Softex LLC v. Lenovo Shanghai Electronics Technology Co Ltd

I. Executive Summary and Procedural Information

• Parties & Counsel:
  • Plaintiff: Softex LLC (Delaware)
  • Defendant: Lenovo (Shanghai) Electronics Technology Co. Ltd., Lenovo Group, Ltd., Lenovo Beijing, Ltd., