DCT
1:22-cv-01349
Alto Dynamics LLC v. Houzz Inc
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: Alto Dynamics, LLC (Georgia)
- Defendant: Houzz, Inc. (Delaware)
- Plaintiff’s Counsel: Stamoulis & Weinblatt, LLC; Rozier Hardt McDonough PLLC
- Case Identification: 1:22-cv-01349, D. Del., 10/12/2022
- Venue Allegations: Plaintiff alleges venue is proper in the District of Delaware because Defendant Houzz, Inc. is incorporated under the laws of Delaware.
- Core Dispute: Plaintiff alleges that Defendant’s e-commerce website and mobile applications infringe ten U.S. patents related to state-less user authentication, user activity monitoring, database searching and data conversion, automated data extraction, and targeted advertising.
- Technical Context: The patents-in-suit address foundational technologies for operating large-scale, interactive websites, including methods for securely managing user sessions, personalizing user experiences, and optimizing data retrieval and presentation.
- Key Procedural History: The complaint does not mention any prior litigation, Inter Partes Review (IPR) proceedings, or licensing history related to the asserted patents. The complaint preemptively asserts that the claims of the patents are not directed to an abstract idea.
Case Timeline
| Date | Event |
|---|---|
| 2000-03-15 | Priority Date for U.S. Patent No. 6,311,194 |
| 2000-08-21 | Priority Date for U.S. Patent No. 6,757,662 |
| 2001-02-08 | Priority Date for U.S. Patent No. 6,604,100 |
| 2001-03-20 | Priority Date for U.S. Patent No. 6,662,190 |
| 2001-04-19 | Priority Date for U.S. Patent Nos. 8,051,098; RE46,513; 7,657,531 |
| 2001-10-30 | Issue Date for U.S. Patent No. 6,311,194 |
| 2001-12-04 | Priority Date for U.S. Patent Nos. 7,392,160; 7,152,018 |
| 2002-04-02 | Priority Date for U.S. Patent No. 6,691,103 |
| 2003-08-05 | Issue Date for U.S. Patent No. 6,604,100 |
| 2003-12-09 | Issue Date for U.S. Patent No. 6,662,190 |
| 2004-02-10 | Issue Date for U.S. Patent No. 6,691,103 |
| 2004-06-29 | Issue Date for U.S. Patent No. 6,757,662 |
| 2006-12-19 | Issue Date for U.S. Patent No. 7,152,018 |
| 2008-06-24 | Issue Date for U.S. Patent No. 7,392,160 |
| 2010-02-02 | Issue Date for U.S. Patent No. 7,657,531 |
| 2011-11-01 | Issue Date for U.S. Patent No. 8,051,098 |
| 2017-08-15 | Issue Date for U.S. Patent No. RE46,513 |
| 2022-08-23 | Date from which indirect infringement is alleged for multiple patents |
| 2022-10-12 | Complaint Filing Date |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 8,051,098 - "Systems And Methods For State-Less Authentication"
The Invention Explained
- Problem Addressed: The patent describes the need for authenticating users of program objects in distributed computing environments where resources may exist on different platforms (U.S. Patent No. US8051098B2, Abstract). Traditional state-full authentication requires repeated communication with a central logon component, which can be inefficient.
- The Patented Solution: The invention provides a "state-less" authentication method. After an initial secure logon, a unique "security context" is generated and provided to the user's device. This context allows the user to access various resources without requiring follow-on authorization communications between the accessed resource and the original logon component, improving efficiency in a distributed environment (’098 Patent, col. 10:20-35).
- Technical Importance: This approach aimed to streamline user access across disparate systems, a significant challenge in the architecture of complex, multi-server web applications.
Key Claims at a Glance
- The complaint asserts at least independent claim 1 (Compl. ¶22).
- The essential elements of Claim 1 include:
- A method for accessing a plurality of resources where at least some do not share a common processing platform.
- Establishing a secure communication session between a user computing device and a logon component, where the session is a temporary, interactive information exchange that is set up and then torn down.
- Verifying logon information provided by the user device to the logon component.
- Responsively generating a security context for the user device that is unique to the user.
- The security context is necessary to access any of the resources without requiring follow-on authorization communications between the resource and the logon component.
- The complaint generally alleges infringement of "one or more claims," potentially reserving the right to assert dependent claims (Compl. ¶21).
U.S. Patent No. RE46,513 - "Systems And Methods For State-Less Authentication"
The Invention Explained
- Problem Addressed: Similar to the ’098 Patent, this patent addresses enabling user access to resources within a processing system without requiring repeated authentication for each resource request (U.S. Patent No. RE46513, col. 1:17-26).
- The Patented Solution: The invention provides a method where, after an initial logon, the system generates a security context containing specific information, including a plaintext header and an encrypted body. This context is then provided to the user, who sends it back to the system along with a request for a resource. The system uses the context to grant access without a new logon process (’513 Patent, col. 2:3-14, Abstract).
- Technical Importance: The claimed method provides a specific structure for a security token intended to make authentication more efficient and portable across a distributed system.
Key Claims at a Glance
- The complaint asserts at least independent claim 16 (Compl. ¶35).
- The essential elements of Claim 16 include:
- A method of enabling access to resources of a processing system.
- Establishing a secure communication session between a user and a logon component.
- Verifying that logon information from the user matches stored information.
- Generating a security context from logon and authorization information, where the context comprises a plaintext header and an encrypted body.
- The plaintext header comprises a security context ID, a key handle, and an algorithm identifier and key size.
- Providing the security context to the user.
- Sending, by the user, the security context and a request for access to the resource.
- The complaint generally alleges infringement of "one or more claims," potentially reserving the right to assert additional claims (Compl. ¶34).
U.S. Patent No. 7,657,531 - "Systems And Methods For State-Less Authentication"
- Technology Synopsis: This patent discloses a method for enabling access to a resource in a distributed system by renewing a security context. The method involves receiving an existing security-context and a renewal request, verifying its validity, comparing its expiration time to the current time, and generating an updated security-context if the renewal is authorized (Compl. ¶54).
- Asserted Claims: At least independent claim 1 (Compl. ¶53).
- Accused Features: The accused features are Defendant's website and user authentication functionalities, specifically the processes for managing secured sessions and renewing user access credentials (Compl. ¶54).
U.S. Patent No. 7,392,160 - "System And Method For Monitoring Usage Patterns"
- Technology Synopsis: This patent describes a method for monitoring user usage patterns by providing a "state object" containing a user profile to a client. This object is stored on the client, passed back to a central server with each interaction, and modified to reflect the interaction, allowing the server to audit the profile and direct services based on it (Compl. ¶67).
- Asserted Claims: At least independent claim 1 (Compl. ¶66).
- Accused Features: The accused features are Defendant's use of cookies and other technologies to track user activities and preferences on its online platform (Compl. ¶67).
U.S. Patent No. 7,152,018 - "System And Method For Monitoring Usage Patterns"
- Technology Synopsis: This patent is related to the ’160 patent and describes a method for monitoring user usage by providing a state object with a user profile to a client. The profile is modified by scripts or programs at the client location, which precludes direct manipulation of the profile by the server (Compl. ¶85).
- Asserted Claims: At least independent claim 1 (Compl. ¶84).
- Accused Features: The accused features are Defendant's systems for tracking user activities and preferences, such as using cookies, on its online sales platform (Compl. ¶85).
U.S. Patent No. 6,604,100 - "Method for converting relational data into a structured document"
- Technology Synopsis: This patent discloses a method for transforming data from a relational database into a structured document (e.g., XML). It involves storing a view query, receiving a user query against that view, composing the two queries, and partitioning the result into data extraction and construction portions to generate the final document (Compl. ¶103).
- Asserted Claims: At least independent claim 1 (Compl. ¶102).
- Accused Features: The complaint alleges that Defendant's database searching and viewing capabilities employ this method (Compl. ¶103).
U.S. Patent No. 6,691,103 - "Method For Searching A Database, Search Engine System For Searching A Database, And Method Of Providing A Key Table For Use By A Search Engine For A Database"
- Technology Synopsis: This patent describes a database search method that optimizes query performance by ordering search elements based on the expected size of their results. The database is searched first with the element expected to return the smallest result set, followed by elements expected to return progressively larger sets (Compl. ¶116).
- Asserted Claims: At least independent claim 1 (Compl. ¶115).
- Accused Features: The complaint accuses Defendant's internal company analytics and database search functionalities (Compl. ¶114, ¶116).
U.S. Patent No. 6,662,190 - "Learning Automatic Data Extraction System"
- Technology Synopsis: This patent discloses a method for automatically extracting data from a text file. The system identifies an area of interest, parses it to find a list of attribute values, recognizes a first set of values that match a known vocabulary, and then "gleans" a second set of values that do not match, adding them to the extracted record (Compl. ¶129).
- Asserted Claims: At least independent claim 1 (Compl. ¶128).
- Accused Features: The accused features are Defendant's text mining capabilities, including the processing of resumes uploaded to its platform (Compl. ¶127, ¶129).
