The Hon. Mr Justice Langley Approved Judgment |
Royal Courts of Justice
Strand, London, WC2A 2LL
Before :
THE HON. MR JUSTICE LANGLEY
Between :
TEKTROL LIMITED (Formerly Atto Power Controls Ltd) | Claimant |
- and - | |
(1) INTERNATIONAL INSURANCE COMPANY OF HANOVER LIMITED (2) GREAT LAKES REINSURANCE (UK) LIMITED | Defendants |
Mr N. Strauss QC and Mr A. Burns (instructed by Beachcroft Wansboroughs) for the Claimant
Mr D. Railton QC and Mr G. Wheeler (instructed by Squire & Co) for the Defendants
Hearing date: 26 October 2004
Judgment
The Hon. Mr Justice Langley :
The Claim
The Claimant (“Tektrol”) seeks an indemnity from the Defendant insurers under the terms of a Combined All Risks Policy dated 18 January 2002 in respect of the loss of a source code which was the basis of Tektrol’s business of providing energy saving control devices for industrial motors.
The Preliminary Issues
The present trial was limited to the trial of two preliminary issues relating to the indemnity sought for business interruption under Section 2 of the Policy. On 11 June 2004 Morison J ordered the trial of three preliminary issues on assumed facts but insurers did not pursue their pleaded defence on the basis of the first of those issues. The two remaining issues are:
Whether Tektrol’s claim for business interruption loss is excluded under exclusion 7(b)(ii) (as alleged at paragraph 14(3)(c) of the Defence); and
Whether Tektrol’s claim for business interruption loss is excluded under exclusion 7(b)(i) (as alleged in paragraph 14(3)(bb) of the Defence).
The Assumed Facts
I have attached as the Appendix to this judgment a copy of the Assumed Facts which were agreed by the parties for the purpose of addressing the premininary issues. The more material facts are to be found in paragraphs 4, 12 to 15, 17, 20-21, 28 to 30, and 31. So far as the material terms of the Policy are concerned they are also set out in the body of this judgment. Paragraph 32c) of the Assumed Facts requires comment. Tektrol no longer agrees what is there stated and, in view of the nature of the present hearing, Mr Railton QC for insurers did not object to Tektrol contending otherwise.
Whilst the parties have rightly taken great care in drafting and agreeing the Assumed Facts, for the purposes of this judgment the essential picture they present can be summarised to be that:
The source code was held in five ways: on two computers located at Tektrol’s business premises; on a laptop of the managing director (Mr Shlaimoun); on a computer at a remote site operated by an independent company known as Compwise Systems; and on a hard copy print-out stored in a pilot case kept at Tektrol’s business premises.
On 19 December 2001, Tektrol received an e-mail with an attachment apparently consisting of a Christmas card from a firm of solicitors which Mr Shlaimoun opened on his laptop. In fact the e-mail was a virus program deliberately created by “a malicious person or persons” which had the effect of deleting the source code held on the laptop.
To quote paragraph 20 of the Assumed Facts: “The virus author had no knowledge of or connection to (Tektrol) or its source code. Although he did not intend to erase the … source code, he intended the virus program to spread around the world and knew that whenever the virus program was activated by the opening of the ‘Christmas Card’ attachment, computer data could be erased on the computer concerned.”
Mr Shlaimoun realised what had happened, believed that the remote site had not been corrupted, and repaired and reloaded the laptop from the remote site.
On about 2 January 2002 Tektrol’s business premises were burgled. The burglars stole various items including the two computers and the hard copy print-out.
The burglary was discovered on 7 January and it was then found that the virus had also deleted the source code held at the remote site and thus it had not been restored on the laptop.
All copies of the source code had therefore been lost. The virus had erased the copies on the laptop and at the remote site and about a fortnight later the burglars had stolen the two computers which held the other copies and the only hard copy.
The Policy
The most material terms of the Policy are the two exclusions on which insurers rely and which are referred to in the preliminary issues and certain definitions of the terms used in those exclusions.
