Interviewer: Java has become a major licensing issue for many companies. How are you helping organizations navigate Oracle’s on-Java strategy?
Fredrik: We’ve handled more than 100 Java audit defenses. Our job is to assess risk, prepare a mitigation plan, and avoid unnecessary spending. Most companies don’t even realize they’re exposed.
Morten: Oracle has turned Java into an audit engine. We help clients shut that down — either by negotiating minimal deals or migrating away from Oracle Java entirely.
Interviewer: Oracle Java used to be free for most users, but that changed. What’s going on with Oracle Java licensing now?
Fredrik: Since 2019, Oracle made Java (specifically Oracle Java SE) a paid subscription for commercial use. They allowed personal use and development use for free, but companies using Java in production are supposed to buy a subscription. And just recently, in 2023, Oracle changed the Java subscription model again to a per-employee pricing metric, which really shook things up.
Morten: Right. The new Java SE Universal Subscription charges based on your total number of employees, not how many servers or installations you have. That meant some companies that used Java on a few servers suddenly were told to count all their staff for licensing – it can multiply the cost dramatically. This new scheme can force businesses to pay a lot more for the same Java usage than under the old model.
Interviewer: Why is Oracle auditing Java usage now? They never used to care about Java.
Fredrik: Precisely because it’s now a revenue stream. Before 2019, Java was free to use (the Oracle JDK), so no one needed to buy licenses except for some advanced stuff. Once Oracle commercialized Java, they saw an opportunity. There’s a huge install base of Java out there and many companies didn’t realize the rules changed. Oracle knows that – so they’re auditing to catch those who are still using Oracle’s Java without a subscription.
Morten: Also, Oracle has data. They track downloads from their Java website. They know which companies have downloaded Oracle JDK installers after it became paid. So they have leads. Now they are systematically following up. It’s like fish in a barrel for them – many companies unknowingly kept using Oracle Java updates and now Oracle is knocking saying “pay up.”
Interviewer: How does Oracle gather data on who’s using Java? You mentioned download tracking.
Fredrik: Yes, Oracle collects information when you download Java from their site. Since Java 8 update 211 or so, Oracle’s site requires login and they keep logs of what company account downloaded the installer. They’ve been doing this since Java went commercial in 2019. So they have a record, for instance, that someone from Company X downloaded Java 8 or Java 11 updates.
Morten: In addition, some systems may ping Oracle’s servers for updates. Oracle can piece together a picture. But the primary one is those download records. So if Oracle emails you about Java licensing out of the blue, likely they have evidence you downloaded patches or new versions that require a subscription.
Interviewer: What’s Oracle’s approach when they find a company possibly using Java without a license?
Fredrik: Lately, Oracle often starts with a friendly outreach – an email from a Java account manager saying “We have news about Java licensing, can we discuss?” It feels informal, not a formal audit notice, but make no mistake, it’s the start of an audit in effect. They want you to divulge how you use Java.
Morten: If you engage, Oracle will ask questions like what versions of Java you use, how many servers, how many desktops, etc. Once they have that info, they will tell you how much you need to pay. And usually the ask is big: they often propose a multi-year subscription deal covering all your past use retroactively and going forward.
Interviewer: Is it true Oracle has asked small companies for huge amounts for Java?
Fredrik: Yes, we’ve seen some eye-openers. One case: a company with Java on just a handful of servers – Oracle told them they needed an enterprise-wide Java subscription costing on the order of six figures annually. That’s because of that per-employee model – Oracle didn’t care that it was five servers; they saw the company had, say, 500 employees, and priced it on that basis. It can feel really extortionate.
Morten: Oracle basically says, “We don’t license per server anymore, it’s per employee, so here’s the price.” It often doesn’t matter if most of those employees don’t even use Java – the metric is the metric. So yes, even small or mid-sized firms have been hit with surprisingly large bills to become compliant under Oracle’s Java licensing.
Interviewer: What options do companies have if Oracle demands money for Java usage?
Fredrik: One option is to negotiate a smaller deal. Oracle might come in with a huge quote for an enterprise-wide subscription for three years. We’ve helped clients push back and say, “we’ll buy one year for only the employees we truly need for now,” or “we will only license this subset.” Sometimes Oracle will budge if they think the alternative is the customer walking away entirely.
Morten: Another option is to argue that you’ve removed Java or will remove it. If you can indeed eliminate Oracle Java from your systems quickly – like uninstall it or switch to an alternative – you might not need to buy anything or maybe just a short-term license to cover past use. We’ve seen companies take a stance: “Okay, you got us, we’ll stop using Oracle Java.” Oracle can’t force you to keep it. They can try to claim you owed for past use, but usually Oracle’s goal is to sell subscriptions, not collect back penalties with no future relationship.
Interviewer: What’s the best way to respond if a company gets that email or letter about a Java audit?
Fredrik: The best response is to not give too much information right away. Get expert help immediately. That was a game-changer for many of our clients. If you just tell Oracle everything about your Java deployment without a plan, you’re giving them ammo. So typically, you should acknowledge the inquiry politely but not volunteer detailed data on first contact.
Morten: Then, internally, assess your Java usage. Figure out how far out of compliance you might be. It might even be worth running a quick internal script to see where Oracle Java is installed. Once you have a handle, you can decide – do we negotiate a deal, or do we rip it out and use OpenJDK or something? But definitely engage with someone who knows Oracle’s tactics. They might advise you to delay responses a bit, or only answer very specifically. The quicker you bring in someone who’s been through it, the better the outcome tends to be.
Interviewer: Oracle often approaches these Java audits in a friendly sales manner. Is this just a sales tactic or a real audit threat?
