DCT
2:25-cv-03997
DigitalDoors Inc v. 1ST Bank Yuma
Key Events
Complaint
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: DigitalDoors, Inc. (Florida)
- Defendant: 1st Bank Yuma (Arizona)
- Plaintiff’s Counsel: Bycer & Marion
- Case Identification: 2:25-cv-03997, D. Ariz., 10/24/2025
- Venue Allegations: Plaintiff alleges venue is proper in the District of Arizona because Defendant is headquartered there and maintains regular and established places of business within the district.
- Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, which are alleged to comply with the financial industry’s “Sheltered Harbor” standard, infringe four patents related to methods for filtering, separating, and securely storing sensitive data in distributed computing environments.
- Technical Context: The lawsuit concerns technologies for data resiliency and cybersecurity, a critical area for the financial services industry, which must protect sensitive customer account information from catastrophic data loss events like cyberattacks.
- Key Procedural History: The complaint does not mention any prior litigation, Inter Partes Review (IPR) proceedings, or other significant procedural events related to the patents-in-suit.
Case Timeline
| Date | Event |
|---|---|
| 2007-01-05 | Earliest Priority Date for all Patents-in-Suit |
| 2015-04-21 | U.S. Patent No. 9,015,301 Issues |
| 2015-01-01 | Sheltered Harbor initiative launched |
| 2017-08-15 | U.S. Patent No. 9,734,169 Issues |
| 2019-01-15 | U.S. Patent No. 10,182,073 Issues |
| 2019-04-02 | U.S. Patent No. 10,250,639 Issues |
| 2025-06-20 | Plaintiff sends notice letter to Defendant |
| 2025-10-24 | Complaint Filed |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 9,015,301 - Information Infrastructure Management Tools with Extractor, Secure Storage, Analysis and Classification and Method Therefor
The Invention Explained
- Problem Addressed: The patent describes the challenge of managing and securing sensitive information within enterprise systems that handle large volumes of both structured and unstructured data. Conventional methods focused on securing entire files, which was inefficient, inflexible, and ill-suited for "open-information ecosystems" with numerous access points. These methods also struggled to adapt to the changing sensitivity level of information over its lifecycle (’301 Patent, col. 1:31-2:61).
- The Patented Solution: The invention proposes a method that shifts from managing files to managing the content within them. It uses a system of "categorical filters" (e.g., content-based, contextual, and taxonomic) to automatically identify and extract specific, important pieces of data ("select content") from a larger data stream. This extracted content is then stored in secure, distributed data stores, allowing for granular control over data access, processing, and eventual reconstruction based on defined policies and user permissions (’301 Patent, Abstract; col. 3:17-4:35).
- Technical Importance: This content-centric approach was designed to offer enhanced security and flexibility over traditional file-based systems by enabling organizations to isolate and protect their most critical data assets at a granular level, improving resilience and control (Compl. ¶13).
Key Claims at a Glance
- The complaint asserts at least independent claim 25 (Compl. ¶119).
- The essential elements of Claim 25 include:
- Providing a plurality of select content data stores operative with a plurality of designated categorical filters.
- Activating at least one filter and processing a data input through it to obtain "aggregated select content," which includes contextually and taxonomically associated content.
- Storing the aggregated select content in a corresponding data store.
- Associating a data process (e.g., copy, extract, archive) with the activated filter.
- Applying that associated data process to subsequent data inputs processed by the same filter.
- The filter activation can be automatic (time-based, condition-based, or event-based) or manual.
U.S. Patent No. 9,734,169 - Digital Information Infrastructure and Method for Securing Designated Data and With Granular Data Stores
The Invention Explained
- Problem Addressed: The patent addresses the need for secure data storage and recovery in distributed computing systems, particularly in cloud environments where data is stored across multiple locations. The core problem is how to protect sensitive data from unauthorized access or catastrophic loss while maintaining the ability to reconstruct it when needed (’169 Patent, Abstract; col. 1:24-2:65).
