DCT
2:23-cv-00541
DigitalDoors Inc v. Comerica Bank
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: DigitalDoors, Inc. (Florida)
- Defendant: Comerica Bank (Texas)
- Plaintiff’s Counsel: Garteiser Honea, PLLC
- Case Identification: 2:23-cv-00541, E.D. Tex., 11/21/2023
- Venue Allegations: Plaintiff alleges venue is proper because Defendant maintains physical "brick-and-mortar" business locations, employs residents, and generates substantial revenue within the Eastern District of Texas.
- Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, which are allegedly compliant with the "Sheltered Harbor" financial industry standard, infringe four patents related to secure, filter-based data processing, extraction, and storage.
- Technical Context: The technology concerns methods for ensuring data security and continuity of operations, a critical function in the financial services industry for protecting customer data against catastrophic events like cyberattacks.
- Key Procedural History: The complaint does not reference prior litigation or post-grant validity challenges concerning the patents-in-suit. It does assert that the patents are "pioneering" and have been cited as relevant prior art in hundreds of subsequent patent applications by major technology and financial services companies.
Case Timeline
| Date | Event |
|---|---|
| 2007-01-05 | Earliest Priority Date for all Asserted Patents |
| 2015-04-21 | U.S. Patent No. 9,015,301 Issues |
| 2015 | Sheltered Harbor initiative launched |
| 2017-08-15 | U.S. Patent No. 9,734,169 Issues |
| 2019-01-15 | U.S. Patent No. 10,182,073 Issues |
| 2019-04-02 | U.S. Patent No. 10,250,639 Issues |
| 2023-11-21 | Complaint Filed |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 9,015,301 - "Information infrastructure management tools with extractor, secure storage, content analysis and classification and method therefor"
- Patent Identification: U.S. Patent No. 9,015,301, "Information infrastructure management tools with extractor, secure storage, content analysis and classification and method therefor," issued April 21, 2015.
The Invention Explained
- Problem Addressed: The patent describes a technical environment where enterprises operated "open ecosystems" with many access points, making them vulnerable to data breaches. Conventional data management focused on whole files rather than their contents and was inefficient at classifying and managing sensitive information, particularly in unstructured formats (’301 Patent, col. 1:31-2:27).
- The Patented Solution: The invention proposes a method and system for organizing and processing data by applying a series of filters (e.g., content-based, contextual, taxonomic) to a data input. These filters extract "select content" that is important to the enterprise. This extracted content is then stored in designated data stores, separate from the remaining data, allowing for granular security and management based on the data's content rather than the file it resides in ('301 Patent, Abstract; col. 3:17-4:35).
- Technical Importance: This approach represented a shift from file-level security to content-level security, enabling more sophisticated and granular control over sensitive information within large, distributed computing systems (Compl. ¶29).
Key Claims at a Glance
- The complaint asserts at least independent Claim 25 ('301 Patent, col. 130:17-132:2).
- Claim 25 is a method claim for organizing and processing data in a distributed computing system, comprising the essential steps of:
- Providing a plurality of select content data stores operative with designated categorical filters.
- Activating at least one categorical filter and processing a data input through it to obtain select content.
- The select content is at least one of "contextually associated" and "taxonomically associated."
- Storing the aggregated select content in a corresponding data store.
- Associating a data process (e.g., copy, extract, archive) with the activated filter.
- Applying the associated data process to a further data input.
- The filter activation is automatic or manual, and can be time-based, condition-based, or event-based.
- The complaint does not explicitly reserve the right to assert dependent claims.
U.S. Patent No. 9,734,169 - "Digital information infrastructure and method for securing designated data and with granular data stores"
- Patent Identification: U.S. Patent No. 9,734,169, "Digital information infrastructure and method for securing designated data and with granular data stores," issued August 15, 2017.
The Invention Explained
- Problem Addressed: The patent addresses the need to secure sensitive data within a distributed, cloud-based computing environment where data is processed and stored across multiple locations, increasing the attack surface (’169 Patent, col. 1:19-2:69).
