Oracle Corporation et al v. SAP AG et al
Declaration of Chad Russell in Support of 859 Memorandum in Opposition, to Defendants' Motion to Partially Exclude Testimony of Kevin Mandia and Daniel Levy filed byOracle International Corporation, Oracle USA Inc., Siebel Systems, Inc.. (Attachments: # 1 Exhibit A, # 2 Exhibit B, # 3 Exhibit C, # 4 Exhibit D, # 5 Exhibit E, # 6 Exhibit F, # 7 Exhibit G, # 8 Exhibit H, # 9 Exhibit I, # 10 Exhibit J, # 11 Exhibit K, # 12 Exhibit L, # 13 Exhibit M, # 14 Exhibit N, # 15 Exhibit O, # 16 Exhibit P, # 17 Exhibit Q, # 18 Exhibit R, # 19 Exhibit S, # 20 Exhibit T, # 21 Exhibit U, # 22 Exhibit V)(Related document(s) 859 ) (Russell, Chad) (Filed on 9/9/2010)
Oracle Corporation et al v. SAP AG et al
Doc. 860 Att. 13
Plaintiffs Oracle USA, Inc. ("OUSA"), Oracle International Corporation ("OIC"), Siebel
Systems Inc. ("SSI"), and Oracle EMEA Limited ("OEMEA") (together "Oracle" or "Plaintiffs") maintain suit against SAP AG, SAP America, Inc., and TomorrowNow, Inc. ("TomorrowNow") (collectively referred to as "Defendants"). The suit was originally filed in March 2007, and the Fourth Amended Complaint, dated August 18, 2009, sets forth the currently alleged facts and causes of action. I have prepared this report ("Report") at the request of Defendants. This Report sets forth my analysis and opinions in detail and provides the bases for my opinions. I was asked by Defendants to review and respond as appropriate to a report entitled "Analysis of SAP TN's Collection and Use of Oracle Software and Related Materials" (the "Mandiant Report").1 The Mandiant Report was first submitted on November 16, 2009, and has been supplemented several times. The version of the Mandiant Report that I refer to in this Report was last supplemented on February 12, 2010. Specifically I was asked to analyze and opine on the opinions, work product, and analysis contained in the Mandiant Report in the following areas: x x TomorrowNow's alleged improper access to Oracle's support websites; TomorrowNow's alleged copying, modification, distribution, and further use of Software and Support Materials ("SSMs") allegedly downloaded from Oracle's support websites; Any comparison between the Oracle SSMs allegedly obtained by TomorrowNow and Oracle's Registered Works asserted in this Action; TomorrowNow's alleged receipt, copying, modification, distribution, and further use of Oracle Enterprise Application and Database Software;
I note that throughout the Mandiant Report there are many references to other parties, e.g., "Mandiant," and "the team," that participated in the writing of the report. Also, on occasion in the Mandiant Report, there are references to Kevin Mandia's interaction with these other parties, e.g., "I QC'd...[some work product element]." The extent of the activity of these other parties is not disclosed along with whether the opinions in the report are actually the other parties' opinions or that of Kevin Mandia.
Definitions in Mandiant Report The definitions listed in the Mandiant Report do not contain any information regarding
where, or who, they came from. As such, it is difficult to fully analyze the implications of each of these definitions without the context of their source. Normally, I expect to find references to dictionaries or other authoritative sources for such information.
Discussion, and disproportionate treatment, of different product lines serviced by TomorrowNow
Discussion does not reveal familiarity with this software in particular and Copyright analysis generally The Mandiant Report devotes numerous pages to generalizing and characterizing
TomorrowNow's services and business model. This discussion shows that the Mandiant Report opinions are dependent on Oracle employees, that Mandia is not familiar with the software at issue, and that the Mandiant Report is almost exclusively focused on conduct related to TomorrowNow's PeopleSoft support services. 8.1.1. Mandiant relies on undisclosed expert opinions from Oracle employees As noted above, the Mandiant Report typically relies on the opinions of Oracle employees as the basis for the statements that a given Registered Work contains Protected Expression. This is again highlighted here. For example, the Mandiant Report overview of PeopleSoft products asserts that because certain Oracle employees stated that SQR, SQC and COBOL files contain creative ( i.e., allegedly protected) expression, it must be so: In conversations with Oracle employees including Oracle's Chief Corporate Architect, Edward Screven, and Norm Ackermann, I have been informed that COBOL, SQR, and SQC files are the result of creative expression and embody a developer's particular choices.52
Mandiant Report, ¶ 112.
