Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 1 of 22
`
`
`
`v.
`
`FOR PUBLICATION
`
`UNITED STATES COURT OF APPEALS
`FOR THE NINTH CIRCUIT
`
`ORACLE AMERICA, INC., a Delaware
`Corporation; ORACLE
`INTERNATIONAL CORPORATION, a
`California Corporation,
`Plaintiffs-Appellants,
`
` No. 19-15506
`
`D.C. No.
`4:16-cv-01393-
`JST
`
`
`OPINION
`
`
`HEWLETT PACKARD ENTERPRISE
`COMPANY, a Delaware Corporation,
`Defendant-Appellee.
`
`Appeal from the United States District Court
`for the Northern District of California
`Jon S. Tigar, District Judge, Presiding
`
`Argued and Submitted June 8, 2020
`San Francisco, California
`
`Filed August 20, 2020
`
`Before: MILAN D. SMITH, JR. and ANDREW D.
`HURWITZ, Circuit Judges, and C. ASHLEY ROYAL,*
`District Judge.
`
`Opinion by Judge Milan D. Smith, Jr.
`
`
`* The Honorable C. Ashley Royal, United States District Judge for
`the Middle District of Georgia, sitting by designation.
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 2 of 22
`
`2 ORACLE AMERICA V. HEWLETT PACKARD ENTER.
`
`
`SUMMARY**
`
`Copyright
`
`
`
`
`The panel affirmed in part and reversed in part the
`
`district court’s grant of summary judgment in favor of
`Hewlett Packard Enterprise Co. in a copyright infringement
`action brought by Oracle America, Inc., and Oracle
`International Co.
`
` Oracle, owner of the proprietary Solaris software
`operating system, granted customers a limited use license
`and required customers to have a prepaid annual support
`contract to access patches for a server. Oracle alleged that
`HPE
`improperly accessed, downloaded, copied, and
`installed Solaris patches on servers not under an Oracle
`support contract. HPE provided support for all of its
`customers’ servers, including servers running Solaris
`software, and it subcontracted indirect support to Terix
`Computer Co. Oracle asserted direct copyright infringement
`claims concerning HPE’s direct support customers, and it
`asserted indirect infringement claims concerning joint HPE-
`Terix customers.
`
`The panel affirmed the district court’s partial summary
`
`judgment for HPE on claims for copyright infringement and
`intentional
`interference with prospective
`economic
`advantage based upon the statute of limitations. Following
`a prior suit by Oracle against Terix, Oracle and HPE entered
`into an agreement, effective May 6, 2015, to toll the statute
`
`
`** This summary constitutes no part of the opinion of the court. It
`has been prepared by court staff for the convenience of the reader.
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 3 of 22
`
`3
`
`ORACLE AMERICA V. HEWLETT PACKARD ENTER.
`
`
`
`of limitations for any claims that Oracle might assert against
`HPE. The panel held that under the Copyright Act’s three-
`year statute of limitations, Oracle’s copyright infringement
`claims were barred for conduct before May 6, 2012. The
`panel concluded that Oracle had constructive knowledge and
`thus a duty to investigate but did not conduct a reasonable
`investigation into the suspected infringement. The panel
`held that under a California two-year statute of limitations,
`the IIPEA claim was barred for conduct before May 6, 2013.
`
` As to remaining infringement claims, the panel affirmed
`in part the district court’s summary judgment on indirect
`infringement claims for patch installations by Terix. The
`panel reversed the district court’s summary judgment on all
`infringement claims for pre-installation conduct and on
`direct
`infringement claims
`for unauthorized patch
`installations by HPE. As to indirect infringement, the panel
`held that in interpreting Oracle’s licenses, the district court
`erred by failing to consider pre-installation conduct. As to
`direct infringement, the panel held that for certain customers,
`referred to as “non-Symantec customers,” Oracle possibly
`could provide unauthorized installations by HPE. Summary
`judgment for HPE on the direct infringement claims
`concerning customer Symantec was also improper.
`
`The panel addressed other issues in a concurrently filed
`
`memorandum disposition.
