Companies may need to distinguish between software development work on commercial software they do themselves and what they pay an outsourcer to do on their behalf.
In a report following a recent legal dispute in the US, analyst Forrester has warned CIOs that if they have outsourced software customisation, maintenance and/or administration, they may be in breach of their licence agreements.
Duncan Jones, a principal analyst at Forrester, urged CIOs to pay close attention to older contracts that commenced before outsourcing became commonplace.
Jones’s comment follows the partial ruling in the "Oracle versus Rimini Street" case on 13 February 2014, where third-party support provider Rimini was found in breach of Oracle intellectual property. District judge Larry Hicks ruled that Rimini did not have the rights to host its customers’ legal copies of Oracle enterprise software patches on its own servers.
Jones said: "You should go back to your licence agreements to check if you have any dangerous restrictions against modification of copies, external use and off-premise deployment – that you may inadvertently have breached. Consult your own lawyers about what this judgement means for how you have deployed and used the software."
Breach of software licence
The judge ruled on four disputed Oracle licensees: Giant Cement; Novell; City of Flint; and Pittsburgh Public Schools. The judge denied Oracle’s request for a summary judgement on two Rimini customers – Giant Cement and Novell.
More articles on software licensing
Novell’s licence for Siebel – Oracle's customer relationship management (CRM) suite – allowed for archival and/or back-up copies of the software on a third-party systems. The court could not determine whether Rimini's access to Giant Cement’s JD Edwards development environment was for archival or development purposes.
The court found that City of Flint's licence agreement with Oracle did not permit Rimini to maintain copies of Oracle's PeopleSoft software.
The ruling stated: "Upon review of Rimini’s use of the development environments associated with the City of Flint, the court finds that none of the environments were created for archival, emergency backup and/or disaster recovery purposes. Rather, the undisputed evidence establishes that these development environments were used to develop and test software updates for the City of Flint."
Likewise, with Rimini customer Pittsburgh Public Schools, the court ruled in Oracle's favour, in regard to Rimini copying Oracle's PeopleSoft software.
Heed contract restrictions
Rory Canavan, director of IT asset management (ITAM) services at 1E, said: “Oracle has every right to protect its intellectual property. Rimini Street has every right to offer independent support and maintenance. Where the streams should not collide is when a client's requirements definition becomes obsolete and the support and maintenance provider is called upon to develop additional functionality with a base product."
Independent analyst Frank Scavo stated on his blog: "Sign the vendor's licence agreement as-is and it's likely that your rights to third-party maintenance will be limited to having the third-party provider only able to work on your own installation of the software."
Beyond the specific issues surrounding the rights of third-party support providers, the case highlights shortcomings in the physical transfer of licences to outsourcers, according to Forrester's Jones.
Don’t infer meaning into the words of the contract and assume rights that you do not have
Duncan Jones, Forrester
"A lot of software contracts have restrictions that lawyers have accepted for years, such as stopping you from acting like a service provider, which effectively forbids you from putting your licences in the cloud," he warned.
Such contracts were drawn up prior to technology developments such as cloud computing. In the past, Oracle may have ignored the restrictions and thus allowed its customers to put licensed Oracle software in the cloud.
But Jones said Oracle may have to start to enforce these agreements with its customers which do not use Rimini for third-party support, since the court would question why it was ignoring the restriction stipulated in the contracts. "Oracle has opened a can of worms here," he said.
Contracts from other suppliers may also be affected if they impose similar restrictions, according to Jones. "Don’t infer meaning into the words of the contract and assume rights that you do not have," he said.
Jones warned that systems integrators will face the same problem as Rimini: "A systems integrator could develop custom code for your Oracle software that would be in breach of your licence agreement."
Time to revamp licensing
Jones recommended that organisations recheck their existing enterprise licences and update any that do not reflect modern IT use.
He said suppliers would be keen to update licences: "The software company will be more than happy to give you a modern contract because it is easier to manage. It is not that difficult if you buy something new, but money needs to change hands to lubricate the process."
Companies such as Oracle have old licences they took on when they acquired other software companies. The reason to update these old contracts is that they impose restrictions, which are actually being ignored until tested in a legal dispute.
These restrictions, along with the definition of a processor or a user, may be obsolete in today's IT world, but the wording of the contract may mean users will be in breach of their licensing agreement if they put software in the cloud or virtualise it.