Again, without the basis for Mr. Screven's and Mr. Ackerman's statements, I cannot fully Again, evaluate the accusation of Copyright infringement. As another example of the reliance on third parties, the Mandiant Report relies on Oracle employees for the opinion on improper use of Protected Expression: In conversations with Oracle employees including Oracle's Chief Architect, Edward Screven, and Oracle employees Jason Rice and Buffy Ransom, I have been informed that ".c" and ".h" files are the result of creative expression and embody a developer's particular choices. It is my understanding that there would be more than one way to solve any particular problem in these types of files. It is also my understanding that these files contain comments and other nonfunctional material, and that the names of these files and the variables and functions within these files are largely arbitrary, and the result of a developer's creative expression. In conversations with Oracle's Chief Architect, Edward Screven, and Oracle employee Greg Story, I have been informed that the source code members comprising JD Edwards World are the result of creative expression and embody a developer's particular choices.53 Again, without the basis for the Oracle employee's opinions, I cannot fully evaluate the accusations of Copyright infringement in the Mandiant Report. 8.1.2. The Mandiant Report does not use terms consistently, which suggests a possible lack of background and experience with these types of software programs Also contained in the Mandiant Report are several statements that would not be expected from a person with a background and experience related to the kinds of products and services at issue in this matter. For example, the following statement appears to indicate a lack of understanding about the relationship between application software and the database management system upon which it depends: Oracle has designed Oracle Database Software to work with Oracle's Enterprise Application Software. In other words, a product such as PeopleSoft HRMS is preloaded with the structure of the Oracle Database software so that customers can both store and use their data more efficiently in one integrated technology stack, making the customer's information management less complicated and less expensive to manage.
Mandiant Report, ¶¶ 120-121.
Access allegations ignore when and how user names and IDs are given The Mandiant Report alleges that TomorrowNow improperly used TomorrowNow's
customer's login and password to access the Oracle websites which somehow made it impossible to determine which "credentials" went with which customers. 9.4.1. The Mandiant Report never analyzes how customer "credentials" are issued and potentially modified The Mandiant Report ignores the process generally used for a user to establish "credentials." Typically, a user is asked to register with a website in order to establish a user name and password that will be used in subsequent visits to gain access to the website and the materials therein. It is at the point that pertinent user information is supplied to the website. There is nothing in the Mandiant Report that suggests any analysis of how "credentials" were issued or potentially modified by Oracle's customers who used Customer Connection and Change Assistant during the times relevant to Oracle's claims. 9.5 Analysis of Titan ignores Oracle's own testimony regarding the claimed unavailability of g Customer Connection and the purpose of Titan Customer The Mandiant Report mischaracterizes the purpose and scope of the proprietary program known as Titan used by TomorrowNow to conduct certain portions of the download process for certain customers: Over time, SAP TN developed a tool known as Titan. SAP TN programmed Titan , p pg known to allow automated, mass downloading from Oracle without regard to any license , to restrictions a customer may have.97 restrictions TomorrowNow's internal manuals and deposition testimony from TomorrowNow TomorrowNow's witnesses witnesses confirm that Titan was neither designed nor used in production to indiscriminately
Mandiant Report, ¶ 174. The Mandiant Report in paragraph 5 also asserts "[i]n other words, SAP TN used virtually any working credentials to download files indiscriminately."
