HT-2021-000363 - [2025] EWHC 532 (TCC)

These allegations concern the transfer by Winsopia of JCL procedures to LzLabs. IMS procedures (“PROCs”) are JCL files that are used to configure elements of the user’s IMS installation, including the way in which IMS tasks will run. “Sample” procedures are provided with the IMS software product for this purpose in the SDFSPROC library and include an IBM copyright statement.

DR-4184 was opened on 8 July 2019 and contained a request by LzLabs for Winsopia to modify a customer program as an IMS application, package it up using CPX and send it to LzLabs. In the answer on 9 August 2019, Winsopia explained that the customer application was unsuitable for this purpose; instead, Winsopia had built its own sample, supplied via DR-4244. This indicates that the SDFSPROC library sent by Winsopia originated on its mainframe.

DR-4244 was opened on 31 July 2019 and contained a request by LzLabs for Winsopia to send H2R and DL2 versions of a test program developed by LzLabs. A comment was added on 22 August 2019 stating:

“As I processed DR4244 I noticed it has explicit JCL members with the IBM explicit copyright notification in one member I have seen and I did not want to open anything further. This member is the DLIBATCH member in the IMS version of the CPX package…

Since that was the only member I looked at, I did not view any other. Turned out our exercise did not need that proc specified in the original JCL.

I am deleting these resources and requesting another CPX package that hasn’t any copyrighted material.”

By email dated 3 October 2019, Conley Shepherd at LzLabs UK notified Mr Maddison at Winsopia that he had identified IBM copyrighted material in the DR-4184 CPX, in particular, an IMS procedure. In response, Mr Maddison stated:

“SDFSPROC is being automatically selected by CPX as datatype (HDB PROCLIB) as requested by the IMS/HDB Specifications for CPX-CPI. Should we exclude all members that contain Copyright text? There also members in HDB RESLIB that contain Copyright statements, though these being load modules we should be scrubbing them already.

As regards issues with the JCL I will test this on my SDM and build a new package when your next DR requesting a replacement for DR4184 arrives. I will run my new Copyright scanning job against it before sending it out. This does however raise the question as to whether CPX itself should perform this check for non-load module material?”

In further emails sent to Mr Rastall on this issue, Mr Maddison stated:

“We clearly have a serious issue sending you the IMS PROCLIB dataset because it contains all manner of stuff, much of it either irrelevant to the IMS region of interest and/or proprietary to IBM.

…

The way that CPX automatically discovers artefacts to export is complex and we need to investigate where we might be exposed. Of the 4 IMS packages I built, these 2 contained sample PROCLIB members marked "Copyright IBM" and have been deleted from the FTP site.

…

I don't know about any other IMS packages that may have been created in the past. Looking forward, when exporting IBM supplied source libraries required to support an application, we need to either apply a filter to identify copyright or extract only specific user customisable members. This likely applies to CICS and DB2 also. In the meantime I have figured out a workaround that will cause CPX to discover a redacted IMS PROCLIB and will rebuild DR4380 and DR4184.”

Mr Whittingham responded as follows:

“There definitely appears to be a need for some form of detection of copyrighted material being included into CPX packages, particularly when the offending datasets are automatically selected.”

In cross-examination, Mr Jaeger accepted that part of the IMS dataset must have been created on the Winsopia mainframe because the file contained the presence of a Winsopia qualifier. Mr Stephens agreed that DR-4244 related to an IMS test application created in-house by Winsopia and sent to LzLabs, including the IMS procedure library containing DLIBATCH. Mr Swanson and Mr Stephens both examined datasets with names that matched those referred to in the above emails, from which it was apparent that Winsopia had deleted the IBM copyright statements and comments but made no other substantial changes.

From the above evidence, I find that during this period, Winsopia created test applications, using IMS procedures and datasets, which were sent to LzLabs through the DR process. The CPX tool was not designed to scrub JCL scripts and therefore IBM copyright material in the procedures and datasets was not removed.

SDFSPROC is an IMS PROCLIB dataset supplied by IBM as part of the IMS version 15 software product, an ICA Program. Although referred to as “samples” in IBM documentation, the procedures are clearly marked as IBM licensed materials. Their status as components of an ICA Program is not changed by the fact that the procedures can be customised. For the reasons set out in paragraph [711] above, the terms on which sample programs may be distributed do not permit export to LzLabs for the purpose of developing the SDM. They are designed to be run on a mainframe operating system and remain subject to the terms of the ICA.

In summary on this item: