DCT

1:24-cv-05587

DigitalDoors Inc v. Synovus Bank

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 1:24-cv-05587, N.D. Ga., 12/05/2024
  • Venue Allegations: Plaintiff alleges venue is proper in the Northern District of Georgia because Defendant maintains a regular and established business presence in the district, including numerous physical branch locations, and specifically targets customers within the district.
  • Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, particularly those compliant with the financial industry’s "Sheltered Harbor" standard, infringe four patents related to methods for granularly filtering, extracting, storing, and securing sensitive data in distributed computing systems.
  • Technical Context: The technology relates to cybersecurity and data resilience for financial institutions, aiming to protect and enable recovery of critical customer account data following a catastrophic cyberattack or other system failure.
  • Key Procedural History: The complaint asserts that the patents-in-suit are "pioneering" and have been cited as relevant prior art in hundreds of subsequent U.S. patent applications by major technology and financial services companies. No prior litigation or post-grant proceedings are mentioned in the complaint.

Case Timeline

Date Event
2007-01-05 Earliest Priority Date for all four Asserted Patents
2015-04-21 U.S. Patent No. 9,015,301 Issued
2015-01-01 Sheltered Harbor initiative launched (approximate date)
2017-08-15 U.S. Patent No. 9,734,169 Issued
2019-01-15 U.S. Patent No. 10,182,073 Issued
2019-04-02 U.S. Patent No. 10,250,639 Issued
2024-12-05 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301 - "Information Infrastructure Management Tools with Extractor, Secure Storage, Analysis and Classification and Method Therefor"

  • Patent Identification: U.S. Patent No. 9,015,301, "Information Infrastructure Management Tools with Extractor, Secure Storage, Analysis and Classification and Method Therefor," issued April 21, 2015 (’301 Patent).

The Invention Explained

  • Problem Addressed: The patent describes a state of the art where enterprises struggled to manage and secure sensitive information, particularly unstructured data, within open and vulnerable ecosystems (Compl. ¶27; ’301 Patent, col. 1:60-2:27). Conventional approaches focused on managing entire data files rather than the specific sensitive content within them, making granular security and disaster recovery difficult (Compl. ¶27; ’301 Patent, col. 1:31-38).
  • The Patented Solution: The invention proposes a method for organizing and processing data by moving from a file-level to a content-level management approach (Compl. ¶¶12, 26). It uses a plurality of "categorical filters" to identify and extract "select content" (important data) from a data stream. This extracted content is then stored in corresponding "select content data stores," and specific data processes (e.g., copy, archive, destroy) are associated with the activated filter to manage the data lifecycle ('301 Patent, Abstract; col. 3:17-4:35).
  • Technical Importance: This approach provided a method to apply distinct security policies and data management actions to specific pieces of information within a larger data set, rather than applying a single policy to an entire file (Compl. ¶37).

Key Claims at a Glance

  • The complaint asserts independent claim 25 (Compl. ¶98).
  • Essential elements of claim 25 include:
    • A method of organizing and processing data in a distributed computing system for an enterprise.
    • Providing a plurality of "select content data stores" operative with a plurality of "designated categorical filters."
    • Activating at least one filter and processing a data input through it to obtain "aggregated select content."
    • Storing the aggregated select content in a corresponding data store.
    • Associating a data process (e.g., copy, extract, archive, distribution, or destruction) with the activated filter.
    • Applying the associated data process to a further data input based on the filter.
    • Wherein the filter activation is either automatic (time-based, condition-based, or event-based) or manual.

U.S. Patent No. 9,734,169 - "Digital Information Infrastructure and Method for Securing Designated Data and with Granular Data Stores"

  • Patent Identification: U.S. Patent No. 9,734,169, "Digital Information Infrastructure and Method for Securing Designated Data and with Granular Data Stores," issued August 15, 2017 (’169 Patent).