The Insuring Clause in Section 2 provides that:
“IN THE EVENT OF any building or other property used by the Insured at the Premises for the purpose of the Business being accidentally lost destroyed or damaged during the Period of Insurance and in consequence the Business carried on by the Insured at the Premises be interrupted or interfered with then the Insurers will pay to the Insured In respect of each item in the Schedule the amount of loss resulting from such interruption or interference provided that…”
The Exclusions include:
“Sections 1 & 2 do not cover:
7 DAMAGE caused by or consisting of or CONSEQUENTIAL LOSS arising directly or indirectly from
a) disappearance, unexplained or inventory shortage, misfiling or misplacing of information
b) in respect of Section 2:
i) erasure loss distortion or corruption of information on computer systems or other records programmes or software caused deliberately by rioters strikers locked-out workers persons taking part in labour disturbances or civil commotion or malicious persons
ii) other erasure loss distortion or corruption of information on computer systems or other records programmes or software unless resulting from a Defined Peril in so far as it is not otherwise excluded.
13 DAMAGE or CONSEQUENTIAL LOSS in respect of computers or data processing equipment other than such DAMAGE or in respect of such CONSEQUENTIAL LOSS caused by
i) a Defined Peril
ii) theft or attempted theft involving breaking into or out of the buildings of the premises by forcible and violent means
iii) robbery or attempted robbery committed in the premises in so far as it is not otherwise excluded.”
The definitions include:
"CONSEQUENTIAL LOSS", in capital letters, shall mean loss resulting from interruption of or interference with the Business carried on by the Insured at the Premises in consequence of accidental loss or destruction of or damage to property used by the Insured at the Premises for the purpose of the Business.
"Defined Peril" shall mean fire, lightning, explosion, aircraft or other aerial devices or articles dropped therefrom, riot, civil commotion, strikers, locked-out workers, persons taking part in labour disturbances, malicious persons, earthquake, storm, flood, escape of water from any tank apparatus or pipe or impact by any mechanically propelled vehicle or by goods falling therefrom or animal.”
The Submissions
It is the primary case of insurers (i) that the loss of the source code by operation of the virus is excluded from cover by Exclusion 7(b)(i) because it was “caused deliberately” by “malicious persons”; and (ii) the loss of the source code on the two computers and in hard copy in the burglary is excluded by Exclusion 7(b)(ii) because it did not result from a “Defined Peril” not otherwise excluded. Insurers also contend that provided they are right that the loss caused by either one of the two events is excluded that is sufficient to exclude the loss in its entirety because the business interruption claim is dependant on no copy of the source code remaining. There would have been no loss if any copy of the source code had survived.
Tektrol’s primary submission is that:
Exclusion 7 (b)(i) does not apply to loss of the code caused by the virus because that loss was not “deliberately” caused as the virus was not targeted at or intended to harm Tektrol;
Exclusion 7(b)(ii) does not apply because the word “loss” is limited to “electronic” loss and does not cover theft of physical items which is addressed in Exclusion 13. It is also submitted that this loss did result from a “Defined Peril” as the thieves were “malicious persons” within the definition.
It was also submitted by Tektrol in a skeleton argument that a loss by theft was not “accidental loss” and thus not within the definition of Consequential Loss at all. But, rightly in my judgment, in the face of the provisions of the Policy wording consistent only with the insuring clause itself extending to loss by theft, Mr Strauss QC did not pursue the submission.
Exclusion 7 and Causation
“Directly or Indirectly”
It is not in dispute that the burglary caused the loss claimed. It resulted in the loss of the remaining copies of the source code. It is in issue whether the virus caused the loss.
Mr Railton QC, for insurers, submitted that whilst the insuring clause and the definition of Consequential Loss uses the language of “proximate cause” Exclusion 7 pointedly does not. The language of “directly or indirectly” provides for a wider test or “a more remote link in the chain of causation”: see Coxe v Employers’ Liability Assurance Corporation Ltd [1916] 2 KB 629 at 634 (Scrutton J). Plainly, as the authorities recognise, there must be some causal link but descriptions of it have proved elusive. Scrutton J considered an insurance against accidental death unless “directly or indirectly caused by … war”. He upheld an arbitrator’s award that the exclusion applied where the deceased assured military officer during the first world war, in the course of his duty, was walking along a railway line to visit guards posted on the line. The line was unlit because of wartime regulations. The deceased was struck and killed by a train. Scrutton J said the war had “placed the assured in a position specially exposed to danger” and so indirectly caused his death. In Spinney’s (1948) and ors v Royal Insurance Co Ltd [1980] 1 Lloyd’s Rep 406 Mustill J, also considering an exclusion of loss “occasioned … in consequence directly or indirectly of” stated events said:
“Plainly there must be some limit on the application of the clause, for the chain of causation recedes infinitely into the past. The draftsman must have intended to stop somewhere: and that place must be the point at which an event ceases to be a cause of loss, and becomes merely an item of history. The draftsman has not explained how that point is to be identified, nor indeed do I believe that words can be found to do so. It is, eventually, a matter of instinct- but an instinct guided by” the nature of the policy.
