DigitalDoors Inc v. Peapack Private Bank & Trust

I. Executive Summary and Procedural Information

• Parties & Counsel:
  • Plaintiff: DigitalDoors, Inc. (Florida)
  • Defendant: Peapack Private Bank & Trust (New Jersey)
  • Plaintiff’s Counsel: Lucosky Brookman, LLP; Hoffberg & Associates
• Case Identification: 3:25-cv-02349, D.N.J., 04/07/2025
• Venue Allegations: Plaintiff alleges venue is proper in the District of New Jersey because Defendant is a New Jersey-chartered bank with its principal place of business, physical locations, and employees within the district.
• Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, particularly those compliant with the financial industry's "Sheltered Harbor" standard, infringe four patents related to methods for securely filtering, extracting, and storing sensitive data in distributed computing systems.
• Technical Context: The technology concerns cybersecurity and data resiliency for financial institutions, a critical sector where protecting customer data and ensuring operational continuity in the face of cyberattacks is paramount for market stability.
• Key Procedural History: The complaint alleges the patented inventions were developed for U.S. government data security applications and predate by several years the financial industry's 2015 initiative to create the accused "Sheltered Harbor" standards, a fact Plaintiff presents as evidence of the patents' non-obvious and unconventional nature.

Case Timeline

Date	Event
2007-01-05	Priority Date for ’301, ’169, ’073, and ’639 Patents
2015-04-21	U.S. Patent No. 9,015,301 Issues
2015	Sheltered Harbor industry initiative launched
2017-08-15	U.S. Patent No. 9,734,169 Issues
2019-01-15	U.S. Patent No. 10,182,073 Issues
2019-04-02	U.S. Patent No. 10,250,639 Issues
2025-04-07	Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301 - "Information infrastructure management tools with extractor, secure storage, analysis and classification and method therefor"

• Patent Identification: U.S. Patent No. 9,015,301, "Information infrastructure management tools with extractor, secure storage, analysis and classification and method therefor," issued April 21, 2015.

The Invention Explained

• Problem Addressed: At the time of the invention, enterprise data management systems struggled to secure open ecosystems with numerous access points, manage unstructured content, and effectively address the changing sensitivity of information over its lifecycle (Compl. ¶28; ’301 Patent, col. 1:60-2:61). Conventional approaches focused on securing entire files rather than the sensitive content within them (Compl. ¶28).
• The Patented Solution: The invention proposes a method of organizing and processing data by using a system of "categorical filters" (which can be content-based, contextual, or taxonomic) to identify and extract specific "select content" from a larger data stream. This extracted sensitive content is then stored in designated secure data stores, separate from the remainder of the data. The system associates specific data processes (e.g., copy, archive, destroy) with the filtered content, allowing for granular, content-aware security management in a distributed system (Compl. ¶27; ’301 Patent, Abstract, col. 3:20-4:18).
• Technical Importance: This approach represented a shift from file-level security to content-level security, enabling more precise control over sensitive data within complex, distributed information systems (Compl. ¶28; ’301 Patent, col. 9:46-58).

Key Claims at a Glance

• The complaint asserts at least independent claim 25 (’301 Patent, col. 131:25-132:20).
• Essential elements of claim 25 include:
  • Providing a plurality of select content data stores operative with designated categorical filters.
  • Activating a filter to process a data input to obtain "select content" that is contextually or taxonomically associated.
  • Storing the aggregated select content in a corresponding data store.
  • Associating a data process (e.g., copy, extract, archive) with the activated filter.
  • Applying that associated data process to subsequent data inputs processed by the filter.
  • Activating the filter automatically based on time, system conditions, or specific events.
• The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 9,734,169 - "Digital information infrastructure and method for security designated data and with granular data stores"

• Patent Identification: U.S. Patent No. 9,734,169, "Digital information infrastructure and method for security designated data and with granular data stores," issued August 15, 2017.