The Invention Explained

  • Problem Addressed: The patent addresses the need to secure designated data within a distributed or cloud-based system by segregating it from other, less sensitive data and controlling access to it (’169 Patent, Abstract).
  • The Patented Solution: The invention claims a method for a distributed, cloud-based system that provides distinct storage locations for different types of data. The system extracts "security designated data" and stores it in secure "select content data stores," each with its own access controls. The "remainder data" that was not extracted is parsed and stored separately in "granular data stores." The system is designed so that data can only be withdrawn from these stores when the specified access controls are applied (’169 Patent, Abstract).
  • Technical Importance: This method provides a technical framework for partitioning data based on sensitivity within a cloud architecture, allowing an enterprise to isolate its most critical information in a secure environment while leaving other data in more accessible locations (Compl. ¶¶136-139).

Key Claims at a Glance

  • The complaint asserts independent claim 1 (Compl. ¶129).
  • Essential elements of claim 1 include:
    • A method of organizing and processing data in a "distributed cloud-based computing system."
    • Providing a plurality of "select content data stores" for security-designated data, a plurality of "granular data stores," and a cloud-based server.
    • Each select content data store has its own access controls.
    • Extracting and storing the security-designated data in the select content data stores.
    • Activating a select content data store to permit access based on the application of its access controls.
    • Parsing the "remainder data" (not extracted) and storing it in the granular data stores.
    • Withdrawing data from the stores only in the presence of the respective access controls.

U.S. Patent No. 10,182,073 - "Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores"

  • Patent Identification: U.S. Patent No. 10,182,073, "Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores," issued January 15, 2019 (’073 Patent).
  • Technology Synopsis: This patent describes creating an information infrastructure that uses a plurality of initially configured filters to identify and process sensitive and select content. The core inventive concept appears to be the ability to dynamically alter these filters—by expanding, contracting, or changing their classification—and then generating modified filters to organize subsequent data throughput (’073 Patent, Abstract; col. 132:9-22).
  • Asserted Claims: Independent claim 1 is asserted (Compl. ¶165).
  • Accused Features: The complaint targets the functionality within the accused systems that allows an enterprise to define, run, and modify "protection policies" (alleged to be the claimed filters) that govern how data is replicated and stored in the secure vault (Compl. ¶¶181-182, 184-185). A screenshot from a Dell instructional video is provided to show a user interface for modifying report filters, which the complaint alleges is an example of the claimed alteration (Compl. ¶182, p. 93).

U.S. Patent No. 10,250,639 - "Information Infrastructure Management Data Processing Tools for Processing Data Flow with Distribution Controls"

  • Patent Identification: U.S. Patent No. 10,250,639, "Information Infrastructure Management Data Processing Tools for Processing Data Flow with Distribution Controls," issued April 2, 2019 (’639 Patent).
  • Technology Synopsis: This patent discloses a method of "sanitizing" data processed in a distributed system. The process involves extracting sensitive content based on its sensitivity level into a secure "extract store," thereby separating it from the "remainder data." The invention also includes a step of "inferencing" the sanitized data using content, contextual, and taxonomic filters to obtain further insights or classifications (’639 Patent, Abstract; col. 132:7-18).
  • Asserted Claims: Independent claim 16 is asserted (Compl. ¶192).
  • Accused Features: The infringement theory focuses on the accused systems' extraction of "critical account information" (the alleged sensitive content) from the production environment into a secure data vault, which the complaint alleges is a form of sanitization. The use of protection policies to identify and categorize this data is alleged to constitute the claimed filtering and inferencing (Compl. ¶¶214, 217).

III. The Accused Instrumentality

Product Identification

  • The "Accused Instrumentalities" are the data backup and disaster recovery systems that Defendant Synovus Bank allegedly makes, owns, operates, or uses, which are either compliant with the "Sheltered Harbor" specification or provide "substantially equivalent functionality" (Compl. ¶95).

Functionality and Market Context

  • The complaint alleges that the financial services industry, through the Sheltered Harbor initiative, developed a standard to ensure data resilience against cyberattacks (Compl. ¶62). Systems compliant with this standard, such as the Dell PowerProtect Cyber Recovery solution cited as an exemplar, are alleged to perform several key functions: extracting critical customer account data from a "Production Environment," converting it to a standard format, and replicating it to a secure, isolated "Data Vault Environment" (Compl. ¶¶69-70, 72). This vault is described as being "air-gapped," meaning it is physically or logically separated from corporate networks to prevent corruption (Compl. ¶76). A diagram from a Dell solution brief illustrates this architecture, showing data moving from a "Production Environment" across an "Air-gap" to a "Data Vault Environment" (Compl. ¶72, p. 31).

