DCT
2:24-cv-00780
DigitalDoors Inc v. First Financial Bank
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: DigitalDoors, Inc. (Florida)
- Defendant: First Financial Bank (Texas)
- Plaintiff’s Counsel: Garteiser Honea, PLLC
- Case Identification: 2:24-cv-00780, E.D. Tex., 09/25/2024
- Venue Allegations: Plaintiff alleges venue is proper in the Eastern District of Texas because Defendant is a Texas-based financial institution that maintains physical branch locations and employees within the district, generates substantial revenue there, and specifically targets customers in the region.
- Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, which are asserted to be compliant with the financial industry’s "Sheltered Harbor" standard, infringe four patents related to methods for securely filtering, extracting, and storing granular data in distributed computing systems.
- Technical Context: The technology concerns secure data management for disaster recovery, a critical function for financial institutions seeking to protect sensitive customer account data and ensure operational continuity in the event of a catastrophic cyberattack.
- Key Procedural History: The complaint does not reference prior litigation or post-grant proceedings involving the asserted patents. However, it extensively cites the financial industry's collective development of the Sheltered Harbor standard, which began in 2015, as secondary evidence that the patented inventions were novel, non-obvious, and unconventional at their earlier priority date.
Case Timeline
| Date | Event |
|---|---|
| 2007-01-05 | Earliest Priority Date for all Patents-in-Suit |
| 2015-01-01 | Sheltered Harbor Initiative Launched (Accused Technology Framework) |
| 2015-04-21 | U.S. Patent No. 9,015,301 Issues |
| 2017-08-15 | U.S. Patent No. 9,734,169 Issues |
| 2019-01-15 | U.S. Patent No. 10,182,073 Issues |
| 2019-04-02 | U.S. Patent No. 10,250,639 Issues |
| 2024-09-25 | Complaint Filed |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 9,015,301 - "Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor," issued April 21, 2015
The Invention Explained
- Problem Addressed: The patent’s background section describes the vulnerabilities of enterprises operating in open digital ecosystems, noting the difficulty of managing unstructured content, efficiently classifying sensitive data, and securing information throughout its lifecycle using conventional file-based security methods (Compl. ¶28; ’301 Patent, col. 1:31-2:61).
- The Patented Solution: The invention proposes a content-centric security model. Instead of securing an entire file, the system uses a variety of filters (e.g., categorical, contextual, taxonomic) to identify and extract specific pieces of "select content" from a data stream. This sensitive extracted content is then managed and stored separately from the remaining data, allowing for granular, policy-based control over data access, storage, and reconstruction (’301 Patent, Abstract; col. 3:20-39).
- Technical Importance: This approach provided a more flexible and robust method for managing sensitive information in distributed networks by shifting the security focus from the container (the file) to the content itself (Compl. ¶28, ¶38).
Key Claims at a Glance
- The complaint asserts independent claim 25 (Compl. ¶99).
- The essential elements of Claim 25 include:
- Providing a plurality of select content data stores operative with a plurality of designated categorical filters.
- Activating at least one filter to process a data input and obtain select content.
- Storing the aggregated select content in a corresponding data store.
- Associating a data process (e.g., copy, extract, archive) with the activated filter.
- Applying that associated data process to a further data input based on the result of the processing.
- Wherein the activation is automatic (e.g., time-based, condition-based) or manual.
U.S. Patent No. 9,734,169 - "Digital Information Infrastructure and Method for Securing Designated Data and With Granular Data Stores," issued August 15, 2017
The Invention Explained
- Problem Addressed: The patent addresses the need for enhanced data security in distributed and cloud-based computing environments, where traditional perimeter security is insufficient to protect sensitive information from unauthorized access or cyberattacks (Compl. ¶28, ¶32; ’169 Patent, col. 1:11-2:13).
- The Patented Solution: The invention describes a method and system for organizing data in a distributed cloud architecture. A processor extracts "security designated data" and stores it in secure, access-controlled "select content data stores." The "remainder data" that was not extracted is parsed and stored separately in "granular data stores." Access to both data sets is governed by strict controls, ensuring that data can only be withdrawn by authorized users or processes (’169 Patent, Abstract; col. 3:27-4:27).
- Technical Importance: The patent teaches a specific architecture for enhancing data resilience by physically or logically separating highly sensitive information from the bulk of the data and securing it in purpose-built, access-controlled storage within a cloud environment (Compl. ¶131, ¶133).
Key Claims at a Glance
- The complaint asserts independent claim 1 (Compl. ¶130).
- The essential elements of Claim 1 include:
- Providing select content data stores, granular data stores, and a cloud-based server coupled by a communications network.
- Extracting and storing security-designated data in the select content data stores.
- Activating a select content data store to permit access based on one or more access controls.
- Parsing remainder data not extracted from the data processed.
- Storing the parsed remainder data in respective granular data stores.
- Parsing and storing the remainder data according to a predetermined algorithm.
- Withdrawing data from the stores only in the presence of the respective access controls.
