In IBM United Kingdom Ltd v LzLabs GmbH and others [2025] EWHC 532 (TCC) the Technology and Construction Court considered a dispute about software and in particular if Winsopia had breached a licence agreement under which IBM licensed IBM mainframe software to Winsopia. The case was featured as one of The Lawyer’s Top 20 Cases of 2024, and there was a ten week trial from April 2024 about liability issues.
The dispute arose in the context of allegations that the defendants unlawfully reverse-engineered IBM’s licensed software to develop the so-called Software Defined Mainframe (SDM).
IBM licensed its mainframe software to Winsopia under an IBM customer agreement (ICA). IBM claimed that the defendants had breached the ICA by using Winsopia’s access to IBM’s software to develop the SDM through unlawful reverse engineering. Winsopia also refused IBM’s audit request, leading IBM to terminate the ICA and associated agreements.
IBM argued that Winsopia and the other defendants breached the ICA by reverse engineering IBM’s software, transferring ICA programs outside Winsopia’s enterprise, and using IBM’s source code without authorisation. It also argued that its audit request was valid and Winsopia’s refusal to comply breached the ICA. It further argued that it had validly terminated the ICA due to Winsopia’s breaches and refusal to comply with the audit request. Finally, it alleged that the defendants conspired to develop the SDM using unlawful means, including breaches of the ICA.
The defendants argued that they complied with the ICA and that the SDM was developed through lawful means, including observation, study, and testing permitted by the Software Directive 2009/24/EC and the Copyright, Designs and Patents Act 1988 (CDPA). They also claimed that IBM’s audit request was unreasonable, made in bad faith, and did not offer a reasonable period for then to comply. The defendants asserted that Winsopia did not breach the ICA and that IBM’s termination of the ICA was invalid. Finally, they argued that their actions were lawful and protected under the Software Directive and CDPA.
What did the court decide?
- The court found that Winsopia breached the ICA by reverse engineering IBM’s software. It transferred “unscrubbed” or partially “scrubbed” materials containing IBM mainframe software, and through use outside its enterprise and use beyond the designated machine and carried out reverse engineering. These breaches did not fall within the rights conferred by the Software Directive or the CDPA.
- It also said that IBM’s audit request was valid and reasonable. Winsopia’s refusal to comply with the audit request was a breach of the ICA.
- The court concluded that IBM validly terminated the ICA and associated agreements due to Winsopia’s breaches and refusal to comply with the audit request. In the alternative, IBM was entitled to treat the breaches as repudiatory and terminate the agreements at common law.
- The court found that certain defendants were liable for the tort of unlawful means conspiracy. The court determined that these defendants conspired to develop the SDM using information and material obtained in breach of the ICA, intending to injure IBM’s mainframe business.
- However, it dismissed claims against certain defendants for unlawful means conspiracy and unlawful procurement of breach of the ICA. The court accepted the defence that two defendants, Cresswell and Rockmann, acted within the scope of their authority and in good faith in their roles as officers of Winsopia.
- The court found that the defendants deliberately concealed the connection between Winsopia and LzLabs and Winsopia’s breaches of the ICA. IBM could not have discovered the concealment with reasonable diligence prior to August 2020, and so the claims were not time-barred.
The judge considered various issues in detail, such as interpreting a software licence, and how the software licence comes within the rights in the Software Directive of observation, studying and testing and/or interoperability (as implemented by the CDPA). She also considered the extent to which the Software Directive granted a right to reverse engineer interfaces and meaning of “interface”.
