HT-2021-000363 - [2025] EWHC 532 (TCC)

In this case the evidence is clear that every act on the part of Winsopia which constituted a breach of the ICA, in accordance with my above findings, was an act undertaken at the direction of LzLabs or those controlling LzLabs.

Firstly, Winsopia’s sole purpose was to provide software development and testing services for LzLabs. LzLabs was incorporated in 2011 to develop what became the SDM. Mr Rockmann agreed that in order to develop and test the SDM LzLabs needed access to a mainframe. Winsopia was set up in 2013, at the suggestion of Mr Rockmann and funded by Mr Moores, to provide access to a mainframe to assist LzLabs with development and testing of the SDM.

Notwithstanding Mr Rastall’s protestation that Winsopia was set up as an autonomous business, his evidence was clear that this was done at the suggestion of Mr Moores, following a recommendation by Mr Broussard of Texas Wormhole, in furtherance of the SDM project. Arrangements for setting up the company, including funding the purchase of a mainframe by LzLabs, were made under the direction of Mr Moores’ legal and financial team and in collaboration with Mr Rockmann, as evidenced by their email exchanges during this period.

Secondly, Winsopia was a wholly-owned subsidiary of LzLabs. Winsopia was incorporated on 15 March 2013. By mid-June 2013, Mr Rockmann told Mr Moores that he had agreed a price for the purchase of Winsopia with Mr Rastall. Mr Rastall’s evidence was that he considered that he had no alternative but to sell to LzLabs. On 5 July 2013, LzLabs acquired the shares of Winsopia. Mr Rockmann, then the CEO of LzLabs, also became the sole director of Winsopia, effectively controlling both companies.

Thirdly, Winsopia had no customers apart from LzLabs and no fixed scope of work. The Services Agreement entered into by LzLabs and Winsopia required Winsopia to provide services that were defined in very broad and general terms in Schedule 1: (i) discovery and QA services to LzLabs as described in the Winsopia Code of Conduct; (ii) software development services to LzLabs in respect of the Agents; and (iii) managerial and operational support and co-operation as necessary, including attendance at meetings and conference calls. The degree of control exerted by LzLabs was exemplified by clause 12 of the Services Agreement, which entitled LzLabs to fund and take conduct of any defence to a third party claim against Winsopia in respect of intellectual property rights or misuse of confidential information.

Fourthly, the Services Agreement was signed twice by Mr Rockmann, once on behalf of Winsopia and again on behalf of LzLabs, negating any suggestion of independent operation on the part of Winsopia.

Fifthly, Mr Rastall’s evidence was that Winsopia used the mainframe and IBM licensed software for the sole purpose of assisting LzLabs in its software development. All of the work that Winsopia did was work which LzLabs instructed it to do.

An example of control over Winsopia’s activities is Mr Moores’ evidence that the SDM development work was allocated from Texas Wormhole to Winsopia because it had access to a mainframe:

“Q. Now, the reason for allocating work to Winsopia was because to do this Db2 work it was essential to have a mainframe, wasn't it?

A. Well, certainly David thought so, and he persuaded me that it would have been enormously helpful. There may have been other options, but we didn't consider them.

Q. Well, Mr Moores, it was absolutely essential, wasn't it? You couldn't have got anywhere with Db2 unless you'd had access to a mainframe?

A. I think access to a mainframe would have been crucial.”

Sixthly, in practice, Winsopia acted at all times at the behest of LzLabs. Mr Cresswell agreed in cross-examination that, at least from 2015 when he joined, Winsopia did not act independently of LzLabs:

“Q. But would you agree that Winsopia had no relevant role that was independent of LzLabs?

A. Winsopia's only customer was LzLabs, so, yeah, it didn't have a role independent of LzLabs.”

This was echoed by Mr Moores, who agreed in cross-examination that Winsopia acted under the direction of LzLabs:

“Q. … throughout the development of the SDM, Winsopia acted at all times under the direction of LzLabs and those controlling LzLabs, didn't it?

A. Yes.

Q. I suggest that it was always the intention that Winsopia would be used for the sole purpose of assisting LzLabs in the development of the SDM.

A. I think that's probably right, at least from the time of the acquisition.”

It follows that, to the extent that Winsopia carried out activities that amounted to a breach of the ICA, it did so at the direction and under the control of LzLabs. The breaches that have been established by IBM could not be described as isolated errors; their nature and extent, and the duration over which they occurred, are indicative of deliberate and systematic disregard of the terms of the ICA. Most of those activities were directed by LzLabs through the DR process; the requests for test results and information, with which Winsopia was required to comply, were a direct cause of the responses, which entailed reverse engineering and other breaches of the ICA. But even where specific requests were not recorded in DRs, the activities by Winsopia fell within the scope of the discovery and testing work instructed by LzLabs under the Services Agreement. That amounted to active procurement or inducement by LzLabs to Winsopia to carry out acts in breach of the ICA.

The defendants seek to rely on the clean room procedures, namely, the Codes of Conduct, the DR system and scrubbing of IBM proprietary materials, as evidence that there was no systematic breach of the ICA. However, those who controlled LzLabs and Winsopia did not take any meaningful steps to ensure that the clean room procedures were effective in practice. The safeguards set out in the early versions of the Codes of Conduct were eroded over time until there was no effective separation between LzLabs and Winsopia.

