DCT
2:22-cv-00018
TD Professional Services v. TRUYO Inc
Key Events
Complaint
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: TD Professional Services, an Arizona Limited Liability Corporation (Arizona)
- Defendant: TRUYO Inc (Arizona); INTRAEDGE Inc (Delaware)
- Plaintiff’s Counsel: The Entrekin Law Firm
- Case Identification: 2:22-cv-00018, D. Ariz., 01/06/2022
- Venue Allegations: Venue is asserted based on Defendants being residents of the judicial district, maintaining a regular place of business, and having committed alleged acts of infringement within the district.
- Core Dispute: Plaintiff alleges that Defendants’ data privacy compliance platform infringes patents related to a computer architecture that uses a blockchain-based immutable audit ledger to demonstrate compliance with data regulations.
- Technical Context: The technology operates in the domain of data privacy and regulatory compliance, addressing the technical challenges for businesses to manage personal data and prove adherence to regulations like the EU's GDPR and California's CCPA.
- Key Procedural History: The complaint alleges a prior business relationship where the inventor disclosed the patented technology to Defendant Intraedge under a non-disclosure agreement and a term sheet for commercialization. Plaintiff alleges Defendants subsequently misappropriated the technology and began selling it through a newly formed subsidiary, Truyo. Plaintiff also alleges providing Defendants with written notice of the patents and infringement on June 24, 2020.
Case Timeline
| Date | Event |
|---|---|
| 2017-04-19 | Inventor Hines signs non-disclosure agreement with Intraedge |
| 2017-09-18 | Intraedge signs term sheet to license Hines' technology |
| 2018-03-23 | Priority Date for ’062 and ’833 Patents |
| 2019-04-02 | ’833 Patent continuation application filed |
| 2019-05-28 | ’062 Patent issued |
| 2020-04-21 | ’833 Patent issued |
| 2020-06-24 | Plaintiff provides written notice of patents and infringement to Defendants |
| 2022-01-06 | Complaint Filed |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 10,304,062 - Computer Architecture Incorporating Blockchain Based Immutable Audit Ledger for Compliance with Data Regulations
(Issued May 28, 2019; ’062 Patent)
The Invention Explained
- Problem Addressed: The patent’s background section describes the significant technical and financial burdens placed on organizations ("Data Controllers") by data protection regulations like GDPR, noting that fundamental limitations in existing data processing technology are an obstacle to compliance (’062 Patent, col. 1:11-24; col. 2:1-5).
- The Patented Solution: The invention proposes a computer system architecture to ensure and demonstrate compliance. The system intercepts a data input stream (e.g., from a sales transaction) and splits it. A "compliance device driver" identifies regulated data, generates "pseudonymized" (partially anonymized) data, and sends it for verification and storage in a blockchain-based "immutable audit ledger." Simultaneously, the original, unaltered data stream is sent to a separate "data lake." This creates a verifiable, auditable record of compliance transactions without exposing raw personal data in the primary audit trail (’062 Patent, Abstract; Fig. 1; col. 2:26-50).
- Technical Importance: This architecture was designed to provide an automated and verifiably secure method for companies to meet the stringent record-keeping and privacy requirements of new data regulations (’062 Patent, col. 2:11-24).
Key Claims at a Glance
- The complaint asserts independent claims 1 and 17 (Compl. ¶82).
- Independent Claim 1 (System Claim) Elements:
- A data collection terminal to receive a data input stream.
- A data input device and data output device resident in the terminal.
- A compliance device driver that:
- selects "in-scope" data corresponding to pre-identified fields determined by regulations, by identifying markup language tags.
- applies a compliance markup language parser to generate "pseudonymized data" from the in-scope data.
- An automated compliance network appliance that receives the pseudonymized data and transmits it in batches to blockchain miners, and also transmits the raw data input stream to the Internet.
- An automated compliance server that:
- receives the raw data stream and stores it in a data lake.
- simultaneously receives verified blockchain blocks and stores them in a "blockchain derived immutable audit ledger," which certifies the data in the data lake is correct and unaltered.
- Independent Claim 17 (Method Claim) Elements:
- Collecting a data input stream with a data collection terminal.
- Selecting in-scope data from the stream based on compliance markup tags.
- Applying a compliance markup language parser to generate pseudonymized data.
- Transmitting the pseudonymized data in batches to blockchain miners.
- Transmitting the raw data input stream into a data lake.
- Simultaneously receiving verified blockchain blocks.
- Storing the blocks in a blockchain derived immutable audit ledger.
- Hosting portals for accessing the data lake and the immutable audit ledger.
- The complaint reserves the right to assert dependent claims 2, 9, and 12 (Compl. ¶82).
U.S. Patent No. 10,628,833 - Computer Architecture Incorporating Blockchain Based Immutable Audit Ledger for Compliance with Data Regulations
(Issued April 21, 2020; ’833 Patent)
The Invention Explained
- Problem Addressed: As a continuation of the application for the ’062 Patent, the ’833 Patent addresses the same problem of providing a technical solution for organizations to comply with complex data protection regulations (’833 Patent, col. 1:21-25; col. 2:11-14).
- The Patented Solution: The ’833 Patent describes the same computer architecture, comprised of a data collection terminal, a compliance driver to parse data and create pseudonymized versions, a network appliance, and a server that manages the distinct storage of raw data in a data lake and verified, pseudonymized transaction data in an immutable blockchain ledger (’833 Patent, Abstract; col. 2:36-61).
- Technical Importance: The solution provides a framework for creating tamper-evident compliance records, a critical need for industries handling sensitive consumer data under new regulatory regimes (’833 Patent, col. 2:15-20).
Key Claims at a Glance
- The complaint asserts independent claims 1 and 18 (Compl. ¶90).
- Independent Claim 1 (System Claim) Elements: The elements are substantially identical to those of Claim 1 of the ’062 Patent, as described above, reciting a data collection terminal, compliance device driver, network appliance, and compliance server performing the dual storage functions.
- Independent Claim 18 (Method Claim) Elements: The elements are substantially identical to those of Claim 17 of the ’062 Patent, as described above, reciting the method of collecting, selecting, pseudonymizing, and separately transmitting data to a data lake and a blockchain ledger.
- The complaint reserves the right to assert dependent claims 2, 9, and 11 (Compl. ¶90).
III. The Accused Instrumentality
Product Identification
- The "Intraedge/Truyo platform," which was initially named "GDPREdge" and later "Truyo" (Compl. ¶¶43, 59).
Functionality and Market Context
- The accused instrumentality is a software platform marketed to corporate clients to provide compliance with data regulations (Compl. ¶¶23, 59). The complaint alleges that the platform functions as a "computer system architecture" that, in client implementations, uses a "data collection terminal" such as an API to receive a data input stream (Compl. ¶¶59, 62-63). It is alleged to apply a "compliance markup language parser" to generate "pseudonymized data," transmit that data via a network appliance to "blockchain miners," and store raw data in a "data lake" while simultaneously storing verified blockchain blocks in an "immutable audit ledger" (Compl. ¶¶64-65, 68-70). The complaint states these functionalities are described on the Defendants' website and advertising (Compl. ¶¶27, 69-70). No probative visual evidence provided in complaint.
IV. Analysis of Infringement Allegations
’062 Patent Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| (a) a data collection terminal configured to receive a data input stream | The Intraedge/Truyo platform is a computer system architecture that comprises a data collection terminal (which may be an API) to receive a data input stream. | ¶59, ¶62 | col. 9:49-52 |
| (d) a compliance device driver resident in the data collection terminal...selects in-scope data...by identifying compliance mark up language tags...applies a compliance markup language parser...thereby generating pseudonymized data | The platform's driver/API selects in-scope data using compliance markup language and applies a parser to generate pseudonymized data from it. | ¶61, ¶64 | col. 10:1-8 |
| (e) an automated compliance network appliance...receiving the pseudonymized data...transmitting the pseudonymized data in batches to blockchain miners | The platform contains a network appliance that receives the pseudonymized data and transmits it in batches to blockchain miners. | ¶66-68 | col. 10:9-20 |
| (f) an automated compliance server...(2) storing the data input stream as raw...data in a data lake, while simultaneously...(4) storing the verified blockchain blocks in a blockchain derived immutable audit ledger | The platform's server receives data from the internet, stores raw data in a data lake, and simultaneously receives and stores verified blockchain blocks in an immutable audit ledger. | ¶69-70 | col. 10:21-39 |
’833 Patent Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| a data collection terminal configured to receive a data input stream | The Intraedge/Truyo platform is a computer system architecture that comprises a data collection terminal (which may be an API) to receive a data input stream. | ¶59, ¶62 | col. 11:13-16 |
| a compliance device driver resident in the data collection terminal...selects data...that corresponds to pre-identified data fields...applies a compliance markup language parser...thereby generating pseudonymized data | The platform's driver/API selects in-scope data and applies a parser to generate pseudonymized data from it. | ¶61, ¶64 | col. 11:46-62 |
| an automated compliance network appliance...receiving the pseudonymized data...transmitting the pseudonymized data in batches to blockchain miners | The platform contains a network appliance that receives the pseudonymized data and transmits it in batches to blockchain miners. | ¶66-68 | col. 11:63-67; col. 12:1-2 |
| an automated compliance server...(2) storing the data input stream in a data lake, (3) receiving blockchain blocks from miners, and (4) storing the blockchain blocks in an immutable audit leger | The platform's server stores raw data in a data lake, receives blockchain blocks, and stores them in an immutable audit ledger. | ¶69-70 | col. 12:5-13 |
- Identified Points of Contention:
- Scope Questions: The complaint alleges that an Application Programming Interface (API) serves as the claimed "data collection terminal" (Compl. ¶62). A potential point of contention is whether an API, a software interface, falls within the scope of a "terminal," a term the patent specification also uses to describe physical hardware like a "point of sale terminal" or "cash register" (’062 Patent, col. 4:46-49).
