DCT

2:23-cv-00547

DigitalDoors Inc v. East West Bank A California State Banking Corp

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 2:23-cv-00547, E.D. Tex., 11/21/2023
  • Venue Allegations: Plaintiff alleges venue is proper because Defendant maintains a regular and established business presence in the Eastern District of Texas and specifically targets customers within the district.
  • Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, particularly those compliant with the financial industry's "Sheltered Harbor" standard, infringe four patents related to methods for securely identifying, extracting, storing, and managing sensitive data in distributed computing systems.
  • Technical Context: The technology addresses secure data management and cyber-resilience, a critical operational area for financial institutions responsible for protecting sensitive customer account information from catastrophic data loss.
  • Key Procedural History: The complaint asserts that the patented inventions predate the financial industry's development of the accused "Sheltered Harbor" standard by several years, framing the standard's later creation as evidence of the patents' non-obviousness and unconventionality at the time of invention.

Case Timeline

Date Event
2007-01-05 Earliest Priority Date for all Patents-in-Suit
2015-04-21 U.S. Patent No. 9,015,301 Issued
2015-01-01 "Sheltered Harbor" industry initiative launched (approx. date)
2017-08-15 U.S. Patent No. 9,734,169 Issued
2019-01-15 U.S. Patent No. 10,182,073 Issued
2019-04-02 U.S. Patent No. 10,250,639 Issued
2023-11-21 Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301 - "Information Infrastructure Management Tools with Extractor, Secure Storage, Analysis and Classification and Method Therefor," Issued Apr. 21, 2015

The Invention Explained

  • Problem Addressed: The patent describes the difficulty enterprises faced in managing and securing sensitive data, which was often spread across both structured and unstructured formats and within "open ecosystems" that were vulnerable to attack and misuse (Compl. ¶27; '301 Patent, col. 1:31-2:27). Conventional systems were allegedly inefficient at classifying data and controlling access at a granular, content-based level (Compl. ¶27; '301 Patent, col. 1:39-55).
  • The Patented Solution: The invention proposes a method for organizing and processing data by using a plurality of "categorical filters" to identify and obtain "select content" from a data stream. This select content is then stored in corresponding data stores, and specific data processes (e.g., copy, archive, extract) are associated with the activated filter. Subsequent data inputs are then automatically subjected to the same process, enabling a systematic way to separate and manage important information ('301 Patent, Abstract; col. 3:17-4:35).
  • Technical Importance: This approach shifted data management from a file-based to a content-based paradigm, allowing for more granular control over sensitive information within a distributed system (Compl. ¶27).

Key Claims at a Glance

  • The complaint asserts independent method Claim 25 (Compl. ¶98).
  • The essential elements of Claim 25 include:
    • Providing a plurality of select content data stores operative with designated categorical filters.
    • Activating at least one filter to process a data input and obtain select content that is contextually or taxonomically associated.
    • Storing the aggregated select content in a corresponding data store.
    • Associating a data process (e.g., copy, extract, archive, distribution, destruction) with the activated filter.
    • Applying the associated data process to a further data input.
    • Activating the filter automatically (based on time, system condition, or event) or manually.
  • The complaint does not explicitly reserve the right to assert dependent claims for this patent.

U.S. Patent No. 9,734,169 - "Digital Information Infrastructure and Method for Securing Designated Data and with Granular Data Stores," Issued Aug. 15, 2017

The Invention Explained

  • Problem Addressed: The patent addresses the need to secure sensitive data in distributed, and particularly cloud-based, computing environments where data is stored across multiple locations ('169 Patent, Abstract). The challenge lies in isolating critical data while maintaining access for authorized operations like recovery.
  • The Patented Solution: The invention describes a method for processing data in a cloud-based system by providing separate data stores for "security designated data" and "granular data." The system extracts the sensitive, security-designated data and stores it, while parsing the "remainder data" (i.e., the non-sensitive portion) and storing it separately in granular data stores. Access controls are applied to the secure stores, and data can be withdrawn for reconstruction only when those controls are satisfied ('169 Patent, Abstract).
  • Technical Importance: This method provides enhanced security by physically and logically separating sensitive data from the bulk of the non-sensitive data, reducing the attack surface and ensuring that critical information is protected in isolated stores (Compl. ¶52).

