HT-2021-000363 - [2025] EWHC 532 (TCC)
Technology and Construction Court

HT-2021-000363 - [2025] EWHC 532 (TCC)

Fecha: 10-Mar-2025

Item 50: Winsopia Pizzabox (Paragraph 44.5 of the Technical Particulars)

Item 50: Winsopia Pizzabox (Paragraph 44.5 of the Technical Particulars)

826.

The allegation is that Mr Christian Wehrli of LzLabs, employees of LzLabs UK, and members of the “QA team” had access to the Winsopia mainframe and unscrubbed IBM proprietary material through use of the “Winsopia Pizzabox”, which was not a Designated Machine, in breach of clause 4.1 of the ICA.

827.

The Winsopia Pizzabox was a data centre server, with dimensions similar to a pizza box, stored at Winsopia’s premises. From around February 2015, the SDM was installed on the Winsopia Pizzabox and was used by Winsopia to conduct testing.

828.

The experts second joint statement includes the following matters of agreement:

i)

Certain LzLabs employees, including Mr Wehrli and members of the “QA team”, had access to the Winsopia Pizzabox through the Customer Support Centre (“CSC”) network. Such access was recorded using a Shell Control Box (“SCB”).

ii)

The Winsopia Pizzabox was connected to the Winsopia corporate network. The Winsopia mainframe was also connected to the Winsopia corporate network. By virtue of being on the same network, communication between the Pizzabox and the mainframe was possible.

iii)

Emails and audio files suggest that communication between the Winsopia Pizzabox and the Winsopia mainframe may have been possible via NJE or MQ.

iv)

Emails suggest that the Winsopia Pizzabox was used to store unscrubbed load modules.

829.

In cross-examination, Mr Wehrli stated that the Pizzabox could access the disks in the mainframe and that unscrubbed modules from the mainframe were found on the Pizzabox. He agreed that he used his access to the Pizzabox to provide material from Winsopia to LzLabs developers, Texas Wormhole and OnTarget and that some of that material was created on the Winsopia mainframe. However, he stated that he habitually checked the artefacts that were sent out, particularly from the Pizzabox or from the FTP server to the developers, to ensure that no proprietary materials were included. There is no evidence that any of the unscrubbed modules were sent by Mr Wehrli from the Pizzabox to LzLabs developers.

830.

The defendants submit that any remote connections from the Pizzabox to the mainframe would have been recorded by the Shell Control Box (“SCB”) logs. There is no evidence in the SCB logs that the Pizzabox was ever used by any LzLabs or LzLabs UK employee to connect to or use the Winsopia mainframe. Mr Werhli’s evidence was that he was able to connect to the Winsopia Pizzabox with a workaround, when the VPN tunnel was down, but that access was still obtained through the secure connection to the Winsopia network. Professor Donaldson’s opinion, based on his analysis of the SCB logs, was that there was no evidence that the Pizzabox was used as a means of connecting to the Winsopia mainframe. Although some doubts were raised as to the reliability of the SCB logs, there was no alternative data that undermined the analysis relied on by Professor Donaldson. On that basis, I find that there is no evidence that LzLabs or LzLabs UK used the Pizzabox to access the Winsopia mainframe.

831.

In summary, I find that the admitted storage of unscrubbed modules on the Pizzabox constituted a breach of clause 4.1.1(a) of the ICA; otherwise, this allegation is not established.

Otros enlaces de interés: