Oracle is not the only software company accused of using predatory audit tactics to drive sales of its software products. In 2013 an IBM employee named Paul A. Cimino filed a whistleblower suit under the False Claims Act alleging that IBM used an audit of its customer the Internal Revenue Service ("IRS") to fabricate alleged areas of non-compliance. In 2018 the Complaint was unsealed, and IBM moved quickly to dismiss the Complaint. Unfortunately, the District Court bought IBM's argument that the Complaint did not adequately plead fraud in the inducement, and dismissed the lawsuit. Mr. Cimino appealed to the D.C. Circuit Court of Appeals and the appeal appears to now be fully briefed. I am rooting for Mr. Cimino and his lawyers and truly hope that this injustice can be rectified, if the facts as pleaded are true. Until software companies using predatory and unfair audit tactics to drive software sales are held to account in a court of law, the bad behavior will only get worse.
The facts alleged in the Complaint about IBM's conduct are appalling. According to the Complaint:
Each day we see cases where software companies vastly inflate audit findings in a transparent attempt to obtain leverage over their customers, and force a large software purchase. There are strategies that can be employed before and during the audit to mitigate the risk of such excessive findings. Unfortunately many companies are "penny wise and pound foolish" and don't seek professional help before or during the audit, but instead wait till the issuance of the final audit report. This is a mistake.
Enterprise software customers really need to be proactive in managing their licenses well before the audit notice arrives. And do not let software companies use the audit as a tool to force your company to give up older and perhaps more favorable licenses. In our experience, enterprise software companies sometimes use audits to try to push their customers to migrate from older, more favorable licenses to ones that are better for the licensor. Companies buy perpetual licenses for a reason and should be skeptical of software vendors using inflated audit findings to force a customer to give up valuable contractual rights.
If a software company tells you that they are going to conduct a friendly audit to right size your IT footprint and to optimize your licenses, this should be an immediate red flag. Enterprise software companies are not out to help you, but only to sell more software. Plaintiff here alleges that IBM tried this very trick with the IRS. The IRS also made the mistake of telling IBM too much about its future plans, including that the IRS planned to move off IBM. According to the Complaint, IBM then used this knowledge against the IRS to force it into a new and more expensive contract.
Sometimes software vendors will hire third parties to conduct the audit. And that is what apparently happened here, with IBM hiring Deloitte as the auditor. Oracle on the other hand usually likes to conduct its own audits, through its License Management Services ("LMS") Group.
Before the audit is commenced, the licensee should hammer out the scope of the audit and set some ground rules. Be proactive, take control and most importantly, stand strong. Software vendors do not like squeaky wheels, and prefer easy targets. The more you push back and the harder you make it for the software company, the less likely the software vendor will be to target you in the future.
The Cimino Complaint alleges that the initial audit results found very little in terms of non-compliance. Plaintiff then alleges that IBM "suppressed" these results and "began to look for ways to artificially inflate them". Remember this is an IBM employee who worked on the software deal with the IRS who is making these allegations. According to the Complaint:
We also have observed software companies employing similar tactics during audits. In fact, it is our opinion that this is why Oracle usually comes up with a huge shock number in its Final Audit Report. Oracle does not quantify the shock number in the Final Report but just identifies the number of licenses Oracle claims the customer is under licensed. Oracle leaves it to the licensee to "do the math". In our opinion, this is all part of the Oracle playbook to create leverage for the follow-up by the Oracle Sales Team, which works hand in hand with the Oracle auditors.
The Complaint alleges that in order to avoid paying these penalties, the IRS agreed to enter into a new five-year deal with IBM, at a total cost to the government of $265 million. As a taxpayer and citizen this should be offensive to everyone, if true.
Cimino asserts that the IRS agreed to a new deal with IBM in order to get out from under the audit penalties and the fraudulent audit findings. We see this all the time in our practice. Enterprise software customers will enter into new deals with the software vendor to get out from under the huge "shock and awe" compliance gap. How about an Oracle ULA, anyone? In fact, technical consultants in the industry see the same fact pattern so often that they write extensively about it. Not just private companies fall for this trap. Municipalities and other government agencies also are extremely vulnerable to such tactics.
But in dismissing Cimino's Complaint, the Judge did not find it credible that the IRS would enter into a new and more expensive contract with IBM just to get out from under the audit penalties. Unfortunately the district court judge doesn't understand how these software companies work their customers over during audits. The entire process is designed to strike fear and uncertainty in the hearts of the software customer, and to rush the company into a quick sale to resolve the audit. Also by entering into the new contract with IBM in exchange for having the audit penalties waived, IRS management could basically bury the alleged non-compliance from public view. The penalties would be waived and the IRS would simply be entering into a new enterprise agreement. In other words, nothing to see here and the responsible parties within the IRS would not need to explain to others higher up in the organization or in the federal government why they were allegedly non-compliant. Who in IRS management could predict that an honest employee within the IBM organization itself would be so troubled by the predatory audit practices that he would blow the whistle and file a False Claims Act lawsuit against his employer IBM?
