DCT

2:23-cv-00542

DigitalDoors Inc v. Bank Of America NA

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 2:23-cv-00542, E.D. Tex., 11/21/2023
  • Venue Allegations: Plaintiff alleges venue is proper in the Eastern District of Texas because Defendant maintains a regular and established business presence in the district, including physical branch locations and employees, and specifically targets customers within the district for its financial services.
  • Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, which are compliant with the financial industry’s "Sheltered Harbor" specification, infringe four patents related to methods for filtering, extracting, and securely storing sensitive data in distributed computing systems.
  • Technical Context: The technology concerns secure data vaulting, a critical process for financial institutions to isolate and protect essential customer account data, ensuring operational continuity in the event of a catastrophic cyberattack.
  • Key Procedural History: The complaint alleges that Defendant had pre-suit knowledge of the patents-in-suit as early as October 2008, based on citations to the patents during the prosecution of Defendant's own patent applications. This allegation forms the basis for Plaintiff's claim of willful infringement.

Case Timeline

Date Event
2007-01-05 Earliest Priority Date for all Patents-in-Suit (’301, ’169, ’073, ’639)
2015-01-01 Sheltered Harbor initiative launched
2015-04-21 U.S. Patent No. 9,015,301 Issued
2017-08-15 U.S. Patent No. 9,734,169 Issued
2019-01-15 U.S. Patent No. 10,182,073 Issued
2019-04-02 U.S. Patent No. 10,250,639 Issued
2023-11-21 Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301 - "Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor"

The Invention Explained

  • Problem Addressed: The patent's background describes several deficiencies in enterprise data management as of the priority date, including the inability to manage unstructured content, the vulnerability of open information ecosystems, and the lack of methods to automatically categorize sensitive data based on content rather than just file type (Compl. ¶27; ’301 Patent, col. 1:31-2:27).
  • The Patented Solution: The invention provides a method and system for organizing and processing data in a distributed system by using a plurality of filters (e.g., content-based, contextual, taxonomic) to identify and extract "select content" that is important to an enterprise. This extracted content is then stored in designated secure data stores for subsequent management and reconstruction, separating it from the less sensitive remainder data (’301 Patent, Abstract; col. 3:17-4:35).
  • Technical Importance: This approach represented a shift from managing entire files to managing the granular data within them, allowing for more nuanced and robust security, access control, and disaster recovery protocols (Compl. ¶27; ’301 Patent, col. 9:46-58).

Key Claims at a Glance

  • The complaint asserts infringement of at least independent Claim 25 (’301 Patent, col. 131:26-132:38; Compl. ¶98).
  • Claim 25 requires a method of organizing and processing data in a distributed computing system, with essential elements including:
    • Providing a plurality of select content data stores operative with designated categorical filters.
    • Activating at least one categorical filter to process a data input to obtain select content.
    • The select content being either contextually or taxonomically associated.
    • Storing the aggregated select content in a corresponding data store.
    • Associating a data process (e.g., copy, extract, archive) with the activated filter.
    • Applying the associated data process to a further data input.
    • The activation of the filter being automatic (e.g., time-based, event-based) or manual.

U.S. Patent No. 9,734,169 - "Digital Information Infrastructure and Method for Securing Designated Data and with Granular Data Stores"

The Invention Explained

  • Problem Addressed: The patent addresses the need for enhanced data security in distributed, and specifically cloud-based, computing systems where sensitive information is processed and stored (’169 Patent, Abstract).
  • The Patented Solution: The invention describes a method for processing data in a distributed cloud-based system by providing separate storage locations for different types of data. The system uses a processor to extract "security designated data" from a data stream and store it in "select content data stores" with specific access controls. The remaining "remainder data" is parsed and stored separately in "granular data stores." Access to the sensitive data is then controlled by a cloud-based server (’169 Patent, Abstract; col. 3:28-4:27).
  • Technical Importance: This architecture enhances security by physically or logically separating high-value data from the bulk of the data stream, making it more difficult for an attacker to reconstruct a complete, sensitive dataset.

Key Claims at a Glance

  • The complaint asserts infringement of at least independent Claim 1 (’169 Patent, col. 132:13-132:61; Compl. ¶129).
  • Claim 1 requires a method of organizing and processing data in a distributed cloud-based computing system, with essential elements including:
    • Providing select content data stores for security designated data, granular data stores, and a cloud-based server.
    • Extracting and storing the security designated data in the select content data stores.
    • Activating a select content data store to permit access based on access controls.
    • Parsing remainder data not extracted from the processed data.
    • Storing the parsed remainder data in the granular data stores.
    • Withdrawing security data and parsed data from their respective stores only when access controls are applied.

