 |
Text of The Oracle-SAP Lawsuit
Written by Full Documents
March 22, 2007
This case is about corporate theft on a grand scale, committed by the largest German software company –a conglomerate known as SAP. Oracle is a leading developer of database and applications software, and SAP is Oracle’s largest enterprise applications software competitor.
Oracle brings this lawsuit after discovering that SAP is engaged in systematic, illegal access to –and taking from –Oracle’s computerized customer support systems. Through this scheme, SAP has stolen thousands of proprietary, copyrighted software products and other confidential materials that Oracle developed to service its own support customers. SAP gained repeated and unauthorized access, in many cases by use of pretextual customer log-in credentials, to Oracle’s proprietary, password-protected customer support website. From that website, SAP has copied and swept thousands of Oracle software products and other proprietary and confidential materials onto its own servers. As a result, SAP has compiled an illegal library ofOracle’s copyrighted software code and other materials. This storehouse of stolen Oracle intellectual property enables SAP to offer cut rate support services to customers who use Oracle software, and to attempt to lure them to SAP’s applications software platformand awayfromOracle’s.
For example, using one customer’s credentials, SAP suddenlydownloaded an average of over 1,800 items per day for four days straight (compared to that customer’s normaldownloads averaging 20 per month). Other purported customers hit the Oracle site and harvested Software and Support Materials after they had cancelled all support withOracle in favor of SAP TN. Moreover, these mass downloads captured Software and Support Materials that were clearly of no use to the “customers” in whose names they were taken. Indeed, the materials copied not only related to unlicensed products, but to entire Oracle product families that the customers had not licensed.
For example, in January 2007, a user on an SAP TN computer signed in as Oracle customer Honeywell International, Inc., a Fortune 100 technologyand manufacturing company, to access Oracle’s support system and copy literally thousands of Oracle’s Software and Support Materials in virtually every product library in every line of business. This copying went well beyond the products that Honeywellhad licensed and to which it had authorized access. In other examples, users from SAP TN logged in using the credentials of recently departed customers, like Metro Machine Corp., and downloaded Software and Support Materials even after the customer had dropped its support rights with Oracle.7.Oracle has found many examples of similar activity.Across its entire libraryofSoftware and Support Materials in Customer Connection, Oracle to date has identified more than 10,000 unauthorized downloads of Software and Support Materials relating to hundreds of different software programs.
This systematic theft of Oracle’s Software and Support Materials did not originate from any actual customer location. Rather, the access originated from an internet protocol(IP) address in Bryan, Texas, an SAP America branch office location and home of its wholly-owned subsidiarySAP TN. SAP TN is a company that purports to provide technical support services on certain versions of Oracle’s PeopleSoftand JDE software programs. The Bryan, Texas IP address used to access and download Oracle’s Software and Support Materials is connected directly to SAP’s computer network. Indeed, Oracle’s server logs have recorded access through this same IP address by computers labeled with SAP identifiers using SAP IP addresses. 9.In many instances, including the ones described above, SAP employees used the log-in IDs of multiple customers, combined with phony user log-in information, to gain access to Oracle’s system under false pretexts. Employing these techniques, SAP users effectively swept much of the contents of Oracle’s system onto SAP’s servers. These “customer users” supplied user information (such as user name, email address, and phone number) that did not match the customer at all. In some cases, this user information did not match anything: it was fake. For example, some users logged in with the user names of “xx” “ss” “User” and “NULL.” Others used phony email addresses like “test@testyomama.com” and fake phone numbers such as “7777777777” and “123 456 7897.” In other cases, SAPblended log-in information from multiple customers with fakeinformation. For example, one user name connected to an SAP IP address appears to have logged in using the credentials of sevendifferent customers in a span of just 15 days –all from SAPcomputers in Bryan, Texas. All of these customers whose IDs SAP appropriated had one critical fact in common: they were, or were just about to become, new customers of SAP TN –SAP AG’s and SAP America’s software support subsidiary whose sole purpose is to compete with Oracle.10.As a result of this illegal activity,SAPapparently has now warehoused an extensive library of Oracle’s proprietary, copyrighted Software and Support Materials. As explained below, this theft appears to be an essential –and illegal –part ofSAP’s competitive strategyagainst Oracle. ***11.In the world of enterprise software applications, revenue comes from three basic activities: (a) license of the underlying software, (b) consulting relating to the implementation and operation of the software, and (c) support contracts to keep the software updated and upgraded. In January 2005, through SAP America, SAP AG acquired SAP TN, an independent software support company founded by former PeopleSoftsoftware engineers, developers, and support technicians. Not by coincidence, Oracle had previouslyannounced that in January 2005 it would complete its acquisition of PeopleSoft, increasing Oracle’s potency as a competitor to SAP AG for enterprise applications software, consulting, and support. 