How Oracle Attempts to Limit its Liability With its SuiteSuccess Subscription Services Agreement10/4/2024 By Pam Fulmer
When a company signs a cloud SuiteSuccess ERP agreement with Oracle America, Inc. and NetSuite, Inc. (collectively “Oracle”), it is important to understand the legal framework behind the deal. Oracle's June 1, 2024 Subscription Services Agreement (SSA) for its cloud ERP solutions is instructive and contains several provisions that benefit Oracle by either drastically limiting liability or escaping liability all together. In this blog post, we will explore these provisions and explain why such agreements should never be hidden in hyperlinks buried within a document described as an “Estimate Form”. Prospective Oracle customers need to be alert and understand how Oracle often presents its contractual documents to its customers in the ERP cloud solution space. This may sound like a familiar story if you have dealt with Oracle. Whether the customer initially reaches out to Oracle, or whether Oracle locates the potential prospect, the playbook is the same. Oracle deploys an aggressive sales team, which sets up multiple Zoom meetings ostensibly to gather the customer’s requirements for the ERP solution. Oracle devotes a good deal of resources to these initial meetings giving the customer the impression that Oracle will devote lots of resources to the implementation. Oracle customers in litigation allege that oral promises are made during these meetings, which are often not documented properly or at all in the final contract documents. Instead, customers allege that Oracle simply uses its standard paper promising only a NetSuite standard solution rather than the functionality that was agreed to on the Zoom calls. Oracle’s aggressive sales team often does not present the contractual documents ahead of time. But even if they do, normally they do not include a PDF of the SSA, with the other PDFs provided. We believe that this is intentionally done as it is our opinion that Oracle hopes that the prospect will miss the onerous terms of the SSA altogether, which are buried in a disguised hyperlink. And even if the prospect does click on the grayed out and barely discernable hyperlink, the link does not take the reader right to the document. Instead, the prospect is forced to click through several confusing pages on Oracle’s website to locate the SSA. The documents that Oracle eventually presents via a DocuSign do not include a PDF of the SSA. Instead, the documents are often presented to the customer in a pressured environment where the Oracle sales team says that if the documents are not executed immediately, the steep discounts will go away. Many NetSuite SuiteSuccess customers do not have legal counsel to review and advise them on the contract. Instead, they succumb to the highly orchestrated pressure campaign and sign the documents without proper vetting. At that point Oracle has them, because Oracle now has the many protections of the lopsided agreement, which we explain in more detail below. 1. Disclaimer of Warranties The SSA includes a section that disclaims many types of warranties, including those involving third-party applications and services. Oracle does not guarantee that its services will be error-free or uninterrupted and explicitly states that it is not responsible for issues caused by third-party applications. (SSA ¶9). This limits Oracle's liability, especially in complex cloud environments where multiple third-party vendors are involved. For example, if a third-party contractor recommended by Oracle causes issues with the service, Oracle can claim it bears no responsibility. 2. Limitation of Liability Oracle limits its liability significantly in the SSA.( SSA ¶10) According to the agreement, Oracle will not be liable for indirect, consequential, or special damages, and the total liability is capped at the amount paid by the customer in the last twelve months. This means that even in the event of a major issue, the customer cannot recover losses beyond the value of their most recent subscription fees. This provision is a major risk for customers, especially if they experience business interruptions or data breaches caused by Oracle's services. Limiting damages to the subscription fee amount offers minimal financial recourse for the customer. The limitation of liability is one of the most favorable provisions for Oracle, which caps Oracle’s responsibility at the amount of fees paid by the customer within the past 12 months. For a large corporation like Oracle, this minimal liability offers substantial protection, even in cases of significant service failure. In contrast, customers are exposed to greater risk, particularly in cases where service failures lead to business losses far exceeding the capped liability. 3. Responsibility for Third-Party Applications Oracle disclaims any responsibility for third-party applications or implementation partners, even where these were recommended by Oracle. SSA ¶¶ 6.5, 14.2.3. The agreement emphasizes that Oracle is not liable for data loss, errors, or interruptions caused by third-party applications, even if they are listed in the SuiteApp marketplace or are recommended by Oracle. Likewise, the SSA provides that Oracle is not liable for deficient work of Oracle implementation partners, even where Oracle recommended them in the first place. This limits Oracle’s exposure to liability when issues arise from third-party software or services, even if these services are crucial for the ERP solution to function. Customers are left responsible for the risks associated with such third-party tools or third party Oracle partners. 4. Termination and Suspension Provisions Oracle reserves the right to suspend services if the customer’s account becomes delinquent or if it believes there is a significant threat to the functionality, security, or integrity of the services. SSA ¶7. This provision gives Oracle broad discretion to suspend services without bearing liability for interruptions caused by these suspensions. While this protects Oracle's interests in maintaining secure services, it leaves customers vulnerable to sudden service interruptions that could impact their business operations. This provision lacks balance in protecting the customer’s need for operational continuity. A close analysis of the termination provision in Oracle’s SSA reveals that the agreement can only be terminated by the customer for cause, not for convenience. This means that a customer can only end the agreement if Oracle materially breaches the contract and fails to remedy the breach within 30 days after receiving written notice. (SSA ¶7.3). While this provision might appear bilateral at first glance, since both parties have the right to terminate for cause, it actually benefits Oracle more. The reason is that customers are locked into the contract for its full term, regardless of changes in their business needs or satisfaction with Oracle’s services. Oracle, however, can terminate the contract if the customer breaches any material term, such as payment delinquency, which gives Oracle more leverage in enforcing the contract. And as mentioned above, it has the power to suspend the services. Moreover, the agreement includes automatic renewal provisions, where the subscription will renew for an additional year unless the customer provides written notice of non-renewal at least 30 days before the expiration of the current term. (SSA 4.A). This ensures Oracle retains long-term contractual commitments, as customers must actively manage the renewal process to avoid being automatically bound by another term. The provision primarily benefits Oracle by locking customers into the agreement unless there’s a breach, while also ensuring automatic renewals unless the customer is proactive in canceling. 