By Pam Fulmer
Envisage Technologies, LLC (“Envisage”) has filed a counterclaim against Defendants Oracle America, Inc., and Oracle International Corporation (collectively, “Oracle”) requesting declaratory relief of no copyright infringement and asserting a second claim for unjust enrichment due to payments made to Amazon Web Services (“AWS”) under the RDS "License Included" model. Tactical Law has previously blogged on this case brought by Oracle, which Oracle contends involves hosting.
According to the counterclaim, Envisage’s legacy product was an on-premises version where Envisage customers hosted and maintained the Acadis software product on their own hardware. Under this model Envisage customers were responsible for acquiring their own licenses to the Oracle software. However, in 2019 Envisage opted to change this model in favor of cloud-based software hosted on Envisage’s own hardware. To support the cloud-based hosting of Acadis, Envisage turned to Amazon’s Relational Database Service (“Amazon RDS”) offered by AWS.
Envisage alleges that it chose to go with the RDS “License Included” model due to representations made by AWS that the model would work for its Acadis service offering. Envisage pleads that it “relied in good faith on representations made by AWS regarding the scope of the license to Oracle Database provided under AWS’s “License Included” service model for Amazon RDS for Oracle.” Envisage also asserts that in meetings in 2019 and 2020 with representatives of AWS, Envisage explained the technical details of its Acadis offering and further relied on AWS representations that it could cost effectively leverage the RDS “License Included” model for Envisage’s intended use of the software. Envisage also asserts that Oracle authorized AWS to act on Oracle's behalf under the “License Included” model, and presumably either did or should have approved the representations being made by AWS to its customers concerning the permissible uses of the Oracle software. Envisage seeks a declaration that it is not infringing Oracle’s copyrights and that it was authorized to use the Oracle software for hosting when it went with the RDS "License Included" model. Envisage also asserts a claim for unjust enrichment against Oracle, to the extent that Oracle has already been compensated by AWS for Envisage’s use of the software.
But here is the rub. The AWS Service Terms at Section 10.3.1 provide that the RDS "License Included" customer cannot “use the Oracle Software for rental, timesharing, subscription services, hosting, or outsourcing”. And it appears from the face of the counterclaim that this is exactly what Envisage has done.
What does this all mean for AWS and Oracle customers? It means that licensing Oracle through AWS is complicated and should be done very carefully. Both the technical and legal issues need to be thoroughly vetted before significant investments are made. Also, Oracle appears to be actively looking for AWS “License Included” customers who may be non-compliant with the AWS Terms of Service, and reaching out to them directly demanding payment. Clearly that is what Oracle has done in this lawsuit. Oracle also appears to be demanding information from AWS customers as if it had an audit clause to rely upon. But AWS "License Included" customers do not have a contract directly with Oracle, which is most likely why many of these customers are resisting Oracle’s demands for information. Instead, their contract is with AWS, and the AWS agreements do not have an audit clause. For its part, Oracle may be relying on the AWS Service Terms that provide “[n]otwithstanding anything to the contrary elsewhere in the Agreement, Oracle is an intended third-party beneficiary of the Agreement, but solely with respect to this Section 10.3.1 of these Service Terms.” However, it should be noted that AWS Service Term 10.4 relating to Microsoft software on AWS, specifically provides that “Microsoft is an intended third-party beneficiary of this Section 10.4, with the right to enforce its provisions.” Why the difference and can this be leveraged by AWS customers when Oracle comes knocking?
In short, Envisage has quite the mess on its hands. A high-profile lawsuit by Oracle seeking damages of at least $3 million and perhaps an expensive arbitration with AWS either pending or about to be filed. Meanwhile, Envisage’s entire business model may be up in the air and the legal fees doubtless keep racking up. All of this trauma and expense could have been and should have been avoided upfront with a little planning and investment by Envisage. Other AWS RDS customers should take note and be careful to avoid falling into the hosting trap. And for those AWS customers who believe that by using the RDS License Included model, they can avoid dealing with Oracle all together, these recent lawsuits by Oracle prove otherwise.