According to the Court, Relator (Cimino) failed to plead causation and to show that the fraudulent audit findings was what induced the IRS to enter into the new contract. As a result, the Court dismissed the Complaint:
Well Judge, you may not believe it, but I do. I think that the Court is wrong here. The Complaint pleads that it was the fraudulent audit findings and the desire to get out from under the audit findings and related penalties that drove the IRS to enter into the new contract. The IRS believed that it was non-compliant in reliance on what IBM and Deloitte were telling them. This is pled clearly in the Complaint. The government in its brief agrees:
In my view, this extremely important whistleblower suit should never have been dismissed at the pleading stage. Cimino should be given the opportunity to take discovery and go forward with his case. Cimino's brief says it best here:
Victims do not always admit they have been defrauded. That rings so true. Give Mr. Cimino his day in court and the chance to prove up his case.
Whether you are a Fortune 500 company or a municipality or governmental entity, you can be a victim of predatory audit practices by aggressive software vendors. We help companies and governmental agencies to fight back against such tactics.
The case is Paul A. Cimino v. International Business Machines Corporation, case number 1:13-cv-00907, in the U.S. District Court for the District of Columbia. Tactical Law will continue to monitor the case. Check our blog for further developments.
By Pam Fulmer
Tactical Law has defended companies being audited by Quest Software, Inc. ("Quest") and has thus far resolved the audits without the necessity of filing litigation. However, we read with interest a recent lawsuit filed by a long time Quest customer alleging that Quest acted in bad faith and engaged in predatory audit tactics during the course of the audit.
Fairview Health Services ("Fairview"), a Minnesota non-profit academic health system hit Quest this week with a declaratory judgment action in federal district court in Minnesota. Sadly, the tale told by Fairview in the Complaint is a familiar one. At the end of 2019 Fairview notified Quest that it was terminating its annual maintenance and support. Almost immediately Quest issued a notice seeking to audit Fairview's use of Quest's Active Roles software. Only two months after Fairview gave notice that it was canceling maintenance and support, Quest produced a "Reconciliation Summary", which purported to find an over deployment of 69,064 licenses above the more than 38,000 license Fairview had purchased from Quest." Quest "claimed Fairview owed a total of $4,183,178.85 in license and "over-deployment fees".
Quest Accused of Bad Faith and Predatory Audit Tactics
Fairview makes some interesting observations on information and belief about Quest's motives, which Quest customers would do well to keep in mind when dealing with Quest. This is not the same company that licensees may have contracted with in the early 2000s, but instead the company has undergone multiple changes in ownership. According to the Complaint:
With almost every change in ownership the governing law of the Quest license agreement seemed to change. We have seen public filings with Quest agreements designating California, Washington and Texas as the governing law. Also, with every new iteration of the license agreement, the terms became more favorable for Quest and less favorable for the licensee. Rather than call these changes out specifically to the customer and request a modification to the contract, Quest appears to have embarked on a sneaky strategy of incorporating major changes in clickwrap agreements, which accompanied their software updates. A big question for the court will be whether these clickwrap agreements somehow superceded or amended the original license agreement, and constituted fair notice to the licensee of major changes to the agreement and a writing signed by duly authorized representatives of both parties. Quest will claim yes, and Fairview will fight that interpretation. Tactical Law has similarly pushed back against such assertions by Quest on behalf of Quest audit customers.
Fairview disputes Quest’s contentions about what constitutes the governing contract and how it can be modified. Fairview points out that the governing agreement is the one it purchased the subject perpetual licenses under, which contains a provision requiring any amendment to be in a writing signed by both parties. This will be a hotly contested issue in the ensuing litigation. Cases involving courts interpreting consent to arbitration agreements may prove instructive.
Fairview asserts that the provisions of the 2004 SLA define software as including "corrections, enhancements, and upgrades to the Software" made pursuant to the Maintenance & Other Services Clause.
Yet Quest has taken the position that when Fairview clicked on the clickwrap agreement accompanying the software updates that somehow changed the governing agreement. In other words, Quest appears to be claiming that it could make major changes to the governing agreement without reasonable notice and without providing the licensee with additional consideration. And Quest is contending that the clickwrap agreement is a writing signed by authorized representatives of both parties.
Allegations of Invasive Audit Tools
Fairview accuses Quest of deploying tools during the audit that impermissibly seek information about Fairview's IT system, which go beyond Fairview's use of the Quest software. According to the Complaint:
This should sound very familiar to Oracle customers who have been targeted with Oracle's prospective licensing assertions involving VMware and the "installed and/or running" language of the processor definition. According to Fairview, Quest's tools sought information about potential interactions with the software but declined to collect data that would show whether those accounts had actually used or interacted with the software. Although we have been informed by technical experts that Quest like Oracle could use tooling capable of detecting where the software has actually been used, Quest and Oracle appear to have no interest in doing so. The reason is apparent. Taking the position that they are entitled to licensing fees for all servers or accounts that might access the software results in the vastly inflated over-deployment numbers about which Fairview complains. These inflated findings are then used as "shock numbers" to create FUD ("fear, uncertainty and doubt") in the heart of the licensee, which can then be used to sell more software and perhaps used as leverage to keep the customer from canceling support. According to the Complaint:
We are of the same opinion about the motivations of software vendors who may use such invasive tools while ignoring data that shows non-use. And it is important that Quest customers realize these overreaches and protect themselves from them during the course of an audit. Licensees should resist turning over confidential information unless it relates to the use of that vendor's software, and the licensor has provided a satisfactory explanation of why they require the information to conduct the audit. Assertions that the vendor always asks for it are irrelevant and do not pass muster. Do not be afraid to probe and question the software company or their auditors as to the relevance of the requested information. And don't let the auditors provide their answers orally. Make them commit in writing, so you have a strong record in the event a dispute arises and you end up in court. A strong record will also help you with negotiating a favorable settlement directly with the licensor. Demand that the auditor specifically identify what provision in the contract entitles them to the requested information. And whatever you do, don't fall for Oracle or Quest relying on policy documents that are not part of the contract as justifications for the request.
