Locations

Resources

Careers

Contact

Contact us

Java Licensing

Oracle Java SE Licensing Upheaval: Key Changes and Risks for CIOs & CFOs

Oracle Java SE Licensing Upheaval: Key Changes and Risks for CIOs & CFOs

Oracle Java SE Licensing Upheaval: Key Changes and Risks for CIOs & CFOs

Executive Summary: Oracle has overhauled how businesses can use Java SE, moving from a free model to a paid subscription framework. These changes carry significant financial and compliance risks.

CIOs and CFOs must understand the new license terms to avoid unexpected costs, vendor lock-in, and legal exposure.

Below, we break down the major licensing shifts – from the old Binary Code License (BCL) to the latest Java SE Universal Subscription – and what they mean for your organization’s bottom line and risk profile.

Binary Code License (BCL): The Free Java Era (Pre-2019)

Under Sun Microsystems and early Oracle stewardship, Java SE was distributed under the Binary Code License (BCL). This license allowed free use of the Oracle Java runtime in both development and commercial production environments, as long as you adhered to its terms (e.g., not modifying the code).

In practice, until Java 8, most enterprises ran Oracle’s Java Development Kit (JDK) without paying any fees.

Key points about the BCL era:

  • Free for Commercial Use: Businesses could deploy the Oracle JDK on servers and desktops at no cost, making Java an attractive default choice.
  • Minimal Restrictions: As long as you didn’t modify the Java runtime or use certain premium features, you were within the free license. (Notably, some advanced tools like Java Flight Recorder became “commercial features” around Java 7/8, requiring a separate paid license for those specific components​)
  • No Support Guarantees: Oracle provided public Java updates as a courtesy. There was no contract or guaranteed patch support under BCL, but this was acceptable when updates were free anyway​.

Why This Mattered: During this era, Java had no direct licensing cost for businesses. CIOs and CFOs didn’t need to budget for Java runtime fees, and compliance risk was low, assuming no misuse of the few restricted features. Oracle’s ownership of Java was not a budget concern – until things changed.

2019 – OTN License: End of Free Commercial Java

In 2019, Oracle ended the “free Java” status for commercial users abruptly. It replaced the BCL with a new Oracle Technology Network (OTN) License for Java SE​. The OTN license sharply restricts how you can use Oracle JDK for free:

  • Allowed (Free) Use Under OTN: Personal, non-commercial use (e.g., Java on your home PC); and development, testing, prototyping, or demonstration purposes​. In other words, developers could still download Oracle JDK to write and test code, and individuals could run Java apps at home without a fee.
  • Forbidden Free Use: Any internal business operations or production use now requires a paid license (an Oracle Java SE subscription)​. You could no longer legally use Oracle’s JDK to run company applications in production or even in staging environments without subscribing.
  • Effective April 16, 2019, these OTN terms will apply to all future Oracle JDK downloads. Even updates to older versions (Java 8 Update 211 and later) were released under OTN, closing the loophole of using Oracle’s free updates in business.

Impact: Oracle “flipped the switch” – what had been free was now a licensable product for enterprises. Companies that continued to use Oracle Java in production after this change were suddenly out of compliance, unless they had a paid support contract.

This caught many off guard. If an admin downloaded the latest Java 8 update or Java 11, assuming it was free like before, the company was now at risk of an audit finding unlicensed software.

Oracle’s advisory bluntly stated that using Oracle JDK for “internal business operations” without a subscription is not allowed under the new license​.

Java SE Subscription: Paying for Updates and Support

Oracle’s next move was to monetize Java via subscriptions. In 2018, Oracle introduced Java SE Subscription plans as a paid, optional support service.

By January 2019, those subscriptions became effectively mandatory for businesses that wanted to stay current:

  • End of Free Updates: Oracle stopped providing free public updates for Java 8 for commercial users​after January 2019. Enterprises that needed security patches or bug fixes for Java 8, which was still widely used at the time, had to purchase a Java SE subscription. Free updates continued only for personal or home use of Java 8; business users were cut off. The “free ride” was over – pay Oracle or risk running outdated, insecure Java.
  • Java 11 and Later: Java 11 (released Sept 2018) was the first Long-Term Support (LTS) release under the new model. It had no free long-term support from Oracle for commercial use. Organizations deploying Java 11 in production were required to have a subscription or use non-Oracle OpenJDK builds with their update timelines​. In short, starting with Java 11, Oracle’s JDK became a paid product for business use by default.
  • Subscription Benefits: The Java SE subscription granted companies the right to use Java in production, along with access to Oracle’s updates and support tickets. Oracle’s approach was to sell Java as a service. From 2019 to 2022, the pricing was similar to that of other Oracle software: you paid per Named User Plus (for desktops and users) or per Processor (for servers), with Oracle’s core factor applied to CPUs.

