DCT

2:25-cv-00748

DigitalDoors Inc v. Gulf Coast Bank Trust Co

Log In

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 2:25-cv-00748, E.D. La., 04/16/2025
  • Venue Allegations: Plaintiff alleges venue is proper in the Eastern District of Louisiana because Defendant maintains a regular and established business presence, including physical branch locations, and specifically targets customers within the district.
  • Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, which are asserted to be compliant with the financial industry’s “Sheltered Harbor” standard, infringe four patents related to secure, granular data processing and storage.
  • Technical Context: The technology at issue involves methods for identifying, extracting, and securely storing sensitive data from larger data streams for disaster recovery, a critical function in the financial services industry to ensure operational continuity after events like cyberattacks.
  • Key Procedural History: The complaint alleges that the inventions were developed in response to military operational needs for survivability against systemic failures. It further alleges that the financial industry began developing the accused "Sheltered Harbor" standard in 2015, years after the patents' priority dates, which Plaintiff frames as evidence of the inventions' non-obviousness.

Case Timeline

Date Event
2007-01-05 Earliest Priority Date for all Patents-in-Suit
2015-01-01 Sheltered Harbor initiative launched
2015-04-21 U.S. Patent No. 9,015,301 Issued
2017-08-15 U.S. Patent No. 9,734,169 Issued
2019-01-15 U.S. Patent No. 10,182,073 Issued
2019-04-02 U.S. Patent No. 10,250,639 Issued
2025-04-16 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301 - “Information Infrastructure Management Tools With Extractor, Secure Storage, Content Analysis and Classification and Method Therefor,” Issued April 21, 2015 (’301 Patent)

The Invention Explained

  • Problem Addressed: The patent background describes several problems with data management as of the priority date, including the inability to effectively manage sensitive data within unstructured files, the vulnerability of open ecosystems with numerous access points, and the difficulty of addressing the changing sensitivity of information over its lifecycle (Compl. ¶¶28, 30-33; ’301 Patent, col. 1:31-2:61).
  • The Patented Solution: The invention provides a system for organizing and processing data by using a plurality of filters (e.g., content-based, contextual, taxonomic) to identify and extract "select content" from a data input. This extracted content is then stored in designated "select content data stores," while associated data processes (e.g., copy, archive, extract) are applied based on the filter that was activated (’301 Patent, Abstract; col. 3:26-4:27). This allows for granular control over sensitive information, separating it from the bulk of the data for specialized, secure handling.
  • Technical Importance: This approach shifts data management from a file-level focus to a content-level focus, enabling more precise security and handling policies for sensitive information within larger, unstructured datasets (Compl. ¶29; ’301 Patent, col. 9:46-58).

Key Claims at a Glance

  • The complaint asserts infringement of at least independent claim 25 (Compl. ¶99).
  • Claim 25 is a method claim for organizing and processing data in a distributed computing system, which includes the following essential steps:
    • Providing a plurality of select content data stores operative with designated categorical filters.
    • Activating at least one of the filters and processing a data input through it to obtain select content.
    • Storing the aggregated select content in a corresponding data store.
    • Associating a data process (e.g., copy, extract, archive) with the activated filter.
    • Applying the associated data process to a further data input.
    • Activating the filter either automatically (based on time, system condition, or event) or manually.
  • The complaint does not explicitly reserve the right to assert dependent claims for this patent.

U.S. Patent No. 9,734,169 - “Digital Information Infrastructure and Method for Security Designated Data With and With Granular Data Stores,” Issued August 15, 2017 (’169 Patent)

The Invention Explained

  • Problem Addressed: Like the ’301 Patent, this patent addresses the need for secure handling of sensitive information. It specifically highlights the risks in open ecosystems where enterprises must interact with partners, customers, and vendors, necessitating robust information rights management and a way to manage data whose sensitivity changes over time (’169 Patent, col. 2:3-61).
  • The Patented Solution: The invention describes a method for a distributed, cloud-based computing system to process data by separating it into "security designated data" and "remainder data." The system provides secure "select content data stores" for the sensitive information and separate "granular data stores" for the remainder. A cloud-based server manages access to the secure data stores via access controls, and data can only be withdrawn when those controls are satisfied (’169 Patent, Abstract). The architecture is designed to protect sensitive data while allowing the less sensitive "remainder" to be stored and processed separately.
  • Technical Importance: This patent provides an architectural framework for securely isolating sensitive data in a distributed or cloud environment, improving security by separating critical data into access-controlled vaults while maintaining the utility of the remaining data (Compl. ¶¶131-132).

