Kaseya US LLC v. Project Orca Inc

I. Executive Summary and Procedural Information

• Parties & Counsel:
  • Plaintiff: Kaseya US LLC (Delaware), Kaseya Limited (Ireland), and Datto, LLC (Delaware)
  • Defendant: Project Orca, Inc. d/b/a Slide (Delaware)
  • Plaintiff’s Counsel: Farnan LLP
• Case Identification: 1:26-cv-00077, D. Del., 01/23/2026
• Venue Allegations: Venue is asserted in the District of Delaware on the basis that the Defendant is a Delaware corporation and therefore resides in the district.
• Core Dispute: Plaintiff alleges that Defendant’s business continuity and disaster recovery (BCDR) platform infringes eight patents related to data backup, replication, restoration, and secure file exchange technologies.
• Technical Context: The lawsuit concerns the business continuity and disaster recovery (BCDR) market, a critical IT sector focused on providing solutions that protect business data and ensure rapid system restoration following data loss or system failure.
• Key Procedural History: The complaint alleges that Defendant was founded by two former executives of Plaintiff Datto. It further alleges Defendant's pre-suit knowledge of the asserted patents based on this relationship, the employment of other former Datto employees, and public statements by Defendant’s co-founders regarding their "extraordinarily vigilant" approach to respecting Plaintiffs' intellectual property. These allegations form the basis of the willfulness claims.

Case Timeline

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 8,769,039 - Method and Apparatus of Performing Remote Computer File Exchange (Issued July 1, 2014)

The Invention Explained

• Problem Addressed: The patent’s background section describes the need for setup procedures and parameter negotiation (e.g., compression, bandwidth rate) before data file transfers can occur between client and server computers, implying a need for a more efficient and resilient protocol to manage these transfers. ’039 Patent, col. 1:15-31
• The Patented Solution: The invention proposes a method for exchanging data using two parallel communication channels. A "control channel" is established first to exchange control information, such as proposed data rates and compression levels, and to manage the initiation and termination of the data stream. A separate "data channel" is then established for the bulk transfer of data, which occurs "in parallel with the control information being transferred over the control channel." ’039 Patent, Abstract; col. 3:42-53
• Technical Importance: This dual-channel architecture allows for the management and negotiation of transfer parameters without interrupting the primary data flow, potentially improving the efficiency and robustness of large file transfers over a network. ’039 Patent, col. 2:55-65

Key Claims at a Glance

• The complaint asserts infringement of at least independent claim 1. Compl. ¶34, ¶40
• Claim 1 requires:
  • establishing a control channel between a first and second computing device to exchange control information, including initiation and termination information, as well as a proposed data rate and/or compression level;
  • negotiating a data transfer;
  • establishing a data channel between the devices to transfer data; and
  • transferring data over the data channel in parallel with control information being transferred over the control channel.
• The complaint alleges infringement of "one or more claims" but its specific allegations map to claim 1. Compl. ¶34

U.S. Patent No. 9,256,499 - Method and Apparatus of Securely Processing Data for File Backup, De-duplication, and Restoration (Issued February 9, 2016)

The Invention Explained

• Problem Addressed: The patent background discusses secure data backup and restoration, implying a technical problem of how to securely restore individual files from a backup repository without restoring the entire system, particularly in an environment that may use de-duplication. ’499 Patent, col. 1:12-25
• The Patented Solution: The invention proposes a method where a data file targeted for restoration is identified as a "link file." This link file contains metadata, including a uniform resource identifier (URI) pointing to the actual source file in a data repository. Crucially, the link file also contains a key that has been encrypted with a "shared secret" previously exchanged between an "agent" and a "server." The restoration process involves using this shared secret to decrypt the key from the link file, and then using the decrypted key to retrieve the data from the location specified by the URI. ’499 Patent, Abstract; col. 3:15-35
• Technical Importance: This approach provides a secure mechanism for managing access to individual files within a larger backup system, using a layer of indirection (link files) and a shared secret protocol to control decryption and retrieval of the underlying data. ’499 Patent, col. 1:26-34