`
`
`
`COUNSEL
`
`
`Gregory G. Garre (argued), Elana Nightingale Dawson, and
`Charles S. Dameron, Latham & Watkins LLP, Washington,
`D.C.; Christopher S. Yates, Christopher B. Campbell, and
`Brittany N. Lovejoy, Latham & Watkins LLP, San
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 4 of 22
`
`4 ORACLE AMERICA V. HEWLETT PACKARD ENTER.
`
`Francisco, California; Dorian Estelle Daley and Deborah
`Kay Miller, Oracle America Inc., Redwood City, California;
`Jeffrey S. Ross, Oracle America Inc., Burlington, California;
`Dale M. Cendali and Joshua L. Simmons, Kirkland & Ellis
`LLP, New York, New York; for Plaintiffs-Appellants.
`
`Mark A. Perry (argued), Gibson Dunn & Crutcher LLP,
`Washington, D.C.; Samuel G. Liverside, Joseph A. Gorman,
`and Ilissa S. Samplin, Gibson Dunn & Crutcher LLP, Los
`Angeles, California; Jeffrey T. Thomas and Blaine H.
`Evanson, Gibson Dunn & Crutcher LLP, Irvine, California;
`Vaishali Udupa, Hewlett Packard Enterprise Company,
`Reston, Virginia; Deanna L. Kwong, Hewlett Packard
`Enterprise Company, San Jose, California; for Defendant-
`Appellee.
`
`William A. Isaacson and Samuel S. Ungar, Boies Schiller
`Flexner LLP, Washington, D.C.; Keith Kupferschmid and
`Terry Hart, Copyright Alliance, Washington, D.C.; for
`Amicus Curiae Copyright Alliance.
`
`Mark E. Ferguson, Bartlit Beck LLP, Chicago, Illinois;
`Abigail M. Hinchcliff, Bartlit Beck LLP, Denver, Colorado;
`for Amici Curiae Repair Association and Electronic Frontier
`Foundation.
`
`
`
`OPINION
`
`M. SMITH, Circuit Judge:
`
`International
`Inc. and Oracle
`Oracle America,
`Corporation (together, Oracle) own the proprietary Solaris
`software operating system. Oracle periodically releases
`patches for this software to address functionality, improve
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 5 of 22
`
`ORACLE AMERICA V. HEWLETT PACKARD ENTER.
`
`
`
`performance, and resolve security issues. As is relevant
`here, Oracle restricts use of the Solaris software, including
`software patches. It grants a customer a limited use license,
`and it requires a customer to have a prepaid annual support
`contract to access patches for a server.
`
`5
`
`claims,
`infringement
`copyright
`Oracle brought
`California state law intentional interference claims, and a
`California Unfair Competition Law (UCL) claim against
`Hewlett Packard Enterprise Company (HPE), alleging that
`HPE and nonparty Terix Computer Company, Inc. (Terix)
`improperly accessed, downloaded, copied, and installed
`Solaris patches on servers not under an Oracle support
`contract. On cross motions, the district court granted
`summary judgment for HPE. We affirm the district court’s
`partial summary judgment for HPE on the infringement and
`intentional interference claims based upon the statute of
`limitations. We affirm in part and reverse in part the
`summary judgment on what remains of the infringement
`claims. We address all other issues in a concurrently filed
`memorandum disposition.
`
`FACTUAL AND PROCEDURAL BACKGROUND
`
`I. The Solaris Software
`
`Oracle has owned federally registered copyrights for the
`Solaris software since it purchased Sun Microsystems (Sun)
`in January 2010. Various Solaris patches also have code
`registered with the United States Copyright Office. Oracle
`licenses use of the Solaris software to a customer when the
`customer purchases a server with preinstalled software. The
`Solaris versions at issue here are Solaris 8, 9, 10 and 11. The
`Binary Code License Agreement applies to Solaris 8 and 9.
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 6 of 22
`
`6 ORACLE AMERICA V. HEWLETT PACKARD ENTER.