This approach was approved and applied by Glidewell J in Oei v Foster [1982] 2 Lloyd’s Rep 170.
In my judgment, whether as a matter of “instinct” or on the basis of an increased risk of loss, in the context of this policy both the virus and the burglary are properly to be described as causes of the consequential loss (business interruption) claimed by Tektrol. It is true, as Mr Strauss submitted, that there was no consequential loss following the virus and before the burglary and that the effects of the virus did not increase the risk of a burglary but they undoubtedly increased the risk of loss of the source code and so of interruption to Tektrol’s business. Exclusion 7 is on any view intended to exclude from cover certain losses of electronically held information. The reason no doubt is that such losses may be considerable. The very fact that Tektrol sensibly saw fit to have the source code held in two locations and on four computers and one hard copy demonstrates both its vital importance to the business and the perceived need to reduce the risk of loss. If the question is asked whether the consequential loss claimed arose indirectly from the virus in my judgment the answer is “Yes”. If there had been no virus the burglary would not have caused the loss claimed. The virus deprived Tektrol of the protection for the source code which the company considered to be appropriate, and in particular the protection at a remote site free from perils, such as fire, which might destroy all copies at Tektrol’s business premises. The virus also, unknown to Tektrol, in fact misled Tektrol into believing the protection had been fully restored before the burglary.
Is one cause enough?
Mr Railton further submits that if either cause of the loss (the virus, as I have held or the burglary as is agreed) is excluded from cover then the result is that the loss is excluded. That is because insurers have stipulated that it is to be excluded on that ground and for that reason and it is nothing to the point that another cause of the loss is not excluded.
In Wayne Tank and Pump v Employers Liability Ltd [1974] 1 QB 57 there was a fire at a factory. The factory owners sued the plaintiffs who had installed equipment at the factory. The equipment was held to have caused the fire together with the conduct of an employee of the plaintiffs who had left the installation switched on. The plaintiffs were held liable to the factory owner and sought to recover from insurers. The insurers were held to have excluded liability for the equipment but not for the conduct of the employee. The Court of Appeal “per curiam” held that where there were two causes of damage, one within the general insuring provisions of the policy for which insurers had agreed to an indemnity, and one within an exception and so excluded from indemnity, insurers could rely on the exception.
The Court of Appeal was addressing circumstances in which a single event (the fire) giving rise to the loss had two proximate causes. That is not this case. But I can see no difference in the principle to be applied to a case such as this where, as I have held, two separate events cause the loss and one is excluded as an indirect but not a proximate cause. To quote Lord Denning M.R. at page 67F, in respect of the exempted loss insurers “have stipulated for freedom” and “the only was of giving effect to it is by exempting them altogether”. The judgments of Cairns LJ (69B) and Roskill LJ (75D) are to the same effect. In The “Aliza Glacial” [2002] 2 Lloyd’s Rep 421, at paragraph 47, Potter LJ, in agreeing the principle, also stated that the two or more causes need not be “exactly coextensive in time”.
Conclusion
It follows that in my judgment Mr Railton is right in his submission that if the consequences of either the virus or the burglary are excluded from cover, insurers succeed.
EXCLUSION 7(B)(i) THE VIRUS
Deliberately
There is no dispute that the loss of the source code on the laptop and at the remote site arose from the erasure or corruption of the code by the virus. There is also no dispute that those who were responsible for the virus created it deliberately and were “malicious persons”: see the Assumed Facts at paragraph 32.
