DCT

2:25-cv-04001

DigitalDoors Inc v. Goldwater Bank NA

Log In
Key Events
Complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 2:25-cv-04001, D. Ariz., 10/24/2025
  • Venue Allegations: Plaintiff alleges venue is proper in the District of Arizona because Defendant is headquartered there and maintains a regular and established place of business within the district.
  • Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, which are alleged to be compliant with the financial industry’s “Sheltered Harbor” standard, infringe four patents related to methods of securely filtering, segmenting, storing, and reconstructing sensitive data in distributed computer networks.
  • Technical Context: The technology concerns granular data security and infrastructure resilience, a domain of critical importance to the financial services industry for protecting customer data and ensuring operational continuity in the face of catastrophic events like cyberattacks.
  • Key Procedural History: The complaint alleges that Defendant experienced a significant data breach in May 2021, which led to a class-action lawsuit. Plaintiff alleges it provided Defendant with actual notice of the patents-in-suit and detailed infringement allegations in letters dated June 20, 2025, and August 6, 2025, respectively, prior to filing this suit.

Case Timeline

Date Event
2007-01-05 Earliest Priority Date for all Patents-in-Suit
2015-04-21 U.S. Patent No. 9,015,301 Issued
2015-01-01 Sheltered Harbor initiative launched
2017-08-15 U.S. Patent No. 9,734,169 Issued
2019-01-15 U.S. Patent No. 10,182,073 Issued
2019-04-02 U.S. Patent No. 10,250,639 Issued
2021-05-21 Goldwater Bank experiences data breach
2022-04-20 Class action lawsuit filed against Goldwater Bank
2025-06-20 Plaintiff sends notice letter to Goldwater Bank
2025-08-06 Plaintiff sends detailed claim charts to Goldwater Bank
2025-10-24 Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301

  • Patent Identification: U.S. Patent No. 9,015,301, “Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor,” issued April 21, 2015 (’301 Patent).
  • The Invention Explained:
    • Problem Addressed: The patent background describes deficiencies in data management systems prior to 2007, including the difficulty of managing unstructured data, the inefficiency of data classification, the vulnerability of open-information ecosystems, and the inability to manage the changing sensitivity of data over its lifecycle (’301 Patent, col. 1:31-2:61).
    • The Patented Solution: The invention proposes a system for organizing and processing data by moving beyond managing whole files to managing the content within them (’301 Patent, col. 9:46-58). It uses a combination of filters (e.g., content-based, contextual, taxonomic) to automatically identify and extract specific "select content" from a larger data stream, associate data processes with that content (such as copying or archiving), and store the extracted content in designated, distributed data stores for enhanced security and controlled reconstruction (’301 Patent, Abstract; col. 3:24-4:14).
    • Technical Importance: The claimed approach represented a shift from file-level security to content-level security, allowing for granular control over sensitive data within a distributed architecture, which the complaint alleges was an unconventional improvement over prior art systems (Compl. ¶40).
  • Key Claims at a Glance:
    • The complaint asserts independent Claim 25 (Compl. ¶127).
    • The essential elements of Claim 25 include:
      • Providing a plurality of select content data stores operative with a plurality of designated categorical filters.
      • Activating at least one filter to process a data input and obtain "select content" that is contextually or taxonomically associated.
      • Storing the aggregated select content in a corresponding data store.
      • Associating a data process (e.g., copy, extract, archive) with the activated filter.
      • Applying that associated data process to further data inputs processed by the filter.
      • The activation of the filter can be automatic (time-based, condition-based, or event-based) or manual.

