DCT
2:25-cv-00595
Digitaldoors, Inc. v. Southpoint Bank
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: DigitalDoors, Inc. (Florida)
- Defendant: SouthPoint Bank (Alabama)
- Plaintiff’s Counsel: Lucosky Brookman, LLP; Hoffberg & Associates
- Case Identification: 2:25-cv-00595, N.D. Ala., 04/18/2025
- Venue Allegations: Venue is based on Defendant maintaining a regular and established business presence in the Northern District of Alabama, including physical branch locations and employees, and specifically targeting customers within the district.
- Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, which are alleged to comply with the "Sheltered Harbor" financial industry standard, infringe four patents related to methods for securely filtering, extracting, storing, and managing sensitive data in distributed computing systems.
- Technical Context: The technology concerns granular data security and survivability, a critical function in the financial services industry for protecting sensitive customer account information from catastrophic cyberattacks and ensuring operational continuity.
- Key Procedural History: The complaint does not reference prior litigation or post-grant proceedings. It does, however, frame the development of the financial industry's "Sheltered Harbor" standard, beginning in 2015, as evidence that the patented technology was non-obvious and unconventional at its 2007 priority date.
Case Timeline
| Date | Event |
|---|---|
| 2007-01-05 | Earliest Priority Date for all Patents-in-Suit |
| 2015-04-21 | U.S. Patent No. 9,015,301 Issued |
| 2015-01-01 | "Sheltered Harbor" industry initiative launched |
| 2017-08-15 | U.S. Patent No. 9,734,169 Issued |
| 2019-01-15 | U.S. Patent No. 10,182,073 Issued |
| 2019-04-02 | U.S. Patent No. 10,250,639 Issued |
| 2025-04-18 | Complaint Filed |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 9,015,301 - "Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor"
- Patent Identification: U.S. Patent No. 9,015,301, "Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor," issued April 21, 2015.
The Invention Explained
- Problem Addressed: The patent's background describes several deficiencies in data management as of the priority date, including the difficulty of managing unstructured content, the inefficiency of classifying sensitive data, the vulnerability of open enterprise ecosystems, and the inability to address the changing sensitivity value of information over its lifecycle (’301 Patent, col. 1:31-2:61).
- The Patented Solution: The invention proposes a method for organizing and processing data in a distributed system by using a plurality of "designated categorical filters" to identify and obtain "select content" (important data) from a larger data stream. This select content is then stored in corresponding "select content data stores," and specific data processes (e.g., copying, archiving, distributing) are associated with the activated filter, allowing for granular control over sensitive information. (’301 Patent, Abstract; col. 3:23-4:11).
- Technical Importance: This content-centric approach represented a shift from managing entire files to managing the specific sensitive information within them, thereby enabling more robust and flexible security and data management protocols (Compl. ¶27).
Key Claims at a Glance
- The complaint asserts independent claim 25 (Compl. ¶99).
- The essential elements of claim 25 include:
- A method of organizing and processing data in a distributed computing system having select content important to an enterprise.
- Providing a plurality of select content data stores operative with a plurality of designated categorical filters.
- Activating at least one filter and processing a data input to obtain and store aggregated select content in a corresponding data store.
- Associating at least one data process (from a group including copy, extract, archive, distribution, and destruction) with the activated filter.
- Applying the associated data process to a further data input based on the result of processing by the activated filter.
- The step of activating the filter can be automatic (time-based, condition-based, or event-based) or manual.
U.S. Patent No. 9,734,169 - "Digital Information Infrastructure and Method for Security Designated Data and with Granular Data Stores"
- Patent Identification: U.S. Patent No. 9,734,169, "Digital Information Infrastructure and Method for Security Designated Data and with Granular Data Stores," issued August 15, 2017.
The Invention Explained
- Problem Addressed: The patent addresses the need to secure sensitive data within distributed, and potentially open, computer systems, where such data is vulnerable to unauthorized access and misuse (’169 Patent, col. 1:17-2:25).
- The Patented Solution: The invention describes a method implemented in a "distributed cloud-based computing system" that separates data into "security designated data" and "remainder data." It provides a plurality of "select content data stores" for the sensitive data and "granular data stores" for the remainder. A cloud-based server manages access to these stores via specific access controls, ensuring that both the extracted sensitive data and the parsed remainder data can only be withdrawn when authorized. (’169 Patent, Abstract; col. 3:28-4:9).
- Technical Importance: The claimed architecture provides a framework for secure data vaulting in a cloud or distributed environment, where sensitive information is parsed and segregated from non-sensitive information and protected by distinct access controls, a key principle of modern cyber-resilience strategies (Compl. ¶70).
Key Claims at a Glance
- The complaint asserts independent claim 1 (Compl. ¶130).
- The essential elements of claim 1 include:
- A method of organizing and processing data in a distributed cloud-based computing system.
- Providing a plurality of select content data stores, a plurality of granular data stores, and a cloud-based server, with access controls for each select content data store.
- Extracting and storing security designated data in the select content data stores.
- Activating a select content data store to permit access based on the application of access controls.
- Parsing remainder data not extracted and storing it in the granular data stores.
- Withdrawing the security designated data and the parsed remainder data only when the respective access controls are applied.
U.S. Patent No. 10,182,073 - "Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores"
- Patent Identification: U.S. Patent No. 10,182,073, "Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores," issued January 15, 2019.
- Technology Synopsis: The patent describes a method for creating a flexible information infrastructure where data throughput is processed using initially configured filters to identify sensitive and select content. A key aspect is the ability to alter these filters—by expanding, contracting, or reclassifying their scope—to generate modified filters that are then used to organize subsequent data throughput, allowing the system to adapt over time. (’073 Patent, Abstract).
- Asserted Claims: Independent claim 1 (Compl. ¶166).
- Accused Features: The accused systems are alleged to infringe by using and modifying "protection policies" (the claimed filters) to define, identify, and extract select content for secure storage, and then applying these modified policies to subsequent backup and vaulting operations (Compl. ¶183, ¶185).
U.S. Patent No. 10,250,639 - "Information Infrastructure Management Data Processing Tools for Processing Data Flow with Distribution Controls"
- Patent Identification: U.S. Patent No. 10,250,639, "Information Infrastructure Management Data Processing Tools for Processing Data Flow with Distribution Controls," issued April 2, 2019.
- Technology Synopsis: This patent discloses a method for "sanitizing" data in a distributed system. The method involves extracting sensitive content based on its sensitivity level and associated security clearance, storing it in secure "extract data stores," and then using a combination of content, contextual, and taxonomic filters to "inference" the data, thereby creating sanitized versions for secure handling while separating it from non-extracted remainder data. (’639 Patent, Abstract).
- Asserted Claims: Independent claim 16 (Compl. ¶193).
- Accused Features: The accused systems allegedly infringe by extracting sensitive financial data based on security levels (e.g., "critical account data"), storing it in secure data vaults (the claimed "extract data stores"), and using filters to create sanitized backup versions for disaster recovery, separate from production data (Compl. ¶198, ¶217, ¶219).
III. The Accused Instrumentality
- Product Identification: The accused instrumentalities are the data backup and disaster recovery systems and methods that Defendant SouthPoint Bank makes, owns, operates, or controls (Compl. ¶96). The complaint alleges these systems are compliant with the "Sheltered Harbor" specification or provide "substantially equivalent functionality" (Compl. ¶96).
- Functionality and Market Context: The complaint alleges the accused systems function by extracting "critical customer account data," converting it to the Sheltered Harbor industry-standard format, and transmitting it to a secure, immutable, and isolated "data vault" for protection against catastrophic data loss (Compl. ¶70, ¶77). The complaint references the Dell PowerProtect Cyber Recovery solution as an exemplary system that implements the Sheltered Harbor standard (Compl. ¶72). A diagram from Dell's marketing materials illustrates this architecture, showing data extraction from a "Production Environment" and replication to an "Air-gapped" "Data Vault Environment" (Compl. ¶73, p. 31). "Sheltered Harbor" is described as a financial industry-driven initiative launched in 2015 to promote the stability of U.S. financial markets by ensuring critical customer data can be recovered after a severe cyberattack (Compl. ¶63).