Legacy Pricing Example (Pre-2023): Under the old subscription model, a company might pay $2.50 per month per desktop user running Java, or $25 per month per processor on a server​. Volume discounts could lower those rates (e.g., down to $12.50 per processor for large deployments)​. For instance, if you had 100 users and four servers (8 cores total), you’d roughly pay: 100 × $2.50 + 8 × $25 = $250 + $200 = $450 per month (~$5,400/year) for Java SE subscriptions. Many businesses found this acceptable compared to the risk of running unpatched Java.

Compliance Crackdown: After 2019, Oracle began aggressively auditing businesses for their use of Java. By early 2020, Oracle’s License Management Services was actively reviewing companies to ensure they had subscriptions for any Oracle JDK installations​.

Organizations that had happily used free Java for years were now being told to pay up or uninstall. Non-compliance could result in back-billing for support retroactively or even legal action. This subscription era introduced substantial contractual risk – if your team overlooked an Oracle JDK instance, it could become an expensive mistake.

“No-Fee” Terms (NFTC): Temporary Free Use for Java 17 & 21

Oracle faced backlash as many organizations migrated to free OpenJDK distributions to avoid paying. In response, Oracle tried a compromise: Oracle No-Fee Terms and Conditions (NFTC), introduced with Java 17 in September 2021​. NFTC made Oracle’s own JDK free again for certain versions – but with strings attached:

  • Latest LTS Free for a Time: Under NFTC, the latest Long-Term Support (LTS) release of Oracle JDK is free to use in production for a limited period. For example, when Java 17 was released, Oracle allowed its use at no cost (even commercially) until one year after the next Long-Term Support (LTS) release. This meant that free updates for Java 17 would continue until about September 2024, since Java 21, the next Long-Term Support (LTS) release, was released in September 2023​. After that date, Java 17 would no longer receive free patches – you would need a subscription or to upgrade. Oracle repeated this with Java 21 (released in 2023): Java 21 is free under NFTC, likely until one year after Java 25’s release (the next Long-Term Support, or LTS).
  • No Free Long-Term Support: NFTC is essentially “use it free now, but plan to upgrade later.” Oracle provides no extended patch support for an LTS once the grace period ends​. If you choose to stay on an older version (e.g., continuing to run Java 17 after 2024) and want updates, you will need to start paying for a subscription at that point. Oracle’s strategy is to remove upfront cost barriers but push enterprises onto a constant upgrade treadmill or into a paid support contract.
  • Restrictions Apply: Importantly, NFTC is not an open-source license – it’s free, but it’s still based on Oracle’s proprietary JDK build. You cannot redistribute Oracle’s Java binaries to your customers or third parties​, and you get no warranty or support from Oracle​. Using Oracle JDK under NFTC is at your own risk; you’re expected to self-support or upgrade quickly. In essence, Oracle is saying: “You can use our latest JDK for free now, but don’t expect us to support you on it for long.”

Practical Example: Many enterprises jumped on Java 17 under NFTC to avoid Java 11 subscription costs. This was a win, temporarily.

Now that Java 21 is out, those running Java 17 must either upgrade to Java 21 (to remain on a free Oracle JDK) or purchase a subscription to receive further Java 17 updates.

If an organization is slow to certify new Java versions, they could be caught in a bind – either run an outdated Java 17 with no patches (security risk) or pay Oracle. NFTC provided short-term relief but introduces upgrade pressure, which can be costly to manage itself.

Java SE Universal Subscription: Employee-Based Pricing Model

The most dramatic change arrived in January 2023. Oracle revamped Java SE Subscription pricing to an “all-in” employee-based model, dubbed the Java SE Universal Subscription​. Instead of counting processors or named users, Oracle now charges per employee:

  • All Employees Count: Companies must license Java for every employee, contractor, and consultant in the organization (anyone receiving a paycheck or doing work for the company) – whether or not they use Java​​. This broad definition means that even if only 50 developers use Java, a firm with 5,000 staff members pays for all 5,000. It’s effectively an enterprise-wide site license, tied to headcount.
  • Pricing Tiers: The list price starts at $15 per employee per month for smaller organizations and decreases for larger headcounts. For example:
    • 1–999 employees: $15 per employee/month
    • 1,000–2,999 employees: $12 per employee/month
    • 3,000–9,999: $10.50 per employee/month
    • (Down to around $5.25 per employee for 40k+ employees)​.
      Oracle requires counting everyone on payroll at the time of the order. Even part-timers and temporary employees are included in the “employee” count. The cost is then billed yearly. This model replaced the old Named User Plus and Processor metrics entirely for new purchases.
  • Cost Shock Example: This change often raises costs significantly for those with modest Java usage. For instance, a company with 500 employees (mid-sized) and only a handful of Java applications: under the new scheme, 500 × $15 = $7,500 per month (about $90,000 per year)​. Under the old model, that same company might have paid only for the IT staff and servers running Java, perhaps 50 user licenses and 10 server licenses (roughly $4,500 per year, as shown earlier). Many organizations are seeing 2 to 5 times higher costs with this employee-based subscription compared to the previous model or third-party Java support. Even Oracle’s pricing example showed that a large enterprise (28,000 employees) would face over $2 million per year in Java fees.
  • “Unlimited” Use – at a Price: The upside is that you no longer need to count cores or track the number of installations – the subscription covers unlimited Java use across the company. The downside is obvious: you pay for a lot of people who will never touch Java. Oracle is effectively charging for potential usage. This can lead to huge waste, as one study noted that over 50% of software licenses companies purchase go unused​. With Java now, if half your employees don’t use it, that portion of your subscription spend is wasted money.

