DCT

1:24-cv-05582

DigitalDoors Inc v. Renasant Bank Inc

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 1:24-cv-05582, N.D. Ga., 12/05/2024
  • Venue Allegations: Venue is alleged based on Defendant maintaining physical branch locations, employing individuals, and conducting substantial business within the Northern District of Georgia.
  • Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, which are compliant with the financial industry's "Sheltered Harbor" specification, infringe four patents related to methods of securely filtering, segmenting, and storing sensitive data in distributed computing systems.
  • Technical Context: The technology concerns secure data management architectures designed to protect critical information from cyberattacks or systemic failures by extracting sensitive content and storing it in isolated, secure locations for disaster recovery.
  • Key Procedural History: The complaint does not reference prior litigation between the parties or any administrative patent challenges. It notes that the asserted patents are "pioneering" and have been cited as prior art in hundreds of subsequent patent applications by various technology and financial companies.

Case Timeline

Date Event
2007-01-05 Earliest Priority Date for all Asserted Patents
2015-04-21 U.S. Patent No. 9,015,301 Issues
2015-01-01 Sheltered Harbor initiative launched by financial services industry
2017-08-15 U.S. Patent No. 9,734,169 Issues
2019-01-15 U.S. Patent No. 10,182,073 Issues
2019-04-02 U.S. Patent No. 10,250,639 Issues
2024-12-05 Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301

  • Patent Identification: U.S. Patent No. 9015301, “Information Infrastructure Management Tools with Extractor, Secure Storage, Analysis and Classification and Method Therefor,” issued April 21, 2015.
  • The Invention Explained:
    • Problem Addressed: The patent's background describes several deficiencies in data management as of the priority date, including the difficulty of managing unstructured information, the inefficiency of classifying sensitive data, the vulnerability of open corporate IT ecosystems, and the inability to address the changing sensitivity of data over its lifecycle (Compl. ¶27; ’301 Patent, col. 1:31-2:61).
    • The Patented Solution: The invention proposes a method and system for organizing data in a distributed computing system by using a set of "categorical filters" (which can be content-based, contextual, or taxonomic) to process a data input, extract "select content," and store that content in corresponding secure data stores. This approach shifts data management from a file-based paradigm to a more granular, content-aware paradigm, allowing for specific data processes like copying or archiving to be applied to the extracted content (’301 Patent, Abstract; col. 3:17-4:35).
    • Technical Importance: The claimed approach purports to offer a more nuanced and secure method for data protection by focusing on the content itself rather than the entire file, enabling more flexible and robust security policies in distributed environments (Compl. ¶27).
  • Key Claims at a Glance:
    • The complaint asserts at least independent claim 25 (Compl. ¶98).
    • Claim 25 is a method claim with the following essential elements:
      • In a distributed computing system, providing a plurality of "select content data stores" operative with a plurality of "designated categorical filters," coupled over a communications network.
      • Activating at least one categorical filter and processing a data input to obtain "select content" that is contextually or taxonomically associated.
      • Storing the aggregated select content in the corresponding data store.
      • Associating the activated filter with at least one data process (e.g., copy, extract, archive, distribution, destruction).
      • Applying the associated data process to a further data input.
      • The filter activation can be automatic (time-based, condition-based, or event-based) or manual.