In particular, the Codes of Conduct were amended to allow LzLabs experts, including LzLabs developers, to be seconded to Winsopia, where they were given access to the Winsopia mainframe and direct communications were permitted between LzLabs developers and Winsopia employees. Mr Wilkinson of LzLabs visited Winsopia in May and June 2016, when he made commits to the SDM Git repository. Following a further visit to Winsopia at the end of March 2019, he sent an email explaining the work he did there to compare SDM and mainframe traces using debugging tools, such as GTF and XDC. Mr Reynard of LzLabs committed code to the Git repository whilst on secondment to Winsopia in April 2017. On 7 April 2017 Mr Janicek at LzLabs sent an email, identifying an urgent need for Mr Rider or Mr Pavlyuk to visit Winsopia, to meet a deadline of the end of April to get the DB2 Connect code working. Shortly afterwards, Alexey Pavlyuk, a software developer at On Target, visited Winsopia between 5 and 7 June 2017, during which period he made commits to the Git repository. In April 2018 Mr Wilkinson was authorised by Mr Rockmann to visit Winsopia and shortly thereafter he sent an email detailing the results of his investigations into the DL/2 CSECTs he found. Mr Bendich of LzLabs visited Winsopia in March 2019, where he was able to find bugs in the SDM code and use this information for development of the SDM. The dismantling of the barriers intended to separate SDM development from the mainframe software was exacerbated by the movement of employees between LzLabs and Winsopia, including via LzLabs UK.

This inter-mingling of LzLabs developers with Winsopia gave direct access to the mainframe software that augmented the information obtained through the DR system. The DR system did not prove to be successful in supervising or regulating the requests raised and responses provided so as to enforce compliance with the terms of the ICA, as evidenced by the findings of breach. These findings include deficiencies in the scrubbing process introduced by the CPX tool, that did not achieve removal of all IBM CSECTs and other proprietary materials.

In conclusion on this issue, I am satisfied that LzLabs procured or induced Winsopia to commit acts that amounted to breaches of contract.

The next question is whether LzLabs knew, or was reckless as to, the essential facts which made the acts unlawful for the purpose of the required element of knowledge.

The primary rule of attribution is that a company must necessarily have attributed to it the state of mind of its directing organ under its constitution, i.e. the board of directors acting as such or for some purposes the general body of shareholders: Meridian Global Funds Management Asia Ltd v Securities Commission [1995] 2 AC 500 per Lord Hoffmann at p.506; Bilta (UK) Limited v Nazir (No.2) [2015] UKSC 23 per Lord Sumption at [67].

Mr Rockmann was the CEO or Chief Operating Officer of LzLabs from its inception and Chairman of the Board. He was aware that the terms of the ICA prohibited the acts of reverse engineering and misuse of ICA Programs giving rise to the established breaches of contract on the part of Winsopia as follows.

Firstly, he signed the ICA, having reviewed the terms with the legal team, and initialled each page.

Secondly, although Mr Rockmann signed the ICA on behalf of Winsopia, thereby binding Winsopia but not LzLabs to the same, he acquired knowledge of its terms in his capacity as an officer of both Winsopia and LzLabs because Winsopia entered into the ICA under the direction and control of LzLabs.

Thirdly, in cross-examination, Mr Rockmann accepted that he was aware of the provisions of the ICA, including the restrictions contained in clause 4 of the agreement.

Fourthly, the Software Directive arguments, rejected by this court, would not be sufficient to displace knowledge of the wrongfulness of Winsopia’s activities. As explained by Lord Leggatt in Lifestyle Equities, liability does not depend on whether the defendant knew that the act done by the primary wrongdoer was against the law; all that is required is knowledge of the essential facts which make the act unlawful. In this case, the essential facts are knowledge that the terms of the ICA prohibited the acts of reverse engineering and other misuse of ICA Programs that LzLabs directed Winsopia to carry out.

Fifthly, Mr Rockmann is not entitled to rely on any belief that the Software Directive would provide a defence to the ICA breaches because he conceded that he did not have an understanding of the Software Directive. Further, no legal advice pursuant to which he might have acted has been produced in these proceedings.

Although that would be sufficient to establish the requisite knowledge attributable to LzLabs, I find that Mr Cresswell also had knowledge of the essential facts which made the acts unlawful. He was CEO of LzLabs between 18 May 2015 and November 2020. Thereafter, his role was Executive Chairman, followed by Non-Executive Chairman. He was also a director at Winsopia between 2 December 2015 and 28 February 2022. As an officer of both LzLabs and Winsopia, he must have known the terms of the ICA, including the prohibitions on reverse engineering and other misuse of the ICA Programs. Indeed, in cross-examination he accepted this:

“Q. So, at least at a high level, you appreciated that the ICA prohibited reverse-engineering?

A. Yes, I think I mentioned that in my witness statement.

Q. And you understood that it prohibited individuals outside of Winsopia being given access to ICA Programs or using them?

A. Yes. There was -- absolutely, yes.”

In any event, as stated by Lord Denning MR in Emerald Construction Co Ltd v Lowthian [1966] 1 WLR 691 at pp.700-701:

“Even if they did not know the actual terms of the contract, but had the means of knowledge - which they deliberately disregarded - that would be enough. Like the man who turns a blind eye… For it is unlawful for a third person to procure a breach of contract knowingly, or recklessly, indifferent whether it is a breach or not.”

The final required element is intention. In this case, that element is straightforward. LzLabs’ intention was to develop and market the SDM as quickly as possible. That could not be done without access to the Winsopia mainframe and the licensed operating system. Access to such software put Winsopia in breach of the terms of its licence. Thus, the means to achieving LzLabs’ aim was breach of the ICA.