U.S. Patent No. 9,734,169

  • Patent Identification: U.S. Patent No. 9,734,169, “Digital Information Infrastructure and Method for Securing Designated Data and with Granular Data Stores,” issued August 15, 2017 (’169 Patent).
  • The Invention Explained:
    • Problem Addressed: The patent addresses the need for robust data security in distributed, cloud-based computing systems where data is vulnerable to unauthorized access or catastrophic loss (’169 Patent, col. 2:1-20).
    • The Patented Solution: The invention describes a cloud-based architecture that separates data into two types of storage: "select content data stores" for security-designated data and "granular data stores" for the non-extracted "remainder data" (’169 Patent, Abstract). A cloud-based server manages access controls, allowing an enterprise to extract critical data, store it securely and separately from the less sensitive remainder, and then withdraw and reconstruct the data only when authorized. This architectural separation enhances security by ensuring that compromising one set of data stores does not compromise the complete dataset (’169 Patent, Fig. 1a; col. 4:1-17).
    • Technical Importance: The technology provides a specific architectural solution for enhancing data security by physically and logically separating sensitive and non-sensitive data components within a distributed, cloud-accessible framework.
  • Key Claims at a Glance:
    • The complaint asserts independent Claim 1 (Compl. ¶160).
    • The essential elements of Claim 1 include:
      • Providing, in a distributed cloud-based system, a plurality of select content data stores, a plurality of granular data stores, and a cloud-based server.
      • Providing a communications network coupling these components.
      • Extracting and storing security-designated data in the select content data stores.
      • Activating a select content data store to permit access based on access controls.
      • Parsing the remainder data (not extracted) and storing it in the granular data stores.
      • Withdrawing the security-designated data and parsed data from their respective stores only when the respective access controls are applied.

Multi-Patent Capsules

  • Patent Identification: U.S. Patent No. 10,182,073, “Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores,” issued January 15, 2019 (’073 Patent).

  • Technology Synopsis: This invention relates to an information infrastructure that processes data using initially configured filters to identify and store sensitive and select content. The key inventive concept appears to be the ability to dynamically alter these filters—by expanding, contracting, or reclassifying their scope—and then generate modified filters to organize subsequent data throughput, allowing the system to adapt over time (’073 Patent, Abstract; col. 4:2-14).

  • Asserted Claims: Independent Claim 1 (Compl. ¶200).

  • Accused Features: The complaint alleges infringement by systems that allow an enterprise to define, run, monitor, and modify data processing policies, which dynamically alters the parameters for data extraction and storage (Compl. ¶¶220-221, 224). A screenshot from a Dell instructional video showing filter modification options is provided as an example (Compl. ¶221, p. 90).

  • Patent Identification: U.S. Patent No. 10,250,639, “Information Infrastructure Management Data Processing Tools for Processing Data Flow with Distribution Controls,” issued April 2, 2019 (’639 Patent).

  • Technology Synopsis: This patent describes a method for "sanitizing" data in a distributed system. The process involves extracting sensitive content from a data input based on its sensitivity level and an associated security clearance, storing that extracted data in a secure "extract data store," and leaving behind "remainder data" (’639 Patent, Abstract). The system then uses content, contextual, and taxonomic filters to "inference" the resulting sanitized data to derive further information.

  • Asserted Claims: Independent Claim 16 (Compl. ¶231).

  • Accused Features: The accused systems are alleged to perform the claimed method by extracting critical financial data ("sensitive content") into a secure data vault, thereby creating "sanitized" versions of account data, and then using filters to analyze or process this data (Compl. ¶¶256, 259).

III. The Accused Instrumentality

  • Product Identification: The complaint identifies the accused instrumentalities as the data processing, backup, and disaster recovery systems owned, operated, and used by Goldwater Bank (Compl. ¶111). The complaint alleges these systems are either compliant with the "Sheltered Harbor" specification or are functionally equivalent operational systems (Compl. ¶111).
  • Functionality and Market Context: The complaint alleges the accused systems are designed to protect critical customer financial data against catastrophic loss, such as from a cyberattack (Compl. ¶¶76, 80). Functionally, these systems are alleged to periodically (e.g., nightly) extract critical account data from the bank's main production environment, reformat it, and replicate it to a secure, isolated "data vault" (Compl. ¶¶84, 105). This vault is described as being immutable, encrypted, and "air-gapped" (logically or physically separated) from the primary network to ensure its integrity (Compl. ¶¶91, 96). A diagram from a Dell Technologies solution brief illustrates this two-environment architecture, showing data extraction from a "Production Environment" and replication to a secure "Data Vault Environment" (Compl. ¶87, p. 31). The complaint asserts that adoption of such systems is compelled by financial industry regulators and best practices to ensure data resilience (Compl. ¶¶6-7).

