DCT

2:23-cv-00550

DigitalDoors Inc v. JP Morgan Chase & Co

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 2:23-cv-00550, E.D. Tex., 11/21/2023
  • Venue Allegations: Plaintiff alleges venue is proper because Defendant maintains a regular and established business presence in the Eastern District of Texas, including physical locations and employees, and specifically targets customers within the district.
  • Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, particularly those compliant with the financial industry's "Sheltered Harbor" standard, infringe four patents related to methods for securely filtering, extracting, segmenting, and storing sensitive data in distributed computing systems.
  • Technical Context: The technology concerns granular, content-aware data security and management, a critical function for financial institutions seeking to protect sensitive customer information and ensure operational continuity after catastrophic events like cyberattacks.
  • Key Procedural History: The complaint alleges that Defendant had pre-suit knowledge of the asserted patents as early as September 2014, based on their citation during the prosecution of Defendant's own patent applications. No prior litigation or post-grant proceedings are mentioned.

Case Timeline

Date Event
2007-01-05 Earliest Priority Date for all Patents-in-Suit
2015-01-01 Sheltered Harbor initiative launched
2015-04-21 U.S. Patent No. 9,015,301 Issued
2017-08-15 U.S. Patent No. 9,734,169 Issued
2019-01-15 U.S. Patent No. 10,182,073 Issued
2019-04-02 U.S. Patent No. 10,250,639 Issued
2023-11-21 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301 - "Information Infrastructure Management Tools with Extractor, Secure Storage, Analysis and Classification and Method Therefor"

The Invention Explained

  • Problem Addressed: The patent's background describes the vulnerability of enterprise "open ecosystems" where numerous access points create security risks, and conventional security focuses on entire files rather than the sensitive content within them (Compl. ¶13; ’301 Patent, col. 1:60-2:27). This approach was inadequate for managing data where the sensitivity of information could change over its lifecycle (Compl. ¶32; ’301 Patent, col. 2:28-61).
  • The Patented Solution: The invention provides a method for organizing and processing data by using "categorical filters" to automatically identify and extract specific "select content" (e.g., sensitive data) from a larger data stream. This extracted content is then stored in corresponding secure data stores, and specific data processes (like copy, archive, or destroy) are associated with the filtered content, enabling granular, content-level security and management (Compl. ¶26; ’301 Patent, Abstract; col. 3:20-4:15).
  • Technical Importance: This approach represented a shift from file-level security to content-level security, providing a more flexible and secure method for managing and protecting sensitive information within distributed systems (Compl. ¶13, ¶37).

Key Claims at a Glance

  • The complaint asserts independent claim 25 (’301 Patent, Compl. ¶98).
  • The essential elements of Claim 25 include:
    • A method of organizing and processing data in a distributed computing system for an enterprise.
    • Providing a plurality of select content data stores operative with a plurality of designated categorical filters.
    • Activating at least one filter to process a data input and obtain aggregated select content.
    • Storing the aggregated select content in a corresponding data store.
    • Associating a data process (e.g., copy, extract, archive, distribution, destruction) with the activated filter.
    • Applying that associated data process to a further data input based on the filter's processing result.
    • Wherein the filter activation is automatic (time-based, condition-based, or event-based) or manual.
  • It is common practice for plaintiffs to reserve the right to assert additional claims, including dependent claims, as a case proceeds.

U.S. Patent No. 9,734,169 - "Digital Information Infrastructure and Method for Securing Designated Data and with Granular Data Stores"

The Invention Explained

  • Problem Addressed: The patent addresses the need for robust data security architecture in distributed, and particularly cloud-based, computing environments where sensitive and non-sensitive data coexist.
  • The Patented Solution: The invention describes a method for a distributed cloud-based system that segregates data into different storage types. The system provides "select content data stores" for sensitive, security-designated data and separate "granular data stores" for the remaining, non-sensitive data. A cloud-based server manages access, ensuring that the sensitive data is stored securely with strict access controls, while the remainder data is stored elsewhere (’169 Patent, Abstract). The process involves extracting the sensitive data, storing it securely, parsing the remainder, and storing it separately, with withdrawals from secure storage permitted only when access controls are satisfied (Compl. ¶151, ¶157).
  • Technical Importance: This architecture provides enhanced security by physically or logically separating critical data from the bulk of an enterprise's information and applying distinct, heightened access controls to the most sensitive assets (Compl. ¶136).

Key Claims at a Glance

  • The complaint asserts independent claim 1 (’169 Patent, Compl. ¶129).
  • The essential elements of Claim 1 include:
    • A method of processing data in a distributed cloud-based computing system.
    • Providing a plurality of select content data stores (for secure data), a plurality of granular data stores (for other data), and a cloud-based server with access controls.
    • Providing a communications network coupling the stores and server.
    • Extracting and storing security-designated data in the select content data stores.
    • Activating a select content data store to permit access based on applied access controls.
    • Parsing the remainder data not extracted and storing it in the granular data stores.
    • Withdrawing the secure data and parsed remainder data only when the respective access controls are present.
  • It is common practice for plaintiffs to reserve the right to assert additional claims, including dependent claims, as a case proceeds.

U.S. Patent No. 10,182,073 - "Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores"

  • Technology Synopsis: This patent describes an information infrastructure where data is processed using a plurality of filters. The invention focuses on the ability to dynamically alter these initially configured filters by expanding, contracting, or reclassifying the definitions of sensitive and select content, thereby allowing the data processing system to adapt to evolving security requirements. (’073 Patent, Abstract; Compl. ¶181).
  • Asserted Claims: The complaint asserts independent claim 1 (Compl. ¶165).
  • Accused Features: The accused systems' functionality that allows an enterprise to define, create, and modify data "protection policies," which the complaint alleges are the claimed "filters" that determine which data is extracted for secure vaulting (Compl. ¶181-182, ¶185).

U.S. Patent No. 10,250,639 - "Information Infrastructure Management Data Processing Tools for Regulated Data Flow with Distribution Controls"

  • Technology Synopsis: This patent discloses a method for "sanitizing" data in a distributed system based on multiple sensitivity levels and associated security clearances. The system extracts sensitive content, stores it in secure "extract data stores," and then uses content, contextual, and taxonomic filters to "inference" the remaining data, thereby creating a sanitized version of the data for further processing. (’639 Patent, Abstract; Compl. ¶217).
  • Asserted Claims: The complaint asserts independent claim 16 (Compl. ¶192).
  • Accused Features: The accused systems' use of filters and priority rules to identify sensitive customer financial data, extract it for storage in a secure vault, and perform analytics or "content scans" on the protected data (Compl. ¶197, ¶220).

III. The Accused Instrumentality

Product Identification

  • The "Accused Instrumentalities" are identified as the systems and methods JPMorgan Chase & Co. ("JPM") uses for data processing and backup that are compliant with the "Sheltered Harbor" specification, or provide substantially equivalent functionality (Compl. ¶95).

Functionality and Market Context

  • The complaint alleges the accused systems provide secure "data vaulting" for disaster recovery, a practice it frames as an industry standard for financial institutions (Compl. ¶62, ¶94). This functionality allegedly includes extracting critical customer account data, converting it to a standard format, and storing it in an isolated, immutable, and air-gapped "data vault" (Compl. ¶69, ¶76). The complaint provides Dell's PowerProtect Cyber Recovery solution as a specific, exemplary embodiment of a Sheltered Harbor compliant system (Compl. ¶71). The complaint includes a diagram illustrating the architecture of such a system, showing a "Production Environment" where data is extracted and a separate, air-gapped "Data Vault Environment" where data is replicated and stored (Compl. ¶72, p. 33). The stated purpose of these systems is to ensure that a financial institution can restore critical customer-facing services after a catastrophic cyberattack or other system failure (Compl. ¶70).

IV. Analysis of Infringement Allegations

U.S. Patent No. 9,015,301 Infringement Allegations

Claim Element (from Independent Claim 25) Alleged Infringing Functionality Complaint Citation Patent Citation
providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters... The accused systems allegedly provide a data vault (select content data stores) with designated storage units that house content derived from "protection policies" (designated categorical filters). ¶104, ¶106 col. 13:30-40
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content... as aggregated select content The accused systems allegedly activate "protection policies" to filter and extract critical financial account information from the enterprise's data streams for protective vaulting. ¶108-109 col. 13:58-64
storing said aggregated select content for said at least one categorical filter in said corresponding select content data store The accused systems allegedly store the extracted critical account data (aggregated select content) in corresponding storage units within the secure data vault. ¶112-113 col. 4:1-3
for the activated categorical filter, associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process The accused systems' protection policies allegedly associate data processes like copying, archiving, and extracting with specific types of data to manage backup and vaulting. ¶115-116 col. 4:3-10
applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter... Once a protection policy is established, all subsequent data inputs (e.g., nightly backups) are allegedly processed in the same way under the same policy. ¶118, ¶120 col. 4:10-15
and wherein said activating a designated categorical filter encompasses an automatic activation... [which] is time-based, distributed computer system condition-based, or event-based The accused systems allegedly perform data processing automatically on a designated time interval (e.g., nightly), upon a designated event (e.g., detection of new data), or manually on demand. ¶121-122 col. 14:1-5
  • Identified Points of Contention:
    • Scope Questions: A central question may be whether the "protection policies" of the Sheltered Harbor standard, which focus on identifying "critical business services" and their supporting IT data, meet the patent's definition of "designated categorical filters." The defense may argue that the claimed filters require more sophisticated contextual or taxonomic analysis than the accused backup policies.
    • Technical Questions: What evidence does the complaint provide that the accused systems "apply" a data process to a "further data input based upon a result" of the filtering? A court may need to determine if a recurring backup job constitutes this specific claimed step or is merely a repeated, independent process.

