DCT
1:25-cv-03843
DigitalDoors Inc v. Byline Bank
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: DigitalDoors, Inc. (Florida)
- Defendant: Byline Bank (Illinois)
- Plaintiff’s Counsel: Lucosky Brookman, LLP; Hoffberg & Associates
- Case Identification: 1:25-cv-03843, N.D. Ill., 04/09/2025
- Venue Allegations: Plaintiff alleges venue is proper in the Northern District of Illinois because Defendant maintains a principal place of business, physical branch locations, and employees within the district, and conducts substantial business with customers located there.
- Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, which are alleged to be compliant with the financial industry’s “Sheltered Harbor” specification, infringe four patents related to methods for granularly filtering, extracting, securing, and storing sensitive data in a distributed computing environment.
- Technical Context: The technology concerns advanced data security architectures designed to ensure the survivability and rapid recovery of critical data, such as financial records, in the event of a catastrophic cyberattack.
- Key Procedural History: The complaint does not reference prior litigation or post-grant proceedings involving the asserted patents. It notes that the patents originate from work to develop data security solutions for the U.S. Government and have been cited as prior art in hundreds of subsequent patent applications by major technology and financial services companies.
Case Timeline
| Date | Event |
|---|---|
| 2007-01-05 | Priority Date for all Asserted Patents |
| 2015-04-21 | U.S. Patent No. 9,015,301 Issued |
| 2015-01-01 | Sheltered Harbor Initiative Launched (Accused Technology Framework) |
| 2017-08-15 | U.S. Patent No. 9,734,169 Issued |
| 2019-01-15 | U.S. Patent No. 10,182,073 Issued |
| 2019-04-02 | U.S. Patent No. 10,250,639 Issued |
| 2025-04-09 | Complaint Filing Date |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 9,015,301 - “Information Infrastructure Management Tools with Extractor, Secure Storage, Analysis and Classification and Method Therefor”
Issued April 21, 2015
The Invention Explained
- Problem Addressed: The patent describes a technological environment where enterprises operated "open ecosystems" with numerous access points, making it difficult to classify and secure sensitive data, particularly unstructured content, and manage its changing sensitivity over its lifecycle (Compl. ¶¶28, 32; ’301 Patent, col. 1:31-38, 2:3-27). Conventional data management focused on securing entire files rather than the specific sensitive content within them (Compl. ¶28; ’301 Patent, col. 9:46-58).
- The Patented Solution: The invention proposes a method and system for organizing data in a distributed computing system by using a plurality of filters (e.g., content-based, contextual, taxonomic) to analyze a data stream, identify specific "select content" deemed important to the enterprise, and store that content in designated, secure data stores (Compl. ¶27; ’301 Patent, Abstract, col. 3:17-4:35). The system can then associate different data processes (e.g., copy, archive, destroy) with the filtered content, allowing for granular management based on the data's substance rather than its container file (’301 Patent, col. 4:1-12).
- Technical Importance: This approach represented a shift from file-level security to content-level security, enabling more granular, policy-based control over sensitive information within increasingly complex and vulnerable enterprise networks (Compl. ¶28).
Key Claims at a Glance
- The complaint asserts infringement of at least independent Claim 25 (Compl. ¶99).
- The essential elements of Claim 25, a method claim, include:
- Providing, in a distributed computing system, a plurality of select content data stores operative with designated categorical filters.
- Activating at least one filter to process a data input and obtain select content, which is then stored as aggregated select content in a corresponding data store.
- Associating at least one data process (from a group including copy, extract, archive, distribution, and destruction) with the activated filter.
- Applying the associated data process to a subsequent data input based on the result of that input being processed by the filter.
- The activation of the filter can be automatic (time-based, condition-based, or event-based) or manual.
U.S. Patent No. 9,734,169 - “Digital Information Infrastructure and Method for Securing Designated Data and With Granular Data Stores”
Issued August 15, 2017
The Invention Explained
- Problem Addressed: The patent identifies the challenge of securing sensitive information within distributed systems, where traditional perimeter security is inadequate against sophisticated threats (’169 Patent, col. 2:3-12). Simply storing data in the cloud or across multiple servers does not inherently make it secure without a method to control and segregate its sensitive components.
