defeated a motion to dismiss its contract and copyright based claims.
Quest Motion to Transfer Venue
With regard to the venue motion, Quest essentially contended that because a 2013 license purchase of 2700 licenses (out of a total of 38,081 total licenses purchased) incorporated a new license agreement, that the 2013 license agreement governed and replaced the 2004 Software License Agreement (“SLA”). We have seen Quest make similar arguments before and we have pushed back on such assertions. The 2013 Software Transaction Agreement (“STA”) contained a dispute resolution clause making Texas the forum for resolution of disputes, and Quest sought to transfer the action there.
The Court denied the motion basically saying that based on the record as developed so far it did not appear that the 2013 STA governed, as many more licenses were purchased under other agreements. The court teed up the positions of the parties as follows:
“The disputed forum-selection clause applies to “[a]ny action seeking enforcement of this Agreement or any provision hereof.” (2013 STA § 17(a).) Fairview argues that its declaratory judgment action does not “seek enforcement of” the 2013 STA; indeed, Fairview maintains that the 2004 SLA, not the 2013 STA, governs the parties’ licensing dispute. In response, Quest argues that the 2013 STA superseded the 2004 SLA, and that Quest’s counterclaim for breach of the 2013 STA renders this action one “seeking enforcement of” the 2013 STA”.
The court reasoned that to decide the issue, she must decide which of the agreements governed the dispute. According to the court:
“In order to determine whether this is an “action seeking enforcement of” the 2013 STA, the Court must first examine the extent to which the 2013 STA governs the parties’ relationship. Initially, Fairview purchased at least 18,101 Active Roles licenses pursuant to the 2004 SLA. (Am. Compl. ¶ 17.) These licenses were perpetual, unlike the annual maintenance services component of the transaction. (See 2004 SLA §§ 2, 10.) Quest argues that the 2004 SLA could not apply to Fairview’s deployment of the Active Roles version 6.9 software, because that version did not exist in 2004. However, the 2004 SLA, by its plain terms, entitled Fairview to “new versions and releases of the Software” as part of the maintenance services component of the transaction—and Quest has admitted that proposition. (Id. § 10; Answer & Countercl. ¶ 19 (“[D]uring the maintenance period, maintained licensees are entitled to upgrade their licensed software to the most recent version that has been released at no additional cost.”).)”
The court then examined the 2013 agreement and pointed out language that made it clear that the 2013 STA clearly applied to licenses that were purchased under that particular Ordering Document. However, the court was unable to say that the STA superseded the earlier agreement. According to the court:
“The Court finds that the 2015 quotations unambiguously bound Fairview to the 2013 STA with respect to the 2,700 licenses purchased in 2015, but did not supersede the 2004 SLA with respect to previously purchased licenses.”
This is important as Quest argues during audits, just as it did here, that the click-through agreements that come with new purchases, annual maintenance & support or product updates somehow supersede and replace previous perpetual license agreements. It is to Quest’s advantage to do so, as with each passing year it makes its license agreements more favorable to Quest, and less favorable to the licensee. But it is to your advantage the licensee, to keep the benefits of what you bought and paid for, in the past. In fact, as we have noted previously, oftentimes the older perpetual agreement will contain language providing that the agreement may not be amended unless in a writing signed by authorized representatives of both parties. The court focused on this important point here.
“Finally, Quest argues that Fairview was required to review the 2013 STA and click “agree” while installing the Active Roles version 6.9 software update on its computer systems. But the 2004 SLA, by its terms, may not be “modified or amended except by a writing executed by a duly authorized representative of each party.” (2004 SLA § 17(j).) The click-wrap agreement allegedly executed by Fairview has not been presented to the Court, and the limited record available at this stage does not establish that the agreement constitutes a “writing executed by a duly authorized representative” of Fairview. Accordingly, it is unclear whether the click-wrap agreement caused the 2013 STA to supersede the 2004 SLA with respect to the licenses purchased under the 2004 SLA. In sum, based on the limited record available at this stage of the proceedings, the Court can only conclude that the 2013 STA governs 2,700 of Fairview’s 38,081 licenses. Because Fairview’s declaratory judgment claims do not “seek enforcement of” the 2013 STA and Quest’s counterclaims based on the 2013 STA pertain to such a small sliver of the dispute, the Court cannot yet say that this is an “action seeking enforcement of” the 2013 STA. Accordingly, the Court finds that the record at this stage does not support transfer, and denies Quest’s motion.”
