DCT
1:23-cv-00339
Web 20 Tech Inc v. Nulab Inc
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: Web 2.0 Technologies, Inc. (Texas)
- Defendant: Nulab Inc. (Japan)
- Plaintiff’s Counsel: Devlin Law Firm LLC
- Case Identification: 1:23-cv-00339, S.D.N.Y., 01/13/2023
- Venue Allegations: Plaintiff alleges venue is proper in the Southern District of New York because Defendant is a Japanese corporation, which may be sued in any judicial district, and because Defendant’s acts of infringement allegedly took place within the district.
- Core Dispute: Plaintiff alleges that Defendant’s suite of online collaboration products (Backlog, Cacoo, Typetalk) infringes patents related to methods for managing and sharing personal information and for online document collaboration.
- Technical Context: The technology at issue involves foundational methods for secure, permission-based access to information and documents stored on network servers, a core component of modern cloud-based software-as-a-service (SaaS) collaboration platforms.
- Key Procedural History: The complaint alleges that Defendant has had actual knowledge of the asserted patents since at least June 15, 2021, the date it allegedly received a notice letter from Plaintiff. This allegation forms the basis for the willfulness claim.
Case Timeline
| Date | Event |
|---|---|
| 2000-01-07 | Priority Date for U.S. Patent No. 6,845,448 |
| 2000-01-07 | Priority Date for U.S. Patent No. 8,117,644 |
| 2007-03-13 | U.S. Patent No. 6,845,448 Issued |
| 2012-02-14 | U.S. Patent No. 8,117,644 Issued |
| 2021-06-15 | Plaintiff allegedly sent notice letter to Defendant |
| 2023-01-13 | Complaint Filed |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 6,845,448, “Online Repository for Personal Information” (Issued Mar. 13, 2007)
The Invention Explained
- Problem Addressed: The patent addresses the inefficiency and annoyance faced by early internet users who were frequently required to fill out lengthy forms with personal and demographic information on various websites (U.S. Patent No. 6,845,448, col. 1:12-24). It also notes the lack of a method for a user to store personal information in a single location and selectively authorize its distribution (U.S. Patent No. 6,845,448, col. 1:47-52).
- The Patented Solution: The invention proposes a centralized system where a user stores various "information objects" (e.g., contact details, preferences, health information) on a server computer coupled to a database. The user can assign different security levels to each information object, thereby controlling which authorized "requesters" can access specific pieces of information (U.S. Patent No. 6,845,448, Abstract; col. 2:22-43). The system architecture includes modules for security, database interface, and user account management to facilitate this controlled disbursement (U.S. Patent No. 6,845,448, Fig. 1).
- Technical Importance: The technology provided a conceptual framework for user-centric data management, allowing individuals to control their digital identity from a single repository rather than having it fragmented and controlled by various third-party websites (U.S. Patent No. 6,845,448, col. 1:31-35).
Key Claims at a Glance
- The complaint asserts at least independent Claim 1 (Compl. ¶19).
- Essential elements of Claim 1 (as corrected Dec. 31, 2013) include:
- A method performed by a server computer for disbursing a first party's personal information to a second party.
- Establishing an account for the first party and assigning an identifier.
- Entering the first party's personal information, comprising information objects.
- Receiving from the first party an assignment of security levels to each information object to enable selective access by receiving parties.
- Storing the identifier, information objects, and assigned security levels in a database.
- Receiving a request from a second party comprising the first party's identifier.
- In response, selecting and retrieving a portion of the personal information objects.
- Securely transmitting the retrieved information objects to the second party.
- Obtaining a second party identifier and, if unauthorized, recording the identifier and rejecting the request.
- The complaint reserves the right to assert other claims (Compl. ¶29).
U.S. Patent No. 8,117,644, “Method and System for Online Document Collaboration” (Issued Feb. 14, 2012)
The Invention Explained
- Problem Addressed: The patent identifies problems with early methods of online collaboration, such as the unmanageability of numerous bookmarks which can become "stale" (i.e., point to nonexistent pages) and the lack of controlled methods for sharing online documents with others (U.S. Patent No. 8,117,644, col. 1:46-65).
- The Patented Solution: The invention describes a method for online document collaboration where a server computer manages user accounts and stores documents. A first user who creates a document can associate a set of access restrictions, controlling which other users can modify it. The system then receives and verifies modification requests from a second user, permits the modification based on access rights, and importantly, receives and stores "approval or disapproval for the modifications from one or more users" (U.S. Patent No. 8,117,644, Abstract; col. 26:1-18).
- Technical Importance: The technology outlines a permission-based workflow for collaborative document editing, forming a basis for systems where multiple users can securely interact with a single, centrally-stored document with an auditable trail of changes (U.S. Patent No. 8,117,644, col. 3:45-53).
Key Claims at a Glance
- The complaint asserts at least independent Claim 1 (Compl. ¶32).