The issue is whether, in the circumstances assumed in paragraphs 19 and 20 of the Assumed Facts, the erasure or corruption of the source code on the computers was “caused deliberately” by the creators of the virus.
Mr Strauss submits that the wording is ambiguous because it does not make clear what it is that has to be deliberate. Is it the erasure of information on computer systems in general or the information held on Tektrol’s computer system in particular ? That ambiguity, he submits, must be resolved in favour of the assured as insurers are responsible for the policy wording.
Mr Railton submits there is no ambiguity. “Deliberately” identifies the state of mind with which the relevant act which causes the loss is carried out. It means “done on purpose”. The contrast is with “accidental” or “incidental”. There is no need for the act to be directed at a specific person or object. This submission derives some support from Charlton v Fisher [2001] 1 Lloyd’s Rep I.R. 387 at paragraphs 24 and 62.
I agree with Mr Railton. The words used are common English words. If the question is asked whether the erasure of the source code on the laptop and at the remote site was caused deliberately by those who created and transmitted the virus in my judgment it really permits only of the answer “Yes”.
It follows that consequential loss arising from the virus is excluded from cover and on my findings on the causation issue is of itself fatal to Tektrol’s claim under the policy. I will nonetheless consider Exclusion 7 and the burglary.
EXCLUSION 7 and THE BURGLARY
“Malicious Persons”
It is insurers’ case that the burglary does not fall within 7(b)(i) because the burglars were not “malicious persons” in the sense in which those words are used there. That, as I have said, was agreed for the purposes of the Assumed Facts in paragraph 32(c) but Tektrol has thought again about it and now seeks to contend otherwise. Unsurprisingly insurers stand by the Assumed Facts but submit that even if that is wrong then the damage caused by the burglary is itself excluded under 7(b)(i).
In my judgment Tektrol’s second thoughts are not better thoughts. The Assumed Facts are and were correct. There are other Exclusions (3, 12 and 13) which are drafted on the premise that “theft” and a “Defined Peril” are distinct causes of damage. So, too, is General Condition 10 (Claims Procedure).
“Loss”
It is Tektrol’s submission that “erasure loss distortion or corruption of information on computer systems” is all the language of damage caused by electronic but not physical means. Thus Mr Strauss submitted that if a computer is stolen it does not result in the loss of information on the computer because that (without more) remains intact. He submitted that the word “loss” would not be otiose because information could be “lost” electronically but not “deleted distorted or corrupted” if it was “hidden from view or barred by a virus or hacker’s password”.
Mr Strauss also submitted that the physical loss of the computers themselves was governed by Exclusion 13 and pointed to the fact that the reference to theft there was not, unlike the reference to robbery, qualified by the words “insofar as it is not otherwise excluded”. He submitted that if the proviso to Exclusion 13 did not extend to information on the computers its application would be emasculated.
Mr Railton, whilst acknowledging that the other words were more apt for electronic loss, submitted that the ordinary meaning of the word “loss” includes physical loss. He pointed to the fact that the exclusion also extends to “other records programmes or software” and so to physical items. The hard copy in the pilot case or a disc would fall within the description. There is no sensible reason to limit the exclusion to corruption of discs rather than, say, their theft let alone to erasure of a hard copy rather than its disappearance nor why the actions of rioters and the like should be excluded if they deliberately use electronic means to cause the loss of information on computers but not if they deliberately cause the same loss by the destruction of the computers themselves.
Mr Railton also submitted that Exclusion 13 was addressed to hardware not software, whereas software was the subject of Exclusion 7. If the proviso to Exclusion 13 had the width for which Mr Strauss contended it would emasculate the effect of Exclusion 7.
In my judgment both these submissions are well made but again I think Mr Railton is right. I do not think the word “loss” would have any real distinct content if it were limited to electronic loss. Mr Strauss’ example might readily be said to amount to distortion or corruption of the information. In contrast, in the physical sense, the word “loss” is readily and sensibly applicable to “records programmes or software” whereas the other words used are, I think, less apposite in that context. I also think it would be a common use of language to say that when the two computers with a source code stored on them were stolen from Tektrol’s business premises the source code itself was lost and I do not think the juxtaposition of the “loss” with the other words read in the context of the exclusion as a whole sufficient to give the word the more limited meaning for which Mr Strauss contends.
