Oracle is big. Huge.
It’s one of the largest enterprise software cloud service providers in the world and one of the largest data brokers in the US. It employs around 143,000 people, generated more than $42 billion in revenue during its fiscal year 2022 and has made more than 100 acquisitions over the years, including the component parts of its ill-fated data cloud.
But, the fact is, Oracle Data Cloud (what is now Oracle Advertising) doesn’t have and has never had 5 billion people in its ID Graph, regardless of Larry Ellison’s flair for the dramatic.
That “5 billion” number factors prominently in a class-action lawsuit (full text) that was brought in the US against Oracle in August over its use of third-party pixels to collect information and profile users.
The suit refers to a presentation given by Ellison, Oracle’s founder, at the company’s 2016 OpenWorld conference, during which he bragged that the Oracle Data Cloud (ODC) has information on more consumers than Facebook, another paragon of virtue.
Ellison put it like so: “They have great data, don’t get me wrong – Facebook has an incredible data asset, but so do we. And in our data cloud, marketers are able to target consumers and do a much better job of predicting what they’re going to buy next. I believe 5 billion consumers are in our identity graph – 5 billion. How many people are on Earth, 7 billion? Two billion to go.”
There is, however, no world in which Oracle had full profiles on around 70% of the Earth’s population.
Back in 2016, Oracle executives were both flummoxed and alarmed as Ellison preened on the stage at OpenWorld.
“I remember well when Larry said we had data on ‘billions of people’ and the collective ‘wut’ from ODC management at the blatant … umm … ‘misunderstanding’ of data we actually had,” Brian Monroe wrote in a post on LinkedIn shortly after the class-action lawsuit hit several weeks ago.
Monroe is now an enterprise digital security architect for BPX Energy, BP’s on-shore US oil and gas business. But between late 2014 and early 2020, Monroe was the head of cybersecurity for Oracle Data Cloud, having joined Oracle as part of its acquisition of Datalogix. He didn’t work directly with data as an analyst, but did have purview into the scope of profiles under ODC’s rather large umbrella.
Circa 2016 and 2017, BlueKai, Oracle’s DMP, had billions of IDs. But once they were deduped that total likely fell somewhere between 700 million and 800 million targetable identities of ‘varying richness’” at the time, Monroe told AdExchanger.
BlueKai’s deduped data overlapped with the data that Oracle got from Datalogix, which deduped down to roughly 110 million households.
AddThis, the social bookmarking service Oracle acquired in 2016, gave ODC several hundred million profiles.
Even if you were to simply add these deduped numbers together, not accounting for any overlap, the total doesn’t come anywhere near 5 billion.
And that’s because 5 billion isn’t just a massive exaggeration; it’s impossible.
In 2016, when Ellison spoke at OpenWorld, the year after Oracle first launched its ID graph, only 43.9% of the world’s population (3.2 billion people) even had access to the internet, according to Statista data.
This doesn’t mean the lawsuit against Oracle doesn’t have merit.
The fact that Oracle tracks people across devices is not in dispute. And it’s hard to disagree with the argument that Oracle’s data collection is opaque and ubiquitous and that getting informed consent from consumers is practically impossible.
Also, the suit calls out that AddThis apparently tracks data from sites tied to sensitive health and personal safety information, which is a very legitimate concern. The lawsuit cites a 2020 investigation by The Markup, which found AddThis trackers on websites for nonprofit groups that provide resources to domestic abuse survivors, undocumented immigrants and the LGBTQ community.
And it’s pretty clear to anyone with eyes that Oracle facilitates the buying and selling of consumer data without most people even realizing that it happens.
But, facts being facts, although billions of data points are a hell of a lot for one company to have access to, that doesn’t translate into dossiers on 5 billion people.