The court also rejected Quest’s argument that somehow by agreeing to maintenance & support agreements, that such agreements replaced prior perpetual license agreements. According to the court:
“Quest also points to the 2017 purchase quotation and the 2018 Support Renewal Quotation. In the 2017 quotation, Fairview agreed that the “Maintenance Services for the One Identity Products set forth above,” which included all 38,101 licenses, “will be provided by One Identity . . . pursuant to the terms and conditions of the [2013 Software Transaction Agreement].” (2017 Quotation at 3.) Thus, under the 2017 quotation, the maintenance services provided in 2017 were governed by the 2013 STA. But the parties’ dispute revolves around the licenses granted in § 2 of the 2004 SLA and 2013 STA, and the true-up provisions found in § 15 and § 16 of those agreements—not the maintenance services provided for in § 10 of the agreements. Because the parties’ dispute does not pertain to the maintenance services provided in 2017, the 2017 quotation does not entail that the 2013 STA’s forum-selection clause applies to this action.”
What is the lesson learned here? If you are a company being audited by Quest look carefully at what Quest is alleging and look for arguments that newer agreements do not supersede or replace earlier agreements. Expect that Quest will make these arguments and be prepared to combat them during negotiations.
Fairview Motion to Dismiss
Breach of Contract Claim
Fairview also moved to dismiss Quest’s claims for breach of contract and copyright infringement, which motion was denied. With regard to the contract based claim, Fairview had moved to dismiss arguing that exceeding its allowed number of licenses did not constitute breach under the plain terms of the contract, as the contract contained a true-up provision, which provided:
“If Customer’s deployment of the Software . . . is found to be greater than its purchased entitlement to such Software, Customer will be invoiced for the over-deployed quantities at Dell’s then current list price plus the applicable Maintenance Services and applicable over-deployment fees. (2013 STA § 15.)”
According to the court, “Fairview argues that because the agreement contemplated that Fairview might over-deploy the Active Roles software and provided a mechanism for compensating Quest in the event of such an over-deployment, over-deployment does not constitute a breach of the contract”.
The court however, disagreed reasoning that the over deployment was not the only breach that Quest was alleging. Instead, the court found that Quest had stated a breach of contract claim because it demanded payment, and Fairview did not pay the demand as required by the true-up clause.
Fairview also argued that Quest could not state a copyright claim as the true-up provision was a covenant and not a condition and thus over deployment did not exceed the scope of the license. Fairview relied on a ruling in Quest Software, Inc. v. DirecTV Operations, LLC to make this argument, where a California federal court had ruled against Quest. However, in denying the motion, Judge Nelson reasoned that the provision at issue in DirectTV was different then the case at bar. The court found that the contract at issue in DirectTV:
“expressly gave the defendant the right to exceed the number of licenses granted in the contract. See id. at *8 (“Under the terms of the License Agreement, Defendant had the ‘right to increase the aggregate number of CPU’s . . . by up to 10% per product . . . at no additional fee.’ Defendant could exceed this 10% threshold on the condition that it paid Plaintiff additional license fees.”). By contrast, the 2013 STA granted Fairview a license only to “the quantities of each item of Software identified in the applicable Order.” (2013 STA § 2(a).) While the true-up provision provided a remedy should Fairview be found to exceed that quantity, the true-up provision did not expressly give Fairview the right to do so. (See id. § 15.) Thus, Quest has plausibly alleged that by exceeding the numerical limitation on Fairview’s licenses, Fairview exceeded the scope of its license”.