12.Industryobservers noted this fundamental shift in the competitive landscape. One industry analyst stated that, “Oracle Corp. is developing a ‘super set’of applications, combining features from the PeopleSoft and JDE1software and its CEOLarry Ellisonhas been vocal about his intentions to take market share awayfromSAP. Oracle said it has thousands of developers building the new application suite, called Project Fusion, aimed at taking market share from No. 1 ranked SAP.” Another mused, “After the acquisition of PeopleSoft earlier this year, Oracle officiallybecame a player on SAP’s turf.” 13.SAP AG’s hasty acquisition of SAP TN was widely perceived as a response to the new competitive threat from Oracle. SAP’s own statements confirmed it. SAP AG spokesman Bill Wohl vowed that SAP AG would use SAP TN to “keep the pressure on Oracle” by exploiting legacy PeopleSoft customers’ perceived unease about Oracle’s commitment to support legacy PeopleSoftsoftware. Publicly, SAP advertised this strategy as its “Safe Passage” program, explicitlydesigned to transition customers away from Oracle products and onto the SAP software platform. As reported in industry publications, SAP TN’s services “form[ed] the basis of [SAP AG’s] Safe Passage initiative, a program aimed at siphoning off valuable software maintenancerevenue from Oracle and persuading Oracle customers to switch software products [to SAP].” Although SAP America President and CEO, Bill McDermott, committed to throw “a lot of additional resources” behind SAP TN (which consisted of only 37 employees in total), SAP appeared to focus more on growing the SAP TN sales force rather than investing in or expanding SAP TN’s tiny development team. Indeed, SAP TN did not appear to have the development capability to meet the support commitments advertised in the “Safe Passage” brochures at any price, much less the 50% discount promoted by SAP. It certainly did not match Oracle’s investmentin development resources, or even come close to it. These facts raised questions about how SAP could offer the type of comprehensive technical support services on Oracle programs that customers of enterprise applications typically require. 14.Nevertheless, industry observers deemed the “Safe Passage” program “measurablymore aggressive,” and a sign that “SAP has taken the gloves off.” In connection withthe SAP TN acquisition, SAP America’s CEO, Bill McDermott, crowed “There’s nothing that I love more than to win.” But win at what cost? SAP appears to have taken a short cut to equip itself to support Oracle’s software programs at half Oracle’s price. SAP stole much of the Software and Support Materials directly from Oracle. 15.SAP’s unlawful copying and theft includes, by way of example, the following: More than 10,000 illicit downloads from Customer Connection between September 2006 and January 2007, with indications that this number may gosignificantly higher if traced further back in time. A systematic pattern of “sweeping” Oracle’s Customer Connection support website from SAP TN servers just days before, or the day of,the expiration of a new SAP TN customer’s support contract with Oracle, or in some cases on behalf of former Oracle customers withno access rights to Oracle’s Software and Support Materials whatsoever.On multiple occasions, the indiscriminate, wholesale copying of vast libraries ofavailable Software and Support Materials from Oracle’s Customer Connection support website through downloads too rapid to permit any real-time use of the downloaded Software and Support Material.The improper access to, and theft of, clearly-marked internal proprietary Oracle support documents not available even to licensed, authorized customers or through normal access to Oracle’s Customer Connection system.Accessing and downloading Software and Support Materials across multiple product lines in multiple lines of business available on the Customer Connection support website, in the purported name of customers that had never licensed those products and had no legal access to them.16.In short, to tryto “keep the pressure on Oracle,” SAP has been engaged in a systematic program of unfair, unlawful, and deceptive business practices that continues to this day. Through its illegitimate and illegal business practices, SAP has taken Oracle’s Software and Support Materials and apparently used themto insinuate itself into Oracle’s customer base, and to attempt to convert these customers to SAP software applications. Oracle also has concerns that SAP may have enhanced or improved its own software applications offerings using information gleaned from Oracle’s Software and Support Materials. These illegal business practices threaten to cause irreparable harm to Oracle, its many employees, and its customers. Oracle has no adequate remedy at law for the harm threatened and caused by these acts.
A. Oracle’s Software and Support Materials32.Oracle is the world’s largest enterprise software company, and the first to receive J.D. Power & Associates’ global certification for outstanding service and support based on measuring customer satisfaction worldwide. Oracle develops, manufactures, markets, distributes, and services software designed to help its customers manage and grow their business operations. Oracle’s software offerings include database, middleware, and applications software programs.33.As is typical in the enterprise software industry, Oracle does notsell ownership rights to its software or related support products to its customers. Instead, Oracle’s customers purchase licenses that grant them limited rights to use specific Oracle software programs with Oracle retaining all intellectual property rights in these works. In addition, licensed customers can, and typically do, purchase some set of technical support services that include the right to obtain upgraded products such as updates, bug fixes, or patches to those software programs the customers have expressly licensed from Oracle and have the right to use.34.Oracle’s license agreements with its customers may vary according to the products licensed, including because the customers originally contracted with companies later acquired byOracle, but all ofthe relevant license agreements for what is now Oracle software set comparable rules for access to, and use of, that software. Among other things, those rules prohibit access to, or use of, any portion of the software not expressly licensed and paid for by the licensee, and any sublicense, disclosure, use, rent, or lease of the software to third parties. 