How Worried Should Oracle Customers Be?
The times they may be a-changin’. On May 11, 2021, The Norton Law Firm filed a complaint on behalf of Oracle in the Northern District of California against Envisage Technologies – an Oracle Database licensee – for copyright infringement. This suit marked the first time in memory that Oracle filed a complaint against a database customer in a public litigation.
For those who track the ups and downs of Oracle’s auditing playbook, a few unique elements of this suit were immediately apparent. For example, there was no indication that Oracle was auditing Envisage’s usage – the complaint didn’t even have a cause of action for breach of contract. Further, Oracle alleged that Envisage had ceased communications entirely, which the savvy licensee knows is the single worst thing to do when fending off Oracle. And, finally, the alleged deployments were through Amazon Web Services (“AWS”), which, as far as Oracle’s auditing rights are concerned, is an entirely different beast.
Though unsettling in its sudden novelty, it was difficult to read the tea leaves from this case alone. Envisage retained Goodwin Proctor to defend it and assert a counterclaim, and, per the public docket, the matter is ongoing.
Then, on July 8, 2021, The Norton Law Firm filed yet another complaint on behalf of Oracle against another database licensee – this time NEC Corporation of America, a member of the Oracle Partner Network. The suit against NEC Corporation was itself unique, almost as if it were carefully drafted to send the market a different, if complementary, message to what was sent in the Envisage matter. Among many examples, is it alleged in the NEC Corporation suit that there was an audit pending, and Oracle filed suit because it was frustrated that NEC hadn’t agreed to pay audit demands. As such, unlike in Envisage, Oracle does include claims for breach of the license agreement. Further troubling for the licensee, there are no allegations that NEC Corporation disengaged from the audit process and, per the complaint, there are no third party hosting complications, such as licensing through AWS’s cloud. NEC Corporation has not yet appeared.
What is the Oracle licensee to make of this development? Two back-to-back anomalies? Or a stunning new chapter in Oracle’s ever-changing playbook?
Just how many swallows does it take to make a summer?
Oracle has History as an Aggressive, but Careful, Litigant.
As we have said on multiple occasions, Oracle is “no stranger to litigation.” Examples abound, but over the past decade, Oracle has: engaged in the titan-on-titan copyright infringement slugfest of Oracle v. Google; bitterly fought six “nasty” lawsuits by or against the state of Oregon regarding a failed ERP installation (that eventually settled for $100 million); engaged in serial fights to keep employee wage-and-hour claims out of arbitration and in court; and maintained a pair of scorched-earth lawsuits waged against two companies (Rimini Street and Terix) it accused of misappropriating Oracle support patches and selling them to customers in a competing technical support business.
Despite the fact that Oracle has carefully cultivated a reputation as an aggressive litigant, it has not been in the business of testing its dubious auditing and licensing tactics in court – in the U.S., at least. Mars v. Oracle (for which we served as lead counsel on behalf of plaintiff Mars), was voluntarily dismissed before any substantive rulings (and the Oracle v. Cogent Communications did not involve Oracle’s database technologies and instead concerned legacy Siebel agreements and licenses). Conversely, Oracle did have two unsuccessful forays into litigating its audit script in the EU – Oracle v. AFPA and Oracle v. Carrefour, the latter of which held that the licensee was not required to run Oracle’s scripts. (This ruling likely led to Oracle’s change in the Transactional Online Master Agreement that made the running of scripts a contractual requirement.)
In full light of the above, we have long speculated that Oracle was discouraged by its litigation failures in the EU and did not wish to litigate its audit script in the U.S. In a 2019 Patent Lawyer article, we even went so far as to confidently state that the chances of Oracle suing a licensee were “remote”:
Oracle has shied away from litigation in the four years since Mars and the three years since AFPA. While a licensee can never discount the very real possibility that Oracle will, eventually, resort to litigating its “audit script,” on a licensee by licensee basis, the chances remain remote.
As such, despite Oracle’s notoriously tough position during audits, the savvy licensee can comfortably protect its rights without overwrought concern of hair-trigger litigation ensuing.
Is it time to update our long-standing advice? And, if so, why the sudden shift?
While the possibilities are endless, there are a few precipitating events that should be noted.
