DCT
1:24-cv-05579
DigitalDoors Inc v. FirstBank Corp
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: DigitalDoors, Inc. (Florida)
- Defendant: FirstBank Corp. (Tennessee)
- Plaintiff’s Counsel: Garteiser Honea, PLLC
- Case Identification: 1:24-cv-05579, N.D. Ga., 12/05/2024
- Venue Allegations: Plaintiff alleges venue is proper because Defendant maintains a regular and established business presence in the Northern District of Georgia, including physical branch locations, and specifically targets customers within the district.
- Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, which are allegedly compliant with the financial industry’s "Sheltered Harbor" standard, infringe four patents related to methods for granularly filtering, extracting, storing, and securing sensitive data in distributed computing environments.
- Technical Context: The technology addresses cybersecurity and data resiliency for financial institutions, a critical sector where protecting customer data from catastrophic loss due to cyberattacks is paramount for operational continuity and market stability.
- Key Procedural History: The complaint does not reference prior litigation, licensing, or post-grant validity challenges concerning the asserted patents. It does, however, assert that the patents are "pioneering" and have been cited as relevant prior art in hundreds of subsequent U.S. patent applications from major technology and financial services companies.
Case Timeline
| Date | Event |
|---|---|
| 2007-01-05 | Earliest Priority Date for all Asserted Patents |
| 2015-04-21 | U.S. Patent No. 9,015,301 Issues |
| 2015-01-01 | "Sheltered Harbor" Initiative Launched |
| 2017-08-15 | U.S. Patent No. 9,734,169 Issues |
| 2019-01-15 | U.S. Patent No. 10,182,073 Issues |
| 2019-04-02 | U.S. Patent No. 10,250,639 Issues |
| 2024-12-05 | Complaint Filed |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 9,015,301
- Patent Identification: U.S. Patent No. 9,015,301, titled "Information Infrastructure Management Tools With Extractor, Secure Storage, Content Analysis And Classification And Method Therefor," issued April 21, 2015.
The Invention Explained
- Problem Addressed: The patent describes a technological landscape where enterprises struggled with managing large volumes of unstructured data, securing open ecosystems with numerous access points, and classifying data based on its content rather than just its file type (Compl. ¶27; ’301 Patent, col. 1:31-2:27). Conventional systems lacked the ability to apply granular security policies directly to the data itself.
- The Patented Solution: The invention proposes a method for organizing and processing data in a distributed computing system by using a set of "categorical filters" (e.g., content-based, contextual, taxonomic) to identify and extract important "select content" from a data stream. This extracted content is then stored in corresponding secure data stores, and specific "data processes"—such as copying, archiving, or destruction—are associated with the activated filter and automatically applied to subsequent data inputs that match the filter's criteria (’301 Patent, Abstract; ’301 Patent, col. 3:17-4:35).
- Technical Importance: This approach represented a shift from file-level security to content-aware security, enabling enterprises to automate the protection and management of specific sensitive information within larger data sets in a distributed environment (Compl. ¶29).
Key Claims at a Glance
- The complaint asserts independent claim 25 (Compl. ¶98).
- The essential elements of claim 25 include:
- Providing a plurality of select content data stores operative with a plurality of designated categorical filters in a distributed computing system.
- Activating at least one filter and processing a data input to obtain "select content" and "associated select content."
- Storing the aggregated select content in a corresponding data store.
- Associating at least one data process (e.g., copy, extract, archive, distribution, destruction) with the activated filter.
- Applying the associated data process to a further data input based on the filter's processing result.
- The filter activation can be automatic (time-based, condition-based, or event-based) or manual.
U.S. Patent No. 9,734,169
- Patent Identification: U.S. Patent No. 9,734,169, titled "Digital Information Infrastructure and Method for Securing Designated Data and With Granular Data Stores," issued August 15, 2017.
