DigitalDoors Inc v. First United Bank & Trust Co

I. Executive Summary and Procedural Information

• Parties & Counsel:
  • Plaintiff: DigitalDoors, Inc. (Florida)
  • Defendant: First United Bank & Trust Company (Oklahoma)
  • Plaintiff’s Counsel: Garteiser Honea, PLLC
• Case Identification: 2:24-cv-00782, E.D. Tex., 09/25/2024
• Venue Allegations: Plaintiff alleges venue is proper based on Defendant maintaining physical branch locations, employing personnel, and conducting substantial business within the Eastern District of Texas.
• Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, particularly those compliant with the financial industry's "Sheltered Harbor" standard, infringe four patents related to methods for granularly filtering, securing, storing, and managing sensitive data in distributed computer systems.
• Technical Context: The technology concerns data security architectures that shift protection from the file level to the content level itself, acritical function for financial institutions needing to ensure the continuity and integrity of customer account data against catastrophic cyberattacks.
• Key Procedural History: The complaint asserts the patents have a priority date of at least January 5, 2007, and argues that the claimed technology was unconventional and non-obvious at the time, predating the financial industry's development of similar standards by many years. The complaint does not reference prior litigation involving the Defendant or any administrative challenges to the patents-in-suit.

Case Timeline

Date	Event
2007-01-05	Earliest Priority Date for all Patents-in-Suit
2015-04-21	U.S. Patent No. 9,015,301 Issued
2015-01-01	Sheltered Harbor Initiative Launched (approx. date)
2017-08-15	U.S. Patent No. 9,734,169 Issued
2019-01-15	U.S. Patent No. 10,182,073 Issued
2019-04-02	U.S. Patent No. 10,250,639 Issued
2024-09-25	Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301 - "Information Infrastructure Management Tools With Extractor, Secure Storage, Analysis and Classification and Method Therefor"

• Patent Identification: U.S. Patent No. 9,015,301, "Information Infrastructure Management Tools With Extractor, Secure Storage, Analysis and Classification and Method Therefor," issued April 21, 2015.

The Invention Explained

• Problem Addressed: The patent describes the state of the art as being unable to effectively manage and secure sensitive data at the content level, particularly within open and vulnerable enterprise ecosystems. Conventional security was focused on entire files, which was inefficient and inadequate for handling unstructured data or information with changing sensitivity over its lifecycle (Compl. ¶¶28, 33; ’301 Patent, col. 1:31-38, 2:28-34).
• The Patented Solution: The invention proposes a method of organizing and processing data by using "categorical filters" to identify and extract specific "select content" from a data stream. This extracted content is then stored in designated data stores, while being linked to specific data processes like copying, archiving, or destruction. This shifts the security paradigm from the file to the granular content itself, allowing for more nuanced and robust data management policies (’301 Patent, Abstract; col. 3:25-4:14).
• Technical Importance: This approach enabled a more granular, content-aware method for data security and management, moving beyond the limitations of conventional file-level access controls (Compl. ¶28).

Key Claims at a Glance

• The complaint asserts independent claim 25 (Compl. ¶99).
• The essential elements of claim 25 include steps for:
  • Providing a plurality of select content data stores operative with a plurality of designated categorical filters.
  • Activating at least one filter and processing a data input to obtain select content and associated select content.
  • Storing the aggregated select content in a corresponding data store.
  • Associating the activated filter with a data process (e.g., copy, extract, archive, distribution, destruction).
  • Applying that associated data process to a further data input based on the results of the filtering.
  • Activating the filter either automatically (based on time, system condition, or event) or manually.

U.S. Patent No. 9,734,169 - "Digital Information Infrastructure and Method for Securing Designated Data and With Granular Data Stores"

• Patent Identification: U.S. Patent No. 9,734,169, "Digital Information Infrastructure and Method for Securing Designated Data and With Granular Data Stores," issued August 15, 2017.

The Invention Explained

• Problem Addressed: The patent addresses the need to secure designated data within a distributed or cloud-based computing environment where data may be stored across numerous, disparate locations, complicating security and access control (’169 Patent, col. 2:1-20).
• The Patented Solution: The invention claims a method for a distributed, cloud-based system that provides separate "select content data stores" (for sensitive data) and "granular data stores" (for remainder data), all managed by a cloud-based server. The system extracts security-designated data and stores it in the secure "select" stores, which have specific access controls. The non-extracted "remainder data" is parsed and stored separately in the "granular" stores. Access to, and withdrawal of, any data is governed by the access controls (’169 Patent, Abstract; col. 3:28-4:10).
• Technical Importance: The invention provides a specific architecture for applying granular data security principles within a cloud-based framework, which is critical for enterprises that do not store all their data in a single, centralized location (Compl. ¶¶131, 133).

Key Claims at a Glance

• The complaint asserts independent claim 1 (Compl. ¶130).
• The essential elements of claim 1 include steps for:
  • Providing a system with a plurality of select content data stores, a plurality of granular data stores, and a cloud-based server, with access controls at each select content store.
  • Providing a communications network coupling these components.
  • Extracting and storing security-designated data in the select content data stores.
  • Activating a select content data store to permit access based on applying one or more access controls.
  • Parsing remainder data not extracted and storing it in the granular data stores.
  • Withdrawing data from any store only when the respective access controls are present.