U.S. Patent No. 10,182,073 - "Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores"

  • Technology Synopsis: This patent builds on the core technology by focusing on the ability to dynamically manage the data filtering process. It describes creating an information infrastructure where initially configured filters, used to identify sensitive and select content, can be subsequently altered by expanding, contracting, or changing their classification structure (’073 Patent, Abstract).
  • Asserted Claims: At least independent Claim 1 (Compl. ¶165).
  • Accused Features: The accused systems allegedly infringe by providing tools, such as the Dell PowerProtect Cyber Recovery User Interface, that allow an enterprise to define, run, and modify policies that govern data replication and storage, thereby altering the filtering parameters (Compl. ¶¶182, 185).

U.S. Patent No. 10,250,639 - "Information Infrastructure Management Data Processing Tools for Data Flow with Distribution Controls"

  • Technology Synopsis: This patent focuses on "sanitizing" data by processing it through a system with multiple sensitivity levels and associated security clearances. The invention involves extracting sensitive content, creating sanitized versions of the data, and then using content, contextual, and taxonomic filters to "inference" the data, allowing for advanced analysis and management based on content meaning (’639 Patent, Abstract).
  • Asserted Claims: At least independent Claim 16 (Compl. ¶192).
  • Accused Features: The accused systems allegedly infringe by extracting critical account data (sensitive content) for storage in a secure vault, which creates a sanitized version of the data. This process is allegedly followed by the use of contextual and taxonomic filters (e.g., protection rules, tags) to inference the content for management and recovery (Compl. ¶¶214, 217-219).

III. The Accused Instrumentality

Product Identification

  • The "Accused Instrumentalities" are identified as Bank of America’s systems and methods for processing and backing up data in a distributed system, specifically those that are compliant with the Sheltered Harbor specification or provide "substantially equivalent functionality" (Compl. ¶95).

Functionality and Market Context

  • The complaint alleges that the accused systems implement the Sheltered Harbor standard, an industry-wide initiative for financial institutions to protect critical customer account data from cyberattacks (Compl. ¶¶62, 83). The core functionality involves extracting critical account data from a "Production Environment," transmitting it across a secure, "air-gapped" connection, and storing it in an immutable, isolated "Data Vault" (Compl. ¶¶76, 81). This architecture, depicted in a diagram from a Dell technical brief, is designed to create a survivable, secure backup that can be used for restoration if primary systems fail (Compl. ¶72; Dell Sheltered Harbor Solution Brief, p. 32). The complaint asserts these systems are critical for maintaining customer confidence and regulatory compliance (Compl. ¶¶94, 97).

IV. Analysis of Infringement Allegations

U.S. Patent No. 9,015,301 Infringement Allegations

Claim Element (from Independent Claim 25) Alleged Infringing Functionality Complaint Citation Patent Citation
providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters... The accused systems provide a "data vault" with designated stores for select content, which is derived using "protection policies" that function as categorical filters. ¶104 col. 13:30-40
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content... The accused systems activate protection policies (filters) to extract critical financial account information (select content) from the enterprise's data streams. ¶108 col. 13:41-48
which associated select content is at least one of contextually associated select content and taxonomically associated select content... The extracted financial data is associated contextually or taxonomically through the use of metadata and tags to group assets for processing under specific protection rules. ¶108 col. 13:41-48
storing said aggregated select content for said at least one categorical filter in said corresponding select content data store... The extracted critical account data is aggregated and stored in corresponding data stores (storage units or trees) within the secure data vault. ¶112 col. 13:49-52
and for the activated categorical filter, associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process... The system's protection policies associate specific data processes, such as backup (copying/archiving) and vaulting, with the filtered data. ¶115 col. 13:53-59
applying the associated data process to a further data input based upon a result of said further data being processed... Once a protection policy is established, all subsequent data inputs matching the filter criteria are processed in the same way (e.g., nightly backups). ¶118 col. 14:1-5
wherein activating said designated categorical filter encompasses an automatic activation or a manual activation... The processing (e.g., backups) is performed automatically on a designated time interval (nightly), based on an event (new data detection), or manually. ¶121 col. 14:32-38

Identified Points of Contention

  • Scope Questions: A central question may be whether the "protection policies" and "protection rules" described in the accused systems (Compl. ¶¶87, 109) meet the claim definition of "designated categorical filters." The defense may argue that the patent's description of filters is narrower than the general-purpose policy engines used in modern backup systems.
  • Technical Questions: The analysis may focus on whether the accused systems perform the step of "applying the associated data process to a further data input based upon a result of said further data being processed." The question is whether the system's logic for subsequent backups is merely repetitive (a scheduled task) or if it truly relies on a "result" from the prior processing event, as the claim may require.

