DCT

1:24-cv-05583

DigitalDoors Inc v. Servisfirst Bancshares Inc

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 1:24-cv-05583, N.D. Ga., 12/05/2024
  • Venue Allegations: Plaintiff alleges venue is proper because Defendant maintains a regular and established business presence in the Northern District of Georgia, including physical locations and employees, and specifically targets customers within the district.
  • Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, particularly those compliant with the financial industry's "Sheltered Harbor" standard, infringe four patents related to methods for securely filtering, extracting, and storing sensitive data in distributed computing systems.
  • Technical Context: The technology concerns secure data management for disaster recovery, a critical function for financial institutions that must ensure the continuity of operations and protection of customer data against catastrophic cyberattacks.
  • Key Procedural History: The complaint states that the inventions were developed in response to vulnerabilities in military communications and data security. It also notes that the asserted patents have been cited as relevant prior art in hundreds of subsequent patent applications by major technology and financial services companies. No prior litigation or post-grant proceedings are mentioned in the complaint.

Case Timeline

Date Event
2007-01-05 Earliest Priority Date for all Asserted Patents
2015-04-21 U.S. Patent No. 9,015,301 Issued
2015-01-01 Sheltered Harbor initiative launched
2017-08-15 U.S. Patent No. 9,734,169 Issued
2019-01-15 U.S. Patent No. 10,182,073 Issued
2019-04-02 U.S. Patent No. 10,250,639 Issued
2024-12-05 Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301 - "Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor"

  • Patent Identification: U.S. Patent No. 9,015,301, titled "Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor," issued April 21, 2015 (the "’301 Patent").

The Invention Explained

  • Problem Addressed: The patent's background describes deficiencies in managing and securing data in open enterprise ecosystems, where it was difficult to handle unstructured information, classify sensitive data efficiently, and manage the changing sensitivity of data over its lifecycle (’301 Patent, col. 1:31-38, 1:60-2:61).
  • The Patented Solution: The invention provides a method to organize and process data by using a system of "designated categorical filters" to automatically identify and extract specific "select content" from a data stream. This extracted content is stored in corresponding data stores and associated with specific data processes (e.g., copy, archive, destroy), allowing for granular, policy-based control over sensitive information within a distributed system (’301 Patent, Abstract; col. 3:21-4:14).
  • Technical Importance: The claimed invention represented a shift from managing entire files to managing the specific content within them, enabling more sophisticated security and data retention policies (Compl. ¶ 12).

Key Claims at a Glance

  • The complaint asserts at least independent Claim 25 (Compl. ¶ 98).
  • The essential elements of Claim 25 include:
    • Providing a plurality of select content data stores operative with a plurality of designated categorical filters.
    • Activating at least one filter to process a data input and obtain select content that is contextually or taxonomically associated.
    • Storing the aggregated select content in a corresponding data store.
    • Associating the activated filter with a data process from a group including copy, extract, archive, distribution, and destruction processes.
    • Applying that associated data process to a further data input.
    • Wherein the filter activation is automatic (e.g., time-based or event-based) or manual.
  • The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 9,734,169 - "Digital Information Infrastructure and Method for Securing Designated Data and with Granular Data Stores"

  • Patent Identification: U.S. Patent No. 9,734,169, titled "Digital Information Infrastructure and Method for Securing Designated Data and with Granular Data Stores," issued August 15, 2017 (the "’169 Patent").

The Invention Explained

  • Problem Addressed: The patent addresses the need for secure management of sensitive data in distributed, potentially cloud-based, computing environments where data must be protected from unauthorized access but remain available for authorized reconstruction (’169 Patent, col. 2:1-27).
  • The Patented Solution: The invention claims a method for a "distributed cloud-based computing system" that separates data into two categories. "Security designated data" is extracted and stored in secure "select content data stores" protected by access controls. The "remainder data" is parsed and stored separately in "granular data stores." This separation ensures that sensitive information is isolated, and full reconstruction of the original data requires successfully accessing both types of segregated stores via the proper controls (’169 Patent, Abstract).
  • Technical Importance: This architecture provides enhanced security through data segregation, making it more difficult for an attacker to compromise the entire dataset and enabling secure data recovery protocols (Compl. ¶ 52).

Key Claims at a Glance

  • The complaint asserts at least independent Claim 1 (Compl. ¶ 129).
  • The essential elements of Claim 1 include:
    • Providing, in a distributed cloud-based computing system, a plurality of select content data stores, a plurality of granular data stores, and a cloud-based server coupled by a communications network.
    • Extracting and storing security-designated data in the select content data stores.
    • Activating a select content data store to permit access based on one or more access controls.
    • Parsing remainder data (not extracted) and storing it in the granular data stores.
    • Withdrawing the security-designated data and parsed remainder data from their respective stores only when the access controls are applied.
  • The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 10,182,073 - "Information Infrastructure Management Tools with Configurable Filters and Segmental Data Stores"