`
`The Software License Agreement (SLA) applies to Solaris
`10.1
`
`Customers with a prepaid annual Oracle support contract
`can access Solaris patches through the password protected
`My Oracle Support (MOS) website.2 A customer must place
`every server for which it desires support on an active support
`contract. A support contract is subject to policies that also
`define a customer’s right to access patches. With an active
`support contract, a customer can create an MOS username
`and password. Upon accessing the MOS, the customer must
`agree to additional terms of use concerning the software on
`the site.
`
`II. Third-Party Support of Solaris Software by HPE and
`Terix
`
`As is relevant here, HPE has a multi-vendor support
`business that serves as a “one-stop-shop” to support all
`servers an HPE customer has, including servers running
`Solaris software. HPE provides such support directly and
`indirectly. HPE subcontracted indirect support to Terix, a
`company which specialized in supporting Oracle software.
`For joint HPE-Terix customers, Terix arranged for a server
`to have Oracle support in the customer’s name with a prepaid
`Terix-supplied credit card and created an MOS credential for
`the single-server Oracle support contract. Terix also
`provided customers with a form email to send to Oracle.
`Terix downloaded patches using the credentials to make
`copies for use on off-contract servers as part of the so-called
`
`1 A customer-specific entitlement accompanies the SLA. Solaris 11
`is governed by a license similar to the SLA.
`
`2 Oracle ceased Sun’s gratis release of security-related patches,
`firmware updates, and new Solaris operating system versions.
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 7 of 22
`
`ORACLE AMERICA V. HEWLETT PACKARD ENTER.
`
`
`
`“one-to-many” scheme. When a customer was not yet
`supported, Terix created credentials by using fictitious
`names, emails addresses, and credit cards.
`
`7
`
`Oracle sued Terix in July 2013, alleging copyright
`infringement concerning the Solaris patches, among other
`claims. Oracle Am., Inc. v. Terix Comp. Co., Inc., No. 4:13-
`cv-3385-JST, Dkt No. 1 (N.D. Cal. July 19, 2013).
`Following summary judgment for Oracle on Terix’s license
`affirmative defense there, Oracle Am., Inc. v. Terix Comp.
`Co., 2015 WL 2090191 (N.D. Cal. May 5, 2015), Terix
`stipulated to a judgment for Oracle on the infringement and
`fraud claims without admitting liability. Thereafter, Oracle
`and HPE entered into an agreement, effective May 6, 2015,
`to toll the statute of limitations for any claims that Oracle
`might assert against HPE.
`
`III.
`
`This Litigation
`
`Oracle brought this suit against HPE in March 2016 for
`copyright infringement pursuant to 17 U.S.C. §§ 101, et seq.,
`intentional interference with contractual relations (IICR),
`intentional
`interference with prospective
`economic
`advantage (IIPEA), and violations of the UCL, Cal. Bus. &
`Prof. Code § 17200. Among other affirmative defenses,
`HPE asserted express and implied license. Following
`discovery, Oracle moved for partial summary judgment on
`the infringement claims and some affirmative defenses,
`including the license defense. HPE cross moved on all
`claims. The district court granted summary judgment for
`HPE. Oracle timely appealed.
`
`JURISDICTION AND STANDARD OF REVIEW
`
`We have jurisdiction pursuant to 28 U.S.C. § 1291. We
`review a grant of summary judgment de novo. Shelley v.
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 8 of 22
`
`8 ORACLE AMERICA V. HEWLETT PACKARD ENTER.
`
`Geren, 666 F.3d 599, 604 (9th Cir. 2012). “We must
`determine, viewing the evidence in the light most favorable
`to the nonmoving party, whether there are any genuine issues
`of material fact and whether the district court correctly
`applied the substantive law.” Zabriskie v. Fed. Nat’l Mortg.
`Ass’n, 940 F.3d 1022, 1026 (9th Cir. 2019) (citation and
`quotations omitted).
