|
By Pam Fulmer
Broadcom has announced that it is acquiring VMware for $61 billion. What will this mean for VMware customers? Tactical Law has no crystal ball, but we do know that VMware customers are increasingly being audited, and aggressive software audit tactics have recently been reported by companies under audit. Although VMware has always conducted software audits, they were known for a kinder and more gentle approach, then say Oracle or Micro Focus. Not so much anymore. Instead some business commentators have noted that Broadcom's CEO Hock Tan’s "previous pattern of buying up software companies like CA Technologies and Symantec will repeat itself with the VMware purchase, with a heavy-handed focus on producing profits favored by investors that could include cutting operating expenses and research dollars and raising prices on customers." One way that software publishers increase their profits is by conducting software audits. And that is what the market is seeing in the case of VMware, and the acquisition has not even closed yet. We predict that VMware customers will see more audits in the coming months. Now is the time to get prepared. The Covid pandemic hit suddenly and forced companies to quickly provide a technology solution so that employees could work remotely from home. Unfortunately the imperative to move fast meant that for many companies remote working technologies were deployed first, without determining whether such use was allowed by the relevant license agreement. Now those decisions are coming home to roost, as non-compliance is exposed by software audits. If you have received an audit notice or an adverse non-compliance finding while being audited by VMware, our software licensing dispute attorneys can help. Check back for further updates about VMware's new audit tactics.
0 Comments
By Dee Ware
If you are considering entering into an agreement for Oracle/NetSuite (“NetSuite”) Enterprise Resource Planning (“ERP”) software and/or professional services, it is important to check, download, store and read all web pages referenced in the Estimate, Ordering Document, Statement of Work, and any other document provided by NetSuite. NetSuite is likely betting that you will not read or negotiate any of the terms contained in this incorporated material. And, as discussed below, you will definitely want to! Even though often not in blue typeface or underlined, some of the web addresses referenced in the contract documents may be hyperlinks. We advise to click on all addresses. If it is indeed a hyperlink, make sure to save the external page that it links to as this material may not be readily available in the future. The same holds true for other referenced web addresses. This material is usually incorporated into the contract documents and thereby made part of the agreement with NetSuite. Also, you should verify that the date of the referenced material matches what is stated in your contract document(s). That is, if the draft agreement that your company has received from NetSuite says that it is governed by the Subscription Services Agreement v020121, but the link takes you to a Subscription Services Agreement ("SSA") with a different version date, you will want to either get a copy of the version with a matching date to review or ask NetSuite to correct the contract documents. We also cannot emphasize enough the importance of reading what is contained in the referenced material on the NetSuite website before you sign on the dotted line as the terms are likely one-sided. As of the date of writing this blog post, the NetSuite website states that “[i]f your order is placed on or after July 20, 2022 and references the Subscription Services Agreement available at https://www.oracle.com/corporate/contracts/cloud-services/netsuite/, then the June 1, 2022 version of the Subscription Services Agreement applies to that order.” That version of the SSA contains additional hyperlinks (all of which should also be downloaded and reviewed) and, as just a limited example, provides:
These terms and others may be important to your company’s decision-making process, as well as down the road should something go awry. By Pam Fulmer
Well respected San Francisco Plaintiffs’ firm Lieff Cabraser Heimann & Bertstein LLP (“Lieff Cabraser”) has hit Oracle America, Inc. with a massive class action lawsuit alleging several data privacy-based claims including Invasion of Privacy under the California Constitution, Intrusion Upon Seclusion under the common law, violation of Business & Professions Code Section 17200, violation of the California Invasion of Privacy Act and the Federal Wiretap Act, and Unjust Enrichment. Plaintiffs seek a declaratory judgment on behalf of the class that Oracle wrongfully accessed, collected, stored, disclosed, sold and otherwise improperly used private data. Plaintiffs also seek injunctive relief. Outing Oracle as one of the largest data brokers in the world, Plaintiffs paint a grim picture of how Oracle has used its software across the Internet to collect, track and identify consumers, without giving those consumers notice that the information is being collected and the ability to object. The lawsuit alleges that Oracle’s improper use of the most private data of American consumers will only get worse now that Oracle has acquired Cerner and will begin collecting health data as well. The 71-page Complaint alleges that “the regularly conducted business practices” of Oracle amount to a “deliberate and purposeful surveillance of the general population via their digital and online existence.” Claiming that Oracle is “one of the world’s largest data brokers” Plaintiffs allege that “[i]n the course of functioning as a worldwide data broker, Oracle has created a network that tracks in real-time and records indefinitely the personal information of hundreds of millions of people” and that “Oracle sells this detailed personal information to third parties, either directly, or through its “ID Graph” and other related products and services derived from this data.” Plaintiffs further claim that the proposed Classes “lack a direct relationship with Oracle and have no reasonable or practical basis upon which they could legally consent to Oracle’s surveillance.” Complaint ¶1. Plaintiffs assert that as a data broker Oracle “facilitates the buying and selling of digital data, including personal information, among private commercial and governmental entities” and “operates a data management platform called the BlueKai Data Management Platform, which includes two key features: the Oracle Data Marketplace and the Oracle ID Graph. The Oracle Data Marketplace is one of the world’s largest, if not the largest, commercial data exchange, with a broad impact upon the lives of most Americans and many millions of people worldwide.” Citing to Oracle’s own marketing claims, the Complaint recites