“Defined Peril”
The proviso to Exclusion 7(b)(ii) “unless resulting from a Defined Peril in so far as it is not otherwise excluded” is not, in my judgment, material. The consequences of the virus are on my findings “otherwise excluded” by Exclusion 7(b)(i). The consequences of the burglary did not result from a Defined Peril because the burglars were not “malicious persons” and no other part of the definition is even arguably appropriate.
Conclusion
In my judgment, therefore, Tektrol’s claim is also excluded from an indemnity by the operation of Exclusion 7(b)(ii).
OVERALL CONCLUSION
The preliminary issues are both to be answered in the affirmative. The loss of the source code by the operation of the virus is excluded under 7(b)(i). The loss of the source code in the burglary is excluded under 7(b)(ii). Even if it were the case that only one of the losses was excluded the claim for an indemnity under the policy would fail.
I will expect the parties to prepare a draft order to reflect the terms of this judgment when it is handed down and will hear submissions then on any ancillary matters or the terms of the order if they cannot be agreed.
APPENDIX
ASSUMED FACTS FOR THE PRELIMINARY HEARING
The Claimant’s Business
1. The Claimant is in the business of designing, developing and manufacturing energy saving control devices for industrial motors. Its main product is called a “PowerMiser”. The PowerMiser relies for its operation on executable code which is programmed into each PowerMiser by the Claimant and which differs according to the particular circumstances in which the PowerMiser is to be used.
2. The executable code for the PowerMiser is compiled from source code written by the Claimant. The Claimant adapts the source code in order to create the variations in the operation which are required to customise each PowerMiser for the particular circumstances in which it will be used. The adapted source code must be compiled for use in the PowerMiser for which it was written.
3. The Claimant relies upon the availability of the source code in order to adapt each new PowerMiser to the requirements of a particular customer. Without the source code, the Claimant could only produce PowerMisers that were exact replicas of existing machines.
4. At the material times, the Claimant stored copies of the PowerMiser source code on:
a) Two development computers located at the Claimant’s business premises, the Business Innovation Centre;
b) The laptop computer of the managing director of the Claimant, Mr Shlaimoun;
c) The Claimant’s partition of a data server operated by a company known as Compwise Systems, to which the Claimant had remote access; and
d) A paper print-out of the latest working copy of the source code, which was stored in a pilot case kept at the Claimant’s business premises.
5. The data on the laptop computer was stored as follows:
a) The PowerMiser source code was contained in .zip files that were stored in a number of directories each representing a different version of the software.
b) The Claimant’s other files, such as quotations, agreements, specifications and other correspondence were stored in Word, Excel and other types of file formats, which were held in a number of directories each representing a different customer, supplier or matter.
6. All the files and directories containing the source code and other files were regularly backed up by the Claimant onto its partition of the Compwise data server.
7. The backup was carried out by selecting and copying all of the directories in the relevant main directory on the hard drive of the laptop and pasting them on to the Compwise data server, which was connected to the laptop as a network drive. As the Compwise data server was located in another part of the Business Innovation Centre to that at which the Claimant had its premises, the data transfer took place via the Business Innovation Centre internal network.
The applicable insurance cover
8. For the relevant period, the Defendants insured the Claimant in respect of material damage and business interruption loss under the terms of a “Combined All Risks” policy issued by Admiral Underwriting Agencies dated 18 January 2002 (“the Policy”).