The Audit Clause
The language of the 2004 SLA contains an audit clause, which provides that Quest may ask that Fairview verify no more frequently than annually its usage of the software by furnishing a document signed by the Licensee's authorized representative verifying software usage. In addition to demanding the verification, Quest has the right to review Fairview's deployment and use of the software for compliance. The entire clause is focused on current usage and not what may be used in the future. According to the Complaint:
During the course of the Fairview audit, Quest did not request the written verification but instead went right to using its tools to scope out Fairview's IT system. Tools that Fairview contends do not measure actual usage, but instead collect data on how many accounts could potentially access the software in the future. Use of such tools by software auditors should be red flags for the licensee. Ask the auditors exactly what information the tools are collecting and seek to pin the auditors down on what they are seeking and why they are entitled to the information. Misrepresentations about what information the auditor is collecting may be used against the licensor in the event a dispute arises. Again, insist that the auditors provide their answers in writing. Finally, we recommend retaining qualified outside counsel who have the technical experts in place to review the data output prior to sending to the auditors.
Fairview complains that Quest also seeks to take advantage of a phrase "managed by" the software, which is ambiguous and not defined in the contract. Fairview argues that to manage the software at least means that the account must interact with the software in some manner. Fairview should take the position that any ambiguity should be interpreted against Quest the drafter.
When going up against software companies such as Quest and Oracle, it is highly advisable to retain qualified outside counsel familiar with software audits to push back aggressively on any attempted overreaches. Licensees who believe that providing all the information requested by software companies will result in lower over-deployment numbers are in for a rude awakening. Be smart and do not be afraid to stand on your contractual rights.
The case is Fairview Health Services v. Quest Software Inc., Case Number 0:20-CV-01326, venued in the District of Minnesota. Tactical Law will continue to monitor the litigation. Please check back for periodic updates.
By Pam Fulmer
Oracle America, Inc. and Oracle International Corporation (collectively “Oracle”) recently sued health information technology solutions company, Perry Johnson & Associates, Inc. (“PJA”) for copyright infringement in the Northern District of California. Oracle contends that PJA has infringed Oracle’s copyrights on, among other things, its Enterprise Edition Database (“EED”) and Real Application Cluster (“RAC”) software. Specifically, Oracle alleges that PJA provided hosting services to third parties without a license from Oracle for Oracle Database. Oracle also contends that “PJA’s software architecture – including the number of sockets – exceeds the scope of any license that PJA may have". In addition to damages of over $3.2 million in unpaid licensing and support fees, Oracle is seeking injunctive relief, impounding of unlicensed copies of the software, an accounting, statutory damages, attorneys’ fees and interest. Oracle also seeks enhanced damages claiming that PJA’s infringement was willful.
The case involves a type of Oracle license known as an embedded software license. According to Oracle:
Interestingly enough, Oracle has not sued Arrendale Associates, Inc. (“Arrendale”) but pleads on information and belief that Arrendale has complied with its own license obligations to Oracle. Otherwise Arrendale might also be a target of Oracle’s lawsuit. According to the Complaint:
It appears that Oracle contacted PJA directly to attempt to ascertain how PJA was using the Arrendale software. It is unclear from the Complaint if these actions were taken pursuant to a formal Oracle audit of Arrendale or of Arrendale’s customer. Oracle may have asked Arrendale to audit its customer PJA or requested that Arrendale assign its audit rights to Oracle. Oracle embedded license agreements publicly available online do provide for audits of Oracle customers, and also contain provisions whereby Oracle may request assignment of its customers’ rights to audit the ultimate end-user. We just don’t know based on the facts as pled in the Complaint. But it is interesting that Oracle makes no mention of any audit. Could it be that with the Sunrise Firefighters Motion to Dismiss still pending, Oracle wants to ensure that no public filings raise any issues that could negatively impact the legal positions Oracle is asserting in that litigation with regard to how it audits it customers or end-users? The Complaint continues without providing details around any audit, almost as if PJA voluntarily provided information to Oracle:
Oracle has targeted PJA for the alleged unlicensed hosting. Tactical Law has noticed an uptick in the number of hosting issues that it is seeing Oracle raise in software audits of Oracle customers, and this trend is something we are watching.
Oracle may also be asserting some type of claim relating to PJA’s use of VMware. According to the Complaint:
If VMware is involved, PJA may want to aggressively pursue discovery from Oracle regarding Oracle’s stance on VMware in software audits, which often is a key factor leading to Oracle’s initial “shock and awe” number in its audit findings. It could also be relevant to any unclean hands defense against Oracle.
