Client Profile

Sector
Manufacturing
Geography
Illinois, USA
Employees
~2,800
Oracle Java Exposure
$5.346M (claimed)

The Challenge

On 23 January 2023, Oracle released its new Java SE licensing model. The change replaced the previous processor-based and Named User Plus (NUP) licensing with a single Employee-Based Subscription (EBS) model, under which every full-time and part-time employee of the organisation — and every contractor — is subject to a licensing fee, regardless of whether they personally use Java. For organisations that had been licensing Java based on actual processor or named user counts, the commercial impact of this change was immediate and dramatic.

The Illinois manufacturer had deployed Java SE across its production environment for approximately 2,800 named users and a server estate of 47 processors. Under the previous licensing model, its annual Java cost was approximately $312,000. Under the new Employee-Based Subscription model applied to its full workforce of 4,200 employees (including part-time and contractor staff), the annual cost increased to $1.28 million — a 410% increase for no corresponding increase in usage or value.

Six months after the model change, Oracle's licence management team issued a compliance notice. Oracle claimed the organisation had been using Java SE without appropriate licence coverage since January 2023 (when the new model took effect), and that it had been underpaying under the previous model as a result of an allegedly over-aggressive "named user" licence structure. The combined historical and prospective claim totalled $5.346 million.

Oracle's Employee-Based Subscription applies to every employee, including those who have never touched Java — creating a licensing model where the cost is driven entirely by headcount rather than actual software usage.

The Approach

Redress Compliance was engaged within ten days of the compliance notice being received. The initial priority was to understand the full scope of Oracle's claim and to build an independent picture of the organisation's Java SE deployment before engaging with Oracle's licence management team.

Deployment Discovery

A technical deployment discovery exercise mapped every Java SE installation across the organisation's environment: production servers, development workstations, build pipelines, test environments, and embedded Java within third-party applications. This exercise identified several important findings:

  • A significant proportion of Java SE installations were running Java SE 8 Update 201 — a version released before Oracle's 2019 commercial licensing change that introduced the requirement for paid licences for commercial use. These installations had legitimate access to that specific update under the terms that existed when they were deployed.
  • Multiple Java SE installations were embedded within third-party commercial applications (ERP modules, CAD software, and industrial control system interfaces) whose vendors maintained their own Oracle Java licences as part of the embedded application support arrangements. These installations were not the organisation's licensing responsibility.
  • A subset of installations were OpenJDK distributions (from Red Hat and Eclipse Temurin) that are not subject to Oracle Java SE commercial licensing requirements at all. Oracle's compliance claim had attributed these incorrectly.

Exposure Recalculation

After removing third-party embedded installations, OpenJDK distributions, and pre-2019 version deployments from scope, the number of Java SE installations requiring Oracle commercial licence coverage was reduced by 71% from Oracle's initial assessment. The recalculated exposure under the new Employee-Based Subscription model — applying Oracle's standard pricing to the appropriately scoped deployment — was approximately $1.4 million annually, not the $5.346 million claimed.

The historical element of Oracle's claim — the assertion that the previous processor/NUP licence structure had been insufficient — was challenged on the grounds that the organisation's Java deployment counts and processor licence coverage had been consistent with Oracle's published guidance during the relevant period. The historical claim was reduced to zero through documented evidence of the prior licence position.

Commercial Negotiation

Armed with the independent deployment analysis and the recalculated exposure figure, the engagement team entered a formal commercial negotiation with Oracle's licence management and account teams. The negotiation had three objectives: eliminate the historical claim entirely, establish a forward-looking licence position based on the audited deployment scope, and negotiate a multi-year commitment at a rate below Oracle's standard Employee-Based Subscription pricing to compensate for the disruption and complexity of the compliance process.

Oracle's negotiating team was presented with the full technical analysis over a structured engagement spanning four weeks, including two formal working sessions with technical experts from both sides present. By the end of the process, Oracle agreed to a settlement structure covering only the audited deployments at a blended rate that reflected both the multi-year commitment and the complexity adjustments identified in the discovery process.

The Outcome

Documented Results

  • Oracle's initial compliance claim of $5.346 million reduced by 84% to a final settlement of $840,000
  • Historical liability claim of $2.1 million eliminated entirely based on documented prior licence coverage
  • Third-party embedded Java installations (representing approximately 890 instances) formally excluded from commercial scope
  • OpenJDK installations (612 instances) confirmed as outside Oracle's commercial licence requirements
  • Forward-looking Java SE licence commitment established at $218,000 annually — 83% below Oracle's standard EBS rate for the organisation's headcount
  • Three-year licence term negotiated with fixed annual fee, providing budget certainty and eliminating future compliance review risk for the contracted period

Key Takeaways

  • Oracle's initial compliance claims typically include all Java SE installations without distinguishing deployment type. A rigorous technical discovery exercise consistently identifies material exclusions — third-party embedded applications, OpenJDK distributions, and pre-commercial-licence-change versions — that should not be included in commercial settlement calculations.
  • The Employee-Based Subscription model's scope can be challenged. Oracle's 2023 model applies to all employees and contractors, but the scope of which specific Java deployments require commercial coverage remains technically arguable in many enterprise environments. Do not accept Oracle's initial scoping without independent verification.
  • Historical claims require documented rebuttal. Oracle's compliance reviews frequently include retrospective claims that extend beyond the current licensing period. A documented licence position from the relevant historical periods is the most effective defence against these claims.
  • Speed of engagement matters. Organisations that respond to Oracle compliance notices without independent support in the first 30–60 days consistently achieve worse outcomes. The negotiating window is widest before Oracle's commercial team has established a firm internal settlement target.

Received a Java SE compliance notice from Oracle?

Our Oracle Java advisory team provides rapid deployment discovery and compliance negotiation support.
Get Support →