DigitalDoors Inc v. Bank Of Ann Arbor

I. Executive Summary and Procedural Information

• Parties & Counsel:
  • Plaintiff: DigitalDoors, Inc. (Florida)
  • Defendant: Bank of Ann Arbor (Michigan)
  • Plaintiff’s Counsel: Lucosky Brookman, LLP; Hoffberg & Associates
• Case Identification: 2:25-cv-11030, E.D. Mich., 04/10/2025
• Venue Allegations: Plaintiff alleges venue is proper because Defendant maintains physical business locations, employs residents, and generates substantial revenue within the Eastern District of Michigan.
• Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, which are compliant with the financial industry’s “Sheltered Harbor” standard, infringe four patents related to methods for granularly processing, securing, and storing sensitive data in a distributed computing environment.
• Technical Context: The technology relates to data security and survivability, specifically for isolating and protecting critical data to ensure operational continuity for financial institutions following a catastrophic cyberattack.
• Key Procedural History: The complaint does not reference prior litigation or post-grant proceedings. It extensively details the history of the Sheltered Harbor initiative, launched by the financial industry in 2015, framing it as a multi-year effort to solve technical challenges that Plaintiff’s patented inventions allegedly addressed years earlier. Plaintiff presents this history as evidence of the non-obviousness of the patented technology.

Case Timeline

Date	Event
2007-01-05	Earliest Priority Date for all Patents-in-Suit
2015-04-21	U.S. Patent No. 9,015,301 Issued
2015-01-01	Sheltered Harbor Initiative Launched
2017-08-15	U.S. Patent No. 9,734,169 Issued
2019-01-15	U.S. Patent No. 10,182,073 Issued
2019-04-02	U.S. Patent No. 10,250,639 Issued
2025-04-10	Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301 - “Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor”

• Patent Identification: U.S. Patent No. 9,015,301, “Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor,” issued April 21, 2015.

The Invention Explained

• Problem Addressed: Prior art data management systems were inefficient for handling unstructured data, could not effectively classify sensitive information using semantic analysis, and struggled to secure data within "open ecosystems" where information's sensitivity could change over its lifecycle (’301 Patent, col. 1:31-2:61). The central challenge was securing data at the granular content level rather than the file level (Compl. ¶27).
• The Patented Solution: The invention describes a method for processing data in a distributed system by using a plurality of "designated categorical filters" to identify and obtain "select content" (i.e., important or sensitive data) from a data input. This extracted content is then stored in corresponding, distributed data stores, and specific data management processes (e.g., copy, archive, destroy) are associated with the activated filter, allowing for automated, policy-based handling of the sensitive information (’301 Patent, Abstract; col. 3:17-4:35).
• Technical Importance: This approach enabled a shift from file-level security to content-aware security, allowing for more granular control, management, and survivability of sensitive information within complex, distributed IT infrastructures (Compl. ¶¶27, 30).

Key Claims at a Glance

• The complaint asserts at least independent claim 25 (Compl. ¶99).
• Essential Elements of Claim 25 (Method):
  • Providing, in a distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters.
  • Activating at least one filter and processing a data input through it to obtain select content and associated select content.
  • Storing the resulting aggregated select content in a corresponding data store.
  • Associating a data process (e.g., copy, extract, archive, distribution, destruction) with the activated filter.
  • Applying the associated data process to a further data input based on the results of the filtering.
  • Activating the filter based on an automatic (e.g., time-based, condition-based, or event-based) or manual trigger.
• The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 9,734,169 - “Digital Information Infrastructure and Method for Security Designated Data and with Granular Data Stores”

• Patent Identification: U.S. Patent No. 9,734,169, “Digital Information Infrastructure and Method for Security Designated Data and with Granular Data Stores,” issued August 15, 2017.