U.S. Patent No. 6,757,662 - "Method And System For Display Advertisement Qualification And Notification"
- Technology Synopsis: This patent describes a method for providing targeted advertisements. An ad is triggered if a user request contains a certain part identification, the user is associated with a pre-determined "desired group," and the user is not in a "no-show group." The system then compares the user's request with stored information from sellers to trigger the ad and a communication to the seller (Compl. ¶142).
- Asserted Claims: At least independent claim 1 (Compl. ¶141).
- Accused Features: The accused features are the functionalities on Defendant's Houzz platform that display customized advertisements and electronic product placements (Compl. ¶140).
U.S. Patent No. 6,311,194 - "System And Method For Creating A Semantic Web And Its Applications In Browsing, Searching, Profiling, Personalization And Advertising"
- Technology Synopsis: This patent discloses a method for generating metadata for a data set. The method involves receiving a classifier for the data set, retrieving "WorldModel-based extraction information" that correlates attribute identifiers with patterns, extracting the metadata based on that information, and storing it (Compl. ¶155).
- Asserted Claims: At least independent claim 1 (Compl. ¶154).
- Accused Features: The complaint alleges that the Accused Instrumentalities perform this method of metadata generation (Compl. ¶155).
III. The Accused Instrumentality
Product Identification
The accused instrumentalities are Defendant Houzz’s website (https://www.houzz.com), its associated mobile applications, and the underlying hardware and software that support their functionality (Compl. ¶14).
Functionality and Market Context
The complaint alleges the Accused Instrumentalities operate as an online sales platform that allows users to view, search, save, and purchase items (Compl. ¶14). Key technical functionalities identified include: user authentication through login processes and secured sessions; tracking user activities and preferences via technologies like cookies; employing internal analytics; and delivering customized advertisements and electronic product placements (Compl. ¶14). The complaint provides a screenshot of the Houzz login page as an example of the user authentication functionality (Compl. ¶14, fn. 1, Ex. K).
IV. Analysis of Infringement Allegations
’098 Patent Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| a method for accessing any of a plurality of resources wherein at least some of the resources do not share a common processing platform | The Accused Instrumentalities are alleged to allow users to access a plurality of resources where at least some do not share a common processing platform. | ¶23 | col. 1:17-21 |
| establishing a secure communication session between a user computing device and a logon component, wherein the secure communication session comprises a temporary, interactive information exchange that is set up and then torn down | The Accused Instrumentalities are alleged to establish secured sessions between a user's device and a logon component on Houzz's platform, which is described as a temporary exchange. | ¶23 | col. 9:28-36 |
| verifying logon information provided by the user computing device to the logon component using the secure communication session | The Accused Instrumentalities are alleged to verify user-provided logon information during the secure session. | ¶23 | col. 10:20-22 |
| and responsively generating a security context to be employed by the user computing device that is unique to a user of the user computing device and necessary to access any of the plurality of resources without requiring any follow-on authorization communications between the accessed resource and the logon component. | The Accused Instrumentalities are alleged to responsively generate a unique security context that allows the user device to access resources without requiring further authorization from the logon component. | ¶23 | col. 10:22-35 |
Identified Points of Contention
- Scope Questions: A central question may be whether the architecture of the Houzz platform, as a modern web service, meets the limitation of accessing resources that "do not share a common processing platform" in the manner contemplated by the patent.
- Technical Questions: The complaint alleges the creation of a "security context" that obviates the need for "follow-on authorization communications." The case may turn on what technical evidence demonstrates that Houzz's session management tokens or cookies perform this specific state-less function as claimed, rather than functioning as part of a more conventional state-full session management system.
’513 Patent Infringement Allegations
| Claim Element (from Independent Claim 16) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| a method of enabling access to resources of a processing system | The Accused Instrumentalities are alleged to provide a method for enabling access to resources. | ¶36 | col. 16:3-4 |
| establishing a secure communication session between a user... and a logon component | The Accused Instrumentalities are alleged to establish secure communication sessions between users and a logon component. | ¶36 | col. 16:6-9 |
| verifying that logon information... matches stored information | The Accused Instrumentalities are alleged to verify user logon information against stored information. | ¶36 | col. 16:10-14 |
| generating a security context... wherein the security context comprises a plaintext header and an encrypted body, and the plaintext header comprises a security context ID, a key handle, and an algorithm identifier and key size | The Accused Instrumentalities are alleged to generate a security context with a plaintext header (containing a context ID, key handle, and algorithm/key size) and an encrypted body. | ¶36 | col. 16:15-24 |
| providing the security context to the user | The Accused Instrumentalities are alleged to provide the generated security context to the user. | ¶36 | col. 16:25-26 |
| and sending, by the user to the processing system, the security context and a request for access to the resource. | The user, via the Accused Instrumentalities, is alleged to send the security context and a resource request to the processing system. | ¶36 | col. 16:27-29 |
Identified Points of Contention
- Scope Questions: Practitioners may question whether modern web security tokens (e.g., JWTs or proprietary session tokens) used by Houzz can be characterized as having the specific structure required by claim 16, namely a "plaintext header" and an "encrypted body" containing the explicitly recited sub-elements.