- The Patented Solution: The claimed method involves processing data to separate it into two categories: "security designated data" (sensitive content) and "remainder data." The sensitive data is stored in secure "select content data stores" with specific access controls. The remainder data is parsed (either randomly or algorithmically) and stored separately in "granular data stores." A cloud-based server manages the system, and an authorized processor can withdraw and combine data from both types of stores to reconstruct the original information, subject to security verification (’169 Patent, Abstract; col. 3:25-4:24).
- Technical Importance: This architecture provides a security model for cloud-based systems by physically and logically separating sensitive data from non-sensitive data, reducing the attack surface and minimizing the impact of a breach of any single data store.
Key Claims at a Glance
- The complaint asserts at least independent claim 1 (Compl. ¶152).
- The essential elements of Claim 1 include:
- Providing a distributed cloud-based system comprising: (i) select content data stores, (ii) granular data stores, and (iii) a cloud-based server.
- Extracting and storing security designated data in the select content data stores.
- Activating access to the select content data stores based on access controls.
- Parsing the remaining data and storing it in the granular data stores.
- Withdrawing data from both store types only when the respective access controls are satisfied.
U.S. Patent No. 10,182,073 - Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores
The Invention Explained
This patent describes a method for creating a secure information infrastructure by processing data with a plurality of filters to identify sensitive and select content. The invention emphasizes that these filters are not static; they can be altered (expanded, contracted, or re-classified) by an operator to modify how data is identified and organized, and the system then uses these "modified configured filters" for subsequent data processing (’073 Patent, Abstract; claim 1).
Key Claims at a Glance
- Asserted Claims: At least independent claim 1 is asserted (Compl. ¶192).
- Accused Features: The complaint alleges that the accused systems use "protection policies" that function as the claimed filters and that these policies can be modified by the bank to change how data is identified, extracted, and vaulted (Compl. ¶¶ 212, 213). A screenshot from a Dell instructional video showing a user interface for selecting and modifying filter options is provided as evidence (Compl. ¶214, p. 88).
U.S. Patent No. 10,250,639 - Information Infrastructure Management Data Processing Tools for Processing Data Flow with Distribution Controls
The Invention Explained
This patent focuses on a method for "sanitizing" data processed in a distributed system. The method involves extracting sensitive content based on its sensitivity level and storing it in a secure "extract store," thereby creating "sanitized" data from the non-extracted remainder. The invention further claims the step of "inferencing" this sanitized data using content, contextual, and taxonomic filters to obtain analytical insights without exposing the original sensitive information (’639 Patent, Abstract; claim 16).
Key Claims at a Glance
- Asserted Claims: At least independent claim 16 is asserted (Compl. ¶223).
- Accused Features: The accused data vaulting systems are alleged to perform the claimed sanitization by extracting critical customer account data (sensitive content) for secure storage in an isolated vault, thereby creating a sanitized version of the remaining production data that is protected from a catastrophic event (Compl. ¶¶ 248, 249).
III. The Accused Instrumentality
Product Identification
The complaint identifies the "Accused Instrumentalities" as the systems and methods operated by Defendant 1st Bank Yuma for data backup, security, and disaster recovery (Compl. ¶112). These are not identified as a specific product line but are characterized as being compliant with the financial industry’s “Sheltered Harbor” data vaulting standard or a functional equivalent thereof (Compl. ¶111).
Functionality and Market Context
The complaint alleges that, in line with the Sheltered Harbor standard, the accused systems perform daily backups of critical customer account information (Compl. ¶¶ 7, 85). This process allegedly involves extracting this critical data, converting it to a standard format, and transmitting it to an extremely secure, isolated, and immutable "data vault" that is "air-gapped" from the bank's primary production and backup networks (Compl. ¶¶ 84, 91). The complaint provides a diagram from a Dell Technologies solution brief, an exemplary Sheltered Harbor-compliant system, showing data being extracted from a "Production Environment" and replicated to a "Data Vault Environment" across an "Air-gap" (Compl. ¶87, p. 31). The purpose of this architecture is to ensure that a financial institution can recover critical customer data and resume basic operations even if its primary systems are completely compromised by a severe cyberattack (Compl. ¶80).