U.S. Patent No. 10,182,073 - "Information Infrastructure Management Tools With Configurable Filters and Segmental Data Stores"

• Patent Identification: U.S. Patent No. 10,182,073, "Information Infrastructure Management Tools With Configurable Filters and Segmental Data Stores," issued January 15, 2019.
• Technology Synopsis: This patent describes an information infrastructure that processes data using a plurality of filters. The invention appears to center on the capability to dynamically alter these filters—by expanding, contracting, or changing the classification scheme—to adapt data processing rules in response to new information or changing security requirements (’073 Patent, Abstract; Compl. ¶182).
• Asserted Claims: Claim 1 (Compl. ¶166).
• Accused Features: The complaint alleges that the accused systems' use of modifiable "protection policies" to define, run, and monitor data replication and vaulting operations infringes the patent (Compl. ¶¶182-183, 186).

U.S. Patent No. 10,250,639 - "Information Infrastructure Management Data Processing Tools for Data Flow With Distribution Controls"

• Patent Identification: U.S. Patent No. 10,250,639, "Information Infrastructure Management Data Processing Tools for Data Flow With Distribution Controls," issued April 2, 2019.
• Technology Synopsis: This patent discloses a method for "sanitizing" data in a system that uses multiple sensitivity levels and security clearances. The process involves extracting sensitive content into secure "extract data stores" and then using content, contextual, and taxonomic filters to "inference" the resulting sanitized data, thereby creating secure, content-aware versions of the original information (’639 Patent, Abstract; Compl. ¶¶194, 215, 218).
• Asserted Claims: Claim 16 (Compl. ¶193).
• Accused Features: The accused systems are alleged to infringe by extracting critical financial data based on filters and storing it in secure, isolated vaults, thereby creating "sanitized" versions of the data protected by clearance-based access controls (Compl. ¶215).

III. The Accused Instrumentality

Product Identification

• The "Accused Instrumentalities" are identified as the data processing, backup, and disaster recovery systems and methods that Defendant owns, operates, or controls, which are either compliant with the "Sheltered Harbor" specification or provide substantially equivalent functionality (Compl. ¶96).

Functionality and Market Context

• The complaint alleges these systems perform data backup and recovery by implementing the Sheltered Harbor standard. This involves extracting critical customer account data from a "Production Environment," converting it to a standard format, and securely replicating it to an isolated, "air-gapped" "Data Vault" (Compl. ¶¶70, 73-74, 82). This vault is described as immutable and physically or logically separated from corporate networks to protect against cyberattacks (Compl. ¶77). The complaint references a diagram illustrating this architecture, which shows data flowing from a production environment, through a secure replication process over an air-gap, to a data vault environment (Compl. ¶73). Sheltered Harbor is positioned as an essential industry standard for financial institutions to ensure operational resiliency and maintain regulatory compliance and public confidence (Compl. ¶¶63, 95).

IV. Analysis of Infringement Allegations

9,015,301 Infringement Allegations

Claim Element (from Independent Claim 25)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters...	The accused systems provide a "data vault" containing multiple data stores (e.g., for backup, copy, lock, analyze), which operate with "protection policies" that function as categorical filters to identify critical data.	¶105, 107	col. 13:28-40
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content...	The systems activate protection policies to extract "critical financial account information," which is defined as the "select content." The extracted data is associated contextually or taxonomically, for example by using aggregated tags.	¶109, 111	col. 13:41-48
storing said aggregated select content... in said corresponding select content data store...	The extracted critical account data is stored in the secure data vault.	¶113-114	col. 13:49-52
associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process...	The systems associate data processes, such as backup (copying) and vaulting (archiving), with the filtered critical data.	¶116-117	col. 13:57-62
applying the associated data process to a further data input based upon a result of said further data being processed...	Once a protection policy is established, it is automatically applied to subsequent data inputs, such as in nightly backup cycles, to process new data in the same way.	¶119, 121	col. 14:1-6
said activating a designated categorical filter, which encompasses an automatic activation or a manual activation and said automatic activation is time-based, distributed computer system condition-based, or event-based.	The system's protection policies are activated automatically on a nightly schedule (time-based) or when new data is detected (event-based).	¶122, 124	col. 14:48-53

9,734,169 Infringement Allegations

Claim Element (from Independent Claim 1)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
providing in said distributed cloud-based computing system: (i) a plurality of select content data stores...; and (ii) a plurality of granular data stores; and (iii) a cloud-based server...	The accused systems are allegedly cloud-based or hybrid, with the "Data Vault" serving as the select content data stores and the "Production Environment" backup systems serving as the granular data stores, managed by servers.	¶131, 133, 137, 140	col. 3:34-40
extracting and storing said security designated data in respective select content data stores...	The systems extract critical account data and store it securely in the isolated data vault.	¶144, 147	col. 3:44-46
activating at least one of said select content data stores... thereby permitting access... based upon an application of one or more of said access controls thereat.	Access to the data vault is restricted and requires satisfying security measures like multi-factor authentication.	¶149-150	col. 3:47-52
parsing remainder data not extracted... and storing the parsed data in respective granular data stores.	Data not designated as critical (remainder data) is left in the production and backup systems, which are separate from the secure vault and constitute the granular data stores.	¶152-153	col. 3:53-56
withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto.	Data can only be withdrawn from the vault for restoration after strict security and access control protocols are satisfied.	¶158-159	col. 3:57-62