Key Claims at a Glance

  • The complaint asserts independent method Claim 1 (Compl. ¶129).
  • The essential elements of Claim 1 include:
    • Providing in a distributed cloud-based system: a plurality of select content data stores, granular data stores, and a cloud-based server, all coupled by a communications network.
    • Extracting and storing security designated data in the select content data stores.
    • Activating the select content data stores to permit access based on access controls.
    • Parsing remainder data not extracted from the processed data.
    • Storing the parsed remainder data in the granular data stores.
    • Withdrawing data from the stores only in the presence of the access controls.
  • The complaint does not explicitly reserve the right to assert dependent claims for this patent.

Multi-Patent Capsule: U.S. Patent No. 10,182,073

  • Patent Identification: U.S. Patent No. 10,182,073, "Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores," Issued Jan. 15, 2019.
  • Technology Synopsis: This patent focuses on creating a data processing infrastructure that uses an initial set of filters to identify sensitive and select content. The invention's contribution is the ability to subsequently alter these filters—by expanding, contracting, or reclassifying their scope—and then generate modified filters to organize further data throughput dynamically ('073 Patent, Abstract).
  • Asserted Claims: At least Claim 1 (Compl. ¶165).
  • Accused Features: The complaint alleges that the accused systems, such as Dell's PowerProtect solution, provide a user interface that allows the enterprise to define, run, and modify existing "policies" that govern data replication and storage. This ability to modify existing filter parameters is alleged to infringe (Compl. ¶¶181-182).

Multi-Patent Capsule: U.S. Patent No. 10,250,639

  • Patent Identification: U.S. Patent No. 10,250,639, "Information Infrastructure Management Data Processing Tools for Processing Data Flow with Distribution Controls," Issued Apr. 2, 2019.
  • Technology Synopsis: This patent describes a method for "sanitizing" data by processing it through filters that separate content based on sensitivity levels, each associated with a security clearance. The system extracts sensitive content into secure "extract data stores" and select content into "select content data stores," leaving a sanitized remainder. The invention further includes "inferencing" this sanitized data using content, contextual, and taxonomic filters ('639 Patent, Abstract).
  • Asserted Claims: At least Claim 16 (Compl. ¶192).
  • Accused Features: The complaint alleges that the accused Sheltered Harbor systems perform the claimed sanitization by extracting critical financial data for secure vaulting, which separates it from the remainder data left in the production environment. The use of filters and analytics to identify and protect this data is alleged to meet the "inferencing" limitations (Compl. ¶¶214, 217-220).

III. The Accused Instrumentality

  • Product Identification: Defendant EWB's systems and methods for processing data in a distributed system, specifically its data backup and disaster recovery systems (Compl. ¶95). The complaint collectively refers to these as the "Accused Instrumentalities" (Compl. ¶95).
  • Functionality and Market Context:
    • The complaint alleges the Accused Instrumentalities are compliant with the "Sheltered Harbor" standard, an industry-wide initiative for protecting critical customer account data to ensure operational resilience for financial institutions after a cyberattack (Compl. ¶¶62, 95).
    • The core alleged functionality involves extracting critical financial data from production systems, converting it to a standard format, and storing it in a secure, isolated, and immutable "data vault" that is "air-gapped" from the main corporate network (Compl. ¶¶69, 76). This process is designed to create secure backups that can be used to restore essential banking services if primary systems fail (Compl. ¶70). The complaint uses Dell's PowerProtect Cyber Recovery system as an exemplary embodiment of this functionality (Compl. ¶71). A diagram in the complaint illustrates this architecture, showing data extraction from a "Production Environment" and secure replication to an air-gapped "Data Vault Environment" (Compl. p. 32).

