This morning, the bitter competition between Oracle and SAP took a new and decidedly nasty turn. Oracle filed a lawsuit with the U.S. District Court that alleges SAP and its TomorrowNow subsidiary have stolen “…thousands of proprietary, copyrighted software products and other confidential materials” from its password-protected Customer Connection web site. Oracle also alleged that SAP and TomorrowNow stole the materials so that it could offer cut rate support services to customers who use Oracle software and attempt to lure them to SAP’s applications.

The Great Customer Connection Heist?

According to the lawsuit, Oracle noticed at the end of November 2006 that there were unusually high levels of downloads taking place from the Customer Connection web site. As all JD Edwards users who are on Oracle software maintenance know, Customer Connection is a central repository for updates, bug fixes, patches, and a wealth of technical tips and higher-level information. It represents billions of dollars of investment on Oracle’s part, not to mention the investment that the JD Edwards team has made in EnterpriseOne and World materials.

In the suit, Oracle alleges that SAP and TomorrowNow accessed Customer Connection by lifting the userids and log-ins of Oracle customers with expired or soon-to-expire support rights. According to Oracle, all of these customers had one thing in common: they either had switched to TomorrowNow for maintenance on their Oracle products or were about to switch. SAP acquired TomorrowNow in January 2005 and immediately turned the company into a weapon in its “Safe Passage” campaign to convince JD Edwards users to get off Oracle maintenance and switch to SAP applications. Since then, TomorrowNow has expanded its services to include support for PeopleSoft and Siebel applications.

According to Oracle, the illegal downloads took place from an IP address in Bryan, Texas. That is the location of an SAP branch office as well as the home office of TomorrowNow. Oracle also stated in its suit that its network logs indicate the same IP address connects to SAP’s networks. Once the people behind this IP address got into Customer Connection, they allegedly went on several massive download sprees. As Oracle states it:

“The downloads spanned every library in the Customer Connection support website. For example, using one customer’s credentials, SAP suddenly downloaded an average of over 1,800 items per day for four days straight (compared to that customer’s normal downloads averaging 20 per month). Other purported customers hit the Oracle site and harvested Software and Support Materials after they had cancelled all support with Oracle in favor of [TomorrowNow]. Moreover, these mass downloads captured Software and Support Materials that were clearly of no use to the “customers” in whose names they were taken. Indeed, the materials copied not only related to unlicensed products, but to entire Oracle product families that the customers had not licensed.”

In total, Oracle believes that SAP and TomorrowNow made more than 10,000 illegal downloads of Customer Connection materials between September 2006 and January 2007. The purpose of these downloads appears clear to Oracle. As the lawsuit states:

“Through its illegitimate and illegal business practices, SAP has taken Oracle’s Software and Support Materials and apparently used them to insinuate itself into Oracle’s customer base, and to attempt to convert these customers to SAP software applications. Oracle also has concerns that SAP may have enhanced or improved its own software applications offerings using information gleaned from Oracle’s Software and Support Materials. These illegal business practices threaten to cause irreparable harm to Oracle, its many employees, and its customers.”

Charges and Damages Galore

If Oracle has its facts right and makes them stick in court, SAP and TomorrowNow could be in for a world of legal hurt. Oracle is charging the two organizations as well as 50 individual “John Does” with computer fraud, data access fraud, interference in an attempt to gain a prospective economic advantage, unfair competition, trespass, unjust enrichment, civil conspiracy, and aiding and abetting. To put it bluntly, Oracle is throwing just about every violation it can at SAP short of crimes against humanity and cruelty to animals.

What pound of flesh will Oracle demand from SAP? While the software giant did not throw out any figures in terms of monetary damages, it will be asking the U.S. Court for restitution of any ill-gotten gains from the data theft plus punitive damages. The punitive damages alone could put a hefty number of zeroes into whatever figure eventually gets put on the table. In addition, Oracle is asking for restraining orders to stop SAP from accessing any Oracle restricted-access web site or using anything that it has downloaded from those sites. Naturally, Oracle also wants its German archrival to return everything that it allegedly stole from its web sites.

At this moment, SAP has not yet made any response to Oracle’s lawsuit. It will be very interesting to see how the gang in Walldorf spins this one. Will it defend TomorrowNow to the hilt and countersue? Will it blame the entire thing on renegade employees inside the subsidiary and offer them up as scapegoats? Or, will it try to sweep the entire matter under the rug with a months-long investigation and a quiet out-of-court settlement? Whatever does happen, I’ve got the feeling that we’re about to witness the greatest legal spectacle since Oracle locked horns with the U.S. Justice Department in its hostile takeover battle for PeopleSoft. Take your seats and get ready for the ride!

P.S. You can read the entire text of Oracle’s suit against SAP at:

What do you think about Oracle’s suit against SAP? Do you have information that would support or debunk Oracle’s claims? Care to place a bet on what happens? Then place it here in our comments section where we can lay odds with each other.