The Invention Explained

• Problem Addressed: The patent addresses the need for secure data management in distributed, cloud-based computing environments, where it is critical to segregate sensitive data and control access to it without compromising the usability of the remaining, non-sensitive data (’169 Patent, col. 1:1-2:29).
• The Patented Solution: The invention provides a method where a cloud-based system uses separate data stores for "security designated data" (select content) and "granular data" (remainder data). The system extracts the sensitive data and stores it in secure "select content data stores" with specific access controls. The remaining, non-sensitive data is parsed and stored separately in "granular data stores." This architecture allows for the secure, controlled withdrawal and restoration of the sensitive data without exposing the entire dataset (’169 Patent, Abstract; col. 3:29-4:19).
• Technical Importance: The invention provides a specific architectural framework for implementing granular data security within a cloud infrastructure, which is critical for industries like finance that handle highly sensitive customer information (Compl. ¶¶131, 133).

Key Claims at a Glance

• The complaint asserts at least independent claim 1 (Compl. ¶130).
• Essential Elements of Claim 1 (Method):
  • In a distributed cloud-based system, providing a plurality of select content data stores, a plurality of granular data stores, and a cloud-based server.
  • Providing a communications network coupling the select content data stores and the server.
  • Extracting and storing security designated data in the select content data stores.
  • Activating at least one select content data store to permit access to the security designated data based on access controls.
  • Parsing remainder data not extracted and storing it in the granular data stores.
  • Withdrawing the security designated data from the data stores only in the presence of the applied access controls.
• The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 10,182,073 - “Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores”

• Patent Identification: U.S. Patent No. 10,182,073, “Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores,” issued January 15, 2019.
• Technology Synopsis: This patent describes an information infrastructure that processes data using a set of initially configured filters to identify and segregate sensitive and select content. A key aspect of the invention is the ability to dynamically alter these filters—by expanding, contracting, or reclassifying their definitions—which in turn generates modified filters that organize subsequent data throughput according to the new rules ('073 Patent, Abstract; col. 3:1-16). This creates an adaptive data management system.
• Asserted Claims: At least Claim 1 (Compl. ¶166).
• Accused Features: The complaint alleges that the accused systems’ use of configurable “protection policies,” which can be created and modified by the enterprise to alter how critical data is identified and vaulted, infringes this patent (Compl. ¶¶182-183, 185). A screenshot of the Dell PowerProtect UI shows options for selecting and modifying filters for report generation, which the complaint offers as an example of this capability (Compl. ¶186, p. 90).

U.S. Patent No. 10,250,639 - “Information Infrastructure Management Data Processing Tools for Regulated Data Flow with Distribution Controls”

• Patent Identification: U.S. Patent No. 10,250,639, “Information Infrastructure Management Data Processing Tools for Regulated Data Flow with Distribution Controls,” issued April 2, 2019.
• Technology Synopsis: This patent discloses a method for "sanitizing" data processed in a distributed system. The system extracts sensitive content from a data input based on a plurality of sensitivity levels, storing the extracted data and the remainder data separately. The method then involves "inferencing" the sanitized data using a combination of content, contextual, and taxonomic filters to obtain an analyzed but secure version of the data ('639 Patent, Abstract).
• Asserted Claims: At least Claim 16 (Compl. ¶193).
• Accused Features: The accused systems are alleged to infringe by extracting sensitive "critical account data," storing it securely in a data vault, and thereby creating a "sanitized" version of the production data that is protected from cyber threats but available for controlled restoration and analysis (Compl. ¶¶216-217, 219).

III. The Accused Instrumentality

• Product Identification: The "Accused Instrumentalities" are identified as the data processing, backup, and disaster recovery systems and methods owned, controlled, or used by Defendant Bank of Ann Arbor (Compl. ¶96). The complaint alleges these systems are either compliant with the "Sheltered Harbor" specification or are functionally equivalent (Compl. ¶96).
• Functionality and Market Context: The complaint alleges the accused systems perform the core functions of the Sheltered Harbor standard, which was created by the financial services industry in 2015 to enhance resilience against catastrophic cyberattacks (Compl. ¶63). Key alleged technical functions include the daily extraction of critical customer account data from production environments, its conversion into a standard format, and its transmission to a physically or logically separate, "air-gapped," and immutable digital vault for secure storage (Compl. ¶¶70, 73, 77). The complaint includes a diagram illustrating this architecture, showing a "Production Environment" where data is extracted and an isolated "Data Vault Environment" where the data is replicated and secured (Compl. ¶73, p. 31). This vaulted data can then be used for restoration in the event the primary systems fail (Compl. ¶71). The complaint positions Sheltered Harbor as an industry-wide standard adopted by institutions holding a majority of U.S. deposit accounts (Compl. ¶65).