98 download Oracle material without regard for customer licenses.98 TomorrowNow did not have
access to its customers' respective license agreements with Oracle. TomorrowNow relied on the access representations of its customers to determine which customers were entitled to which Oracle to materials materials retrieved from Oracle websites using Titan.99 9.5.1. Purpose and explanation of Titan Titan was designed to automate the download process for TomorrowNow's use on behalf of its customers.100 The tool was designed to access files that were available through Customer Connection. There was nothing in the Titan system that was designed to do anything other than what a customer could legitimately do for themselves manually -- Titan just did it much faster.101 9.5.2. Omitted, but relevant, context for the cited situation The Mandiant Report presents log file analysis that shows that Titan occasionally experienced errors when trying to connect to Oracle's Customer Connection website.102 This analysis revealed that Titan occasionally failed to authenticate to the Customer Connection
See TN-OR00083849-60 (TomorrowNow download manual requiring engineers to "update [the customer log in] window with the clients log in information and company name" and noting that "Titan uses this contact information to connect to PeopleSoft"); June 3, 2009 Deposition of Josh Testone, at 44:17-24 (explaining that TomorrowNow had rules in place related to downloading that related to maintenance end dates, using a specific customer's credentials to access Oracle's website for downloading, and storing downloads in customer specific folders) and 84:15-25 (explaining that TomorrowNow stored materials downloaded by Titan directly to a file share that kept the download's company name, product, etc. structure); September 22, 2009 Deposition of Peggy Lanford, at 35:21-36:2 (stating that she was not aware of TomorrowNow downloading materials for a customer after their maintenance end date or using the wrong customer's credentials) and 37:17-39:3 (stating that in performing downloads TomorrowNow would use information regarding what releases a customer needed, the customers user name and password and the customer's maintenance end date). See also generally February 19, 2008 Deposition of Mark Kreutz, at 179:13-16 (explaining that it was TomorrowNow's policy at the time he joined the company in late 2005 to use a specific customer's credentials to download items for that customer and to download all items before the maintenance end date); June 19, 2009 Deposition of Peter Surette, at 21:7-19; and April 1, 2008 Deposition of Katherine Williams at 102:9-22. See generally October 30, 2007 Deposition of Mark Kreutz, at 175:10-176:12 and January 9, 2009 Deposition of Bob Geib, at 50:2-51:5. See June 3, 2009 Deposition of Josh Testone, at 75:19-76:7 and 83:20-84:25. See December 2, 2009 Deposition of John Ritchie, at 175:1-5. Mandiant Report, ¶¶180-189.
100 101 102
website for a period of time. Generally, the recovery approach taken by TomorrowNow operations staff was to restart Titan.103 Based on this log data analysis, undisclosed source code analysis and testimony from TomorrowNow witnesses, the Mandiant Report suggests that Titan probably restricted other customers from access to Oracle's Customer Connection website.104 The Mandiant report concluded: In summary, the roadmap provided by Ritchie, the Titan source code and the Titan log files together suggest that customers more than likely were not able to access Oracle websites as easily, or at all, while Titan was running.105 However, the Mandiant Report provides no explanation of how this suggestion could have been derived from the material analyzed and the Mandiant Report also leaves out critical facts that contradict this allegation. 9.5.3. The Mandiant Report ignores Oracle deposition testimony on this topic and does not contain any analysis regarding the Oracle website capabilities It should be noted that nothing is presented in the Mandiant Report to suggest that the Oracle Customer Connection ever experienced an outage related to Titan. However that fact is confirmed by Oracle's own corporate representative witnesses.106 Also, there is nothing in the Mandiant Report's analysis of the Titan logs that suggest that the problem affected the Customer Connection website. My analysis of the cited log files indicates that the more likely scenario is
See December 2, 2009 Deposition of John Ritchie, at 52:11-15 (describing the process of re-connecting to the Oracle website when Titan failed). Mandiant Report, ¶¶180-189. Mandiant Report, ¶ 189. December 4, 2009, Deposition of Uwe Koehler, at 105:3-106:9 (stating that in investigating the logs to determine the effects of TomorrowNow's downloading activity Oracle was "looking for a massive amount" of failed login attempts and that "this did not occur"); see also December 5, 2008 Deposition of Uwe Koehler, at 38:12-41:16 (in describing whether any actions by TomorrowNow affected the availability of any data on Customer Connection, stating that "[w]e never received complaints from customers that the systems had not been available or slow. And internally, to my knowledge, we are also not aware of that"). Further, see October 15, 2009 Deposition of Jason Kees, at 205:23-208:3 (stating that he was not aware of any impact on Oracle's systems related to any access by TomorrowNow of Siebel's support website).
