DCT

2:24-cv-00784

DigitalDoors Inc v. Stifel Bank

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 2:24-cv-00784, E.D. Tex., 09/25/2024
  • Venue Allegations: Plaintiff alleges venue is proper in the Eastern District of Texas because Defendant maintains a regular and established business presence in the district, including physical branch locations, and specifically targets customers there.
  • Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, particularly those compliant with the financial industry’s "Sheltered Harbor" standard, infringe four patents related to methods for securely filtering, storing, and managing sensitive data in distributed computer systems.
  • Technical Context: The technology concerns enterprise-level data security, specifically methods for isolating and preserving critical data to ensure operational continuity after a catastrophic event like a major cyberattack, a domain of high significance in the financial services sector.
  • Key Procedural History: The complaint asserts the patents-in-suit are pioneering and have been cited as relevant prior art in hundreds of subsequent patent applications by major technology and financial services companies. No prior litigation or post-grant proceedings involving the asserted patents are mentioned.

Case Timeline

Date Event
2007-01-05 Earliest Priority Date for all Asserted Patents
2015-04-21 Issue Date for U.S. Patent No. 9,015,301
2015-01-01 Sheltered Harbor initiative launched
2017-08-15 Issue Date for U.S. Patent No. 9,734,169
2019-01-15 Issue Date for U.S. Patent No. 10,182,073
2019-04-02 Issue Date for U.S. Patent No. 10,250,639
2024-09-25 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301 - "Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor"

  • Patent Identification: 9,015,301, "Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor," issued April 21, 2015.
  • The Invention Explained:
    • Problem Addressed: The patent describes the challenge for enterprises in managing and securing sensitive data, particularly unstructured content, within "open ecosystems" that are vulnerable to unauthorized access (Compl. ¶¶28, 32; ’301 Patent, col. 1:60-2:27). It also notes the difficulty of addressing the "changing sensitivity value of information over the lifecycle of the information file" (’301 Patent, col. 2:28-32).
    • The Patented Solution: The invention provides a method for organizing and processing data by using a plurality of "categorical filters" (e.g., content-based, contextual, taxonomic) to identify and extract "select content" from a data input (Compl. ¶30; ’301 Patent, col. 3:56-4:4). This extracted content is stored in corresponding data stores, and specific data processes (such as copying, archiving, or destruction) are associated with the content based on the activated filter (’301 Patent, Abstract). This shifts the security focus from the data file to the content itself (Compl. ¶28).
    • Technical Importance: The technology offered a method to automate the categorization and secure handling of information based on its content, rather than just its file-level properties, which the complaint alleges provided substantial data security benefits over conventional approaches (Compl. ¶30).
  • Key Claims at a Glance:
    • The complaint asserts at least independent Claim 25 (Compl. ¶99).
    • Claim 25 requires, in essence:
      • Providing a distributed computing system with multiple "select content data stores" operative with multiple "designated categorical filters."
      • Activating at least one filter and processing data through it to obtain "select content" that is contextually or taxonomically associated.
      • Storing the aggregated select content in its corresponding data store.
      • Associating a "data process" (e.g., copy, extract, archive, distribution, destruction) with the activated filter.
      • Applying that data process to further data inputs processed by the filter.
      • Wherein the filter activation can be automatic (time-based, condition-based, or event-based) or manual.
    • The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 9,734,169 - "Digital Information Infrastructure and Method for Securing Designated Data and with Granular Data Stores"