35.Oracle’s licenseagreements define Oracle’s confidential information to include, without limitation, Oracle’ssoftware, its object and source code, and any associated documentationor service offerings. As defined in one illustrative license agreement,“software” specifically includes the update products made available to customers as part of the support contractsthat customers purchased from Oracle.36.Oracle also restricts access to the Customer Connection technical support website, through the terms of use: You agree that access to Customer Connection…willbe granted onlyto your designated Oracle technical support contacts and that the Materials [on the support website] may be used solely in support of your authorized use of the Oracle Programs for which you hold a supported license from Oracle. Unless specifically provided in your licensing or distribution agreement with Oracle, the Materials maynot be used to provide services for or to third parties and may not be shared with or accessed by third parties. 37.Theterms of useexplicitlydescribethe confidentialnatureofthe material on Customer Connection: “the information contained in the Materials [on Customer Connection] is the confidential proprietaryinformation of Oracle. You may not use, disclose, reproduce, transmit, or otherwise copy in any form or by any means the information contained in the Materials for any purpose, other than to support yourauthorized use of the Oracle Programs for which you hold a supported license from Oracle….”(emphasis supplied)38.Access to the secured areas of Customer Connection is also governed by Special Terms of Use. Byusing the secured website, the useragrees to accept and comply with these Special Terms of Use. The Special Terms of Use provide that access is only permitted via the user’s “personal username and password” and that all materials on the secured website are confidential and proprietary. The Special Terms of Use clearly provide that: “Use of such CONFIDENTIAL and PROPRIETARY information and materials for any other purpose is strictly prohibited.”39.Prior to downloading Software and Support MaterialsfromOracle’s support websites, auser mustalso specifically agree to additional terms of useand restrictions specified in Oracle’s Legal Download Agreement: Your username and password are provided to you for your sole use in accessing this Server and are confidential information subject to yourexisting confidentiality agreement with Oracle / PeopleSoft/ JDEdwards. If you do not have a confidentiality agreement in effect with Oracle / PeopleSoft / JDEdwards, you are hereby notified that your username and password are confidential information and may only be distributed to persons within your organization who have a legitimate business purpose for accessing the materials contained on this server in furtherance of your relationship with Oracle / PeopleSoft / JDEdwards.40.The Legal Download Agreementalso puts the user on notice as to the confidential,proprietaryand copyrighted nature of the Software and Support Materialsavailable for download:Any software that is made available to download from this server (“Software”) is the copyrighted work ofOracle/PeopleSoft/ JDEdwards and/or its affiliates or suppliers. All Software is confidential information of Oracle/PeopleSoft/JDEdwards and its use and distribution is governed by the terms of the software license agreement that is in effect between you and Oracle/PeopleSoft/JDEdwards (“License Agreement”).The Software is part of the Licensed Products under the License Agreement and may only be downloaded if a valid License Agreement is in place between you and Oracle/PeopleSoft/JDEdwards. The Software is made available for downloading solely for use by licensed end users according to the License Agreement and any reproduction or redistribution ofthe Software not in accordance with the License Agreement is expressly prohibited. WITHOUTLIMITING THE FOREGOING, COPYING OR REPRODUCTION OF THE SOFTWARE TO ANY OTHER SERVER OR LOCATION FOR FURTHER REPRODUCTION OR REDISTRIBUTION IS EXPRESSLY PROHIBITED. 41.The Legal Download Agreement further restricts use of documents downloaded from the website: Permission to use Documents (such as white papers, press releases, product or upgrade announcements, software action requests, datasheets and FAQs) from this server (“Server”) is granted, provided that (1) the below copyright notice appears in all copies and that both the copyright notice and this permission notice appear, (2) use of such Documents from this Server is for informational and non-commercial or personal use only and will not be copied or posted on any network computer or broadcast in any media, and (3) no modifications of any Documents are made. Use for any other purpose is expressly prohibited.42.In addition, users accessing specific materials, such as a Software Application Request (“SAR”) through the SAR Search Web Application, agree to additional legal restrictions. These terms notify the user that the software available to download from Oracle is Oracle’s copyrighted material. The terms further provide that the “software is part of the Licensed Products under the License Agreement” and“is made available for downloading solely for use by licensed end users according to the License Agreement. Any reproduction or redistribution ofthe Software not in accordance with the License Agreement is expressly prohibited.” To download a SAR, the user must click on a button indicating that it accepts these terms.