- Technical Questions: The infringement theory relies on the accused platform performing a dual-pathway data storage function: storing raw data in a "data lake" while "simultaneously" storing verified blocks in a "blockchain derived immutable audit ledger" (Compl. ¶¶69-70). A key factual question will be what evidence demonstrates that the accused platform performs these two distinct storage operations in the specific manner and relationship required by the claims. The complaint's reliance on "website and advertising" may be challenged with evidence of the platform's actual architecture and operation (Compl. ¶70).
V. Key Claim Terms for Construction
The Term: "data collection terminal"
Context and Importance: This term is foundational to the infringement claim, as it is the entry point for data into the claimed system. The allegation that the accused platform's API is a "data collection terminal" makes the construction of this term critical (Compl. ¶62). Practitioners may focus on this term because its definition will determine whether a purely software-based system can infringe a claim that uses hardware-associated language.
Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: Dependent claim 2 in both patents explicitly states, "The computer system architecture of claim 1, wherein the data collection terminal is a point of sale terminal, a webpage, a cash register, a check-in counter, a hand-held mobile device, or an API" (’062 Patent, col. 10:40-44; ’833 Patent, col. 12:14-18). This provides strong intrinsic support for construing "terminal" to include an API.
- Evidence for a Narrower Interpretation: The detailed description repeatedly provides examples of physical or user-facing interfaces, such as a "point of sale terminal, a webpage, a cash register, a check-in counter, a hand-held mobile device" (’062 Patent, col. 4:46-49). A party could argue these embodiments suggest the primary scope of "terminal" involves a more tangible or direct user-interaction component than a backend API.
The Term: "pseudonymized data"
Context and Importance: The generation of "pseudonymized data" is a core technical step that enables the invention's dual-storage approach. The dispute may turn on whether the accused platform's method of data transformation meets the specific definition required by the patent.
Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The specification provides a functional definition: "'pseudonymized data' is data in which most of the identifying fields within a data record are replaced within one or more artificial identifiers, or pseudonyms, thereby rendering the data less identifying" (’062 Patent, col. 5:11-15). This broad, purpose-oriented language could support a finding that various anonymization techniques meet the claim limitation.
- Evidence for a Narrower Interpretation: The specification immediately links this definition to a specific implementation: "the compliance markup language parser 15 scans the data subject receipt data stream 13 and identifies compliance markup language tags" to "identify, categorize, and forward data elements" (’062 Patent, col. 5:15-24). A party may argue that true "pseudonymization" under the patent requires the use of this specific tag-and-parser mechanism, not just any form of data replacement.
VI. Other Allegations
- Indirect Infringement: The complaint alleges inducement against both defendants. Intraedge is accused of inducing its alleged "alter ego," Truyo, and its customers by selling the platform (Compl. ¶78). Truyo is accused of inducing its customers to use the infringing platform (Compl. ¶79). The complaint alleges knowledge and intent, stating Defendants "know that the platform infringes the subject patents and intend for it to do so" (Compl. ¶76).
- Willful Infringement: Willfulness is alleged based on extensive pre-suit knowledge. The complaint cites the history of business negotiations, a non-disclosure agreement, a term sheet for commercialization, and direct written notice of the patents and infringement provided on June 24, 2020 (Compl. ¶¶29-43, 52, 80, 86). The continued sale of the accused platform after this notice is presented as evidence of willful conduct (Compl. ¶¶52, 86).
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of evidentiary proof: can Plaintiff produce technical evidence to demonstrate that the accused Truyo platform actually operates using the dual-pathway architecture of the asserted claims—specifically, the simultaneous and distinct storage of raw data in a "data lake" and verified, pseudonymized data in a "blockchain derived immutable audit ledger"? The case may depend on moving beyond marketing claims to the specific, underlying software architecture.
- The case will also turn on a question of claim construction: does a software component like an "API" constitute a "data collection terminal" as that term is used in the patents? While intrinsic evidence provides support for an inclusive definition, the resolution of this scope question will be critical to determining whether the largely software-based accused platform infringes claims rooted in system architecture language.
- Finally, a central theme will be the impact of the parties' prior relationship: beyond the technical aspects of infringement, the allegations of a business relationship breakdown and misappropriation of technology will be central to the claim for willful infringement. A key question for the factfinder will be whether the Defendants' conduct, if proven, constitutes the kind of egregious behavior that warrants enhanced damages.