Denys Rudyi - Fotolia
Earlier this year, the Chilean government began investigating Oracle over abuse of its licence audit terms. La Fiscalía Nacional Económica (FNE), Chile’s national economic prosecutor, found that “frequently, audits involved the wrong or automatic installation of products/optional packs where customers didn’t know they required separate licences”.
According to Craig Guarente, CEO and founder of Palisade Compliance, the FNE looked at about 100 Oracle clients, many of them large and sophisticated, to determine why Oracle had found them out of compliance and forced them to pay large sums of money.
The FNE said Oracle had agreed with the Chilean government to improve information about products related to those for which customers acquire a licence, but that may have an additional cost and require a separate licensing agreement. This will include incorporating a notice on the product download page and sending a communication to both new and current customers.
In effect, Oracle has agreed to give Chilean users a warning that an enhancement pack for its enterprise database will incur an additional licence fee.
“This move by the Chilean government may be the first salvo in a move by governments to take back control of their relationships with Oracle,” said Guarente.
But while pressure from the Chilean government has forced Oracle to make changes in that country, the database licensing situation in the UK is far from clear.
Martin Thompson, founder of the Campaign for Clear Licensing (CCL), which campaigns for fairer licensing practices and helped the FNE in its investigation, said the issues highlighted by the FNE are not unique to Chile.
“Customers fall foul of these problems across the globe,” he said. “If Oracle can admit that these measures need to be introduced in Chile, why limit it to one country? Is Oracle saying that the businesses of Chile are peculiarly prone to these licensing mis-steps, or is it saying that although it acknowledges that these practices lead to customers paying more than they really should, it will allow them to continue until each relevant authority takes the time and effort to launch an investigation?”
Thompson added: “These changes in Chile set a precedent, and Oracle should now be pressed to implement them worldwide as standard. There is no reason why any country should be exempt and all organisations – perhaps except Oracle – would stand to benefit from these changes.”
Read more about supplier management
- Heads of businesses risk breaching the Companies Act, fines, or a possible jail sentence if they fail to take software licensing risks into account.
- There is constant pressure for IT to reduce cost and do more with less. Computer Weekly explores how this is being achieved in practice.
This is because the problem of database administrators accidentally installing enhancement packs when they download an Oracle database update is not limited to Chilean users – it is a problem that happens time and time again in many Oracle installations around the world.
In a post examining the Chilean government’s findings, Rich Gibbons, licensing analyst at Itam Review, wrote: “These products – such as the tuning pack, partitioning, and diagnostics pack – are options that must be licensed separately, and incur additional charges, but are installed automatically when using the default installation option presented by the software.
“This means that to be sure of a compliant installation, organisations must choose the ‘customised’ installation option and select only the options included within the licence. It seems reasonable to believe that many people would do the opposite – that is, stay away from the ‘customised’ option, lest they inadvertently select an option for which their organisation is not licensed.”
As it stands, it is too easy for people to be caught out with unlicensed Oracle enhancement packs, as they are downloaded and installed by default. Robin Fry, director of Cerno Professional Services, said a number of his clients have been caught out by inadvertently installing database and maintenance packs that require additional licences.
“An Oracle audit on one hedge fund client exposed ‘installation’ of six database management packs – none of which had been ordered by our client,” said Fry. “The under-licensing claim equalled the total investment for the database processor usage – $47,000 per processor plus back support.
“Following negotiations with Oracle and the signing of a ‘declaration of non-usage’, we were able to remove this claim. But this would not have been possible if the packs had been initiated.”
Fry’s key point here is that the user will need to prove to Oracle that the enhancements packs have not been used.
Hidden cost of accepting a default Oracle install
According to Oracle’s most recent price list in June 2018, a single processor Oracle database enterprise edition licence costs $47,500 with an additional support fee of $10,450.
The cost of licensed enhancement packs for the Oracle database ranges from $5,000 for the diagnostic pack plus a $1,100 support fee per processor, to £40,000 for the retail and £50,000 for the communications data models. Per-user licensing for these enhancements is set at $800 and $1,500, respectively. On top of that, the user may choose to take out a support contract, adding a further 20% to the licensing cost.
Fry pointed out that, for most corporates, such significant expenditure would normally go through a formal business case and purchase order process. “It is alarming that these packs are embedded in the original download, with the risk of any junior system administrator inadvertently triggering usage,” he said.
And the situation could get more problematic, as and when automation replaces human database administrators. Oracle is already introducing machine learning as part of its autonomous database product.
Who is the AI-based DBA really working for?
In an IDC paper looking at the Oracle autonomous database, published earlier this year, analysts Carl Olofson and David Schubmehl said the product delivers major benefits to customers in two forms – labour savings by automating database tuning and problem detection, and reduced downtime due to unplanned outages and software/system maintenance.
The risk is that the AI algorithm running the automation will choose the most optimal way it knows to improve database reliability and performance, and this may include enabling the relevant Oracle enhancement packs. In effect, by using the AI in Oracle’s autonomous database, users are implicitly licensing these enhancement packs.
Duncan Jones, principal analyst at Forrester, said: “I think the key point is that licence optimisation should be part of application performance management, rather than a discrete function. Whether it is humans or a machine doing the tuning, you have to take care to include the cost implications in the constraints and the key performance indicators you are trying to optimise.
“I’d say it was reasonable – desirable, even – for Oracle’s algorithm to recommend installing an add-on that would improve software performance, provided that the customer has a chance to accept or reject that suggestion. The customer also needs monitoring software to spot immediately if a person or an algorithm has created an unintended liability, so they can fix it.”
Jones said software providers should ensure their sales teams show empathy and tolerance when they discover inadvertent under-licensing, as long as the non-compliance is not deliberate or reckless. He advises clients to demand amendments to the audit clauses of their software agreements to formalise this principle.