IV. Analysis of Infringement Allegations

’301 Patent Infringement Allegations

Claim Element (from Independent Claim 25) Alleged Infringing Functionality Complaint Citation Patent Citation
a method of organizing and processing data in a distributed computing system having select content important to an enterprise... The accused systems manage and protect critical customer financial account data, which is content important to the enterprise (Synovus). ¶99 col. 13:25-32
providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters... The accused systems provide a "data vault" with designated storage units (the data stores) which operate based on "protection policies" (the categorical filters) established by the enterprise. ¶¶104-106 col. 13:33-38
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content... as aggregated select content The system activates these protection policies to extract critical financial account data, which is aggregated for storage in the vault. ¶108 col. 13:39-45
storing said aggregated select content for said at least one categorical filter in said corresponding select content data store The extracted critical account data is stored in the secure data vault, which corresponds to the applied protection policy. A diagram illustrates various data stores within the Cyber Recovery Vault, including "Backup," "Copy," and "Lock" (Compl. ¶105, p. 52). ¶112 col. 14:1-3
for the activated categorical filter, associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process In the accused systems, the protection policies associate data processes like data backup (copying/archiving) with the selected critical data. ¶115 col. 14:4-9
applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter... Once a protection policy is established, all subsequent backups ("further data input") are processed in the same way under the same filter. ¶118 col. 14:10-14
activating a designated categorical filter, which encompasses an automatic activation... and said automatic activation is time-based, distributed computer system condition-based, or event-based The accused systems allegedly perform backups automatically at a designated time interval (e.g., nightly), which constitutes time-based automatic activation. ¶121 col. 14:26-31
  • Identified Points of Contention:
    • Scope Questions: A central question may be whether the term "categorical filters," as described in the patent, can be construed to cover the "protection policies" of modern data backup systems. The defense may argue that such policies are conventional IT tools and not the specific type of content-aware, taxonomic, or contextual filters described in the patent's specification.
    • Technical Questions: The complaint broadly equates Sheltered Harbor's data vaulting with the patent's claimed method. The analysis will likely focus on whether the accused system's operations are merely a conventional backup process or if they perform the specific steps of activating distinct filters and associating discrete "data processes" in the manner claimed.

’169 Patent Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
a method of organizing and processing data in a distributed cloud-based computing system... The accused systems are alleged to be distributed and are optionally implemented on cloud platforms such as AWS, Azure, or Google Cloud. ¶¶130, 132 col. 132:15-19
providing... (i) a plurality of select content data stores... (ii) a plurality of granular data stores; and (iii) a cloud-based server, each select content data store having respective access controls thereat The "data vault" is alleged to be the "select content data stores," while the "production and backup systems" are the "granular data stores." These are connected via a server, and the vault has strict access controls. A diagram shows "Backup Workloads" as granular stores on the production side (Compl. ¶152, p. 77). ¶¶136-139 col. 132:20-27
extracting and storing said security designated data in respective select content data stores The system extracts critical financial data and stores it in the secure, air-gapped data vault. ¶143 col. 132:28-31
activating at least one of said select content data stores in said cloud-based computing system thereby permitting access... based upon an application of one or more of said access controls thereat Access to the data vault is allegedly permitted only upon satisfaction of strict security measures, such as multi-factor authentication. ¶148 col. 132:32-36
parsing remainder data not extracted from data processed... and storing the parsed data in respective granular data stores Data not extracted to the vault remains in the production and backup systems (the alleged granular stores). ¶151 col. 132:37-40
withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto Data restoration from the vault is allegedly permitted only upon satisfaction of strict access controls for recovery after a cyberattack. ¶157 col. 132:41-45
  • Identified Points of Contention:
    • Scope Questions: The definition of "cloud-based computing system" will be critical, particularly whether an on-premises solution that has some interaction with a cloud service meets the claim limitation. Additionally, whether a standard production environment can be considered a set of "granular data stores" for "remainder data" may be a central point of dispute.
    • Technical Questions: The claim requires "parsing remainder data" and "storing" it. The complaint alleges this is met by simply leaving the non-extracted data in its original production environment. This raises the question of whether failing to extract data constitutes the affirmative steps of "parsing" and "storing" as required by the claim.

