DCT
1:23-cv-02589
Web 20 Tech LLC v. Nulab Inc
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: Web 2.0 Technologies, LLC (Texas) and Pennar Software Corporation (Texas)
- Defendant: Nulab Inc. (Japan, with a principal place of business in New York)
- Plaintiff’s Counsel: Devlin Law Firm LLC
- Case Identification: 1:23-cv-02589, S.D.N.Y., 07/12/2023
- Venue Allegations: Plaintiff alleges venue is proper because Defendant is a Japanese corporation, and its acts of infringement, including sales and offers for sale of the accused products, have taken place within the Southern District of New York.
- Core Dispute: Plaintiff alleges that Defendant’s suite of online collaboration products infringes patents related to secure, permission-based management and sharing of online information and documents.
- Technical Context: The technology at issue addresses fundamental challenges in cloud-based collaboration, specifically the management of access rights, permissions, and modification workflows for digital assets shared among multiple users.
- Key Procedural History: The complaint alleges that Defendant has had actual knowledge of both asserted patents since at least June 15, 2021, based on notice letters sent by Plaintiff.
Case Timeline
| Date | Event |
|---|---|
| 2000-01-07 | Priority Date for U.S. Patent 6,845,448 |
| 2000-01-07 | Priority Date for U.S. Patent 8,117,644 |
| 2005-01-18 | U.S. Patent 6,845,448 Issues |
| 2012-02-14 | U.S. Patent 8,117,644 Issues |
| 2021-06-15 | Defendant allegedly receives notice of infringement for both patents |
| 2023-07-12 | Complaint Filed |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 6,845,448 - “Online Repository for Personal Information”
- Issued: Jan. 18, 2005
The Invention Explained
- Problem Addressed: The patent describes the inefficiency and annoyance faced by internet users who must repeatedly fill out forms with personal and demographic information for various websites. It also notes that existing credit reporting agencies provide incomplete or unverified information and do not cover the full range of user data needed for online interactions (’448) Patent, col. 1:16-38, col. 2:1-14).
- The Patented Solution: The invention proposes a centralized online repository where a user can store various types of personal information. The system allows the user to assign different security levels to different pieces of information ("information objects") and then authorize third-party "requesters" to access specific information based on those permissions (’448 Patent, Abstract; col. 2:22-42). This creates a secure and efficient method for selectively disbursing personal data.
- Technical Importance: At a time of rapid growth in e-commerce and online services, the invention provided a framework for managing a user's digital identity and controlling the flow of their personal data in a granular, secure manner (’448 Patent, col. 1:40-55).
Key Claims at a Glance
- The complaint asserts at least independent Claim 1, as corrected by a 2013 Certificate of Correction.
- The essential elements of corrected Claim 1 include:
- A method, performed by a server computer, for disbursing a first party's personal information to a second party.
- Establishing an account and assigning an identifier to the first party.
- Entering the first party's personal information, which comprises a plurality of "information objects."
- Receiving from the first party an "assignment of at least one of a plurality of security levels to each information object at any granularity."
- Storing the identifier, information object, and its assigned security level.
- Receiving a request from a second party that includes the first party's identifier.
- In response, selecting, retrieving, and securely transmitting a portion of the first party's information.
- Obtaining a second party identifier and, if the second party is not authorized, recording its identifier and rejecting the request.
- The complaint reserves the right to assert additional claims as the case progresses (Compl. ¶29).
U.S. Patent No. 8,117,644 - “Method and System for Online Document Collaboration”
- Issued: Feb. 14, 2012
The Invention Explained
- Problem Addressed: The patent identifies the limitations of traditional web bookmarks, which can become "stale" if the underlying content is moved or deleted, and the lack of effective methods for sharing and collaborating on online documents in a controlled manner (’644) Patent, col. 1:56-65).
- The Patented Solution: The invention describes a system for online document collaboration where a first user can store a document on a server and associate it with specific access restrictions. A second user can then request to modify the document. The system verifies the second user's identity, permits modification based on granted access rights, and then facilitates an "approval or disapproval" of the changes by one or more users, storing identifying information about who approved or disapproved the changes (’644 Patent, Abstract).