that “[t]he Oracle ID Graph helps marketers connect identities across disparate marketing channels and devices to one customer. Powered by the Oracle Marketing Cloud and Oracle Data Cloud, the Oracle ID Graph seamlessly pulls together the many IDs across marketing channels and devices that comprise a given person, enabling marketers to tie their interactions to an actionable customer profile. This ID enables the marketer to orchestrate a relevant, personalized experience for each individual across marketing channels and device types.” Plaintiffs accuse Oracle’s business model of having “long roots in the surveillance of ordinary citizens” and claims that “surveillance is central to Oracle’s history and development, and to its current business and marketing plan.” Complaint ¶21. According to the Complaint: “Oracle collects many types of personal information from Internet users including concrete identifiers such as names, home and work addresses, e-mail addresses, and telephone numbers. Oracle also amasses data about peoples’ behavior, including the sites they visit online, their digital and offline purchases, where they shop, and how they pay for their purchases. Oracle gathers this personal information from a suite of its own Internet technologies, including cookies, tracking pixels, device identification, cross-device tracking, as well as from its acquisition of data from other parties. Oracle then processes, analyzes, and monetizes this data.” Complaint ¶27. Plaintiffs further allege that: “Oracle, its partners, and its customers work in parallel to compile personal data and associate that data with specific individuals, effectively creating “dossiers” on people across the world. Oracle accomplishes its dossier building through its multifarious business practices, including not only the functionality of the ID Graph that connects, unifies, and then associates data to a person into a “profile,” but also the functioning of the Oracle Data Marketplace. Oracle’s Data Marketplace is an online store owned and operated by Oracle where Oracle facilitates the buying and selling of data and data-derived services by Oracle and its so-called “premier partners” to private commercial and governmental entities. The Data Marketplace allows the confluence of mass amounts of personal data by which its participants, including Oracle, can continually track people’s activities and enrich people’s dossiers.” Oracle clients utilizing the technology include not only private businesses but “also political campaigns and government agencies seeking to surveil, investigate, or target particular individuals with propaganda” and Oracle markets directly to these public agencies and political parties”, referring to them as “Public Sector Customers.” Complaint at ¶69. According to the Complaint “political campaigns now have “needle-in-the-haystack capabilities” to “microtarget voters on all their devices” using personal information sold by data brokers.” The Complaint claims that during the 2016 election the Trump campaign, “built a 220 million–person database of voter information named “Project Alamo” using Datalogix, a data collection platform owned by Oracle.” Plaintiffs allege that Project Alamo facilitated the Trump campaign’s voter suppression initiatives including highly targeted political advertising to African Americans, white women, and young white liberals in 16 swing states, several of which were narrowly won by Trump” and that through “Project Alamo’s voter suppression efforts, it is estimated that 2 million black voters who voted in 2012 did not vote in 2016.” Complaint ¶70. The Complaint likewise alleges that “in the wake of Dobbs v. Jackson Women’s Health Organization, No. 19-1392, 142 S. Ct. 2228 (2022), the threat data brokers like Oracle pose to the privacy of individuals seeking information about abortions is significantly magnified” and that Oracle’s “trackers on the websites of nonprofits providing abortion resources and services, including Planned Parenthood… may have had their personal information tracked and compiled by Oracle, which Oracle may then make available to law enforcement officials.” Complaint ¶ 81. The Complaint also raises the alarm regarding Oracle’s “$28.3 billion acquisition of electronic health record company Cerner” finding the acquisition “[c]onsistent with Oracle’s plan of engaging in wide-ranging surveillance of the intimate health details of all Americans.” In that regard, “Oracle’s Larry Ellison has announced Oracle’s plan to build “a unified national health records database,” which it is effectuating through its software. According to Oracle’s Ellison, the company is “building a system where the health records [of] all American citizens[] . . . not only exist at the hospital level but also are in a unified national health records database,” apparently to be maintained and controlled by Oracle. Complaint ¶ 82. Finally, the Complaint alleges that: “Oracle sits atop a complex data collection and processing apparatus feeding its labyrinthine multinational data marketplace, making it impossible for ordinary persons to reasonably understand the true purpose and extent of Oracle’s data collection, compiling of digital dossiers, and other data exploitation practices, which are opaque, if not invisible, to ordinary data subjects. Given the complexity and disguised nature of Oracle’s collection and use of personal information, and the lack of any direct relationship between Oracle and the Plaintiffs and Class members, there is no reasonable basis for Plaintiffs and the Class members to know the extent to which Oracle is obtaining their data, tracking them, and selling their data or services derived from their data. Complaint ¶ 86. Our prediction is that Big Red is going to be busy fighting this one for a while. Tactical Law will continue to monitor the case, which is Michael Katz-Lacabe, Dr. Jennifer Golbeck and Dr. Johnny Ryan v. Oracle America, Inc., Northern District of California, Case Number 3:22-cv-04792. Check back for updates. By Pam Fulmer