V. Key Claim Terms for Construction

Term from the ’301 Patent

  • The Term: "designated categorical filters"
  • Context and Importance: This term is the core of the '301 patent's invention. The infringement case hinges on whether the "protection policies" and rule-based systems in the accused Sheltered Harbor architecture, which select data for backup based on attributes like "VM Folder Name, Contains, and Finance" (Compl. ¶87), fall within the scope of this term.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The patent states that filters can be based on "content-based filters, contextual filters and taxonomic classification filters," and that designated filters are used to "store select content relative to the category in certain SC stores" ('301 Patent, col. 12:53-56). This could support an argument that any rule-based system that categorizes data for storage is a "categorical filter."
    • Evidence for a Narrower Interpretation: The specification provides detailed examples of building complex filters using "semantic analysis, word tagging and classification" ('301 Patent, col. 1:52-54). A defendant may argue that the term requires this level of linguistic or content-based analysis, not simply filtering based on file location or metadata tags.

Term from the ’169 Patent

  • The Term: "parsing remainder data... and storing the parsed data"
  • Context and Importance: The infringement allegation for this element is based on the accused system leaving non-critical data in its original production and backup environment (Compl. ¶151). The viability of the infringement claim may depend on whether "parsing and storing" can be interpreted to cover the act of not moving or processing data.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The patent's summary describes the invention broadly as separating extracted sensitive data from remainder data, which is "separately stored apart" ('169 Patent, col. 4:1-17). One could argue that "parsing" simply means separating and "storing" means allowing it to remain in its existing storage location.
    • Evidence for a Narrower Interpretation: The detailed description often describes affirmative processing steps. For example, Figure 4 shows a "source plaintext doc" (100) being processed through a "filter" (102) to create both "extracted text" (106) and "common text & placeholders" (104), which are then stored separately ('169 Patent, Fig. 4). This suggests an active process of separation and storage, not merely inaction.

VI. Other Allegations

  • Willful Infringement: The complaint includes a count for "Knowledge and Willfulness," alleging that Defendant had actual notice of the patents at least upon service of the complaint. It further alleges an alternative theory of pre-suit knowledge based on Defendant's awareness of similar lawsuits filed against competitor financial institutions, and posits that Defendant maintains a policy of "willfully blind[ing]" itself to the patent rights of others (Compl. ¶¶226-227).

VII. Analyst’s Conclusion: Key Questions for the Case

  • Definitional Scope: A central issue will be whether the specific terminology of the patents, which appears rooted in granular, content-aware text and data processing, can be construed to read on the architecture and functions of modern, macro-level data vaulting systems. Can a system's "protection policy" based on asset location be considered a "categorical filter," and is the act of leaving data in its original production environment the same as "parsing and storing remainder data"?
  • Technological Equivalence: The case raises a fundamental question of whether the accused "Sheltered Harbor" systems, developed by the financial industry starting in 2015 for disaster recovery, are merely a modern implementation of the methods claimed in patents with a 2007 priority date. The court will need to examine whether the accused systems operate in a "substantially similar way" to achieve the same result, or if they represent a different, non-infringing technological approach to the problem of data resilience.
  • Patentability of Subject Matter: The complaint extensively argues that the claimed inventions were unconventional and not routine as of 2007 (Compl. ¶¶25-52). A likely defense will be that the claims are directed to the abstract idea of organizing, filtering, and securing data, using conventional computer components to do so. The resolution of the case may depend on whether the specific combination of claim elements is found to be a patent-eligible technological improvement or an implementation of an abstract concept.