IV. Analysis of Infringement Allegations
9,015,301 Infringement Allegations
| Claim Element (from Independent Claim 25) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| A method of organizing and processing data in a distributed computing system having select content important to an enterprise operating said distributed computing system... | Defendant's systems manage and protect critical customer financial account data for the bank. | ¶100, ¶102 | col. 13:26-31 |
| providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters... | The accused systems provide a "data vault" with multiple data stores that operate with "protection policies" (filters) to identify and protect critical data. A diagram in the complaint illustrates a "Cyber Recovery Vault" containing distinct storage for "Copy," "Lock," and "Analyze" functions. | ¶105, ¶107, p. 50 | col. 13:34-40 |
| activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content... as aggregated select content | The systems activate protection policies to extract critical financial account information based on contextual or taxonomic associations, such as tags grouping assets by department. | ¶109, ¶111 | col. 13:41-48 |
| storing said aggregated select content for said at least one categorical filter in said corresponding select content data store | The extracted critical account data is stored in corresponding storage units within the secure data vault. | ¶113, ¶114 | col. 13:49-52 |
| associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process | The systems associate data processes like backup (copying/archiving) and recovery (distribution) with the extracted critical data according to established policies. | ¶116, ¶117 | col. 4:1-6 |
| applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter utilizing said aggregated select content data | Once a protection policy is established, all subsequent data inputs (e.g., new customer data) are processed in the same way under that policy. | ¶119, ¶120 | col. 4:7-11 |
| said activating a designated categorical filter, which encompasses an automatic activation or a manual activation and said automatic activation is time-based, distributed computer system condition-based, or event-based | System processing (e.g., nightly backups) is performed automatically at a designated time, upon a designated condition (detection of new data), or manually on demand. | ¶122, ¶123 | col. 14:43-52 |
9,734,169 Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| A method of organizing and processing data... in a distributed cloud-based computing system having select content represented by one or more predetermined words... | The accused systems are allegedly cloud-based or hybrid-cloud systems that process critical customer financial account data. | ¶131, ¶133, ¶134 | col. 132:13-17 |
| providing in said distributed cloud-based computing system: (i) a plurality of select content data stores... (ii) a plurality of granular data stores; and (iii) a cloud-based server, each select content data store having respective access controls thereat | The accused systems provide a secure "data vault" (select content stores) and production/backup systems (granular data stores), with a server managing access via credentials and multi-factor authentication. An architectural diagram shows a "Data Center" and separate "Cyber Recovery Vault." | ¶137, ¶140, p. 65 | col. 132:18-25 |
| (with respect to data processed by said cloud-based system) extracting and storing said security designated data in respective select content data stores | Protection policies are used to extract critical financial data and store it in the secure data vault. | ¶144, ¶147 | col. 132:26-29 |
| activating at least one of said select content data stores... thereby permitting access... based upon an application of one or more of said access controls thereat | The data vault is safeguarded by security measures, including strict credential-controlled access and multi-factor authentication, which must be applied to access the stored data. | ¶149, ¶150 | col. 132:30-35 |
| parsing remainder data not extracted... and storing the parsed data in respective granular data stores | Remainder data (non-critical data) is stored in production and backup systems, which are separate from the data vault. A diagram shows "Production Workloads" and "Backup Workloads" as distinct from the vault. | ¶152, ¶153, p. 74 | col. 132:36-39 |
| withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto | Data can only be withdrawn from the data vault for restoration after satisfying strict access controls, as is necessary during a recovery event. | ¶158, ¶159 | col. 132:40-45 |
- Identified Points of Contention:
- Scope Questions: A primary issue may be whether the industry-standard processes and data structures of the "Sheltered Harbor" specification, such as creating an "air-gapped" backup of "critical account data," fall within the scope of the patent terms "categorical filters" and "select content data stores." The defense may argue that the patents describe a more general, dynamic data filtering system, whereas Sheltered Harbor is a specific, pre-defined disaster recovery protocol.