We have been following a very interesting licensing dispute filed in the Eastern District of New York by Tibco Software Inc. (“TIBCO”) against OptumRx Administrative Services, LLC (“OptumRx”). According to TIBCO’s Second Amended Complaint (“SAC”) its “software facilitates the analysis of data and/or the transfer of data, particularly between software platforms that would otherwise not be able to communicate with one another”. TIBCO is no stranger to litigation arising out of software audits and has filed several lawsuits over the years against its customers for breach of license agreement and copyright infringement related to a software audit. TIBCO alleges that the agreement at the center of the licensing dispute is an Enterprise Agreement. TIBCO’s Enterprise Agreement is similar in certain respects to Oracle’s Unlimited License Agreement (“ULA”). Under each agreement a licensee may sign up for a certain fixed period of time and deploy as many copies as it wants of the licensed software within its IT environment. At the end of the fixed period, here three years, the licensee certifies the number of copies of the software it is using in its environment and that amount becomes its fixed perpetual license entitlement. The parties agreed to additional payment and other terms in the event that an “Extraordinary Corporate Event” occurred during the period of the Enterprise Agreement. An “Extraordinary Corporate Event” was defined as “a corporate transaction which results in Customer acquiring, being acquired by, merged, or otherwise combined with another entity or into another entity's legal or corporate structure (including an acquisition of all or substantially all of the assets of another entity) which, prior to the corporate transaction, was not part of the Customer or its legal or corporate structure.” According to the contract: “During the Enterprise Term, Customer’s right to deploy shall not extend to any Extraordinary Corporate Event unless the process in Section 3 of this Order is followed. For clarity, the process stated in Section 3 will only be applicable if Customer experiences an Extraordinary Corporate Event as defined below and if the new corporate entity (which is not part of the legacy Customer entity) wants to deploy Software pursuant to this Order Form.” (emphasis added) If an Extraordinary Corporate Event occurred during the term, then OptumRx would need to execute a new Order Form and under certain circumstances pay additional licensing fees to TIBCO based on the amount of annual revenues of the acquired companies, which would be deploying the software. “In the event Customer enters into an Extraordinary Corporate Event during the Enterprise Term, it can accommodate additional usage of the Software licensed under this Order Form by executing a subsequent Order Form with Licensor in accordance with pricing schedule stated below (a “Future Order”) provided: (i) the Future Order must represent a binding non-cancelable commitment on the part of Customer with no additional terms and conditions, (ii) Customer must deliver the signed Order Form for the Future Order (substantially in the form set forth herein) to Licensor on or before three (3) years from the Order Form Effective Date, (iii) the Software is still generally available as of the date of the Future Order, and (iv) Customer agrees to purchase the first year annual Silver level Maintenance relating to the Future Order. For the avoidance of doubt, no Future Order form and no reporting is required by Customer in the event Customer enters into an Extraordinary Corporate Event where the new corporate entity wants to license Software under this Order Form and the annual revenue of the new corporate entity (excluding the value of the legacy Customer entity) is less than one billion dollars (as stated in the new corporate entity’s most recent audited statement prior to the Extraordinary Corporate Event).” (emphasis added) TIBCO contends that during the unlimited deployment period, OptumRx acquired 3 companies whose annual revenues exceeded the $1 billion revenue threshold and were using the software and that therefore additional license fees were owed to TIBCO. Although TIBCO does not have concrete evidence that the newly acquired companies were actually using the software, the SAC alleges that “57. On July 20, 2020, pursuant to Section 1 of the Enterprise Agreement, OptumRx provided TIBCO its Deployment Report, which gave notice of the Number of Units of the Licensed Software it had deployed during the Enterprise Term. The numbers OptumRx reported were consistent with a doubling of OptumRx’s production capacity. 58. On information and belief, the large increase in OptumRx’s deployment of the Licensed Software to process additional data reflects OptumRx’s usage of the Licensed Software to process data associated with the Acquired Companies.” In short, TIBCO is alleging that since OptumRx’s production capacity had doubled, it must be using the software to process the data of the newly acquired companies, and therefore owes additional licensing fees to TIBCO for the usage. For its part, OptumRx argues that an Extraordinary Corporate Event only occurs when a new company is acquired with revenues that exceed the thresholds, and that company wants to deploy the TIBCO software. According to OptumRx, none of the acquired companies is deploying the software. Counsel for OptumRx argues this in a related letter brief: “There is no dispute that ORx [OptumRx] acquired three companies with annual revenues above the contractually-specified threshold during the contract term – called Genoa Healthcare, Avella Specialty Pharmacy and Diplomat Pharmacy (the “Acquired Entities”) – but ORx denies that any of those companies wanted to license TIBCO’s Software and further denies that such Software was ever deployed to those companies. Perhaps because it knows these denials are well-founded, TIBCO has advanced an alternative, insupportable interpretation of the Order Form, namely that TIBCO would be owed additional fees if ORx itself used TIBCO Software to process data “from” or “used by” the Acquired Entities, even if ORx never allowed those Entities access to the Software or deployed it to their servers. That rewriting of the language of the Order Form appears to be TIBCO’s primary theory of liability. . .” We are not able to review a copy of the license agreement as it has not been attached to the SAC, although it may be included in those letter briefs filed under seal. However, it appears that TIBCO may not have included any restriction making clear that the software could not be used for the benefit of another company, without paying an additional licensing fee. TIBCO is the master of its own license agreement. It chose to define an Extraordinary Corporate Event as the acquisition of a company that exceeded a certain threshold in revenues and where the acquired company wanted to deploy the software. Had it wanted to do so it could also have included a clause that additional licensing fees would need to be paid if OptumRx used its software to process data for the benefit of these newly acquired companies. However, it does not appear to have done so. TIBCO should be stuck with the contract that it drafted. Readers of our blog may remember that Mars accused Oracle of overreaching in the Mars v. Oracle lawsuit when Oracle tried to take the position during the audit that users who accessed output data manipulated by Agile, should be counted as users requiring a license. Mars pushed back hard on this assertion pointing out the ridiculousness of the Oracle argument that “an employee who lacks an Agile user account, who is not trained on Agile, who