5. Confidentiality and Security Although Oracle claims to protect Customer Data with reasonable safeguards, the agreement places the burden on customers to ensure the accuracy, legality, and reliability of their data. This leaves the customer responsible for many aspects of data integrity and security, which is crucial in cloud environments where sensitive information is stored. (SSA ¶8). While Oracle commits to basic security measures, this provision helps shield Oracle from liability if the customer's data is compromised. (SSA ¶6.10) 6. No Warranties for Performance The SSA provides that Oracle does not guarantee that all service issues will be fixed or that its services will meet customer expectations. (SSA ¶9(b)). This is particularly risky for businesses that depend on Oracle’s services for mission-critical operations. If the cloud ERP solution underperforms or causes delays, Oracle’s limited warranties and liability protection leave customers with little recourse. 7. Integration Clause Seeks to Bar Oral Discussions Pre-Contract The integration clause in Oracle’s SSA could be used against the customer by limiting the customer's ability to rely on any promises, statements, or agreements that are not explicitly included in the contract. This clause typically states that the agreement constitutes the entire understanding between the parties and supersedes all prior discussions, negotiations, or other agreements, whether written or oral (SSA ¶14.1). Oracle could use this clause to its advantage in several ways: 1. Prevents reliance on prior representations: If Oracle’s sales team made specific promises about the performance, capabilities, or features of the service that are not expressly included in the SSA, Oracle will argue that the customer cannot later claim these promises as part of the contract. For instance, if Oracle's representatives verbally assured the customer of certain included functionality, but those terms are not in the written agreement, Oracle can argue that such assurances are not enforceable. 2. Limits modifications to written amendments: The clause stipulates that any changes to the agreement must be made in writing and signed by both parties. This means that even if Oracle’s representatives agree to make certain accommodations or offer concessions during the course of service, those will not be binding unless they are formally documented. 3. Nullifies external documents: Oracle could reject any attempt by the customer to rely on external materials such as marketing brochures, proposals, or emails as part of the contractual obligations, arguing that the integration clause bars the inclusion of any terms or representations outside the SSA. In essence, Oracle could use the integration clause to solidify that only the specific terms written in the contract are binding, eliminating the possibility of the customer introducing external agreements or promises in case of a dispute. This can work strongly in Oracle’s favor, especially if the customer was led to believe certain non-contractual assurances would apply. 8. Why the SSA Should Never Be Hidden in Hyperlinks An agreement like the SSA should never be hidden behind a disguised hyperlink in an estimate form for several reasons: 1. Transparency and Fairness: Hiding critical legal terms makes it difficult for customers to fully understand the terms they are agreeing to. This undermines transparency and could lead to customers unknowingly accepting provisions that are not in their best interest. 2. Informed Decision Making: The SSA contains clauses that significantly affect the customer’s legal rights and liabilities. If these terms are hidden, it prevents customers from making informed decisions based on the true scope of their risk. In other words, the customer will be taking on risk but it won’t even know of the risk. This flies in the face of the requirement that there must be a “meeting of the minds” in order for a binding contract to be formed. 3. Potential for Disputes: A hidden SSA can lead to future legal disputes, as customers may claim they were unaware of the provisions. Making such a critical document accessible only through obscure hypelinks could be seen as an attempt to downplay or obfuscate important terms. For example, if Oracle customers don’t know of the SSA then they don’t know about the requirement for a written notice of breach and a mandatory cure period of 30-days. That is why when the customer approaches Oracle it usually asks to “cancel” the contract, not understanding that there are certain requirements that must be met to terminate. Oracle usually responds that the contract cannot be “cancelled”, neglecting to provide the customer with a copy of the SSA and the termination provision, which allows for termination for material breach and a failure to cure. 4. Industry Best Practices: It is a best practice to present all critical agreements directly to customers for review before they sign any contractual forms. This builds trust and ensures that all parties are clear on the terms from the outset. In conclusion, Oracle’s Subscription Services Agreement is designed to limit its liability and protect its interests, often at the expense of the customer. From disclaimers about third-party applications to limitations on termination rights and automatic renewals, the contract places significant responsibility on the customer while minimizing Oracle’s exposure. Provisions like the integration clause further strengthen Oracle’s position by ensuring only the written terms are enforceable, leaving customers with little recourse for any external promises unless they can meet the heavy burden of proving fraud in the inducement. This highlights the importance of thoroughly understanding the terms of such agreements and ensuring they are presented transparently, not hidden behind hyperlinks.
0 Comments
By Pam Fulmer
In a legal battle unfolding in the United States District Court for the Northern District of Ohio, Realscape Group LLC, dba Realogic Solutions (“Realogic”), a small Ohio-based company, has sued Oracle America, Inc. (“Oracle”), one of the largest software corporations in the world. The case highlights the growing concerns around the deceptive business practices of large tech firms, particularly regarding the enforceability of hidden contract terms in software agreements. The Core Issue: Software That Never Delivered Realogic contends that Oracle represented that its NetSuite software was an "off-the-shelf" solution that would meet the company's business needs. However, after contract execution, Realogic soon discovered that the software did not perform as represented. The case centers around Oracle’s alleged failure to provide functional software as promised, locking Realogic and other customers into expensive subscription fee agreements without delivering a product that works. Oracle, in response, has moved to dismiss the case or transfer it to the Northern District of California, which Realogic is contesting. Realogic's Argument: Deceptive Practices and Hidden Contract Terms At the heart of Realogic’s case is its claim that Oracle engaged in deceptive business practices by using misleading contract structures to attempt to bind customers to terms they never knowingly agreed to. Realogic asserts that Oracle never explicitly disclosed the terms and conditions of its Subscription Services Agreement (SSA). Instead, the SSA was hidden behind a complex series of hyperlinks in documents described as “Estimates” during the sales process. Realogic makes the following points: 1. Lack of Transparency: Oracle failed to provide clear and upfront notice of the terms and conditions that would govern the transaction. The terms were embedded in fine print and nondescript and disguised hyperlinks, buried deep in a complex document that was initially labeled an "Estimate." 