9. Section 1 of the Policy is headed “Material Damage ‘All Risks’” and provides (insofar as material) that:
“In the event of the Property Insured described in the Schedule being accidentally lost destroyed or damaged during the Period of Insurance the Insurers will pay to the Insured the value of the property at the time of its loss or destruction or the amount of the damage or at the Insurers’ option reinstate or replace such property or any part of it…”
10. The “Property Insured” is defined by the Policy to include:
“Contents
Contents therein and thereon the property of the Insured or held by the Insured in trust for which the Insured is responsible including
i) tenants’ improvements alterations and decorations
ii) so far as they are not otherwise insured employees’ directors’ and visitors’ personal effects of every description (other than motor vehicles) for an amount not exceeding £500 in respect of any one person
iii) Contents of outbuildings
iv) Contents in the open yards
But excluding
i) landlords’ fixtures and fittings
ii) stock and materials in trade
iii) money and stamps (including National Insurance stamps) in excess of £500
iv) documents manuscripts and business books except for the cost of the materials and of clerical labour expended in reproducing such records
v) computer Systems records except for an amount not exceeding £5000 in respect of the cost of the materials and of clerical labour and computer time expended in reproducing such records
vi) any expense in connection with the production of the information to be recorded in documents manuscripts business books or computer systems records
vii) any amount exceeding £1000 in respect of any one pattern model mould plan or design or set of the same
viii) vehicles licensed for road use including accessories thereon
Stock
Stock and Materials in Trade therein and thereon the property of the Insured or held by the Insured in trust for which the Insured is responsible.”
11. “DAMAGE” in capital letters is defined by the Policy to mean “accidental loss or destruction of or damage to the Property Insured”.
12. Section 2 of the Policy is headed “Business Interruption ‘All Risks’” and provides (insofar as is material) that:
“In the event of any building or other property used by the Insured at the Premises for the purpose of the Business being accidentally lost destroyed or damaged during the Period of the Insurance and in consequence the Business carried on by the Insured at the Premises be interrupted or interfered with then the Insurers will pay to the Insured in respect of each item in the Schedule the amount of loss resulting from such interruption or interference provided that:
a) at the time of the happening of the loss destruction or damage there shall be in force an insurance covering the interest of the Insured in the property at the Premises against such loss destruction or damage and that
i) payment shall have been made or liability admitted therefor; or
ii) payment would have been made or liability admitted therefor but for the operation of a proviso in such insurance excluding liability for losses below a specified amount.”
13. There are two relevant definitions applicable to section 2 of the Policy:
“‘CONSEQUENTIAL LOSS’, in capital letters, shall mean loss resulting from interruption of or interference with the Business carried on by the Insured at the Premises in consequence of accidental loss or destruction of or damage to property used by the Insured at the Premises for the purpose of the Business.”
“‘Defined Peril’ shall mean fire, lightning, explosion, aircraft or other aerial devices or articles dropped therefrom, riot, civil commotion, strikers, locked-out workers, persons taking part in labour disturbances, malicious persons, earthquake, storm, flood, escape of water from any tank apparatus or pipe or impact by any mechanically propelled vehicle or by goods falling therefrom or animal.”
14. There are a number of exclusion clauses applicable to sections 1 and 2 of the Policy. Exclusion clause 7 provides that sections 1 and 2 do not cover:
“DAMAGE caused by or consisting of or CONSEQUENTIAL LOSS arising directly or indirectly from
a) disappearance, unexplained or inventory shortage, misfiling or misplacing of information
b) in respect of Section 2:
i) erasure loss distortion or corruption of information on computer systems or other records programmes or software caused deliberately by rioters strikers locked-out workers persons taking part in labour disturbances or civil commotion or malicious persons
ii) other erasure loss distortion or corruption of information on computer systems or other records programmes or software unless resulting from a Defined Peril in so far as it is not otherwise excluded.”
15. Exclusion clause 13 provides that sections 1 and 2 do not cover:
“DAMAGE or CONSEQUENTIAL LOSS in respect of computers or data processing equipment other than such DAMAGE or in respect of such CONSEQUENTIAL LOSS caused by
i) a Defined Peril
ii) theft or attempted theft involving the breaking into or out of the buildings of the premises by forcible and violent means.”
The computer virus
16. In early December 2001 Mr Shlaimoun backed up the directories from the laptop to the Compwise data server in the normal way.
17. On 19 December 2001 the Claimant received an email that purported to be a Christmas card from Rakisons solicitors. The email was in fact sent unintentionally by the firm of solicitors as it was generated automatically by a virus program disguised as a Christmas card email message, which had been opened by a member of the solicitors’ staff who had the Claimant’s email address in his address book.