We analyze this covenant vs. condition distinction in one of our previous blog posts, for readers wanting a deeper understanding of the issue.
For Quest licensees, be prepared that Quest may claim that later click-through agreements superseded earlier perpetual license agreements. Quest licensees should consider arguments that such agreements do not rise to the level of written amendments signed by authorized representatives of both parties.
Tactical Law will continue to monitor the case. Check back for future updates.
Thinking Of Going With An Oracle ERP System? Multiple Lawsuits Allege That Oracle Overpromises, Underdelivers And Leaves Customers With A Big Bill To Boot
By Dee Ware
Perhaps your company decides that it needs to add an enterprise resource planning (“ERP”) system or to replace its existing system and contacts Oracle to learn about Oracle’s capabilities and product offerings. Or maybe Oracle has proactively reached out to you to sell its software and services. In some instances, customers contend in public court filings that they have found themselves out-of-pocket or owing significant amounts of money to Oracle or its assignees with little or nothing to show for it.
In Elkay Plastics Co., Inc. (“Elkay”) v. Netsuite Inc., Oracle America, Inc., et al., San Francisco County Superior Court, Case No. CGC-20-583152, Elkay, a supplier of flexible packaging for the food service, healthcare and industrial markets with multiple service and distribution centers in the United States concluded that its legacy ERP system was no longer suited for its business needs. As a result, it issued a Request for Information to a number of software vendors, including to NetSuite, which is a wholly owned subsidiary of Oracle. (Joint Case Management Statement filed Aug. 28, 2020 at page 3, lines 7-16). Based on representations made by Oracle as to the suitability of the NetSuite software, purported skill and experience of Oracle employees and contractors and a promised high level of performance, Elkay executed a contract in May 2018 for the implementation and use of the NetSuite software. Id. at page 3, lines 20-23. According to Elkay:
“NetSuite and Oracle attempted to implement their software. The implementation was an unmitigated failure. Processing speeds and latency times for all transactions that were input into the ERP software varied between 4.1 and 30.35 seconds, with the NetSuite server taking up to 29 seconds. By way of comparison, Elkay’s 1995 legacy ERP software system’s processing times were approximately 2 seconds.” Id. at page 3, lines 24-28.
“NetSuite and Oracle urged Elkay to implement additional functionality and customizations in order to resolve the processing speeds, including purchasing additional software functionality and making at least 20 additional customizations to the software—all at Elkay’s expense. . . . However, despite paying for the performance profile and implementing NetSuite and Oracle’s recommendations, transactions speeds failed to materially improve.” Id. at page 4, lines 4-10.
In the end, Elkay reported paying NetSuite and Oracle approximately $1,282,401 and being obligated to pay an additional $1,645,897 through March 1, 2023 for an ERP system that did not perform according to industry standards, address Elkay’s core business processes or meet NetSuite and Oracle’s performance and functionality representations. Id. at page 4, lines 13-18.
Elkay’s experience is not dissimilar from what has been alleged in other recent lawsuits, including Barrett Business Services, Inc. (“BBSI”) v. Oracle America, Inc., et al., San Francisco County Superior Court, Case No. CGC-19-572474 and Banc of America Leasing & Capital, LLC (“BALC”) v. Janco Foods, Inc. (“Janco”), et al., United States District Court, N.D. CA, Case No. 3:20-cv-05152 LB.