- The Patented Solution: The invention describes a cloud-based system that provides multiple types of data stores: "select content data stores" for security-designated data, "granular data stores," and a cloud-based server. The system extracts and stores sensitive data in the secure select content stores, which have specific access controls. "Remainder data" that was not extracted is parsed and stored separately in the granular data stores. Access to withdraw the secured data is granted only when the access controls are satisfied ('169 Patent, Abstract).
- Technical Importance: This architecture provides a method for creating a secure "data vault" in a cloud environment by bifurcating data streams into sensitive and non-sensitive components and storing them separately with different security protocols.
Key Claims at a Glance
- The complaint asserts at least independent Claim 1 ('169 Patent, col. 132:13-52).
- Claim 1 is a method claim for organizing and processing data in a distributed cloud-based system, comprising the essential steps of:
- Providing select content data stores, granular data stores, and a cloud-based server, all coupled by a communications network.
- Extracting and storing security-designated data in the select content data stores.
- Activating a select content data store to permit access based on one or more access controls.
- Parsing "remainder data" not extracted from the processed data.
- Storing the parsed remainder data in the granular data stores.
- Parsing and storing the remainder data can be done randomly or according to a predetermined algorithm.
- Withdrawing the security-designated and parsed data from their respective stores only when the access controls are applied.
- The complaint does not explicitly reserve the right to assert dependent claims.
U.S. Patent No. 10,182,073 - "Information infrastructure management tools with variable and configurable filters and segmental data stores"
- Patent Identification: U.S. Patent No. 10,182,073, "Information infrastructure management tools with variable and configurable filters and segmental data stores," issued January 15, 2019.
- Technology Synopsis: This patent focuses on an information infrastructure where data is processed using a plurality of initially configured filters. A key aspect is the ability to dynamically alter these filters—by expanding, contracting, or changing their classification—to adapt to changing data or security needs. The system then generates modified filters and organizes subsequent data throughput accordingly (’073 Patent, Abstract).
- Asserted Claims: At least independent Claim 1 (Compl. ¶165).
- Accused Features: The accused systems' ability to create and modify "protection policies" that govern data replication and storage is alleged to constitute the claimed filter creation and alteration (Compl. ¶¶181-182, 184-185).
U.S. Patent No. 10,250,639 - "Information infrastructure management data processing tools for processing data flow with distribution controls"
- Patent Identification: U.S. Patent No. 10,250,639, "Information infrastructure management data processing tools for processing data flow with distribution controls," issued April 2, 2019.
- Technology Synopsis: This patent describes a method for "sanitizing" data by processing it through configurable filters. The system extracts sensitive content based on a plurality of sensitivity levels and security clearances, storing it in "extract data stores." It then uses content, contextual, and taxonomic filters to "inference" the sanitized data, allowing for analysis and secure handling of the information (’639 Patent, Abstract).
- Asserted Claims: At least independent Claim 16 (Compl. ¶192).
- Accused Features: The accused systems allegedly perform the claimed method by using priority filters and access controls to extract and protect critical customer financial data, which is categorized based on its sensitivity and importance, and then storing it in secure, isolated data vaults (Compl. ¶¶196-197, 217-220).
III. The Accused Instrumentality
Product Identification
- The "Accused Instrumentalities" are identified as Comerica Bank’s systems and methods used for processing, backing up, and recovering data in a distributed system (Compl. ¶95). The complaint alleges these systems are either compliant with the "Sheltered Harbor" financial industry specification or are functionally equivalent (Compl. ¶95).
Functionality and Market Context
- The core accused functionality is a data disaster recovery system designed to protect critical customer financial data from catastrophic loss (Compl. ¶62). The complaint alleges this is achieved by implementing the Sheltered Harbor standard, which involves extracting critical account data into a standardized format and storing it in a secure, immutable, and air-gapped "data vault" that is isolated from production and backup systems (Compl. ¶¶69, 76).
- The complaint provides a diagram from a Dell Technologies solution brief illustrating an exemplary Sheltered Harbor architecture, which includes a "Production Environment" and a separate "Data Vault Environment" connected by a secure, air-gapped replication link (Compl. ¶72, p. 32). This architecture is designed to create secure, immutable backups of critical data that can be restored after a cyberattack.
