By now you probably read the story where Oracle’s security chief Mary Ann Davidson published a blog post admonishing Oracle customers who report security flaws in Oracle’s software. The post was quickly removed by Oracle and an apology was issued. It appears the wrath of the “geek world” (not my term!) forced Oracle to do a 180 on this one.
At first glance, I didn’t think much about the story because I didn’t believe it impacted our focus areas of business strategy, contracting, compliance, etc. That changed when I saw hilarious Oracle meme (pictured to the right). I’m a compliance contracts guy at heart so that pic is sad and funny at the same time!
The meme prompted me to go back and read the now-deleted post again. In the very last sentence Ms. Davidson writes, “You can’t really expect us to say ‘thank you for breaking the license agreement.’” Where most might think this is a throwaway line, or someone just trying to make a funny point, I take this a little more seriously.
I believe this quip gives a glimpse into how many people in Oracle view compliance. Oracle will use compliance (and contracts) as a weapon to force their customers to do things that Oracle wants done. For example, if a customer makes a move off of Oracle software, Oracle sales may call in the LMS compliance team to audit the customer and drive a different result. There was an article a couple of weeks ago that detailed how a court admonished Oracle for this type of behavior.
Another example that surfaces constantly is when Oracle customers want to get out of their ULA by certifying. Oracle has inserted their LMS audit team into this certification process. Compliance and audit pressure is put on the certifying customer to get them to renew their ULA and increase fees that go to Oracle. In these cases, the customer is trying to live up to their contractual obligations and because that path does not result in new revenue to Oracle, the audit pressure increases.
When I talk to clients and prospective clients I often talk about how contracts can be used by a software vendor as a shield and/or a sword. While Oracle’s security chief’s post has been deleted, the message is still out there: Do what Oracle wants or they may use the contract as a weapon against you.
This is one of the many reasons why it is imperative you have a firmly compliant position with your licensing, as well as contractual terms and conditions that are optimized for your goals, not for Oracle’s goals. I spent over 15 years at Oracle where I managed Oracle’s entire contracts organization and I was also the global process owner of their audit teams. I founded Palisade in 2011 to help my clients through the Oracle compliance and contracting minefields. Our goal at Palisade Compliance is that you take back control of your Oracle relationship of your business relationship with Oracle. That will help you save money and stay in compliance.