The case had initially been assigned to Magistrate Judge Sallie Kim, but on May 12, 2020 Oracle filed a pleading declining to have the case heard by a Magistrate Judge. The case was reassigned to Judge Chesney who has now recused herself from the case. Counsel for PJA recently made an appearance, and the case is in the process of being assigned to a new Article III Judge.
Tactical Law will continue to monitor the litigation and will report back with periodic updates. The case is Oracle America, Inc. et. al. vs. Perry Johnson & Associates Inc. (Northern District of California Case Number 3:20cv 2984).
By Anne-Marie Eileraas
Companies based outside California may be reluctant to accept California as the governing law for their contracts. While some companies base their view on first-hand experiences, others cite media reports and surveys placing California in the bottom ranks of states’ legal and regulatory environments. For example, in late 2019, the U.S. Chamber Institute for Legal Reform published results of its latest survey of how participating U.S. business executives view the states’ legal environments, specifically regarding litigation and liability. California, along with Illinois and several southeastern states, fell in the bottom 10 states.
Whatever one’s view of such surveys, what’s clear is that polls tend to home in on a narrow range of issues: the perceived fairness of consumer/class action litigation and “hometown” jury verdicts. They don’t shed much light on the typical economic issues that arise in business-to-business contracts. Is California substantive law unfavorable for companies who contract under it?
Part 1 of this blog post will touch on California legal issues relevant to business contracts; more specifically, technology agreements for services, XaaS/cloud agreements, and software licenses. (This article does not address agreements with individuals, such as for personal or consulting services, which are subject to very different considerations under California law.) Part 2, coming soon, will discuss California venue for business litigation.
Choice-of-law clauses under California law
If a contract properly specifies California governing law and venue, most likely a court will enforce it. There is a strong policy favoring enforcement of contractual choice-of-law provisions in California. Many California-based companies, such as Oracle, Cisco, VMWare, and Palo Alto Networks, routinely use California choice of law provisions in their contracts.
In California, the court (not a jury) decides issues of contract interpretation and the application of contract defenses, such as force majeure. That may be of comfort to contracting parties, since pretrial jury waivers are unlawful in California. California courts strive to give effect to the mutual intent of the parties at the time of contracting. However, if the language of a contract is ambiguous in light of all the circumstances, a court will consider extrinsic evidence relevant to prove a particular meaning.
Legal issues that may favor customers
Not surprisingly given courts’ latitude to interpret contracts, California contracts law has pros and cons for companies purchasing software or services, and the following issues under California law, on balance, could be helpful and protective of their interests.
• Good faith and “best efforts” in California contracts
Under California law, an implied covenant of good faith and fair dealing protects the express promises in a contract and prevents one party from exercising its discretion to deny the other party the benefits of the contract. Unlike in some states, the implied covenant is not absolute; California permits parties to contract out of it with express provisions, such as a right to terminate in a party’s sole discretion.
The implied good-faith covenant can be helpful to customers in scenarios where, as a practical matter, some terms cannot be finalized until a future time, when the contract is in effect. While an “agreement to agree” is not enforceable, an agreement to negotiate in good faith can be enforced and can permit a party to recover damages.
Also helpful to a customer of technology services, California courts interpret “efforts” clauses to require more of a party than just acting good faith. A provider contracting to use its “best efforts” to perform a service must use the diligence that a reasonable person would exercise under the circumstances. It’s not enough for a vendor to say “I tried…”
• Availability of damages and failure of exclusive remedies
A well-drafted liquidated damages clause can reduce uncertainty of remedies if the other party does not perform. Liquidated damages clauses are presumed valid in California, with the burden of proof on the party seeking to invalidate a clause to show that it was unreasonable under the circumstances existing at the time of the contract.
California law protects an aggrieved party’s right to get a fair remedy when the other party breaches a contract, despite language in the contract excluding or limiting recovery. California Commercial Code §2719 provides, “Where circumstances cause an exclusive or limited remedy to fail of its essential purpose, remedy may be had as provided in this code.” The commentary to §2719 notes “it is of the very essence of a sales contract that at least minimum adequate remedies be available. If the parties intend to conclude a contract for sale within this Article they must accept the legal consequence that there must be at least a fair quantum of remedy for breach of the obligations or duties outlined in the contract.”
Note the commercial code applies to sales of goods, which can include software under a case-by-case analysis of whether the essence of the transaction is for goods or services. The commercial code provides for specified remedies, but courts have also relied on it to invalidate exclusions of consequential damages. For instance, in RRX Indus. v. Lab-Con, Inc., 772 F.2d 543 (9th Cir. 1985), the court interpreting California law invalidated a consequential-damages waiver in a software agreement after the vendor’s “repair” remedy failed of its essential purpose.
• Force majeure clauses
California courts do not enforce force majeure clauses literally. California cases have equated force majeure clauses to the common-law doctrine of impossibility, and courts will read certain common-law elements of a force majeure defense into contract terms. Most notably, a force majeure event must be beyond the reasonable control of the party seeking to be excused; and the incident must truly impose extreme and unreasonable difficulty, rather than merely render performance harder or more costly (including consideration of the party’s reasonable efforts to mitigate). Courts will consider the context and determine whether a party’s obligations should be delayed or completely terminated, in whole or in part.
Additionally, force majeure clauses must be drafted with particularity to overcome the presumption that only events unforeseeable at the time of contract will be excused. Mere “boilerplate” clauses will not excuse a party from performing if the event claimed as a force majeure was reasonably foreseeable.
