DCT
1:16-cv-00690
MAZ Encryption Tech LLC v. BlackBerry Ltd
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: MAZ Encryption Technologies LLC (Delaware)
- Defendant: BlackBerry Ltd. (Canada) and BlackBerry Corporation (Delaware)
- Plaintiff’s Counsel: Ni, Wang & Massand, PLLC
- Case Identification: 6:15-cv-01167, E.D. Tex., 12/24/2015
- Venue Allegations: Plaintiff alleges venue is proper because Defendants have transacted business and committed acts of infringement in the district.
- Core Dispute: Plaintiff alleges that Defendant’s BlackBerry Enterprise Solution infringes a patent related to systems and methods for transparently encrypting and decrypting electronic documents.
- Technical Context: The technology concerns enterprise-level data security, specifically methods to integrate strong encryption into document management workflows without disrupting the end-user experience.
- Key Procedural History: The complaint alleges that Defendant had pre-suit knowledge of the patent-in-suit as of April 17, 2015, through notification from Plaintiff’s counsel regarding the then-pending application. This allegation forms the basis for a claim of willful infringement.
Case Timeline
| Date | Event |
|---|---|
| 1998-05-07 | ’626 Patent Priority Date |
| 2015-04-17 | Plaintiff allegedly notifies Defendant of pending patent |
| 2015-12-01 | ’626 Patent Issues |
| 2015-12-24 | Complaint Filed |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 9,203,626 - "User Authentication System and Method for Encryption and Decryption," Issued December 1, 2015
The Invention Explained
- Problem Addressed: The patent describes the increasing security risks associated with corporate electronic document management systems (EDMS), where sensitive information is vulnerable to unauthorized access via internal attacks, e-mail interception, or theft of hardware like laptops (’626 Patent, col. 2:5-28). It also identifies a key adoption barrier for security solutions: typical encryption systems are "cumbersome and difficult to use," disrupting normal user workflows (’626 Patent, col. 3:27-30).
- The Patented Solution: The invention proposes a "crypto server," a software module that transparently intercepts input/output requests between a user's application (e.g., a word processor) and the underlying document management system (’626 Patent, col. 7:1-8). By "trapping" commands like "save" or "open," the crypto server can automatically apply encryption or decryption without requiring the user to perform extra steps, thus making the security process seamless (’626 Patent, Fig. 3; col. 8:49-54). The system is designed to work with external authentication devices, such as smart cards, to manage cryptographic keys separately from the workstation, further enhancing security (’626 Patent, col. 7:26-35).
- Technical Importance: The technology aimed to solve the "total cost of ownership" problem for enterprise encryption by integrating it directly into existing workflows, thereby minimizing lost productivity and training costs associated with standalone security applications (’626 Patent, col. 4:13-22).
Key Claims at a Glance
- The complaint asserts independent claims 1, 4, and 7 (Compl. ¶15).
- Independent Claim 1 (System):
- A storage device storing authentication data.
- A crypto server that receives a document, encrypts it with a first key, and secures that key with the authentication data.
- An access server that transmits the encrypted document to a second computing device.
- Independent Claim 4 (Mobile Device):
- A message module that receives an encrypted document and a secured first key.
- A user interface module that receives an "open" command.
- A crypto module that retrieves authentication data to access the decryption key and decrypts the document.
- A display for displaying the decrypted document.
- Independent Claim 7 (System):
- A recordable media and a memory storing names of encrypted documents and a protected decryption key.
- A crypto module that:
- Automatically traps an "open" command for a document.
- Determines if the document should be decrypted.
- Retrieves authentication data to access the decryption key.
- Decrypts the document.
- Automatically passes control to the application program.
- The complaint does not explicitly reserve the right to assert dependent claims.
III. The Accused Instrumentality
Product Identification
- The "BlackBerry Enterprise Solution," which is alleged to comprise the BlackBerry mobile device, BlackBerry Device Software, BlackBerry Desktop Software, and BlackBerry Enterprise Server software (Compl. ¶15).