never logs into Agile, and who never even touches a machine that uses the software fictitiously becomes a “user of the program” by reading data exported from Agile.” TIBCO is making a similar argument here, by essentially claiming that the companies acquired by OptumRx deploy and use the software even though TIBCO has no evidence that they directly accessed the software or that it was deployed on their servers. In short, enterprise software companies continue to seek to expand the definition of what it means to use their software. We see this all of the time with Oracle’s prospective licensing argument involving VMware and its assertion that Oracle is owed a licensing fee for every server where the Oracle software may be used in the future even if the software is not currently installed and/or running. We predict that enterprise software customers will continue to see software publishers trying to take an expansive view of what it means to use or deploy enterprise software. So be on the lookout for these types of issues, and take steps to protect yourself in the event of an audit. The case is TIBCO Software Inc. V. OptumRx Administrative Services, LLC, Case No. 1:21cv5723, (E.D.N.Y.). Check back periodically for updates. By Pam Fulmer
Oracle licensees are advised to zealously guard their contractual rights and avoid ceding ground to Oracle based on overreaching software audit demands. Oracle is a master at playing the long game and has been known to use its audit findings as leverage to extract contractual concessions from its licensees, which Oracle can later exploit in subsequent audits. For example, we know that Oracle has for years taken a very expansive view of the “installed and/or running” language of the processor definition in its Oracle license agreements. As a reminder, Oracle uses this language to claim that it entitled to a licensing fee for all processors where the Oracle binaries could be installed in the future, even though they are not presently installed. This is Oracle's "available for use" argument. Oracle cites to its Partitioning and other policies to support this argument, which policies are not expressly incorporated into the fully integrated Oracle license agreement, and thus are barred by the integration clause. We also know that Oracle routinely asserts this argument in audits where its customers use VMware virtualization software. And we also know that Oracle has never sued any of its customers to seek to enforce such an extra-contractual interpretation. In fact, the only case that squarely raised this issue was Mars. v. Oracle, which was a case brought by global confectioner Mars seeking declaratory relief from the San Francisco Superior Court that Oracle’s legal argument around VMware and the “installed and/or running” language of the processor definition was not supported by the contract. And we know that Oracle resolved the case very quickly, perhaps to avoid the necessity of publicly going on the record with this argument in an opposition to the preliminary injunction motion brought by Mars. Still some customers will pay Oracle these prospective licensing fees or capitulate to Oracle’s other demands such as providing diagrams of their IT environment solely to get out from under the audit. But such concessions could have major repercussions down the road and may later be used by Oracle against the unsuspecting customer in a future audit. For example, Oracle has been known to reduce its monetary demands provided the customer sign a document that includes what has been called by some a “Declaration of Non-Migration”. The purpose of this Declaration appears to be to make Oracle’s expansive definition of the “installed/and or running” language of the processor definition contractual. Usually, this type of demand is coupled with a request that the Oracle licensee provide a diagram of its virtual environment showing the architecture of such environment. Oracle has included language in the Declaration of Non-Migration that should the customer change the configuration of its environment, it must go back to Oracle and obtain the required licenses. How could Oracle use this language against you the Oracle customer? Well first of all Oracle could claim that the Declaration and the fact that the Oracle customer signed it shows that the licensee agrees with Oracle’s expansive interpretation of the “installed and/or running” definition. Otherwise, why would the Oracle customer sign such a document and agree to go back to Oracle for licenses if it changes its environment? And why would any Oracle customer in its right mind agree to go back and give Oracle a heads up when it changes its environment? Such a notification could lead Oracle to issue a new audit notice and open an entire new can of worms. In essence, Oracle could argue that the customer amended the contract by executing the Declaration and providing the diagram. Oracle could also argue that the Declaration shows a course of performance or dealing, where the Oracle licensee and Oracle recognized that no changes could be made to the environment, unless the customer purchases additional licenses from Oracle. So, Oracle gives the customer a break in one audit, in order to extract a concession (execution of the Declaration of Non-Migrations and production of the diagram) that Oracle uses in a future audit against the customer. Oracle licensees who provide such diagrams and agree to similar language in order to close out the audit, may give Oracle powerful weapons to use against the Oracle customer in future audits. In addition, the concession could lead to expensive and spiraling costs should the Oracle customer wish to expand its virtual environment in the future. In our view, such attempts by Oracle to use audits to extract contractual concessions should be vigorously opposed by Oracle customers during the audit. We can help with that. And if the customer has already signed the Declaration, we have assisted Oracle licensees to develop strategies to push back on these limitations. Importantly we have warned our readers that Oracle is conducting soft audits of its customers use of Java, and Oracle is applying its expansive and non-contractual processor definition to try to ring the bell on a big non-compliance gap for Java. Such soft audits and non-contractual claims involving Java should also be resisted for all the reasons we discuss above and in our previous blog post. Oracle audits are complex and confusing. Tactical Law attorneys assist clients under audit, or who are about to be audited, understand their contractual rights and manage the risk inherent in an Oracle enterprise software audit. By Pam Fulmer and Sara Schlesinger*