U.S. Patent No. 9,734,169

  • Patent Identification: U.S. Patent No. 9734169, “Digital Information Infrastructure and Method for Securing Designated Data and With Granular Data Stores,” issued August 15, 2017.
  • The Invention Explained:
    • Problem Addressed: The patent addresses the security risks inherent in open information systems where various parties (employees, partners, customers) can access data, creating numerous vulnerabilities that require robust information rights management (’169 Patent, col. 1:60-2:27).
    • The Patented Solution: The invention describes a method for organizing data in a "distributed cloud-based computing system." The system provides distinct data stores: "select content data stores" for security-designated data and separate "granular data stores." The method involves extracting the sensitive data, storing it in the secure "select content data stores," and then parsing and storing the "remainder data" in the "granular data stores." Access to the secure data is controlled and requires withdrawing it based on access controls (’169 Patent, Abstract; col. 3:28-4:2).
    • Technical Importance: This architecture aims to enhance security by physically or logically separating highly sensitive data from the less sensitive bulk of information, placing the sensitive data under stricter access controls in a cloud environment (Compl. ¶¶130, 132).
  • Key Claims at a Glance:
    • The complaint asserts at least independent claim 1 (Compl. ¶129).
    • Claim 1 is a method claim with the following essential elements:
      • Providing in a distributed cloud-based system: (i) plural "select content data stores" for security designated data, (ii) plural "granular data stores," and (iii) a cloud-based server, all coupled by a network.
      • Extracting and storing the security-designated data in the select content data stores.
      • Activating a select content data store to permit access based on access controls.
      • Parsing "remainder data" not extracted from the processed data.
      • Storing the parsed remainder data in the granular data stores.
      • The parsing and storing of remainder data can be random or based on a predetermined algorithm.
      • Withdrawing the security-designated data and parsed data from their respective stores only when access controls are applied.

Multi-Patent Capsule: U.S. Patent No. 10,182,073

  • Patent Identification: U.S. Patent No. 10182073, “Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores,” issued January 15, 2019.
  • Technology Synopsis: This patent focuses on an information infrastructure that uses a plurality of filters to process data. A key aspect is the ability to dynamically alter or modify these initially configured filters—by expanding, contracting, or reclassifying their scope—and then generating new, modified filters to organize further data throughput (’073 Patent, Abstract).
  • Asserted Claims: At least independent claim 1 is asserted (Compl. ¶165).
  • Accused Features: The complaint alleges infringement through the use of systems that allow an enterprise to define, run, and modify data protection policies. Specifically, the ability to create and modify existing policies in the Dell PowerProtect system is accused of meeting the "altering" and "generating modified configured filters" limitations (Compl. ¶¶181-182, 184-185).

Multi-Patent Capsule: U.S. Patent No. 10,250,639

  • Patent Identification: U.S. Patent No. 10250639, “Information Infrastructure Management Data Processing Tools for Data Flow With Distribution Controls,” issued April 2, 2019.
  • Technology Synopsis: This patent describes a method for "sanitizing" data by processing a data input through an infrastructure of configurable filters. The method involves extracting sensitive content based on its sensitivity level and associated security clearance, storing it in secure "extract data stores," and separately storing the "remainder data," thereby creating a sanitized version of the original data. The system may also use content, contextual, and taxonomic filters to "inference" the data (’639 Patent, Abstract).
  • Asserted Claims: At least independent claim 16 is asserted (Compl. ¶192).
  • Accused Features: The accused features are data vaulting systems that extract critical customer account data (sensitive content) and store it in a secure, isolated vault, leaving non-critical data in the production environment. This extraction process is alleged to create "sanitized" data, and the use of protection policies to identify the critical data is alleged to be a form of inferencing (Compl. ¶¶214, 217).

III. The Accused Instrumentality

  • Product Identification: The "Accused Instrumentalities" are identified not as a specific branded product, but as Defendant Renasant Bank’s "systems and methods for processing data in a distributed system which are collectively compliant with the Sheltered Harbor specification" or systems with "substantially equivalent functionality" (Compl. ¶95). The complaint uses the Dell PowerProtect Cyber Recovery system as an exemplary and endorsed Sheltered Harbor-compliant solution (Compl. ¶¶71, 74, 78).
  • Functionality and Market Context: The complaint alleges these systems perform critical data backup and disaster recovery for customer financial account data (Compl. ¶¶83, 95). The core alleged functionality involves extracting critical account data from a production environment, converting it to a standard format, and storing it in a highly secure, immutable, and isolated "data vault" that is "air-gapped" from the main corporate network (Compl. ¶¶69, 76). This vault protects data from cyberattacks and allows for restoration of services after a catastrophic event (Compl. ¶70). This functionality is described as an industry standard for the financial services sector, designed to protect market stability and public confidence (Compl. ¶¶62, 94). A diagram from the complaint illustrates this separation between a "Production Environment" and a secure "Data Vault Environment" (Compl. ¶72, p. 31).