Parties have significant freedom to draft express contractual indemnity clauses under California law. Courts will enforce a properly drafted indemnity covering a party’s negligence, including negligent misrepresentations and non-disclosure of material facts. However, outside of the insurance context, if a party “seeks to be indemnified for its own active negligence, or regardless of the indemnitor's fault, the contractual language on the point ‘must be particularly clear and explicit and will be construed strictly against the indemnitee.’” Prince v. Pacific Gas & Electric Co., 45 Cal. 4th 1151 (Cal. 2009). It is against public policy for an agreement to indemnify a party from knowingly unlawful future acts. Cal. Civ. Code §2774.
California has adopted statutory rules for interpreting indemnity provisions that apply unless expressly overridden by the parties. Those rules require, among other things, that the indemnifying party must defend indemnified claims upon the request of an indemnified party. Cal. Civ. Code §2778.
With attentive drafting, customers can protect their interests under California law by including indemnity provisions tailored to manage the risks of the technology they are buying.
• No one-sided provisions for recovery of attorneys’ fees
California generally follows the “American rule” for attorneys’ fees, meaning that each party to a dispute must pay its own legal fees. However, California’s civil code overrides unilateral attorneys’ fees provisions in a contract. If a contract has a term awarding attorneys’ fees to only the seller in the event of a dispute, that provision will be interpreted to award attorneys’ fees to whichever party prevails in a claim for breach of contract. Cal. Civ. Code §1717. This can protect customers contracting under one-sided vendor forms.
Scenarios where California law may not be as customer-friendly
Companies should investigate how California law applies to their specific industries or to particular kinds of contracts. For instance, because California law in general is more protective of individuals (especially employees), customers should understand the implications for any business contracts involving individual services under California law. Companies should be especially cautious when retaining independent contractors or attempting to include non-solicitation and non-compete clauses in their agreements.
The content of this blog is intended to convey general information about legal issues that may be of interest to our readers. This information is not intended to, and does not, constitute legal advice, nor is it intended to create an attorney-client relationship. Tactical Law does not sponsor, endorse, verify, or warrant the accuracy of the information found at external sites or subsequent links.
By Pamela K. Fulmer
As discussed in our previous blogpost, in Rimini I Oracle sued Rimini Street (“Rimini”) in the District Court of Nevada asserting a number of claims including copyright infringement. The court found on summary judgment that the process to provide maintenance services that Rimini used prior to 2014 exceeded the scope of Rimini’s customers’ licenses. The case then went to trial and Rimini lost to Oracle, although the jury did not find that Rimini was a willful copyright infringer. The district court issued an injunction, which was largely affirmed by the Ninth Circuit. Here’s how Rimini described the Rimini I litigation in a recent legal filing.
Rimini sued Oracle in a separate lawsuit in the District of Nevada seeking a declaration from the court that the new Process 2.0 Rimini instituted to provide support & maintenance did not violate Oracle’s licenses. Recently Oracle has attempted to claim in the Rimini I case that Process 2.0 also constitutes copyright infringement and is seeking to hold Rimini in contempt by claiming that Process 2.0 also violates the injunction. Rimini has filed a motion to preclude Oracle from litigating issues involving Process 2.0 in the Rimini I litigation. Instead, Rimini claims that such issues are rightfully decided only in the Rimini II litigation and were not actually litigated in Rimini I. According to a recent Rimini filing:
On May 2, 2017 Rimini filed its Third Amended Complaint in the Rimini II litigation seeking declaratory relief of non-infringement, non-hacking and copyright misuse by Oracle and asserting additional claims against Oracle for intentional interference with contract and prospective economic advantage, violation of the Nevada Deceptive Practices Act and California Business & Professions Code Section 17200 and Lanham Act unfair competition. Presently both parties have brought motions for summary judgment or partial summary judgement, which are pending before the Court.
Existing Rimini customers or Oracle customers thinking of moving to Rimini will find some of the allegations of the Third Amended Complaint quite interesting. For example, Rimini contends that:
In addition to using its audit powers to allegedly harass Rimini customers, Rimini also claims that Oracle seeks to create FUD (fear, uncertainty and doubt) in Oracle customers and to disrupt those customer relationships with Rimini. According to the Third Amended Complaint:
Rimini claims that Oracle’s intentional interference with Rimini’s customers has actually disrupted those relationships, even causing some clients to terminate their maintenance & support agreements or at least decide not to expand their relationships with Rimini:
Oracle customers considering moving their maintenance & support to Rimini should consider strategies for mitigating the risk of support disruptions when negotiating any new maintenance & support agreement. If Rimini’s pleading is correct about Oracle’s tactics and we assume that it is, Oracle customers should also be prepared to receive nasty grams or other communications from Oracle, which seek to create fear, uncertainty and doubt in the heart of the Oracle customer.
For its part, Rimini disagrees with Oracle’s assertions, claiming that its customers have authorized Rimini to access the site and no Oracle authorization is needed. According to a recent Rimini filing:
If Oracle wins this argument, Oracle customers who use Rimini for support may face significant risk and could be forced to return to Oracle for support. That of course could be a nightmare scenario as clients returning to Oracle may encounter steep price increases for annual maintenance & support under Oracle’s existing policies.
