DigitalDoors Inc v. BOKF Na Pursuant To Court Order Docket In Lead Case As Directed

I. Executive Summary and Procedural Information

• Parties & Counsel:
  • Plaintiff: DigitalDoors, Inc. (Florida)
  • Defendant: BOKF, NA. (Oklahoma / Texas)
  • Plaintiff’s Counsel: Garteiser Honea, PLLC
• Case Identification: 2:23-cv-00545, E.D. Tex., 11/21/2023
• Venue Allegations: Plaintiff alleges venue is proper in the Eastern District of Texas because Defendant maintains a regular and established business presence, retains employees, services customers, and generates substantial revenue within the district.
• Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, which are compliant with or functionally equivalent to the financial industry's "Sheltered Harbor" standard, infringe four patents related to methods for securely filtering, extracting, storing, and managing sensitive data in distributed computing systems.
• Technical Context: The technology concerns granular, content-aware data security architectures designed to protect critical information within large enterprises from cyberattacks or systemic failures, a significant concern in the financial services sector.
• Key Procedural History: The complaint asserts that the patented technology predates the financial industry's collective development of the "Sheltered Harbor" data protection standard, which began in 2015, and presents this timeline as evidence of the patents' non-obviousness.

Case Timeline

Date	Event
2007-01-05	Earliest Priority Date for all Asserted Patents
2015-04-21	U.S. Patent No. 9,015,301 Issues
2015-01-01	Sheltered Harbor Initiative Launched
2017-08-15	U.S. Patent No. 9,734,169 Issues
2019-01-15	U.S. Patent No. 10,182,073 Issues
2019-04-02	U.S. Patent No. 10,250,639 Issues
2023-11-21	Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301 - "Information Infrastructure Management Tools With Extractor, Secure Storage, Content Analysis and Classification and Method Therefor"

• Patent Shorthand: The “’301 Patent”
• Issued: April 21, 2015

The Invention Explained

• Problem Addressed: The patent’s background section describes the difficulties enterprises faced in managing and securing information, particularly in unstructured formats and within open ecosystems with numerous access points. Conventional systems were ill-equipped to classify sensitive data efficiently or manage its changing value over its lifecycle (Compl. ¶27; ’301 Patent, col. 1:31-2:61).
• The Patented Solution: The invention proposes a method of organizing and processing data by moving from file-level to content-level management. It utilizes a system of "categorical filters" (e.g., content-based, contextual, taxonomic) to automatically identify and extract important "select content" from a data stream. This extracted content is then stored in corresponding secure data stores, and specific data processes (e.g., copying, archiving, distribution) are associated with the activated filters to manage subsequent data inputs (’301 Patent, Abstract; col. 3:26-4:26).
• Technical Importance: This approach allowed for a more granular and intelligent method of data security and disaster recovery by focusing on the content itself rather than the files containing it (Compl. ¶29).

Key Claims at a Glance

• The complaint asserts at least independent Claim 25 (Compl. ¶98).
• The essential elements of Claim 25 include:
  • Providing a plurality of select content data stores operative with a plurality of designated categorical filters.
  • Activating at least one filter and processing a data input through it to obtain "select content" and "associated select content."
  • Storing the resulting "aggregated select content" in a corresponding data store.
  • Associating a data process (e.g., copy, extract, archive) with the activated filter.
  • Applying that associated data process to a further data input based on the result of that further data being processed by the filter.
  • Wherein the filter activation can be automatic (e.g., time-based, condition-based, or event-based) or manual.
• The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 9,734,169 - "Digital Information Infrastructure and Method for Security Designated Data and With Granular Data Stores"

• Patent Shorthand: The “’169 Patent”
• Issued: August 15, 2017

The Invention Explained

• Problem Addressed: The patent addresses the need to secure sensitive data within a distributed, potentially cloud-based computing system, where data is dispersed across multiple locations and requires robust, granular access controls (’169 Patent, col. 1:60-2:46).
• The Patented Solution: The invention provides a method for separating data into "security designated data" (sensitive content) and "remainder data." The sensitive data is extracted and stored in a plurality of "select content data stores" (e.g., a secure vault), while the non-sensitive remainder data is stored in separate "granular data stores" (e.g., production systems). A cloud-based server and a communications network manage the system, enforcing strict access controls for both storing and withdrawing the secured data (’169 Patent, Abstract).
• Technical Importance: The technology provides an architectural blueprint for isolating and securing an organization's most critical data assets within a distributed network while allowing normal operations on less sensitive data (Compl. ¶26).