2. No Meeting of the Minds: Realogic claims there was never a “meeting of the minds” on Oracle’s contract terms. Realogic argues that in contract law, both parties must know about and agree to the same terms for a contract to be enforceable. Given the deceptive manner in which the terms were presented, Realogic maintains it never agreed to Oracle’s SSA. 3. Unenforceable Contract Terms: Ohio law allows contract terms to be incorporated by reference only when they are clear and specifically identified. Realogic contends that Oracle’s terms were not disclosed, rendering them unenforceable. Courts have often rejected contracts where terms were hidden behind inconspicuous hyperlinks, and Realogic argues this situation fits that precedent. Oracle’s Defense: A Motion to Dismiss or Transfer Oracle, on the other hand, argues that the case should be dismissed or, at the very least, transferred to a court in California. Oracle’s defense hinges on the assumption that Realogic agreed to the terms and conditions of Oracle’s SSA, including a forum selection clause, which would require the case to be heard in California. Realogic vehemently opposes this transfer, arguing that it never knowingly agreed to any terms that would set jurisdiction in California. Oracle will likely argue that much of the legal authority cited by Realogic does not apply, because many of those cases are in the consumer context and are not business to business disputes. Oracle may argue that businesses are held to a higher standard and cannot evade contractual obligations by neglecting to read contracts, even when those contracts are presented in a disguised hyperlink and not linked directly. But we think the better question is can Oracle bind unsuspecting companies to one-sided contracts only referenced but not adequately disclosed in disguised hyperlinks? Given this deceptive presentation, is there truly a meeting of the minds so as to form a binding contract? As Realogic explains in its legal brief, the hyperlink does not link directly to the SSA. Instead, the prospect is directed to a set of confusing pages on Oracle’s website and forced to search through multiple links for the applicable agreement. Does anyone believe that the disguised and greyed out hyperlink (which is not set off in a conspicuous manner) that leads to a confusing web page and not the actual SSA is just happenstance? Of course not. In fact, we would not be surprised if Oracle used focus groups to determine the best way to present the SSA to prospects, so as to almost ensure that the hyperlinks are missed. And for those folks that actually see the hyperlink and click on it, Oracle has arranged its website in such a way as to confuse the average lay person about what is the applicable agreement. Perhaps a judge or a lawyer would not find the presentation confusing, but we know from experience that the type of companies that buy the NetSuite SuiteSuccess software product sure do. Oracle is a very large, legally sophisticated, crafty, and ruthless company with legions of smart and talented in-house lawyers and some of the best outside counsel in the world. The average SuiteSuccess customer is a small business, which is often owned by a husband-and-wife team. These mom & pop companies are not in the business of enterprise software, and they rely on the representations and expertise of software experts like Oracle to accurately describe included functionality and to provide a working product. They are honest companies that have grown their business through hard work and sacrifices, but who have reached the point that investing in an ERP software makes sense, so they can realize greater efficiencies and their businesses will prosper. The cost of the software is not cheap, and the investment for the company is significant. None of these companies can afford to pay tens of thousands, if not hundreds of thousands of dollars to Oracle, for software that does not work. Implications for Small Businesses This case could have important implications for small businesses that rely on enterprise software solutions provided by large corporations. It brings into focus the issues of fairness and transparency in contract agreements, especially when dealing with highly technical and complex products like software and large and sophisticated companies such as Oracle. Conclusion: A Fight for Accountability Realogic’s battle with Oracle highlights an all-too-common issue in the world of business software: unclear contracts and hidden terms that disproportionately benefit the software vendor. For now, the court must decide whether Realogic’s claims hold water, and whether Oracle’s attempts to dismiss or transfer the case are valid. Regardless of the decision, this case serves as a reminder for businesses—big and small—of the importance of clear and transparent contractual agreements. Tactical Law helps companies resolve disputes with Oracle and other vendors over ERP software subscriptions and implementations. We also advise companies on the pitfalls of Oracle contracts and what steps may be taken to potentially lower your risk of contracting with Oracle. By Pam Fulmer
Oracle America, Inc. (“Oracle”) has moved to dismiss in response to a class action lawsuit complaint involving its SuiteSuccess ERP solution filed in the Northern District of Ohio. The Complaint, filed by Realscape Group LLC d/b/a Realogic Solutions against Oracle America, Inc., alleges that Oracle defrauded small to medium-sized businesses by selling them NetSuite software under false pretenses. Oracle purportedly marketed the software as an "off the shelf" solution requiring minimal implementation, but in reality, the software was not functional without extensive customization. Oracle is accused of misleading businesses into financing agreements, then selling these contracts to third parties while failing to ensure the software's functionality, which effectively relieved Oracle of its obligation to perform while guaranteeing that customers must continue to pay for deficient or non-existent work. The lawsuit seeks to certify a class of businesses with under 1,000 employees who purchased NetSuite software in the past four years and paid for implementation services but did not receive fully functioning software. Overview of Oracle's Motion to Dismiss Oracle's motion to dismiss hinges on several key arguments, each targeting different aspects of Realogic's claims: 1. Mandatory Forum-Selection Clause: Oracle argues that Realogic's case should be dismissed or transferred to the Northern District of California based on the forum-selection clause in their contract. 2. Failure to Provide Notice and Opportunity to Cure: Oracle claims Realogic did not provide the required written notice of breach and a chance for Oracle to cure those breaches before filing the lawsuit. 3. Integration Clause and Lack of Specific Delivery Date: Oracle points to the contract's integration clause and the absence of any specified date for software delivery, countering Realogic's breach of contract claims. 4. Limited, Exclusive Warranty: Oracle asserts that the contract's limited, exclusive warranty precludes the breach of warranty claims. 5. Economic Loss Doctrine: Oracle argues that claims for unjust enrichment, negligence, and negligent misrepresentation cannot stand because they are rooted in contractual obligations and are barred by the economic loss doctrine. 6. Declaratory Relief: Oracle states that Realogic’s claim for declaratory relief is not an independent cause of action and should be dismissed. Analysis of Contract-Based Arguments 1. Forum-Selection Clause Oracle's Argument: Oracle asserts that the contract mandates any legal disputes be resolved in California courts, thus the case should be dismissed or transferred from Ohio to California. Potential Weakness: • Enforceability Under Fraud Allegations: Courts may not enforce forum-selection clauses if the plaintiff can demonstrate that the clause itself stemmed from fraud or overreaching. Realogic could argue that the entire agreement, including the forum-selection clause, was induced by fraudulent misrepresentations by Oracle. Oracle relies on its Subscription Services Agreement (“SSA”), which is found in a grayed-out hyperlink on the Estimate Form, which Oracle claims is the governing agreement. The hyperlink appears to be intentionally designed to be inconspicuous and is not set off in a different color or highlighted in any way. Clicking on the link does not take the reader directly to the agreement. Instead, the reader is forced to search around on the Oracle website for the relevant agreement. Most Oracle SuiteSuccess customers who we have spoken with do not even know that the SSA exists. A court could find that such a contract procured by fraud and under these circumstances should not be enforceable. 