- The complaint alleges that participation in the Sheltered Harbor program is an industry standard driven by regulators to ensure the stability of the U.S. financial system, making such data protection systems a critical component of a financial institution's operations (Compl. ¶¶62, 94).
IV. Analysis of Infringement Allegations
’301 Patent Infringement Allegations
| Claim Element (from Independent Claim 25) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| a method of organizing and processing data...having select content important to an enterprise | The Sheltered Harbor standard is used to manage and protect critical customer financial account data, which is content important to the enterprise (Comerica Bank). | ¶¶100-101 | col. 3:29-35 |
| providing...a plurality of select content data stores operative with a plurality of designated categorical filters | The accused systems provide a "data vault" containing multiple data stores (e.g., for backup, copy, lock, analyze) that operate with "protection policies" which act as categorical filters. | ¶¶104-106 | col. 13:30-38 |
| activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content, which...is at least one of contextually associated select content and taxonomically associated select content | The system activates protection policies (filters) to extract critical financial data, which is contextually or taxonomically associated through the use of aggregated tags and metadata. | ¶¶108-110 | col. 14:1-12 |
| storing said aggregated select content for said at least one categorical filter in said corresponding select content data store | The extracted critical account data is aggregated and stored in corresponding storage units or "data trees" within the secure data vault. | ¶¶112-113 | col. 14:16-20 |
| associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process... | The system associates data processes such as data backup (copying) and vaulting (archiving/extracting) with the selected content based on the established protection policies. | ¶¶115-116 | col. 14:21-30 |
| applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter | Once a protection policy is established, all subsequent data inputs are processed in the same way, automatically applying the copy/archive processes to new data that matches the filter. | ¶¶118-119 | col. 14:31-37 |
| activating a designated categorical filter, which encompasses an automatic activation or a manual activation and said automatic activation is time-based, distributed computer system condition-based, or event-based | The processing of data backups occurs automatically on a designated time interval (e.g., nightly), based on an event (detection of new data), or can be run manually ("on demand"). | ¶¶121-123 | col. 14:38-45 |
Identified Points of Contention
- Scope Questions: The primary point of contention may be whether the "protection policies" described in the context of the Sheltered Harbor standard (e.g., backup schedules) function as the "categorical filters" claimed in the patent. A court may need to determine if a policy that selects all data from a certain source for backup is equivalent to a filter that analyzes and selects data based on its content, context, or taxonomy as described in the patent.
- Technical Questions: The complaint alleges that creating protection rules using attributes like "VM Folder Name, Contains, and Finance" constitutes contextual or taxonomic filtering (Compl. ¶¶109-110). A key question will be whether the accused systems actually perform the kind of hierarchical, taxonomic, or contextual analysis described in the '301 patent specification, or if they implement a simpler, more direct form of data selection.
’169 Patent Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| providing in said distributed cloud-based computing system: (i) a plurality of select content data stores... (ii) a plurality of granular data stores; and (iii) a cloud-based server | The accused system includes a "data vault" with multiple secure stores (select content stores) and production/backup systems that serve as granular data stores, which can be implemented in a cloud environment. | ¶¶136-139 | col. 4:32-41 |
| said plurality of select content data stores, said plurality of granular data stores and said cloud-based server operatively coupled over a communications network | The Production Environment and the Vault Environment are operatively coupled via a communications network, which includes a logical, air-gapped connection for data replication. | ¶¶141-142 | col. 4:41-44 |
| extracting and storing said security designated data in respective select content data stores | The system extracts critical financial account data and stores it in the secure, isolated data vault, which contains distinct storage units. | ¶¶143-146 | col. 4:45-48 |
| activating at least one of said select content data stores...permitting access to said select content data stores...based upon an application of one or more of said access controls thereat | Access to the data vault is protected by strict security measures, such as multi-factor authentication and credentialed access, which function as access controls. | ¶¶148-149 | col. 4:51-57 |
| parsing remainder data not extracted from data processed...and storing the parsed data in respective granular data stores | Remainder data (data not extracted for the vault) is stored in production and backup systems, which are separate from the vault and constitute the "granular data stores." | ¶¶151-152 | col. 4:58-62 |
| withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto | Data can only be withdrawn from the vault and restored to a restoration platform upon satisfaction of strict security measures and access controls. | ¶¶157-158 | col. 5:2-6 |
Identified Points of Contention
- Scope Questions: A central question may concern the term "parsing remainder data." The complaint's theory appears to be that leaving non-extracted data in its original production/backup location satisfies this element (Compl. ¶151). A defendant could argue that "parsing" requires an affirmative act of processing or analyzing the remainder data, not merely separating it from the extracted data.
