Oracle third party licensing audit
Oracle are suing Perry Johnson & Associates (PJA), a healthcare consultancy, for incorrect licensing, with a total claim of over $3.2 million dollars. Oracle aggressively going after a company for licensing infringements isn’t anything new, this case is a little different than usual. PJA aren’t a direct customer of Oracle’s – rather, they licensed the software via a third party, Arrendale Associates, who have an Oracle “Embedded Software License Distribution Agreement” (ESLDA). Oracle are suing their customer’s customer.
In August 2019, Oracle “became concerned” that PJA may have been using Oracle database software without a license. The following month, PJA shared information about their software architecture with Oracle and it was determined they were providing hosting services to third parties. Two further transgressions were also identified:
- PJA were using the software in such a way that required Enterprise Edition, although they were licensed only for Standard Edition
- PJA were using Oracle Real Application Clusters (RAC) option without having any RAC licenses. Furthermore, using RAC requires Enterprise Edition
Oracle asked PJA to license the software it was using and to pay for the past usage – the document say that “After some discussion, PJA refused to engage further with Oracle”. Oracle believe that PJA have continued to use the software making them a “wilful infringer” and thus subject to triple damages.
Show me the money
Oracle believe the licensing and support fees that PHA should have paid for the software in use amount to “at least” $3,245,200. They also believe that PJA have generated profits though providing hosting services to third parties and so Oracle are entitled to recover the amount of those profits too.
According to Tactical Law Group, the case has been dismissed by Oracle – likely due to an out of court settlement.
Oracle third party licensing – a rundown
The court document spells out what an end user can/can’t do with software obtained via an ESLDA. The end user cannot:
- Install or configure the Oracle software separately
- Access the database or schema directly
And the software must be only for the end user’s internal business – no rental, hosting, outsourcing etc.
This blog from the Tactical Law Group points out that these agreements not only include clauses for Oracle to audit their customer (the licensed distributor) but also “contain provisions whereby Oracle may request assignment of its customers’ rights to audit the ultimate end-user”. If you use Oracle* software via a third-party provider, ensure that all relevant people understand the licensing limitations and can identify the differences types of software – and be aware that you might receive an audit letter directly from Oracle.
*This applies just as much to every other software vendor really!
- Tags: Audit legal cases · ITAM lawsuits · Law · Legal · oracle audit · Oracle third party hosting
About Rich Gibbons
A Northerner renowned for his shirts, Rich is a big Hip-Hop head, and loves travel, football in general (specifically MUFC), baseball, Marvel, and reading as many books as possible. Finding ways to combine all of these with ITAM & software licensing is always fun!
Connect with Rich on Twitter or LinkedIn.
Thank you Rich for this Insight. Your comments are so clear.
Licensing is a strange word. It means “Authorize”. Customers should never forget
Mammoth editors have created extremely complex rules to pay back for investment they made. How complex these many “one-of-a-kind” may be, we have to learn about them, understand competition of each of them versus the others.
Thanks for ITAM continuous monitoring of our IP industry.
Here is what “probably” happened. They have Standard edition installed and running. One of the Tuning or diagnostic features has been previously triggered. This “forced” them to license as Enterprise. in standard edition RAC is allowed in limited configuration (historically 4 Socket limit, in SE2 2 socket limit, and even more recently (19.1c) removed) but when they were forced into Enterprise edition it’s an add-on.
I suspect the “root” of the issue is someone trigger one of the Diagnostic or tuning items. I’d be interested how and why those were initiated as it’s not unheard of that patches, connection to OEM, etc. Would trigger them. Anyways good luck this should be an interesting case.
Any updates on this? I know these cases can drag on for years, but I haven’t seen anything public since last summer.
For anyone interested, the court documents are publicly available : https://www.courtlistener.com/recap/gov.uscourts.cand.358916/gov.uscourts.cand.358916.1.0_1.pdf
I don’t see anything in there that points to Diagnostics and Tuning, as Oracle has not performed an audit. They have only ‘learned of PJA’s software architecture – including the number of sockets’ – that sounds more like a VMWare scenario.
According to Tactical Law Group, Oracle have dismissed the case. They believe it’s likely due to a settlement.