IV. Analysis of Infringement Allegations

’301 Patent Infringement Allegations

Claim Element (from Independent Claim 25) Alleged Infringing Functionality Complaint Citation Patent Citation
...providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters... Defendant's system provides a secure "data vault" intended to house content derived from designated categorical filters, such as protection policies that identify critical account data. ¶¶135, 137 col. 13:30-41
...activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content, which associated select content is at least one of contextually associated select content and taxonomically associated select content... Defendant's system activates "protection policies" (filters) to extract critical financial account information (select content) from its broader dataset. This data is associated contextually (e.g., by account holder) and taxonomically (e.g., as "deposit account data"). ¶¶139, 141 col. 13:58-14:14
...storing said aggregated select content for said at least one categorical filter in said corresponding select content data store; The extracted critical account data is aggregated and stored in the secure "data vault," which is the corresponding data store. ¶¶143, 144 col. 14:15-23
...associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process; The system's protection policies associate data processes, such as copying, archiving, and extraction, with the filtered critical data to manage its backup and vaulting. ¶¶146, 147 col. 4:4-9
...applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter... Once a protection policy is established, all subsequent data inputs matching the filter (e.g., daily account data) are processed in the same way (copied, archived, etc.) and directed to the same storage unit in the vault. ¶¶149, 150 col. 4:10-14
...activating a designated categorical filter encompasses an automatic activation... and said automatic activation is time-based, distributed computer system condition-based, or event-based. The system is alleged to perform the data backup and vaulting process automatically at a designated time interval (e.g., "each night"), which constitutes a time-based automatic activation. ¶¶152, 153 col. 14:42-53

’169 Patent Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
...providing in said distributed cloud-based computing system: (i) a plurality of select content data stores...; and (ii) a plurality of granular data stores; and (iii) a cloud-based server... The accused system architecture includes a secure "data vault" (select content stores) and separate "production and backup systems" (granular data stores), managed by servers that may be cloud-based. ¶¶170, 171, 173 col. 4:18-28
...providing a communications network operatively coupling said plurality of select content data stores, said plurality of granular data stores and said cloud-based server; The system uses a communications network, including a logical "air-gapped" connection, to couple the production environment (granular stores) with the data vault environment (select content stores). A diagram illustrates this architecture (Compl. ¶164, p. 64). ¶¶175, 176 col. 4:29-32
...extracting and storing said security designated data in respective select content data stores; The system extracts critical customer account data ("security designated data") and stores it in the secure data vault ("select content data stores"). ¶¶177, 181 col. 4:42-45
...activating at least one of said select content data stores... thereby permitting access to said select content data stores and respective security designated data based upon an application of one or more of said access controls thereat; Access to the data vault and the critical data within it is restricted by strict access controls, such as multi-factor authentication, and is permitted only upon application of those controls. ¶¶183, 184 col. 4:46-51
...parsing remainder data not extracted from data processed... and storing the parsed data in respective granular data stores; Data that is not extracted as critical—the "remainder data"—is kept in the production and backup systems (the "granular data stores"). ¶¶186, 187 col. 4:52-56
...withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto. For recovery, data is withdrawn from the vault and/or production systems only upon satisfaction of strict security measures and access controls. ¶¶192, 193 col. 4:60-65
  • Identified Points of Contention:
    • Scope Questions: A central question for the '301 patent may be whether the accused system's method of identifying "critical account data" for backup meets the definition of "categorical filters" as contemplated by the patent. Similarly, for the '169 patent, a dispute may arise over whether the defendant's architecture, which separates a "production environment" from a "vault," constitutes the claimed "plurality of granular data stores" and "plurality of select content data stores" in a "cloud-based" system, particularly if the defendant's system is primarily on-premises.
    • Technical Questions: The infringement theory for the '301 patent alleges that applying a backup policy to new data constitutes "applying the associated data process to a further data input." The technical question is whether this routine backup operation performs the specific function required by the claim in the manner described by the patent. For the '169 patent, the complaint alleges that non-extracted data is "parsed" and stored. A technical point of contention may be whether simply leaving data in the production environment constitutes the affirmative steps of "parsing" and "storing" remainder data as claimed.