- The Patented Solution: The invention discloses a method for a distributed, cloud-based system that separates data into "security designated data" and "remainder data." The system provides distinct "select content data stores" for the sensitive data and "granular data stores" for the remainder. The sensitive data is extracted and stored with specific access controls, while the non-sensitive remainder is parsed and stored separately. To access the sensitive data, a user must satisfy the applied access controls ('169 Patent, Abstract, Fig. 4).
- Technical Importance: The technology enhances security by de-contextualizing sensitive information, making it less valuable if compromised, and storing it in a secure location isolated from the bulk of the data and protected by specific access controls ('169 Patent, col. 16:25-38).
Key Claims at a Glance
- The complaint asserts infringement of at least independent Claim 1 (Compl. ¶130).
- The essential elements of Claim 1, a method claim, include:
- Providing in a distributed cloud-based computing system: (i) select content data stores for security designated data, (ii) granular data stores, and (iii) a cloud-based server.
- Providing a communications network coupling the stores and server.
- Extracting and storing the security designated data in the select content data stores.
- Activating at least one select content data store to permit access to the security designated data based on access controls.
- Parsing remainder data not extracted from the processed data.
- Storing the parsed remainder data in the granular data stores.
- Withdrawing the security designated data and parsed data from their respective stores only when the access controls are applied.
U.S. Patent No. 10,182,073 - “Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores”
Issued January 15, 2019
- Technology Synopsis: This patent addresses the need for dynamic data security policies. It describes a method for creating an information infrastructure where the filters used to identify and process sensitive content are configurable and can be altered by expanding, contracting, or reclassifying the criteria used to define sensitive or select content ('073 Patent, Abstract; Compl. ¶11).
- Asserted Claims: Claim 1 (Compl. ¶166).
- Accused Features: The complaint alleges that the accused systems, through a user interface, allow the enterprise to define, run, monitor, and modify "policies and policy outcomes" for data replication and protection, which allegedly constitutes the claimed step of altering the initially configured filters (Compl. ¶¶182-186). A screenshot from a Dell instructional video is provided to show a user interface for modifying filter options in a report generation tool (Compl. ¶183, p. 89).
U.S. Patent No. 10,250,639 - “Information Infrastructure Management Data Processing Tools for Data Flow with Distribution Controls”
Issued April 2, 2019
- Technology Synopsis: This patent focuses on a method for "sanitizing" data processed in a distributed system. The method involves associating data with various sensitivity levels and security clearances, extracting sensitive content into corresponding secure data stores, and then using content, contextual, and taxonomic filters to "inference" the sanitized data to obtain further insights ('639 Patent, Abstract; Compl. ¶11).
- Asserted Claims: Claim 16 (Compl. ¶193).
- Accused Features: The complaint alleges that the Sheltered Harbor-compliant systems perform the claimed method by extracting critical account data based on its sensitivity (e.g., financial data), associating it with security clearances (e.g., access controls), storing it in secure data vaults, and using filters to analyze the content (Compl. ¶¶197-198, 219).
III. The Accused Instrumentality
Product Identification
The accused instrumentalities are the data backup and disaster recovery systems and methods that Defendant Byline Bank allegedly makes, owns, operates, or controls, which are asserted to be compliant with the “Sheltered Harbor” specification or a functional equivalent thereof (Compl. ¶96).
