Some Oracle License Audit Updates and Advice

Audits are mentally and emotionally draining, consume scarce time and resources and potentially can end with heavy fines from the vendor. And according to an article in Database Trends and Applications, software audits are becoming more common and more contentious, but also more likely to be quickly settled.

A software vendor like Oracle has the right to make sure customers are not using more of their intellectual property than they are paying for, and in some cases may allege that companies are doing this deliberately as in its legal case with Envisage Technologies LLC. Envisage was relying on Amazon’s relational database service to run its cloud-based Acadis software on Envisage’s hardware. Envisage used its Oracle software on AWS to provide its Acadis public safety software to customers. According to legal expert Pamela Fulmer in her article on Envisage’s countersuit for declaratory relief, the case rests largely on statements made by Amazon that AWS’s “license included” model would be appropriate for the Acadis product. Under this model, “you do not need separately purchased Oracle licenses; the Oracle Database software has been licensed by AWS. ‘License Included’ pricing is inclusive of software, underlying hardware resources, and Amazon RDS management capabilities.”

But there is a problem with this argument.

“The AWS Service Terms at Section 10.3.1 provide that the RDS ‘License Included’ customer cannot ‘use the Oracle Software for rental, timesharing, subscription services, hosting, or outsourcing,’” Fulmer writes. “And it appears from the face of the counterclaim that this is exactly what Envisage has done.”

If anything, Fulmer suggests, Envisage should file a claim against Amazon if they felt they were misled on the applicability of the AWS “license included” offering.

Oracle even recently sued NEC Corporation of America, its own partner, for failing to pay Oracle database license and support fees associated with licenses NEC in turn sold for its Integra ID-5 product, which relies on the Oracle database. Determining intent and bad faith is difficult, and there are lawyers that specialize in software license litigation. Their counsel may be required at times, but even these attorneys probably agree the preferred strategy is to avoid violating the end user license agreement (EULA).

The suit alleges that NEC violated their EULA by:

• Distributing the Oracle database along with rather than embedded in the application package
• Customizing its Inegra-ID-5 product for specific end users
• Allowing end users to create custom reports in the application
• Opening application programming interfaces (APIs) to transfer data
• Performing program administration on the user’s behalf

These practices are allowed under a more expensive license that NEC had used in the past—the application specific full use (ASFU) license, but not under the embedded software license (ESL) that was apparently used. Was this a deliberate act by NEC or an oversight? If an oversight, what does it tell us when an Oracle partner, and former recipient of an Oracle Excellence Award for Specialized Partner of the Year, struggles to comply with the EULA?

In most cases, Oracle customers will find themselves inadvertently on the wrong side of their EULA. In this compelling piece on Oracle license optimization by Inoapps EMEA Technology Sales Director Chris Wilson, you’ll find insights on six potential areas of exposure for accidental EULA violations that can lead to negative repercussions during an Oracle license audit.

Let’s delve into just two of them here and you can download Wilson’s piece for the rest.

Virtualization Technologies

Network virtualization, or soft partitioning, will continue to grow in usage because it can reduce cost, cut energy consumption and speed disaster recovery. But Oracle may contend during an audit that something like a cluster of virtualization hosts in a virtualized network must be licensed for any Oracle Technology products running anywhere in the cluster.

Oracle policy states that:

“Unless explicitly stated elsewhere in this document, soft partitioning (including features/ functionality of any technologies listed as examples above) is not permitted as a means to determine or limit the number of software licenses required for any given server or cluster of servers.”

Again, determining if soft partitioning technologies are being used to avoid license costs is difficult. And while its policy on soft partitioning is not part of the EULA but rather simply posted on its web site, making the argument that this is a unilateral amendment to an agreement is probably ill-advised. It may be wise to simply plan virtualization projects with compliance in mind or during an audit demonstrate that you are not running Oracle software or technologies on any servers that are not authorized to do so.

M&A Activity

Mergers, acquisitions and divestitures are usually public knowledge, and can sometimes even tip off a software vendor that a license audit should be conducted. A EULA may not allow a company to transfer software to another party, or an acquired company may be out of compliance at the time of the acquisition. Sometimes the way software is licensed in different parties to a merger may not be compatible, and a new, combined master agreement may be required.

Because Oracle software and technologies are critical business infrastructure, an internal audit of license agreements, terms and conditions is an important step in a merger, acquisition or divestiture process. Failing this, a management team may find themselves staring down a significant fine, as did one respondent to an ITAM Review survey:

“Even though we had been licensed properly (in terms of numbers of licenses we were even over-licensed) but due to mergers and acquisitions Oracle figured out, that the licenses were not properly ‘transferred’ to the new companies,” the survey respondent said. The respondent said they were allowed to buy Oracle Cloud licenses to avoid paying the fine. “Oracle then threatened us with a fine of over 150,000 euros. They told us, that with the purchase of 50,000-euro oracle cloud licenses instead one would waive the penalty. We agreed to do so … and fixed everything, got that certificate of compliance. We never used that Oracle cloud because we did not need it ...”

A skilled and committed Oracle partner may have helped this survey respondent prepare for an audit, more effectively or negotiate a resolution that gave them licenses they could use or both.

A Universal Challenge

Every software vendor has their warts when it comes to license audits … you hear horror stories about Infor Global Solutions, SAP and others too. Aggressive auditing tactics may seem malicious at times, but so might end user practices that push up against or run afoul of the boundaries of a EULA. For Oracle customers, the best insurance is to align with a trusted Oracle partner who can plan an Oracle estate around the EULA and deliver a rigorous and proactive approach to Oracle license optimization. Learn more by downloading Wilson’s piece today.