Oracle v. SAP Legal Fight Gets Messier, Raises Tough Questions About Third-Party Maintenance

In mid-April, more details emerged from new court documents filed by Oracle and SAP in their year-long legal dispute regarding allegations that SAP illegally accessed Oracle’s customer support systems.

MORE ON CIO.com

Oracle to Expand SAP Lawsuit, May Target Execs

SAP’s Purchase and Attempt to Sell Off TomorrowNow

The Man Behind ‘Half Off’ Third-Party Software Maintenance

At the center of the furor: Did SAP’s subsidiary, TomorrowNow, a provider of third-party maintenance support for Oracle’s stable of business applications, engage in “systematic, illegal access to—and taking from—Oracle’s computerized customer support systems,” as Oracle’s 2007 lawsuit alleges.

Oracle claims that as a result, “SAP has compiled an illegal library of Oracle’s copyrighted software code and other materials,” as the suit states. (See “SAP’s Purchase and Attempt to Sell Off TomorrowNow” for an in-depth account of the TomorrowNow saga.)

Even though SAP has put TomorrowNow on the block, the case has not stood still. One of the latest court documents filed is what’s called a “Joint Case Management Conference Statement,” filed in advance of the April 24 conference between the two parties in U.S. District Court in San Francisco. (At the conference, Judge Phyllis J. Hamilton reviewed the discovery process and deposition limits and confirmed that the schedule for alternative dispute resolution would remain in place.)

In the filing, Oracle sought to amend its complaint and add some new charges against SAP, including this claim: “SAP AG and SAP America knew—at executive levels—of the likely illegality of TomorrowNow’s business model from the time of their acquisition of TomorrowNow and, for business reasons, failed to change it.”

Dirty and Difficult Questions

Legalese aside, Oracle v. SAP is messy and complicated. The Joint CMC statement contains 30 pages of incendiary allegations by both parties, he-said-she-said barbs and frank admissions by SAP and Oracle hinting at just how hard it is for each side to make its case. For example, the discovery process, in which both parties gather evidence (in this case from computer systems) and interview people on both sides, has already become a massive, intricate and costly legal proceeding.

“To date, the discovery in this case has involved immense computer records, including terabytes of data, that require weeks to simply copy, not to mention produce, review and digest,” notes Oracle’s defense team. “This case also involves potentially hundreds of third parties, thousands of computer software environments, and tens of thousands of distinct downloads of Oracle Software and Support Materials⬦.The subjects are vast and complicated, including the development, maintenance and use of these thousands of customer support environments by defendants—none of which has yet been produced because the physical size of these electronic records is so great.”

SAP counters that “Oracle started this case without ever raising its concerns with SAP, apparently preferring instead to use the burden of tens of millions of dollars of discovery expense and the attendant distraction to aid its ongoing competition with SAP.”

The legal drama, uncertainty and notoriety have not helped TomorrowNow’s prospects as a viable company. SAP put TomorrowNow on the block in late 2007, and it had an operating loss of approximately $35 million in 2007.

Will the claims in Oracle’s lawsuit resonate with a jury? Was there a clear lack of management oversight at TomorrowNow and at SAP that ultimately harmed Oracle’s business and finances (through alleged “lost profits”)? These questions will have to wait until the companies present their sides to a jury—if the case even goes to trial. (A new trial date has been set for 2010; the case was originally scheduled for early 2009.)

However, many interesting legal and liability questions relating to software agreements have been raised by Oracle in the lawsuit and countered by SAP in its responses. One of the more important is a query that SAP poses in its response to Oracle’s overall claims: “Do the licenses between Oracle and its customers prevent TomorrowNow from access to that software to provide third party support?”

Trouble for Third-Party Maintenance?

The market turbulence from unanswered questions like this one and others raised in the court documents could ultimately hurt the business prospects of third-party maintenance providers that support (for half the price) Oracle’s cache of acquired application sets (PeopleSoft, J.D. Edwards and Siebel).

Three of the more well-known third-party maintenance providers are TomorrowNow, Rimini Street (which has been wooing TomorrowNow customers dissatisfied with SAP’s intentions to sell off TomorrowNow) and netCustomer (which offers maintenance services from a 24/7 global support center in India).

TomorrowNow and SAP representatives are embroiled in the dispute and have repeatedly declined to comment on anything related to TomorrowNow.

NetCustomer’s chairman and CEO, Punita Pandey, acknowledges that, due to the lawsuit, the third-party support market is “under scrutiny and there’s a lot of interest lately,” she says.

In the Oracle v. SAP court documents that have been released, dozens of specific questions have been raised by both sides, and the lingering issue seems to be: If a third party is providing maintenance on the customer’s code (which is Oracle’s), then how can that third party provider not “touch” the code at some point in the process? And how does that match up with the software licensing agreement?

Pandey says that “people keep making a big deal about ‘touching the code.'” However, she points out that most enterprise software implementations have a “medium to high degree of customizations before a customer can use it,” she says. “In more cases than not, companies use a third party to assist them with the implementation and customization processes.” And that third party has to touch the code at some point.

“Now it’s very hard for me to imagine what licensing agreement between a company and their software vendor, whichever one that is, says that you cannot use anyone else to touch this software,” Pandey says. Her point, of course, is that third-party maintenance providers act in the same capacity—just at the other end of the software lifecycle.

David Rowe, Rimini Street’s vice president of global marketing, points out via e-mail that Oracle’s complaint noted “that they don’t have a legal problem with third-party support—just some of the alleged processes and procedures that TomorrowNow was using.” (To read an interview with the Rimini Street CEO Seth Ravin, see “The Man Behind ‘Half Off’ Third-Party Software Maintenance.”)

In fact, Rowe says that Oracle has acknowledged that “third parties can get software and updates for clients,” he says. “However, they are alleging that TomorrowNow went out of bounds and took more than the client was entitled to receive.”

What Customers Need to Know

Still, potential NetCustomer clients have many questions about the Oracle case and how it relates to the third-party maintenance business, Pandey notes. “You can imagine that a lot of the customers are also hesitant right now.” One of the first things that netCustomer’s team makes clear is that “we do not download anything on our servers and our systems, because [the code] really belongs to customers,” she says. “They download everything that they’re entitled to from their vendor, whether it’s from Oracle, SAP or any other vendor.”

According to Rowe: “Rimini Street, as we have commented previously, has safeguards in place to keep such issues from occurring in its operations.”

Pandey suspects that one critical area of the case will be the specifics of Oracle’s license agreement with its customers who hired TomorrowNow, though she says that she doesn’t have any insights into the details, other than what’s been publicly available. “The jury is still out on what the license says,” she notes.

NetCustomer’s strategy for the future success depends on “not cutting corners,” she says, when it comes to servicing its customers. “We have always followed extremely stringent measures when it comes to IP protection, copyright protection and security,” Pandey says. “And following that process you still can create a really healthy third-party market over the next few years.”

Pandey says she’ll continue to follow the case, looking at any key findings available from publicly available information. “But it’s not an all-consuming affair,” she adds, “because we can sift through a lot of the clutter and [in certain cases] say this is just two big guys going after each other.”