18. Using his laptop computer (on which one of the copies of the PowerMiser source code was stored), Mr Shlaimoun opened the email that purported to be the Christmas card but which in fact was a virus program created by a malicious person or persons unknown. The virus program is known as W32.Maldal.C@mm and is a mass-mailing worm that is written in Visual Basic. The virus program was first reported on 19 December 2001 and so on that day the Claimant’s ‘Mcafee’ and Compwise’s ‘Trend’ anti-virus software had not yet received the update to combat this particular virus program.
19. The virus program was designed by its author to carry out the following operations:
a) It emails itself to all contacts in the Microsoft Outlook address book with the attachment ‘Christmas.exe’.
b) It then changes the computer registry so that the virus program runs each time that Windows is started.
c) It disables the keyboard, so that it cannot be used until the computer can be restarted without the virus program being executed.
d) It changes the Internet Explorer home page to a malicious page that contains a political statement and a JavaScript program which then runs a virus program called ‘Rol.vbs’.
e) The virus program copies itself to the System directory and deletes system files.
f) It then deletes various types of files including .zip files.
20. The virus author had no knowledge of or connection to the Claimant or its source code. Although he did not specifically intend to erase the Claimant’s source code, he intended the virus program to spread around the world and knew that whenever the virus program was activated by the opening of the ‘Christmas card’ attachment, computer data could be erased on the computer concerned.
21. When Mr Shlaimoun activated the virus program, it:
a) Sent copies of itself out to contacts contained in his copy of Outlook;
b) Deleted (amongst others) the .zip files containing the source code held on the Claimant’s partition of the Compwise data server, which was connected to the laptop as a network drive via the Business Innovation Centre internal network; and
c) Deleted system files on the laptop causing it to cease functioning.
22. When Mr Shlaimoun saw the political message and realised that the Christmas card was in fact a virus, he disconnected the laptop computer from the network by pulling the network cable out and so prevented the virus program from deleting any further files on the Compwise data server and the virus from spreading to any more of his contacts.
23. In order to repair the laptop, Mr Shlaimoun used the manufacturer’s system recovery disk, which reformatted the hard drive and wiped all information, including the corrupted system and other files and the virus programs from the laptop. The recovery disk then reloaded the Windows operating system and other system files on to the laptop.
24. Before using the manufacturer’s system recovery disk, Mr Shlaimoun had used another computer to look at the Claimant’s partition on the Compwise data server and saw that the directory structure appeared intact. As a result, he believed that all the Claimant’s files stored on the Compwise data server were intact.
25. Mr Shlaimoun then reloaded his applications from the manufacturer’s disks on to his laptop and reconnected the laptop to the Business Innovation Centre internal network to reload the backup files kept on the Compwise server.
26. Mr Shlaimoun downloaded the directory structure from the Compwise data server to the hard drive of his laptop. He checked and worked upon a number of customer documents and similar files that were in some of the directories and it appeared that a successful recovery had taken place. He did not do any work on developing the source code for the PowerMiser that day or otherwise check on the source code.
27. Mr Shlaimoun thought that he had successfully recovered the source code and he left for his Christmas holiday.
The burglary
28. On about 2 January 2002 the Claimant’s premises were burgled. During the burglary, the two on-site development computers and the paper print-out of the PowerMiser source code were stolen along with other equipment and stock.
29. Upon discovery of the burglary on 7 January 2002, the Claimant checked what it thought were the remaining copies of the PowerMiser source code on Mr Shlaimoun’s laptop and the Compwise data server, it realised that the version on the Compwise server had been deleted by the virus program. As a result, when the directory structure from the Compwise data server was downloaded to the laptop by Mr Shlaimoun, the PowerMiser source code had not been restored to the laptop.
30. The Claimant therefore had no remaining copies of the PowerMiser source code. Two of its copies were erased or corrupted by the virus program (and had not subsequently been restored), two on-site development computers were stolen, each containing a copy of the source code and the one paper copy contained in the pilot case was also stolen.
The Insurance Claim
31. The Claimant has sought to obtain an indemnity under the Policy for loss of contents, loss of stock and for business interruption losses. The Defendants resist that claim.
32. It is agreed between the parties that:
a) The virus author or authors deliberately created the virus program;
b) The virus author or authors was or were a malicious person or persons;
c) The theft during the course of the burglary was not a Defined Peril.