`
`ANALYSIS
`
`I. The Statute of Limitations
`
`It is undisputed that the May 6, 2015 effective date of the
`parties’ tolling agreement applies in this case. Thus, we
`consider whether the copyright infringement claims are
`barred for conduct before May 6, 2012 and the IIPEA claim
`is barred for conduct before May 6, 2013.3
`
`A. The Copyright Infringement Claims
`
`A copyright infringement claim is subject to a three-year
`statute of limitations, which runs separately for each
`violation. 17 U.S.C. § 507(b); Petrella v. Metro-Goldwyn-
`Mayer, Inc., 572 U.S. 663, 671 (2014). “[A] copyright
`infringement claim accrues—and the statute of limitations
`begins to run—when a party discovers, or reasonably should
`have discovered, the alleged infringement.” Media Rights
`
`
`3 Oracle raised limitations arguments in its opening brief for only
`copyright infringement and IIPEA claims. Oracle has waived the IICR
`claim limitations argument it raised for the first time in reply. U.S. v.
`Alcan Elec. & Eng’g, Inc., 197 F.3d 1014, 1020 (9th Cir. 1999). In any
`event, our analysis on the IIPEA claim here would apply equally to the
`IICR claim. HPE has also waived its perfunctory argument that the UCL
`claims are time-barred. See Cal. Pac. Bank v. Fed. Deposit Ins. Corp.,
`885 F.3d 560, 570 (9th Cir. 2018).
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 9 of 22
`
`ORACLE AMERICA V. HEWLETT PACKARD ENTER.
`
`
`
`Techs., Inc. v. Microsoft Corp., 922 F.3d 1014, 1022 (9th
`Cir. 2019).4
`
`9
`
`Although Oracle repeatedly argues that it lacked actual
`knowledge of all the wrongdoing by HPE and Terix,
`constructive knowledge triggers the statute of limitations.
`“The plaintiff is deemed to have had constructive knowledge
`if it had enough information to warrant an investigation
`which, if reasonably diligent, would have led to discovery of
`the [claim].” Pincay v. Andrews, 238 F.3d 1106, 1110 (9th
`Cir. 2001) (citation omitted). We have previously explained
`that “suspicion” of copyright infringement “place[s] upon
`[the plaintiff] a duty to investigate further into possible
`infringements of [its] copyrights.” Wood v. Santa Barbara
`Chamber of Commerce, Inc., 705 F.2d 1515, 1521 (9th Cir.
`1983).5 Even if the plaintiff “may not actually have
`conducted this further investigation, equity will impute to
`[the plaintiff] knowledge of facts that would have been
`revealed by reasonably required further investigation.” Id.;
`
`
`4 Oracle waived its argument in reply about the district court’s
`treatment of the indirect infringement claims as accruing when Oracle
`discovered or could have reasonably discovered direct infringement.
`Alcan Elec. & Eng’g, 197 F.3d at 1020.
`
`5 Relying on O’Connor v. Boeing North American, Inc., 311 F.3d
`1139 (9th Cir. 2002), Oracle argues that “suspicion alone” is not
`sufficient to trigger the limitations period. O’Connor concerned whether
`the discovery rule applied to 42 U.S.C. § 9658 preempted the California
`discovery rule in the context of personal injury claims for exposure to
`hazardous substances. Id. at 1146–49. We rejected “an interpretation of
`the federal discovery rule that would commence limitations periods upon
`mere suspicion of the elements of a claim” to “forestall” the filing of
`unnecessary and preventive claims. Id. at 1148. We did not, however,
`discuss Wood. As Oracle recognizes, Wood provides that suspicion of
`infringement triggers a duty to investigate. 705 F.2d at 1521. We apply
`that standard here.
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 10 of 22
`
`10 ORACLE AMERICA V. HEWLETT PACKARD ENTER.
`
`see also Bibeau v. Pac. Nw. Res. Found. Inc., 188 F.3d 1105,
`1108 (9th Cir. 1999) (citation omitted), as amended,
`208 F.3d 831 (9th Cir. 2000) (explaining that the “twist” of
`the discovery rule is that it requires “[t]he plaintiff [to] be
`diligent in discovering the critical facts,” i.e., “that he has
`been hurt and who has inflicted the injury” (citation
`omitted)).
`
`Oracle concedes that it “had concerns” in November
`2010 that Terix might purchase support for one system and
`reuse the patches for all other systems. Oracle also had
`suspicions about HPE as early as 2010 and certainly by
`October 2011. Critically, Oracle concedes that “it made
`inquiries of Terix and HPE after receiving reports of
`potential infringement.” In relevant part, Oracle relies on
`inquiries that occurred in 2008 and September 2011. Oracle,
`thus, had a duty to conduct a reasonable investigation.