Fredrik: It’s a bit of both. They call it a “license review” or just a discussion about Java. But if you ignore them, they can escalate it to a formal audit under your contract (if you have other Oracle products) or even a legal threat for unlicensed use. So it starts sales-y because they want to catch more flies with honey. But behind it is the stick of a true audit.
Morten: We call those “soft audits.” Oracle’s not sending the official audit letter with lawyers CC’d at first. They’re trying a casual approach to see if you’ll confess your usage. But if you stonewall completely, Oracle can get more aggressive. They might involve their License Management Services to send a formal notice. On the flip side, if you engage too openly, you might overshare. It’s a tightrope.
Interviewer: What mistakes do companies make during Java audits?
Fredrik: The biggest mistake is over-disclosure. Some companies, in an effort to be transparent, will send Oracle a full list of every server and PC with Java installed. That basically guarantees a big demand. Oracle might find even more than you knew, like Java on developer workstations or embedded in apps.
Morten: Another mistake is quickly agreeing to whatever Oracle proposes. Out of fear, some will sign a three-year enterprise subscription just to end the issue. Later they realize they paid for way more than they needed. Also, not exploring alternatives – a lot of people forget that you don’t have to use Oracle’s build of Java. There are free alternatives like OpenJDK from other vendors that you could switch to and avoid ongoing fees.
Interviewer: Can companies avoid using Oracle Java altogether? What alternatives do they have?
Fredrik: Yes, Oracle Java isn’t the only Java. The open-source OpenJDK project is available, and there are builds provided by other organizations (like AdoptOpenJDK, Amazon’s Corretto, etc.) that are free to use, even for commercial. Many companies are migrating to those. It’s the same underlying technology since Oracle’s Java is based on OpenJDK too.
Morten: Of course, switching isn’t always just a drop-in for large enterprises. You need to test that your applications work fine with the new JDK, but in most cases they do. Some companies also consider that Oracle Java SE subscription comes with support – if you go to an open JDK, you might not have a vendor to call if something goes wrong. However, you can get support from third parties for OpenJDK if needed, often still cheaper than Oracle.
Interviewer: How realistic is it for big organizations to switch from Oracle’s Java to OpenJDK or another provider?
Fredrik: It’s realistic but can be a project. We’ve seen banks, for example, go through that. It might take months to a year to replace Oracle JDK with OpenJDK across thousands of servers and desktops, with thorough testing. But the cost savings year over year are huge, so many find it worth the effort.
Morten: The trick is prioritization. Identify where you have the most Java installations and hit those first. Some apps might need a specific older version of Oracle JDK – those are trickier. But generally, since Java 11+, Oracle’s JDK and OpenJDK are functionally equivalent. It’s mostly about distribution and patches. The community and other vendors release patches too (maybe not exactly as quick as Oracle’s, but close). So for many, it’s absolutely doable to rid themselves of Oracle’s Java licensing requirement.
Interviewer: If a company does want to negotiate a Java deal, what should they ask for?
Fredrik: They should aim to minimize scope and term. For example, maybe just a one-year term while they transition off, instead of a three-year lock-in. Also, they can negotiate the employee count if using the new model – perhaps exclude certain groups of employees who never use computers, etc. Oracle actually has had to clarify what counts as an employee (full-time, part-time, etc.) – get that clearly defined.
Morten: Another approach is to insist on only paying going forward, not retroactively. We often manage to get deals where the customer starts a subscription now and doesn’t pay back penalties for past use. Oracle likes to posture that you need to pay for past years, but in many cases they will drop it if you sign up for a decent future deal. So negotiate away the past compliance fee as much as possible.
Interviewer: Is Oracle likely to actually sue a customer over Java if they refuse to pay?
Fredrik: Oracle tends to threaten legal action more than actually doing it, especially for Java. The sums for Java in most individual cases might not be worth a messy lawsuit. Oracle would rather scare you into buying a subscription than spend time in court proving you used Java illegally.
Morten: That said, if a company blatantly ignores them and keeps using Oracle Java without resolving the license, Oracle could choose a big fish to make an example of. But historically, Oracle’s lawsuits in licensing are few. They usually get what they want through negotiation. Legal action is the last resort and quite rare. So while you shouldn’t bank on never being sued, the odds are low if you’re actively trying to remediate the situation.
Interviewer: What do you think Oracle’s long-term plan is with Java?
Fredrik: Java is extremely widely used, so Oracle clearly wants to turn it into a strong revenue stream. They’ll keep adjusting the model until they hit a sweet spot between revenue and pushback. The per-employee model caused a lot of noise – I wouldn’t be surprised if they refine or adjust it if too many customers rebel.
Morten: Oracle also might use Java as a lead-in to cloud. They could bundle Java subscriptions with OCI deals or other products. Long-term, I suspect Oracle wants most Java users either paying Oracle regularly or moving to Oracle’s platforms. They probably know some will flee to OpenJDK, but those who don’t can become a steady subscription income, almost like another support stream.
Interviewer: What’s your advice for companies to manage Java usage and avoid Oracle licensing issues?
Fredrik: Inventory your Java usage now. Many companies had no idea how widespread Java was internally until this became an issue. So find out: which apps use Oracle’s Java? Can you replace those with non-Oracle Java? Have a Java governance policy – for instance, forbid downloading Oracle JDK from the Oracle site unless there’s an approved plan.
Morten: Also keep an eye on Oracle’s announcements. They changed rules once and could do it again. Maybe they introduce a Java ULA or some enterprise deal in the future. If you stay informed, you won’t be caught off guard. And train your development and IT staff: they should know that using Oracle’s Java is not “free” for the company. It’s a mindset change from years of Java being free. Communication internally is key.
