DCT

2:23-cv-00551

DigitalDoors Inc v. Prosperity Bank

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 2:23-cv-00551, E.D. Tex., 11/21/2023
  • Venue Allegations: Plaintiff alleges venue is proper because Defendant maintains physical business locations, employs personnel, generates substantial revenue, and specifically targets customers within the Eastern District of Texas.
  • Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, which are asserted to be compliant with the "Sheltered Harbor" financial industry standard, infringe four patents related to methods for securely filtering, extracting, and storing sensitive data in distributed computing environments.
  • Technical Context: The technology concerns architectures for data survivability, particularly for separating critical data from general data streams, storing it securely in segmented locations, and enabling controlled reconstruction for disaster recovery.
  • Key Procedural History: The complaint emphasizes that the patents’ priority date of January 2007 predates the financial industry's collective development of the Sheltered Harbor standard, which began in 2015. This timeline is presented to support allegations that the patented inventions were unconventional and non-obvious at the time they were made.

Case Timeline

Date Event
2007-01-05 Earliest Priority Date for all Asserted Patents
2015-04-21 U.S. Patent No. 9,015,301 Issued
2015-01-01 "Sheltered Harbor" industry initiative launched (approximate)
2017-08-15 U.S. Patent No. 9,734,169 Issued
2019-01-15 U.S. Patent No. 10,182,073 Issued
2019-04-02 U.S. Patent No. 10,250,639 Issued
2023-11-21 Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301 - "Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor"

The Invention Explained

  • Problem Addressed: The patent's background describes the vulnerability of enterprise "open ecosystems" where numerous access points create security risks, and conventional systems lacked the ability to manage unstructured content or address the changing sensitivity of information over its lifecycle (Compl. ¶27; ’301 Patent, col. 1:60-2:61).
  • The Patented Solution: The invention proposes a method for organizing and processing data by using various "categorical filters" (e.g., content-based, contextual, taxonomic) to identify and extract important "select content" from a larger data stream. This granular, extracted content is then stored in designated, secure data stores, enabling content-level security and management rather than relying solely on file-level permissions ('301 Patent, Abstract; col. 3:17-4:35).
  • Technical Importance: This approach represented a shift from managing data files to managing the sensitive content within those files, enabling more sophisticated security and data survivability protocols in distributed networks (Compl. ¶27).

Key Claims at a Glance

  • The complaint asserts infringement of at least independent Claim 25 ('301 Patent, col. 131:26-132:20; Compl. ¶98).
  • Essential elements of Claim 25 include:
    • Providing a plurality of select content data stores operative with designated categorical filters.
    • Activating a filter to process a data input to obtain "select content" and "associated select content."
    • Storing the resulting "aggregated select content" in a corresponding data store.
    • Associating a data process (e.g., copy, extract, archive) with the activated filter.
    • Applying that associated data process to a "further data input" based on the result of processing.
    • The filter activation can be automatic (e.g., time-based or event-based) or manual.
  • The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 9,734,169 - "Digital Information Infrastructure and Method for Security Designated Data and with Granular Data Stores"

The Invention Explained

  • Problem Addressed: The patent addresses the need for secure and resilient data management in distributed and cloud-based computing environments, where sensitive data is exposed to threats (’169 Patent, col. 1:60-2:27).
  • The Patented Solution: The invention claims a method for a distributed, cloud-based system that extracts "security designated data" and stores it in secure, access-controlled "select content data stores." The remaining "remainder data" is parsed and stored separately in "granular data stores." A cloud-based server manages the access controls, ensuring that data can only be withdrawn from the secure stores when authorized ('169 Patent, Abstract).
  • Technical Importance: The claimed method provides a specific architecture for enhancing data security in cloud environments by physically and logically segmenting sensitive information from non-sensitive information and subjecting it to stricter access controls (Compl. ¶130).

Key Claims at a Glance

  • The complaint asserts infringement of at least independent Claim 1 ('169 Patent, col. 132:13-55; Compl. ¶129).
  • Essential elements of Claim 1 include:
    • Providing (i) a plurality of select content data stores, (ii) a plurality of granular data stores, and (iii) a cloud-based server with access controls.
    • Providing a communications network coupling the stores and server.
    • Extracting and storing "security designated data" in the select content data stores.
    • Activating a select content data store to permit access based on the application of access controls.
    • Parsing "remainder data" not extracted and storing it in the granular data stores.
    • Withdrawing data from the stores only when the respective access controls are applied.
  • The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 10,182,073 - "Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores"

  • Technology Synopsis: This patent describes an information infrastructure that processes data using a plurality of filters. The method involves identifying sensitive content with initially configured filters and then "altering" those filters (e.g., expanding or contracting their parameters) to generate "modified configured filters" that are then used to organize subsequent data throughput (’073 Patent, Abstract; Compl. ¶181-182).
  • Asserted Claims: At least Claim 1 is asserted (Compl. ¶165).
  • Accused Features: The complaint targets the accused systems' functionality that allows an enterprise to define, run, and modify data protection and replication policies, alleging this corresponds to the claimed altering and generating of modified filters (Compl. ¶182, ¶185).