Key Claims at a Glance

• The complaint asserts infringement of at least independent claim 1. Compl. ¶56, ¶62
• Claim 1 requires:
  • retrieving a data file to be restored from a data storage location;
  • determining the file is a "link file" which stores metadata including a URI and a "key encrypted with an agent and server shared secret that was previously exchanged";
  • decrypting the key from the link file using the shared secret; and
  • retrieving data from the repository location using the decrypted key.
• The complaint’s infringement count references "one or more claims" of the patent. Compl. ¶56

Multi-Patent Capsule: U.S. Patent No. 9,594,636

• Patent Identification: U.S. Patent No. 9,594,636, "Management of Data Replication and Storage Apparatuses, Methods and Systems," issued March 14, 2017. Compl. ¶19
• Technology Synopsis: The patent describes a method for managing data replication between a local "backup aggregator" and a "cloud storage center." The aggregator sends a request with a "backup vector" to a master server; this vector defines the dataset and a mirroring relationship. The system synchronizes the data only after the master server validates the vector and responds with an acknowledgement. ’636 Patent, Abstract; Compl. ¶84
• Asserted Claims: At least independent claim 1. Compl. ¶78, ¶84
• Accused Features: The complaint alleges that the replication of backup snapshots from the local Slide Box (the "backup aggregator") to the Slide Cloud (the "cloud storage center") follows this claimed validation-and-synchronization workflow. Compl. ¶86-98

Multi-Patent Capsule: U.S. Patent No. 10,055,424

• Patent Identification: U.S. Patent No. 10,055,424, "Management of Data Replication and Storage Apparatuses, Methods and Systems," issued August 21, 2018. Compl. ¶20
• Technology Synopsis: This patent, related to the ’636 Patent, also details a method for managing data replication. It involves sending a backup request, capturing a snapshot, validating a "vector" that defines a data set and a mirroring relationship, and sending a task processing assistance request according to specified prioritization orders before synchronizing the file systems. ’424 Patent, Abstract; Compl. ¶110
• Asserted Claims: At least independent claim 1. Compl. ¶104, ¶110
• Accused Features: The complaint accuses the Slide platform’s replication process from the Slide Box to the Slide Cloud, alleging it performs the claimed steps of scheduled backup, snapshotting, vector validation with prioritization, and subsequent synchronization. Compl. ¶112-123

Multi-Patent Capsule: U.S. Patent No. 10,515,057

• Patent Identification: U.S. Patent No. 10,515,057, "Management of Data Replication and Storage Apparatuses, Methods and Systems," issued December 24, 2019. Compl. ¶21
• Technology Synopsis: This patent, from the same family as the ’636 and ’424 patents, adds a specific limitation to the replication management method. It requires the task processing assistance request to include pluralities of "metrics related to the operational state" of both the first file system (local) and the second file system (cloud). ’057 Patent, Abstract; Compl. ¶135
• Asserted Claims: At least independent claim 1. Compl. ¶129, ¶135
• Accused Features: The complaint alleges the Slide Box-to-Cloud replication process infringes, asserting on information and belief that the system's internal communications include the claimed operational metrics for both the local appliance and the cloud storage. Compl. ¶144-145

Multi-Patent Capsule: U.S. Patent No. 11,775,907

• Patent Identification: U.S. Patent No. 11,775,907, "Method Facilitating Business Continuity of Enterprise Computer Network and System Associated Therewith," issued October 3, 2023. Compl. ¶22
• Technology Synopsis: The patent describes a method for disaster recovery orchestration. It involves receiving a recovery message, retrieving "predetermined network configuration information," and using it to build a "virtual recovered enterprise network." Within this virtual network, a virtual machine representing a protected asset is then built using a retrieved backup and predetermined asset configuration data. ’907 Patent, Abstract; Compl. ¶159
• Asserted Claims: At least independent claim 1. Compl. ¶153, ¶159
• Accused Features: The complaint accuses Slide’s virtualization feature, where a user can select a protected system and a predefined network configuration within the Slide Console (the "orchestration platform") to boot a backup as a virtual machine in the Slide Cloud. Compl. ¶161-169

