DCT

2:23-cv-00461

DataCloud Tech LLC v. Fortinet Inc

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 2:23-cv-00461, E.D. Tex., 10/03/2023
  • Venue Allegations: Venue is alleged to be proper based on Defendant having an established place of business within the district and having allegedly committed acts of patent infringement there.
  • Core Dispute: Plaintiff alleges that Defendant’s network security products and infrastructure infringe five patents related to network communication, file system management, and data organization.
  • Technical Context: The lawsuit involves foundational technologies for network security and data management, including methods for anonymizing network traffic and organizing data, which are critical components of modern firewalls, VPNs, and website infrastructure.
  • Key Procedural History: The complaint notes Certificates of Correction for four of the five patents-in-suit. Significantly, post-grant proceedings have impacted two of the asserted patents. U.S. Patent No. 6,560,613 underwent an Inter Partes Review (IPR), resulting in the cancellation of several claims, though not the specific claim asserted here. U.S. Patent No. 8,762,498 underwent an Ex Parte Reexamination that resulted in the cancellation of all claims, including the one asserted in this complaint, which may present a dispositive challenge to that count of infringement.

Case Timeline

Date Event
2000-01-28 Earliest Priority Date ('063 Patent)
2000-02-08 Earliest Priority Date ('613 Patent)
2000-04-04 Earliest Priority Date ('959, '457, '498 Patents)
2000-11-28 Fortinet, Inc. incorporated
2003-05-06 '613 Patent Issued
2003-11-18 '063 Patent Issued
2007-04-24 '959 Patent Issued
2009-11-24 Fortinet registered to do business in Texas
2013-02-05 '457 Patent Issued
2014-06-24 '498 Patent Issued
2022-10-05 Inter Partes Review concludes for '613 Patent (IPR2021-00361)
2023-10-03 Complaint Filed
2024-07-12 Ex Parte Reexamination concludes for '498 Patent

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 6,560,613 - "Disambiguating File Descriptors," issued May 6, 2003

The Invention Explained

  • Problem Addressed: The patent describes a problem in operating systems like UNIX, where different types of resources, such as files stored on media and network communication channels, are accessed using a generic "file descriptor." This makes it difficult for intercepting programs (e.g., for security) to apply different rules to disk access versus network access, as the system calls themselves do not distinguish between the two ('613 Patent, col. 2:25-62).
  • The Patented Solution: The invention proposes a system that intercepts the creation of file descriptors and stores an "indicator" in a dedicated table, flagging the specific type of the associated resource (e.g., a communication channel). This "indicator table" can then be examined by other processes or "system call wrappers" to apply type-specific rules, thereby "disambiguating" the generic file descriptors ('613 Patent, Abstract; col. 4:1-6). The architecture is illustrated in the patent's FIG. 1, which depicts a "System Call Wrapper" (111) managing an "Indicator Table" (127).
  • Technical Importance: This method provided a mechanism for more granular, policy-based control over system resources at the operating system level, enabling sophisticated security functions without requiring modification to the core OS or applications ('613 Patent, col. 2:6-15).

Key Claims at a Glance

  • The complaint asserts Claim 12, which depends on independent Claim 11 (Compl. ¶25, 26).
  • The asserted method includes the following essential elements from Claim 11: intercepting system calls that establish a file on media and that create a copy of a file descriptor; storing an indicator for the created copy; and examining the stored indicator to determine the file type.
  • Claim 12 adds the specific limitation that where the copied file descriptor is associated with a communication channel, an indicator is stored to reflect that the created copy is also associated with a communication channel.
  • The complaint does not explicitly reserve the right to assert other claims.