- Essential elements of Claim 1 include:
- A method for online document collaboration performed by a server computer.
- Storing on the server a document created by a first user.
- Associating a set of access restrictions with the document for modification by a first group of users whose identities are known.
- Receiving a request to modify the document from a second user, which includes the second user's identification information.
- Verifying the identity of the second user.
- Permitting the second user to modify the document based on a set of access rights.
- Receiving approval or disapproval for the modifications from one or more users.
- Storing identifying information of the user(s) who approved or disapproved the modifications.
- The complaint reserves the right to assert other claims (Compl. ¶41).
III. The Accused Instrumentality
Product Identification
The accused instrumentalities are Defendant Nulab's software-as-a-service products, including Backlog (project management), Cacoo (collaborative diagramming), and Typetalk (team chat), collectively referred to as the Nulab products (Compl. ¶¶19, 32).
Functionality and Market Context
The complaint alleges these products provide tools for online collaboration, allowing users to create and share information and documents (Compl. ¶32). A core alleged functionality is the ability for an "Administrator" to set granular permissions for other users (e.g., "Members" or "Guests"), controlling their ability to access, view, or edit project information and documents (Compl. ¶¶20, 34). This includes features like setting roles and privileges and restricting access based on IP addresses (Compl. ¶¶21, 33). The complaint presents the products as "all-in-one collaboration tool[s]" (Compl. ¶33, p. 11).
IV. Analysis of Infringement Allegations
U.S. Patent No. 6,845,448 Infringement Allegations
The complaint includes a screenshot from Nulab's support page showing different "Member roles and privileges" like Administrator, Member, and Guest (Compl. p. 7). This visual is used to support the allegation that Nulab's system provides for different levels of access to information, corresponding to the patent's "security levels" limitation (Compl. ¶20).
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| a method for automatically disbursing a first party's personal information to a second party... by transmitting said... information from a server computer | Nulab's products allegedly provide a method for sharing a first party's information with a second party from Nulab's servers (Compl. ¶20). | ¶20 | col. 2:22-40 |
| receiving, from the first party, assignment of at least one of a plurality of security levels to each information object | An administrator (first party) can allegedly assign roles like "Member" or "Guest" to a second party, which function as security levels controlling access to information. An administrator can also limit access via IP address (Compl. ¶21). | ¶¶20-21 | col. 14:41-47 |
| storing in the database the first party identifier, the information object and the security level assigned to the information object | Nulab's servers, coupled to a database, allegedly store user information and the associated access permissions (Compl. ¶20). | ¶20 | col. 8:30-38 |
| securely transmitting the retrieved first portion of personal information objects to the second party | Once a second party is authorized (e.g., as a "Member"), they can allegedly access the first party's information on Nulab's server (Compl. ¶22). | ¶22 | col. 12:35-43 |
| if the second party is not authorized to receive the information... rejecting the second party's request for information | If a second party does not have the required access level (e.g., role or IP address), their request to view information is allegedly rejected (Compl. ¶23). | ¶23 | col. 14:53-57 |
Identified Points of Contention
- Scope Questions: A primary question is whether project data, tasks, and diagrams within Nulab's collaboration tools constitute "personal information" as contemplated by the ’448 Patent. The patent specification provides a broad list of examples, including demographic, employment, health, and biometric data (U.S. Patent No. 6,845,448, col. 7:1-35), which may create a dispute over the intended scope of the term.
- Technical Questions: The analysis may question whether Nulab's role-based access control (RBAC) system functions as the claimed "security levels assigned to each information object." The court may need to determine if a user role is equivalent to a security level assigned to a specific data object, as opposed to a general permission set for a user account.
U.S. Patent No. 8,117,644 Infringement Allegations
The complaint provides a screenshot detailing "Access logs of web server," showing fields like "HTTP method and request path" and "User agent" (Compl. p. 15, p. 18). This visual is used to support the allegation that Nulab's system stores identifying information related to user modifications (Compl. ¶36).