In the BBSI case, Plaintiff alleges that Oracle solicited BBSI, a professional employer organization (“PEO”) to sell its ERP software product, and once Oracle gained a foothold at BBSI, Oracle and its implementation partner began aggressively pushing the HCM Cloud, misrepresenting its capabilities and fitness for BBSI’s business model, severely downplaying the system’s limitations and the level of customization required and the exorbitant cost and time to do so, and inflating its integration partner’s experience and expertise in configuring and customizing HCM Cloud for a PEO. (BBSI’s Memorandum of Points and Authorities in Opposition to Oracle’s Motion for Summary Adjudication, page 1, lines 6-8 and 10-16). According to BBSI, only after it signed a $15 million licensing deal with Oracle and a $429,268 Statement of Work with Oracle’s integration partner did BBSI discover that the HCM Cloud was riddled with design, functionality, interface, integration and performance gaps and that its out-of-the box capabilities would not meet BBSI’s needs as a PEO. Bridging some of the gaps would take over two years and customization work costing $33 million rather than the $5.9 million originally quoted. Id. at page 1, lines 17-23. BBSI’s lawsuit seeks over $12 million in direct and consequential compensatory damages from Oracle and its integration partner for what BBSI says are useless products and services. Id. at page 2, line 11; and Complaint, ¶47. BBSI is also litigating against Key Equipment Finance (“KEF”), the entity to whom Oracle’s financing arm, Oracle Credit Corporation (“OCC”) assigned BBSI’s financing contract. KEF contends that, even if Oracle failed to deliver the required functionality, “come hell or high water” BBSI must pay KEF for the entire amount of the assignment. At least one court in Washington state has expressed its view that such a scheme by Oracle and OCC may not be enforceable, as such a contract would be illusory and lack consideration. See Oracle Customers Beware of Potential Legal Risks of Financing ERP Deals Through Oracle Credit Corporation, Tactical Law Oracle Blog (Sept. 7, 2020), https://www.tacticallawgroup.com/oracle-software-audit-blog/oracle-customers-beware-of-potential-legal-risks-of-financing-erp-deals-through-oracle-credit-corporation.
Likewise, in the Janco case, in addition to battling Oracle, Janco is also being forced to litigate against BALC, the assignee of a financing contract assigned to it by OCC. Janco is a food service company, distributing food products and equipment to restaurants in the Houston area. (Complaint, ¶1). Janco too alleges that it was approached by Oracle, which represented that it could develop software, customized to meet Janco’s needs for a flat fee, which could “go live” within 100 days. Id., ¶¶1-2, 15-16, 26. The commissioned work was financed through a Payment Plan Agreement (“PPA”) with Oracle’s financing arm, OCC, just like in the BBSI case. Shortly thereafter, OCC assigned its rights to payment to BALC. (Joint Case Management Statement and Rule 26(f) Report filed Oct. 22, 2020 at page 2, line 25 – page 3, line 6). After nearly two years, Janco claims that Oracle never delivered a working product and says that it has been told by an Oracle employee that the system “will likely never work notwithstanding Oracle’s attempt to extract . . . an additional $40,000 to $50,000 for further ’customization‘ that Oracle was required to perform as part of the agreements with Janco.” Id. at page 3, lines 24-28. Nonetheless, Janco may still be on the hook to BALC for a sizeable sum. BALC contends that any alleged misrepresentations by Oracle do not invalidate the finance contract, that the subject PPA which Janco entered into with OCC contains a valid and enforceable California Commercial Code section 9403 waiver of claims and defenses against any assignee of OCC, and that Janco’s only recourse is against Oracle. Id. at page 5, lines 10-15.
What lesson can be taken away from these cases? Companies considering entering into an ERP contract with Oracle should carefully review the proposed warranties and limitations of liability provisions and negotiate appropriate changes. Also, consider including specific deliverables in the contract with a definitive timeline for implementation and remedies benefiting your company if Oracle does not meet its commitments. For companies considering financing through OCC, think carefully before agreeing to any clause that would allow Oracle to assign the contract at its convenience but still require that your company remain on the hook for the full value of the assignment, even if Oracle has completely failed to deliver what it promised.
By Pam Fulmer
Many Oracle customers understand that Oracle is not their friend and Oracle has been accused by many of using hard ball audit tactics (if not downright fraud) against Oracle customers to boost sales of Oracle cloud and other software. Oracle’s notoriety for conducting predatory audits of its customers continues to grow and Oracle customers should be on high alert as we wait for a decision by the U.S. Supreme Court in the Google vs. Oracle case. In fact, we at Tactical Law are seeing an uptick in companies complaining of being contacted by Oracle about Java. Although we are not aware of Oracle conducting formal audits of its customers relating to Java, Oracle has been probing with sales and other teams to informally obtain information about the customer’s usage of Java. Don’t fall for this Oracle trap. Instead, take action now to identify any potential issues with your use of Java, and protect yourself from what we believe will be a new wave of Oracle audits of Java in the months to come.