  • Patent Identification: 9,734,169, "Digital Information Infrastructure and Method for Securing Designated Data and with Granular Data Stores," issued August 15, 2017.
  • The Invention Explained:
    • Problem Addressed: The patent addresses the need to secure data in a distributed, potentially cloud-based, environment where data is vulnerable to misuse or attack (’169 Patent, col. 2:8-16).
    • The Patented Solution: The invention describes a method for a distributed cloud-based system that separates data into more and less sensitive components. The system extracts "security designated data" and stores it in secure "select content data stores" with access controls (’169 Patent, Abstract). The "remainder data" that was not extracted is parsed and stored separately in "granular data stores," thereby isolating the most critical information ('169 Patent, Abstract).
    • Technical Importance: This approach provides security by separating critical data from the bulk of an organization's data, reducing the attack surface and ensuring that the most sensitive information is protected by heightened access controls (Compl. ¶¶152-153).
  • Key Claims at a Glance:
    • The complaint asserts at least independent Claim 1 (Compl. ¶130).
    • Claim 1 requires, in essence:
      • Providing a distributed cloud-based system with select content data stores, granular data stores, and a cloud-based server.
      • Extracting and storing "security designated data" in the select content data stores.
      • Activating the select content data stores to permit access based on access controls.
      • Parsing "remainder data" not extracted from the data processed.
      • Storing the parsed remainder data in the granular data stores.
      • Withdrawing the security designated data and parsed data from their respective stores only when access controls are satisfied.
    • The complaint does not explicitly reserve the right to assert dependent claims.

Multi-Patent Capsule: U.S. Patent No. 10,182,073 - "Information Infrastructure Management Tools with Configurable Filters and Segmental Data Stores"

  • Patent Identification: 10,182,073, "Information Infrastructure Management Tools with Configurable Filters and Segmental Data Stores," issued January 15, 2019.
  • Technology Synopsis: This patent claims a method for creating an information infrastructure where data is processed using a plurality of filters. A key aspect is the step of "altering" the initially configured filters by expanding, contracting, or changing the classification of the content they are designed to identify, and then using these modified filters to organize further data throughput (’073 Patent, Abstract, Claim 1).
  • Asserted Claims: At least Claim 1 (Compl. ¶166).
  • Accused Features: The complaint alleges that the accused systems, which implement "protection policies" as filters, allow the operating enterprise to modify those policies, thereby altering the filtering parameters for subsequent data processing (Compl. ¶¶182-183, 185). A screenshot from a Dell instructional video shows a user interface for selecting and modifying filter options (Compl. p. 94).

Multi-Patent Capsule: U.S. Patent No. 10,250,639 - "Information Infrastructure Management Data Processing Tools for Processing Data Flow with Distribution Controls"

  • Patent Identification: 10,250,639, "Information Infrastructure Management Data Processing Tools for Processing Data Flow with Distribution Controls," issued April 2, 2019.
  • Technology Synopsis: This patent claims a method for "sanitizing" data in a distributed system. The process involves extracting sensitive content based on a plurality of sensitivity levels and associated security clearances. The resulting "sanitized" data (i.e., the non-extracted remainder) is then processed with content, contextual, or taxonomic filters to obtain "inferenced" data (’639 Patent, Abstract, Claim 16).
  • Asserted Claims: At least Claim 16 (Compl. ¶193).
  • Accused Features: The complaint alleges the accused systems extract critical financial data based on its importance (a sensitivity level) and store it securely, creating a sanitized version of the data that remains in the production environment. This system allegedly uses filters to analyze and "inference" content (Compl. ¶¶215, 218, 221).

III. The Accused Instrumentality

Product Identification

The "Accused Instrumentalities" are systems and methods used by Stifel for processing and backing up data in a distributed system, which are allegedly compliant with the "Sheltered Harbor" specification or are operationally equivalent (Compl. ¶96). The complaint often uses Dell's PowerProtect Cyber Recovery solution as an exemplary compliant system (Compl. ¶72).

Functionality and Market Context

The accused systems are designed to protect critical customer financial data from catastrophic loss, such as from a destructive cyberattack (Compl. ¶63). The core functionality involves extracting critical account data, converting it to a standard format, and storing it in a secure, isolated, "air-gapped" and immutable "data vault" (Compl. ¶¶70, 77). This vault is separated from the primary production and backup networks to ensure its survivability (Compl. ¶77). A corresponding "restoration platform" allows for the recovery of vaulted data to resume basic banking services after an incident (Compl. ¶78). The complaint repeatedly alleges that Sheltered Harbor certification is an industry standard and is recognized or required by regulators (Compl. ¶95). The complaint includes a diagram illustrating the Dell Sheltered Harbor Solution, showing a "Production Environment" and a separate "Data Vault Environment" connected by an "Air-gap" (Compl. p. 32).

