DCT

1:24-cv-05580

DigitalDoors Inc v. RBC Bank Georgia

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 1:24-cv-05580, N.D. Ga., 12/05/2024
  • Venue Allegations: Plaintiff alleges venue is proper in the Northern District of Georgia because Defendant maintains a principal place of business, physical locations, and an established business presence in the district, where it specifically targets customers.
  • Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, particularly those compliant with the financial industry's "Sheltered Harbor" standard, infringe four patents related to methods for securely filtering, extracting, and storing sensitive data in distributed computing systems.
  • Technical Context: The technology addresses secure data management for disaster recovery, a critical function for financial institutions that must protect sensitive customer account information from catastrophic events like cyberattacks.
  • Key Procedural History: The complaint asserts that the patented technology predates the financial industry's development of the "Sheltered Harbor" standard, which began in 2015. It also alleges Defendant was or should have been on notice of the patents due to other lawsuits filed by Plaintiff against competitor financial institutions.

Case Timeline

Date Event
2007-01-05 Earliest Priority Date for all Patents-in-Suit
2015-04-21 U.S. Patent No. 9,015,301 Issued
2015-01-01 Sheltered Harbor industry initiative launched (approx.)
2017-08-15 U.S. Patent No. 9,734,169 Issued
2019-01-15 U.S. Patent No. 10,182,073 Issued
2019-04-02 U.S. Patent No. 10,250,639 Issued
2024-12-05 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301: “Information Infrastructure Management Tools With Extractor, Secure Storage, Content Analysis And Classification And Method Therefor” (Issued Apr. 21, 2015)

The Invention Explained

  • Problem Addressed: The patent describes a state of the art where enterprises could not effectively manage unstructured data, classify sensitive information efficiently using semantic or taxonomic analysis, or secure "open ecosystems" with numerous access points (Compl. ¶27; ’301 Patent, col. 1:31-2:27). Conventional data management was file-based, making granular control over specific sensitive content difficult (Compl. ¶27).
  • The Patented Solution: The invention proposes a system for organizing and processing data based on its content rather than the file containing it (Compl. ¶27). The method uses "categorical filters" to identify and extract "select content" (e.g., sensitive data) and "associated select content" (e.g., contextually or taxonomically related data) from a data stream. This extracted data is then stored in corresponding data stores, and specific data processes (like copying, archiving, or destruction) are associated with the activated filters to manage the data throughout its lifecycle (’301 Patent, Abstract; col. 3:17-4:17).
  • Technical Importance: This approach provided a method for granular data management, allowing for enhanced security and disaster recovery by isolating and protecting specific pieces of sensitive information within larger datasets (Compl. ¶27).

Key Claims at a Glance

  • The complaint asserts independent claim 25 (Compl. ¶98).
  • Essential elements of claim 25 include:
    • A method of organizing and processing data in a distributed computing system for an enterprise.
    • Providing a plurality of select content data stores operative with designated categorical filters.
    • Activating at least one categorical filter and processing a data input through it to obtain select content and associated select content (which is contextually or taxonomically associated).
    • Storing the aggregated select content in a corresponding data store.
    • Associating at least one data process (from a group including copy, extract, archive, distribution, and destruction) with the activated filter.
    • Applying the associated data process to a further data input.
    • Activating the filter automatically (based on time, system condition, or event) or manually.
  • The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 9,734,169: “Digital Information Infrastructure and Method for Securing Designated Data and With Granular Data Stores” (Issued Aug. 15, 2017)

The Invention Explained

  • Problem Addressed: The patent addresses the need to secure sensitive data in distributed, and particularly cloud-based, computing environments where data is vulnerable (Compl. ¶¶130, 131). The challenge is to protect specific, security-designated data while maintaining access and managing the remaining, non-sensitive data.
  • The Patented Solution: The invention describes a method for a distributed, cloud-based system to process data by providing distinct types of data stores: "select content data stores" for security-designated data and "granular data stores" for other data (’169 Patent, Abstract). The process involves extracting the sensitive data and storing it in the secure "select" stores, parsing the "remainder data," and storing it in the separate "granular" stores. Access to the secure data is permitted only through the application of defined access controls (’169 Patent, Abstract).
  • Technical Importance: This method provides an architecture for data segregation in a cloud environment, enhancing security by isolating critical data in protected stores with strict access controls while allowing the bulk of non-sensitive data to be managed separately (’169 Patent, Abstract).

Key Claims at a Glance

  • The complaint asserts independent claim 1 (Compl. ¶129).
  • Essential elements of claim 1 include:
    • A method of organizing and processing data in a distributed cloud-based computing system.
    • Providing select content data stores for security designated data, granular data stores, and a cloud-based server, with access controls at each select content data store.
    • Providing a communications network coupling the stores and server.
    • Extracting and storing security designated data in the select content data stores.
    • Activating a select content data store to permit access based on applying access controls.
    • Parsing remainder data not extracted and storing it in the granular data stores.
    • Parsing and storing the remainder data according to a predetermined algorithm.
    • Withdrawing data from the stores only when access controls are applied.
  • The complaint does not explicitly reserve the right to assert dependent claims.

Multi-Patent Capsule: U.S. Patent No. 10,182,073

  • Patent Identification: U.S. Patent No. 10,182,073, “Information Infrastructure Management Tools With Variable and Configurable Filters and Segmental Data Stores,” issued January 15, 2019.
  • Technology Synopsis: This patent discloses a method for creating a data processing infrastructure using a plurality of filters. The system identifies sensitive and select content with initially configured filters, and then alters those filters—by expanding, contracting, or reclassifying them—to generate modified filters that organize further data throughput, thereby enabling a dynamic and adaptive data management system (’073 Patent, Abstract).
  • Asserted Claims: Independent claim 1 is asserted (Compl. ¶165).
  • Accused Features: The complaint alleges infringement by systems that use configurable and modifiable "protection policies" and rules to define, run, and monitor data vaulting and replication operations, which allegedly corresponds to the claimed altering and generating of filters (Compl. ¶¶181, 182, 184).

Multi-Patent Capsule: U.S. Patent No. 10,250,639

  • Patent Identification: U.S. Patent No. 10,250,639, “Information Infrastructure Management Data Processing Tools for Regulating Data Flow With Distribution Controls,” issued April 2, 2019.
  • Technology Synopsis: This patent describes a method for "sanitizing" data in a distributed system. The process involves using filters to extract sensitive content based on different sensitivity levels, storing the extracted data and the remainder data separately, and then "inferencing" the sanitized data using content, contextual, and taxonomic filters to obtain analyzed data (’639 Patent, Abstract).
  • Asserted Claims: Independent claim 16 is asserted (Compl. ¶192).
  • Accused Features: The accused systems are alleged to infringe by extracting critical financial data ("sensitive content") into a secure vault, which creates a "sanitized" version of the production data, and then performing analysis ("inferencing") on the vaulted data (Compl. ¶¶214, 217, 220).

III. The Accused Instrumentality

  • Product Identification: The "Accused Instrumentalities" are Defendant RBC's systems and methods for processing, backing up, and recovering data in a distributed system (Compl. ¶95). The complaint alleges these systems are compliant with the financial services industry's "Sheltered Harbor" specification or are functionally equivalent thereto (Compl. ¶95).
  • Functionality and Market Context: The accused systems are designed to provide resilience against catastrophic data loss, such as a major cyberattack (Compl. ¶62). Their core function is to extract "critical account data," convert it into an industry-standard format, and store it in a secure, immutable, and isolated "data vault" (Compl. ¶¶69, 72, 76). This vault is "air-gapped," meaning it is logically or physically separated from production and backup networks to prevent corruption (Compl. ¶76). In the event of a system failure, the vaulted data can be used to restore basic customer account functions (Compl. ¶70). The complaint frequently uses the Dell PowerProtect Cyber Recovery solution as a specific, exemplary embodiment of the accused technology (Compl. ¶71). The complaint includes a diagram illustrating the architecture of the Dell Sheltered Harbor solution, showing a "Production Environment" from which data is extracted and replicated to an air-gapped "Data Vault Environment" for secure processing and storage (Compl. ¶72). These systems are described as critical infrastructure for maintaining stability and public confidence in the U.S. financial system (Compl. ¶¶62, 65).

IV. Analysis of Infringement Allegations

9,015,301 Patent Infringement Allegations

Claim Element (from Independent Claim 25) Alleged Infringing Functionality Complaint Citation Patent Citation
a method of organizing and processing data in a distributed computing system having select content important to an enterprise... The accused systems manage and protect critical customer financial account data for RBC, the enterprise. ¶99 col. 12:28-35
providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters... The accused systems provide a "data vault" with multiple data stores (e.g., for backup, copy, analysis) that operate with "protection policies" that act as categorical filters to identify critical business data. ¶¶104, 105, 106 col. 13:30-41
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content... which associated select content is at least one of contextually associated select content and taxonomically associated select content, as aggregated select content... The accused systems activate "protection policies" (filters) to extract critical financial account information. This information is contextually associated, such as by grouping virtual machine assets using tags and metadata. ¶¶108, 109, 110 col. 13:42-53
storing said aggregated select content for said at least one categorical filter in said corresponding select content data store... The accused systems store the extracted critical account data (aggregated select content) in the secure data vault (the corresponding data store). ¶¶112, 113 col. 13:54-57
associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process... The accused systems associate protection policies with data processes, such as copying data to the vault, archiving it with retention locks, and extracting it for restoration. ¶¶115, 116 col. 13:58-64
applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter... Once a protection policy is established, all subsequent data inputs are processed in the same way, such as being copied nightly to the data vault storage unit. ¶¶118, 119 col. 14:1-11
activating a designated categorical filter, which encompasses an automatic activation or a manual activation and said automatic activation is time-based, distributed computer system condition-based, or event-based. The accused systems perform data backups automatically on a nightly schedule (time-based) or when new assets are detected (event-based), and can also be run manually. ¶¶121, 122, 123 col. 14:12-21
  • Identified Points of Contention:
    • Scope Questions: A central question may be whether the "protection policies" and "tag grouping" described in the context of the Sheltered Harbor standard (Compl. ¶¶87, 88) fall within the scope of the patent's term "designated categorical filters". The defense may argue that the industry-standard rules are different in kind from the specific content, contextual, and taxonomic filters described in the patent.
    • Technical Questions: The complaint alleges that once a policy is established, "all further data inputs processed under the filter are processed in the same way" (Compl. ¶119). A factual question may arise as to whether the accused systems truly apply the same process to all subsequent data or if there are variations that take it outside the claim language of "applying the associated data process to a further data input."

9,734,169 Patent Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
a method of organizing and processing data in a distributed cloud-based computing system... The accused systems process data in a distributed network that the complaint alleges is cloud-based, implemented on platforms like AWS, Azure, or Dell Cloud. ¶¶130, 132 col. 132:14-17
providing in said distributed cloud-based computing system: (i) a plurality of select content data stores for respective ones of a plurality of security designated data; and (ii) a plurality of granular data stores; and (iii) a cloud-based server... The accused systems provide a "data vault" with multiple secure stores for critical data and separate "production and backup systems" that serve as granular data stores, all managed by servers. ¶¶136, 137, 139 col. 132:18-24
providing a communications network operatively coupling said plurality of select content data stores and cloud-based server. The accused systems use a communications network, including a "logical, air-gapped, dedicated connection," to couple the production environment with the data vault environment. ¶¶141, 142 col. 43:1-13
extracting and storing said security designated data in respective select content data stores. The accused systems extract critical financial account data and store it in the secure, air-gapped data vault. The complaint includes a diagram illustrating the Dell architecture, which shows a "Production Environment" and a separate "CR Vault" connected by a replication link over an "Air Gap" (Compl. ¶80). ¶¶143, 144, 146 col. 45:41-49
activating at least one of said select content data stores...thereby permitting access to said select content data stores and respective security designated data based upon an application of one or more of said access controls... The data vault is safeguarded by strict access controls, including multi-factor authentication and a "least-access-privilege concept," which must be satisfied to access the stored data. ¶¶148, 149 col. 41:50-42:14
parsing remainder data not extracted...and storing the parsed data in respective granular data stores. Data not extracted for the vault (remainder data) is stored in the production and backup systems (granular data stores). A diagram shows "Production Workloads" and "Backup Workloads" as the source of vaulted data, implying they store the remainder (Compl. ¶78). ¶¶151, 152 col. 45:34-40
withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto. Data can only be withdrawn from the data vault to a "restoration platform" after satisfying strict security measures and access controls, such as multi-factor authentication. ¶¶157, 158 col. 41:50-42:14
  • Identified Points of Contention:
    • Scope Questions: The interpretation of "distributed cloud-based computing system" will be critical. The defense may argue that an on-premise or hybrid "data vault" is not "cloud-based" in the manner required by the claim.
    • Technical Questions: There may be a dispute over whether the production and backup systems, which hold the original and ongoing data, function as "granular data stores" for "remainder data" as claimed. The defense could argue these are simply the source systems, not separate stores for what is "left over" after extraction, suggesting a mismatch in the claimed process flow.