U.S. Patent No. 10,250,639 - "Information Infrastructure Management Data Processing Tools for Processing Data Flow with Distribution Controls"

  • Technology Synopsis: This patent claims a method for "sanitizing" data by extracting sensitive content from a data input based on different sensitivity levels and associated security clearances. The extracted sensitive data is stored in secure "extract stores," creating "sanitized" versions of the data. The method also includes "inferencing" the sanitized data using content, contextual, and taxonomic filters (’639 Patent, Abstract; Compl. ¶193, ¶217).
  • Asserted Claims: At least Claim 16 is asserted (Compl. ¶192).
  • Accused Features: The complaint alleges that the accused systems' use of priority filters, clearance levels, and data analytics to protect sensitive financial data embodies the claimed steps of extracting, sanitizing, and inferencing content (Compl. ¶197, ¶220).

III. The Accused Instrumentality

Product Identification

  • The "Accused Instrumentalities" are identified as the data processing and disaster recovery systems and methods owned and operated by Defendant Prosperity Bank, which are alleged to be compliant with the "Sheltered Harbor" industry standard or provide substantially equivalent functionality (Compl. ¶95). The complaint identifies Dell's PowerProtect Cyber Recovery solution as an exemplary system that embodies the Sheltered Harbor specifications (Compl. ¶71).

Functionality and Market Context

  • The accused systems are designed to ensure the stability of financial institutions by protecting critical customer account data against catastrophic events like cyberattacks (Compl. ¶62). Their core function involves creating secure, isolated, and immutable backups of this data in a specialized "data vault" (Compl. ¶75-76).
  • The architecture of these systems, as described in the complaint, involves extracting critical data from a "Production Environment," replicating it to a "Vault Environment" across a secure "Air-gap," and storing it in a locked, encrypted format. The complaint includes a diagram from a Dell solution brief illustrating this process of data extraction, secure replication, and storage in a locked "Sheltered Harbor Vault" (Compl. ¶72).
  • The complaint alleges that participation in the Sheltered Harbor standard, which covers nearly three-quarters of U.S. deposit accounts, is a critical component of a financial institution's business continuity, regulatory compliance, and reputational standing (Compl. ¶64, ¶94).

IV. Analysis of Infringement Allegations

U.S. Patent No. 9,015,301 Infringement Allegations

Claim Element (from Independent Claim 25) Alleged Infringing Functionality Complaint Citation Patent Citation
a method of organizing and processing data in a distributed computing system having select content important to an enterprise... The accused systems manage and protect critical customer financial account data, which is content important to the Defendant bank. ¶99, ¶101 col. 13:25-33
providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters... The systems provide a "data vault" containing multiple data stores (for backup, copy, etc.) that operate with "protection policies" which function as categorical filters to identify data for protection. ¶104-106 col. 13:34-40
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content... as aggregated select content The systems activate these protection policies to extract critical financial information, which is allegedly identified as contextually or taxonomically associated using aggregated tags. ¶108-110 col. 13:41-47
storing said aggregated select content for said at least one categorical filter in said corresponding select content data store The extracted critical data is stored in corresponding storage units within the secure data vault. ¶112-113 col. 13:48-51
for the activated categorical filter, associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process... The systems associate processes such as copying, extracting, and archiving with the selected data to execute the data vaulting in accordance with defined policies. ¶115-116 col. 13:54-59
applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter... Once a protection policy is established, all subsequent data inputs (e.g., later backups) are processed in the same way under that policy. ¶118-119 col. 13:60-65
said automatic activation is time-based, distributed computer system condition-based, or event-based The system performs data processing automatically based on a time interval (e.g., nightly backups) or an event (e.g., detection of new data). ¶121-123 col. 14:1-5
  • Identified Points of Contention:
    • Scope Questions: A central dispute may be whether the "protection policies" and "dynamic filters" of the accused Sheltered Harbor systems (Compl. ¶106) fall within the scope of the term "categorical filters" as defined and described in the '301 Patent.
    • Technical Questions: The complaint alleges the use of "aggregated tags" to identify "contextually associated" and "taxonomically associated" content (Compl. ¶108). A technical question is what evidence demonstrates that the accused system's tagging functionality performs this specific type of semantic association as required by the claim.