Key Claims at a Glance

• The complaint asserts at least independent Claim 1 (Compl. ¶129).
• The essential elements of Claim 1 include:
  • In a distributed cloud-based system, providing select content data stores (for sensitive data), granular data stores (for remainder data), and a cloud-based server with access controls.
  • Providing a communications network coupling the stores and server.
  • Extracting and storing the sensitive "security designated data" in the select content data stores.
  • Activating a data store to permit access to the sensitive data based on applying access controls.
  • Parsing the "remainder data" not extracted and storing it in the granular data stores.
  • Withdrawing the sensitive data and/or parsed remainder data only when the respective access controls are present.
• The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 10,182,073 - "Information Infrastructure Management Tools With Variable and Configurable Filters and Segmental Data Stores"

• Patent Shorthand: The “’073 Patent”
• Issued: January 15, 2019
• Technology Synopsis: The ’073 Patent describes an information infrastructure where initially configured filters identify and separate sensitive content from data throughput. A key aspect is the ability to dynamically alter these filters—by expanding, contracting, or changing their classification structure—to generate modified filters that are then used to organize subsequent data processing (’073 Patent, Abstract; Compl. ¶12, ¶181).
• Asserted Claims: At least Claim 1 (Compl. ¶165).
• Accused Features: The complaint alleges that the user interfaces of the accused systems, which allow an enterprise to define, run, and modify data protection policies, constitute the claimed altering of filters to generate modified filters (Compl. ¶182, ¶185). A screenshot in the complaint depicts a user interface for selecting and applying different filters to a report (Compl. p. 95).

U.S. Patent No. 10,250,639 - "Information Infrastructure Management Data Processing Tools for Processing Data Flow With Distribution Controls"

• Patent Shorthand: The “’639 Patent”
• Issued: April 2, 2019
• Technology Synopsis: The ’639 Patent discloses a method for "sanitizing" data processed in a distributed system. The method involves extracting sensitive content based on its sensitivity level and storing it and the non-extracted "remainder data" separately. The invention further claims inferencing the sanitized data using content, contextual, and taxonomic filters to obtain "inferenced" data (’639 Patent, Abstract; Compl. ¶12, ¶217).
• Asserted Claims: At least Claim 16 (Compl. ¶192).
• Accused Features: The complaint alleges that the accused systems' extraction of critical account data for storage in a secure vault creates the claimed "sanitized" data. The use of protection policies with priority levels is alleged to perform the claimed "inferencing" with content, contextual, and taxonomic filters (Compl. ¶197, ¶217-218).

III. The Accused Instrumentality

Product Identification

• Data processing and storage systems and methods used by Defendant BOKF that are compliant with, or functionally equivalent to, the "Sheltered Harbor" data protection specification (collectively, the "Accused Instrumentalities") (Compl. ¶95).

Functionality and Market Context

• The complaint alleges the Accused Instrumentalities are used for data backup and disaster recovery of critical customer financial information (Compl. ¶4, ¶95). The core functionality, as described in the context of the Sheltered Harbor standard, involves extracting critical account data from production systems, converting it to a standardized format, and storing it in a secure, immutable, and air-gapped "data vault" (Compl. ¶69, ¶76). This vault is isolated from corporate networks to protect against cyberattacks (Compl. ¶73).
• The complaint presents a diagram illustrating this architecture, showing a "Production Environment" where data is extracted and an isolated "Data Vault Environment" where replicated data is stored after passing through an "Air-gap" (Compl. p. 33).
• The Sheltered Harbor standard is described as an industry-wide initiative to protect the U.S. financial system, suggesting the Accused Instrumentalities are of high commercial importance for regulatory compliance and maintaining customer confidence (Compl. ¶62, ¶94).

IV. Analysis of Infringement Allegations

’9015,301 Patent Infringement Allegations

Claim Element (from Independent Claim 25)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
a method of organizing and processing data in a distributed computing system having select content important to an enterprise...	Defendant’s enterprise operates a distributed system of servers, hardware, and software for vaulting data compliant with Sheltered Harbor specifications.	¶99	col. 13:26-33
providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters...	The accused systems provide a "data vault" with multiple data stores (e.g., for backup, copy, analysis) intended to house content derived from designated "protection policies" (filters).	¶104, ¶106	col. 13:34-40
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content... as aggregated select content.	The systems activate protection policies to extract critical financial account information, which is aggregated based on contextual or taxonomic associations (e.g., using tags).	¶108, ¶110	col. 13:41-48
storing said aggregated select content for said at least one categorical filter in said corresponding select content data store;	The extracted and aggregated critical account data is stored in corresponding storage units within the secure data vault.	¶112-113	col. 13:49-52
associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process.	The system associates processes like copying data to the vault, archiving it per technical requirements, and controlling its distribution for recovery.	¶115-116	col. 13:55-60
applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter...	Once a protection policy is established, all subsequent data inputs (e.g., nightly backups) are automatically processed according to that same policy.	¶118, ¶120	col. 13:61-66
wherein activating said designated categorical filter encompasses an automatic activation... [which] is time-based, distributed computer system condition-based, or event-based.	Processing occurs automatically at a designated time interval (e.g., nightly backups) or upon an event (e.g., detection of new assets).	¶121-122	col. 14:1-5

Identified Points of Contention

• Scope Questions: A central question may be whether the "protection policies" used in Sheltered Harbor-compliant systems, which identify critical business services and their supporting IT data, meet the definition of "designated categorical filters" as described in the patent, which includes content-based, contextual, and taxonomic classification filters.
• Technical Questions: The complaint alleges that applying a pre-set policy to subsequent data inputs satisfies the "applying the associated data process to a further data input based upon a result of said further data being processed" limitation. It remains a question for the court whether simply processing new data through an existing filter constitutes an action "based upon a result" of that processing, or if the claim requires a more dynamic feedback loop.

’9,734,169 Patent Infringement Allegations

Claim Element (from Independent Claim 1)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
In a distributed cloud-based computing system... providing... (i) a plurality of select content data stores for... security designated data; and (ii) a plurality of granular data stores; and (iii) a cloud-based server...	The accused systems are allegedly cloud-based, providing a secure "data vault" (select content stores) and production/backup systems (granular data stores).	¶132, ¶136, ¶139	col. 132:15-24
providing a communications network operatively coupling said plurality of select content data stores and cloud-based server;	The system includes a network that couples the production environment and the data vault, which may be "air-gapped" but is connectable for replication.	¶141-142	col. 132:25-27
extracting and storing said security designated data in respective select content data stores;	Critical financial account data is extracted from the production environment and stored in the secure data vault.	¶143, ¶146	col. 132:28-30
activating at least one of said select content data stores...permitting access...based upon an application of one or more of said access controls thereat;	Access to data within the vault is permitted only upon satisfaction of strict security measures, such as multi-factor authentication.	¶148-149	col. 132:31-35
parsing remainder data not extracted from data processed by said cloud-based system and storing the parsed data in respective granular data stores;	Data not extracted as critical (remainder data) is stored in the production and backup systems (granular data stores). The complaint includes a diagram showing "Backup Workloads" as granular data stores (Compl. p. 72).	¶151-152	col. 132:36-39
withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto.	Data is withdrawn from the vault for restoration only after strict security and access controls are satisfied.	¶157-158	col. 132:40-44

Identified Points of Contention

• Scope Questions: Does the term "distributed cloud-based computing system" read on the specific architecture implemented by the Defendant, which may be on-premises, fully cloud-based, or a hybrid? The complaint alleges compliant systems are designed for cloud deployment, but the specific facts of Defendant's implementation will be critical.
• Technical Questions: The claim requires parsing and storing "remainder data" in "granular data stores." A question may arise as to whether leaving non-critical data in its original production environment constitutes the affirmative steps of "parsing" and "storing" it in separate, designated "granular data stores" as contemplated by the patent.