2. Failure to Provide Notice and Opportunity to Cure Oracle's Argument: Oracle argues that Realogic did not follow the contractual obligation to provide notice of the breach and an opportunity to cure the issue before filing the lawsuit. As discussed above, most Oracle customers are unaware of the notice provision of the SSA because they are unaware of the very existence of the SSA. As a result, they fail to give notice of breach pursuant to this provision. Instead, if Oracle is unable to deliver the promised solution, Oracle customers typically request that the contract be “cancelled”. Usually Oracle, without citing to the termination for cause provision of the SSA, then tells the customer that they cannot cancel. The entire practice is very deceptive. Potential Weakness: • The Contract was Fraudulently Induced: As discussed above, Realogic may argue that the contract was fraudulently induced and the contract should be void. But as currently pled, the Complaint does not have a fraud in the inducement claim. Realogic’s time for responding to the Complaint has not run. It will be interesting to see if Realogic amends to assert a fraud in the inducement claim. • Unilateral Mistake: Oracle customers are mistaken about a material fact, and Oracle knew or should have known of the mistake and took advantage of it. The material fact being that Oracle knows that most customers are unaware of the SSA, and the requirements for providing notice of breach or notice of deficient work under the warranty provisions. They exploit the customer’s mistake and lack of knowledge to game the relationship. • Unconscionability: The customers that Oracle appears to target for its SuiteSuccess solution are usually unsophisticated small mom & pop owned businesses. Indeed, many businesses are owned by a husband-and-wife team. The companies do not have legal departments. They are more like consumers, and have no chance against a large, sophisticated entity like Oracle. • Ambiguity in Notice Requirements: Realogic may argue that the notice and cure provisions were not clear or were otherwise impractical given the circumstances of the alleged breaches. They might also argue that immediate legal action was necessary due to the extent of the alleged fraud and resulting damages. 3. Integration Clause and Lack of Specific Delivery Date Oracle's Argument: Oracle claims the contract's integration clause invalidates any prior oral agreements, and the contract did not specify a delivery date for the software. Potential Weakness: • Reliance on Prior Representations: Realogic could argue that they relied on Oracle’s verbal promises regarding the delivery date and that these promises were material to their decision to enter into the contract. This could invoke the concept of promissory estoppel, where a party is prevented from going back on a promise even if a formal contract were not signed concerning that promise. • Fraud in the Inducement: Under California law, an argument can be made that an integration clause does not preclude evidence of oral misrepresentations that induced a contract. This is because the law allows for claims of fraud in the inducement of a contract, even when an integration clause is present. We are not sure what the law is in Ohio, but this will be an interesting issue to watch if the case stays in Ohio and is not transferred to California, and the Court declines to apply California law. One issue with these SuiteSuccess cases is always the time to go live. Typically, the parties discuss the time to go live in pre-contract execution discussions because this is material to most SuiteSuccess customers and induces them into going with the Oracle solution, rather than that of a competitor. Although this is a major topic of conversation, and Oracle sales provides dates for go live, when Oracle tenders the contract it has no “go live” date specified. Oracle SuiteSuccess customers should request in writing that the contract specify a go live date, and if Oracle declines to provide one, perhaps the customer should take a pass. Also, the customer should require that Oracle provide a copy of the complete contract upfront so that the customer has a chance to meaningfully review it, and not allow Oracle to dump it on the customer at the last moment and then claim that discounts will go away unless it is immediately signed. Finally, require that Oracle provide a PDF copy of all agreements contained in the hyperlinks well before contract execution, and this includes the SSA. Then review the contracts carefully, preferably with legal counsel. 4. Limited, Exclusive Warranty Oracle's Argument: The contract contains a limited, exclusive warranty which precludes Realogic's claims for breach of warranty. Potential Weakness: • Unconscionability of Warranty Terms: Realogic might challenge the limited warranty as unconscionable if it leaves them and other customers without a meaningful remedy for Oracle’s failure to deliver the promised software functionality. Courts sometimes refuse to enforce warranty limitations that are found unfair or that significantly deprive one party of the contract's benefits. In its warranty provision, Oracle includes a sentence that says essentially that Oracle is not responsible for ensuring that the services meet the customer’s requirements or expectations. So essentially Oracle is not responsible if the solution does not work. A court could find this unconscionable. 5. Economic Loss Doctrine Oracle's Argument: Oracle contends that claims for unjust enrichment, negligence, and negligent misrepresentation are invalid because they do not exist independently of the contract, and are barred by the economic loss doctrine. Potential Weakness: • Exceptions to Economic Loss Doctrine: Realogic could argue that the economic loss doctrine does not apply if Oracle's actions amounted to fraud in the inducement or intentional misrepresentation, which are exceptions to the doctrine under California law. Furthermore, they might claim that the unjust enrichment claim is based on benefits conferred on Oracle beyond the scope of the contract. However, a fraud in the inducement claim would need to be added. 6. Declaratory Relief Oracle's Argument: Oracle argues that declaratory relief is not an independent claim, and depends on the other claims to be asserted. Oracle also argues that the Plaintiff’s allegations in the claim for declaratory relief are inconsistent with the breach of contract and breach of warranty claim so that those claims should be disregarded for declaratory relief. For the fraud-based claims and unjust enrichment, Oracle has moved to dismiss those claims and asks that the declaratory relief claim be dismissed should the Court dismiss those claims. Potential Weakness: • Relevance of Declaratory Judgment: Realogic may assert that while declaratory relief is not an independent cause of action, it is a necessary remedy to resolve the uncertainty surrounding the contractual obligations and to prevent further damage to Oracle customers from Oracle’s alleged breaches and related tortious conduct. • Declaratory Relief re Financing Agreement and Related OCC Assignments: A key issue raised in the Complaint involves the Oracle Credit Corporation (“OCC”) financing agreements and the enforceability of the assignments to third party financing institutions such as Banc of America Leasing, Bank of America, N.A., Wells Fargo Bank, Dext Capital and others. Essentially, Oracle offers to finance the costs of the solution and the implementation to sweeten the deal and induce the contracts. Then shortly after contract execution and usually before the implementation has had time to completely go off the rails, OCC assigns the financing agreement to a third party. Oracle’s clever financing contract scheme allows it to assign the financing agreement to a third party without the consent of the borrower. But the OCC contract also provides if Oracle can’t deliver the promised solution, the Oracle customer cannot interpose defenses that it may have against Oracle to cut off the payment obligations to the third parties. And litigious third parties