IV. Analysis of Infringement Allegations

'301 Patent Infringement Allegations

Claim Element (from Independent Claim 25) Alleged Infringing Functionality Complaint Citation Patent Citation
a method of organizing and processing data...in a distributed computing system having select content important to an enterprise... The accused systems manage and protect critical customer financial account data for the Defendant enterprise in a distributed network of servers and hardware. ¶¶99, 101 col. 13:28-35
providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters which stores are operatively coupled over a communications network The accused systems provide a "data vault" with designated storage units ("select content data stores") that operate with enterprise-defined "protection policies" ("categorical filters"). ¶¶104-107 col. 13:36-42
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content, which associated select content is at least one of contextually associated select content and...taxonomically associated... Protection policies (filters) are activated to extract critical financial account information. This data is associated using metadata and tags, which is alleged to be a form of contextual or taxonomic association. ¶¶108-110 col. 13:43-50
storing said aggregated select content for said at least one categorical filter in said corresponding select content data store The extracted critical account data is aggregated and stored in the designated storage units within the secure data vault. ¶¶112-114 col. 13:51-53
associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process The data vaulting systems associate specific actions with the data, such as copying, archiving, or extracting data based on the established protection policies. ¶¶115-117 col. 13:54-59
applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter... Once a protection policy is established, all subsequent data inputs matching the filter are processed in the same way (e.g., nightly backups). ¶¶118-120 col. 13:60-64
activating a designated categorical filter, which encompasses an automatic activation...and said automatic activation is time-based, distributed computer system condition-based, or event-based The system performs data backups automatically at designated time intervals (e.g., nightly), upon detection of new or modified data (event-based), or based on other system conditions. A diagram illustrates the workflow of extracting and vaulting data (Compl. ¶100, p. 49). ¶¶121-123 col. 14:1-5
  • Identified Points of Contention:
    • Scope Questions: A central question may be whether the "protection policies" used in modern disaster recovery systems, which often filter based on data type or location (e.g., "VM Folder Name"), meet the patent's definition of "categorical filters," which also includes "taxonomic" and "contextual" types. The complaint alleges this connection by referencing the use of metadata and tags (Compl. ¶88).
    • Technical Questions: The court may need to determine if the simple act of backing up data according to a pre-set policy constitutes "applying the associated data process to a further data input based upon a result" of prior processing, as the claim requires. The defense may argue this is merely a routine, scheduled operation, not one based on a "result" of prior filtering in the manner contemplated by the patent.

'169 Patent Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
a method of organizing and processing data...in a distributed cloud-based computing system... The accused systems are alleged to be implemented in cloud-based or hybrid-cloud environments and manage sensitive data in a distributed architecture. ¶¶130, 132 col. 132:13-17
providing... (i) a plurality of select content data stores for respective ones of a plurality of security designated data; and (ii) a plurality of granular data stores; and (iii) a cloud-based server, each select content data store having respective access controls... The complaint maps the secure, air-gapped "data vault" to the "select content data stores" and the production/backup systems to the "granular data stores." The system is managed by servers and employs access controls like multi-factor authentication. ¶¶136-140 col. 132:18-27
extracting and storing said security designated data in respective select content data stores Critical customer account data is extracted from the production environment and stored in the secure data vault. ¶¶143-147 col. 132:32-34
activating at least one of said select content data stores...thereby permitting access to said select content data stores...based upon an application of one or more of said access controls thereat Access to the data vault is strictly controlled by security measures, such as multi-factor authentication, and is only permitted for authorized processes like data restoration. ¶¶148-150 col. 132:35-39
parsing remainder data not extracted from data processed by said cloud-based system and storing the parsed data in respective granular data stores Data not extracted for the vault (remainder data) is kept in the production and backup systems ("granular data stores"). The complaint alleges this data is "parsed" and stored. A diagram highlights these production-side "Backup Workloads" (Compl. ¶152, p. 77). ¶¶151-153 col. 132:40-42
withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto Data is withdrawn from both the production environment and the secure vault for restoration only after passing strict access controls. ¶¶157-159 col. 132:51-55
  • Identified Points of Contention:
    • Scope Questions: A significant issue will likely be whether the Defendant's production/backup systems constitute "granular data stores" for "remainder data" in the specific sense claimed by the patent, versus simply being the original location of the data.
    • Technical Questions: The meaning of "parsing remainder data" may be disputed. The defense could argue that simply leaving non-extracted data in its original location does not constitute an active step of "parsing" and "storing" that "remainder data" as required by the claim language.