Pamela K. Fulmer
Tactical Law will continue to monitor the litigation. Please check back for periodic updates.
By Pamela K. Fulmer
On April 8, 2020 Tuscany Suites, LLC (“Tuscany”) sued Oracle America, Inc. and its subsidiary Micros Fidelio Worldwide LLC (collectively “Oracle”), in San Francisco Superior Court alleging a single claim for breach of contract. Tuscany runs the Tuscany Hotel and Casino in Las Vegas, Nevada. The lawsuit alleges that Oracle made promises about the capabilities of its hardware and software including that it had a leading integrated management program for hospitality users such as Tuscany but that it failed to deliver on these promises. According to the Complaint:
This is yet another example of a dissatisfied customer suing Oracle for over promising and under delivering. Another unhappy customer, Barrett Business Services is also currently suing Oracle for breach of contract and related torts in San Francisco Superior Court. Oracle had demurred to Barrett’s initial complaint, arguing in part that the plaintiff had failed to plead what specific provisions of the contract Oracle had allegedly violated, and relying on its disclaimer of warranties and the contract’s integration clause to attack Barrett’s contract claim. We would not be surprised to see Oracle attack Tuscany’s complaint via demurrer on the same grounds. In the Barrett case, the Plaintiff filed an amended Complaint, which added claims for intentional misrepresentation and other detailed factual allegations, which made its pleading less susceptible to a successful demurrer. Perhaps Tuscany will do so here as well.
Tuscany alleges that:
Tuscany claims that Oracle’s various breaches have caused it damages of at least $3,000,000. Tuscany contends that Oracle’s breaches have resulted in chaos for Tuscany, which has lost substantial business and good will as a result of Oracle’s alleged failure to perform. According to the Complaint:
Tactical Law will continue to monitor the case and bring you any updates. The case is Tuscany Suites, LLC v. Oracle America, Inc., San Francisco Superior Court Case Number CGC-20-584091.
By Pamela K. Fulmer
Many Oracle customers are aware that Oracle makes huge profits off the maintenance & support fees that Oracle charges its customers each year. In fact, it is one of Oracle’s biggest profit centers. Many Oracle customers also complain that the support is not really worth the price, and they look for alternatives that may be more cost effective. One alternative is third party maintenance & support provider Rimini Street. For 10 years Oracle and Rimini Street have been battling it out in the courts, and the litigation is still ongoing. In fact, Rimini and Oracle continue to spar in the federal district court in Nevada in two separate actions, which are both hotly contested. Many Oracle customers have heard vaguely about the litigation and some think that the litigation is over. That is not the case.
In Oracle USA., Inc. v. Rimini Street, Inc., case no. 2:10-cv-0106-LRH-PAL ("Rimini I"), Oracle brought several claims against Rimini Street and its founder Seth Ravin for copyright infringement and other business torts based on (1) the process Rimini Street used to provide software maintenance and support services to customers who had licensed Oracle software, and (2) the manner in which Rimini Street accessed and preserved copies of Oracle's copyrighted software source code. Ultimately Oracle won that case and the court awarded Oracle damages and issued an injunction against Rimini, which was largely affirmed by the Ninth Circuit. Now Oracle and Rimini are back in the district court, litigating over whether Rimini has violated the injunction. Rimini denies that it has violated the injunction and contends instead that Oracle is attempting to actually broaden the injunction to include issues that were not actually litigated and resolved in the Rimini I case. For months the parties have been engaged in discovery and the court recently extended the schedule due to the impact of the Coronavirus. Currently the court has set May 27, 2020 as the due date for any motion by Oracle to show cause why Rimini Street should not be held in contempt for its alleged violation of the injunction.
Although Rimini Street denies that it is violating the injunction, here is what Rimini Street has to say in a recent public securities filing about the risk to its business that could potentially be caused should Oracle pursue the order to show cause:
“Oracle may file contempt proceedings against us at any time to attempt to enforce its interpretation of the injunction or if it has reason to believe we are not in compliance with express terms of the injunction. Such contempt proceeding or any judicial finding of contempt could result in a material adverse effect on our business and financial condition, the pendency of the injunction alone could dissuade clients from purchasing or continuing to purchase our services.” Rimini Street, Form 10K, March 16, 2020
In addition to the weapon of litigation, Oracle continues to attack Rimini Street and has devoted part of its website to convincing Oracle customers that Rimini Street cannot offer the level of maintenance & support and security that Oracle offers and that Rimini cannot be trusted. Other industry commentators have analyzed Oracle’s assertions concerning the alleged inadequacy of Rimini support and have come to a different conclusion.
Regardless, Oracle customers considering a move to Rimini Street may want to consider hiring experienced outside counsel to advise on potential risk mitigation strategies in the event that Rimini is held in contempt or found to have violated the injunction.
In an upcoming blog post we will focus on the Rimini II litigation, and Rimini’s assertions that Oracle has sought to disrupt its business relationship with its customers and has audited customers who have dropped Oracle maintenance & support and moved to Rimini Street.
ITAM survey uncovers more damning evidence of Oracle's predatory audit practices designed to drive Oracle cloud sales.