U.S. Patent No. 9,734,169 Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
providing in said distributed cloud-based computing system: (i) a plurality of select content data stores... (ii) a plurality of granular data stores; and (iii) a cloud-based server... The accused systems are allegedly cloud-based and comprise a secure data vault (select content stores) and production/backup systems (granular data stores), operated by servers. ¶136 col. 3:28-39
(with respect to data processed by said cloud-based system) extracting and storing said security designated data in respective select content data stores; The system extracts critical customer account data and stores it in the secure, air-gapped data vault. ¶143 col. 3:54-57
activating at least one of said select content data stores... thereby permitting access to said select content data stores... based upon an application of one or more of said access controls... The data vault is safeguarded by strict, credential-controlled access, including multi-factor authentication, which must be satisfied to permit access. ¶148 col. 3:40-42
parsing remainder data not extracted from data processed... and storing the parsed data in respective granular data stores; Data not extracted for the vault (remainder data) is stored in the production and backup systems (granular data stores). A diagram shows data moving from "Production Workloads" and "Backup Workloads" to the vault (Compl. ¶152; Dell PowerProtect Solution Brief, p. 35). ¶151 col. 3:58-61
withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto. Data is withdrawn from the vault to a "restoration platform" only upon satisfaction of strict security measures and access controls. ¶157 col. 4:21-27

Identified Points of Contention

  • Scope Questions: The interpretation of "distributed cloud-based computing system" may be disputed. While the complaint points to potential deployment on public clouds like AWS (Compl. ¶132), the core accused architecture appears to be an on-premises or hybrid private vault. The scope of "cloud-based" will be a key issue.
  • Technical Questions: A factual question will be whether the accused architecture truly performs the claimed separation. Does storing non-extracted data in the "production environment" (Compl. ¶152) constitute "storing the parsed data in respective granular data stores" as required by the claim, or is it simply leaving the original data where it was?

V. Key Claim Terms for Construction

The Term: "designated categorical filters" (from '301 Patent, Claim 25)

  • Context and Importance: This term is fundamental to the infringement theory for the ’301 Patent. Plaintiff's case depends on mapping this term to the "protection policies" and "rules" used in the accused Sheltered Harbor-compliant systems (Compl. ¶¶87, 106). The defendant will likely argue that its modern policy-based backup rules are not the "filters" contemplated by the 2007-era patent.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The specification states that filters can be "content-based filters, contextual filters and taxonomic classification filters" and can be based on "enterprise policies" such as "customer privacy policy" or "financial data handling policy" (’301 Patent, col. 4:10-15; col. 13:35-38). This language may support a broad reading that covers modern, policy-based rules.
    • Evidence for a Narrower Interpretation: The detailed description heavily discusses specific types of filters like "taxonomic filters" built using a "Knowledge Expander (KE) search engine" and classifying data via hierarchical systems (’301 Patent, col. 10:22-32). A defendant may argue these specific embodiments limit the term to more than just simple rule-based policies.

The Term: "parsing remainder data" (from '169 Patent, Claim 1)

  • Context and Importance: This term is central to the claimed method of separating sensitive from non-sensitive data. The infringement allegation hinges on the idea that leaving data behind in the production environment after extracting sensitive portions for the vault constitutes "parsing" and "storing" the "remainder data" (Compl. ¶151).
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The patent abstract describes the invention as a method where a processor "parses remainder data not extracted... and stores the parsed data." The term "parsing" itself is not explicitly defined, which may allow it to be given its plain and ordinary meaning of analyzing or resolving data into its components, which could arguably include the act of identifying what is "not extracted."
    • Evidence for a Narrower Interpretation: The specification describes a system where a source document is passed through a filter, and the "uncommon words (extracted-sensitive or select content)" are separated from the "common text or remainder data" which is stored in a "remainder data file" (’169 Patent, col. 39:35-56). This suggests an active process of creating a distinct "remainder data file," which may be different from simply leaving the original source data in place.

VI. Other Allegations

Indirect Infringement

  • The complaint's infringement counts primarily allege that Defendant directly infringes by making and using the accused systems as the operating enterprise (Compl. ¶¶99, 130). There are no separate counts or explicit factual allegations supporting theories of induced or contributory infringement.

Willful Infringement

  • The complaint explicitly alleges willful infringement in Count V. The basis is twofold: (1) post-suit knowledge from the service of the complaint, and (2) alleged pre-suit actual notice dating back to at least October 29, 2008. This pre-suit notice is based on Defendant's alleged citation to the patents-in-suit during the prosecution of its own patent applications at the USPTO (Compl. ¶226).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A core issue will be one of technological translation: can the specific terminology of the 2007-priority patents (e.g., "categorical filters," "parsing remainder data") be construed to read on the architecture and functionality of the modern, industry-standard Sheltered Harbor framework (e.g., "protection policies," "air-gapped data vaults"), which was developed years later? The outcome will likely depend on whether the court views the accused systems as a direct implementation of the patented concepts or as a technologically distinct evolution.
  • A second key question will be one of pre-suit knowledge and willfulness: did Bank of America's citation of the DigitalDoors patents during its own patent prosecution create a duty to investigate potential infringement, and does its failure to do so render the alleged infringement egregious? This will be a highly fact-intensive inquiry into what the defendant knew and when.
  • A third dispositive battleground will likely be patent validity. The complaint makes extensive pre-emptive arguments for why the inventions were non-obvious and unconventional at the time. A central question for the court will be whether the patents claim a genuine technical solution to problems in data security or merely an abstract idea of sorting and storing data, a question that will require assessing the state of the art in distributed data management and security as it existed in 2007.