IV. Analysis of Infringement Allegations
U.S. Patent No. 9,015,301 Infringement Allegations
| Claim Element (from Independent Claim 25) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters... | Defendant’s system provides a "data vault" with multiple secure data stores (for Backup, Copy, Lock, Analyze) that operate with "protection policies" which function as categorical filters to identify data for protection. | ¶127-129 | col. 13:35-40 |
| activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and... contextually associated select content and taxonomically associated select content, as aggregated select content; | The system activates protection policies (filters) to extract critical financial account information. This extracted data is allegedly associated contextually or taxonomically, for instance by using aggregated tags or metadata to group related assets. | ¶131-133 | col. 13:41-47 |
| storing said aggregated select content for said at least one categorical filter in said corresponding select content data store; | The extracted critical account data is stored in designated storage units within the secure data vault. | ¶135, 136 | col. 13:48-51 |
| associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process... | The system associates data processes like backup (copy/archive) and vaulting (extract) with the selected content, as defined by the enterprise's policies. | ¶138, 139 | col. 13:52-57 |
| applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter... | Once a protection policy is established, all subsequent data inputs matching that filter (e.g., new customer data) are processed in the same way (e.g., copied to the vault nightly). | ¶141, 142 | col. 13:58-63 |
| wherein activating said designated categorical filter encompasses an automatic activation... time-based, distributed computer system condition-based, or event-based. | Processing occurs automatically at a designated time interval (nightly), upon a condition (detection of new assets), or event. | ¶144-146 | col. 14:1-5 |
Identified Points of Contention:
- Scope Questions: The complaint's theory relies on equating industry-standard "protection policies" with the patents' "categorical filters." A central question may be whether the term "categorical filters," in the context of the patent, requires the more sophisticated semantic and knowledge-based analysis described in the specification (e.g., using a "Knowledge Expander") or if it can be read to cover the rule-based filtering (e.g., by file type, name, or location) common in modern backup systems.
- Technical Questions: Claim 25 requires obtaining "contextually and taxonomically associated select content." It may be disputed whether the alleged use of metadata and tags in the accused systems (Compl. ¶133) satisfies this specific limitation, or if it is merely a way of organizing files rather than associating the underlying content in the manner claimed.
U.S. Patent No. 9,734,169 Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| providing in said distributed cloud-based computing system: (i) a plurality of select content data stores...; and (ii) a plurality of granular data stores; and (iii) a cloud-based server... | The accused system is described as a cloud-based architecture comprised of (i) a secure "data vault" (select content stores) and (ii) the bank's production and backup systems (granular data stores), managed by servers. | ¶162-165, 168 | col. 3:28-44 |
| (with respect to data processed by said cloud-based system) extracting and storing said security designated data in respective select content data stores; | The system extracts critical customer account data and stores it in the secure, isolated data vault. A provided diagram illustrates this data extraction and storage in a separate "CR Vault." | ¶169, 170 | col. 4:5-8 |
| activating at least one of said select content data stores... thereby permitting access... based upon an application of one or more of said access controls thereat; | Access to the data vault is strictly controlled, requiring credentials and multi-factor authentication, which function as the claimed access controls. | ¶175, 176 | col. 4:9-14 |
| parsing remainder data not extracted... and storing the parsed data in respective granular data stores; | Remainder data (data not extracted for the vault) is stored in the production and backup systems, which serve as the granular data stores. | ¶178, 179 | col. 4:15-17 |
| including both (i) randomly parsing and storing said remainder data, and (ii) parsing and storing said remainder data according to a predetermined algorithm... | Data traffic to and from the vault, as well as data within the production environment, is allegedly encrypted, which the complaint equates with random or algorithmic parsing. | ¶181, 182 | col. 4:18-22 |
| withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls... | The purpose of the system is emergency restoration, which involves withdrawing data from the vault and production systems, a process governed by strict security and access controls. | ¶184, 185 | col. 4:23-27 |
Identified Points of Contention:
- Scope Questions: The claim requires a "distributed cloud-based computing system." The accused systems may be on-premises, hybrid, or use a public cloud (Compl. ¶158). The construction of "cloud-based" and whether it reads on the Defendant's specific architecture could be a key issue.