Oracle Threatens To Unseat SAP 43.On January 7, 2005, Oracle completed its acquisition of PeopleSoft to emerge as the second-largest provider of business software applications in the world and the first to rival SAP AG in market share, size, and geographic and product scope. As SAP America’s Vice President of Operations, Richard Knowles, testified on June 23, 2004 at the trial on the Department ofJustice’s unsuccessful effort to block Oracle’s acquisition of PeopleSoft, the combination revitalized Oracle overnight as a competitor in the business software applications business. SAP AG suddenly found itself in a far different competitive environment than the one in which it had grown comfortable. As SAP AG reeled, events unfolded at a rapid pace: eleven days after its announcement, Oracle launched the newly-united companyand unveiled, at its headquarters with more than 48,000 people joining by Webcast and phone, how the nearly 50,000-strongcombined workforce of Oracle and PeopleSoftwould provide unparalleled innovation and support to 23,000 business applications software customers throughout the world. 44.SAP AG’s top executives publicly downplayed the threat that a combined Oracle and PeopleSoft entitywould pose to its competitive position for business software applications. SAP AGCEO Henning Kagermann claimed that even with PeopleSoft, Oracle would “not [be] a competitor which could really hurt us.” After the merger, he even claimed to wish Oracle “good luck” in competing with SAP AG. 45.But SAP AG had no answer for the business proposition the new Oracle offered. Not only do many SAP AG customers use Oracle’s superior database software programs, but now Oracle offered a deeper, broader product line of enterprise applications software programs to compete against SAP AG. 46.Rather than improve its own products and offerings, SAP AG instead considered how to undermine Oracle. One way was to hit at Oracle’s customer base –and potentiallyincrease its own –by acquiring and bankrolling a company that claimed the ability to compete withOracle support and maintenance services on Oracle’s own software products, despite not owning any of the software code for, or intellectual property rights to,these same products. C.SAP TN 47.In December 2004, SAP TN was a small software services company, headquartered in Bryan, Texas and founded by former PeopleSoftemployees. It claimed to compete withPeopleSoft, JDE, and later, Oracle, by providing low-cost maintenance and support services to PeopleSoft and JDE customers running assorted versions of these software programs. SAP TN claimed that it could cut customer maintenance and support bills in half and give customers a reprieve from software upgrade cycles byallowing customers to remain on older, often outdated, versions of PeopleSoft or JDE software rather than moving to later versions by implementing upgrades that the customers would receive by paying for support services from the software vendors themselves. As one industry journalist explained, SAP TN promised to offer such cheap support “because it is not investing millions of dollars in research and development for future versions of the software; it instead focuses on simply keeping the software up and running for an annual fee.” D.SAP Responds To Oracle Competition With Its “Safe Passage” Scheme48.As described in a glossy spread in a leading industry publication, in December 2004, just weeks before Oracle would close the PeopleSoft acquisition, SAP TN president Andrew Nelson got “the magic phone call” from Jim Mackey, SAP AG’s “front man for SAP AG’s mergers and acquisitions strategy.” Mackey made Nelson an offer “he couldn’t refuse.” 49.To retain full control over every detail of its scheme to lure away customers from Oracle, and to use SAP TN to do it, SAP AG proposed to buy SAP TN outright and make it a wholly-owned –and wholly-beholden –subsidiary. Acquiring SAP TN was not a mere investmentby SAP AG, but a calculated competitive move. As one industryobserver put it, SAP AG bought “another arrow in its quiver to hunt after Oracle’s customers.” Aligning with SAP AG made little sense for SAP TN, however, because to the extent SAP AG successfully undermined Oracle by having its customers move from Oracle’s software to SAP AG’s software,SAP TN would eventually lose its customer base. So SAP AG had to make the price right.SAP AG has refused to disclose the terms of its SAP TN purchase, but –with the Oracle/PeopleSoft dealabout to close –the “magic phone call” conveyed terms rich enough that, in barely a month, SAP TN agreed to the deal and cast its lot with SAP AG.50.On January 19, 2005, SAP AG’s top executives unveiled SAP AG’s acquisition of SAP TN as the centerpiece of its new “Safe Passage” scheme. SAP AG’s CEO, Henning Kagermann, identified SAP TN as instrumental to the parent company’s “Safe Passage” program, publicly indicating that SAP TN was authorized and intended to implement SAP AG’s goals. SAP America’s CEO, Bill McDermott, publicly vowed to bankroll this effort to undermine Oracle by putting “a lot of additional resources into TomorrowNow.” The Senior Vice President and Chief Operating Officer of SAP Asia Pacific, Colin Sampson, admitted that the SAP TN acquisition was “an integral part” of SAP’s Safe Passage program, which in turn was part of SAP’s “ongoing strategy to compete with Oracle.” And SAP TN certainly knew its role was to achieve SAP AG’s ends: as SAP TN’s CEO, Andrew Nelson, stated, “We're owned by SAP. We want them to be successful.” 51.After the acquisition, SAP TN’s new parent companies directed it to begin to implement a two-phase plan to increase SAP’s enterprise application market share. First, to lure the support business over, SAP would offer cut-rate pricing combined with the promise of essentially unlimited future support to former PeopleSoftand JDE support customers. Second, in connection with converting Oracle customers to SAP support (via SAP TN), SAP would aggressivelycampaign to migrate those customers to an SAP enterprise software platform. As SAP AG Managing Director Alan Sedghi admitted, SAP AG would try to use SAP TN as a means of “speeding-up” the migration of PeopleSoft and JDE users to SAP platforms. 52.The CEOs stated the proposition more bluntly. In April 2005, SAP America CEO Bill McDermott claimed “The SAP Safe Passage offering gives companies an affordable way to protect their current investments, ease integration with SAP NetWeaver(TM) and begin the process of innovating their businesses today.” A month later, at the SAP AG annual meeting, SAP AG CEO Henning Kagermann confirmed: “We worked with [SAP TN]to veryquickly set up a comprehensive program for SAP customers running PeopleSoftand JD Edwards solutions.”