  • Patent Identification: U.S. Patent No. 10,182,073, "Information Infrastructure Management Tools with Configurable Filters and Segmental Data Stores," issued January 15, 2019 (the "’073 Patent").
  • Technology Synopsis: This patent discloses an information infrastructure for processing data using a plurality of filters. The method involves identifying sensitive and select content with initially configured filters and then "altering" those filters—by expanding, contracting, or re-classifying their scope—to dynamically reorganize how data is processed and stored (’073 Patent, Abstract; Compl. ¶¶ 171, 181).
  • Asserted Claims: At least Claim 1 (Compl. ¶ 165).
  • Accused Features: The accused systems allegedly utilize configurable "protection policies" (filters) that can be created and modified by the enterprise to define and alter what critical data is extracted for secure vaulting (Compl. ¶ 182).

U.S. Patent No. 10,250,639 - "Information Infrastructure Management Data Processing Tools for Data Flow with Distribution Controls"

  • Patent Identification: U.S. Patent No. 10,250,639, "Information Infrastructure Management Data Processing Tools for Data Flow with Distribution Controls," issued April 2, 2019 (the "’639 Patent").
  • Technology Synopsis: This patent describes a method for "sanitizing" data by extracting sensitive content based on different sensitivity levels and associated security clearances. The extracted sensitive data is stored in secure "extract stores," and the system then uses content, contextual, and taxonomic filters to perform "inferencing" on the sanitized data to derive information without exposing the raw sensitive content (’639 Patent, Abstract; Compl. ¶¶ 193, 217).
  • Asserted Claims: At least Claim 16 (Compl. ¶ 192).
  • Accused Features: The accused systems are alleged to extract critical financial data according to predefined priority filters for storage in a secure vault, which the complaint frames as a data sanitization process, and then utilize analytics to scan the vaulted data (Compl. ¶¶ 197, 220).

III. The Accused Instrumentality

Product Identification

  • The "Accused Instrumentalities" are identified as the data processing and disaster recovery systems and methods used by Defendant Servisfirst that are compliant with the "Sheltered Harbor" industry specification, or are functionally equivalent (Compl. ¶ 95).

Functionality and Market Context

  • The complaint alleges these systems are designed to protect critical customer financial data against catastrophic loss from events like cyberattacks (Compl. ¶ 62). Functionally, they extract critical account data from production systems, convert it to a standard format, and store it in a secure, immutable, and "air-gapped" data vault that is isolated from the primary corporate network (Compl. ¶¶ 69, 76, 81). The complaint includes a diagram from a Dell Technologies solution brief illustrating this architecture, which shows a "Production Environment" connected via a secure, air-gapped replication link to a separate "Data Vault Environment" (Compl. ¶ 72). This vaulting process is governed by enterprise-defined "protection policies" that determine which data is backed up (Compl. ¶ 87). The Sheltered Harbor standard is presented as an industry-wide initiative to ensure the stability of the U.S. financial markets (Compl. ¶ 62).

IV. Analysis of Infringement Allegations

’301 Patent Infringement Allegations

Claim Element (from Independent Claim 25) Alleged Infringing Functionality Complaint Citation Patent Citation
providing... a plurality of select content data stores operative with a plurality of designated categorical filters... The accused system includes a "data vault" with designated stores for content derived from "protection policies," which are alleged to be categorical filters. A referenced diagram shows multiple stores including Backup, Copy, Lock, and Analyze functions. ¶104-106 col. 13:25-34
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content, which... is at least one of contextually associated... and taxonomically associated... The system activates protection policies to extract critical financial account data, which is allegedly contextually or taxonomically associated through the use of metadata tags grouped into categories. ¶108-110 col. 13:35-42
storing said aggregated select content for said at least one categorical filter in said corresponding select content data store The extracted critical data is aggregated and placed into corresponding storage units within the data vault. ¶112-113 col. 13:43-46
associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process... The system associates data processes such as copying, archiving, and extracting with specific data types in accordance with enterprise policies for data backup and vaulting. ¶115-116 col. 13:51-56
applying the associated data process to a further data input... Once a protection policy is established, all subsequent data inputs are automatically processed in the same way according to that policy. ¶118-120 col. 13:57-64
said activating a designated categorical filter, which encompasses an automatic activation... time-based... or event-based The system allegedly performs backups automatically at scheduled times (e.g., nightly) or in response to events (e.g., detection of new data). ¶121-123 col. 14:1-5