This blog post is a continuation of our series on fraud and breach of contract claims that have been brought against Oracle or NetSuite for failed Enterprise Resource Planning (ERP) installations and various defenses Oracle/NetSuite have used to attempt to defeat these claims. Previous blog posts focused on the importance of pleading fraud with particularity, the difference between fraud and non-actionable puffery, and considering the economic loss rule when pleading fraud alongside breach of contract. Another important consideration when pleading fraud related to a failed ERP installation is the general rule that predictions and opinions about future events are not actionable as fraud. ERP providers may use this rule to argue for the dismissal of fraud claims which are based on statements that the provider “could” or “would” deliver a functional product, a product that meets the client’s business needs, or a product by a certain date. Cognizant Worldwide Ltd. v. Barrett Business Services is instructive as an example of the right way to plead fraud based on allegations of broken promises relating to a failed Oracle ERP agreement. Barrett Business Services (“BBSI”) is a professional employer organization (“PEO”) that helps small and medium-sized companies manage human resource functions, provide employee benefits, process payroll, and more. When BBSI sought to update their human resources and payroll system, they at varying times entered into contracts related to the implementation of Oracle’s HCM cloud product with Oracle, and Oracle’s partners KBACE and Cognizant (KBACE’s parent company). BBSI alleged that it only entered into the implementation contracts based upon assurances by KBACE and Oracle that the cloud product would meet and be configured to BBSI’s specific business requirements. BBSI further asserted that Oracle held KBACE out as a company certified and experienced in implementing Oracle’s HCM cloud product, during pre-contract negotiations, including for businesses such as BBSI. Oracle’s touting of KBACE’s capabilities was a major reason why BBSI entered into the contract with KBACE. After entering into the relevant agreements for the Oracle HCM cloud implementation project, BBSI learned that the cloud product was ill suited to its business needs. KBACE subsequently delivered a revised implementation proposal to BBSI with a price tag of over $30 million. Our readers should be aware that these type of cost overruns and requests for expensive change orders are common areas giving rise to disputes that often lead to litigation in the ERP contract context. BBSI then informed Oracle and KBACE that it was rescinding the relevant contracts and ceasing further payments. When Cognizant sued BBSI for nonpayment, BBSI counterclaimed for negligent misrepresentation, innocent misrepresentation, intentional misrepresentation, and other tort and breach of contract claims. Cognizant moved to dismiss the misrepresentation claims, arguing that any alleged misrepresentations were nonactionable statements about future events as they pertained to whether the HCM cloud “would” or “could” meet certain expectations, such as implementation within a certain timeframe and price range. However, the court denied the motion to dismiss the claims finding that BBSI sufficiently alleged that Cognizant and KBACE misrepresented past or existing facts. Namely, the court agreed that BBSI had adequately alleged that Cognizant and KBACE overstated their experience with implementing cloud products and especially implementing cloud products for a company like BBSI. However, the court noted that some of the other alleged misrepresentations might be nonactionable opinions about Cognizant’s future performance. Cognizant v. Barrett demonstrates the importance of pleading past and existing material facts alongside promises of future performance when asserting fraud and misrepresentation claims. It also demonstrates the importance of pinning ERP providers down in pre-contract negotiations concerning exactly what they are promising that they can deliver, and what specific experience they have to deliver on that promise. Aggrieved ERP customers who claim fraud after being misled about an installers future performance would benefit from including misrepresentations that the installer made regarding their relevant past or current experience, if such facts exist. As a final note, it is also true that a statement about a future act that is made with the knowledge or intention that the act won’t occur, is a statement of material fact that is sufficient to support a fraud claim (as highlighted in Chase Manhattan v. Perla) against an ERP provider or implementation partner. As such, even if past or present facts were not represented during discussions that preceded contracting, a company can still have an actionable claim based on misrepresentations about performance if the ERP provider either knew they would not perform or did not intend to perform when they made the promise. However, uncovering such evidence prior to fact discovery, may be difficult, and may need to be raised down the road through an amendment to the licensee’s complaint or counterclaim. Tactical Law attorneys assist our clients in the negotiation and documentation of ERP and related agreements. If you are embroiled in an ERP related dispute involving Oracle or other ERP software publishers or ERP implementation companies we can help. * Sara Schlesinger is a rising 2L law student at Northwestern University School of Law and is a 2022 summer law clerk for Tactical Law Group LLP. By Pam Fulmer
In February 2020, Elkay Plastics Company, Inc. (“Elkay”) sued Oracle and NetSuite in San Francisco Superior Court in a lawsuit arising out of a failied ERP cloud contract. Elkay asserted a myriad of claims against Oracle/Netsuite, including fraud in the inducement, fraudulent and negligent misrepresentation, unfair competition under California Business & Professions Code Section 17200, breach of contract, breach of the implied covenant of good faith and fair dealing, breach of express warranty and unjust enrichment. Importantly, Elkay financed the ERP system through a financing contract with Oracle’s financing arm, Oracle Credit Corporation (“OCC”). What did Elkay Allege? In its Complaint, Elkay alleged that Oracle/NetSuite promised that they could implement a working ERP system to replace Elkay’s legacy system within 10 months at a cost of $2.027 million. Elkay alleged that rather than implement the ERP system within the cost and timeframe promised, Oracle began recommending additional customizations and functionality to the tune of almost an additional $1 million. At the time of filing the Complaint, Elkay alleged that it had paid Oracle $1.282 million, and still owed Oracle an additional $1.645 million for a product that “does not perform to industry standards, does not address Elkay’s core business processes, and does not meet the specific pre and post agreement representations of NetSuite and Oracle regarding performance