U.S. Patent No. 9,734,169 Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
A method of organizing and processing data in a distributed cloud-based computing system... The accused systems are described as being optionally implemented on cloud platforms like AWS, Azure, or Google Cloud. ¶130, ¶132 col. 132:14-18
providing... (i) a plurality of select content data stores...; and (ii) a plurality of granular data stores; and (iii) a cloud-based server... The systems provide a secure "data vault" (select content stores), production/backup systems (granular data stores), and operate via a cloud or cloud-like server architecture. ¶136-139 col. 132:19-27
extracting and storing said security designated data in respective select content data stores The systems extract critical financial data based on established policies and store it in the secure data vault. ¶143-144 col. 132:32-35
activating at least one of said select content data stores...thereby permitting access...based upon an application of one or more of said access controls thereat Access to the data vault is safeguarded by strict measures, including multi-factor authentication and credentialed access controls. ¶148-149 col. 132:36-41
parsing remainder data not extracted... and storing the parsed data in respective granular data stores Data not extracted as critical remains in the production and backup systems, which function as the granular data stores. A diagram showing these production workloads is referenced (Compl. ¶78). ¶151-152 col. 132:42-45
withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto Data is withdrawn from the vault for restoration only after satisfying strict security protocols and access controls. ¶157-158 col. 132:51-55
  • Identified Points of Contention:
    • Scope Questions: The claim requires a "distributed cloud-based computing system." It raises the question of whether a financial institution's potentially on-premises or hybrid data vault implementation meets this definition, or if the term is limited to public cloud infrastructures.
    • Technical Questions: The claim requires distinct "select content data stores" and "granular data stores." The analysis may turn on whether the accused system's "data vault" and its "production and backup systems" map cleanly onto these two structurally distinct claim elements.

V. Key Claim Terms for Construction

  • The Term: "categorical filter" ('301 Patent)

  • Context and Importance: This term is fundamental to the inventive concept of the '301 Patent. The Plaintiff's infringement theory equates the accused "protection policies" with this term. The viability of that theory will depend on the term's construction.

  • Intrinsic Evidence for Interpretation:

    • Evidence for a Broader Interpretation: The specification states that designated categorical filters "include content-based filters, contextual filters and taxonomic classification filters" ('301 Patent, col. 13:37-39), suggesting the term is a genus that could encompass various types of rule-based data selection mechanisms.
    • Evidence for a Narrower Interpretation: The detailed description provides specific examples of filters built using a "hierarchical taxonomic system" and a "Knowledge Expander (KE) search engine" ('301 Patent, col. 10:22-32), which could be used to argue for a more limited construction tied to these specific, structured classification technologies.

  • The Term: "parsing remainder data" ('169 Patent)

  • Context and Importance: The infringement allegation connects this step to the storage and encryption of non-extracted data (Compl. ¶151, ¶155). Whether the accused system performs this step depends on whether "parsing" requires an active data manipulation process or can be satisfied by simply segregating and storing the data that is left over after extraction.

  • Intrinsic Evidence for Interpretation:

    • Evidence for a Broader Interpretation: A party could argue that the act of separating extracted data from remainder data is itself a form of parsing, where the remainder is identified and directed for storage in the "granular data stores" (i.e., the production environment).
    • Evidence for a Narrower Interpretation: The specification describes "parsing algorithms" in other contexts that involve actively processing and breaking down data into granular pieces, such as using an Information Dispersal Algorithm (IDA) ('169 Patent, col. 15:58-16:24). This may support an argument that "parsing" requires more than passive segregation.

VI. Other Allegations

  • Indirect Infringement: The complaint focuses on direct infringement by Defendant's use and operation of the accused systems and does not plead separate counts for induced or contributory infringement (Compl. ¶98, ¶129).
  • Willful Infringement: Willfulness is alleged for all four patents based on continued infringement after Defendant received notice of the patents via the service of the complaint (Compl. ¶125, ¶161, ¶188, ¶223). A separate count for "Knowledge and Willfulness" further alleges that Defendant has a policy or practice of not reviewing the patents of others, constituting willful blindness (Compl. ¶227).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A core issue will be one of technological mapping: can the patented terminology of "categorical filters," "taxonomic classification," and distinct "select" vs. "granular" data stores be construed to cover the accused "Sheltered Harbor" architecture, which is defined by industry-standard "protection policies" and physically separate "production" versus "vault" environments?
  • A central validity question may turn on timing and non-obviousness: the complaint positions the 2007-priority patents as a pioneering invention that predates the financial industry's 2015 development of the accused Sheltered Harbor standard. The case may hinge on evidence establishing whether the claimed methods were truly unconventional in the field of high-security data management as of 2007, or if they represented an obvious combination of known data security principles.
  • A key definitional question for the '169 patent will be one of architectural scope: does the term "distributed cloud-based computing system," as used in the patent, read on the specific data vaulting architecture implemented by the Defendant, which may be deployed on-premises, in a hybrid model, or fully in a third-party cloud?