V. Key Claim Terms for Construction

For the '301 Patent:

  • The Term: "designated categorical filters"
  • Context and Importance: This term is the core of the invention's mechanism for identifying sensitive data. The infringement case depends on whether the "protection policies" of the accused Sheltered Harbor systems (which identify data for backup) fall within the scope of this term. Practitioners may focus on this term because the patent describes specific filter types (content-based, contextual, taxonomic) that may be narrower than the accused functionality.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The specification states that the system uses "enterprise designated categorical filters" which can be used to store content relative to a wide range of enterprise policies, including "customer privacy policy, supplier privacy policy, enterprise human resource privacy policy," etc., suggesting a broad applicability (’301 Patent, col. 11:54-67).
    • Evidence for a Narrower Interpretation: The specification repeatedly breaks down "categorical filters" into more specific types, such as "content-based filters, contextual filters and taxonomic classification filters" (’301 Patent, col. 13:38-40). The detailed description of how these filters are built using semantic and taxonomic analysis could support a narrower construction limited to these sophisticated filter types, rather than simple rules like "backup all data in X folder."

For the '169 Patent:

  • The Term: "parsing remainder data... and storing the parsed data"
  • Context and Importance: This step defines what happens to the data that is not extracted and secured. The infringement allegation hinges on showing that the accused systems perform an affirmative action of "parsing" and "storing" this leftover data, rather than simply not touching it.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The patent does not appear to provide an explicit definition of "parsing" in this context that would require complex analysis. A party could argue it simply means handling or processing the remaining data for storage in the "granular" systems.
    • Evidence for a Narrower Interpretation: The common technical meaning of "parsing" involves analyzing a string of symbols or data into its constituent parts to understand its syntactic structure. The complaint's theory appears to be that leaving data on a production server satisfies this element (Compl. ¶151). A defendant may argue that this interpretation reads the active steps of "parsing" and "storing" out of the claim, as no new parsing or storing action is taken on the data that remains.

VI. Other Allegations

  • Willful Infringement: The complaint alleges that Defendant has been on notice of the patents since at least the date of service of the complaint, and potentially earlier due to awareness of lawsuits against competitor banks (Compl. ¶226). It further alleges that Defendant maintains a policy or practice of not reviewing patents of others, constituting willful blindness to Plaintiff's rights (Compl. ¶227).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A core issue will be one of definitional scope: can the specific claim terms from the 2007-priority patents, such as "categorical filters" and a distinct process for "parsing remainder data," be construed broadly enough to read on the functions of a modern, industry-standard disaster recovery framework like Sheltered Harbor, which was developed years after the patents' priority date?
  • A second key issue will be one of technical mapping: does the accused two-part architecture (a production environment and a separate, air-gapped "data vault") align with the specific multi-part data store structures required by the claims (e.g., "select content data stores" vs. "granular data stores"), or is there a fundamental mismatch in the claimed and accused architectures?
  • A third question will be evidentiary: what factual evidence can Plaintiff provide to show that the accused systems perform the active, sequential steps recited in the method claims (e.g., "activating," "processing," "storing," "associating," "applying"), as opposed to simply performing a conventional, monolithic data backup operation?