The case is Oracle America, Inc. et al v. Envisage Technologies, LLC., Case No. 3:21-cv-03540, Northern District of California. We will continue to monitor the case. Check back for updates.
By Pam Fulmer
Oracle America Inc. and Oracle International Corporation (collectively "Oracle") have filed a new lawsuit in the Northern District of California against their licensee NEC Corporation of America ("NECAM"). According to the Complaint, NECAM was a member of the Oracle Partner Network ("OPN") until Oracle terminated its licenses due to this dispute. Oracle seeks at least $7 million in damages, as well as any profits made by NECAM through its use of the Oracle software and distribution of the Oracle software to NECAM's customers. Oracle has asserted claims for breach of contract as well as copyright infringement and seeks treble damages as Oracle alleges that NECAM's copyright infringement was willful. Oracle also seeks an award of attorneys' fees and costs pursuant to the license agreement.
Oracle contends that NECAM has been a long standing partner of Oracle (15 years) and is therefore extremely familiar with the various contracts signed by Oracle partners, as well as with the approved distribution methods allowed depending on the type of license purchased. According to the Complaint:
"As a long-time OPN member and Oracle licensee, NECAM was (and is) intimately
familiar with the Oracle PartnerNetwork and the different distribution methods Oracle offers to its OPN members – ESL [Embedded Software License], ASFU [Application Specific Full Use License], and Full Use. In the past fifteen years, NECAM has distributed licenses to Oracle software using all three distribution methods – ESL, ASFU, and Full Use – under the agreements set forth above.
Essentially Oracle asserts, among other things, that NECAM was using the Oracle software and allowing its customers to interact with the software, in a way that was not authorized by the applicable license agreement and distribution method, and that NECAM failed to pay all the license and support fees due Oracle.
Oracle issued an audit notice to NECAM in December of 2019 pursuant to the audit clause and delivered its Final Audit Report in October 2020. According to the Complaint, Oracle asked "NECAM to resolve the compliance findings within 30 days" and advised NECAM that it "needed to procure (pay for) additional ASFU and Full Use licenses for its prior distributions." Oracle further advised NECAM that it had previously "failed to report (or had under-reported) certain distributions". Finally Oracle demanded that NECAM provide Oracle with additional information regarding its on-premise development environments to enable Oracle to determine the extent to which they exceeded NECAM’s rights."
Oracle alleges that NECAM failed to respond and pay the licensing and support fees that Oracle contends were owed within 30 days of notification of the amounts owing. As a result on January 19, 2021, Oracle sent a breach notice to NECAM. Oracle contends that NECAM did not cure the breach, and as a result on March 5, 2021 Oracle sent a termination letter, notifying NECAM that Oracle was, by its letter, "terminating NECAM’s membership in the Oracle PartnerNetwork, the 2018 MDA, and all related ASFU distribution addenda and ESL distribution addenda."
According to the Complaint:
"NECAM breached its contracts with Oracle by its acts and omissions, including failing to
pay license and support fees owed to Oracle under the contracts and failing to provide information to Oracle as required by the contracts’ audit provisions. For example, NECAM breached the 2013 MDA, the 2013 ASFU Addendum, the 2018 MDA, and the ASFU Addenda by failing to report and pay license fees (and support fees) owed under the ASFU Addenda for distributions of its Integra-ID 5 application with the Oracle Database and the Database Options and Packs that were not permitted by NECAM’s ESL Addenda. As another example, NECAM breached the 2013 MDA and the 2016 Full Use Addendum by failing to report and pay license fees (and support fees) owed under the Full Use Distribution Addendum for distributions of the Oracle Database (and other Oracle software) to the Ohio State Police that were not permitted by NECAM’s ASFU addendum. And, as another example, NECAM breached its duty under the OPN Agreement and the 2018 MDA to cooperate with Oracle’s audit and provide reasonable assistance and access to information, by failing to provide Oracle with additional information regarding its on-premise development environments to enable Oracle to determine the extent to which they exceeded NECAM’s rights, as Oracle repeatedly requested."