- Technical Questions: A key evidentiary question will be whether discovery reveals that the security tokens used by Houzz actually contain a "security context ID," a "key handle," and an "algorithm identifier and key size" in a plaintext portion, as strictly required by the claim language.
V. Key Claim Terms for Construction
U.S. Patent No. 8,051,098
- The Term: "logon component"
- Context and Importance: This term defines a central architectural element of the claimed system. Its construction will be critical to determining whether Houzz’s authentication servers or related infrastructure fall within the scope of the claim. Practitioners may focus on this term because its definition will shape the boundary between a generic authentication server and the specific component claimed by the patent.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The specification refers to the logon component as a part of a system that "authenticates the user's access rights" and compares a logon ID and password, suggesting it could encompass general-purpose authentication servers (’098 Patent, col. 2:2-12).
- Evidence for a Narrower Interpretation: The specification describes the logon component as interacting with a "rules database" and performing specific steps in generating the security context, which might suggest a more limited scope tied to the disclosed embodiments (’098 Patent, col. 2:31-35).
U.S. Patent No. RE46,513
- The Term: "plaintext header"
- Context and Importance: Claim 16 explicitly requires the generated "security context" to have a specific two-part structure: a "plaintext header" and an "encrypted body." The definition of "plaintext header" is crucial, as the claim further requires it to contain a "security context ID, a key handle, and an algorithm identifier and key size." The infringement analysis for this patent may hinge on whether Houzz's security tokens have this specific structure.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The patent does not appear to provide an explicit definition of "plaintext header," which may support an argument that the term should be given its plain and ordinary meaning in the context of data structures at the time of the invention.
- Evidence for a Narrower Interpretation: Figure 4a depicts a "Plaintext Header" as a distinct block from an "Encrypted Security Context (Body)." Figure 4b further breaks down the header's contents. A defendant may argue that these figures define the term and limit its scope to a structure that directly corresponds to this depiction (’513 Patent, Figs. 4a, 4b).
VI. Other Allegations
- Indirect Infringement: The complaint alleges induced and contributory infringement for U.S. Patent Nos. RE46,513, 7,392,160, and 7,152,018. The inducement allegations are based on Defendant allegedly advising or directing end-users to use the Accused Instrumentalities in an infringing manner and distributing instructions for such use (Compl. ¶37, ¶68, ¶86). The contributory infringement allegations are based on the Accused Instrumentalities having "special features" that are not "staple articles of commerce suitable for substantial non-infringing use" (Compl. ¶38, ¶69, ¶87).
- Willful Infringement: Willfulness is alleged for multiple patents. The allegations are based on the assertion that Defendant's actions were "objectively reckless" and that Defendant has a "policy or practice of not reviewing the patents of others" (Compl. ¶24-25, ¶40-41, ¶55-56, ¶71-72, ¶89-90). For several patents, the complaint also alleges knowledge at least as of the filing of the action, which may support a claim for post-suit willfulness (Compl. ¶39, ¶70, ¶88).
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of definitional scope and technological evolution: Can the claims of these patents, which have priority dates from the early 2000s and describe specific methods for "state-less authentication" and user tracking, be construed to cover the potentially different architectures and protocols (e.g., OAuth, JWTs, modern session management) used by a contemporary e-commerce platform?
- A second central issue will be one of evidentiary sufficiency: The complaint makes conclusory allegations that the accused platform performs the functions recited in the claims. A key question for the litigation will be whether Plaintiff can produce technical evidence from discovery that demonstrates the accused systems operate in the specific manner required by the claims, such as generating a "security context" with the explicit "plaintext header" structure recited in claim 16 of the ’513 patent.
- A third question will be one of patent eligibility: Given that the patents are directed to software-based methods for managing data and user access, the court will likely need to determine whether the claims are directed to patent-eligible subject matter under 35 U.S.C. § 101 or are instead directed to abstract ideas that lack a sufficient inventive concept.