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| storing, on the server computer, a document created by a first user | Nulab's Backlog and Cacoo products allegedly allow a user to create documents (e.g., issues, diagrams) that are stored on Nulab's servers (Compl. ¶34). | ¶34 | col. 25:56-58 |
| associating a set of access restrictions with the document | An administrator can allegedly assign roles ("Administrator", "Member", "Guest") and IP address restrictions that limit other users' ability to view, comment, or edit a document (Compl. ¶¶33-34). | ¶¶33-34 | col. 25:59-62 |
| receiving, from a second user, a request to modify the document | A second user with an assigned role allegedly attempts to modify a document by selecting it and requesting access (Compl. ¶34). The complaint points to an "Access logs" feature showing a "request path" when a user requests access (Compl. ¶34, p. 15). | ¶34 | col. 26:3-6 |
| permitting the second user to modify the document based on a set of access rights granted to the second user | If the second user has a sufficient access level (e.g., a "no restrictions" permission), they are permitted to modify the document. A screenshot shows how to "Edit issue" (Compl. ¶35, p. 17). If not, their request is disapproved (Compl. ¶35). | ¶35 | col. 26:9-11 |
| storing identifying information of the one or more users who approved or disapproved the modifications | The '644 Accused Instrumentalities allegedly store identifying information of users who make modifications in an "Access Log," which includes data such as the user agent, timestamp, and IP address (Compl. ¶36, p. 18). | ¶36 | col. 26:15-18 |
Identified Points of Contention
- Scope Questions: A central dispute may arise over the meaning of "receiving approval or disapproval for the modifications from one or more users." The complaint appears to equate a pre-modification permission check (i.e., having the right to edit) with the claim's "approval or disapproval" step. The defense may argue that the claim requires a separate, post-modification approval/disapproval workflow, which may not be present in the accused functionality.
- Technical Questions: Does the "Access Log" shown in the complaint (Compl. p. 18) actually store information about "approval or disapproval," or does it merely log access events and user actions? The evidence provided shows user agent and access path, which may not explicitly capture an approval or disapproval event as required by the claim.
V. Key Claim Terms for Construction
For the ’448 Patent
- The Term: "personal information"
- Context and Importance: This term's scope is fundamental to the infringement case. The complaint applies it to collaborative project data (Compl. ¶20). If the term is construed narrowly to cover only the types of identity and demographic data explicitly listed in the patent's background, the infringement case may be weakened. Practitioners may focus on this term because its construction will determine whether the patent is applicable to modern enterprise collaboration platforms.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The specification provides a very long and non-limiting list of what "personal information" can include, covering employment, property, health, biometric, credit, and personal preference data, suggesting an expansive definition (U.S. Patent No. 6,845,448, col. 7:1-35).
- Evidence for a Narrower Interpretation: The patent's background focuses on the problem of filling out forms for "demographic and other information" for websites like news sources and software downloads (U.S. Patent No. 6,845,448, col. 1:12-24). This context could support a narrower construction limited to user-profile and identity-related data.
For the ’644 Patent
- The Term: "receiving approval or disapproval for the modifications from one or more users"
- Context and Importance: This limitation appears to require an interactive workflow step beyond a simple permission check. The complaint's infringement theory hinges on equating access control rules with this "approval or disapproval" step (Compl. ¶35). The viability of the infringement claim for the ’644 Patent may depend on whether a one-time permission grant satisfies this ongoing "approval" requirement.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The claim language itself does not specify the timing or mechanism of the "approval or disapproval." A plaintiff could argue that a system of pre-approved access rights, where a user's modification is implicitly "approved" if their permissions allow it and "disapproved" if they do not, satisfies the limitation.
- Evidence for a Narrower Interpretation: The claim recites permitting modification before receiving approval/disapproval, suggesting two distinct steps. The abstract refers to storing information of users who "approved or disapproved the modifications," which could imply a post-facto review process, akin to a manager approving a subordinate's changes, rather than a simple permission check before an edit is made (U.S. Patent No. 8,117,644, Abstract).
VI. Other Allegations
Indirect Infringement
The complaint alleges that Nulab infringes "jointly (e.g., with its users and customers)" (Compl. ¶¶19, 32). This suggests a theory of induced infringement. The complaint relies heavily on Nulab's own public-facing support articles and documentation, which allegedly instruct users on how to use the accused features (e.g., setting permissions, editing documents). These allegations may be used to argue that Nulab intended for its users to perform the allegedly infringing steps.
Willful Infringement
The complaint alleges that Nulab has had "actual knowledge" of both the ’448 Patent and the ’644 Patent since receiving a notice letter on June 15, 2021 (Compl. ¶¶25, 28, 37, 40). The claim of continued infringement after this date is the basis for the allegation of willful, deliberate, and knowing infringement.
VII. Analyst’s Conclusion: Key Questions for the Case
This case will likely revolve around questions of claim scope and the mapping of patent concepts from the early 2000s onto modern, complex SaaS products.
- A central issue will be one of definitional scope: Can the term "personal information" from the ’448 Patent, which is described in the context of individual user profiles and demographics, be construed to encompass the collaborative project and business data managed by Defendant’s enterprise-focused software?
- A key evidentiary question will be one of functional interpretation: Does the ’644 Patent’s requirement of "receiving approval or disapproval for the modifications" describe a simple, one-time permission check, as alleged by the Plaintiff, or does it require a distinct, post-modification review-and-approve workflow that may not be present in the accused products?
- A third question concerns infringement liability: Can Plaintiff demonstrate that the actions of Nulab's end-users, when combined with Nulab's provision of the platform and instructional materials, satisfy all steps of the asserted method claims under a theory of direct or indirect infringement?