IV. Analysis of Infringement Allegations

U.S. Patent No. 9,015,301 Infringement Allegations

Claim Element (from Independent Claim 25) Alleged Infringing Functionality Complaint Citation Patent Citation
a method of organizing and processing data... having select content important to an enterprise... The Accused Instrumentalities organize and process critical customer financial account data for EWB, the enterprise (Compl. ¶¶99, 101). ¶99 col. 13:25-34
providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters... The accused systems provide a "data vault" with multiple data stores (e.g., for backup, copy, lock, analyze) that are operative with "protection policies," which are alleged to be the claimed categorical filters (Compl. ¶¶104-106). ¶¶104-106 col. 13:35-41
activating at least one of said designated categorical filters... to obtain said select content and associated select content, which... is at least one of contextually associated select content and taxonomically associated select content... The accused systems activate "protection policies" (filters) to extract critical financial account information. This extracted information is allegedly associated contextually or taxonomically through the use of aggregated tags and metadata (Compl. ¶¶108-110). ¶¶108-110 col. 13:42-47
storing said aggregated select content for said at least one categorical filter in said corresponding select content data store; The accused systems place the aggregated select content (e.g., critical account data backups) into corresponding storage units within the data vault (Compl. ¶¶112-113). ¶¶112-113 col. 13:48-51
associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process; The accused systems associate data processes such as copying, archiving, and extracting data with the select content as part of the data vaulting and backup procedures defined by enterprise policies (Compl. ¶¶115-116). ¶¶115-116 col. 13:52-58
applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter... Once a protection policy is established, all subsequent data inputs matching the filter are processed in the same way, such as being copied to the designated storage unit in the data vault (Compl. ¶¶118-119). ¶¶118-119 col. 13:59-64
wherein activating a designated categorical filter encompasses an automatic activation or a manual activation and said automatic activation is time-based, distributed computer system condition-based, or event-based. The processing of data backups is alleged to occur automatically at designated time intervals (e.g., nightly) or based on events (e.g., detection of new data), and can also be run manually on demand (Compl. ¶¶121-123). ¶¶121-123 col. 14:1-5

U.S. Patent No. 9,734,169 Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
A method of organizing and processing data in a distributed cloud-based computing system... The Accused Instrumentalities are alleged to be cloud-based systems for processing and vaulting EWB's data (Compl. ¶¶130, 132). ¶¶130, 132 col. 132:14-18
providing in said... computing system: (i) a plurality of select content data stores...; and (ii) a plurality of granular data stores; and (iii) a cloud-based server... The accused systems allegedly provide a "data vault" (select content stores) and production/backup systems (granular data stores), which are implemented in a cloud architecture with servers (Compl. ¶¶136-139). The complaint's diagram of a Dell system shows "Backup Workloads" as an example of granular data stores (Compl. p. 71). ¶¶136-139 col. 132:20-27
(with respect to data processed by said cloud-based system) extracting and storing said security designated data in respective select content data stores; The accused systems extract critical customer account data (security designated data) and store it in the secure data vault (select content data stores) (Compl. ¶¶143-146). ¶¶143-146 col. 132:32-35
activating at least one of said select content data stores... thereby permitting access... based upon an application of one or more of said access controls thereat; Access to the data vault is allegedly protected by security measures, including strict credentialing and multi-factor authentication (Compl. ¶¶148-149). ¶¶148-149 col. 132:36-40
parsing remainder data not extracted from data processed... and storing the parsed data in respective granular data stores; The remainder data (non-extracted data) is stored in production and backup systems, which are separate from the data vault and constitute the granular data stores (Compl. ¶¶151-152). ¶¶151-152 col. 132:41-44
withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto. Data can allegedly be withdrawn from the vault to a restoration platform only upon satisfying strict security and access controls (Compl. ¶¶157-158). ¶¶157-158 col. 132:51-55
  • Identified Points of Contention:
    • Scope Questions: A central issue may be whether the term "categorical filters" in the '301 patent, which the specification describes in relation to content, context, and taxonomy, can be construed to read on the "protection policies" of the accused systems, which are alleged to operate based on infrastructure metadata like "VM Folder Name" (Compl. ¶109). Similarly, for the '169 patent, a question may arise as to whether leaving non-critical data in its original production/backup systems constitutes "parsing remainder data" and "storing the parsed data" as required by the claim.
    • Technical Questions: The complaint heavily relies on the public-facing standards of Sheltered Harbor and documentation for exemplary systems like Dell PowerProtect. A key question for the court will be what evidence demonstrates that EWB's specific, implemented systems actually perform each step of the asserted methods. For example, what evidence shows that EWB's system uses filters that are "contextually" or "taxonomically" driven, as opposed to being based on simpler metadata tags?