such as Banc of America Leasing are hitting these SuiteSuccess customers with collection lawsuits, mainly in California state court in San Mateo County. So, it is a real weapon that Oracle and the financial institutions are welding against small and medium size Oracle customers. Importantly, Oracle seems to bring in the same cast of characters as the assignee banks. We believe that these banks have knowledge that many of the implementations fail and that is why the customer quits paying. So they do not appear to be bona fide assignees that come to the table without knowledge of the Oracle scheme. We hope that this issue gets litigated. Conclusion We will be watching with interest to see what the plaintiff does here. Will they amend and include a fraud in the inducement claim? Or will they oppose the motion on the merits? We will know shortly. Check back here for updates. The case is Realscape Group, LLC. v. Oracle America, Inc., Case Number 1:24-cv-00558 CEF, venued in the Northern District of Ohio. Tactical Law advises Oracle customers who have disputes with Oracle arising out of ERP related cloud and other Oracle contracts, including litigation and counseling arising out of OCC’s assignment of financing agreements to third parties and related collection actions. By Dee A. Ware
While there are prescribed standards for conducting several types of audits, external software license audits remain unregulated and ripe for legislative intervention. Until then, companies must fend for themselves. From our experience, a software publisher’s motivation to conduct an audit falls into at least one of the following buckets:
From a legal perspective, the first line of defense is to negotiate a license agreement that contains clear definitions, such as, what constitutes “use” of a license, who qualifies as a “user,” the environment where the software can be deployed and, if applicable, how the software can be incorporated, marketed, sold or distributed. Once the parameters are established, the company should adopt internal processes to ensure compliance. In the absence of federal or state regulation, the parties to a licensing agreement can also agree in advance how a software audit is to be conducted, allowing the company to negotiate terms that offer some protection from unreasonable demands or spurious results. For example, the audit provision in the license agreement can address:
Lastly, what should a company do if the software publisher demands an audit? Remember that the best defense is (sometimes) a good offense. The company should not automatically capitulate to an audit request without first seeking legal counsel to evaluate the applicable audit provision and guide the company through the process to minimize exposure and reduce the risk of subsequent litigation. In a significant legal victory for Tactical Law Group's client River Supply, Inc. ("RSI"), a federal district court in California has rejected Oracle's argument that the Economic Loss Rule bars RSI's fraud based claims, including a claim under Penal Code Section 496 for theft of money. In her ruling, Judge Beeler granted in part and denied in part Oracle's motion to dismiss RSI's Second Amended Complaint ("SAC"). A copy of the Court's Order can be found here. RSI will be allowed to proceed with its claims against Oracle for fraud in the inducement, negligent misrepresentation, breach of contract, breach of warranty, negligence and for violation of California Penal Code Section 496.
Like a dog on a bone and citing a number of products liability cases, Oracle had argued vehemently in both its first and second motion to dismiss that because RSI had not suffered personal injury or damages to property, the Economic Loss Rule precluded its claims. The Court soundly rejected this argument. According to the Court, "Again citing product-liability cases, Oracle contends that there must be personal injury or property damage for extracontractual recovery. That makes sense in product-liability cases: what other damage is there. See Yarber v. Kia Am. Inc. No. 22-CV-03411-HSG, 2023 WL 2654186, at *2 N.D. Cal. Mar. 27, 2023) (automobile-defect case that claimed fraudulent concealment, not fraudulent inducement; the economic-loss doctrine barred the claim because the plaintiff alleged only economic loss, not personal injury or damage to property); Barela v. FCA US, LLC, No. EDCV-22-01444 (JGB), 2022 WL 19333334, at *2 (C.D. Cal. Oct. 11, 2022) (automobile defect); Sum v. FAC US, LLC, No. 2:22-cv-00213-RGK-RAO, 2022 WL 2189628, at *2–3 (C.D. Cal. Apr. 25, 2022) (automobile defect). But it does not follow that that extracontractual recovery allows recovery only in cases involving injury to person or property because the economic-loss doctrine does not bar claims for fraud in the inducement." In her ruling the Court further reasoned that: "In concluding that the economic-loss doctrine did not preclude the misrepresentation claims here, the court rejected Oracle’s argument that courts apply the fraud exception only in product- liability cases. The fraud exception does make sense in product-liability cases: as a matter of policy, it allows recovery for extra-contractual injury (injury to person or property) and allocates the duty to the party most able to identify the risk of that injury (the manufacturer).15 See Erlich, 21 Cal. 4th at 550–51 (contract law enforces the intentions of the parties to the agreement, and “tort law is primarily designed to vindicate ‘social policy.’”). But no binding authority categorically limits the doctrine to product-liability cases." And this part of the Court's ruling is key and important for Oracle/NetSuite customers who believe that they have been defrauded by an aggressive Oracle's sales team who promised them that Oracle could deliver all the functionality they required, and only after contract execution learned that the functionality did not exist and the expensive system they had invested in to run their business was a bust and not a boon. "The economic-loss rule exists because the parties to a contract have agreed to allocate risk. A party that is the victim of fraud has not assumed contract risk voluntarily. Here, River Supply relied on Oracle’s misrepresentations, exposing it to a loss that exceeded its contract damages (given the limitation of liability), at least somewhat analogously to a customer who does not assume the risk of personal injury from a defective product. And it is bad policy if a party can induce a contract that limits its liability by lying about its product’s capabilities." If you are an Oracle or NetSuite customer who believes that Oracle misrepresented the capabilities of its product in pre-contract discussions, we would be happy to talk to you about your case. By Pam Fulmer
We have previously blogged on the Daramola v. Oracle case brought by a former Oracle employee who blew the whistle on Oracle and NetSuite's fraudulent sales practices involving their ERP line of software solutions. Mr. Daramola's Complaint was dismissed not because a court found that his allegations about Oracle's alleged unlawful conduct was without merit, but instead on the grounds that the whistleblower anti-retaliation laws he was proceeding under could not be invoked by an Oracle employee who was a Canadian citizen, employed by an Oracle Canadian subsidiary, and who worked from Canada and not the U.S. The Ninth Circuit affirmed the lower court's ruling reasoning that "the employment relationship in this case is between a Canadian employer and Canadian employee, to be governed by Canadian law, with the employee residing in Canada. Any domestic duties he performed were incidental to his foreign employment" and that merely accessing Oracle servers in California was not enough to establish the needed domestic conduct such as to make the protections of U.S. whistleblower laws applicable to Mr. Daramola. The Ninth Circuit described the facts of the case as follows: By logging into Oracle’s computer systems, Daramola could conduct business and collaborate with colleagues in the United States, including employees of Oracle America. Both Oracle America and Oracle Canada are wholly