Identified Points of Contention

• Scope Questions: The case may present a dispute over whether the industry-developed "Sheltered Harbor" specifications and their implementation align with the specific technical definitions in the patents, which were filed years earlier. For example, does a "protection policy" in a backup system meet the patent’s definition of a "categorical filter," which the specification describes in the context of content, contextual, and taxonomic analysis?
• Technical Questions: A technical question may arise regarding whether the accused systems perform the affirmative step of "parsing remainder data" as required by the ’169 Patent. The complaint alleges this is met by storing non-extracted data in production systems, but a court may need to determine if this constitutes "parsing" or simply leaving data in its original location.

V. Key Claim Terms for Construction

• The Term: "categorical filter" (’301 Patent)

  • Context and Importance: This term is fundamental to the ’301 Patent's method of selecting data. The plaintiff’s infringement theory equates modern data "protection policies" with this term. The defendant may argue that a "categorical filter" as described in the patent requires a more complex, content-aware analysis than the rules used in a standard backup system.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The patent states that designated categorical filters include "content-based filters, contextual filters and taxonomic classification filters," suggesting the term is a genus covering various rule-based data selection methods (Compl. ¶105; ’301 Patent, col. 13:34-37).
    • Evidence for a Narrower Interpretation: The specification provides detailed descriptions of building these filters using a "Knowledge Expander (KE) search engine" and creating "hierarchical taxonomic system[s]," which could imply a more sophisticated, semantic analysis than simply filtering based on file location or name ('301 Patent, col. 10:22-32).

• The Term: "distributed cloud-based computing system" (’169 Patent)

  • Context and Importance: The scope of this term defines the environment in which the claimed method of the '169 Patent operates. Infringement depends on showing the accused systems, which involve on-premises production environments and isolated vaults, fall within this definition.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The complaint alleges that systems deployed on cloud services like AWS and Microsoft Azure meet this limitation, reflecting a modern, broad understanding of the term (Compl. ¶133).
    • Evidence for a Narrower Interpretation: A defendant could argue that its architecture, which emphasizes a physically "air-gapped" and isolated vault, is distinct from a "cloud-based" system as contemplated by the patent, potentially pointing to specific architectural details in the specification to support a more limited definition.

• The Term: "altering said respective initially configured filters" (’073 Patent)

  • Context and Importance: This term is central to the asserted claim of the '073 patent. The infringement argument depends on showing that modifying a "protection policy" in the accused system constitutes "altering" a "filter" by "expanding," "contracting," or "imposing... a classification." The complaint includes a screenshot from a Dell instructional video showing a user interface for selecting filter options to generate a report, which it alleges demonstrates this capability (Compl. ¶183, p. 94).
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The claim language itself lists several ways of altering, such as "expanding," "contracting," and "imposing or removing a... classification," suggesting the term covers a range of modifications to a filter's scope or logic (’073 Patent, col. 132:1-8).
    • Evidence for a Narrower Interpretation: The specification may link the "altering" process to specific modules or user interfaces that perform functions beyond what is available in a standard backup policy editor, potentially allowing for an argument that simple parameter changes do not rise to the level of "altering" as claimed.

VI. Other Allegations

Willful Infringement

• The complaint alleges that Defendant's infringement was and continues to be willful. This allegation is based on alleged notice of the patents-in-suit, stemming from either the service of the complaint itself or from Defendant's awareness of prior infringement lawsuits filed by the Plaintiff against competitor financial institutions. The complaint further alleges that Defendant maintains a policy or practice of not reviewing the patents of others, constituting willful blindness (Compl. ¶¶227-228).

VII. Analyst’s Conclusion: Key Questions for the Case

• A core issue will be one of definitional scope: can the patent term "categorical filter," rooted in the patent's disclosure of content-based and taxonomic analysis, be construed to cover the "protection policies" used in modern, industry-standard data vaulting systems like those compliant with Sheltered Harbor?
• A second central question will be one of technical operation: does the accused data backup process, which isolates critical data in a secure vault while leaving other data in a production environment, perform the specific, affirmative claim steps of "parsing remainder data" and storing it in distinct "granular data stores," or is there a fundamental mismatch in how the accused systems technically operate?
• Finally, the case will present a significant question of validity in view of Section 101: given the plaintiff's extensive pre-emptive arguments that the inventions were "unconventional" and improved computer functionality, the court will likely need to resolve whether the claims are directed to patent-eligible improvements in data security systems or to the abstract idea of organizing and filtering information.