Oracle’s switch to an employee metric is widely seen as a move that locks in vendors. It forces a broad, enterprise-wide commitment.

Moreover, Oracle has been requiring existing customers to transition to the new model upon renewal – many with older CPU-based contracts were told they cannot renew without switching to the per-employee subscription​.

In short, Oracle is leveraging Java’s ubiquity to lock customers into a high-cost agreement that covers the entire organization, regardless of actual usage.

Licensing Cost Comparison: The table below illustrates how the new employee-based licensing can inflate costs compared to the old model:

ScenarioOld Java SE Subscription (Pre-2023)New Universal Subscription (2023)
Small Usage, Large Company
500 total employees; 50 Java users; 10 Java servers (20 cores)		~$5,400/year
<small>50 users × $30/yr + 20 cores × $300/yr (approx)</small>​		~$90,000/year
<small>500 employees × $180/yr</small>​
Heavy Java Usage
500 employees; All use Java; 50 servers (100 cores)		~$30,000/year
<small>500 users × $30/yr + 100 cores × $300/yr</small>		~$90,000/year
<small>500 employees × $180/yr</small>

In both cases, the new per-employee model charges $ 90,000 per year. The old model scaled with actual usage – the more limited the Java footprint, the lower the cost. Now even light users pay as if everyone is a Java user. Financially, this is a huge shift onto customers’ budgets.

Major Risks and Pitfalls for Enterprises

Oracle’s licensing changes pose serious risks in three areas: cost explosion, vendor lock-in, and compliance exposure.

CIOs and CFOs need to take a hard look at how these affect their IT strategy and spending:

  • Skyrocketing Costs: The move to subscriptions – especially the per-employee model – can blow up IT budgets. Many companies will pay significantly more for Java than they did before (estimates say 2 to 5 times more). You could be paying hundreds of thousands per year for something that used to be free. Worse, under the employee metric, you pay for unused licenses – e.g., paying for every contractor and staff member, even if only a small team uses Java. This is effectively a Java tax on your entire workforce. Such cost increases directly hit the bottom line and may offer little added value in return (especially if you were doing fine with free Java or open-source builds). CFOs should treat Oracle’s Java the same way they’d treat any major software spend, subject to ROI scrutiny and aggressive cost management. Don’t assume Java is “free” anymore in 2025; assume it’s a significant annual expense unless you opt out of Oracle’s ecosystem.
  • Vendor Lock-In Tactics: Oracle is using Java’s ubiquity to lock customers into its ecosystem. The OTN license change essentially pushed organizations to either pay Oracle or undertake the work of migrating to non-Oracle JDKs. The NFTC’s’ free LTS’ carrot can lure companies back to using Oracle’s JDK, only to force them to upgrade or pay a subscription later on. Some see the new universal subscription as a “strong-arm tactic” – forcing companies to sign enterprise-wide deals or face compliance penalties​. Once you’re on the Oracle subscription, switching out becomes difficult because you’ve already sunk cost into licensing everyone. Oracle’s aggressive audit stance reinforces this lock-in: it creates an atmosphere of fear, where companies feel they must comply and stick with Oracle to avoid legal trouble. CIOs should be wary of becoming too dependent on Oracle’s Java binaries and consider alternate Java distributions to retain leverage.
  • Compliance and Audit Exposure: The licensing shifts have turned Java into a potential compliance minefield. Many organizations were unknowingly non-compliant after 2019 when Oracle changed the rules overnight. If you continue using Oracle JDK without a proper license or beyond the NFTC free period, you are exposing the company to legal and financial risk. Oracle’s license audits for Java are now frequent and unapologetic​ . If audited, Oracle will identify all installations of Oracle JDK in your environment, including copies embedded in software packages, on developer machines, CI/CD servers, etc. Without subscriptions, you could be liable for back-dated support fees for each instance. Hefty penalties or forced subscription deals are common outcomes of failed audits​. This is not theoretical – it’s happening across the industry as Oracle seeks to maximize Java revenue. CIOs must ensure that software asset management processes include Java, and CFOs should be prepared for true-up costs if compliance is not managed. Ignorance of the 2019 license change is not a defense; Oracle expects you to be aware of and follow its terms.