Functionality and Market Context
- The complaint alleges the BlackBerry Enterprise Solution is a system for managing and securing communications and documents across a network between server computers and mobile devices (Compl. ¶¶16-18). The accused functionality involves the encryption of documents on a server, transmission of the encrypted data to a mobile device, and subsequent decryption on the mobile device upon a user command, a process allegedly managed by the various software and hardware components of the solution (Compl. ¶¶16-17). The complaint references the "BlackBerry Enterprise Solution Security Technical Overview for BlackBerry Enterprise Server Version 4.1 Service Pack 6 and BlackBerry Device Software. Version 4.6" as evidence of the infringing functionality, but does not include this document as an exhibit (Compl. ¶16). No probative visual evidence provided in complaint.
IV. Analysis of Infringement Allegations
’626 Patent Infringement Allegations (Claim 1)
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| a storage device storing authentication data; | The BlackBerry Enterprise Solution is alleged to comprise a storage device that stores authentication data. | ¶16 | col. 10:1-2 |
| a crypto server receiving a document over a communications network from a first computing device, the crypto server encrypting the document with a first key and securing the first key with authentication data from the storage device; and | The BlackBerry Enterprise Solution allegedly includes a crypto server that receives, encrypts, and secures documents using authentication data. | ¶16 | col. 6:58-62 |
| an access server transmitting the encrypted document over the communications network to a second computing device. | The BlackBerry Enterprise Solution is alleged to include an access server that transmits the encrypted document over a network to another device (e.g., a BlackBerry mobile device). | ¶16 | col. 6:11-17 |
’626 Patent Infringement Allegations (Claim 4)
| Claim Element (from Independent Claim 4) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| a message module receiving an encrypted document and a first key over a communications network, the first key secured with authentication data; | BlackBerry mobile devices allegedly have a message module that receives encrypted documents and secured keys over a network as part of the BlackBerry Enterprise Solution. | ¶17 | col. 10:27-29 |
| a user interface module receiving an open command related to the encrypted document; | The user interface on BlackBerry mobile devices allegedly receives an "open" command from the user related to an encrypted document. | ¶17 | col. 10:30-31 |
| a crypto module, in response to the open command, retrieving authentication data to obtain access to the decryption key, and decrypting the encrypted document with the first key; and | BlackBerry mobile devices allegedly contain a crypto module that, upon receiving the open command, uses authentication data to access the key and decrypt the document. | ¶17 | col. 10:32-35 |
| a display displaying the decrypted document. | The display on BlackBerry mobile devices is alleged to display the document after it has been decrypted. | ¶17 | col. 5:9-10 |
’626 Patent Infringement Allegations (Claim 7)
| Claim Element (from Independent Claim 7) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| a recordable media; a memory storing the names of encrypted documents and a decryption key for the encrypted documents, the decryption key protected via authentication data; and | BlackBerry mobile devices allegedly include recordable media and memory that store information about encrypted documents and protected decryption keys. | ¶18 | col. 10:44-48 |
| a crypto module: automatically trapping an "open" command...; determining...if the selected document should be decrypted...; retrieving authentication data...; decrypting the encrypted document...; and automatically passing control to the application program. | The accused devices allegedly contain a crypto module that performs a multi-step decryption process: it automatically traps an "open" command, determines if decryption is needed, retrieves authentication data to get the key, decrypts the file, and passes control back to the application. | ¶18 | col. 10:49-62 |
- Identified Points of Contention:
- Architectural Questions: A central question will be whether the distributed architecture of the BlackBerry Enterprise Solution maps onto the specific client-server architecture described in the patent. Specifically, does the accused system contain a "crypto server" that functions as a distinct intermediary that "intercepts or traps I/O requests" between an application and a document client, as the patent specification suggests? (col. 7:1-3).