The Invention Explained
- Problem Addressed: The patent addresses the challenge of securing sensitive information within large datasets in a distributed, potentially cloud-based, computing environment. The key problem is how to isolate and protect critical data while allowing the rest of the data to remain accessible, thereby enhancing both security and system resilience (’169 Patent, col. 1:19-2:67).
- The Patented Solution: The invention claims a method wherein a system provides distinct storage locations: "select content data stores" for sensitive, security-designated data, and "granular data stores" for the remainder. The system extracts the sensitive data and places it in the secure stores, which have specific access controls. The non-sensitive "remainder data" is separately parsed and stored in the granular stores. Data can only be withdrawn from either store type when the associated access controls are satisfied (’169 Patent, Abstract; ’169 Patent, col. 3:28-4:37).
- Technical Importance: This architecture provides security through segregation, making it more difficult for an attacker to access a complete and coherent data set, and facilitates disaster recovery by keeping critical data in an isolated, protected environment (Compl. ¶¶46, 52).
Key Claims at a Glance
- The complaint asserts independent claim 1 (Compl. ¶129).
- The essential elements of claim 1 include:
- Providing, in a distributed cloud-based system, (i) select content data stores with access controls, (ii) granular data stores, and (iii) a cloud-based server.
- Providing a communications network coupling the stores and server.
- Extracting and storing "security designated data" in the select content data stores.
- Activating a select content data store to permit access based on the application of its access controls.
- Parsing "remainder data" (not extracted) and storing it in the granular data stores.
- Withdrawing data from the stores only when respective access controls are applied.
Multi-Patent Capsule: U.S. Patent No. 10,182,073
- Patent Identification: U.S. Patent No. 10,182,073, titled "Information Infrastructure Management Tools With Variable and Configurable Filters and Segmental Data Stores," issued January 15, 2019.
- Technology Synopsis: The technology concerns a method for creating a data processing infrastructure that uses a plurality of filters to identify and manage sensitive content. A key aspect of the invention is the ability to dynamically alter or modify these initially configured filters—by expanding, contracting, or changing their classification—and then generating modified filters to organize subsequent data throughput (’073 Patent, Abstract).
- Asserted Claims: The complaint asserts independent claim 1 (Compl. ¶165).
- Accused Features: The complaint alleges that the accused systems, which utilize configurable "protection policies" to manage data, infringe by allowing an enterprise to define, run, monitor, and modify these policies to control the extraction and replication of data into the secure vault (Compl. ¶¶181-182, 185).
Multi-Patent Capsule: U.S. Patent No. 10,250,639
- Patent Identification: U.S. Patent No. 10,250,639, titled "Information Infrastructure Management Data Processing Tools for Processing Data Flow With Distribution Controls," issued April 2, 2019.
- Technology Synopsis: This patent describes a method for "sanitizing" data processed in a distributed system. The process involves extracting sensitive content based on various sensitivity levels and associated security clearances, storing this content in secure "extract data stores," and separately extracting "select content" into other stores. The remaining data is then processed with content, contextual, and taxonomic filters to create inferenced, sanitized data streams (’639 Patent, Abstract).
- Asserted Claims: The complaint asserts independent claim 16 (Compl. ¶192).
- Accused Features: The complaint alleges that the accused systems' extraction of critical financial account data into an isolated, secure vault necessarily creates "sanitized" data (the remainder left on the production system), thereby practicing the claimed method (Compl. ¶¶214, 217).
III. The Accused Instrumentality
Product Identification
- The "Accused Instrumentalities" are identified as the data backup and disaster recovery systems and methods that Defendant FirstBank makes, owns, operates, or uses, which are compliant with the "Sheltered Harbor" industry specification or are functionally equivalent (Compl. ¶95). The complaint points to systems like Dell PowerProtect Cyber Recovery as exemplary implementations (Compl. ¶71).