Multi-Patent Capsule: U.S. Patent No. 10,182,073 - "Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores," issued January 15, 2019
- Technology Synopsis: This patent describes an information infrastructure that processes data throughput using a plurality of filters. The invention’s focus is on the dynamic nature of these filters, teaching a system that not only identifies sensitive content with initially configured filters but also alters those filters—by expanding, contracting, or reclassifying them—and then generates modified filters to organize further data throughput based on the alterations (’073 Patent, Abstract; col. 3:20-30).
- Asserted Claims: Claim 1 (Compl. ¶166).
- Accused Features: The accused systems allegedly provide a user interface for defining, running, and monitoring data protection policies, which the complaint asserts includes the ability to modify existing policies by changing parameters, thereby altering the filters applied to data (Compl. ¶182, ¶183, ¶185). A screenshot from a Dell instructional video shows a user interface for selecting filters to generate a report (Compl. p. 94).
Multi-Patent Capsule: U.S. Patent No. 10,250,639 - "Information Infrastructure Management Data Processing Tools for Data Flow with Distribution Controls," issued April 2, 2019
- Technology Synopsis: This patent discloses a method for "sanitizing" data by distinguishing between "sensitive content" (which has multiple security levels) and "select content." The system extracts sensitive content into secure data stores corresponding to its designated security level, with the non-extracted data and remainder data forming a "sanitized" version. The invention further claims the step of "inferencing" this sanitized data using content, contextual, and taxonomic filters (’639 Patent, Abstract; col. 4:28-48).
- Asserted Claims: Claim 16 (Compl. ¶193).
- Accused Features: The complaint alleges that the accused systems perform sanitization by extracting critical account data (sensitive content) into a secure vault while leaving other data in the production environment. The subsequent use of analytics or filtering on the vaulted data is alleged to constitute the claimed "inferencing" step (Compl. ¶215, ¶218, ¶221).
III. The Accused Instrumentality
Product Identification
The complaint identifies the "Accused Instrumentalities" as the data backup and disaster recovery systems and methods that Defendant FFB owns, operates, or controls (Compl. ¶96). These systems are alleged to be compliant with the financial industry's "Sheltered Harbor" specification or to be "substantially equivalent" in functionality (Compl. ¶96). The Dell PowerProtect Cyber Recovery solution is identified as an "exemplary system" that meets the Sheltered Harbor requirements (Compl. ¶72, ¶79).
Functionality and Market Context
The accused systems are designed to protect critical customer financial data from catastrophic loss, particularly from cyberattacks (Compl. ¶63). The core functionality involves regularly extracting critical account data, converting it into a standardized format, and storing it in a secure, immutable, and isolated "data vault" (Compl. ¶70, ¶73, ¶77). This vault is "air-gapped," meaning it is logically or physically disconnected from the main production and backup networks to prevent corruption (Compl. ¶77, ¶81). A diagram in the complaint illustrates this architecture, showing a "Production Environment" from which data is replicated across an "Air-gap" to a "Data Vault Environment" for secure storage and processing (Compl. p. 32). In the event of a system failure, data is recovered from this isolated vault to a "restoration platform" to resume basic banking services (Compl. ¶71, ¶78). The complaint frames these systems not as optional products but as implementations of an industry-wide standard developed to ensure the stability of the U.S. financial markets (Compl. ¶63, ¶95).
IV. Analysis of Infringement Allegations
U.S. Patent No. 9,015,301 Infringement Allegations
| Claim Element (from Independent Claim 25) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters... | The accused systems provide a "data vault" (select content data stores) that houses content derived from "protection policies" (categorical filters) established by the enterprise to identify critical business data. | ¶105, ¶107 | col. 13:30-40 |
| activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content... as aggregated select content. | The systems activate these protection policies to extract critical financial account data, which is aggregated based on contextual or taxonomic associations such as metadata tags. | ¶109, ¶111 | col. 13:41-47 |
| associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process... | The accused systems associate data processes like copying, archiving, and extracting with the filtered content, as required by the Sheltered Harbor standard to back up data to the secure vault. | ¶116, ¶117 | col. 13:58-62 |
| applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter... | Once a protection policy is established, the system automatically applies the same backup and vaulting process to all subsequent data inputs that match the policy. | ¶119, ¶121 | col. 13:63-67 |
| said automatic activation is time-based, distributed computer system condition-based, or event-based. | Processing occurs automatically based on a time schedule (e.g., nightly), a condition (e.g., detection of new data), or an event, consistent with Sheltered Harbor standards. | ¶122, ¶124 | col. 14:1-4 |
Identified Points of Contention:
- Scope Questions: A central question may be whether a "protection policy" as implemented in the accused systems, which defines what data to back up, is equivalent to a "categorical filter" as described in the patent, which is depicted as actively processing a data stream to separate content.
- Technical Questions: The claim requires "applying the associated data process... based upon a result of said further data being processed." It is an open question what evidence the complaint provides to show this causal link, versus a system that simply applies a pre-set rule to all incoming data regardless of the "result" of prior processing.