IV. Analysis of Infringement Allegations

9,015,301 Infringement Allegations

Claim Element (from Independent Claim 25)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters...	The accused systems provide a Sheltered Harbor data vault (select content data stores) that operates with "protection policies" (designated categorical filters) to govern what data is protected.	¶105, ¶107	col. 3:34-41
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content...	The systems activate protection policies to process financial data and extract "critical account data" based on contextual or taxonomic associations, such as by using aggregated tags.	¶109, ¶111	col. 4:1-5
storing said aggregated select content for said at least one categorical filter in said corresponding select content data store;	The extracted critical account data is stored in the corresponding secure data vault. The complaint provides a diagram from a Dell solution brief showing multiple data stores in a "Cyber Recovery Vault" for backup, copy, lock, and analysis.	¶113, ¶106 (p. 50)	col. 4:5-8
and for the activated categorical filter, associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process.	The systems associate specific actions with the extracted data, such as copying it to the vault, archiving it according to Sheltered Harbor technical requirements, and applying distribution controls.	¶116-117	col. 4:8-12
applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter...	Once a protection policy is established, all subsequent data inputs (e.g., nightly backups) are automatically processed in the same way under that policy.	¶119, ¶121	col. 4:12-16
activating a designated categorical filter, which encompasses an automatic activation... said automatic activation is time-based, distributed computer system condition-based, or event-based.	The systems perform data extraction and vaulting automatically at a designated time interval (nightly), upon a designated condition (detection of new assets), or on demand.	¶122, ¶124	col. 14:45-15:4

9,734,169 Infringement Allegations

Claim Element (from Independent Claim 1)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
providing in said distributed cloud-based computing system: (i) a plurality of select content data stores... (ii) a plurality of granular data stores; and (iii) a cloud-based server...	The accused systems are optionally implemented in cloud environments (e.g., AWS, Azure) and comprise a secure data vault (select content stores) that is separate from production and backup systems (granular data stores).	¶133, ¶137, ¶140	col. 3:33-46
providing a communications network operatively coupling said plurality of select content data stores and cloud-based server.	The production and vault environments are operatively coupled by a communications network, which includes a logical "air gap" for security. The complaint includes a diagram showing this "Air Gap" between the Production and CR Vault environments.	¶142, ¶143 (p. 69)	col. 3:40-42
with respect to data processed by said cloud-based system extracting and storing said security designated data in respective select content data stores;	The systems extract critical financial account data and store it in the secure data vault.	¶144, ¶147	col. 4:6-9
activating at least one of said select content data stores... thereby permitting access to said select content data stores and respective security designated data based upon an application of one or more of said access controls thereat.	Access to the data vault for restoration is strictly controlled by security measures like multi-factor authentication and credentialed access.	¶149-150	col. 3:42-46
parsing remainder data not extracted from data processed... and storing the parsed data in respective granular data stores.	Data not extracted as critical remains on the production side systems (outside the vault) in granular data stores such as production and backup workloads.	¶152-153	col. 4:10-12
withdrawing some or all of said security designated data... only in the presence of said respective access controls applied thereto.	Data is withdrawn from the secure vault to a restoration platform only after strict security and access control measures are satisfied.	¶158-159	col. 4:15-19

• Identified Points of Contention:
  • Scope Questions: The case may turn on whether the accused "Sheltered Harbor" compliant systems, which perform highly secure data backup and recovery, fall within the scope of patent claims directed to "extracting" select content using "categorical filters." A central question for the court will be whether a system that copies critical data for safekeeping is legally equivalent to a system that "extracts" granular content from a data stream and "parses" the remainder.
  • Technical Questions: What evidence does the complaint provide that the accused systems perform "parsing" of "remainder data" as a distinct step required by claim 1 of the ’169 Patent? The complaint focuses heavily on the extraction and vaulting of critical data, raising the question of whether the handling of non-critical data in the accused systems meets the specific claim limitation.