’169 Patent Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
a method of organizing and processing data... in a distributed cloud-based computing system... The accused systems are allegedly cloud-based and can be deployed on platforms like AWS, Microsoft Azure, and Google Cloud. ¶130, 132 col. 132:15-18
providing... (i) a plurality of select content data stores... (ii) a plurality of granular data stores... (iii) a cloud-based server... The system allegedly provides a "data vault" (select content stores), production and backup systems (granular data stores), and a server, which may be cloud-based. ¶136-139 col. 132:19-27
extracting and storing said security designated data in respective select content data stores The system extracts critical financial account data (security designated data) and stores it in the secure data vault. ¶143-144 col. 132:32-34
activating at least one of said select content data stores... permitting access... based upon an application of one or more of said access controls... Access to the data vault is allegedly restricted by security measures, including multi-factor authentication and strict credentialing. ¶148-149 col. 132:35-39
parsing remainder data not extracted... and storing the parsed data in respective granular data stores Data not extracted for the vault (remainder data) is stored in production and backup systems, which are alleged to be granular data stores. ¶151-152 col. 132:40-42
withdrawing some or all of said security designated data and said parsed data... only in the presence of said respective access controls... Data is restored from the vault and production systems to a "restoration platform" only upon satisfaction of strict security protocols. ¶157-159 col. 132:43-47
  • Identified Points of Contention:
    • Scope Questions: The infringement theory for both patents hinges on equating the terminology of the Sheltered Harbor standard with specific claim terms. A central dispute may be whether an industry-standard "protection policy" for disaster recovery is equivalent to a "designated categorical filter" for granular content extraction as claimed in the ’301 Patent. For the ’169 Patent, a key question may be whether a system with a physically isolated, "air-gapped" vault, which can be deployed on-premise, meets the "distributed cloud-based computing system" limitation.
    • Technical Questions: For the ’169 Patent, the defendant may challenge whether the routine backup of all production-side data constitutes "parsing remainder data" as required by the claim, which could imply a more active process of analyzing and separating non-sensitive content. The complaint's use of a diagram showing "Backup Workloads" to satisfy this limitation raises the question of whether this is a routine backup or a specific parsing step (Compl. ¶ 139).

V. Key Claim Terms for Construction

For the ’301 Patent

  • The Term: "designated categorical filters"
  • Context and Importance: This term is the core mechanism of the asserted method claim. The Plaintiff's infringement case appears to depend on construing this term to cover the "protection policies" used in the accused Sheltered Harbor systems. The definition will determine whether the accused systems, designed for disaster recovery, fall within the scope of the patent's more granular data processing claims.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The specification states that designated categorical filters are used to "store select content relative to the category in certain SC stores" and that these categories are of interest to the enterprise, including for policy purposes like privacy and compliance (’301 Patent, col. 11:53-12:14). This could support an interpretation where any policy-based rule for data segregation is a "categorical filter."
    • Evidence for a Narrower Interpretation: The patent describes specific modules for filtering, such as a "content filter module," "contextual filter module," and "taxonomic filter module," and explains how they analyze content (’301 Patent, col. 11:15-30). A defendant may argue this language requires more than just a high-level backup policy and points toward a specific technical implementation for content analysis.

For the ’169 Patent

  • The Term: "distributed cloud-based computing system"
  • Context and Importance: This term appears in the preamble of the asserted independent claim and defines the environment in which the invention operates. The accused Sheltered Harbor systems are described as having an "air-gapped," isolated vault, which may be deployed on-premise. Whether this architecture qualifies as "cloud-based" will be a critical issue.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The patent does not appear to provide a specific definition of "cloud-based," leaving it open to its plain and ordinary meaning at the time of the invention. Practitioners may argue that because the complaint alleges the accused systems are designed for deployment on cloud platforms like AWS and Azure (Compl. ¶ 132), the term should be interpreted flexibly to include hybrid or cloud-ready architectures.
    • Evidence for a Narrower Interpretation: A defendant may argue that the ordinary meaning of "cloud-based" implies reliance on remote, virtualized resources, which could be argued as contrary to the isolated, physically separate, and potentially on-premise nature of the accused "data vault." The specification's general references to distributed computing may not be sufficient to explicitly broaden the common understanding of "cloud-based."

VI. Other Allegations

  • Willful Infringement: The complaint alleges that Defendant has been on notice of the patents since at least the date of service of the complaint (Compl. ¶ 226). It further alleges pre-suit knowledge, asserting that Defendant knew or should have known of the patents since at least November 21, 2023, due to awareness of infringement lawsuits filed by the Plaintiff against competitor financial institutions (Compl. ¶ 226). The complaint also pleads willful blindness, alleging on information and belief that Defendant has a policy or practice of not reviewing the patents of others (Compl. ¶ 227).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A core issue will be one of definitional scope: can the patent term "designated categorical filters", which is described in the context of granular content analysis, be construed to cover the high-level "protection policies" used in industry-standard disaster recovery systems like those adhering to the Sheltered Harbor specification?
  • A second key question will be one of architectural mismatch: does the accused system, which centers on a secure, "air-gapped" data vault that is physically and logically isolated from production networks, meet the "distributed cloud-based computing system" limitation of the ’169 Patent, or is this architecture fundamentally different from what the patent claims?
  • Finally, the case may turn on an evidentiary question of function: does the accused system’s process of backing up non-critical data into production-side storage perform the specific step of "parsing remainder data", or is this a mischaracterization of a conventional backup process that lacks the analytical and segregating function required by the claim?