The Invention Explained

• Problem Addressed: The patent addresses the need for enhanced data security in distributed and cloud-based computing environments, where separating and securing critical information from less sensitive data is a primary challenge (’169 Patent, Abstract).
• The Patented Solution: The invention describes a method for a "distributed cloud-based computing system" to enhance security by extracting "security designated data" and storing it in a plurality of secure "select content data stores" that are governed by specific access controls. The "remainder data" that was not extracted is parsed and stored separately in "granular data stores." This architectural separation ensures that sensitive data is isolated and can only be withdrawn under strict controls, while the non-sensitive remainder is stored elsewhere, making it difficult for an attacker to reconstruct a complete data set (’169 Patent, Abstract; col. 3:45-4:24).
• Technical Importance: This architecture provides a method for securing sensitive information in a cloud environment by physically and logically separating critical data extracts from the bulk of an organization's data, enhancing resilience against breaches (’169 Patent, Abstract).

Key Claims at a Glance

• The complaint asserts at least independent claim 1 (’169 Patent, col. 132:11-40).
• Essential elements of claim 1 include:
  • Providing, in a distributed cloud-based system, a plurality of select content data stores, a plurality of granular data stores, and a cloud-based server.
  • Extracting and storing security-designated data in the select content data stores.
  • Activating a select content data store to permit access based on access controls.
  • Parsing the "remainder data" (not extracted) and storing it in the granular data stores.
  • Withdrawing the security-designated data and parsed remainder data only when the respective access controls are applied.
• The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 10,182,073 - "Information infrastructure management tools with variable and configurable filters and segmental data stores"

• Patent Identification: U.S. Patent No. 10,182,073, "Information infrastructure management tools with variable and configurable filters and segmental data stores," issued January 15, 2019.
• Technology Synopsis: This patent describes an information infrastructure where data is processed using a plurality of filters that are explicitly dynamic and configurable. The invention addresses the need for adaptable security policies by teaching a method of altering the initially configured filters—by expanding, contracting, or reclassifying their definitions—and then generating modified filters to organize subsequent data throughput, allowing an enterprise to evolve its data protection rules over time (Compl. ¶182, ¶185; ’073 Patent, Abstract).
• Asserted Claims: At least independent claim 1 is asserted (Compl. ¶166).
• Accused Features: The accused systems allegedly infringe by providing a user interface that enables the operating enterprise to define, run, monitor, and modify data protection policies (the alleged filters) that govern the replication and storage of data in the secure vault (Compl. ¶183, ¶186). A screenshot from a Dell instructional video shows a user interface for selecting various "Filters" to apply to a report, which the complaint alleges is evidence of this functionality (Compl. ¶186, p. 90).

U.S. Patent No. 10,250,639 - "Information infrastructure management data processing tools for processing data flow with distribution controls"

• Patent Identification: U.S. Patent No. 10,250,639, "Information infrastructure management data processing tools for processing data flow with distribution controls," issued April 2, 2019.
• Technology Synopsis: This patent discloses a method of "sanitizing" data by processing it through a system with multiple data stores and filters. The method involves extracting sensitive content based on various sensitivity levels and associated security clearances, storing it in secure "extract data stores," and leaving behind "remainder data." The system then applies an "inferencing" step using content, contextual, and taxonomic filters to the sanitized data to obtain further insights or apply additional controls (Compl. ¶194, ¶219; ’639 Patent, Abstract).
• Asserted Claims: At least independent claim 16 is asserted (Compl. ¶193).
• Accused Features: The complaint alleges the accused systems perform the claimed sanitization by extracting critical financial account data (sensitive content) into a secure data vault, which creates sanitized data versions for recovery. The use of data analytics on vaulted data is alleged to be the claimed "inferencing" step performed with various filters (Compl. ¶217, ¶219, ¶222).

III. The Accused Instrumentality

Product Identification

• The accused instrumentalities are the data backup, disaster recovery, and data vaulting systems and methods that Defendant Peapack makes, owns, or uses, which are alleged to be compliant with the "Sheltered Harbor" industry specification or a functional equivalent thereof (Compl. ¶96). The complaint identifies the Dell PowerProtect Cyber Recovery system as an exemplary, endorsed implementation of the Sheltered Harbor standard (Compl. ¶72).

Functionality and Market Context

• The Sheltered Harbor standard requires financial institutions to perform nightly backups by extracting "critical customer account data," converting it to a standard format, and storing it in a secure, immutable, and "air-gapped" digital vault that is isolated from production and backup networks (Compl. ¶70, ¶77). The purpose of this architecture is to ensure that in the event of a catastrophic cyberattack that compromises primary systems and conventional backups, an institution can restore critical account functions from the untainted data in the vault (Compl. ¶71). A diagram in the complaint illustrates this architecture, showing a "Production Environment" where data is extracted and an isolated "Data Vault Environment" where the data is replicated and stored in a locked vault (Compl. ¶73, p. 31). The complaint alleges that Sheltered Harbor is an industry-driven standard launched in 2015 to promote the stability of U.S. financial markets, with widespread adoption (Compl. ¶63, ¶65-66).

IV. Analysis of Infringement Allegations

'301 Patent Infringement Allegations

Claim Element (from Independent Claim 25)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters which stores are operatively coupled over a communications network	The accused systems provide a "data vault," which contains multiple designated stores for backups and is operative with "protection policies" that act as categorical filters to govern the storage of sensitive content (Compl. ¶105, ¶107). A diagram illustrates a vault with distinct stores for "Backup, Copy, Lock, and Analyze" (Compl. ¶106, p. 50).	¶105-108	col. 13:30-41
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content, which associated select content is at least one of contextually associated select content and taxonomically associated select content, as aggregated select content	The accused systems activate "protection policies" (filters) to extract critical financial data, which is contextually or taxonomically associated through the use of tags and metadata for grouping and sorting assets (Compl. ¶109-111).	¶109-112	col. 14:14-25
associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process	The accused systems associate data processes such as copying, archiving, and extracting with specific data types in the data vault, as dictated by enterprise policies (Compl. ¶116-117).	¶116-118	col. 14:2-8
applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter	Once a protection policy is established, it is automatically applied to all subsequent data inputs (e.g., nightly backups) that are processed by the system (Compl. ¶119, ¶121).	¶119-121	col. 14:9-13
activating a designated categorical filter, which encompasses an automatic activation... and said automatic activation is time-based, distributed computer system condition-based, or event-based	The system automatically processes data based on a designated time interval (e.g., nightly), a designated condition (detection of new data), or manual initiation (Compl. ¶122, ¶124).	¶122-124	col. 15:1-8

• Identified Points of Contention:
  • Scope Questions: A central question will be whether the "protection policies" implemented in the accused Sheltered Harbor systems, which govern backup and vaulting operations, meet the patent's definition of "categorical filters." Similarly, the court may need to determine if the use of metadata tags for asset management constitutes "taxonomically associated select content" as claimed.
  • Technical Questions: The analysis may focus on whether the accused system, designed for disaster recovery, truly performs the claimed step of "associating" distinct data processes like "copy," "extract," and "archive" to a filter, or if it simply performs a single, monolithic "backup-and-vault" operation.

'169 Patent Infringement Allegations

Claim Element (from Independent Claim 1)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
providing in said distributed cloud-based computing system: (i) a plurality of select content data stores for respective ones of a plurality of security designated data; and (ii) a plurality of granular data stores; and (iii) a cloud-based server...	The accused systems are alleged to be cloud-based and provide a secure "data vault" (select content stores) that is architecturally separate from production and backup systems (granular data stores), as illustrated in system diagrams (Compl. ¶133, ¶140, p. 68).	¶137-141	col. 1:21-36
extracting and storing said security designated data in respective select content data stores	The systems extract critical customer account data ("security designated data") and store it in the secure, air-gapped data vault (Compl. ¶144, ¶148).	¶144, ¶148	col. 3:45-48
parsing remainder data not extracted from data processed by said cloud-based system and storing the parsed data in respective granular data stores	Data not extracted for the vault (remainder data) is stored in the production and backup systems, which constitute the "granular data stores" (Compl. ¶152-153). A diagram shows "Production Workloads" and "Backup Workloads" as distinct from the "Cyber Recovery Vault" (Compl. ¶153, p. 74).	¶152-154	col. 4:1-4
withdrawing some or all of said security designated data... from said respective data stores only in the presence of said respective access controls applied thereto	Data can only be withdrawn from the secure vault to a "restoration platform" upon satisfaction of strict access controls, including multi-factor authentication (Compl. ¶158-160).	¶158-160	col. 4:18-24