What is Oracle doing now? From what we can tell Oracle has been assembling a team of, for the most part, recent college graduates with little prior job experience to speak of, to begin informally reaching out to Oracle customer’s concerning the customer’s use of Java. Do not pick up the phone or respond to any emails from the Oracle Java team unless you receive a formal audit notice. Also resist any questions concerning Java and your VMware environment from these informal Oracle probes. Cooperation now with these fishing expeditions will only get you in trouble, as Oracle appears to be attempting to assert its non-contractual view of what it means to “use” Oracle software as it pertains to processor based licensing and VMware environments.
Why are Oracle customers at risk as it pertains to their use of Java? In April of 2019 Oracle changed how it was licensing Java. As one Oracle expert consultant has explained:
“In the past, both OpenJDK and Oracle JDK were licensed under the same Binary Code License, which included a combination of both free and paid commercial terms. However, starting with Java 11 […], Oracle changed to using the “GNU General Public License v2, with the Classpath Exception (GPLv2+CPE)” license for OpenJDK and a commercial license (Java SE Subscription or Java SE Desktop Subscription) for Oracle JDK.” House of Brick Blog Post.
The Oracle Technology Network License Agreement for Oracle Java SE is a click-through agreement that you must agree to in order to download Java SE . Importantly we advise that companies ensure that their IT Departments have directives in place making clear that not all employees have authority to agree to such click-through agreements, and prohibiting them from doing so without the authorization of management after careful consideration of the potential risks.
The SE license provides that:
Oracle is willing to authorize Your access to software associated with this License Agreement (“Agreement”) only upon the condition that You accept that this Agreement governs Your use of the software. By selecting the "Accept License Agreement" button or box (or the equivalent) or installing or using the Programs, You indicate Your acceptance of this Agreement and Your agreement, as an authorized representative of Your company or organization (if being acquired for use by an entity) or as an individual, to comply with the license terms that apply to the software that You wish to download and access. If You are not willing to be bound by this Agreement, do not select the “Accept License Agreement” button or box (or the equivalent) and do not download or access the software.
We have seen examples where unauthorized employees have downloaded software and agreed to terms such as those in the Oracle Java SE license. Although perhaps there are legal arguments that those employees were not authorized to download the software, and therefore the company is not bound, it is better to not need to climb that hill in the first place.
What are the risks of agreeing to the Java SE license? Execution of this license by companies who are not thinking through the potential liability issues raise significant areas of risk. For example, the license provides that:
“License Rights and Restrictions Oracle grants You a nonexclusive, nontransferable, limited license to use the Programs, subject to the restrictions stated in this Agreement and Program Documentation, only for:
(i) Personal Use,
(ii) Development Use,
(iii) Oracle Approved Product Use, and/or
(iv) Oracle Cloud Infrastructure Use.
You may allow Your Contractor(s) to use the Programs, provided they are acting on Your behalf to exercise license rights granted in this Agreement and further provided that You are responsible for their compliance with this Agreement in such use. You will have a written agreement with Your Contractor(s) that strictly limits their right to use the Programs and that otherwise protects Oracle's intellectual property rights to the same extent as this Agreement. You may make copies of the Programs to the extent reasonably necessary to exercise the license rights granted in this Agreement.”
So say a company uses the Java SE in development. The license agreement provides that right.
“Development Use” is defined as “Your internal use of the Programs to develop, test, prototype and demonstrate Your Applications. For purposes of clarity, the “to develop” grant includes using the Programs to run profilers, debuggers and Integrated Development Environments (IDE Tools) where the primary purpose of the IDE Tools is profiling, debugging and source code editing Applications.”