Key Claims at a Glance

  • The complaint asserts infringement of at least independent claim 1 (Compl. ¶130).
  • Claim 1 is a method claim for organizing and processing data in a distributed cloud-based computing system, which includes the following essential steps:
    • Providing a plurality of select content data stores, granular data stores, and a cloud-based server, with access controls at each select content data store.
    • Providing a communications network coupling the stores and the server.
    • Extracting and storing security designated data in the select content data stores.
    • Activating a select content data store to permit access based on applying an access control.
    • Parsing remainder data and storing it in the granular data stores.
    • Withdrawing security data and parsed data from their respective stores only when access controls are applied.
  • The complaint does not explicitly reserve the right to assert dependent claims for this patent.

U.S. Patent No. 10,182,073 - “Information Infrastructure Management Tools With Variable and Configurable Filters and Segmental Data Stores,” Issued January 15, 2019 (’073 Patent)

  • Technology Synopsis: This patent builds on the core data filtering technology by introducing the ability to dynamically manage the filters themselves. It addresses the need to adapt security policies over time by creating an infrastructure that allows for altering initially configured filters—such as by expanding, contracting, or reclassifying the definitions of sensitive and select content—and then generating modified filters to process further data throughput (’073 Patent, Abstract; col. 3:1-20).
  • Asserted Claims: At least independent claim 1 (Compl. ¶166).
  • Accused Features: The complaint alleges that the accused systems, through user interfaces for managing data protection policies, allow the enterprise to modify existing policies, which constitutes the claimed altering and generating of modified filters (Compl. ¶¶182-183, 185-186).

U.S. Patent No. 10,250,639 - “Information Infrastructure Management Data Processing Tools for Processing Data Flow With Distribution Controls,” Issued April 2, 2019 (’639 Patent)

  • Technology Synopsis: This patent focuses on a method of "sanitizing" data by processing it through a system with multiple sensitivity levels, each with an associated security clearance. The method involves extracting sensitive content, storing it in secure "extract data stores," and then using various filters (content, contextual, taxonomic) to "inference" the sanitized data to derive further insights or classifications, thereby protecting sensitive content while still allowing for its analysis (’639 Patent, Abstract).
  • Asserted Claims: At least independent claim 16 (Compl. ¶193).
  • Accused Features: The complaint alleges that the accused systems perform the claimed sanitization and inferencing by extracting critical financial data for storage in a secure vault, which creates a sanitized version of the data, and by using filters and data analytics to process that content (Compl. ¶¶216, 219, 222).

III. The Accused Instrumentality

Product Identification

The "Accused Instrumentalities" are Defendant Gulf Coast Bank's systems and methods for processing and backing up data, which are alleged to be compliant with the "Sheltered Harbor" specification or a functional equivalent thereof (Compl. ¶¶96, 99-100).

Functionality and Market Context

The complaint alleges that financial institutions like Gulf Coast use Sheltered Harbor-compliant systems to protect critical customer account data and ensure operational stability after a catastrophic event like a cyberattack (Compl. ¶63). The core functionality involves extracting critical account data, converting it to a standard format, and storing it in a secure, isolated, immutable, and air-gapped "data vault" (Compl. ¶¶70, 77). The complaint frequently references Dell’s PowerProtect Cyber Recovery solution as an exemplary system that is endorsed by Sheltered Harbor and embodies the infringing technology (Compl. ¶¶72, 79). A diagram from a Dell solution brief illustrates this architecture, showing a "Production Environment" where data is extracted and a separate "Data Vault Environment" where data is replicated and secured behind an air-gap (Compl. ¶73). The data in the vault is used for a "common restoration platform" to restore customer services after an outage (Compl. ¶78).

