SAP/Diageo case shows software licensing needs to adapt to digital realities

Here we are, it’s 2017, on-demand and pay-as-you-go software is all the rage, cloud is the rising and soon-to-be dominant IT architecture, and yet we’re still talking about software suppliers stiffing their customers with the fine print in licensing contracts.

SAP users have reacted with understandable alarm to their supplier’s High Court victory over one of its largest customers, drinks giant Diageo, claiming nearly £60m in unpaid fees. The case could set a worrying precedent as firms increasingly adopt application programming interfaces (APIs) as a primary means of interacting with corporate systems.

The Diageo case centred on so-called “indirect access” whereby an external customer software application accesses the core SAP system. The supplier argued successfully that every Diageo customer that could come through this interface – 5,800 of them – should be treated as a “user” under the terms of its software licence.

While this may be legally the case, in practical terms it’s clearly absurd. In effect, the ruling implies that any user coming through a third-party app or a web browser through an API into a back-end software system should be licensed in the same way as a user actively logged in to that system.

Think about the implications here as we move to the internet of things (IoT) – theoretically, every one of tens of thousands of sensor devices feeding data through an API into a database could be defined as a “user” and require appropriate licensing fees.

This is not an issue specific to SAP, but to the increasingly outdated model of software licensing offered by what we might have to call 20th century software vendors. If the SAP case sets a precedent, you can be sure that the Oracles, Microsofts and others of the world will rub their hands with glee.

The judge in the Diageo case subtly acknowledged the absurdity. While she upheld the claim based on SAP’s licence terms, willingly signed by Diageo, she implied that the supplier ought to introduce a new category of user for such a situation – one which is priced more realistically for indirect access to the SAP application.

Nobody is suggesting that software vendors shouldn’t be able to set a fair price for their products and license accordingly. But the “per user” style of pricing is outdated – it was developed for 1990s era technology where every user sat at a PC and connected to a server.

Before long, it’s possible we will see situations where every non-admin user is another app, a bot, or an IoT device, where a per-transaction micropayment model might be more appropriate. Old-style software licensing needs to adapt to modern IT realities.