Functionality and Market Context
The complaint alleges that the financial services industry, in response to growing cyber threats, developed the Sheltered Harbor standard to ensure the stability of U.S. financial markets (Compl. ¶63). Functionally, systems compliant with this standard are designed to perform several key operations. They extract critical customer account data from a financial institution's "Production Environment" and replicate it to a highly secure and isolated "Data Vault Environment" (Compl. ¶¶70, 82). This vault is immutable, encrypted, and disconnected from production networks via an "air gap" to protect the data from attacks (Compl. ¶¶77, 81). The complaint includes a diagram illustrating the Dell PowerProtect Cyber Recovery solution, an exemplary Sheltered Harbor system, which shows data moving from a production environment, across an air-gap, to a data vault for replication and processing (Compl. ¶73, p. 31). This architecture is intended to create a survivable copy of essential data that can be used to restore basic customer services after a catastrophic operational failure (Compl. ¶¶74, 78).
IV. Analysis of Infringement Allegations
’301 Patent Infringement Allegations
| Claim Element (from Independent Claim 25) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| a method of organizing and processing data in a distributed computing system having select content important to an enterprise... | The accused systems manage and protect critical customer financial account data for the bank (the enterprise). | ¶102 | col. 3:20-29 |
| providing... a plurality of select content data stores operative with a plurality of designated categorical filters... | The accused systems provide a "data vault" with multiple data stores (e.g., for backup, copy, lock, analyze) that operate based on "protection policies" (filters) established by the enterprise. | ¶¶105-107 | col. 3:30-43 |
| activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content, which associated select content is at least one of contextually associated select content and taxonomically associated select content, as aggregated select content... | The accused systems activate protection policies (filters) to extract critical financial account data, which is contextually or taxonomically associated (e.g., via metadata tags), and aggregate it for vaulting. | ¶¶109-111 | col. 4:1-12 |
| storing said aggregated select content for said at least one categorical filter in said corresponding select content data store... | The accused systems store the aggregated critical account data in corresponding storage units within the secure data vault. | ¶¶113-114 | col. 4:5-12 |
| for the activated categorical filter, associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process... | The accused systems associate the selected data with processes like data backup (copy/archive) and restoration (distribution) in accordance with Sheltered Harbor requirements and enterprise policies. | ¶¶116-117 | col. 4:1-9 |
| applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter... | Once a protection policy is established, all subsequent data inputs matching the filter criteria are automatically processed in the same way (e.g., backed up to the same storage unit). | ¶¶119-120 | col. 4:13-19 |
| activating a designated categorical filter, which encompasses an automatic activation... and said automatic activation is time-based, distributed computer system condition-based, or event-based... | The processing occurs automatically at designated time intervals (e.g., nightly backups), upon a designated condition (e.g., detection of new data), or based on an event. | ¶¶122-124 | col. 14:1-9 |
’169 Patent Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| a method of organizing and processing data... in a distributed cloud-based computing system... | The accused systems organize and process data in a distributed system that can be deployed in a cloud-based architecture. | ¶¶131, 133 | col. 3:29-32 |
| providing in said distributed cloud-based computing system: (i) a plurality of select content data stores... (ii) a plurality of granular data stores; and (iii) a cloud-based server... | The accused architecture includes a secure data vault (select content stores) and production/backup systems (granular data stores), which can be managed by cloud-based servers. | ¶¶137-140 | col. 3:32-40 |
| providing a communications network operatively coupling said plurality of select content data stores and cloud-based server... | The accused systems comprise a communications network that couples the production and vaulting environments, including via a logical, air-gapped connection. | ¶¶142-143 | col. 3:38-43 |
| extracting and storing said security designated data in respective select content data stores... | The accused systems extract critical financial account data and store it in the secure data vault. | ¶¶144-147 | col. 4:26-34 |
| activating at least one of said select content data stores in said cloud-based computing system thereby permitting access to said select content data stores... based upon an application of one or more of said access controls thereat... | The data vault is protected by security measures, such as multi-factor authentication and strict credentialing, which must be applied to permit access. | ¶¶149-150 | col. 4:4-8 |
| parsing remainder data not extracted from data processed by said cloud-based system and storing the parsed data in respective granular data stores... | The accused systems store non-extracted data (remainder data) in production and backup systems (granular data stores), which are separate from the secure vault. | ¶¶152-153 | col. 4:30-34 |
| withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto... | Data can only be withdrawn from the secure vault to the restoration platform upon satisfaction of strict security measures and access controls. | ¶¶158-159 | col. 4:4-8 |
Identified Points of Contention
- Scope Questions: A primary issue may be whether the term "distributed computing system" as described in the patents, which have a 2007 priority date, can be construed to read on the specific "Sheltered Harbor" architecture developed by the financial industry starting in 2015. Similarly, the court may need to determine if a modern "protection policy" in a backup system is equivalent to a "categorical filter" as that term is used in the patent specifications.