U.S. Patent No. 9,734,169 Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| providing in said distributed cloud-based computing system: (i) a plurality of select content data stores... (ii) a plurality of granular data stores; and (iii) a cloud-based server... | The accused systems can be deployed in the cloud and consist of a secure "data vault" (select content data stores) that is isolated from the main production and backup systems (granular data stores). | ¶133, ¶137, ¶140 | col. 132:16-24 |
| extracting and storing said security designated data in respective select content data stores; | The systems extract critical account data as defined by enterprise policies and store this data in the secure, air-gapped data vault. | ¶144, ¶145 | col. 132:30-32 |
| parsing remainder data not extracted from data processed by said cloud-based system and storing the parsed data in respective granular data stores. | Data that is not extracted and sent to the vault remains in the production and backup systems, which the complaint identifies as the "granular data stores" for this "remainder data." | ¶152, ¶153 | col. 132:39-42 |
| withdrawing some or all of said security designated data... only in the presence of said respective access controls applied thereto. | The data vault is protected by strict security measures, including multi-factor authentication, and data can be withdrawn for restoration only after these access controls are satisfied. | ¶158, ¶160 | col. 132:51-55 |
Identified Points of Contention:
- Scope Questions: The complaint alleges that the production and backup systems where data originates are the "granular data stores." A potential issue is whether leaving data in its original location constitutes "storing" it in a separate, claimed "granular data store," or if the claim requires an active transfer to a distinct storage location.
- Technical Questions: What evidence does the complaint provide that the accused system performs an active step of "parsing remainder data"? The allegation appears to be that by extracting some data, the remaining data is implicitly parsed. This raises the question of whether an omission to act (not extracting data) satisfies an affirmative claim limitation ("parsing").
V. Key Claim Terms for Construction
The Term: "categorical filters" (from ’301 Patent, Claim 25)
- Context and Importance: This term is foundational to the patent's method of identifying sensitive content. The plaintiff's infringement theory equates this term with the "protection policies" used in the accused Sheltered Harbor systems. The viability of the infringement case for the ’301 patent may depend heavily on this construction.
- Intrinsic Evidence for a Broader Interpretation: The specification suggests filters can be based on a wide range of enterprise policies, such as "customer privacy policy, enterprise human resource privacy policy, financial data handling policy," which could support a broad definition covering general, rule-based data selection criteria (’301 Patent, col. 4:8-14).
- Intrinsic Evidence for a Narrower Interpretation: The patent also provides more technical examples, describing "content-based filters, contextual filters and taxonomic classification filters" as the operative components (’301 Patent, col. 13:35-37). An argument could be made that the term should be limited to these specific, technically-defined filter types rather than high-level business rules.
The Term: "parsing remainder data" (from ’169 Patent, Claim 1)
- Context and Importance: The infringement theory for the ’169 patent relies on the idea that data left behind in the production environment after extraction constitutes "parsed remainder data." The definition of "parsing" is therefore critical to determining if an infringing act occurred.
- Intrinsic Evidence for a Broader Interpretation: The patent abstract states that a processor "separates" data into select content and remainder data (’169 Patent, Abstract). This could support an interpretation where the act of extraction inherently "parses" or separates the data streams, without requiring further processing of the remainder.
- Intrinsic Evidence for a Narrower Interpretation: The detailed description links parsing to an active process of breaking data into smaller components for storage, such as dispersing "granular pieces of plain text data" (’169 Patent, col. 15:30-34). This language may support an argument that "parsing" requires more than simply leaving data un-extracted in its original location.
VI. Other Allegations
Willful Infringement
The complaint alleges that Defendant's infringement is willful. It asserts that Defendant has had actual notice of the DigitalDoors patents since at least the service of the complaint (Compl. ¶227). In the alternative, it alleges Defendant has been on notice since at least November 21, 2023, due to its awareness of similar patent infringement lawsuits filed by DigitalDoors against competitor financial institutions (Compl. ¶227). The complaint further alleges that Defendant maintains a policy of "willfully blind[ing]" itself to the patent rights of others by not reviewing third-party patents (Compl. ¶228).
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of definitional scope: can the patent term "categorical filter," which is described in the context of content analysis, be construed broadly enough to read on the high-level "protection policies" used in the accused disaster recovery systems, which primarily define which datasets to back up?
- A key technical question will be one of action versus inaction: do the accused systems, which copy select data to a vault while leaving the "remainder data" in the production environment, perform the active, claimed steps of "parsing" and "storing" that remainder data? The case may turn on whether the failure to move data constitutes the affirmative data processing steps recited in the claims.
- A central narrative tension will be the role of the industry standard: does the widespread adoption of the Sheltered Harbor standard, developed years after the patents' priority date, demonstrate the non-obviousness and value of the patented inventions, as Plaintiff contends, or does it represent a parallel, non-infringing technological path developed independently by the financial industry?