Judge denies Oracle's requests to add to JEDI cloud contract sueball

Says named documents are already covered by the record

Oracle's bid to depose two former US government staffers and pull in extra material to support its legal wrangling over the $10bn Pentagon cloud contract has failed.

In an order filed under seal last week but now publicly reissued, Eric Bruggink, the senior judge in the case, denied Oracle's requests. It follows his refusal to add the firm's in-house lawyer to the suit earlier this month.

The case centres on the Joint Enterprise Defense Infrastructure (JEDI) contract that the Department of Defense is to hand to a single cloud vendor for up to a decade.

Oracle argued the plan risks damaging innovation, would lock the DoD into a single cloud vendor for years and is uncompetitive. But of course another concern is that AWS is a front-runner for the deal.

Block bid

Furious Big Red has sought to block the award however it can, carrying out extensive media briefings and filing both an (unsuccessful) bid protest with the Government Accountability Office and a lawsuit against the government in the US Court of Federal Claims.

As well as taking issue with the single vendor award and what it says are unnecessarily restrictive criteria, Oracle's argument focused on two former DoD employees, Deap Ubhi and Anthony DeMartino.

It alleged they were conflicted because of their work at or links to AWS – allegations that prompted AWS to join the case as an intervenor.

Ubhi has come under greatest scrutiny as not only did he work for AWS before joining the DoD, but he went back to the vendor after just 18 months, in which time he worked on the early stages of the JEDI contract.


The contracting officer for JEDI concluded that neither of the two individuals' involvement had negatively impacted the way the award was drawn up – although a separate probe has been launched over whether Ubhi's return to AWS is a conflict now that the firm has submitted a bid.

But Oracle wants to sniff out further evidence to bolster its allegations, and requested permission from the court to carry out discovery and deposition on Ubhi and DeMartino.

It also sought to have eight categories of government materials – including the contents of the DoD's JEDI Cloud Google Drive – added to the administrative record, which contains the info the department considered while drafting the contract.

However, the court – siding with the government and AWS – said Oracle hadn't met the threshold required to allow further discovery, as the record "is sufficient as it stands" and has enough material to assess the contracting officer's decisions.

The court noted that one of the eight documents named by Oracle was already included in the record, while others duplicate information or facts were already there.

"Many of the facts that Oracle lists are included in the AR [administrative record], thus requiring no discovery to include in the record… Additionally, some of the 'facts' are unsupported by any evidence, casting only suspicion on Mr DeMartino and Mr Ubhi," the court said.

"None of the categories of documents submitted are necessary to supplement the AR. The AR as it exists allows the court to evaluate the [contracting officer's] investigation into conflicts of interest."

Judge Bruggink said Oracle wanted to use the motion to determine if there was a conflict of interest, but that this was not the court's role.


Pentagon admits it's now probing conflicts of interest at AWS over $10bn JEDI cloud deal


"Either of these examples [of materials sought by Oracle] might or might not have been appropriate for the [contracting officer] to investigate, but as the court held in [Jacobs Tech. Inc. v. United States], it is 'the agency – not the Court or [the protestor] – [that] is charged with conducting the [organizational conflict of interest] analysis and a [Procurement Integrity Act] investigation (if warranted),' and thus we will not usurp DoD's role."

Bruggink acknowledged Oracle's concerns about a possible conflict, and said it was possible the contracting officer should have considered more information – but that the existing record was sufficient to decide if this was the case.

"Our task on the merits will be to answer the narrow question of whether the agency reviewed the proper materials, asked the right questions, and articulated sufficient reasoning for its decision on the conflicts of interest."

Oral arguments on the cross-motions for judgment on the administrative record in the case will be held on 4 April. ®

Similar topics

Broader topics

Other stories you might like

  • Verizon: Ransomware sees biggest jump in five years
    We're only here for DBIRs

    The cybersecurity landscape continues to expand and evolve rapidly, fueled in large part by the cat-and-mouse game between miscreants trying to get into corporate IT environments and those hired by enterprises and security vendors to keep them out.

    Despite all that, Verizon's annual security breach report is again showing that there are constants in the field, including that ransomware continues to be a fast-growing threat and that the "human element" still plays a central role in most security breaches, whether it's through social engineering, bad decisions, or similar.

    According to the US carrier's 2022 Data Breach Investigations Report (DBIR) released this week [PDF], ransomware accounted for 25 percent of the observed security incidents that occurred between November 1, 2020, and October 31, 2021, and was present in 70 percent of all malware infections. Ransomware outbreaks increased 13 percent year-over-year, a larger increase than the previous five years combined.

    Continue reading
  • Slack-for-engineers Mattermost on open source and data sovereignty
    Control and access are becoming a hot button for orgs

    Interview "It's our data, it's our intellectual property. Being able to migrate it out those systems is near impossible... It was a real frustration for us."

    These were the words of communication and collaboration platform Mattermost's founder and CTO, Corey Hulen, speaking to The Register about open source, sovereignty and audio bridges.

    "Some of the history of Mattermost is exactly that problem," says Hulen of the issue of closed source software. "We were using proprietary tools – we were not a collaboration platform before, we were a games company before – [and] we were extremely frustrated because we couldn't get our intellectual property out of those systems..."

    Continue reading
  • UK government having hard time complying with its own IR35 tax rules
    This shouldn't come as much of a surprise if you've been reading the headlines at all

    Government departments are guilty of high levels of non-compliance with the UK's off-payroll tax regime, according to a report by MPs.

    Difficulties meeting the IR35 rules, which apply to many IT contractors, in central government reflect poor implementation by Her Majesty's Revenue & Customs (HMRC) and other government bodies, the Public Accounts Committee (PAC) said.

    "Central government is spending hundreds of millions of pounds to cover tax owed for individuals wrongly assessed as self-employed. Government departments and agencies owed, or expected to owe, HMRC £263 million in 2020–21 due to incorrect administration of the rules," the report said.

    Continue reading
  • Internet went offline in Pakistan as protestors marched for ousted prime minister
    Two hour outage 'consistent with an intentional disruption to service' said NetBlocks

    Internet interruption-watcher NetBlocks has reported internet outages across Pakistan on Wednesday, perhaps timed to coincide with large public protests over the ousting of Prime Minister Imran Khan.

    The watchdog organisation asserted that outages started after 5:00PM and lasted for about two hours. NetBlocks referred to them as “consistent with an intentional disruption to service.”

    Continue reading
  • Suspected phishing email crime boss cuffed in Nigeria
    Interpol, cops swoop with intel from cybersecurity bods

    Interpol and cops in Africa have arrested a Nigerian man suspected of running a multi-continent cybercrime ring that specialized in phishing emails targeting businesses.

    His alleged operation was responsible for so-called business email compromise (BEC), a mix of fraud and social engineering in which staff at targeted companies are hoodwinked into, for example, wiring funds to scammers or sending out sensitive information. This can be done by sending messages that impersonate executives or suppliers, with instructions on where to send payments or data, sometimes by breaking into an employee's work email account to do so.

    The 37-year-old's detention is part of a year-long, counter-BEC initiative code-named Operation Delilah that involved international law enforcement, and started with intelligence from cybersecurity companies Group-IB, Palo Alto Networks Unit 42, and Trend Micro.

    Continue reading

Biting the hand that feeds IT © 1998–2022