U.S. Patent No. 9,734,169 Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
providing in said distributed cloud-based computing system: (i) a plurality of select content data stores for... security designated data; and (ii) a plurality of granular data stores... The accused systems allegedly provide a secure "data vault" (select content data stores) and separate production/backup systems (granular data stores), which can be deployed in a cloud-based architecture. ¶132, ¶136-137, ¶139 col. 47:5-13
extracting and storing said security designated data in respective select content data stores The accused systems allegedly extract critical financial information and store it in the secure data vault. The complaint provides a diagram illustrating this data flow from production to the vault. ¶143, ¶146, p.33 col. 47:14-17
activating at least one of said select content data stores...thereby permitting access...based upon an application of one or more of said access controls thereat Access to the data vault is allegedly safeguarded by strict security measures, such as multi-factor authentication and least-privilege credentialing. ¶148-149 col. 47:18-24
parsing remainder data not extracted... and storing the parsed data in respective granular data stores Data not extracted for the vault (remainder data) is allegedly stored in production and backup systems, which constitute the "granular data stores." A diagram from the complaint highlights these "Backup Workloads" as distinct from the vault. ¶151-152, p.72 col. 47:25-28
withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto Data is allegedly withdrawn from the vault for restoration only after satisfying strict security protocols and access controls. ¶157-158 col. 47:29-33
  • Identified Points of Contention:
    • Scope Questions: Does JPM's system, which may include significant on-premises components, qualify as a "distributed cloud-based computing system" under a proper construction of that term, which was written in a 2007 priority document?
    • Technical Questions: Does the accused system perform "parsing" of the "remainder data" as required by the claim, or does it simply leave the production data in its native state? The nature of the operations performed on the non-vaulted data may be a point of dispute.

V. Key Claim Terms for Construction

The Term: "designated categorical filter" (from ’301 Patent, Claim 25)

  • Context and Importance: This term is central to the infringement theory for the '301 Patent. Plaintiff's case appears to depend on construing this term to read on the "protection policies" allegedly used in the Sheltered Harbor-compliant systems. The breadth of this term will likely be a focal point of the litigation.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The specification lists a wide array of potential bases for such filters, including "level of service policy, customer privacy policy, supplier privacy policy, enterprise human resource privacy policy," and others, suggesting the term could cover general business rules for data handling (’301 Patent, col. 4:15-21).
    • Evidence for a Narrower Interpretation: The detailed description emphasizes specific, technically complex filter types, such as "content-based filters, contextual filters and taxonomic classification filters" (’301 Patent, col. 13:35-37). A defendant may argue that the term should be limited to these more advanced forms of data analysis, not generic backup selection criteria.

The Term: "distributed cloud-based computing system" (from ’169 Patent, Claim 1)

  • Context and Importance: This term appears in the preamble of Claim 1 of the ’169 Patent and may be treated as a limitation. Infringement of this patent hinges on whether the accused JPM systems meet this definition. Practitioners may focus on this term because the complaint acknowledges that accused systems may be deployed on-premises, in the cloud, or as a hybrid (Compl. ¶92), creating ambiguity.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The patent does not appear to provide a specific, limiting definition of "cloud-based," which may allow the term to encompass its modern, flexible meaning, including hybrid architectures that leverage cloud resources. The specification discusses systems operatively coupled over a network, which could include the internet (Compl. ¶132).
    • Evidence for a Narrower Interpretation: A defendant could argue the term's meaning is limited by the state of cloud technology circa the 2007 priority date. Furthermore, diagrams in the patent family often depict interconnected PCs and servers without explicitly requiring a third-party cloud provider architecture, potentially supporting an argument that a fully on-premises but distributed system does not meet the "cloud-based" limitation.

VI. Other Allegations

Willful Infringement

  • The complaint alleges willful infringement based on two theories of notice (Compl. ¶225-227). First, it alleges continued infringement after JPM received notice via the service of the complaint itself (Compl. ¶226). Second, it alleges pre-suit knowledge dating back to at least September 30, 2014, based on the citation of the asserted patents during the U.S. Patent and Trademark Office's examination of JPM's own patent applications (Compl. ¶226). The complaint further alleges that JPM maintains a policy of "willful blindness" by instructing employees not to review the patents of others (Compl. ¶227).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A core issue will be one of technical mapping: does the architecture of the financial industry's "Sheltered Harbor" standard—which is designed for secure, air-gapped backup and recovery of critical data—directly align with the specific, granular methods of filtering, extracting, associating, and processing data as claimed in the asserted patents?
  • The case will likely involve a significant dispute over definitional scope: can the patent term "designated categorical filter," which is described in the patent with reference to sophisticated contextual and taxonomic analysis, be construed to cover the "protection policies" used in the accused systems to identify and segregate critical financial data for backup?
  • A key legal question for willfulness will be one of pre-suit notice: does the citation of a plaintiff's patent by a patent examiner during the prosecution of a defendant's own, separate patent application constitute legally sufficient notice to support a claim of willful infringement for conduct that occurred before the complaint was filed?