IV. Analysis of Infringement Allegations

U.S. Patent No. 9,015,301 Infringement Allegations

Claim Element (from Independent Claim 25) Alleged Infringing Functionality Complaint Citation Patent Citation
a method of organizing and processing data in a distributed computing system having select content important to an enterprise...and represented by one or more predetermined words, characters, images, data elements or data objects, comprising the steps of: The accused systems manage and protect critical customer financial account data for the enterprise (Stifel), which is represented by data elements (Compl. ¶¶100, 102). ¶100, ¶102 col. 13:25-32
providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters... The accused systems provide a "data vault" with designated storage units ("select content data stores") that operate with "protection policies" ("categorical filters") to define and protect critical data (Compl. ¶¶105-107). ¶105, ¶107 col. 3:56-62
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content, which associated select content is at least one of contextually associated select content and taxonomically associated select content, as aggregated select content; The system activates protection policies (filters) to extract critical financial account information, which is grouped using tags and metadata (contextually or taxonomically associated) (Compl. ¶¶109-111). ¶109, ¶111 col. 4:1-9
storing said aggregated select content for said at least one categorical filter in said corresponding select content data store; The extracted critical account data is stored in the corresponding storage units within the secure data vault (Compl. ¶¶113-114). ¶113, ¶114 col. 4:10-12
and for the activated categorical filter, associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process; The system associates data processes like data backup (a copy process) or vaulting (an archive process) with the selected content as defined by the protection policy (Compl. ¶¶116-117). ¶116, ¶117 col. 4:18-24
applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter utilizing said aggregated select content data... Once a protection policy is established, all subsequent data inputs are processed in the same way (e.g., nightly backups) according to that policy (Compl. ¶¶119-121). ¶119, ¶121 col. 4:25-32
wherein activating a designated categorical filter encompasses an automatic activation...and said automatic activation is time-based, distributed computer system condition-based, or event-based. Processing occurs automatically at a designated time interval (nightly), upon a condition (detection of new assets), or based on an event (Compl. ¶¶122, 124). ¶122, ¶124 col. 14:1-4
  • Identified Points of Contention:
    • Scope Questions: A central question may be whether the financial industry's "protection policies" and "data vaults," developed for the Sheltered Harbor standard, can be properly characterized as the patent’s "categorical filters" and "select content data stores." The defense may argue these are distinct concepts of art.
    • Technical Questions: The analysis may focus on whether the accused backup and vaulting operations constitute the specific "data process" required by the claim, and whether subsequent backups are "based upon a result" of prior processing in the manner described by the patent.

U.S. Patent No. 9,734,169 Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
a method of organizing and processing data...in a distributed cloud-based computing system having select content represented by one or more predetermined words, characters, images, data elements or data objects...comprising: The accused systems can be implemented on cloud platforms (e.g., AWS, Azure) to manage and process critical financial account data (Compl. ¶¶131, 133, 134). ¶131, ¶133, ¶134 col. 132:13-18
providing in said distributed cloud-based computing system: (i) a plurality of select content data stores...; and (ii) a plurality of granular data stores; and (iii) a cloud-based server, each select content data store having respective access controls thereat; The system provides a secure data vault ("select content data stores") with access controls, as well as production/backup systems ("granular data stores"), and operates on servers that can be cloud-based (Compl. ¶¶137, 138, 140). ¶137, ¶138, ¶140 col. 4:32-38
(with respect to data processed by said cloud-based system) extracting and storing said security designated data in respective select content data stores; Critical customer account data ("security designated data") is extracted from the production environment and stored in the secure data vault (Compl. ¶¶144-145, 147). ¶144, ¶145 col. 4:41-43
parsing remainder data not extracted from data processed by said cloud-based system and storing the parsed data in respective granular data stores; Data not extracted for the vault ("remainder data") is stored in the production and backup systems ("granular data stores"), which are separate from the vault (Compl. ¶¶152-154). The complaint includes a diagram showing data from "Production Workloads" being vaulted, leaving the original data separate from the "Cyber Recovery Vault" (Compl. p. 78). ¶152, ¶153, ¶154 col. 4:51-54
withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto. Data is withdrawn from the vault and production systems for restoration only upon satisfaction of strict security measures, such as multi-factor authentication (Compl. ¶¶158-160). ¶158, ¶160 col. 4:58-62
  • Identified Points of Contention:
    • Scope Questions: It raises the question of whether an on-premise, air-gapped data vault can be considered part of a "cloud-based computing system," a term whose definition may be critical.
    • Technical Questions: The dispute may center on whether data remaining in a production environment after a backup constitutes "remainder data" that is then "parsed and stored" as required by the claim, or if this is simply a mischaracterization of a standard backup process where the source data is left untouched.