- Technical Questions: A significant question may arise from the mapping of the accused architecture to the claim terms. The complaint maps the "production and backup systems" to the "granular data stores" where "remainder data" is stored (Compl. ¶178). A defendant may argue that its primary production system is not merely a store for "remainder data" but is the source of all data, raising a potential mismatch with the claim's architectural sequence.
V. Key Claim Terms for Construction
"activating at least one of said designated categorical filters" (’301 Patent, Claim 25)
- Context and Importance: This term is central to the infringement analysis, as it describes the core action of the claimed method. The complaint alleges that establishing and running a "protection policy" in the accused systems constitutes "activating" a "categorical filter" (Compl. ¶¶ 102, 132). Practitioners may focus on this term to dispute whether the routine, automated execution of a backup policy meets the inventive step of "activating" a filter to "obtain" select content, as described in the patent.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The patent states that activation can be "automatic or manual" and that automatic activation can be "time-based (2:00 AM every day), distributed computer system condition-based..., or event-based" (’301 Patent, col. 14:1-5). This language may support the view that a scheduled nightly backup job falls within the scope of "activating."
- Evidence for a Narrower Interpretation: The specification often describes the filters as part of a more dynamic process of analysis and extraction, linked to a "knowledge expander" or an "inference engine" (’301 Patent, col. 26:49-27:2). A defendant may argue that "activating" implies more than just running a pre-set backup job, but rather engaging a more sophisticated analytical process to parse the data.
"parsing remainder data" (’169 Patent, Claim 1)
- Context and Importance: This step defines what happens to the data that is not extracted into the secure vault. The complaint alleges that the encryption of data within the production environment and during transmission constitutes the claimed "parsing" (Compl. ¶¶ 181, 182). The validity of this technical equivalence will be a critical point of contention.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The patent does not appear to provide a specific definition of "parsing" that would exclude encryption. The claim itself allows for both "randomly parsing" and "parsing... according to a predetermined algorithm," which could arguably encompass different forms of data transformation, including encryption.
- Evidence for a Narrower Interpretation: The term "parsing" typically refers to breaking data down into smaller syntactic components. The patent discusses data dispersal algorithms and breaking data into "smaller and more granular pieces" (’169 Patent, col. 15:53-55). A defendant may argue that encryption, which transforms data without necessarily breaking it into separate logical pieces, is a distinct technical process from "parsing" as contemplated by the patent.
VI. Other Allegations
- Indirect Infringement: The complaint does not plead separate counts for induced or contributory infringement, focusing instead on allegations that the Defendant directly infringes by making, using, and controlling the accused data vaulting systems (Compl. ¶¶ 119, 152, 192, 223).
- Willful Infringement: The complaint alleges that Defendant had pre-suit knowledge of the patents-in-suit. It states that on June 20, 2025, Plaintiff sent Defendant a letter identifying the patents, providing copies, and offering to provide claim charts demonstrating infringement (Compl. ¶115). The complaint further alleges that Defendant's counsel acknowledged receiving the letter but took no further action, and that any subsequent infringement is therefore willful and deliberate (Compl. ¶¶ 116, 148).
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of definitional scope: can the patents' claim terms, such as "categorical filters" and "taxonomically associated content," which are rooted in a specific architecture for granular content analysis, be construed broadly enough to cover the more generalized "protection policies" and rule-based data management functions of industry-standard disaster recovery systems?
- A key evidentiary question will be one of architectural equivalence: does the accused two-part "production environment" and "air-gapped vault" architecture, designed for business continuity, map onto the patents' claimed structures of "select content data stores" and "granular data stores," particularly regarding the claimed steps of handling "remainder data"?
- The case may also hinge on a question of infringing act: does a financial institution's implementation and operation of a commercially available, industry-standard data protection framework constitute "making" or "using" the patented methods, or is the bank merely an end-user of a system whose infringement, if any, lies with the technology provider?