Functionality and Market Context
- The complaint alleges the accused systems perform "data vaulting" to protect critical customer financial data against catastrophic loss from events like cyberattacks (Compl. ¶¶62, 75). The core alleged functionality involves extracting critical account data from a "Production Environment," replicating it across a secure "air-gap" to an isolated "Data Vault Environment," and storing it in an immutable, encrypted format (Compl. ¶¶72, 76, 79). The complaint includes a diagram illustrating this workflow from a Dell solution brief (Compl., p. 32).
- The complaint frames Sheltered Harbor as an industry-wide standard launched in 2015, with near-uniform participation from U.S. financial institutions, designed to promote the stability of the financial markets (Compl. ¶¶62, 65). Adherence is presented as a critical component of a financial institution's regulatory compliance and cybersecurity posture (Compl. ¶94).
IV. Analysis of Infringement Allegations
9,015,301 Patent Infringement Allegations
| Claim Element (from Independent Claim 25) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| providing... a plurality of select content data stores operative with a plurality of designated categorical filters... | The Accused Instrumentalities allegedly comprise a "data vault" with designated stores for select content (critical account data) that is derived from the application of categorical filters. | ¶104 | col. 11:58-62 |
| activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content... | The Accused Instrumentalities allegedly activate "protection policies" (the categorical filters) to process financial data and extract critical account information (the select content). | ¶108 | col. 14:15-18 |
| storing said aggregated select content for said at least one categorical filter in said corresponding select content data store; | The system allegedly stores the extracted critical account data in the secure data vault, which corresponds to the applied protection policy. | ¶112 | col. 13:58-61 |
| ...associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process; | The system allegedly associates specific actions (e.g., nightly backups, data copying to the vault) with the data types identified by the protection policies. | ¶115 | col. 4:5-11 |
| applying the associated data process to a further data input based upon a result of said further data being processed... | Once a protection policy is established, the system allegedly applies the same process (e.g., backup to the vault) to all subsequent data inputs that match the filter. | ¶118 | col. 4:11-14 |
| ...said automatic activation is time-based, distributed computer system condition-based, or event-based. | The filtering and backup processes allegedly occur automatically at designated time intervals (e.g., nightly) or upon the detection of new data (an event). | ¶121 | col. 14:38-43 |
9,734,169 Patent Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| providing in said distributed cloud-based computing system: (i) a plurality of select content data stores... (ii) a plurality of granular data stores; and (iii) a cloud-based server... | The Accused Instrumentalities allegedly comprise a secure "data vault" (select content stores) and production/backup systems (granular data stores), with the option for cloud-based deployment. | ¶136, ¶132 | col. 3:32-37 |
| ...each select content data store having respective access controls thereat. | Access to the data vault is allegedly protected by security measures like credentials and multi-factor authentication. A diagram from Dell shows the vault is "locked" (Compl., p. 32). | ¶136, ¶149 | col. 4:35-37 |
| extracting and storing said security designated data in respective select content data stores; | The system allegedly extracts critical financial account data and stores it within the secure data vault. | ¶143 | col. 4:28-31 |
| activating at least one of said select content data stores...permitting access...based upon an application of one or more of said access controls... | Access to the data vault for restoration is allegedly permitted only after satisfying strict security and access control protocols. | ¶148 | col. 4:32-37 |
| parsing remainder data not extracted from data processed... and storing the parsed data in respective granular data stores. | The complaint alleges that non-extracted data remains on the production and backup systems (i.e., outside the data vault), which constitutes the "remainder data" stored in "granular data stores." | ¶151 | col. 4:28-31 |
| withdrawing some or all of said security designated data and said parsed data... only in the presence of said respective access controls applied thereto. | The complaint alleges that data can be withdrawn from the vault for restoration only after strict access controls are satisfied. | ¶157 | col. 4:32-37 |
Identified Points of Contention:
- Scope Questions:
- For the ’301 Patent, a central issue may be whether the "protection policies" used in Sheltered Harbor-compliant systems, which primarily identify and segregate data based on its type (e.g., critical account data), meet the patent's definition of "categorical filters," which are described as including content-based, contextual, and taxonomic analysis.