owned subsidiaries of Oracle Corporation, a California-based company that develops and hosts software applications for institutional customers. One such Oracle product was the “Campus Store Solution,” a subscription software service for college bookstores. In July 2017, Daramola was assigned as lead project manager for the implementation of Campus Store Solution at institutions of higher education in Texas, Utah, and Washington. Daramola came to believe that Campus Store Solution was defrauding customers. The product was billed as an ecommerce platform with specific functionalities, but Daramola thought Oracle had no way of delivering the promised features, at least at the agreed-upon price. Daramola reported the suspected fraud to Oracle America and the SEC. After doing so, Daramola was removed as a project manager. Daramola’s supervisor at Oracle America, Douglas Riseberg, offered Daramola an opportunity to work on another Campus Store Solution project, but Riseberg revoked the offer when Daramola again expressed his unwillingness to take part in fraud. Riseberg also downgraded Daramola’s job performance rating. Believing he had no other option, Daramola resigned from the company. " For those who are interested, the entire Daramola Complaint can be found as Exhibit 1 to the Second Amended Complaint that we filed on behalf of our client River Supply Inc. If you are a company that has contracted with Oracle or NetSuite and had a similar experience to the experience of RSI set forth in the Second Amended Complaint, we would be interested in talking to you. By Pam Fulmer
Introduction In an era where digital transformation dictates the pace of business evolution, software has become the backbone of enterprise operations. This surge in software dependency, coupled with a complex web of licensing agreements, has set the stage for an inevitable increase in software audits by enterprise software publishers. This blog post delves into the reasons behind this trend, its implications for businesses, and strategies to navigate the future landscape of software compliance. The Rising Tide of Software Audits Why Software Audits Are on the Rise 1. Complex Licensing Agreements: As software solutions become more sophisticated, so do their licensing agreements. Enterprises often find themselves entangled in the complexities of these contracts, inadvertently breaching terms due to misunderstanding or oversight. This is especially true due to the extensive use of hyperlinks in enterprise software related agreements. Publishers such as Oracle, Microsoft and Quest extensively use hyperlinks to serve up key agreements. Before signing a license agreement, a prudent company should review and bring down PDF copies of these hyperlinked agreements and save them in one file. In addition, it is important to consider pushing back on language that would allow the publisher to unilaterally amend such agreements. 2. Cloud Migration: The shift towards cloud computing adds another layer of complexity to software licensing. The dynamic nature of cloud environments, with scalable resources, makes it challenging for businesses to maintain compliance. And if a publisher conducts an audit and claims non-compliance, even if the audit findings lack merit the customer must deal with the threat of the publisher cutting off access to the cloud for non-payment. 3. Revenue Recovery: For software publishers, audits are a significant revenue source. In the post-pandemic economy, as publishers seek ways to recover lost revenue, audits present a lucrative opportunity to enforce licensing agreements and identify non-compliance. We see this each day in our legal practice. In addition to formal audits, software publishers such as Oracle are notorious for their “soft audits”. In fact, companies in the United States are getting hit each day with Oracle’s soft audits of Java. We have previously blogged on these predatory audit tactics engaged in by Oracle. Our phone is ringing off the hook with companies who have innocently provided information to Oracle due to a soft audit, only to be hit by a demand for payment of hundreds of thousands if not millions of dollars. And these demands have only been exacerbated by Oracle’s move to a “Total Employee” model, and Oracle’s expansive definition of who is included in the definition of “Employee”. We have also blogged on this issue previously. 4. Technological Advancements: The development of sophisticated tools and technologies has made it easier for publishers to monitor and enforce compliance remotely, increasing the frequency of audits. In fact, Oracle has included in its Java software the ability of the software to call home to Oracle. Oracle has been known to use this trail to contact companies and conduct a soft audit of Java. Implications for Businesses 1. Financial Risk: Non-compliance can result in hefty fines and the need to purchase additional licenses, significantly impacting a company's financial health. 2. Operational Disruption: The audit process can be time-consuming and disruptive, diverting resources from core business activities. 3. Reputational Damage: Being found non-compliant can tarnish a company's reputation, affecting customer trust and future partnerships. Navigating the Future Landscape Preparing for the Inevitable 1. Understanding Licensing Agreements: It's crucial for businesses to thoroughly understand their software licensing agreements. This may involve seeking legal advice to navigate the complexities of these contracts, including thoroughly reviewing all hyperlinks. 2. Implementing Software Asset Management (SAM) Tools: SAM tools can help businesses monitor software usage and compliance in real-time, providing insights to manage licenses effectively and avoid non-compliance. 3. Regular Audits and Compliance Checks: Conducting regular internal audits and compliance checks can help businesses identify and address potential issues before they escalate into major non-compliance findings during an external audit. 4. Hiring Experienced Software Audit Defense Counsel: Software licensing agreements are complex and attorneys who have dealt with the various intricacies of the agreements and have successfully pushed back on audit findings need to be retained early to assist the company in best positioning itself to successfully weather the inevitable audit. Conclusion The landscape of software licensing and audits is becoming increasingly complex, with audits by enterprise software publishers set to rise. This trend poses significant challenges for businesses in terms of financial risk, operational disruption, and reputational damage. However, by understanding the intricacies of licensing agreements, leveraging technology, and implementing robust software asset management practices, businesses can navigate this challenging landscape. The key to thriving in this new era lies in preparation, proactive management, and a strategic approach to software compliance. Final Thoughts As we move forward, the importance of software compliance cannot be overstated. The rise in software audits is a reflection of the changing digital landscape and the increasing value placed on intellectual property. For businesses, the path to compliance is not just a legal necessity but a strategic advantage that can safeguard financial health, operational integrity, and brand reputation in the long run. By embracing the challenges and opportunities presented by this trend, enterprises can position themselves for success in the digital age. Java Audits Likely Will Increase as Oracle Seeks to Move Java Users onto its Total Employee Metric12/17/2023 By Pam Fulmer