Multi-Patent Capsule: U.S. Patent No. 10,795,688

• Patent Identification: U.S. Patent No. 10,795,688, "System and Method for Performing and Image-Based Update," issued October 6, 2020. Compl. ¶23
• Technology Synopsis: The patent discloses a method for updating a device's operating system using incremental updates. A target device receives data representing the differences between its current OS snapshot and an updated OS snapshot. It uses this data to form the new snapshot, export a full image of the new OS, and then boot from that new image. ’688 Patent, Abstract; Compl. ¶181
• Asserted Claims: At least independent claim 11. Compl. ¶175, ¶181
• Accused Features: The accused functionality is the Slide platform's use of incremental backups, where only changed data is copied. The complaint alleges that the Slide Box (the "target device") receives these incremental updates, creates new snapshots, and can boot a virtual machine from these updated snapshots, thereby practicing the claimed method. Compl. ¶183-198

Multi-Patent Capsule: U.S. Patent No. 10,860,442

• Patent Identification: U.S. Patent No. 10,860,442, "Systems, Methods, and Computer Readable Media for Business Continuity and Disaster Recovery (BCDR)," issued December 8, 2020. Compl. ¶24
• Technology Synopsis: The technology covers a method of replicating data from a "recovery computer" to a "target computer." The method involves taking incremental snapshots of the operating recovery computer and using the data differences to incrementally update the target computer, preparing it to take over the recovery computer's functions. ’442 Patent, Abstract; Compl. ¶210
• Asserted Claims: At least independent claim 12. Compl. ¶204, ¶210
• Accused Features: The complaint alleges infringement through a workflow involving Slide's "image export" feature. A user can create a "recovery computer" by virtualizing an exported backup image. This recovery computer can then run the Slide Agent to perform incremental backups to a Slide Box (the "target computer"), which is alleged to practice the claimed method of incremental updates. Compl. ¶212-228

III. The Accused Instrumentality

• Product Identification: The accused instrumentalities are the "Slide Products and Services," a BCDR platform comprising four main components: the Slide Agent, the Slide Box, the Slide Cloud, and the Slide Console. Compl. ¶26
• Functionality and Market Context: The Slide platform is designed to provide BCDR services for managed service providers (MSPs). Compl. ¶2 Functionally, a "Slide Agent" application is installed on a computer system to be protected. Compl. ¶28 This agent communicates with a local hardware appliance, the "Slide Box," to perform backups. Compl. ¶28-29 The complaint provides a photograph of a Slide Box appliance. Compl. p. 8 The Slide Box stores these backups locally and then replicates them as immutable ZFS snapshots to the "Slide Cloud" for offsite storage and disaster recovery. Compl. ¶29, ¶31 The entire system is managed via the "Slide Console," a web-based interface for configuring backup schedules, managing cloud replication, and performing data restores. Compl. ¶27 Restore options include booting a backup as a virtual machine on either the local Slide Box or in the Slide Cloud. Compl. ¶32

IV. Analysis of Infringement Allegations

’039 Patent Infringement Allegations

• Identified Points of Contention:
  • Scope Questions: A primary question may be whether the communications between the Slide Box and Slide Cloud utilize distinct "control" and "data" channels as required by the claim. The complaint cites the same network connection table as evidence for establishing both channels Compl. ¶43, ¶49, suggesting the possibility that Defendant uses a single, unified communication protocol where control and data information may be multiplexed rather than sent over parallel channels.
  • Technical Questions: The complaint alleges the transfer of control information "in parallel" with the data transfer, but the evidence provided consists of a user interface for pre-configuring a data rate Compl. p. 18 and activity logs for post-transfer reporting Compl. p. 16 This raises the question of what evidence shows that control information is actively exchanged over a control channel simultaneously with the bulk data transfer over the data channel, as the claim language suggests.

’499 Patent Infringement Allegations

• Identified Points of Contention:
  • Scope Questions: The infringement theory for the ’499 Patent raises the question of whether the general-purpose security mechanisms of the standard HTTPS/TLS protocol can be construed to meet the specific claim limitations. The analysis may focus on whether a standard HTTPS response constitutes a "link file" and whether a transient TLS session key constitutes an "agent and server shared secret that was previously exchanged" within the meaning of the patent.
  • Technical Questions: The complaint's allegations regarding the "link file," "encrypted key," and "decryption" steps are made entirely "upon information and belief" and are supported by citations to general explanations of how TLS works, not by specific evidence from the accused product. Compl. ¶67-72 This raises an evidentiary question as to whether the Slide platform's architecture actually mirrors the specific encrypted-key-in-a-link-file mechanism claimed in the patent, or if it simply uses a standard secure connection for data transfer.