and functionality.” When Oracle failed to address and fix the problems, Elkay discontinued payments. Risks of Financing Through Oracle Credit Corporation We have previously reported that Oracle likes to have OCC assign these financing contracts to third party banks or financing companies shortly after the ERP cloud subscription agreement is executed. Although Oracle has over promised and under delivered, under California law these third-party banks have made arguments that they accepted the assignment from OCC as an innocent holder in due course, and no matter that the software doesn’t work, “come hell or high water” the Oracle customer must pay up. In this particular action, OCC assigned the agreement to SG Equipment Finance USA Group (“SGEF”), in accordance with Oracle's OCC playbook. SGEF made a payment demand and when Elkay declined to make payment due to the defects in the software, SGEF notified the company that it was in default and could no longer use the cloud services. However, in a deviation from its normal playbook, Oracle and OCC then accepted the assignment back and notified Elkay that notwithstanding the defaults, they would grant Elkay 10 days to cure the defaults and make payment and that they would reinstate the OCC contracts and the rights to use the Cloud Services in the meantime. Oracle Goes on Offensive with Cross-Complaint Because Elkay declined to pay, Oracle and OCC filed a cross-complaint in the action alleging that Elkay was in default of the financing agreement and owed additional monies and the full contract price as well as other damages. In its cross-complaint, Oracle also took the position that Elkay’s assertions that the processing time for sales transactions did not meet its requirements, was a bogus excuse for non-payment, which had never been raised in pre-contract discussions and was only a recently trumped up excuse to get out of the contract. Instead, Oracle contended that it had substantially delivered what was required of it under the Statement of Work, and therefore was not in breach of the subscription agreement. The litigation then proceeded to move forward at a snail’s pace with a dizzying number of pro hac vice applications filed by counsel for Elkay. The parties agreed to mediate the dispute and to engage in limited pre-mediation discovery. After squabbling back and forth for a while, the parties apparently engaged in a mediation, which must have resolved the case, as the parties agreed to dismiss the entire action. Lessons Learned The case is instructive to the extent that Oracle/NetSuite filed a cross-claim against its customer for breach of contract, unjust enrichment, quantum meruit, account stated and declaratory relief and seeking to enforce the financing agreement with OCC. Oracle also sought recovery of its attorneys’ fees under the OCC agreement for enforcement of that contract. The Elkay case is also different from other Oracle related ERP litigation, since Oracle took the financing agreement back from the financing company that accepted the assignment. We can’t say with certainty why Oracle did so, but we do know that the optics of these OCC assignments are terrible and have been viewed unfavorably by at least one federal court. It also provided Oracle with the opportunity to control the litigation and mount an effective defense through the weapon of the affirmative lawsuit against the Oracle customer. ERP customers have been countersued by ERP software publishers such as Oracle, as well as ERP implementation partners, and should recognize that in certain circumstances this is a risk. These countersuits often allege that the management of the ERP customer made mistakes and did not effectively manage the project or didn’t understand their own business, or that management’s requirements changed over time and were out of scope of the agreement. The fact that an ERP customer such as Elkay could pay millions of dollars for an ERP system that apparently failed to meet the basic requirements of the business, and then get hit with such an aggressive cross-claim should be a warning to all companies contemplating entering into similar ERP agreements with Oracle/NetSuite or other ERP providers. The negotiation of the language of the ERP related agreements and the specifics of ERP implementation requirements must be a key focus of the ERP customer. Companies acquiring ERP systems need to carefully think through their requirements for the project and have a strong internal team to help manage the process. And companies contracting with Oracle/NetSuite may want to think through the potential implications of obtaining financing through OCC, and how that could create unanticipated risks down the road. Oracle Accused by Former Employee of Selling ERP Systems to Oracle/NetSuite ERP Customers That Did Not Exist Oracle/NetSuite related ERP litigation cases are also interesting when viewed through the prism of the Daramola v. Oracle America case. Daramola was an Oracle Canada employee who lived and worked in Montreal, Canada and served as an Oracle project manager for Oracle's Campus Bookstore customers. In his Complaint, he detailed an alleged Oracle business practice of intentionally misrepresenting to Oracle’s University customers that the company had a fully developed, integrated system for an online campus bookstore that could be customized and would be ready to "go live" quickly. However, according to the Complaint, no such integrated system existed, and Oracle instead would extract payments from university customers, then stall while continuing to receive payment without delivering a working ERP product. The facts pleaded in the 2022 amended complaint further highlight an alleged pattern and practice under which Oracle promised to customize a non-existent but purportedly integrated cloud system for university clients then used escalation teams to hold off customers who were making subscription payments for the product and receiving nothing in return. According to the Complaint, Project managers, like Daramola, and "escalation teams" were directed to further mislead customers about the lack of development for the system the customer had supposedly acquired, by for example, blaming delivery delays on the customers "unforeseen customization requests," extracting change orders for such "customizations," then requiring customers to pay more while buying Oracle more time to deliver a functioning ERP product. Eventually after three pleading attempts, the Darmola case was dismissed because the Northern District of California essentially found that the claims did not relate to California and could not be asserted by litigants living outside the U.S. against a California company that was separate from its Canadian sister company. The court reasoned that Plaintiff worked for a Canadian subsidiary of Oracle in Canada, and had not established