Oracle’s Brief (and Largely Unsuccessful) Attempt to Play Nice in the Public Eye.
Over the past several years, Oracle has very much been at the center of public affairs. Consider, for example: the infrastructure that was voluntarily built for the Trump administration to peddle snake oil for Covid relief; the fretful anticipation the entire tech community felt while waiting for the Supreme Court’s ruling in Google v. Oracle; Oracle’s promising attempts to evade a securities class action – replete with damning whistleblower allegations – before a largely sympathetic Northern District of California Judge; Oracle’s image makeover as an internet watchdog protecting the public from the alleged harms of the so-called “Freemium” model; Oracle’s shameless attempt to gather the spoils of Trump’s undignified spat with TikTok; and the serial – and very public – bid protests it launched to undo the DOD’s $10 billion Joint Enterprise Defense Infrastructure (“JEDI”) award. In every instance, Oracle had a lot to lose by drawing uninvited negative attention to itself.
Coincident with this, it has been our distinct impression that, up until recently, Oracle was dialing back the more draconian aspects of its audit script and employing a soft touch with its licensees. The much-anticipated wave of Java audits never quite materialized. And, despite thousands of angry licensees, Oracle still hadn’t found itself in court litigating an audit gone bad.
Then, Oracle’s fortunes changed. In relatively quick succession, Oracle lost to Google at the Supreme Court; Oracle lost its ally in the White House when Trump failed to secure a second term; gone with the Trump administration was Oracle’s hope of having TikTok handed over on a platter; the Oracle securities litigation cleared the final 12(b)(6) hurdle and discovery was slated to begin; and, frustrated with the endless bid appeal process, the DOD scrapped JEDI entirely and is reconfiguring an entirely new bid process.
And, in the wake of its newly burnished “good guy” image suffering serial blows and yielding very little, Oracle launches waves of Java audits, ramps up its aggressive compliance demands and launches, in quick succession, the Envisage and NEC Corporation ligations.
A Few Initial Takeaways from Oracle’s One-Two Punch on its Licensees.
It is too early to tell the full extent of what the Envisage and NEC Corporation matters mean for Oracle licensees and the market at large. But, even at this early stage, we can offer the following observations and modest predictions.
- Keep an Eye on The Norton Law Firm. The Norton Law firm was founded in 2017 by two Boies, Schiller & Flexner LLP partners who were members of Oracle’s trial team in the Oracle v. SAP matter. The firm’s website is permeated with Oracle’s presence, and it has added at least a half dozen litigation attorneys in a short period. It is hard not to surmise that the firm is preparing to launch more litigation on Oracle’s behalf.
- Virtualization and Extra Contractual Policy Statements are Not (Yet) an Issue. Perhaps unsurprisingly, neither complaint mentions Oracle’s VMware policy nor Oracle’s reliance on extra-contractual policy statements.
- Controlling its Message. The absence of virtualization and policy statements suggests that Oracle is tightly controlling its message to avoid these hot-button issues, at least in its initial forays into litigation. It will be interesting to see whether these issues arise in said lawsuits or whether Oracle gains the courage to test them in a court of law.
- Licensees Under Audit AND Those Not Under Audit Must Take Note. The Envisage and NEC Corporation matters make a natural pair, with the former complaint filed without an audit pending and the latter filed at the tail end of an extensive audit. Oracle’s message is clear: every single Oracle inquiry is now fraught with the potential for litigation.
- Oracle Chooses its Litigation Carefully. Recent setbacks at the Supreme Court aside, Oracle has a remarkable track record with the IP litigations it initiates. And, with as many unhappy licensees that it subjects to its unpopular audit script, there are likely thousands of licensees it could choose from when deciding what litigation to pursue when sending a message to the market.
- Don’t Be a Promising Target for Oracle. Create a strong record for your firm in every interaction with Oracle. We recommend involving knowledgeable and experienced legal counsel early in the process so that your company is not stuck with haphazard preliminary decisions that may lead to an unfortunate choice between capitulating to Oracle’s unreasonable demands or risking becoming Oracle’s next litigation target.
We will continue monitoring Oracle’s litigation portfolio and will bring our readers up to date with major developments as they arise.
Published on 8/6/2021