By Pamela K. Fulmer
The ITAM Review recently published the results of its December 2019 survey of Oracle customers, asking for their first-hand experiences and whether Oracle employed predatory software audit practices to coerce Oracle customers to buy Oracle cloud products. According to the ITAM Review “the information gathered validates the case against Oracle suggesting they used improper tactics to falsify the success of their cloud products”. ITAM asked its readers whether (1) they had ever experienced Oracle using software audits to coerce customers into buying cloud products; and (2) whether Oracle ever offer discounts on on-premises software products in exchange for a cloud purchase that the customer did not need or want. The answers given by Oracle audit customers are a resounding yes. Here are the key take-aways from the customer survey:
• Anecdotes collected from ITAM Review readers “provide damning evidence of Oracle artificially inflating their cloud sales through dodgy deals and spurious audit tactics”.
• Oracle routinely used software audits or the threat of audits to force Oracle customers to buy Oracle cloud.
• Oracle customers rarely if ever used the cloud products they were forced to purchase.
• Oracle used the threat of audits on ULA customers to attempt to force these customers to renew the ULA rather than certifying off.
• Customers believe Oracle Sales pushed cloud products because Oracle management financially incentivized them to do so.
• Many customers buying Oracle cloud to avoid or resolve an audit never used the product and cancelled after one year.
• ITAM concluded that “[i]nformation in our survey, from ITAM practitioners around the world, provides damning evidence to support Oracle artificially inflating cloud numbers to impress shareholders”.
Plaintiffs in the Sunrise Firefighters class action filed in the Northern District of California have until February 17, 2020 to file an amended Complaint. It will be interesting to see whether Plaintiffs include in their amended pleading more specific anecdotes from Oracle customers like the ones detailed in the ITAM Review.
Oracle customers who are under audit or under threat of audit should consider the following actions:
• Resist Oracle’s demands to have endless meetings and conference calls and instead keep everything in writing. You can better protect yourself from Oracle’s overreaches if you make Oracle commit to its positions in writing, and can use this record against them when negotiating your audit or other resolution.
• Capitulating to Oracle’s threats may get you out of your audit sooner but may hurt you in the long run as Oracle may consider you an easy target for future forced sales and more software audits.
• Limit the information provided to Oracle to only what is contractually necessary and no more than that. Providing voluminous information to Oracle that is not contractually required, will not get you out of the audit sooner but will only result in the demand for increased licensing fees from Oracle and a negative impact to your negotiating position.
• Keep your IT staff under tight control and prohibit them from socializing and sharing information about your IT environment with Oracle Sales. Less information is better and Oracle Sales will use these lunches and entertainment opportunities to extract information from your IT team, which will later be used against you.
• Review your Oracle contracts carefully and ensure you have assignment rights before acquiring other companies, and assess your risk of non-compliance if you do not. Oracle appears to monitor the business news relating to its customers and an acquisition often may trigger an audit.
• Share any audit notice or inquiries from Oracle immediately with your in-house legal department and keep your in-house lawyers in the audit loop. IT and procurement professionals should always involve their legal teams at the earliest opportunity.
• Whether you have in-house counsel or not, you should retain outside legal counsel experienced in Oracle’s software audits at the earliest opportunity to help guide your response strategy.
Tactical Law Group will continue to monitor the Sunrise Firefighters case. Please check back with this blog for periodic updates on that litigation.
New Lawsuit By Former Employee Alleges Oracle Defrauded Customers by Selling Software Solutions That Did Not Exist
Pamela K. Fulmer
In a new lawsuit filed in the Northern District of California, former Oracle employee Tayo Daramola alleges that he was retaliated against and later fired by Oracle when he refused to capitulate to Oracle management's demands to misrepresent the status of delivery and functionality of Oracle cloud products. Essentially Plaintiff contends that Oracle routinely sold customers cloud products that were not fully developed or functionality that did not exist, and that Oracle attempted to enlist Plaintiff in the scheme. Plaintiff asserts claims under various Whistleblower statutes, RICO, and under California law for wrongful termination and retaliation.
Daramola alleges that he was an Oracle America employee through subsidiaries NetSuite and Oracle Canada and was employed from November 2016 through October 2017. Followers of this blog know that Oracle has been accused by other former employees of sharp audit and sales tactics during this time period designed to falsely inflate sales of Oracle cloud products in order to artifically boost Oracle's stock prices. We also have reported on other lawsuits against Oracle, which allege that Oracle misrepresented the functionality of certain software solutions in order to close the sale.
Plaintiff alleges in this action that Oracle intentionally attempted to implement a "project management" strategy to buy Oracle more time to actually implement the promised software solution, all the while keeping the customer in the dark. According to the Complaint:
Plaintiff contends that when he would not go along with or engage in a cover-up of the fraud, he was retaliated against by his supervisors and ultimately let go. According to the Complaint, part of the cover-up was to actually accuse the Oracle customer of dropping the ball or not delivering on its "homework", in order to divert attention from Oracle's own failures and related misrepresentations.
Tactical Law will continue to monitor the case, so please check back here for future updates. The case is Daramola v. Oracle America, Inc., Case 3:19-cv-07910, Northern District of California. Please feel free to contact us to discuss your potential options if you have experienced similar problems or believe that Oracle has failed to deliver on its promises.