- Technical Questions: The complaint's allegations are based on the public-facing descriptions of the Sheltered Harbor standard and exemplary compliant products. A key question for the court will be whether discovery reveals that Defendant's specific, non-public implementation actually performs every step of the asserted claims. For instance, what evidence demonstrates that Defendant's system "applies the associated data process to a further data input" as required by claim 25 of the ’301 Patent, or that it specifically "parses remainder data" and stores it in separate "granular data stores" as required by claim 1 of the ’169 Patent.
V. Key Claim Terms for Construction
- The Term: "categorical filters" (’301 Patent, Claim 25)
- Context and Importance: This term is the central mechanism for selecting data in the asserted method. The Plaintiff's entire infringement theory rests on equating the rules, policies, and standards of the Sheltered Harbor specification with these "categorical filters." Its construction will determine whether the accused industry-standard systems can be found to practice the claimed invention.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The specification states that designated categorical filters include "content-based filters, contextual filters and taxonomic classification filters" (’301 Patent, col. 13:35-37). This language may support an interpretation that covers any rule-based system for selecting data based on its content, context, or classification, such as the Sheltered Harbor rule to "extract critical account data" (Compl. ¶70).
- Evidence for a Narrower Interpretation: The patent depicts a specific architecture with distinct filter modules (e.g., Content Filter Mod 20, Contextual Filter Mod 21, Taxonomic Filter Mod 22) (’301 Patent, Fig. 1a). A defendant may argue that the term should be limited to systems embodying this more complex, multi-filter module structure rather than a simpler policy of backing up a pre-defined data set.
- The Term: "distributed cloud-based computing system" (’169 Patent, Claim 1)
- Context and Importance: This term defines the environment of the invention. The accused systems are secure data vaults, which are often physically isolated ("air-gapped") and may be on-premises, in a private cloud, or in a hybrid environment. Whether such architectures qualify as "cloud-based" will be a critical issue.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The patent does not provide a specific definition, leaving the term open to its plain and ordinary meaning at the time. This could encompass private and hybrid cloud models where computing resources are distributed and accessed over a network, which aligns with the complaint's allegation that Dell's compliant solution can be deployed on various cloud platforms (Compl. ¶133).
- Evidence for a Narrower Interpretation: The defense may argue that "cloud-based" implies a reliance on third-party, multi-tenant public cloud infrastructure (e.g., AWS, Azure). They could contend that a private, air-gapped vault within an enterprise's own data center is a distributed system but not a "cloud-based" one as the term is commonly understood, potentially designing around the claim.
VI. Other Allegations
- Indirect Infringement: The complaint does not plead separate counts for induced or contributory infringement, focusing instead on allegations of direct infringement by Defendant for making, using, and controlling the accused systems (Compl. ¶99, ¶130).
- Willful Infringement: The complaint includes a specific count for "Knowledge and Willfulness" (Compl. ¶¶227-229). Willfulness is alleged based on Defendant’s actual notice upon service of the complaint. The complaint also alleges pre-suit knowledge dating back to at least September 30, 2014, based on arguments allegedly made during the prosecution of Defendant's own patent applications (Compl. ¶228). Furthermore, it alleges willful blindness, stating on information and belief that Defendant has a "policy or practice of not reviewing the patents of others" (Compl. ¶229).
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of definitional scope: can the patent term "categorical filters," which describes a dynamic means of classifying and selecting data, be construed to cover the more rigid, pre-defined rules of the "Sheltered Harbor" industry standard, which mandates the backup of a specific set of "critical account data"? The viability of the infringement case largely depends on this interpretation.
- A second central question will be one of technical equivalence and proof: the complaint bases its allegations on public descriptions of an industry standard. The case will likely turn on whether discovery uncovers evidence that Defendant's specific, internal data-vaulting architecture performs each granular step of the asserted claims, or if there is a fundamental mismatch between the patented methods and the actual operation of the accused disaster recovery systems.