`Bibeau, 188 F.3d at 1108; Wood, 705 F.2d at 1521.
`
`The doctrine of fraudulent concealment does not help
`Oracle in this case. A plaintiff relying on this doctrine to toll
`the limitations period must show “both that the defendant
`used fraudulent means to keep the plaintiff unaware of his
`cause of action, and also that the plaintiff was, in fact,
`ignorant of the existence of his cause of action.” Wood,
`705 F.2d at 1521. The doctrine does not apply if the plaintiff
`had actual or constructive knowledge of the facts giving rise
`to the claim. Hexcel Corp. v. Ineos Polymers, Inc., 681 F.3d
`1055, 1060 (9th Cir. 2012). “The plaintiff is deemed to have
`had constructive knowledge if it had enough information to
`warrant an investigation which, if reasonably diligent, would
`have led to the discovery of the fraud.” Id. (citation omitted).
`Although Oracle singularly focuses on the means of the
`purported concealment, it is not accurate that Oracle “had no
`reason to suspect” infringement and thus no duty to inquire.
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 11 of 22
`
`ORACLE AMERICA V. HEWLETT PACKARD ENTER. 11
`
`
`
`Taylor v. Meirick, 712 F.2d 1112, 1118 (7th Cir. 1983).
`Oracle concededly suspected infringement of its patches by
`Terix and HPE well before May 6, 2012.
`
`The remaining issue is whether Oracle conducted a
`reasonable investigation into the suspected infringement.
`Although “summary judgment is generally an inappropriate
`way
`to decide questions of reasonableness,”
`it “is
`appropriate ‘when only one conclusion about the conduct’s
`reasonableness is possible.’” Gorman v. Wolpoff &
`Abramson, LLP, 584 F.3d 1147, 1157 (9th Cir. 2009)
`(quoting In re Software Toolworks, Inc., 50 F.3d 615, 622
`(9th Cir. 1994)). Oracle’s only evidence of any investigation
`concerns Terix.6 In April 2012—a month before the three-
`year lookback from the effective date of the tolling
`agreement—an Oracle employee searched the MOS for a
`“terix.com” email address to determine whether Terix
`downloaded Solaris patches or purchased support contracts.
`That search yielded no results.
`
`The district court determined that this investigation was
`unreasonable because Oracle failed to use its contractual
`right to audit customers, despite knowing that Oracle
`customers were working with Terix. The court did not err in
`focusing on this issue. Oracle had already identified
`customer audits as a tool to protect its intellectual property.
`Critically, only a customer with an active support contract
`can access the MOS in the first instance. Furthermore,
`Oracle requires that its customers ensure that third party
`agents comply with the terms of use for the Solaris software.
`
`Oracle does not dispute that it had the right to audit its
`customers. It asserts, however, that requiring it to have
`
`
`6 Oracle does not argue that it investigated HPE.
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 12 of 22
`
`12 ORACLE AMERICA V. HEWLETT PACKARD ENTER.
`
`exercised that right would be “unprecedented,” “dilute the
`value of copyright ownership by increasing the costs of
`policing for infringement,” and “subject its clients to a
`hostile inquiry for the sake of tolling the statute of
`limitations.”
` Oracle cites no evidence or authority
`supporting these assertions, which are insufficient to
`preclude summary judgment. S. A. Empresa de Viacao
`Aerea Rio Grandense (Varig Airlines) v. Walter Kidde &
`Co., Inc., 690 F.2d 1235, 1238 (9th Cir. 1982) (“[A] party
`cannot manufacture a genuine issue of material fact merely
`by making assertions in its legal memoranda”). Because
`Oracle did not raise a triable issue about its investigation,
`HPE was entitled to summary judgment on the infringement
`claims for pre-May 6, 2012 conduct.
`
`B. The IIPEA Claim
`
`An IIPEA claim is subject to a two-year statute of
`limitations. See Cal. Civ. Proc. Code § 339(1). A cause of
`action does not accrue under California law “until the
`plaintiff discovers, or has to discover, the cause of action.”