- Technical Importance: The technology addresses the need for structured workflows, version control, and permissioning in the context of emerging web-based collaborative platforms, moving beyond simple document storage to active, multi-user editing environments.
Key Claims at a Glance
- The complaint asserts at least independent Claim 1.
- The essential elements of Claim 1 include:
- A method for online document collaboration performed by a server.
- Establishing accounts for a plurality of users.
- Storing a document created by a first user.
- Associating a set of access restrictions with the document for a first group of users.
- Receiving a request to modify the document from a second user, which includes the second user's identification.
- Verifying the second user's identity.
- Permitting the second user to modify the document based on a set of access rights.
- "Receiving approval or disapproval for the modifications from one or more users."
- Storing identifying information of the user(s) who approved or disapproved the modifications.
- The complaint reserves the right to assert additional claims (Compl. ¶40).
III. The Accused Instrumentality
Product Identification
- The accused instrumentalities are Defendant Nulab’s software products, including Backlog, Cacoo, Typetalk, and Nulab Pass (Compl. ¶¶ 20, 32).
Functionality and Market Context
- The complaint describes the accused products as a suite of online collaboration tools (Compl. ¶32). Functionality relevant to the allegations includes project management, diagramming, and team chat features that allow users to create, share, and manage information and documents (Compl. ¶¶ 21, 34).
- A core alleged functionality is the ability for an "Administrator" (a first party) to set granular permissions for other users ("Members" or "Guests"), such as controlling who can access or edit information and restricting access based on IP addresses (Compl. ¶¶ 21-22, 33). The complaint includes a screenshot of a permissions table illustrating different capabilities for "Administrator," "Member," and "Guest" roles (Compl. p. 6).
IV. Analysis of Infringement Allegations
U.S. Patent 6,845,448 Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| A method for automatically disbursing a first party's personal information to a second party... performed by the server computer... | Nulab's products provide a method for sharing a first party's information with an authorized second party, hosted on a server computer. | ¶21 | col. 2:22-40 |
| receiving, from the first party, assignment of at least one of a plurality of security levels to each information object at any granularity... | An Administrator (first party) can assign roles like "Member" or "Guest" to other users, which controls their ability to perform operations. The complaint presents a screenshot showing a table of "Member roles and privileges" that maps roles to specific operational rights (Compl. p. 6). | ¶21 | col. 14:41-54 |
| storing in the database the first party identifier, the information object and the security level assigned to the information object; | The system allows an Administrator to limit access to project information from specific IP addresses, which is stored on Nulab's server coupled to a database. A screenshot shows an "Enable access control" interface for registering allowed IP addresses (Compl. p. 7). | ¶22-23 | col. 9:10-20 |
| if the second party is not authorized to receive the information, recording the second party identifier; and rejecting the second party's request for information. | If a requesting second party does not have the required access level (e.g., "Administrator" or "Member" role) and an allowed IP address, their request for information is rejected. | ¶24 | col. 14:55-62 |
Identified Points of Contention
- Scope Question: A central question may be whether the "project information" managed within Nulab's Backlog product (Compl. ¶22) qualifies as "personal information" under the patent's claims. The defense may argue the term implies personally identifiable information (PII), while the patent's specification includes a broad list of examples, such as "personal web bookmarks" and "employment-related information" (’448 Patent, col. 7:1-38), which may support the plaintiff's broader interpretation.
- Technical Question: The claim requires assigning security levels "to each information object at any granularity." The court will need to determine if Nulab's user-level roles ("Administrator," "Member") constitute the claimed "information object"-level security assignment.