However, should the company then begin using the software in production, the company would then be outside the scope of the licensed use. The Java SE license also contains an audit clause allowing Oracle to audit the companies use of the programs. As a result, once the software is used in production it is incumbent on the company to obtain a proper license. We will discuss more about this issue below.
Another potential pitfall is what constitutes “Oracle Approved Product Use”. According to the license:
“Oracle Approved Product Use” refers to Your internal use of the Programs only to run: (a) the product(s) identified as Schedule A Products at https://java.com/oaa; and/or (b) software Applications developed using the products identified as Schedule B Products at java.com/oaa by an Oracle authorized licensee of such Schedule B Products. If You are unsure whether the Application You intend to run using the Programs is developed using a Schedule B Product, please contact your Application provider.”
What does this mean? Certain types of Oracle products are included in the Oracle approved use and certain third party products may be as well. So companies should ensure that the Oracle products that they are using are included and that other applications the company is using are as well. The Java SE license provides that any other uses not specified require another license. According to the license agreement:
“[a]ll rights not expressly granted in this Agreement are reserved by Oracle. If You want to use the Programs for any purpose other than as expressly permitted under this Agreement, You must obtain from Oracle or an Oracle reseller a valid Program license under a separate agreement permitting such use.”
What happens if a company needs to obtain a Java license for commercial use? Companies who need to obtain a license for commercial use will enter into an Ordering Document with Oracle to purchase an annual subscription for Java. That Ordering Document will also require that the customer execute an Oracle Master Agreement (“OMA”). In the licensing definitions included in the OMA or Ordering Document, the customer will find the definition of what constitutes “use” as it pertains to the processor metric. This then is where Oracle will attempt to put into play its extra-contractual assertions of what it means for Oracle software to be “installed and/or running” In other words Oracle’s “prospective use” argument and its strained (and in our opinion incorrect) interpretation of what it means for Oracle software to be “installed and/or running”. Clients running VMware can expect that Oracle will likely allege large compliance gaps for use of Java in VMware environments given Oracle’s past audit track record. So be prepared.
How can a company protect itself now and prepare for the inevitable Oracle audit? Companies should take steps now to see seek legal and technical advice concerning what are the best practices for staying compliant and mitigating the risks associated with use of Java and its implications for future Oracle audits. Now is the time for companies to retain expert consultants who can analyze the company’s IT environment and identify what applications are Oracle approved products, etc. Such experts can also advise if there are ways to use OpenJDK instead of Oracle JDK, the commercial version, which can save on licensing costs and mitigate risks.
What is the lesson learned from this blog post? Companies should not respond to Oracle’s attempts at soft audits of its usage of Java. Ignore these overtures and instead take steps to understand your legal rights and your compliance position. It is much better to go to Oracle and put in your order for exactly what licenses you need to be compliant rather than allowing Oracle to come in and poke around in your environment and then serve up a large non-compliance bill.
By Pam Fulmer
Companies suffering through an Oracle software audit are doubtless familiar with Oracle’s overreaches involving an Oracle customer’s use of VMware virtualization software. We have discussed in previous blog posts Oracle’s notorious “Audit Bargain Close” (“ABC”) tactic, and how Oracle uses non-contractual policies to attempt to broaden its contractual rights and claim a huge “shock number” for non-compliance, which it then attempts to leverage against the customer in audit resolution negotiations. We advise our clients to fight against such predatory tactics and to push back hard on all Oracle’s arguments not grounded in the actual contract.
Oracle licensees must pay Oracle a licensing fee when they use the Oracle software. With regard to the processor metric, use is defined by the Oracle license as where the Oracle software is "installed and/or running." Despite this clear and unambiguous language, rather than running audit tools that can detect where Oracle software is installed and/or running in the VMware environment, Oracle's scripts instead grab information and count up servers in the entire VMware cluster. Again this ignores where the Oracle software is actually being used, instead focusing on where it might possibly be used at some speculative date in the future. This is how Oracle calculates its huge "shock number", which it then asserts as the compliance gap seeking to negotiate from there. However, with regard to processors, Oracle has been using the same definition of use since about 2000, well before the advent of widely accepted virtualization technology. And although it has amended its processor definition to include cores, Oracle never amended its processor definition to include speculative future use in a virtualized environment, instead sticking to its definition of use as where Oracle software is "installed and/or running."
A relatively recent lawsuit by health system provider Fairview Healthcare ("Fairview") filed in federal court in Minnesota accuses Quest Software of employing similar improper audit tactics. Fairview accuses Quest of using audit tools "intentionally designed for the bad faith purpose of over-estimating the extent of Fairview’s (and potentially other licensees’) deployment of licensed software, providing a claimed basis for Quest to make an inflated demand for payment of over-deployment fees contrary to the terms of the parties’ agreements." Fairview also alleges in the Complaint that "Quest has become infamous in the software industry for its use of improper audit tactics to pressure its customers to pay inappropriate “over- deployment fees” or to purchase unnecessary additional software licenses and maintenance services—all to increase its revenue without providing any additional services or products."
The Quest license requires that the licensee pay a fee for the use of the Quest software. Fairview contends that the definition of enabled user account similarly anticipates that a license is required for accounts which “use” or are “managed by” the software. However, Fairview claims that the "audit report included any accounts which potentially could interact with the software, without regard to whether those accounts had actually used or interacted with the Active Roles software" resulting in grossly inflated numbers in Quest’s “Reconciliation Summary.” According to Fairview "under Quest’s interpretation of the enabled user account definition, any account in a domain which might potentially be touched by the Active Roles software at some point in the future must be included for purposes of counting over-deployed licenses. This interpretation is illogical and unsupportable."
Our readers will see that both Oracle and Quest are ignoring the plain language of the contract and attempting to claim licensing fees for use that has not actually occurred. Such efforts by software publishers should be strongly resisted by licensees under audit, and licensees should explore whether they have their own claims for unfair trade practices or other causes of action when such predatory tactics are employed.
Fairview also has filed for declaratory relief concerning the identification of the actual governing contract and the interpretation of relevant provisions. We have also seen Quest claim that early licenses granting perpetual licenses were amended by click to agree agreements accompanying updates. Early Quest licenses provided for perpetual licenses and could not be amended unless by a writing signed by both parties. According to the Fairview Complaint the terms of the 2004 SLA explicitly state that the agreement, under which Fairview did purchase licenses, may not be, “modified or amended except by a writing executed by a duly authorized representative of each party" and that "no other act, document, usage or custom shall be deemed to amend or modify this Agreement." Despite this clear and unambiguous language, Fairview claims that Quest is contending that "when Quest made the most recent update of the Active Roles software available to Fairview in 2016, as it was required to do by virtue of Fairview’s purchased licenses, Fairview agreed to the terms contained in the 2015 Software Transaction Agreement (“2015 STA”), a “click-to-accept license agreement” that accompanied the installation of that update (version 6.9) on Fairview’s system."
Over the years Quest has been bought and sold multiple times. We have reviewed many of these licenses and almost every year Quest seems to have amended them to make the terms more favorable to Quest and less favorable to licensees without any additional consideration or true notice to the licensee of the material changes being made to the license. The changes included revisions to important clauses such as governing law and forum selection clauses. These material changes were included in click to accept agreements, associated with annual updates that had already been bought and paid for. We hope that Fairview prevails in its argument that such click to agree agreements executed by low level employees without proper notice of material changes, do not amend the agreements as they do not constitute "a writing executed by a duly authorized representative of both parties."
We wish Fairview well in its fight against Quest's predatory audit tactics. We will continue to monitor the case so check back for periodic updates. The case is Fairview Health Services, Inc. v. Quest Software Inc. and One Identity LLC, Case No. 0:20-cv-01326-SRN-LIB (District of Minnesota).