Recommendations

Oracle’s Java licensing changes require a proactive response at the executive level. Here are concrete steps for CIOs and CFOs to protect your organization’s interests:

  • Audit Your Java Usage: Immediately inventory where Oracle JDK is used in your enterprise (servers, applications, developer workstations, etc.). You need a clear picture of your exposure. Many firms discover Oracle’s JDK embedded in third-party apps or old installs. Knowing this is the first step to controlling it.
  • Consider Alternatives (Escape the Oracle Trap): Evaluate using open-source Java distributions, such as OpenJDK builds from vendors like Eclipse Adoptium, Amazon Corretto, IBM Semeru, Red Hat, or Azul, which offer more permissive licenses or lower-cost support. These are functionally equivalent to Oracle JDK in most cases. Migrating to OpenJDK can instantly eliminate Oracle licensing fees and reduce the risk of lock-in. Many organizations have successfully switched from Oracle JDK to open-source variants to avoid subscriptions. This may require testing and validation, but the long-term savings and autonomy are worth it.
  • Use Oracle’s NFTC to Your Advantage – Carefully: If you choose to stay with Oracle JDK via the No-Fee Terms (NFTC) for the latest version, plan for frequent upgrades. Treat the free period as a grace window. Mark your calendar for when that free period ends (e.g., one year after the next long-term support (LTS) release). Before that deadline, either upgrade to the new LTS or transition to a support plan. In other words, don’t get caught running an outdated Oracle JDK with no free updates – that’s exactly when Oracle will expect you to start paying. NFTC can save money, but only if you stay on the upgrade treadmill. Ensure your development and operations teams are prepared for this pace to avoid security gaps.
  • Budget for Java (or Avoid It): Recognize that Java is no longer a “free” commodity for enterprises. Adjust your IT budget and forecasts to account for Java licensing if you plan to remain with Oracle. Conversely, if those costs seem exorbitant, invest in migration away from Oracle JDK now. It may involve upfront effort, but it can free up your budget in future years. Always compare the total cost of ownership (TCO) of paying Oracle versus the cost of switching – for many, the switch is financially compelling when considering multi-year projections.
  • Lock-In Awareness: When making architecture decisions, be mindful of Oracle-exclusive Java features or dependencies that could increase lock-in. Where possible, use standard Java APIs and open libraries. This makes it easier to switch Java providers if needed. Avoid building new systems that rely solely on Oracle tools (unless you’re comfortable being tied to Oracle in the long term). Maintain negotiating leverage by keeping your options open.
  • Sharpen Compliance Monitoring: Treat Oracle Java like any other licensed software. Implement controls to prevent the deployment of unlicensed Oracle JDKs. For example, remove Oracle JDK from developer workstation images (use OpenJDK instead by default), and require approval to download Oracle JDK from Oracle’s site. Small steps like this can prevent an innocent download today from turning into a $100k audit finding tomorrow. Regularly review Oracle’s Java licensing updates – they can change terms or introduce new paid features, and you need to stay ahead of them.
  • Negotiate and Seek Advice: If you need to engage with Oracle for Java licensing, negotiate aggressively. Oracle’s list prices are steep; consider seeking volume discounts or concessions (e.g., can you exclude certain populations from the employee count, such as contractors? It’s worth asking). Also, consider third-party support firms for Java. Companies like Gartner or independent licensing advisors can provide guidance. Firms specializing in Oracle license management or third-party Java support can offer options that significantly reduce costs while keeping you compliant. Don’t simply accept Oracle’s first quote – explore all angles.

By taking these actions, CIOs and CFOs can regain control over their Java deployments and budgets. Oracle’s Java SE licensing changes represent a classic case of a vendor leveraging a monopoly position. It’s crucial to respond with a clear head and a firm plan.

The bottom line: treat Oracle Java as a paid, strategic component – manage it aggressively or eliminate your dependence on it. This will minimize financial surprises, reduce legal risk, and ensure your organization isn’t unwittingly caught in an Oracle licensing snare.

Author

  • Fredrik Filipsson

    Fredrik Filipsson brings two decades of Oracle license management experience, including a nine-year tenure at Oracle and 11 years in Oracle license consulting. His expertise extends across leading IT corporations like IBM, enriching his profile with a broad spectrum of software and cloud projects. Filipsson's proficiency encompasses IBM, SAP, Microsoft, and Salesforce platforms, alongside significant involvement in Microsoft Copilot and AI initiatives, improving organizational efficiency.

    View all posts