legal theories to support a claim against Oracle America, Inc. directly here in California. Darmola recently appealed the case to the Ninth Circuit. We will be watching to see what happens. It seems a shame as it has been our experience that the mother Oracle ship in Redwood City appears to be running the show even outside of the United States. However, if the allegations in Daramola are true, we would suspect that these types of predatory practices are not simply limited to university related ERP customers of Oracle/NetSuite. And having reviewed complaints filed in the Elkay, Barrett Business Services, Morse Communications, WG America Company and other lawsuits against Oracle/NetSuite we certainly see striking similarities and patterns. According to these lawsuits, Oracle/NetSuite represents that they have a fully integrated and developed solution for the particular customer in the particular industry and they will only need to tweak the software and can go live quickly. But the reality appears much different. Instead of getting the solution that was promised, ERP customers get hit with multiple change orders, demands for additional customization and escalating costs and increased delays. In short, not what they thought they had bargained for. Tactical Law attorneys assist our clients in the negotiation and documentation of ERP and related agreements. If you are embroiled in an ERP related dispute involving Oracle or other ERP software publishers or ERP implementation companies we can help. By Pam Fulmer and Sara Schlesinger*
This blog post is a continuation of our series on litigating fraud and breach of contract claims related to failed Enterprise Resource Planning (ERP) software installations against Oracle and its subsidiary NetSuite. ERP software is a business planning and management tool and is provided by companies (or subsidiaries of companies) including NetSuite, Oracle, SAP and other software publishers. In a previous blog post, we discussed how Oracle has sought to defeat fraud claims related to failed ERP installations by arguing that any alleged misrepresentations by Oracle were non-actionable puffery. This blog post delves into the economic loss rule that Oracle similarly uses to attack fraud claims and suggests some best practices to ensure fraud claims stick. As discussed in previous blogs, customers of NetSuite have sued the company alleging that NetSuite overpromises to ERP customers in pre-contract negotiations and fails to deliver a functional ERP product. Customers seeking relief from such unfair business practices may want to consider bringing fraud claims, in addition to breach of contract claims against NetSuite if the facts support it. There are many reasons why asserting a fraud claim can be advantageous. Fraud claims can support punitive damages awards, unlike contract claims. The threat of punitive damages can be a powerful incentive for encouraging a settlement and speedier resolution for aggrieved customers. Further, the customer’s contract may specifically limit, disclaim, or foreclose (1) liability for breaching certain representations or warranties; or (2) certain damages which may be available under a fraud claim. Fraud claims may be more likely to succeed than breach of contract claims due to these limitations or simply due to the applicable law. Moreover, fraud claims can allow a plaintiff to seek recission and unwinding of the contract in question. When asserting fraud claims, smart pleading is important to ensure that the opposing party cannot defeat the claim on a motion to dismiss or demurrer. Defendants like NetSuite have used the economic-loss rule, among other strategies, to ask courts to strike down fraud claims brought with breach of contract claims (for an example, see Grouse Rivers Motion to Dismiss, Docket Entry 25). What is the economic-loss rule and why is it important to plead around? The economic-loss rule bars fraud claims if the plaintiff’s claims for relief only assert economic losses related to broken contractual promises. As seen in the 2004 Supreme Court case Robinson Helicopter Co. v. Dana Corp., this doctrine polices the line between tort and breach of contract claims by preventing fraud claims that are redressable under contract law unless the purchaser suffered “harm above and beyond a broken contractual promise.” However, a party that entered a contract due to fraudulent inducement can recover in both contract and tort law. The Supreme Court noted this exception to the economic loss rule in Robinson Helicopter Co., amongst other exceptions. Each exception discussed arises from either (1) a duty completely independent of the contract; or (2) conduct that is “both intentional and intended to cause harm.” Now for the non-lawyers, what is fraudulent inducement? In a nutshell, fraudulent inducement is when a party intentionally lies to another party to encourage them to enter a contract, and the deceived party decides to enter the contract based on the false representations. Grouse River Outfitters Ltd. v. NetSuite, Inc. illustrates the fraudulent inducement exception in the context of ERP agreements with NetSuite. Grouse River, an outdoor sporting supply company, contracted with NetSuite to license ERP software to help run its business. Grouse River later asserted (1) fraudulent misrepresentation, (2) negligent misrepresentation, and (3) fraud in the inducement claims—among other claims including breach of contract—against NetSuite in the Northern District of California, where most lawsuits brought involving Oracle or NetSuite are litigated (to read the claims, see Grouse Rivers First Amended Complaint, Docket Entry 9). NetSuite moved to dismiss the negligent misrepresentation claim, arguing that the claim should be barred because Grouse River had only asserted economic losses. The court dismissed the fraud claims on another basis but concluded that the economic loss rule did not preclude Grouse River’s negligent misrepresentation claim, noting that each of Grouse River’s three fraud claims “allege that NetSuite’s misrepresentations induced [Grouse River] to enter the subject contracts.” The court cited portions of Grouse River’s First Amended Complaint which asserted (i) that NetSuite induced and intended for Grouse River to rely on representations that NetSuite knew or should have known were false; and (ii) that Grouse River was entitled to recission of the contract and damages “as a direct and proximate result of NetSuite’s false representations which induced Grouse River to enter into [the contracts]” (emphasis added). According to the court, the fraud claims asserted more than just a failure by NetSuite to keep their contractual promises and were “independent of” the breach of contract claim. Barrett Business Services, Inc. v. Oracle America, Inc. (Case No. CGC-19-572474) is another example of how to