IV. Analysis of Infringement Allegations

’301 Patent Infringement Allegations

Claim Element (from Independent Claim 25) Alleged Infringing Functionality Complaint Citation Patent Citation
a method of organizing and processing data in a distributed computing system having select content important to an enterprise... The Accused Instrumentalities are used by Defendant (the enterprise) to process and protect critical customer financial account data (the select content) in a distributed network. ¶100, ¶102 col. 128:8-14
providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters... The Sheltered Harbor standard requires a secure "data vault" with designated stores for critical data. These stores are operative with "protection policies" which act as the claimed categorical filters to identify the data to be protected. ¶105, ¶107 col. 128:15-19
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content... The Accused Instrumentalities activate protection policies (filters) to extract critical financial account information from the production environment based on contextual or taxonomic associations, such as metadata tags. ¶109, ¶111 col. 128:20-25
storing said aggregated select content for said at least one categorical filter in said corresponding select content data store; The extracted critical account data is aggregated and stored in the secure data vault, which serves as the corresponding data store. ¶113-¶114 col. 128:26-28
for the activated categorical filter, associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process... The system associates data processes with the selected content; for example, it performs a copy/replication process to move the data into the vault and an archive process to store it according to retention policies. ¶116-¶117 col. 128:29-36
applying the associated data process to a further data input... Once a protection policy is established, all subsequent data inputs are processed in the same way, for instance, being copied to the designated storage unit in the vault. ¶119, ¶120 col. 128:37-43
wherein activating said designated categorical filter encompasses an automatic activation or a manual activation and said automatic activation is time-based, distributed computer system condition-based, or event-based. The system performs backups automatically on a nightly schedule (time-based) or upon detection of new assets (event-based), and can also be run manually ("on demand"). ¶122, ¶124 col. 128:44-49
  • Identified Points of Contention:
    • Scope Questions: A central question may be whether the "protection policies" and "virtual machine tags" described in the context of the Dell PowerProtect system (Compl. ¶¶88, 89) perform the function of the claimed "designated categorical filters." The defense may argue that modern backup policies are fundamentally different from the content-aware filtering described in the patent.
    • Technical Questions: The complaint alleges that the Sheltered Harbor system "associat[es] at least one data process" with a filter (Compl. ¶116). A point of contention could be whether the accused system performs this "associating" step in the manner required by the claim, or if the data processes (e.g., backup, replication) are general system functions applied to data that has already been identified by a policy, rather than being uniquely "associated" with the filter itself.

’169 Patent Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
providing in said distributed cloud-based computing system... a plurality of select content data stores... a plurality of granular data stores; and a cloud-based server... The accused system is alleged to be cloud-based and comprises a secure data vault (the select content stores) and production/backup systems (the granular data stores), managed by servers. ¶131, ¶133, ¶137 col. 132:15-26
extracting and storing said security designated data in respective select content data stores... Critical customer account data is extracted from the production environment and stored in the secure, air-gapped data vault. A diagram shows this data extraction process (Compl. ¶107). ¶144-¶145 col. 132:29-31
activating at least one of said select content data stores... thereby permitting access to said select content data stores... based upon an application of one or more of said access controls... The data vault is protected by strict access controls, such as multi-factor authentication. Access for restoration is permitted only after these controls are successfully applied. ¶149-¶150 col. 132:32-36
parsing remainder data not extracted... and storing the parsed data in respective granular data stores. Data not identified as critical remains in the production and backup systems (the granular data stores), separate from the vault. A diagram shows "Production Workloads" and "Backup Workloads" as distinct from the "Cyber Recovery Vault" (Compl. ¶153). ¶152-¶153 col. 132:37-40
withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto. Data is withdrawn from the vault for restoration only after satisfying strict security measures and access controls, such as credentialed access and multi-factor authentication. ¶158, ¶159 col. 132:44-48
  • Identified Points of Contention:
    • Scope Questions: The claim requires a "cloud-based computing system." The complaint alleges the accused systems are optionally implemented on platforms like AWS and Azure (Compl. ¶133). However, the core of the Sheltered Harbor standard is an "air-gapped" data vault, which is by definition "isolated from production and backup systems" (Compl. ¶77). The defense may argue that a physically or logically isolated, air-gapped vault does not meet the definition of a "cloud-based" system as understood in the art.
    • Technical Questions: The claim requires parsing and storing "remainder data" in "granular data stores." The complaint maps this to all data left in the production environment (Compl. ¶152). A potential dispute is whether simply leaving data behind in a production system constitutes the affirmative claim steps of "parsing" and "storing" remainder data as envisioned by the patent.