Sunrise Firefighters' Lawyer Faces Tough Questions From Judge Overseeing Case Against Oracle Defendants
By Pam Fulmer
The lawyer for Plaintiff Sunrise Firefighters was on the hot seat for most of the hearing on Oracle's Motion to Dismiss the Amended Consolidated Class Action Complaint. Judge Freeman appeared skeptical that Plaintiffs have met their pleading burden. Although the Judge acknowledged that Plaintiff had worked hard to revise the Complaint and that some of the revisions were satisfactory, the Court still had some major problems that may result in her ruling to dismiss the lawsuit. There was much back and forth on fine points of securities law, which we won't go into here. Instead, I will focus on what readers of our blog might find interesting.
The Judge seemed to accept that Plaintiffs have established that up to 90% of cloud sales were "engineered sales". However, the Judge said that Plaintiff had failed to establish how much of the engineered sales were a result of discounts, which she had no issue with, or Audit, Bargain, Close ("ABC") sales tactics, which were more problematic. Readers of the business press know that Oracle is notorious in the enterprise software market for its prevalent use of predatory audit tactics against its customers to sell software. Although it is true that Oracle has the absolute right to audit its customers, most Oracle audit clauses provide that the audit cannot unreasonably interfere with the customer's normal business operations. It seems very disruptive to a company's normal business operations to be subject to an invasive, time consuming and oppressive audit where Oracle comes up with a huge compliance gap not grounded in the contract to force its customers into a cloud purchase, which the customer neither needs nor wants, in order to get out from under the audit.
The Oracle defense lawyer argued that if these ABC tactics were so prevalent, why was Plaintiff unable to find a customer that suffered such ABC tactics during the class period to share their experiences in the Amended Complaint? In my opinion, there are several reasons that Oracle customers who have been subjected to predatory audits may not be willing to come forward now. First, is the fear factor. These companies are afraid that if they volunteer information now Oracle will hit them even harder in future audits. Second, who wants to voluntarily get into an expensive war with Oracle now if their audit has been resolved and is behind them? What the courts also need to understand is that many companies have spent years investing in their Oracle infrastructure. Should Oracle retaliate against them by threatening or issuing breach or termination notices if they refuse to buy cloud, their entire business operation would be at risk. Most companies simply won't risk it, and in my opinion Oracle knows that and that is why Oracle has been successful at using oppressive audits to drive unwanted purchases of cloud during the class period.
Plaintiffs' attorney argued that although they didn't include any Oracle customers in the Amended Complaint, they did include several consultants who were unanimous in saying that such ABC engineered deals were ubiquitous in the industry. Oracle's lawyer asserted that such statements constituted layer upon layer of inadmissible hearsay. That may be, but it seem so apparent that an entire Oracle consulting industry has been built around Oracle's predatory audits. Where you see smoke there is likely fire.
Judge Freeman noted that her biggest concern with the Complaint was that Plaintiff has not made the required scienter showing for each individual Defendant. In other words, Plaintiffs had not connected the allegations of falsity to the statements made and the speakers making the statements showing that the speakers knew the statements were false when they were made. Plaintiff pointed out that they had provided a detailed chart with the statements of each individual Defendant and why it was false when made. The Judge noted that she would continue to study the chart but that the key false statements needed to be set forth in the Complaint. The Judge asserted that the Ninth Circuit requires that a litigant must lineup the false statements with the knowledge of the speaker at the time the statement was made and Plaintiff had failed to do so.
At the end of the hearing the Judge noted that she was taking the case under advisement and that she was not issuing a tentative ruling. She did listen carefully to Plaintiffs' scienter arguments and agreed to take another look at them. She noted that these securities class action cases are a big responsibility for a Judge at this stage of the proceedings. She closed by saying the Ninth Circuit does not shy away from long orders, and it will take her a while to rule. If I were a betting person I would put my money on Oracle winning. That is unfortunate as these types of oppressive audits will only end when software publishers are held to account. If you are a company that is currently suffering through an Oracle software audit, or were forced into an unwanted cloud purchase, you may want to consult with us about potential legal strategies for fighting back.
The case is Sunrise Firefighters v. Oracle, et. al. Check back for further updates.
Tactical Law Attorneys