V. Key Claim Terms for Construction

For U.S. Patent No. 9,015,301

  • The Term: "categorical filters"
  • Context and Importance: This term is critical because infringement of Claim 25 hinges on whether the policies used by the accused Sheltered Harbor-compliant systems to identify "critical financial information" qualify as the claimed "categorical filters."
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The specification suggests filters are used to screen data for policies such as "customer privacy policy, supplier privacy policy, [or] enterprise human resource privacy policy," which could support an interpretation where any rule-based system for segregating data types qualifies (’301 Patent, col. 13:58-14:10).
    • Evidence for a Narrower Interpretation: The summary of the invention and specific embodiments repeatedly describe the filters as "content-based filters, contextual filters and taxonomic classification filters" (’301 Patent, col. 3:35-36). A defendant may argue this language limits the term to filters that perform a substantive analysis of the data's content, context, or classification, not merely its location or type.

For U.S. Patent No. 9,734,169

  • The Term: "distributed cloud-based computing system"
  • Context and Importance: The applicability of Claim 1 depends on whether Defendant's infrastructure meets this definition. Practitioners may focus on this term because the physical and logical nature of the accused system (e.g., on-premise, private cloud, hybrid) will be compared against the scope of "cloud-based" as understood from the patent.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The complaint alleges the systems can be implemented on various cloud platforms or functional equivalents, and the patent describes distributed network architectures generally (Compl. ¶166; ’169 Patent, Figs. 6, 30). This could support a broad reading that covers any distributed system with remote accessibility, including a modern virtualized on-premise data center.
    • Evidence for a Narrower Interpretation: The patent specification frequently discusses components such as the "Internet" (150), an "Application Service Provider (ASP)" server (152), and remote storage, which are characteristic of public cloud or externally hosted services (’169 Patent, Fig. 6; col. 43:30-49). This may support an argument that the term implies more than just a distributed on-premise system.

VI. Other Allegations

  • Indirect Infringement: The complaint focuses on allegations of direct infringement, asserting that Defendant "makes, owns, operates, uses, or otherwise exercises control over" the infringing systems and "directly performs the claimed method" (Compl. ¶¶111, 128, 161). No specific counts or factual allegations supporting induced or contributory infringement are presented.
  • Willful Infringement: The complaint alleges that Defendant's infringement became willful and deliberate after it received notice of the patents-in-suit. This allegation is based on a letter sent June 20, 2025, and the subsequent provision of detailed claim charts on August 6, 2025, after which infringement allegedly continued (Compl. ¶¶121, 123, 156, 196, 227, 265).

VII. Analyst’s Conclusion: Key Questions for the Case

This case appears to center on the application of patents with a 2007 priority date to modern data resiliency frameworks developed by the financial industry in the mid-2010s. The resolution of the dispute may turn on the following key questions:

  • A core issue will be one of definitional scope: can patent terms like "categorical filter" and "taxonomically associated content," which are rooted in specific methods of data analysis described in the patents, be construed to cover the accused systems' broader, policy-based rules for segregating "critical account data" for disaster recovery?
  • A key question of architectural mapping will be whether the accused two-part system—a "Production Environment" and a separate, secure "Data Vault"—is equivalent to the claimed architectures, such as the '169 patent's distinct "select content data stores" and "granular data stores."
  • The case may also raise a fundamental question of technological equivalence: does the routine, automated process of backing up pre-defined critical data to a secure location, as practiced for industry-wide disaster recovery, perform the same specific, multi-step functions of filtering, associating, applying processes, and parsing as claimed in the patents, or is there a functional divergence between regulatory compliance and the patented methods?