V. Key Claim Terms for Construction

For the ’301 Patent

  • The Term: "designated categorical filters"
  • Context and Importance: This term is the core of the invention's mechanism for identifying sensitive data. The infringement allegation hinges on mapping this term to the "protection policies" of the accused Sheltered Harbor systems (Compl. ¶107). The scope of "categorical filters" will determine whether the accused systems, which select data for backup based on criteria like VM folder names or metadata tags, fall within the claim.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The specification states that filters can be content-based, contextual, or taxonomic, and that they are used to "house content derived from designated categorical filters, as established by the enterprise" (Compl. ¶107). This language may support an interpretation that any enterprise-defined rule for selecting data is a "categorical filter."
    • Evidence for a Narrower Interpretation: The patent repeatedly discusses analyzing the content of data streams to identify sensitive information (e.g., ’301 Patent, col. 10:22-32, discussing classification systems based on label descriptions). The defense may argue this implies a deeper level of semantic analysis than simply identifying a file's location or metadata, which is what the accused systems are alleged to do (Compl. ¶110).

For the ’169 Patent

  • The Term: "cloud-based computing system"
  • Context and Importance: This term appears in the preamble of the asserted independent claim and defines the environment of the invention. The complaint's theory requires the accused system to be "cloud-based" (Compl. ¶131, ¶133). The viability of this infringement theory may depend on whether a system with a key component—the "air-gapped" vault—that is intentionally disconnected from networks can be considered "cloud-based."
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The specification does not appear to provide a specific definition of "cloud-based." Plaintiff may argue that because components of the accused system can be hosted on cloud platforms like AWS, the system as a whole qualifies as "cloud-based," even if parts are logically isolated.
    • Evidence for a Narrower Interpretation: The patent was filed in 2007. The defense may argue that the common understanding of "cloud-based" implies network accessibility, which is the opposite of the "air-gapped" and "isolated" nature of the accused data vault, a critical component of the infringement allegation (Compl. ¶¶77, 81).

VI. Other Allegations

  • Indirect Infringement: The complaint focuses on direct infringement by Defendant as the entity that "makes, owns, operates, uses, or otherwise exercises control" over the accused systems (Compl. ¶96). No specific counts for indirect infringement are included.
  • Willful Infringement: The complaint alleges willful infringement based on both post-suit and potential pre-suit knowledge (Compl. ¶¶126, 162, 189, 225). In Count V, Plaintiff alleges Defendant had actual notice of the patents as of the filing of the complaint, and, in the alternative, had notice as early as September 30, 2014, from encountering the patents during the prosecution of its own, unrelated patent applications (Compl. ¶228). The complaint further alleges that Defendant maintains a policy of not reviewing the patents of others, which it characterizes as willful blindness (Compl. ¶229).

VII. Analyst’s Conclusion: Key Questions for the Case

This case appears to center on whether a broad, industry-standard disaster recovery protocol can be mapped onto the specific steps of patents directed to granular, content-aware data management. The resolution will likely depend on the court's answers to several key questions:

  • A primary issue will be one of technological equivalence: Do the "protection policies" of modern data backup systems, which select entire datasets for replication based on location or metadata, perform the same function as the "categorical filters" claimed in the patents, which are described as operating on the specific content within a data stream?
  • A second core question will be one of definitional scope: Can an "air-gapped" and isolated data vault, a central feature of the accused cyber-recovery architecture, be considered part of a "cloud-based computing system" as required by the ’169 Patent, or does its intentional disconnection from the network place it outside the scope of that term?
  • Finally, the willfulness allegations raise a significant factual question of pre-suit knowledge: Did Defendant's citation of the patents-in-suit during the prosecution of its own applications constitute the kind of knowledge required to support a finding of willful infringement for its use of unrelated data backup systems?