- Technical Questions: The complaint's infringement theory relies heavily on equating the functions of a Sheltered Harbor-compliant system with the specific steps recited in the claims. A key factual question will be what evidence demonstrates that Defendant's system performs every claimed step. For example, regarding the '169 patent, what evidence shows that the system actively "parses" the "remainder data" that is not sent to the vault, as opposed to simply leaving it in the production environment?
V. Key Claim Terms for Construction
For the ’301 Patent
- The Term: "categorical filter"
- Context and Importance: This term is central to how the patented method selects data for protection. The infringement allegation hinges on equating this term with the "protection policies" used in the accused Sheltered Harbor systems (Compl. ¶107). The definition will determine whether the accused functionality falls within the claim's scope.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The specification states that enterprise-designated filters are used to "select content relative to the category" and can include "content-based filters, contextual filters and taxonomic classification filters," suggesting the term is not limited to a single implementation but encompasses various ways of categorizing data ('301 Patent, col. 3:35-39).
- Evidence for a Narrower Interpretation: The patent provides specific examples, such as establishing a "hierarchical taxonomic system" by reviewing "label descriptions on the structured data," which could be used to argue that "categorical filter" requires more than a simple backup rule and implies a specific type of content analysis and classification ('301 Patent, col. 10:22-32).
For the ’169 Patent
- The Term: "distributed cloud-based computing system"
- Context and Importance: This term defines the environment in which the claimed method operates. The complaint asserts that the accused systems, which may be deployed on-premise or in a public/private cloud, meet this definition (Compl. ¶133). Whether the accused architecture qualifies as "cloud-based" will be a critical issue.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The abstract describes a "distributed computer system" where data stores are coupled over a network, a general description that could encompass modern cloud architectures. The term "cloud-based" is not narrowly defined in the patent itself.
- Evidence for a Narrower Interpretation: A defendant may argue that the embodiments described or depicted in the specification (e.g., '169 Patent, Fig. 6) reflect a client-server architecture common in the 2007 priority timeframe, which is structurally and functionally distinct from the on-demand, scalable, multi-tenant nature of what is now understood as "cloud computing."
VI. Other Allegations
Willful Infringement
The complaint alleges that Defendant's infringement became willful at least upon receiving notice of the patents via the service of the complaint (Compl. ¶¶126, 162, 189, 225). It further alleges that Defendant has been willfully blind to Plaintiff's patent rights due to a "policy or practice of not reviewing the patents of others" and instructing employees not to do so (Compl. ¶229). An alternative basis for pre-suit knowledge is alleged based on citations to the asserted patents during the prosecution of Defendant's own, unrelated patent applications (Compl. ¶228).
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of definitional and technological scope: can the term "categorical filter," as used in a patent with a 2007 priority date, be construed to cover the "protection policies" that define backup routines in a modern, industry-standard disaster recovery framework like Sheltered Harbor, which was developed years after the patent's priority date?
- A central evidentiary question will be one of functional specificity: beyond establishing that the accused systems achieve the general goal of securely backing up critical data, what specific evidence will demonstrate that they perform each discrete, technical step of the asserted method claims, such as the "parsing" of non-extracted "remainder data" as required by Claim 1 of the '169 Patent?
- The case may also present a question of temporal relevance: does an invention conceived to solve data management and security challenges for military and government intelligence in the mid-2000s read on a commercial financial industry solution designed nearly a decade later to combat a different and more evolved landscape of cybersecurity threats?