V. Key Claim Terms for Construction

  • For the ’301 Patent

    • The Term: "categorical filters"
    • Context and Importance: This term is foundational to the infringement theory. The complaint equates Sheltered Harbor's "protection policies," which identify critical data for vaulting, with the claimed "categorical filters" (Compl. ¶¶87-88). The case may depend on whether this equivalency holds.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: The specification describes a wide array of filters, including "content-based filters, contextual filters and taxonomic classification filters" (’301 Patent, col. 13:35-38), suggesting the term is not limited to a single type.
      • Evidence for a Narrower Interpretation: The patent provides very specific examples of how these filters operate, such as using a "Knowledge Expander (KE) search engine" to build taxonomic systems (’301 Patent, col. 10:22-32). A defendant may argue that the accused "protection policies" do not use such specific mechanisms.

  • For the ’169 Patent

    • The Term: "remainder data"
    • Context and Importance: The infringement allegation hinges on casting the data left in the production environment as the claimed "remainder data" (Compl. ¶152). Practitioners may focus on whether this term implies that the original data stream is actively divided, with one part being the "extract" and the other being the "remainder," or if it can simply read on the original source data that is left in place after a copy is made.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: The summary of the invention states the method "extracts security sensitive data...and remainder data" and stores the remainder separately (’169 Patent, col. 4:2-6). This could be read broadly to cover any system that separates sensitive data for special storage, leaving the rest behind.
      • Evidence for a Narrower Interpretation: The detailed description sometimes refers to splitting a data stream into "granular parts," where "the harder it is to infer the context, concept and content of the source document" from the separated pieces (’169 Patent, col. 17:1-18). This language may suggest a more active partitioning process than a simple backup.

VI. Other Allegations

  • Indirect Infringement: The complaint focuses on allegations of direct infringement, asserting that Defendant makes, uses, and controls the accused systems (Compl. ¶¶96, 99).
  • Willful Infringement: Plaintiff alleges willful infringement based on Defendant’s actual notice of the asserted patents since at least the date of service of the complaint (Compl. ¶227). The complaint further alleges that Defendant had, or should have had, notice as early as November 21, 2023, due to awareness of similar lawsuits filed by Plaintiff against competitor financial institutions (Compl. ¶227). Finally, it alleges a policy or practice of not reviewing patents of others, constituting willful blindness (Compl. ¶228).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A core issue will be one of definitional scope: can the patents' technical vocabulary, such as "categorical filters" and "select content data stores," be construed to cover the standardized processes and architectures of the modern financial industry's "Sheltered Harbor" framework, which uses terms like "protection policies" and "data vaults"? The case may depend on whether the court views this as a direct mapping or a fundamental mismatch in terminology and technology.
  • A key question of technical operation will be whether the accused systems, which copy critical data to a secure vault while leaving the original data in the production environment, perform the specific claimed step of "parsing remainder data...and storing the parsed data." This will likely involve a factual dispute over whether the data left behind is merely the untouched source or is actively processed as "remainder data" in the manner claimed by the '169 patent.
  • A third central question may concern inventiveness and eligibility, as the complaint dedicates significant space to arguing that the claimed methods were unconventional and not routine at the time of invention (Compl. ¶¶26-57). The defense may challenge the patents by arguing they claim abstract ideas of data organization implemented on generic computer hardware, raising questions for the court regarding patent eligibility under 35 U.S.C. § 101.