U.S. Patent No. 6,651,063 - "Data Organization And Management System And Method," issued November 18, 2003

The Invention Explained

  • Problem Addressed: The patent identifies the challenge faced by consumers and businesses in organizing a constant influx of information, such as product manuals, warranties, and updates, which often leads to information being lost or stored inefficiently ('063 Patent, col. 1:15-44).
  • The Patented Solution: The invention describes a system where a "Provider" (e.g., a vendor) sends an "information pack" to a recipient's "User Data Repository." The information pack is pre-tagged with a "Category Identifier," allowing the system to automatically file the information in a corresponding location. The system also allows the recipient to create "custom categories" and provides a feedback mechanism to instruct the provider's system to use these custom categories for subsequent information delivery ('063 Patent, Abstract; col. 3:45 - col. 4:12).
  • Technical Importance: The technology aimed to automate the burdensome task of information management for end-users by shifting the initial categorization effort to the information provider and creating a structured, updateable digital repository ('063 Patent, col. 2:5-15).

Key Claims at a Glance

  • The complaint asserts independent Claim 4 (Compl. ¶36, 37).
  • The essential elements of this method claim include: storing information in an "information pack"; associating it with a user destination address, a category identifier, and a provider identifier; communicating it to a user data repository where it is located based on the category identifier; creating a custom location and associating a custom category identifier; and sending a "custom category signal" to a processing station to direct the placement of subsequent information packs from the same provider into that custom location.
  • The complaint does not explicitly reserve the right to assert other claims.

U.S. Patent No. 7,209,959 - "Apparatus, System, And Method For Communicating To A Network Through A Virtual Domain Providing Anonymity To A Client Communicating On The Network," issued April 24, 2007

  • Technology Synopsis: To address internet privacy concerns where a client's identity and activity can be traced, the patent discloses a system comprising a "deceiver," a "controller," and a "forwarder." These components work in concert to establish an anonymous communication session by routing a client's traffic through the forwarder, which acts as a proxy and conceals the client's true IP address from the destination server ('959 Patent, Abstract; col. 2:35-44).
  • Asserted Claims: Independent Claim 1 (Compl. ¶47, 48).
  • Accused Features: The complaint accuses the "Fortinet website infrastructure," alleging it uses components like a "front-end server switch" to function as a forwarder, establishing a session that masks the direct connection between an internet client and the destination web server (Compl. ¶48).

U.S. Patent No. 8,370,457 - "Network Communication Through a Virtual Domain," issued February 5, 2013

  • Technology Synopsis: As a related patent, this invention focuses on a method where a network controller establishes a "forwarding internet protocol (IP) address" that is specifically associated with a "pre-defined combination" of a client's IP address and a destination's IP address. This forwarding address is then used to route the client's data requests to the destination ('457 Patent, Abstract; Claim 9).
  • Asserted Claims: Independent Claim 9 (Compl. ¶58, 59).
  • Accused Features: The "FortiOS firewall" (Release 6.2+) is accused, specifically its advanced gateway settings. These settings are alleged to establish a forwarding IP address (a translated IP address) for a pre-defined combination of a client IP and a destination IP (Compl. ¶59).

U.S. Patent No. 8,762,498 - "Apparatus, System, And Method For Communicating To A Network Through A Virtual Domain," issued June 24, 2014

  • Technology Synopsis: This patent, also in the same family, describes a method where a controller device determines a destination IP address based on a "virtual namespace destination address" (e.g., a domain name like "fortinet.com"). The controller establishes a correlation between this destination IP and a "forwarder IP address" and then instructs the forwarder device to route the client's request data accordingly ('498 Patent, Abstract; Claim 1).
  • Asserted Claims: Independent Claim 1 (Compl. ¶69, 70).
  • Accused Features: Fortinet's website infrastructure that uses Transport Layer Security (TLS) and Server Name Indication (SNI) is accused. The complaint alleges that a router (as the controller) uses the domain name specified in an SNI request to determine a destination IP and instruct a forwarder (Compl. ¶68, 70).

III. The Accused Instrumentality

Product Identification

  • The complaint identifies a range of Defendant's products and services, including: FortiGate VM firmware, FortiClient VPN application, Fortinet website infrastructure, Fortinet FortiOS firewall configurations (release 6.2+), and Fortinet websites using TLS 1.2/1.3 and Server Name Indication (SNI) (Compl. ¶17).

Functionality and Market Context

  • The complaint alleges that these various products and services perform functions that map to the different asserted patents. For instance, the FortiGate VM firmware is alleged to disambiguate file descriptors ('613 Patent), while the FortiClient VPN application is alleged to organize data into categories ('063 Patent) (Compl. ¶26, 37). The firewall and website infrastructure are accused of performing the anonymous and virtualized communication methods of the other three patents (Compl. ¶48, 59, 70).
  • The complaint does not provide specific details about the commercial importance of the accused products, but it identifies Fortinet as a global corporation, suggesting a significant market presence (Compl. ¶4, 5).

IV. Analysis of Infringement Allegations

No probative visual evidence provided in complaint.

'613 Patent Infringement Allegations

Claim Element (from Independent Claim 11 and Dependent Claim 12) Alleged Infringing Functionality Complaint Citation Patent Citation
intercepting system calls that establish a file stored on media; FortiGate VM firmware intercepts system calls that store files on media. The complaint references the use of KVM in a "website design/website builder product" that intercepts "shadowed I/O system call routines." ¶26 col. 12:55-60
intercepting system calls that create a copy of at least one file descriptor; and storing at least one indicator concerning a created copy of a file descriptor; The complaint alleges the firmware "stores one or more file type indicators for each file descriptor in a table" after intercepting system calls. ¶26 col. 13:51-58
examining at least one stored indicator to determine with what file type the file descriptor is associated. The firmware allegedly "determines what file type is associated with the file descriptor based on a review of the stored file type indicators." ¶26 col. 13:58-62
where a copied file descriptor is associated with a communication channel, storing an indicator that a created copy of the file descriptor is associated with a communication channel. The complaint alleges KVM employs disambiguation of file descriptors including "sockets/pipes" (communication channels) by intercepting them and storing related indicators. ¶26 col. 10:1-15
  • Identified Points of Contention:
    • Scope Questions: The complaint accuses "FortiGate VM firmware" but provides a technical example involving "KVM, used in Defendant's website design/website builder product" (Compl. ¶17, 26). This raises the question of whether these are the same instrumentality and how the functionality of a website builder product maps to virtual machine firmware.
    • Technical Questions: The infringement allegations are highly conclusory. A key question for the court will be what evidence the plaintiff can produce to show that the accused firmware actually "intercepts system calls" and maintains an "indicator table" as specifically claimed, versus achieving a similar outcome through a different technical architecture not covered by the patent.

'063 Patent Infringement Allegations

Claim Element (from Independent Claim 4) Alleged Infringing Functionality Complaint Citation Patent Citation
storing information to be provided in an information pack; The FortiClient VPN application stores information, such as "uploading to servers/saving image files," in an "information pack." ¶37 col. 6:20-24
associating with said information pack...a user destination address...a category identifier...and a provider identifier; The information pack is associated with a data repository address, a category identifier (e.g., a "data" directory), and a provider identifier (Fortinet). ¶37 col. 6:25-36
creating a custom location...placing said information pack in said custom location; associating a custom category identifier with said information pack; A file folder is created in a reserved location, and a "custom category identifier" (alleged to be the digital signature of the Android APK) is assigned to the pack. ¶37 col. 9:20-30
sending a custom category signal to a processing station...storing together said custom category identifier and said provider identifier...[for] placing...subsequent information packs in said custom location. The APK signature is allegedly used to identify subsequent information packs (e.g., updated versions) that should be stored in the same location by sending a "custom category signal to a processing station." ¶37 col. 9:31-10:10
  • Identified Points of Contention:
    • Scope Questions: The complaint alleges that a "digital signature" for an Android APK file functions as a "custom category identifier" (Compl. ¶37). This raises the question of whether a security and authentication mechanism (a digital signature) can be construed to meet the claim limitation of a "category identifier" used for data organization and filing.
    • Technical Questions: Claim 4 requires a feedback loop where a "custom category signal" is sent to a "processing station" to direct the automated placement of future information. It is an open question whether the complaint provides sufficient factual basis to allege that the accused system performs this specific automated re-categorization function, or if it is describing a simpler file update process.

