Posted by: ITKE
A quiet afternoon spent prepping for March Madness was interrupted Thursday, as news of Oracle’s lawsuit against SAP hit the wires. Was this just another spotlight-grab by one of the best in the business, Larry Ellison? Or was there something to it?
As outlined in the Eye on Oracle blog post, the charges Oracle is pressing against SAP seem to have real merit, and the level of detail in the lawsuit is pretty impressive. It will certainly be interesting to see which company prevails in court or if there’s some sort of settlement.
For its part, SAP just issued a statement from Steve Bauer, VP for Global Communications, saying:
"SAP will not comment other than to make it clear to our customers, prospects, investors, employees and partners that SAP will aggressively defend against the claims made by Oracle in the lawsuit. SAP will remain focused on delivering products and services — including those from TomorrowNow — that ensure success for our customers."
The lawsuit does raise a couple of interesting questions beyond who will prevail: In a competitive market like this, with two companies that clearly don’t like each other, should we be all that surprised that something like this would happen? And while it is pretty clear, if the charges are true, that SAP did something wrong, will Oracle really be able to prove damages?
Addressing the first question first, in any market as fiercely competitive as this one, companies are constantly trying to get an edge. It is an expected part of doing business.
“This is something that is done a lot in the industry, where companies do whatever they can to find out about competitors at different levels and to different extents this stuff is done more often then you’d think,” said Martin Schneider, senior analyst for enterprise software for New York’s 451 Group.
However, the activity described in the lawsuit goes beyond the usual competitive hijinks we see between software vendors, like having competitive intelligence folks scouring the Web for any tidbit of information or snippet of code.
“It was password-protected information. Does that make it wrong? Yeah,” Schneider said. “So, it’s really the methods they used. And some of it was so obvious, the people obviously weren’t hiding the fact that they had no business on the site.”
Material from the brief Oracle filed backs this point up, somewhat hilariously, stating:
“In many instances […] SAP employees used the log-in IDs of multiple customers, combined with phony user log-in information, to gain access to Oracle’s system under false pretexts. Employing these techniques, SAP users effectively swept much of the contents of Oracle’s system onto SAP’s servers. These ‘customer users’ supplied user information (such as user name, email address, and phone number) that did not match the customer at all. In some cases, this user information did not match anything: it was fake. For example, some users logged in with the user names of ‘xx,’ ‘ss,’ ‘User’ and ‘NULL.’ Others used phony email addresses like ‘firstname.lastname@example.org’ and fake phone numbers such as ‘7777777777’ and ‘123 456 7897.’”
Yes, you read that right — “testyomama.com.”
But Schneider also pointed out that SAP probably could have gotten the information in other ways. After all, if SAP was taking on these new customers from Oracle, a lot of the materials were probably available from the customer side.
“I think they were just kind of making neat and tidy collections of stuff that they could’ve gotten in other ways,” he said.
But while what SAP allegedly did was sketchy at best, actual monetary damages will be more difficult to prove.
“If the information was that valuable to Oracle it would’ve policed the site a little more,” Schneider explained. “It would’ve had security and alerts so it could’ve stopped it more quickly. They would’ve turned off access as soon as customers left,” Schneider said.
Think of your typical subscription to, say, ESPN.com Insider. When a user’s subscription runs out, ESPN immediately cuts off that user’s access to Insider content — I know firsthand. And that content is only worth $39.95 per year.
So, the actual damage to Oracle may be tougher to prove than SAP’s wrongdoing. And if this was some small, independent reseller, Schneider thinks Oracle would likely have just sent a cease-and-desist letter.
“Are they making a mountain out of a slightly smaller mountain? Yes. I won’t say it’s a molehill, but they are making as big a deal as possible about it because SAP is their biggest competitor,” he said.
The ultimate fallout of the lawsuit remains to be seen, and we’ll keep a close eye on the situation. We’re, of course, interested in your thoughts. Will this hurt SAP in the long run? Does it make you less likely to purchase SAP products? Any predictions on an award or settlement? Drop us an email at email@example.com to let us know what you think.Jon Franke News Editor