V. Key Claim Terms for Construction

U.S. Patent No. 9,015,301

  • The Term: "designated categorical filters"
  • Context and Importance: This term is fundamental to the claimed invention. The infringement allegation hinges on equating the "protection policies" and rules used in the Sheltered Harbor standard with these "filters." Practitioners may focus on this term because its scope will determine whether a system based on industry-standard data management rules infringes a patent describing a specific filtering architecture.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The specification describes the filters' purpose broadly as identifying select content based on enterprise policies, which could include "customer privacy policy, supplier privacy policy, enterprise human resource privacy policy, financial data handling policy," etc. (’301 Patent, col. 4:8-13). This suggests the term is not limited to a single technical implementation but to its function.
    • Evidence for a Narrower Interpretation: The specification provides specific examples, such as "content-based filters, contextual filters and taxonomic classification filters" (’301 Patent, col. 13:36-38). The defense may argue that to be a "categorical filter," it must be one of these enumerated types, potentially narrowing the claim scope away from the accused general policy rules.

U.S. Patent No. 9,734,169

  • The Term: "distributed cloud-based computing system"
  • Context and Importance: The applicability of claim 1 to the accused systems depends on this definition. The complaint alleges the accused systems are optionally implemented on major cloud platforms (Compl. ¶132). However, the core Sheltered Harbor architecture is often deployed in a hybrid or on-premise "private cloud" model. The definition will be key to determining if such architectures are covered.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The patent does not provide a specific definition, suggesting the term should be given its plain and ordinary meaning. The term "cloud-based server" is used in the claim, which could be argued to cover any server providing services over a network in a manner consistent with cloud principles (e.g., resource pooling, on-demand service).
    • Evidence for a Narrower Interpretation: The patent was filed when "cloud-based" often implied public cloud providers like AWS. The defense could argue that a private, air-gapped vault within a company's own data center is antithetical to the common understanding of "cloud-based" and therefore does not infringe.

VI. Other Allegations

  • Willful Infringement: The complaint alleges that Defendant's infringement is and has been willful (Compl. ¶¶125, 161, 188, 223). This allegation is based on two primary grounds: (1) post-suit knowledge upon service of the complaint, and (2) alleged pre-suit knowledge based on Defendant's awareness of patent infringement lawsuits filed by DigitalDoors against competitor financial institutions since at least November 2023 (Compl. ¶226). The complaint further alleges willful blindness, stating that Defendant has a policy or practice of not reviewing patents of others (Compl. ¶227).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A central issue will be one of technical mapping: Can the operational components of the industry-standard "Sheltered Harbor" framework—specifically its use of "protection policies" to identify critical data and its architecture of a "production environment" coupled with a separate "data vault"—be shown to practice the specific, multi-step methods of filtering, extracting, and storing data recited in the asserted claims?
  • A key legal question will be one of definitional scope: How will the court construe key claim terms such as "designated categorical filters" and "distributed cloud-based computing system"? The outcome of these constructions may determine whether the accused systems, which embody a widely adopted industry standard, fall within the boundaries of the patent claims.
  • An underlying theme will be the tension between a patented invention and a subsequent industry standard: The complaint frames the patents as a pioneering solution that predates the financial industry's collective effort to solve the same problem. The case will likely require the court to dissect the specific technical contributions of the patents and determine if the industry-developed Sheltered Harbor standard, in practice, infringes upon those patented methods.