A few observations about this case and other recent audit cases brought by Oracle that readers of our blog may find interesting:
By Pam Fulmer
Readers of this blog will remember that I previously posted on the shocking case brought by whistleblower Paul Cimino against IBM arising out of a predatory software audit conducted by IBM of the Internal Revenue Service ("IRS"). Although Cimino worked for IBM he was apparently so horrified by IBM's complete fabrication of non-compliance findings in order to force the IRS into a new and more expensive ($265 million to be exact) license agreement that he blew the whistle and filed a claim under the federal False Claims Act ("FCA"). You can read our previous blog post here. The district court dismissed the key fraudulent inducement claim finding that it was not credible that the IRS would enter into a new and more expensive contract with IBM just to get out from under substantial audit penalties. The D.C. Circuit Court of Appeal disagreed and found that Mr. Cimino had plausibly alleged that "but for" the fraudulent audit, the IRS would never had entered into the new license agreement. The court remanded the case back to the trial court for further proceedings. This is a big win for Cimino and although decided under the FCA, can be instructive for all those companies out there who have suffered through predatory audits by major software publishers.
The Court explained the case as follows:
"This qui tam action began when Paul Cimino filed a complaint alleging that IBM violated the FCA. As a former senior sales representative for IBM, Cimino helped sell software to the IRS. Based on knowledge acquired on the job, Cimino alleged that IBM fraudulently induced the IRS to enter a $265 million license agreement for “unwanted, unneeded” software.
Faced with the possibility of losing significant revenue, IBM allegedly devised a scheme to pressure the IRS into another long-term deal. IBM planned to conduct a “friendly” audit, anticipating that the IRS was overusing the software and therefore would owe a significant amount in compliance penalties. IBM would then leverage the penalties by offering to waive them in exchange for a new agreement.
IBM retained Deloitte LLP to perform the audit. Contrary to IBM’s expectations, Deloitte’s initial audit showed the IRS was not significantly overusing the licenses and owed only $500,000 in compliance penalties—a relatively small amount for a contract of this size. IBM never released these audit results to the IRS. Instead, IBM worked with Deloitte to manipulate the results. For example, IBM counted licenses on discontinued servers as in constant use, even though they were never used. Deloitte first presented the number of overused licenses from this manipulated audit to Adam Kravitz at the IRS. Cimino alleged that “Kravitz rejected the audit findings because, in his words, ‘IBM cannot substantiate that the IRS is out of compliance.’” IBM then manipulated the audit again to show an outstanding $292 million in compliance penalties. IBM shared this number with the IRS, despite the fact that one IBM employee considered the number “ridiculous,” and another “was ‘not comfortable representing’ that number to the IRS.”
As we have warned before, avoid "friendly" software audits by software publishers as there is nothing friendly about them. If Oracle or IBM or whatever software company wants to conduct an audit, then they should issue a formal audit notice and do so. These "friendly" audits are often nothing more than fishing expeditions where the sales team hopes to turn non-compliance findings into a big payday and a big contract. Licensees should stand on their contractual rights and not fall into these traps.
Another interesting aspect of the case is how IBM allegedly was attempting to charge the IRS by claiming licensing fees for non-use of the IBM software. The court pointed to allegations that IBM claimed fees for discontinued servers for constant use even though they were never used. We see similar attempts by Oracle and others to charge customers a licensing fee on servers where no Oracle software is being used, such as in the case of Oracle's expansive VMware assertions, which involve non-contractual and non-binding policies. Customers under audit should carefully review license agreements and challenge during audit resolution negotiations policies that are not expressly incorporated into the contract. Careful attention should be paid to assertions that payment must be made for non-use by the customer of the auditing company's software, or for potential future use that has not yet occurred.
We were pleased to see that the appellate court reversed the lower court's dismissal and is allowing this whistleblower suit to proceed past the pleading stage. Only when predatory software vendors are held to account by the courts will such behavior end. Tactical Law will continue to monitor the case. Please check back here for periodic updates.
By Tactical Law Attorneys and From Time to Time Their Guests