By Pamela K. Fulmer
After a two week trial on May 13, 2019, a federal jury in the District of Maryland rejected the arguments of Micro Focus (U.S.), Inc. (“Micro”) that its licensee Express Scripts, Inc. (“Express”), a pharmacy benefits manager, had purchased desktop and not concurrent licenses under a software license agreement. The software at issue—Rumba--provides users a Windows environment in which to access and use information from a broad range of host systems including IBM mainframes. The result was a complete and total defense victory for Micro’s enterprise software customer Express.
Although there was a time when Micro was a kinder, gentler software company, Express alleged that after Micro’s 2014 merger with Attachmate, it adopted that companies brass knuckle audit tactics to extract additional licensing fees from Micro customers.
Micro brought suit against Express in 2016 after Express refused to pay Micro $23 million for alleged software overdeployment, which Micro claimed it discovered during a 2015 software audit. For its part, Express claimed that it was in compliance with the terms of the contract and did not owe Micro additional licensing fees at the then standard list price, as Micro contended.
At trial the dispute centered around what exactly constituted the contract and what type of licenses had actually been purchased in 2010. Express contended that the only commercially reasonable interpretation was that the license at issue granted 10,000 concurrent user licenses of Rumba for Citrix. For its part, Micro claimed the license provided 10,000 workstation or desktop licenses instead, and was not user based. The parties also vehemently disagreed about what constituted the operative contract. Express argued that the Product Order and email extending the offer formed the operative contract, while Micro argued that the Product Order incorporated a click-wrap End User License Agreement (“EULA”) under its “Terms and Conditions” and that the EULA applied. Micro argued that Express once again ratified the EULA when its employees accepted the EULA click wrap agreement upon installation.
Both parties brought summary judgment motions prior to trial. In denying parts of those motions and sending the remaining claims to the jury, the court observed that “as the parties are painfully aware, the EULA and Product Order, read together, are ambiguous as to what specific kind of license Express sold to Micro. The Product Order is to purchase a license for “10,000 authorized users.” The EULA, however, nowhere defines the term “authorized user” and instead with respect to Rumba software, offers seven separate licensing options.” The court went on to find that “what the parties meant by “authorized user” is indeed ambiguous.”
According to the court, “[w]here a contract is ambiguous, a finder of fact may consider extrinsic evidence “which sheds light on the intentions of the parties at the time of the execution of the contract.” The court found that “[t]he cardinal rule of contract interpretation is to give effect to the parties’ intentions” and that extrinsic evidence may include the “negotiations of the parties, the circumstances surrounding execution of the contract, the parties’ own construction of the contract and the conduct of the parties .”
Although the focus is usually on what is the intent at the time of contracting, the court reasoned that “[b]ecause the respective parties’ course of performance is relevant to interpreting ambiguous contract terms, the Court will consider the 2013 and 2015 record evidence in determining whether summary judgment is appropriate.” Such evidence included (1) that Express’ own IT employees interpreted the contract in a manner which was consistent with a workstation license; (2) Express staff admitted internally to being over-deployed and sought strategies to “track how many people need licensing for these applications”; and (3) Express personnel also privately admitted in September of 2013 to be “technically out of compliance with our current licensing model of giving everyone or [sic] Level 1 Citrix access for Rumba.”. The court then went on to rule that “[b]ecause a rational trier of fact could rely on such evidence to find in Micro’s favor, the meaning of 10,000 authorized user licenses must be resolved at trial.”
The case offers a cautionary tale for Oracle licensees. If a court were to construe the “installed and/or running” language of the processor definition as somehow ambiguous (which we disagree with), evidence of the course of conduct of the parties could potentially be introduced at trial to show what the parties believed the language meant. It is important that Oracle licensees not do anything that buys into Oracle’s expansive and non-contractual definition of “installed”, even if to do so may seem at first beneficial (for example in certifying off Oracle’s Unlimited License Agreement (“ULA”).
Another important lesson. Don’t let your employees blindly accept Oracle’s extra contractual assertions by adopting these interpretations and memorializing them in writing in your internal discussions. At trial counsel for Express had to deal with multiple email communications where employees who were not involved in the negotiation or execution of the agreement were purporting to agree with the party line being pushed by Micro about the type of licenses that had been purchased in 2010. However, these employees lacked personal knowledge and were just plain wrong. Instead, they were listening to Micro’s assertions and parroting those assertions back to each other.
The court also declined to find on summary judgment that the contract was one of adhesion and rejected the licensee’s argument that if the contract was ambiguous, it should be interpreted against Micro, who drafted the contract. Instead the court found that Express was a large sophisticated business, (which outpaced Micro in size and sophistication), and had ample opportunity to negotiate the license agreement and make changes. Therefore on summary judgment it declined to apply the doctrine of contra proferentem (the basic principle of contract law that, in construing the language of a contract, ambiguities are resolved against the drafter of the instrument), since the court found that genuine issues of material fact remained, and the construction of the ambiguous terms was left to the jury. And of course the jury ended up construing the ambiguous terms against Micro and finding that the interpretation offered by Express was the most reasonable.
One final fun fact—Express was represented by Morgan Lewis who represented Oracle in the Mars v. Oracle litigation.
The case is Micro Focus (U.S.), Inc. v. Express Scripts, Inc., Civil Action No. PX-16-0971, United States District Court, District of Maryland.
Tactical Law Attorneys