53.SAP implemented Phase Oneimmediately. As reflected on SAP AG’s website: “SAP offers Safe Passage for PeopleSoft, JD Edwards, and Siebel customers –If Oracle’s options have you worried, consider another option: SAP. SAP provides solutions, technology and maintenance services.” (emphasis supplied) SAP America’s website promises that “SAP and TomorrowNow can cut your maintenance costs by as much as 50% through 2015,” and elsewhere says that “Safe Passage maintenance and support are delivered worldwide through TomorrowNow.” SAP TN’s website confirms its acceptance and undertaking of the SAP-controlled Safe Passage program: “TomorrowNow can also provide our support services as part of the SAP Safe Passage Program.” 54.Beginning in January 2005, SAP sales representatives unleashed a torrent ofmarketing materials designed to exacerbate and leverage perceived, albeit unfounded, PeopleSoft and JDE customer uncertainty about the prospects for long-term, quality support from Oracle. An April 2005 SAP AG press release apparently aimedto increase perceived doubt among Oracle customers by announcing a “second wave” of “Safe Passage.” To exploitthe fear itintended to create, SAP AG’s “second wave” included “an intensive customer recruitment campaign, offering significantly lower costmaintenance alternatives to Oracle customers running PSFT/JDE solutions” through 70,000 direct mail solicitations to Oracle customers. These lower cost alternatives advertised by SAP AG were to come directly through SAP TN.55.To implement Phase Two of its plan (luring Oracle customers to the SAP enterprise software platform), SAP AG did not simply sit back and leave the recruiting of potentialSafe Passage customers to SAP TN’s sales force. Instead, it took a hands-on approach. It deployed its salespeopleto contact potential customers and push them to switch to SAP TN’s services. If customers declined to convert to SAP TN, the SAP AG sales personnel would pressure the customers to drop Oracle products outright in favor of SAP AG’s suite. To give teeth to these commingled sales efforts, SAP AG offered maintenance support through SAP TN, officially “bundled” with SAP AG enterprise software as a centerpiece of the Safe Passage program.
56.SAP executives touted the Safe Passage program’s limited success in its first year. SAP AG’s CEO, Henning Kagermann, promised SAP AG would use SAP TN and the Safe Passage program to “fight for” more customers. By March 2006, SAP AG boasted in a press release that more than 200 customers had signed up for Safe Passage, the program it implemented partly through SAP TN, and which itclaimed “offers companies SAP solutions, technology, maintenance services, investmentprotection and a clear road map to the next generation of business software.” 57.However, as Oracle continued totake market share and expand its product offerings, including through its September 12, 2005 announcement that it would acquire Siebel Systems, SAP grew more desperate, and more aggressive. In October 2005, SAP announced it would extend its Safe Passage program to Siebel customers, including apparently instantaneous round the clock support from SAP TN –whose engineers at that time presumably had spent virtually no time to develop Siebel support software products. As reported on Forbes.com after Oracle’sannouncement of its impending Siebel acquisition, “SAP AG plans to announce . . . that itwill offer technical support for more of rival software maker Oracle Corp.’s own products [the Siebelproducts] for a far cheaper price.” SAP’s “cheaper price” (referred to elsewhere as “cut rate” support) continued at “50 cents on the dollar for maintenance fees,” but its services were expanded to support more Oracle product lines and a wider range of customers. SAP America President and CEO, Bill McDermott, confirmed that SAP intended to use the Siebel acquisition as another opportunity to lure Oracle customers to SAP stating that SAP is “not distracted by the challenges of integrating multiple code bases, companies and corporate cultures.” How SAP could offer instantaneous, round the clock Siebel code support within a few weeks of Oracle’s acquisition announcement remained a mystery.58.ByJuly 2006, SAP AG CEO Henning Kagermann conceded that SAP hadlost as much as 2% market share to Oracle. Atthe same time, curiously, SAP AG continued to tout the success of Safe Passage. In a July 2006 earnings call, SAP AG’s President of Customer Solutions and Operations, Léo Apotheker, boasted that Safe Passage “continues to do really well,” including because SAP AG “extended the program in order to offer it as well to Siebel customers.”Byextending the Safe Passage program to Siebel customers, and in conjunction withopening new SAP TN offices around the world, Apotheker claimed that SAP now had “a globalnetwork of [SAP TN] capabilities” –enough to “gain[] significant traction.” E.A Deal Too Good To Be True59.Although SAP put a brave face on its ability to compete with the increasingly potent Oracle applications offerings, some industry analysts wondered whether a small company like SAP TN, even after having expanded its ranks to 150 employees, could actually develop and offer the hundreds of regulatory updates, bug fixes, patches, and other labor-intensive support items that a customer would need to maintain useful, optimally functioning Oracle software, without infringing on Oracle’s intellectual property. Oracle, by comparison, maintains a development force of more than 15,000 software and support engineers to create and help implement the code fixes, patches, and updates that comprise the advanced support services required by Oracle’s licensed customers. 60.It was not clear how SAP TN could offer, as it did on its website and its other materials, “customized ongoing tax and regulatory updates,” “fixes for serious issues,” “full upgrade script support,” and, most remarkably, “30-minute response time, 24x7x365” on software programs for which it had no intellectual property rights. To compound the puzzle, SAP continued to offer this comprehensive support to hundreds of customersat the “cut rate” of 50 cents on the dollar, and purported to add full support for an entirely different product line –Siebel –witha wave of its hand. The economics, and the logic, simply did not add up. 61.Oracle has now solved this puzzle. To stave off the mounting competitive threat from Oracle, SAP unlawfully accessed and copied Oracle’s Software and Support Materials. F.The SAP Solution: Stolen Passage1.Oracle Finds A Suspicious Pattern62.To analyze and improve on its industry leading support services, Oracle asks each customer searching for a solution on Oracle’s Customer Connection website to click on a button after each search to indicate whether or not a particular search result helped solve the customer’s problem. If the customer selects the “No, continue search” option, the support systemresponds by offering the customer further options. Oracle regularly compiles this data to assess whether its system helped customers resolve their support issues, with the aim of continuallyimproving the support systemfor customers. 63.In late 2006, Oracle noticed huge, unexplained spikes in the number of customers on the online support website who had clicked the “No, continue search” option. These clicks numbered in the thousands for several customers, andOracle discovered that each response –each answer by users pretending to be the customer –occurred in a matter of seconds or less. Given the extreme speed at which the activity occurred, these clicks could not reflect realresponses from any human customers actuallyreading the solutions theyhad accessed. Instead, these click patterns showed that the users had employed an automated process to move withlightning speed through the entire library of Software and Support Materials on the Customer Connection website. And, apparently, to take a copy of them all. 64.Indeed, Oracle soon discovered that many of these “customers” had taken massive quantities of Software and Support Materials beyond their license rights, over and over again. Oracle also discovered that the downloaded Software and Support Materials included internaldocuments not available even to licensed customers and not available through normal, authorized use of Customer Connection. 2.Oracle Discovers The SAP Link65.Oracle embarked on a time-consuming and costlyinvestigation to assess the damage done to its customer response database and fully understand the sources of the unauthorized downloads. In the course of this investigation, Oracle discovered a pattern. Frequently, in the month before a customer’s Oracle support expired, a user purporting to be that customer, employing the customer’s log-in credentials, would access Oracle’s system and download large quantities of Software and Support Materials, including dozens, hundreds, or thousands of products beyond the scope of the specific customer’s licensed products and permitted access. Some of these apparent customer users even downloaded materials after their contractual support rights had expired.