104 105 106
that the problem was local to TomorrowNow and had no impact on any Oracle website.107 And, as confirmed by deposition testimony of one of the authors of Titan, the log files themselves do not actually reflect what is happening on the Oracle systems, but instead, reflect what is happening with Titan.108 Additionally, the Mandiant Report does not include any analysis, or even indication, that Oracle's website capabilities or Oracle's log files were considered or reviewed in reaching the stated conclusions. 9.5.4. The Mandiant Report's discussion of Support Web The Mandiant Report states that "[t]he nature of these tools and the evidence of their use indicate to me an intentional, knowing effort to bypass any access or use restrictions and perform mass downloading from SupportWeb."109 Based on my conversation with a former TomorrowNow employee, Michael Garafola, I understand that once a user accesses SupportWeb, SupportWeb, the user is allowed unlimited access to support materials relating to all Siebel versions versions without restriction.110 The only restricted information on the SupportWeb site concerns Service Requests relating to problem reporting and resolution for specific customers and, thus, that information is only provided to the customer whose log-in is used to access SupportWeb.111
See BU01\JDEUpdates&Fixes1-14\Single Files\Abitibi Consolidated\World\World A73\SAR Information\logfile.txt (showing without further analysis that there was simply a problem with the connection) which is on TN-OR 02989997, TN (Hard Drive).33. See December 2, 2009 Deposition of John Ritchie, at 169:15-171:16. Mandiant Report, ¶ 175. March 10, 2010 conversation with Michael Garafola. March Id.
108 109 110 111
As noted, there is no technical reason for a database installation for each customer
Although the Meyer Report uses different numbers165 than the Mandiant Report, both are based on the flawed assumption that an instance of an Oracle database should be counted as a copy of Oracle's database management software. As noted above, there is no technical reason that each separate database instance would require a separate database software system installation. Oracle's software is designed to support multiple databases per database management software instance. 10.6.6. Even if the Meyer Report is correct, TomorrowNow was not using the Oracle database installations for production environments. Therefore, TomorrowNow would technically only need a single processor for each The Meyer Report assumes an eight processor server in calculating some of the license values.166 Assuming, arguendo, that the Meyer Report was correct in the count of database management software installations found on TomorrowNow's servers, there is no technical reason to assume an eight processor configuration for each instance. To the extent that TomorrowNow was using any Oracle database management software in support of its customers, database the Thus, the use was not for production. Thus, for TomorrowNow's purposes, a single processor configuration would have been ample for any instance of Oracle's database management software.167 software.167 Based on my understanding of TomorrowNow's services, TomorrowNow's selection of Based server configurations with more than one processor would have had nothing to do with the database management software requirements. These larger configurations were needed to
There is no explanation for the variance between the number of Oracle database installations in the Meyer Report and that reported in the Mandiant Report. Meyer Report, ¶ 252. March 10, 2010 conversation with John Baugh. March
support the volume of business activity anticipated or performed by TomorrowNow unrelated to r the requirements for database management.168 the Along the same lines, even if the Meyer Report is right in that TomorrowNow would need an instance of Oracle Database Software for each instance of an Oracle database, there would not be a need for more than a single processor server to support it. Assuming an eight processor configuration does not make any technical sense. 10.6.7. The Meyer Report increased the numbers based on the alleged contamination identified in the Mandiant Report As noted, the counts of supposed "copies" of Oracle database software in the Meyer Report and the Mandiant Report are different. Although the Meyer Report does not address this issue directly, it appears that the difference may be due to different accounting of alleged "contamination." But, there is no explanation in the Meyer Report that accounts for this difference and the Mandiant Report does not include the "contamination" analysis found in the Meyer Report. Also, I am unaware of any analysis in the Mandiant Report that could be used as a basis for the Meyer Report counts of Oracle Database Software allegedly found on TomorrowNow's servers. And, there is no indication whatsoever in the Meyer Report that either Meyer is qualified to perform, or actually performed, the counts himself independently of Mandiant and the Mandiant Report. 10.6.7.1 The Meyer Report counts are overstated regarding alleged "contamination" and the explanation in the report for the counts makes little technical sense
The Meyer Report offers the opinion that all 172 TomorrowNow PeopleSoft HRMS customers required an Oracle Database Software license. 169 This count is overstated. The
March 10, 2010 conversation with John Baugh. March Meyer Report, ¶ 257.
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?