V. Key Claim Terms for Construction

For the '613 Patent:

  • The Term: "file descriptor"
  • Context and Importance: The entire patent is predicated on disambiguating this term. Infringement will depend on whether the handles or pointers allegedly used within Fortinet's KVM environment constitute "file descriptors" as understood in the patent, which bases its technical background on UNIX and Windows NT systems. Practitioners may focus on this term because the plaintiff's theory must map this traditional OS concept onto a modern virtualization platform.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The specification suggests the invention can be used to "disambiguate any type of file descriptor" ('613 Patent, col. 5:55-56) and describes them as being returned upon the creation of either files on media or communication channels, suggesting a functional rather than structural definition ('613 Patent, col. 2:36-53).
    • Evidence for a Narrower Interpretation: The background section is heavily grounded in the context of "UNIX® and Microsoft WINDOWS NT®" operating systems ('613 Patent, col. 2:14-15). A party could argue the term is implicitly limited to the specific integer-based handles characteristic of those environments.

For the '063 Patent:

  • The Term: "category identifier"
  • Context and Importance: The plaintiff’s infringement theory equates this term with a "'data' directory" and, more pointedly, a "digital signature for...Fortinet Android applications" (Compl. ¶37). The viability of the infringement claim will depend heavily on whether a folder name or a security feature can be construed as an identifier for a category of information.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The patent states that the provider "encodes, labels, or tags" the information with a "categorization means" ('063 Patent, col. 3:51-54), which could support a broad interpretation covering any data tag used for sorting.
    • Evidence for a Narrower Interpretation: The patent's figures and examples refer to semantic categories describing the information's subject matter, such as "automobiles," "medical," or "car music electronics" ('063 Patent, Fig. 1, 2, 4). A party may argue the term implies a content-based descriptor, not a structural file path or a functional security signature.

VI. Other Allegations

  • Indirect Infringement: The complaint does not plead specific facts to support claims of induced or contributory infringement, such as knowledge or intent derived from user manuals or marketing materials that instruct on infringing use. The complaint does not provide sufficient detail for analysis of indirect infringement.
  • Willful Infringement: The complaint does not allege pre-suit knowledge of the patents. While the prayer for relief requests a declaration of an exceptional case and attorneys' fees, the body of the complaint lacks the specific factual allegations of egregious conduct or deliberate copying that typically underpin a claim for willful infringement (Compl. ¶74.C).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A central issue across the asserted patents will be one of technical and definitional scope: can claim terms drafted in the early 2000s for technologies like UNIX system calls ("file descriptor") and simple data tagging ("category identifier") be construed to cover the more complex and functionally distinct mechanisms in modern accused products, such as KVM hypervisors, Android application signatures, and SNI-based routing?
  • A key evidentiary question will be one of functional proof: the complaint's allegations are largely conclusory and often track the language of the claims. The case may turn on whether discovery can produce concrete evidence (e.g., from source code) showing that the accused products perform the specific, multi-step processes as claimed—such as maintaining an "indicator table" or using a "custom category signal" for automated re-filing—or if a fundamental mismatch in technical operation exists.
  • Finally, a critical question will be patent viability: post-grant proceedings have resulted in the cancellation of claims in two of the five asserted patents. The cancellation of the very claim asserted from the '498 patent presents a significant, and potentially insurmountable, validity challenge for that count. The history of the '613 patent IPR may also be used to inform arguments about the validity of the surviving asserted claim.