V. Key Claim Terms for Construction

Term: "designated categorical filters" (’301 Patent, Claim 25)

• Context and Importance: This term is fundamental to the ’301 Patent’s infringement theory. The case may turn on whether the "protection policies" and data identification rules within the Sheltered Harbor standard are properly construed as "categorical filters." A narrow construction could limit the claim to more complex, AI-driven systems, while a broader one could cover the rule-based systems alleged to be infringing.
• Intrinsic Evidence for Interpretation:
  • Evidence for a Broader Interpretation: The patent Summary states the system has a plurality of filters including "content-based filters, contextual filters and taxonomic classification filters," suggesting the term is a genus covering different species of filters (’301 Patent, col. 3:34-37).
  • Evidence for a Narrower Interpretation: The specification describes sophisticated embodiments, such as using a "Knowledge Expander (KE) search engine" to build filters and employing "hierarchical taxonomic" systems (’301 Patent, col. 10:22-32). This may suggest that a "categorical filter" requires more than a simple keyword or metadata rule.

Term: "parsing remainder data... and storing the parsed data in respective granular data stores" (’169 Patent, Claim 1)

• Context and Importance: The infringement allegation relies on equating the accused system's production and backup systems with the claimed "granular data stores" where "remainder data" is stored. The construction of this phrase will determine whether simply leaving non-extracted data in its original location satisfies this claim element.
• Intrinsic Evidence for Interpretation:
  • Evidence for a Broader Interpretation: The patent abstract distinguishes between "SC data" (stored in select data stores) and "granular data" (stored in granular data stores), which may support an interpretation where any storage of non-SC data falls into the "granular data stores" category (’169 Patent, Abstract).
  • Evidence for a Narrower Interpretation: The claim language requires affirmative steps of "parsing" and "storing." A defendant may argue this requires more than simply not extracting the data, suggesting an active process of segmenting and relocating the remainder data into specifically designated "granular data stores" that are distinct from the original source.

VI. Other Allegations

• Indirect Infringement: The complaint focuses on allegations of direct infringement, asserting that Defendant makes, uses, and controls the Accused Instrumentalities (Compl. ¶95, ¶98, ¶129).
• Willful Infringement: The complaint alleges that Defendant has been on notice of the patents since at least the date of service of the complaint and that any continued infringement is willful (Compl. ¶226). It further alleges a policy or practice of not reviewing patents of others, amounting to willful blindness (Compl. ¶227).

VII. Analyst’s Conclusion: Key Questions for the Case

• A core issue will be one of definitional scope: can the term "designated categorical filters," which the patents describe with reference to complex content, contextual, and taxonomic analysis, be construed broadly enough to read on the "protection policies" of the industry-standard Sheltered Harbor framework, which focus on identifying and backing up critical business data?
• A second central question will be one of architectural mapping: does the accused disaster recovery architecture—which isolates a secure "data vault" from a "production environment"—map onto the patents' claimed structure of distinct "select content data stores" and "granular data stores"? The case may turn on whether leaving non-critical data in production systems constitutes the affirmative claim step of "storing" it in "granular data stores."
• Finally, a key evidentiary question will be one of technological implementation: the complaint alleges the accused systems are "cloud-based," but the degree to which Defendant’s specific on-premises, hybrid, or multi-cloud infrastructure embodies the features of a "distributed cloud-based computing system" as required by the ’169 patent will be a critical factual dispute.