66.Several of these apparent customer users supplied misleading identification information as part of the log-on process to Oracle’s systems. The users presumably intended this misinformation, which included false names and phone numbers, to mask from Oracle their true identity and the fact of their improper access to the Software and Support Materials. Despite this subterfuge, Oracle has traced the illegal download activity to computers using an SAP IP address. When Oracle first noticed that the unlawful access and downloads originated almost exclusively from one IP address in Bryan, Texas, Oracle shut down access to that IP address. If the access and downloads had been legitimate, the customer or vendor would have called in right away to get its access reinstated. Instead, a new IP address, also linked to SAP, sprouted up almost immediately and the unlawful access and downloading resumed. 67.Although it is now clear that the customers initially identified by Oracle as engaged in the illegal downloads are SAP TN customers, those customers do notdirectly appear to have engaged in the download activity; rather, the unlawful download activity observed by Oracle and described here originates directly from SAP’s computer networks. Oracle’s support servers have even received hits from URL addresses in the course of these unlawful downloads withSAP TN directly in the name (e.g. http://hqitpc01.tomorrownow.com). Indeed, for many of these downloads, Oracle noticed that SAP TN did not even bother to change the false user information from customer to customer when it logged in. 68.The wholesale nature of this unlawful access and downloading was extreme. SAP TN appears to have downloaded virtually everyfile, in everylibrary that it could find. 3.SAP TN’s Access Was Unauthorized69.SAP TN’s access to, and taking from,Oracle’s systemviolatedthe terms oftheOracle customers’License Agreement, the Customer Connection Terms of Use, and the Legal Download Agreement. These terms included agreeing:Not toaccess or use any portion of the Software, including updates,not expressly licensed and paid for bytheLicensee;
Not to directly or indirectly, sublicense, relicense, distribute, disclose, use, rent,orlease the Software or Documentation, or any portion thereof, for third partyuse, orthird partytraining;Not to access the customer support system if it isnot the customer’s authorized and designated Oracle technical support contact;Not to use the Materials on the support websiteexceptin support of the customer’s authorized use of the Oracle Programs forwhich the customerholdsa supported license from Oracle;That the customer username and password are for the customer’ssole use in accessing this support server;That the customer username and password may only be distributed to persons in the customer’s organization who have a legitimate business purpose for accessing the materials contained on the support server in furtherance of the customer's relationship with Oracle.
That the Materials on the support websiteare confidential information subject to existing confidentiality agreements.70.SAP TN has intimate familiarity with these important restrictions and conditions relating to Oracle’s Software and Support Materials. SAP TN’s management, and a significant number of its employees, formerly worked at PeopleSoft and JDE. Of SAP TN’s ten-member management team, six list prior employment experience with PeopleSoft, JDE, or Oracle, including: (1) Andrew Nelson, President and CEO; (2) Bob Geib, V.P. North American Sales; (3) Laura Sweetman, V.P. Global J.D.Edwards Support; (4) Mel Gadd, V.P. Quality; (5) Nigel Pullan, V.P. International Sales; and (6) Shelley Nelson, V.P. Global PeopleSoftSupport. In addition, former PeopleSoft employees who work for SAP, such as Wade Walden, who is reflected as the person performing many of the downloads at issue, appear to have applied their familiarity with the Customer Connection website to directly participate in and perfect the illegal downloading scheme. In short, SAP TN cannot credibly claim ignorance of Oracle’s access rules. 71.Notwithstanding SAP TN’s knowledge of Oracle’s license agreements withits customers, the support website terms of use, and the confidential, proprietary, and copyrighted nature of Oracle’s Software and Support Materials, Oracle has learnedthat SAP TN accessed and downloaded the Software and Support Materials when it either had no legitimate basis to access Oracle’s restricted website, or in a way that grossly violated the limited access rights it did have. Further, during the period of time between when the customer’s support license lapsed and when Oracle decommissioned the customer’s password credentials, SAP TN stillaccessed and downloaded Software and Support Materials using the old customer passwords. SAP TN did so despite its knowledge that it had no legal right or legitimate purpose to access Oracle’s system at allafter the customer’s support license lapsed. 72.SAP TN did not innocently download the Software and Support Materials–the obvious purpose was to copythemfrom Oracle’sCustomer Connection support website and store them on SAP TN’s servers for its use in marketing and providing support services to Oracle customers. The rate that SAP TN accessed these materials –at intervals of just seconds or less –shows that no one used or reviewed those materials in real time. Further, the scope of the downloaded Software and Support Materials –across multiplelibraries in multiplelines of business –for customers that had no license to take, or need for, those products, suggests that SAP TN took the Software and Support Materials to stockpile a library to support its present and prospective customers. 