V. Key Claim Terms for Construction

  • The Term: "categorical filters" ('301 Patent, Claim 25)
  • Context and Importance: This term is foundational to the infringement theory for the '301 patent. The Plaintiff's case appears to depend on this term being broad enough to cover the "protection policies" and rules-based systems used in Sheltered Harbor-compliant architectures (Compl. ¶¶105-106). Practitioners may focus on this term because its construction could determine whether metadata-based filtering (e.g., by folder name) falls within the claim scope.
    • Evidence for a Broader Interpretation: The patent states that "designated categorical filters are used to store select content relative to the category in certain SC stores" and that these categories cover a wide range of enterprise policies, suggesting a broad, purpose-driven definition ('301 Patent, col. 12:51-63).
    • Evidence for a Narrower Interpretation: The detailed description repeatedly breaks down "categorical filters" into more specific types, such as "content-based filters, contextual filters and taxonomic classification filters," which could suggest the term is limited to filters that analyze the substance of the data, not just its location or metadata ('301 Patent, col. 13:37-39).
  • The Term: "parsing remainder data" ('169 Patent, Claim 1)
  • Context and Importance: The infringement allegation for this element relies on the idea that data not extracted to the secure vault is the "remainder data," and leaving it in production/backup systems is the act of "parsing" and "storing" it (Compl. ¶¶151-152). This construction is critical, as a narrower definition requiring an active parsing and separate storage step might not be met.
    • Evidence for a Broader Interpretation: The patent abstract describes extracting "sensitive/select data" and leaving "remainder data," which may support the view that the "remainder" is simply what is left over, without requiring further processing. The term "parsing" is used throughout the specification in the context of splitting a data stream or document into constituent parts ('169 Patent, col. 16:34-40).
    • Evidence for a Narrower Interpretation: A defendant might argue that "parsing" implies an active analysis and division of the remainder data itself, rather than the passive act of not moving it. The specification discusses using algorithms to parse data into granular pieces, which could support a more active definition ('169 Patent, col. 113:51-57).

VI. Other Allegations

  • Indirect Infringement: The complaint does not contain separate counts for indirect infringement.
  • Willful Infringement: The complaint alleges that Defendant's infringement continued after it received notice of the patents via service of the complaint (Compl. ¶¶125, 161, 188, 223). It further alleges that Defendant has a policy or practice of not reviewing the patents of others, constituting willful blindness to Plaintiff's rights (Compl. ¶227).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A core issue will be one of definitional scope: can patent claims describing "categorical filters" based on data's context and taxonomy be construed to cover the accused systems' "protection policies," which are alleged to operate on infrastructure metadata such as virtual machine folder names? The outcome may depend on whether the patent's specific examples are read as limiting or merely illustrative.
  • A second central question will be one of technological mapping: does the architecture of the Sheltered Harbor standard, which separates a secure "data vault" from general "production/backup" systems, map onto the specific claim elements requiring, for example, the "parsing" and "storing" of "remainder data" into "granular data stores"? The case may turn on whether simply leaving data behind in its original location satisfies these active-sounding claim limitations.
  • A key evidentiary question will be the extent to which Plaintiff can prove, beyond the general descriptions of the Sheltered Harbor standard, that Defendant's specific, in-use data recovery systems practice every element of the asserted method claims as alleged.