`Fox v. Ethicon Endo-Surgery, Inc., 110 P.3d 914, 920 (Cal.
`2005). A “potential plaintiff who suspects that an injury has
`been wrongfully caused must conduct a reasonable
`investigation of all potential causes of that injury.” Id. at
`921. A defendant’s fraudulent concealment will toll the
`statute of limitations “for that period during which the claim
`is undiscovered by a plaintiff or until such time as plaintiff,
`by the exercise of reasonable diligence, should have
`discovered it.” Bernson v. Browning-Ferris Indus., 873 P.2d
`613, 615 (Cal. 1994) (citation omitted).
`
`In concluding that Oracle’s pre-May 6, 2013 IIPEA
`claims were time-barred, the district court analyzed evidence
`concerning Comcast, one of Oracle’s support customers, and
`determined that Oracle constructively knew of HPE’s
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 13 of 22
`
`ORACLE AMERICA V. HEWLETT PACKARD ENTER. 13
`
`
`
`interference with the Comcast relationship as early as 2011.
`Oracle has not challenged that finding here, and thus has
`waived that issue. Paladin Assocs., Inc. v. Mont. Power Co.,
`328 F.3d 1145, 1164 (9th Cir. 2003). Oracle nonetheless
`argues that it could not have known about the “broader one-
`to-many scheme to interfere with Oracle’s relationships.”
`Relying on El Pollo Loco, Inc. v. Hashim, 316 F.3d 1032,
`1040 (9th Cir. 2003), Oracle further argues that it could rely
`on the truth of HPE’s and Terix’s assurances that “they were
`not engaged in misconduct” even if an investigation would
`have disclosed the falsity of those assurances.
`
`Although fraudulent concealment tolls a statute of
`limitations for the time that a plaintiff cannot discover its
`claim, Bernson, 873 P.2d at 615, 619, Oracle was aware, at
`a minimum, of enough facts well before May 6, 2013 to
`discover its IIPEA claim against HPE. Oracle identified
`HPE and Terix in 2010, among others, as third-party
`maintainers of Solaris software who sought to attract
`customers from Oracle in the manner challenged here. And,
`in 2011, Comcast indicated that it would leave Oracle for
`HPE and Terix after HPE and Terix had made purported
`assurances to Oracle. In short, Oracle, was not “ignorant” of
`its IIPEA claim against HPE before May 6, 2013. Weatherly
`v. Universal Music Publ’g Grp., 23 Cal. Rptr. 3d 157, 161–
`62 (Ct. App. 2004). Thus, the claim is time-barred for pre-
`May 6, 2013 conduct.
`
`II. The Copyright Infringement Claims
`
`Oracle asserted direct infringement claims concerning
`HPE’s direct support customers, and indirect infringement
`claims concerning joint HPE-Terix customers. The claimed
`infringing acts were unauthorized downloading, copying,
`and delivery of patches, and patch installations. We consider
`separately the indirect and direct infringement claims,
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 14 of 22
`
`14 ORACLE AMERICA V. HEWLETT PACKARD ENTER.
`
`mindful that “[t]he test for summary judgment in a copyright
`case must comport with the standard applied to all civil
`actions.” Shaw v. Lindheim, 919 F.2d 1353, 1358–59 (9th
`Cir. 1990), overruled in part on other grounds by, Skidmore
`v. Led Zeppelin, 952 F.3d 1051, 1066 (9th Cir. 2020) (en
`banc).
`
`A. Indirect Infringement Claims
`
`A defendant may be held vicariously and contributorily
`liable for copyright infringement carried out by another.
`Luvdarts, LLC v. AT & T Mobility, LLC, 710 F.3d 1068,
`1071 (9th Cir. 2013). But a plaintiff must show “[a]s a
`threshold matter . . . that there has been direct infringement
`by third parties.” Perfect 10, Inc. v. Amazon.com, Inc.,
`508 F.3d 1146, 1169 (9th Cir. 2007). The district court
`concluded that Oracle could not prove direct infringement
`by Terix in the form of unauthorized patch installations.7
`Oracle challenges the court’s failure to consider evidence of
`Terix’s pre-installation conduct. We briefly address that
`evidence and then discuss the deficiencies in the district
`court’s analysis.