• Identified Points of Contention:
  • Scope Questions: The dispute may hinge on whether the defendant's standard production and backup systems qualify as "granular data stores" for "parsing remainder data," or if the claim requires a more active parsing and distribution process for the non-sensitive data. Another key question is whether the defendant's on-premise or hybrid implementation meets the "cloud-based" limitation.
  • Technical Questions: It raises the question of what evidence will show that the non-extracted data is actively "parsed," as the claim requires, versus simply being left in its original state on the production systems.

V. Key Claim Terms for Construction

• The Term: "categorical filters" (’301 Patent)

  • Context and Importance: This term is the core mechanism of the invention. The infringement case depends on whether the "protection policies" used in Sheltered Harbor-compliant systems fall within the scope of this term.
  • Evidence for a Broader Interpretation: The patent specification suggests the term is functional, describing filters for a wide range of enterprise policies, including "customer privacy policy, enterprise human resource privacy policy, financial data handling policy," and others ('301 Patent, col. 4:18-24). This could support an argument that any policy-based rule for selecting data is a "categorical filter."
  • Evidence for a Narrower Interpretation: The specification repeatedly breaks down filters into specific types, such as "content-based filters, contextual filters, and taxonomic classification filters" ('301 Patent, col. 3:38-41). This could support a narrower construction requiring a filter to operate based on the intrinsic content or classification of the data, not just its location or file type for a backup routine.

• The Term: "parsing remainder data" (’169 Patent)

  • Context and Importance: Infringement of the ’169 Patent requires a specific action be taken on the data not sent to the secure vault. Defendant may argue its systems simply leave this data in place, without performing any "parsing."
  • Evidence for a Broader Interpretation: The overall context of the invention is the separation of data. One could argue that any process that separates data and stores the non-critical portion (the remainder) inherently involves "parsing" it into a separate logical category.
  • Evidence for a Narrower Interpretation: Claim 1 explicitly recites both "randomly parsing and storing" and "parsing and storing... according to a predetermined algorithm" (’169 Patent, col. 132:14-19). This language suggests "parsing" is an active, not passive, step of processing or distributing the remainder data.

VI. Other Allegations

• Indirect Infringement: The complaint focuses on direct infringement under 35 U.S.C. § 271(a), alleging Defendant "makes, uses, imports, sells, and/or offers for sale" the accused systems (Compl. ¶99, ¶130, ¶166, ¶193). It does not contain separate counts for induced or contributory infringement.
• Willful Infringement: The complaint includes a specific count for knowledge and willfulness (Compl., Count V, ¶227-229). It alleges Defendant has had actual notice of the patents since at least the service of the complaint. It further alleges pre-suit knowledge dating back to at least September 30, 2014, based on arguments allegedly made during the prosecution of Defendant's own patent applications, and alleges that Defendant maintains a policy of "willful blindness" by instructing employees not to review the patents of others (Compl. ¶228-229).

VII. Analyst’s Conclusion: Key Questions for the Case

• A core issue will be one of definitional scope: can the technical patent terms, such as "categorical filter" and "parsing remainder data", which describe a granular, content-aware security method, be construed to read on the operational terminology of the accused "Sheltered Harbor" systems, which are described as industry standards for secure, isolated disaster recovery backups?
• A key evidentiary question will be one of functional equivalence: does the accused system's primary function—creating a complete, immutable, and recoverable copy of critical data in an isolated vault—constitute the same inventive method as the patents' claimed process of selectively extracting sensitive content, separating it from remainder data, and applying distinct, content-based rules for its management and reconstruction?
• The case will also present a question of temporal context and industry practice: does the financial industry's development of the accused standards years after the patents' priority date, as alleged by the Plaintiff, demonstrate that the patented methods were non-obvious and unconventional, or will it be seen as an independent, parallel development addressing different industry-specific needs?