73.SAP TN conducted these high-tech raids as SAP AG’s agent and instrumentalityand as the cornerstone strategyofSAP AG’s highly-publicized Safe Passage program. Further, to the extent SAP TN had any legitimate basis to access Oracle’s site as a contract consultant for a customer with current licensed support rights, SAP TN committed to abide by the same license obligations and usage terms and conditions described above applicable to licensed customers. Indeed, anyoneaccessing such Software and Support Materials on the Oracle support website must agree to Oracle’s terms and conditions, which restrict access to support only for products that a company has licensed, and impose strict confidentiality requirements. SAP TN reviewed and agreed to the terms and conditions on Oracle’s support website before proceeding, and therefore committed its theft knowingly and intentionally, and in conscious disregard of Oracle’s protected intellectual property and the integrity of its computer systems. 74.The Software and Support Materials that SAP TN downloaded from Oracle’s systems also included numerous works that are protected under the Federal Copyright Laws, 17 U.S.C. §§101 et seq. SAP TN’s acts violated Oracle’s exclusive rights to use, reproduce, create derivative works, publish, display, offer for sale, and distribute these works. Such acts constitute copyright infringement under 17 U.S.C. § 501 and also willful and intentional copyright infringement under 17 U.S.C. § 506. With literallythousands of software programs available for licensing, Oracle does not typically obtain copyright registrations on all programs or related Software and Support Materials as it generally does not find itself in the position of having to enforce its copyrights through litigation to stop conduct constituting an intentional infringement of Oracle’s rights. Accordingly, Oracle will amend its Complaint to add further copyright allegations and causes of action when the registrations for these copyrights issue from the United States Copyright Office.4.Specific Examples Of SAP TN’s Unlawful Customer Downloads75.SAP TN’s improper access to, and taking from,Oracle’s Customer Connection website is too pervasive, and covers too many individual violations, to comprehensively detail here. Oracle has uncovered unlicensed downloads linked to SAP TN on behalf of numerous customers, including without limitation, Abbott Laboratories, Abitibi-Consolidated, Inc., Bear, Stearns & Co., Berri Limited, Border Foods, Caterpillar Elphinstone, Distribution & Auto Service, Fuelserv Limited, Grupo Costamex, Helzberg Diamonds, Herbert Waldman, Honeywell International, Interbrew UK, Laird Plastics, Merck & Co., Metro Machine Corp., Mortice Kern Systems, Inc., National Manufacturing, NGC Management Limited, OCE Technologies, B.V., Ronis, S.A., Smithfield Foods, SPX Corporation, Stora Enso, Texas Association of School Boards, VSM Group AB, and Yazaki North America. By way of example ofthe nature and extent of SAP’s theft, Oracle sets forth below illustrative instances of SAP TN’s illegal conduct regarding a few of its customers.76.Honeywell.HoneywellInternational (“Honeywell”) is listed on SAP TN’s website as a client. In the approximately three and a half year periodbefore Honeywell switchedto SAP TN, itaveraged just over 20 downloads of Software and Support Materials per month. Then, after switching to SAP TN, a user employing Honeywell’s log-in ID downloaded over 7,000 Software and Support Materials in less than two weeks in January 2007.Most of these excessive downloads came during the course of four days, during which “Honeywell” was downloading almost 1800 solutionsper day. Over 2,000 of the Software and Support Materials taken in this period were solutions that Honeywell was not licensed to take at all. In one specific librarycontaining solutions for Enterprise One software, “Honeywell” downloaded over 450 distinct unlicensed solutions on January 16, 2007 and nearly 400 more the next day. These downloads spanned virtually everylibrary in every line of business–far beyond the products to whichHoneywellhadauthorized accessas an Oracle customer. This unlawful downloading even stretched across product families. Honeywell used and licensed PeopleSoft software applications, but Oracle discovered users downloading JDE products with Honeywell’s credentials. Oracle subsequently connectedmany of the illegal downloadsto an SAP TN IP address and to SAP TN’semployee, Wade Walden –aformer PeopleSoft employee now employed by SAP.77.Merck. Merck & Company, Inc. (“Merck”),one of the largest pharmaceutical companies in the world, licenses and receives support for many Oracle software products. Merck’s support rights for its JDE software products expired on January 1, 2007.In the three months prior to that date,users purporting to be “Merck” logged into the Oracle support systemand downloaded over 9,000 distinct Software and Support Materials for JDE software. More than 5,000 of these downloads related to JDE software products for which Merck had no license. But, the unauthorized downloads did not stop there. Users logging into Oracle’s support systemwithMerck’s credentials continued to download Software and Support Materials into March 2007. Many of these “Merck” downloads camedirectly from an IP address in Bryan, Texasthat belongs to SAP TN, and some were traced to a computer with SAP TN’s initials in the title, “TN-DL03.” In many cases, SAP TN users employed fake identification information to download the Software and Support Materials, using namessuch as“xx” “ss” and “NULL,” and phone numbers such as “4444444444” and “999 999 9999.” Neither Merck nor SAP TN had any license, authorization or other right to access and download the 5,000-plus unlicensed Software and Support Materials from Oracle.78.OCE. OCE-Technologies