U.S. Patent 8,117,644 Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| storing, on the server computer, a document created by a first user; | Nulab's applications (e.g., Backlog, Cacoo) allow a user to create documents stored on a server. | ¶34 | col. 12:21-27 |
| associating a set of access restrictions with the document... | An administrator can set restrictions on a specific member, and a screenshot titled "Edit issue" states that "Only members with no restrictions permission can edit the issue" (Compl. p. 16). | ¶33-34 | col. 13:41-49 |
| receiving, from a second user, a request to modify the document... | A second user with appropriate identification ("Administrator" or "Member") can attempt to modify a document by selecting it and requesting access. A screenshot shows a web server access log with a "request path" field (Compl. p. 14). | ¶34 | col. 25:3-6 |
| receiving approval or disapproval for the modifications from one or more users; | The complaint alleges that if a second user has sufficient access, they may modify the document and "request approval," and if they lack access, the request "will be disapproved." | ¶35 | col. 25:9-12 |
| storing identifying information of the one or more users who approved or disapproved the modifications... | The accused products allegedly provide an "Access Log" that stores identifying information of users who make modifications, including a "User agent" field as shown in a screenshot (Compl. p. 17). | ¶36 | col. 25:13-16 |
Identified Points of Contention
- Functional Question: The claim recites "receiving approval or disapproval for the modifications from one or more users." A critical issue will be whether the accused system performs this specific step. The complaint's evidence, such as the "Edit issue" screenshot (Compl. p. 16), appears to describe a binary permission system (a user either can or cannot edit) rather than a separate, asynchronous workflow where one user submits a change and another user actively approves or disapproves it.
- Evidentiary Question: What evidence does the complaint provide that the "Access Log" (Compl. ¶36) specifically stores information about "approval or disapproval," as opposed to merely logging which user performed an edit based on pre-existing permissions? The infringement allegation for this element may depend on a broad interpretation of what constitutes an "approval."
V. Key Claim Terms for Construction
For U.S. Patent 6,845,448
- The Term: "personal information" (Claim 1)
- Context and Importance: The viability of the infringement claim hinges on this term's scope. If construed narrowly to cover only traditional PII (e.g., health, financial, or contact data), it may not read on the "project information" (Compl. ¶22) allegedly managed by the accused products.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The specification provides a lengthy, non-limiting list of what constitutes personal information, including "personal web bookmarks," "employment-related information," "personal preferences" (like movies and travel), and "design of a portal" (’448 Patent, col. 7:1-38). This language may support an interpretation that covers any data a user stores for their own purposes.
- Evidence for a Narrower Interpretation: The patent's title, background, and summary repeatedly frame the invention in the context of user demographics, profiles for services, and a replacement for credit reporting agencies (’448 Patent, col. 1:16-25; col. 2:1-14). This context may support an interpretation focused on information about the user, rather than general-purpose data created by the user.
For U.S. Patent 8,117,644
- The Term: "receiving approval or disapproval for the modifications" (Claim 1)
- Context and Importance: This term appears to describe a specific workflow step that may not be present in a simple role-based permission system. Practitioners may focus on this term because its construction will likely determine whether there is a functional mismatch between the claim and the accused products' operation.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: A plaintiff might argue that the system "receives approval" implicitly when it checks a user's permissions and allows an edit to proceed. The collaborative context of the patent could be used to argue for a flexible interpretation of the approval mechanism.
- Evidence for a Narrower Interpretation: The claim separately recites "permitting the second user to modify the document" and "receiving approval or disapproval." This structure suggests they are distinct steps. Furthermore, the final step requires "storing identifying information of the one or more users who approved or disapproved," implying a discrete, loggable "approval/disapproval" event, distinct from the modification event itself (’644 Patent, col. 26:13-16).
VI. Other Allegations
- Indirect Infringement: The complaint alleges Nulab infringes "jointly (e.g., with its users and customers)" (Compl. ¶¶ 20, 32). The factual basis for this appears to be inducement. The complaint provides numerous screenshots from Defendant's support website and product interfaces, which allegedly instruct users on how to use the accused features (e.g., setting permissions and access controls) in an infringing manner (Compl. ¶¶ 21-22, 33-36, and associated figures).
- Willful Infringement: The complaint alleges that Defendant has had actual knowledge of both the ’448 and ’644 patents since June 15, 2021, the date it allegedly received notice letters from the Plaintiff (Compl. ¶¶ 26, 37). This allegation of pre-suit knowledge forms the basis for the willfulness claim.
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of definitional scope: can the term "personal information," which is rooted in the patent's context of managing a user's demographic and preference data, be construed broadly enough to read on the "project information" managed by Defendant's enterprise collaboration software?
- A key evidentiary question will be one of functional operation: does the accused system's permission-based editing capability meet the specific claim limitation of "receiving approval or disapproval for the modifications from one or more users," or is there a fundamental mismatch between the claimed multi-step workflow and the accused product's pre-set access control system?