`
`Direct infringement requires: “(1) ownership of a valid
`copyright, and (2) copying of constituent elements of the
`work that are original.” Seven Arts Filmed Entm’t Ltd. v.
`Content Media Corp. PLC, 733 F.3d 1251, 1254 (9th Cir.
`2013) (citation omitted). On the second element, we have
`made clear that “[b]oth uploading and downloading
`copyrighted material are infringing acts.” Columbia
`Pictures Indus. v. Fung, 710 F.3d 1020, 1034 (9th Cir.
`
`7 Oracle does not challenge the district court’s ruling concerning
`patch installations by Terix. Thus, we affirm the partial summary
`judgment for HPE on the indirect infringement claims as to that issue.
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 15 of 22
`
`ORACLE AMERICA V. HEWLETT PACKARD ENTER. 15
`
`
`
`2012). Oracle provided evidence of Terix’s downloading
`and copying of patches for joint HPE-Terix customers.
`Terix downloaded some 11,500 copies of Solaris patches,
`including thousands of copies of registered protectable code
`by using customers’ MOS credentials. Terix employees
`copied patches to internal Terix repositories as well as to
`Terix-provided laptops so that it could provide patches on
`demand to joint customers. Terix reproduced and distributed
`patches on its servers so that customers could access patch
`copies.
`
`to show direct
`this evidence appears
`Although
`infringement, the district court did not consider it because
`the court read “Oracle’s support contracts to grant an Oracle
`customer, or an agent of the customer, a license to download,
`deliver, and install Solaris patches.” Reasoning that Terix
`was an agent of a customer with a license, the court thought
`that only patch installations could constitute infringing
`conduct.
`
`An applicable license may be dispositive of an
`infringement claim. “Anyone who is authorized by the
`copyright owner to use the copyrighted work in a way
`specified in [the Copyright Act] . . . is not an infringer of the
`copyright with respect to such use.” Sony Corp. of Am. v.
`Universal City Studios, Inc., 464 U.S. 417, 433 (1984).
`Thus, an infringement claim “fails if the challenged use of
`the work falls within the scope of a valid license.” Great
`Minds v. Office Depot, Inc., 945 F.3d 1106, 1110 (9th Cir.
`2019). And “[t]he existence of a license creates an
`affirmative defense to” an infringement claim. Worldwide
`Church of God v. Phila. Church of God, Inc., 227 F.3d 1110,
`1114 (9th Cir. 2000). But “[w]hen a licensee exceeds the
`scope of the license granted by the copyright holder, the
`licensee is liable for infringement.” LGS Architects, Inc. v.
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 16 of 22
`
`16 ORACLE AMERICA V. HEWLETT PACKARD ENTER.
`
`Concordia Homes of Nev., 434 F.3d 1150, 1156 (9th Cir.
`2006).
`
`A court must construe the license to evaluate its effect on
`a claim of copyright infringement. “A copyright license
`‘must be construed in accordance with the purposes
`underlying federal copyright law.’” Great Minds, 945 F.3d
`at 1110 (quoting S.O.S., Inc. v. Payday, Inc., 886 F.2d 1081,
`1088 (9th Cir. 1989)); see also Cohen v. Paramount Pictures
`Corp., 845 F.2d 851, 854 (9th Cir. 1988) (same). “Chief
`among these purposes is the protection of the author’s
`rights.” S.O.S., 886 F.2d at 1088. “Federal courts ‘rely on
`state law to provide the canons of contractual construction to
`interpret a license, but only to the extent such rules do not
`interfere with federal copyright law or policy.’” Great
`Minds, 945 F.3d at 1110 (quoting S.O.S., 886 F.2d at 1088).