V. Key Claim Terms for Construction

’039 Patent

• The Term: "control channel" and "data channel"
• Context and Importance: The claim requires establishing two distinct channels and using them in parallel. The viability of the infringement claim depends on whether the communication architecture between the Slide Box and Slide Cloud can be characterized as having these two separate channels. Practitioners may focus on this term because the Defendant may argue it uses a single, multiplexed communication stream (e.g., a single TCP or TLS connection) rather than the dual-channel structure recited.
• Intrinsic Evidence for Interpretation:
  • Evidence for a Broader Interpretation: The specification discusses the channels in terms of their function (exchanging control information vs. transferring data) rather than requiring a specific physical or protocol-level separation, which may support a logical distinction. ’039 Patent, col. 2:23-32
  • Evidence for a Narrower Interpretation: The patent consistently uses the plural ("a control channel" and "a data channel") and includes Figure 5B, which visually depicts two separate parallel pipelines, suggesting two distinct communication paths. ’039 Patent, Fig. 5B The final clause requiring parallel transfer "over" the respective channels may further support an interpretation requiring two separate conduits.

’499 Patent

• The Term: "link file"
• Context and Importance: The complaint alleges that a standard HTTPS response is the claimed "link file." Compl. ¶69 The case may turn on whether such a transient network object falls within the scope of this term. Practitioners may focus on this term because if "link file" is construed to mean a specific, persistent data object created and stored within the backup file system, the infringement theory based on an HTTPS response may not be sustainable.
• Intrinsic Evidence for Interpretation:
  • Evidence for a Broader Interpretation: The claim defines a "link file" by its function: "storing metadata comprising a uniform resource identifier (URI)... and which also includes a key encrypted..." ’499 Patent, col. 4:1-5 An argument could be made that any data structure performing this function, regardless of its form, meets the definition.
  • Evidence for a Narrower Interpretation: The detailed description suggests a link file is a specific architectural component that replaces an original file in a de-duplicated backup, implying it is a stored object within the backup dataset, not a temporary network communication. (’499 Patent, col. 4:1-10, "A de-duplicated file is a simple text file containing the metadata for each file stored...").

VI. Other Allegations

• Indirect Infringement: For all asserted patents, the complaint alleges induced infringement based on Defendant providing the Slide platform with instructions, technical support, and product documentation that allegedly encourage and instruct customers to use the products in an infringing manner. e.g., Compl. ¶35-37, ¶57-59 Contributory infringement is also alleged, on the basis that the Slide platform is a material part of practicing the inventions, has no substantial non-infringing uses, and is specially made for use in an infringing manner. e.g., Compl. ¶38, ¶60
• Willful Infringement: The complaint alleges willful infringement for all asserted patents. The basis for pre-suit knowledge is Defendant's founding by former executives of Plaintiff Datto, its employment of other former Datto personnel, and public statements from Defendant’s co-founders indicating they were "extraordinarily vigilant" to avoid using Plaintiffs' intellectual property, which the complaint frames as an admission of awareness. e.g., Compl. ¶53, ¶75 Knowledge is also asserted from at least the filing of the complaint.

VII. Analyst’s Conclusion: Key Questions for the Case

• A core issue will be one of definitional scope: can standard, widely-used technologies like the HTTPS/TLS protocol and common client-server replication architectures be construed to meet the specific claim elements of "link files," "agent and server shared secrets," and distinct "control/data channels" as recited in the patents-in-suit?
• A key evidentiary question will be one of operational proof: what technical evidence can Plaintiffs provide to demonstrate that the accused Slide platform actually performs the specific, ordered, and often parallel processing steps required by the asserted method claims, beyond the high-level functional descriptions available in public documentation and allegations made "upon information and belief"?
• A pivotal issue for damages will be one of intent: will the Defendant's alleged "extraordinary vigilance" regarding Plaintiffs' intellectual property be interpreted by the court as evidence of good-faith efforts to avoid infringement, or will it be construed as evidence of pre-suit knowledge and deliberate disregard of Plaintiffs' patent rights, supporting a finding of willfulness?