- Scope Questions: The infringement analysis may turn on whether the term "trapping an 'open' command" (Claim 7) requires a specific low-level system interception (e.g., an API hook or filter driver), or if it can be read more broadly to cover any software architecture that receives and acts upon a user's command to initiate decryption.
- Evidentiary Questions: The complaint's allegations are high-level and rely on an external technical document not provided in the pleadings. A key question for the court will be what evidence is produced in discovery to demonstrate that the BlackBerry software components perform the specific functions of "trapping," "determining," and "passing control" as recited in the claims.
V. Key Claim Terms for Construction
The Term: "crypto server"
Context and Importance: This term appears in independent claim 1 and is foundational to the patent's description of a seamless encryption system. The definition will be critical to determining if the BlackBerry Enterprise Server, or another component of the accused solution, meets this limitation. Practitioners may focus on this term because its interpretation will determine whether the claim reads on a wide variety of secure architectures or is limited to the specific intermediary model depicted in the patent's figures.
Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The patent does not provide an explicit definition. Language describing it as a "software module which transparently handles the encryption of documents" could support a functional interpretation covering any server component that performs these tasks (col. 7:4-6).
- Evidence for a Narrower Interpretation: Figure 3 and the accompanying text depict the "crypto server (330)" as being "functionally disposed between the application (350) and the EDM client (310)," where it "intercepts or traps I/O requests" that would otherwise go to the EDM client (col. 6:58 - col. 7:3). This suggests a specific architectural role that may narrow the term's scope to systems with a similar interception-based design.
The Term: "automatically trapping an 'open' command"
Context and Importance: This limitation from independent claim 7 is key to the invention's claimed benefit of seamless user experience. Whether the accused BlackBerry system "traps" commands will be a core infringement question. The dispute will likely center on the mechanism of "trapping" and whether it requires a specific technical implementation.
Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The patent does not define the precise mechanism of trapping. It could be argued that any system which receives an "open" command and, in response, initiates a decryption workflow without further user intervention is "trapping" the command in a functional sense.
- Evidence for a Narrower Interpretation: The specification describes the process as the "crypto server 330 traps this event (step 425)" after a command is "translated into an 'event' (step 420)" (’626 Patent, col. 8:51-54). This language, particularly the use of "event," may be argued to imply a specific event-driven programming model or operating system-level interception, potentially limiting the claim to systems using such a mechanism.
VI. Other Allegations
- Indirect Infringement: The complaint makes a general allegation of induced infringement, stating that Defendants "committed and/or induced acts of patent infringement in this district" (Compl. ¶6). However, it does not plead specific facts to support the element of intent, such as referencing user manuals or marketing materials that instruct customers to use the accused product in an infringing manner.
- Willful Infringement: The complaint alleges willfulness based on pre-suit knowledge. It specifically pleads that "BlackBerry was made aware of the ’626 Patent at least as early as April 17, 2015, when counsel for Plaintiff notified counsel for BlackBerry of the pending claims that ultimate issued as the claims of the ’626 Patent" (Compl. ¶19).
VII. Analyst’s Conclusion: Key Questions for the Case
A central issue will be one of architectural mapping: Can the complaint demonstrate that the BlackBerry Enterprise Solution, a complex, multi-component system, embodies the specific client-server architecture of the patent? In particular, does it have a single "crypto server" component that "traps" I/O commands between a general-purpose application and a document management client, or does it achieve a similar result through a different, non-infringing design?
The case may turn on claim construction: The scope of the claims will hinge on the court's interpretation of terms like "crypto server" and "trapping." A key question will be whether these terms are given a broad, functional meaning or are narrowed to the specific software interception model described and illustrated in the patent's preferred embodiments.
A key evidentiary question will be one of operational proof: Given the high-level nature of the infringement allegations, the case will depend on whether discovery uncovers technical evidence showing the accused BlackBerry software actually operates in the step-by-step manner required by the claims, especially the sequence of trapping a command, determining decryption status, and automatically passing control as recited in Claim 7.