avoid economic loss rule issues while pleading fraud alongside breach of contract for failed ERP installations. As detailed in a previous blog post, Barrett Business Services (“BBSI”) sued Oracle and its partners Kbase Technologies, Cognizant Worldwide, and Cognizant Technology for negligent misrepresentation, breach of contract, and other claims over a failed ERP installation. In the original complaint’s negligent misrepresentation claim, BBSI emphasized the defendant’s false representations, BBSI’s reliance on the misrepresentations, and the damage BBSI suffered due to this reliance. While the claim mentions that BBSI entered contracts with the defendants “as a result” of the misrepresentations, and that the contracts “were procured through misrepresentations,” the claim seems to emphasize damage to BBSI due to reliance on false statements by the defendants more so than fraudulent inducement by the defendants itself. In a demurer, Oracle asserted that BBSI’s negligent misrepresentation claim was barred by the economic loss rule because their breach of contract claims, and negligent misrepresentation claim relied upon the same allegations that the ERP software was unable to meet BBSI’s business requirements. In essence, BBSI seemed to be claiming the same issues arose from the misrepresentations and the breach of contract. BBSI then amended the complaint, making clear in negligent misrepresentation claims that BBSI was “induced” to enter the relevant contracts “as a proximate result of” the defendants’ misrepresentations and suffered damages “as a direct and proximate result of Defendants’ misrepresentations.” The phrasing more clearly rested BBSI’s negligent misrepresentation claims on fraudulent inducement to contract itself, rather than on broken promises from the resulting contract. Oracle’s answer to the amended complaint did not assert any economic loss rule arguments against the negligent misrepresentation claims. Grouse River, and Barrett Business Services contain lessons for aggrieved ERP customers seeking to assert fraud alongside breach of contract claims. The fraud claims that focused on fraudulent inducement caused by false representations were able to either avoid or survive economic loss rule challenges in these cases. This highlights the importance of differentiating between the bases for the fraud claims (misrepresentation leading to fraudulent inducement) and the breach of contract claims (broken contractual promises) in pleadings against parties responsible for failed ERP installations. * Sara Schlesinger is a rising 2L law student at Northwestern University School of Law and is a 2022 summer law clerk for Tactical Law Group LLP. By Pam Fulmer
On June 3, 2022 all of the parties in the Sunrise Firefighters' security class action suit against Oracle filed a notice with the court announcing that they had reached a settlement. The parties also asked Judge Freeman to vacate the Case Scheduling Order in light of the settlement. Previously we predicted that a settlement might be imminent since the court did certify the class. Once the class was certified Oracle faced significant risk that discovery might bring to the light of day certain of Oracle's predatory audit practices taken from its Audit, Bargain, Close ("ABC") Playbook. The threat of imminent and extensive discovery must have put significant settlement pressure on Oracle. Now that settlement has come to pass and the parties are preparing settlement documents for the court's approval, what does this potentially mean for Oracle customers? In our opinion it may be time for Oracle customers to prepare for the resumption of some very aggressive Oracle audits. Some of our readers may be wondering about what I mean by "resumption" as they have probably already been exposed to some very significant brass knuckles audit tactics. It is my opinion that the pendency of this very public case did serve to somewhat moderate Oracle's behavior as it did not want to send any of its customers into the arms of the Plaintiffs' lawyers litigating the Sunrise Firefighters' case. Now that threat is gone and Oracle may feel unbound. Only time will tell. We hope we are wrong. If you are a company being audited by Oracle or think that an audit notice may be imminent, we can help. Please contact us today. By Pam Fulmer
On May 9, 2022, Judge Freeman of the Northern District of California granted the lead Plaintiff's Union Asset Management Holdings AG's Motion for Class Certification in the Sunrise Firefighter's Class Action against Oracle and several members of its senior management. This is certainly bad news for Oracle. Readers of our blog will remember that the class action lawsuit alleges that Oracle and its management committed securities fraud when they omitted to inform the investing public that Oracle's increase in sales of Oracle's cloud software products was fueled in part by predatory audits of Oracle customers, rather than the quality of the Oracle cloud software. Judge Freeman ruled previously that such a theory states a claim for securities fraud by omission. Rather than get into the weeds of the Court's ruling which was a huge win for the Plaintiffs, readers of our blog may be wondering what happens next in the litigation? Often once a class is certified, Defendants will settle the lawsuit rather than proceed to discovery and later trial. It will be very interesting to see whether Oracle settles here or will still continue to litigate the lawsuit. Should the parties continue to litigate, we predict some very interesting discovery disputes as Plaintiffs potentially seek additional discovery on Oracle's predatory audit practices, and Oracle seeks to limit such discovery as much as possible. Should the case not settle, and after taking discovery, class action defendants sometimes move to de-certify the class if Plaintiffs have been unable to support their damages model or other theories through evidence obtained in discovery. So it is possible that Oracle may decide to attack Plaintiffs' case again later after the close of discovery. Oracle customers who under audit by Oracle made cloud purchases to get out from under the audit and alleged large non-compliance findings, may have remedies against Oracle. Our lawyers at Tactical Law advise Oracle customers regarding potential claims they may have against Oracle to recoup some of those losses due to past Oracle audit overreaches. The case is Sunrise Firefighters v. Oracle in the Northern District of California. We will continue to monitor the case. Check back for updates. |
By Tactical Law Attorneys and From Time to Time Their Guests
|
RSS Feed
tactical law group llp |
COPYRIGHT TACTICAL LAW GROUP LLP 2016-2022.. ALL RIGHTS RESERVED
|
Legal Disclaimer: Contents may contain attorney advertising under the laws of some states. Prior results do not guarantee a similar outcome.