We at Tactical Law see signs that Oracle may be getting even more aggressive with its soft audits of Java, and we believe that 2024 may usher in more formal audits of Java as Oracle seeks to push customers into the total employee licensing metric that it announced in early 2023. As many commentators have noted, this metric can exponentially increase the licensing fees for those companies using Java. For example, Mr. Nitish Tyagi, co-author of the new Gartner research note in an article published in The Register, said, "For large organizations, we expect the increase to be two to five times, depending on the number of employees an organization has. Please remember, Oracle defines employees as part-time, full-time, temporary, agents, contractors as in whosoever supports internal business operations has to be licensed as per the new Java Universal SE Subscription model.” The same article went on to say that “Gartner has also estimated that by 2026, one in five organizations using Java applications will be audited by Oracle, leading to ‘unbudgeted noncompliance fees.’ By the same year, more than 30 percent of organizations using Java applications won't be compliant with their Oracle contracts.” Our phones are certainly ringing off the hook from Java users who have been contacted by Oracle with large licensing demands and claims of monumental non-compliance gaps. Oracle uses its VMware argument, which we have blogged on previously, to try to inflate the alleged non-compliance gap. Therefore, you need to be very careful to only give them relevant details concerning your use of VMware, and not your entire environment if it is not relevant to the licensing obligation. There may be a potential legal argument, however, that could cause a court to find this definition and any contract in which it is incorporated as invalid for being indefinite. This is because buried in the licensing definition itself may be a defect that could potentially be exploited against Oracle. Oracle’s definition of “employee” is breathtakingly broad: Employee “is defined as (i) all of Your full-time, part-time, temporary employees, and (ii) all of the full-time employees, part-time employees and temporary employees of Your agents, contractors, outsourcers, and consultants that support Your internal business operations. The quantity of the licenses required is determined by the number of Employees and not just the actual number of employees that use the Programs.” In trying to sweep in every possible contractor or consultant into its definition, Oracle may have created a problem for itself; an argument could be made that the contract is indefinite. For example, there could be litigation over what constitutes a contractor, outsourcer, or consultant in this context and what does it mean that they support a company’s “internal business operations”? Would a company need to count contract meal preparation services that provide the meals for the company cafeteria? Are these folks supporting a company’s internal business operations by feeding the employees so they can stay on campus and be even more productive? And, do you need to count every employee or contractor of the catering company, or only the ones that are on the corporate campus serving up the food? What about the grounds keepers that are mowing the lawn on the company grounds or pruning the trees on the corporate campus? Would these contract employees be included and are they supporting the company’s internal business operations? It is not very clear. I don’t anticipate that Oracle will get too into the weeds of these details when they license the Java initially. But what about three years into the Java subscription when the company is under audit, and Oracle might be able to use a large non-compliance gap to extract a new Java subscription? Would Oracle then take the position that the company had failed to disclose all of the contractors, outsourcers, etc., and needs to pay to cover a huge non-compliance gap? Would Oracle actually do this? I’ll let those of you out there who have experienced an Oracle software audit opine on the answer to that question. Most Oracle license agreements are governed by California law unless the parties agreed otherwise. California law requires that a contract must be reasonably definite in its terms to be enforceable. If a contract is so uncertain and indefinite that the intention of the parties in material particulars cannot be ascertained, the contract is void and unenforceable. A court will enforce a contract with an indefinite provision if the provision is not a material or essential term. The definition of “Employee” would seem to be very material to the contract. If the essential terms are so uncertain that there is no basis for deciding whether the agreement has been kept or broken, there is no contract. A contract may be rendered void where the indefiniteness is “so extreme as not to present anything upon which the contract may operate in a definite manner.” Whether a contract term is sufficiently definite to be enforceable is a question of law for the court. We are looking into these and other legal issues involving Java licensing. If you have a dispute with Oracle involving Java, we may be able to help. By Pam Fulmer
Oracle recently announced its earnings for the quarter ending November 30, 2023, and Big Red fell short of Wall Street’s expectation, causing its stock to drop at a time when most large-cap companies’ stock prices are soaring. Apparently, health data company Cerner, which was recently acquired by Oracle, was a drag on Oracle’s earnings; and its Cloud growth fell short of predictions. We at Tactical Law have no crystal ball of course, but it is our opinion observing market trends that 2024 may bring a push from Oracle to move legacy Cerner customers from on prem to the Oracle Cloud. In fact, one analyst stated that “on-premise databases migrating to the cloud… are expected to form the third leg of Oracle's near-term growth strategy.” If indeed this happens, we predict that Oracle’s tool of choice to get customers to make such a move will likely involve software audits. Prudent Cerner customers would do well to prepare now for what may very well be an inevitable Oracle audit. Tactical Law attorneys have deep experience defending Oracle software audits. By Pam Fulmer
Readers of this blog know that our firm is engaged every day in advising governmental entities and companies of all sizes how to successfully defend against aggressive enterprise software audits where software publishers often seek to unfairly inflate their audit findings by conducting predatory audits. Unfortunately, these audits are only on the rise, as enterprise software companies seek to maximize revenue, by often taking baseless legal positions not grounded in the contract, or even surreptitiously trying to switch out the old contract for a newer, more favorable one without proper notice. We advise our clients to stand firmly against capitulating to such tactics, because by giving in rather than fighting back, companies only find themselves victimized again a few years down the road. Rather than buying peace by making a large software purchase, many of the most notorious of these predatory software publishers will only view the company as an easy target in a future audit and strike again. A recent lawsuit filed in Utah state court against Quest Software, Inc. (“Quest”), an enterprise software company that we have dealt with often and that is notorious for conducting predatory audits, illustrates the point. On September 18, 2023, HealthEquity, Inc. (“HealthEquity”), a business services company designated by the IRS as a health savings trustee for health savings accounts for individuals and businesses, filed a complaint against Quest seeking various declaratory relief and asserting a claim against Quest for breach of the implied covenant of good faith and fair dealing. In its lawsuit, HealthEquity tells the story of its recently acquired subsidiary, WageWorks which underwent a Quest audit in 2019. The Complaint alleges that WageWorks recognized that it did not have ideal controls in place to monitor usage of the Quest software. So rather than defend the audit aggressively, WageWorks made a large license purchase and in subsequent discussions with Quest asked for Quest’s advice as to what controls to put in place to ensure future compliance. The Complaint alleges that WageWorks and later HEI followed that advice and created a tracking system for Toad software access and “complied with those instructions to tightly control the number of employees who could access the Toad software products.” The Complaint goes