`
`The district court here, however, opined on Oracle’s
`licenses without applying these principles, and it never
`identified a license provision that authorized the challenged
`pre-installation conduct.8 That was error. At summary
`judgment, “[t]he district court must not only properly
`consider the record . . . but must consider that record in light
`of the ‘governing law.’” Zetwick v. County of Yolo, 850 F.3d
`
`8 HPE avers that the district court “held” HPE to its burden to
`identify a license provision authorizing the pre-installation conduct,
`pointing to an order in Oracle’s case against Terix. Oracle, 2015 WL
`2090191, at *1. But, in that order, the magistrate judge granted summary
`judgment for Oracle on the affirmative license defense, reasoning that
`Terix “violated the terms of the relevant licenses by using a customer’s
`credential’s to . . . download patches for any number of that customer’s
`machines, whether covered by the license terms or not” because “[t]his
`type of use is clearly not contemplated on the face of the license
`agreements.” Id. at *6. And unlike the district court here, the magistrate
`judge there applied the relevant principles to construe the licenses for
`Solaris versions 7, 8, 9 and 10. Id. at *1, 7–9.
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 17 of 22
`
`ORACLE AMERICA V. HEWLETT PACKARD ENTER. 17
`
`
`
`436, 441 (9th Cir. 2017) (quoting Anderson v. Liberty Lobby,
`Inc., 477 U.S. 242, 248 (1986)). “[W]here application of
`incorrect legal standards may have influenced the district
`court’s conclusion, remand is appropriate.” Id. at 442. By
`applying no legal standard to interpret the licenses, the
`district court failed to apply the correct one. In doing so, the
`court excluded pre-installation conduct from its analysis.
`Thus, we remand for the court to properly analyze the
`licenses. The court must reconsider all infringement claims
`for pre-installation
`conduct,
`including
`the direct
`infringement claims for which the court also limited its focus
`to unauthorized installations.9
`
`B. The Direct Infringement Claims
`
`As is relevant here, direct infringement requires copying
`of a protected work by the defendant. Seven Arts, 733 F.3d
`at 1254. It is undisputed that HPE’s installation of patches
`on unsupported servers would constitute infringement. But
`the parties dispute whether Oracle’s evidence showed that
`HPE performed such installations for its direct customers.
`We address separately the non-Symantec customers and
`Symantec and conclude that triable issues remain.
`
`1. Non-Symantec Customers
`
`The district court reasoned that, to survive summary
`judgment on the direct infringement claims for non-
`Symantec customers, Oracle had to provide: “(1) evidence
`that HPE installed a patch on a server that was not supported
`by an Oracle support contract, and (2) evidence that the
`
`9 We decline to resolve in the first instance whether Oracle produced
`sufficient evidence on the additional elements of secondary liability
`because the district court never considered those issues. Shirk v. U.S. ex
`rel. Dep’t of Interior, 773 F.3d 999, 1007 (9th Cir. 2014).
`
`

`

`Case: 19-15506, 08/20/2020, ID: 11795913, DktEntry: 104-1, Page 18 of 22
`
`18 ORACLE AMERICA V. HEWLETT PACKARD ENTER.
`
`patch was released and downloaded while that server was
`not on contract.” Oracle does not challenge this application
`of the copying element, and thus, it guides us here.
`
`Oracle relied on an analysis by its expert, Christian
`Hicks, of HPE-produced spreadsheet data for 35 HPE direct
`customers to show that HPE performed unauthorized patch
`installations. The spreadsheets had an “Installed on Date”
`column and a column identifying the hardware serial
`number. Hicks treated the “Installed on Date” column as
`showing actual installation dates. He found 210 instances of
`patching where “the ‘Installed on Date’ in HPE’s data
`occurred after Oracle support for that server had ended.” He
`found that for 188 of those instances, Oracle had not released
`the patches until after Oracle support for the server expired.
`Crediting HPE’s arguments, the district court concluded that
`Oracle could not prove with this data (a) unauthorized
`installations (b) by HPE. We disagree.
`
`a. Unauthorized Patch Installations
`
`The district court found an insurmountable “ambiguity”
`about whether the “Installed on Date” column reflected
`actual patch installations. The “ambiguity” stemmed from
`testimony by David Jensen, HPE’s Rule 30(b)(6) witness
`and a former HPE employee. In considering this testimony,
`the court failed to draw all reasonable inferences in Oracl