B.V. (“OCE”) is located in the Netherlands and appears as a customer on SAP TN’s website. In the months leading up to the expiration of OCE’s support rights for its Oracle products, users employing OCE’s credentials downloaded a large number of Oracle products relating to US Payroll, Canadian Payroll, Homebuilder Management, and Real Estate Management –none of which make sense coming from a European customer in support of its European business. From December of 2006 to January of 2007, SAP TN users logged into Oracle’s support system using OCE’s credentials (and, in some cases, false user names) and downloaded over 12,000 distinct Software and Support Materials. These downloads included over 3,000 distinct items for which OCE had no license. There is little chance that SAP TN intended OCE as the beneficiary of these massive sweeps, since OCE does not runmany of the software programs to which these downloads relate, and neither OCE nor SAP TN have any license, authorization, or other right to access and download these Software and Support Materials. Like the other companies, these illegal downloads are associated withthe same IP address belonging to SAP TN in Bryan, Texas, including specifically to a computer with SAP TN’s initials in the title, “TNL-02.” Similar to the other customer examples, many of these “OCE” users entered phony identification information, such as the name “user” and phone numbers such as “123 456 7897,” “9999999999,” and even “xxx xxx xxxx.” This systematic sweep of products across numerous licensed and unlicensed Oracle product lines and libraries dramatically exceeded the accessfor which OCE (and SAP TN acting on its behalf) had any right or authority,and could serve no legitimate or lawful business purpose.
79.SPX.SPX Corporation (“SPX”) dropped all Oracle support on December 10, 2006 and became an SAP TN customer, listed on its website. For the nine month period prior to October 2006, SPX averaged approximately eleven downloads per month from Oracle’s support system. Then, between October and December 2006, users purporting to represent SPX accessed and downloaded over 8,000 distinct Oracle Software and Support Materials (far more than SPX could legitimately access or use). These SPX downloads included over 1,700 distinct Software and Support Materials for which SPX had no license. Over 300 distinct downloads just on November 30, 2006 were Software and Support Materials related to unlicensed Payroll software. In some cases, these users logged in using SPX credentials, but used fake identification information like the name “NULL” and phone numbers like “7777777777” and “999 999 9999.” Many of these SPX downloads, like the others, originated from the same IP address belonging to SAP TN, and some were traced to a computer with SAP TN’s initials in the title, “tn-wts01.”80.Metro Machine.Metro Machine Corp. (“Metro Machine”) dropped all Oracle support effective on January 1, 2007 and switched to SAP TN, as reflected on SAP TN’s website. In the month before Metro Machine dropped its support rights with Oracle, users purporting to represent Metro Machine logged onto Oracle’s support servers and downloaded nearly6,000 distinct Software and Support Materials. Nearly 400 of those downloads related to software programs that Metro Machine had not licensed from Oracle. In addition, users logging into Oracle’s support systemwithMetro Machine’s credentials continued to download Software and Support Materials into March 2007. Oracle has traced these illegal and unauthorized downloads to the same SAP TN IP address employed for the Honeywell downloads described above. G.SAP Adds The Ill-Gotten Gains To Its Coffers81.SAP TNnow claims to have delivered thousands of fixes and more than 800 tax and regulatoryupdates to Oracle’s former customers. Not coincidentally, SAP TN, at SAP AG’s and SAP America’s direction, illegally downloadedthousands of fixes and updates from Oracle’s restricted customer support website. SAP AG and SAP America directed this download scheme, ratified it, and never disavowed it. UsingOracle’s own protected property to unfairly compete against and undercut Oracle, SAP has illegally convertedOracle’s former, current, and prospectivecustomers and the associated license and support revenue to artificially inflate its market share. SAP has thereby caused significant damage to Oracle through its SAP TN subsidiary, in additionto the irreparable harmcaused by Defendants’ unfair competition, interference withOracle’s business relationships, trespass on Oracle’s support website, and related computer fraud.
|
 |
 
|
Evan Schuman is the former retail technology editor for eWEEK.com, PCMagazine, CIOInsight and retail reporter for RISNews and Consumer Goods Technology. Having covered IT issues for 21 years - and other stuff like legal affairs, politics, Wall Street and the environment for about eight years before that - Schuman is in a good position to gripe about technology trends and sometimes accidentally make a good point.
|
|
|
|
|
|
Warning: main(../connections/myconnection.php) [ function.main]: failed to open stream: No such file or directory in /home/eschuman/public_html/includes/latest_column.php on line 19
Warning: main(../connections/myconnection.php) [ function.main]: failed to open stream: No such file or directory in /home/eschuman/public_html/includes/latest_column.php on line 19
Warning: main(../connections/myconnection.php) [ function.main]: failed to open stream: No such file or directory in /home/eschuman/public_html/includes/latest_column.php on line 19
Fatal error: main() [ function.require]: Failed opening required '../connections/myconnection.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/eschuman/public_html/includes/latest_column.php on line 19
| |