on to allege that: “This level of control was accomplished with the use of assigned serial keys provided to WageWorks by Quest for each seat license it purchased. Despite doing as Quest instructed just a few years prior, HealthEquity was being told in 2023 that licenses were required for every employee who could potentially access any server or individual device on which the software products were installed, regardless of whether those individuals could, or did, actually access and utilize the Toad software itself. This was contradictory to the direction previously provided by Quest, and contrary to the governing contractual terms.” Comp. ¶ 9. Companies that have suffered through a Quest audit will recognize this argument immediately. Quest, and other companies such as Oracle when making its VMware argument, appear to be executing on strategies to attempt to charge companies a licensing fee even when the software is not being used. According to the Complaint: “HealthEquity soon discovered that Quest’s audit processes were intentionally designed to include numerous individuals in its audit numbers who should not have been included as requiring licenses under the terms of the parties’ agreements. Specifically, HealthEquity’s audit report included any users who could access the servers on which the software was installed, rather than the users who could actually access and utilize the software products themselves. This over-inclusion resulted in the grossly inflated numbers in Quest’s “Reconciliation Summary.”” Compl ¶35. Upon information and belief, Quest’s audit practices and interpretation of contract terms to its customers have been intentionally designed for the bad faith purpose of over-estimating the extent of the customer’s deployment and license requirements. This provides the basis for Quest to make an inflated demand for payment of over-deployment fees contrary to the terms of the parties’ agreements. Quest then leverages these inflated audit results to push its customers to purchase additional licenses and extend the terms of their licensing relationship with Quest for an additional period of years.” Compl. ¶36. HealthEquity then alleges that although the Quest software contains tools that can confirm that no usage occurred, Quest ignores these tools because it prefers to use the inflated amounts as leverage to obtain the highest settlement possible. In the case of Quest, this strategy is helped along by the fact that almost every year Quest changes the language of its standard licensing agreement, known as the Software Transaction Agreement (“STA”). These changes make the agreement more favorable to Quest and seek to take away rights from its licensees. In addition, Quest customers with older license agreements such as the one at issue in this lawsuit, govern the perpetual licenses purchased and contain clauses that say that no amendment to the agreement can occur without a writing signed by both parties. Nonetheless, and in contravention of its older agreements, Quest takes the position that by downloading updated versions of the software the customer is agreeing to the acceptance of the more recent STA, such as the 2018 STA promoted by Quest in this lawsuit. Compl. ¶39. This is problematic as later versions of the STA change key terms such as the choice of law and dispute resolution clauses. They also include language that allows Quest to charge the current list price for alleged over usage rather than the formerly negotiated price, and also includes penalties such as back maintenance & support and interest. Based on these and other contradictions in the various agreements, HealthEquity has sought declaratory relief. This is a good thing as it would be really helpful to have a court weigh in and hopefully put an end to some of these predatory tactics. In addition to the declaratory relief, HealthEquity has asserted a claim for breach of the implied covenant of good faith and fair dealing. In that regard, the Complaint has the following to say: “Quest violated this covenant by, among other things, providing instruction to HealthEquity as to how its license requirement would be calculated, how its compliance with license entitlement could be controlled, and the effects of installing Toad software products on a shared server in its environment. Quest then later asserted HealthEquity had violated its license agreements and was out of compliance with its license entitlement despite the fact that HealthEquity had closely followed Quest’s former guidance and tightly controlled access to the software products in its environment. Quest has harmed HealthEquity by intentionally, and with bad faith, using a so-called audit to wrongly accuse HealthEquity of software over-deployment in an attempt to coerce HealthEquity into paying significant sums of money to Quest to which Quest is not entitled. Quest’s bad faith and unfair dealing have forced HealthEquity to expend significant sums of money to defend against Quest’s illegitimate audit claims. Demonstrating its bad faith and unfair dealing, upon information and belief, Quest, as a matter of company policy and business strategy uses its audit group primarily to drive significant additional and undeserved revenue for Quest, not to ensure customer license compliance. Quest has executed this wrongful policy and strategy against HealthEquity. Quest did not comply with its obligation to act in good faith and to deal fairly with HealthEquity, and to act consistently with HealthEquity’s justified expectations arising from the parties’ agreements and prior dealings. Quest has failed to deal fairly and honestly with HealthEquity and has intentionally or purposefully destroyed and injured HealthEquity’s right to receive the fruits of its license purchases. For example, Quest’s actions, as alleged herein, have injured HealthEquity’s right to use its licenses within the terms of the parties’ agreements for the agreed upon purchase price.” Compl. ¶¶ 90-94. In our view, the fact that this case needed to be filed shows how badly some enterprise software companies have run amuck with their audit abuses and unfair trade practices, and hiding the ball concerning various contractual provisions in undisclosed and hidden agreements. They are literally turning the entire law of contract on its head. Once upon a time, two companies would sit down at arm’s length and negotiate a deal and then they would document the deal in a writing. During the negotiation process risk would be accessed and allocated through price and other contractual means. Everything was above board, and the parties were rational actors knowing what they were getting in their bargained for exchange. That is the entire theory on which contract law is based. Our entire commercial system rests on this foundation. However, recently some enterprise software companies are turning this entire regimen on its head. Apparently, Quest tries to replace legacy agreements by surreptitiously slipping in new agreements with maintenance & support updates. Updates that are often performed by low-level employees who have no idea that Quest or another software company is going to claim that the agreement accompanying the maintenance & support update is the new governing agreement. Agreements that never reach the legal department and that the lawyers working for the company don’t even know exist until it is presented in the audit as a basis for a multi-million-dollar non-compliance claim. There is no fair notice here. Switching out choice of law, venue, audit clauses at will without sitting down and even notifying true decision-makers at the company that if they update their software they are agreeing to an entire new contract is not the way that contract law is supposed to work. Courts should put a stop to it and not let these abuses continue. We hope that HealthEquity wins its case. Tactical Law will continue to monitor the progress of the lawsuit and provide updates periodically. The case is HealthEquity Inc. v. Quest Software Inc., Case Number 230906993 venued in the Salt Lake District, State of Utah. |
By Tactical Law Attorneys and From Time to Time Their Guests
|