- For the ’169 Patent, a dispute may arise over the term "cloud-based." The complaint alleges the accused systems are optionally implemented in the cloud, but infringement of claim 1 may require proving that Defendant's specific implementation is, in fact, "cloud-based."
- Technical Questions:
- What evidence supports the allegation that the accused systems perform an active step of "parsing remainder data" as required by claim 1 of the ’169 Patent? The analysis may turn on whether simply leaving non-extracted data on production servers qualifies as "parsing and storing" it, or if the patent requires a more affirmative manipulation of that remainder data.
- Does the routine, scheduled application of a backup policy constitute "applying the associated data process to a further data input based upon a result of said further data being processed," as recited in claim 25 of the ’301 Patent? This language suggests a feedback mechanism that may or may not be present in a standard data vaulting workflow.
V. Key Claim Terms for Construction
U.S. Patent No. 9,015,301
- The Term: "categorical filters"
- Context and Importance: This term is the core of the invention claimed in the ’301 Patent. The infringement case depends on whether the accused systems' methods for identifying critical data (e.g., "protection policies") fall within the scope of this term. Practitioners may focus on this term because the complaint equates industry-standard data protection policies with the patent's specific filter types.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The specification states that "Enterprise designated categorical filters are used to store select content SC relative to the category in certain SC stores" (’301 Patent, col. 12:1-3). This broad statement could support an interpretation where any filter that categorizes data for storage purposes qualifies.
- Evidence for a Narrower Interpretation: The claim itself states the filters "include content-based filters, contextual filters and taxonomic classification filters" (’301 Patent, col. 128:15-17). A defendant may argue this list is exhaustive or, at a minimum, limits the scope to filters that perform semantic or contextual analysis, rather than simply identifying data by its source or type.
U.S. Patent No. 9,734,169
- The Term: "parsing remainder data"
- Context and Importance: This is a key active step in claim 1 of the ’169 Patent. The infringement theory relies on the act of leaving non-extracted data on production servers as meeting this limitation. Practitioners may see this as a potential point of non-infringement if "parsing" is construed to require more than mere separation.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The abstract describes a process of selecting data, storing it in a secure location, and providing access to the "SC data and granular data." This could suggest that "parsing" is simply the act of separating the whole into its constituent parts (secure and granular) for storage.
- Evidence for a Narrower Interpretation: The specification describes an "extraction and store" module that processes a "source document or via an editor module" to separate data (’169 Patent, col. 11:15-20). This language may support a construction requiring an active process of analyzing the remainder data, rather than passively leaving it in its original location.
VI. Other Allegations
- Indirect Infringement: The complaint does not include separate counts for indirect infringement and focuses its allegations on Defendant's direct infringement by making, using, and controlling the accused systems.
- Willful Infringement: The complaint alleges willful infringement based on both pre-suit and post-suit knowledge (Compl. ¶¶225-227). It alleges post-suit knowledge from the date of service of the complaint. It also alleges pre-suit knowledge, or at least willful blindness, based on Defendant’s alleged awareness of patent infringement lawsuits filed by DigitalDoors against competitor financial institutions since at least November 21, 2023, and an alleged corporate policy of not reviewing patents owned by others (Compl. ¶¶226-227).
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of definitional scope: can the term "categorical filters," which the ’301 Patent describes in the context of semantic and taxonomic analysis, be construed to cover the "protection policies" of modern data resiliency platforms that primarily segregate data based on its predefined business criticality?
- A key evidentiary question will concern technical operation: does the accused system's act of isolating critical data in a vault while leaving the remaining data on production servers constitute the affirmative steps of "parsing remainder data" and "storing the parsed data," as required by the ’169 Patent, or is there a fundamental mismatch in the claimed process versus the actual operation?
- The viability of the willfulness claim may depend on an early evidentiary showing of knowledge: can the plaintiff establish that the defendant was aware of lawsuits against its competitors and, more importantly, that this awareness put the defendant on notice of its own potential infringement of the specific patents-in-suit?