V. Key Claim Terms for Construction

• The Term: "categorical filters" (’301 Patent, Claim 25)

  • Context and Importance: This term is the primary mechanism for identifying the "select content" to be protected. The plaintiff's infringement theory depends on construing this term broadly enough to read on the "protection policies" allegedly used in the Sheltered Harbor framework. Practitioners may focus on this term because its scope will likely determine whether a sophisticated backup policy can be considered an infringing filter.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The specification states that enterprise-designated filters are used to screen data for policies such as "service level of policy, customer privacy policy, enterprise human resource policy," and others, suggesting the term can encompass high-level business rules (’301 Patent, col. 4:15-24).
    • Evidence for a Narrower Interpretation: The specification provides detailed descriptions of specific filter modules, such as the "Contextual Filter Module," "Taxonomic Filter Module," and "Classification Generator," which perform complex semantic and hierarchical analysis (’301 Patent, col. 11:18-12:2). A party might argue the term should be limited to these specific, technically complex implementations rather than general policies.

• The Term: "extracting" and "remainder data" (’169 Patent, Claim 1)

  • Context and Importance: The relationship between these terms is critical to distinguishing the claimed invention from conventional data backup. Infringement may hinge on whether creating a secure copy of critical data constitutes "extracting" it, leaving the original production data as the "remainder data."
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The patent summary describes a system where "extracted security sensitive data for a corresponding security level is stored in a respective sensitive extract store" and "remainder data is stored in distributed computer systems" (’169 Patent, col. 4:1-5).
    • Evidence for a Narrower Interpretation: The patent family describes processes involving "extraction and removal of the prioritized content and its replacement by appropriate placeholders" (’301 Patent, col. 103:1-3). This language suggests that "extracting" involves more than copying; it implies altering the original data stream, which may not occur in a standard backup operation.

VI. Other Allegations

• Indirect Infringement: The complaint does not provide sufficient detail for analysis of indirect infringement, as the counts are directed to Defendant's direct infringement by "making, using, importing, selling, and/or offering for sale the Accused Instrumentalities" (Compl. ¶99, ¶130, ¶166, ¶193).
• Willful Infringement: The complaint alleges willful infringement based on both post-suit and alleged pre-suit knowledge (Compl. ¶¶227-229). Post-suit knowledge is based on the service of the complaint itself (Compl. ¶228). The allegation of pre-suit knowledge, dating back to September 30, 2014, is based on arguments allegedly made during the prosecution of the Defendant's own patent applications that referenced the DigitalDoors patents (Compl. ¶228). The complaint further alleges willful blindness based on a purported policy or practice at Bank of Ann Arbor of not reviewing the patents of others (Compl. ¶229).

VII. Analyst’s Conclusion: Key Questions for the Case

• A core issue will be one of definitional scope: can the term "categorical filter," rooted in the patents' descriptions of complex content and contextual analysis, be construed to cover the rule-based "protection policies" that the complaint alleges are used in the industry-standard Sheltered Harbor data backup and recovery framework?
• A key evidentiary question will be one of operational equivalence: does the accused process of creating an isolated, immutable backup of "critical customer account data" in a secure vault constitute "extracting" sensitive content and "parsing remainder data" as required by the claims, or is there a fundamental mismatch in technical operation between a highly secure backup system and the patents' granular data segregation methods?
• A dispositive preliminary question may be one of patent eligibility: given that the patents claim methods of organizing, filtering, and processing data, the court will need to assess whether the asserted claims are directed to an abstract idea and, if so, whether they contain an inventive concept that transforms them into patent-eligible subject matter under 35 U.S.C. § 101.