- Technical Questions: The complaint alleges the accused systems may be implemented in various cloud environments (Compl. ¶132). The actual implementation by Comerica will be a key factual question: is the system truly cloud-based, and does it operate with the distinct types of data stores as required by the claim?
V. Key Claim Terms for Construction
The Term: "categorical filters" ('301 Patent, Claim 25)
- Context and Importance: This term is the core of the '301 patent's invention. The plaintiff's infringement theory depends on construing the "protection policies" of the accused Sheltered Harbor systems as meeting this limitation. The dispute will likely center on whether a policy for backing up certain data sets is technically a "filter" that operates on content as described in the patent.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The patent states that designated filters are used for enterprise policies such as "level of service policy, customer privacy policy," and others ('301 Patent, col. 4:14-19). This may support an argument that high-level business rules qualify as "categorical filters."
- Evidence for a Narrower Interpretation: The specification provides more specific examples, describing filters as "content-based filters, contextual filters and taxonomic classification filters" ('301 Patent, col. 13:34-36). This language could support a narrower construction requiring a more sophisticated content analysis than simple data selection for backup.
The Term: "parsing remainder data" ('169 Patent, Claim 1)
- Context and Importance: The claim requires that data not extracted be "parsed" and stored separately. The plaintiff's theory appears to equate the separation of the data vault from the production environment as meeting the "parsing and storing" requirement for remainder data. Practitioners may focus on this term because if "parsing" requires an active processing step beyond mere separation, the infringement allegation could be weakened.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The abstract describes the invention as "extracting and storing said S/EC designated data...and storing the parsed data," which could be read to emphasize the separation and storage rather than the act of parsing itself ('169 Patent, Abstract).
- Evidence for a Narrower Interpretation: The ordinary meaning of "parse" in computer science involves analyzing a string of symbols or data. The patent also discusses splitting data streams into "granular parts" and processing them ('169 Patent, col. 17:15-20), which suggests a more active step than simply leaving the original data in its production environment.
VI. Other Allegations
Willful Infringement
- The complaint alleges that Defendant has been on notice of the patents since at least the date of service of the complaint, making any continued infringement post-suit willful (Compl. ¶226). It also alleges pre-suit willful blindness, asserting on information and belief that Defendant has a policy or practice of not reviewing the patents of others to assess infringement risk (Compl. ¶227).
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of definitional scope and equivalence: Can the standardized procedures of an industry-wide data resiliency framework ("Sheltered Harbor") be mapped directly onto the specific claim limitations of the asserted patents? The case will likely depend on whether Comerica's implementation of "protection policies" and "data vaults" performs the same function in substantially the same way as the claimed "categorical filters" and distinct data storage architectures.
- A second key question will be one of technical implementation: The complaint's allegations are based on the public-facing materials describing the Sheltered Harbor standard and exemplary third-party systems like Dell PowerProtect. A central evidentiary question will be how Comerica's actual systems are configured and operate, and whether they perform the specific steps of filtering, parsing, storing, and inferencing as required by the asserted claims.
- A final question relates to the act of infringement: The complaint broadly accuses Comerica of "making, using, importing, selling, and/or offering for sale" the accused systems. Given that these systems may be implemented using third-party hardware, software, and cloud services, the case may require a detailed factual analysis of the degree of control Comerica exerts over the system's configuration and operation to determine direct infringement.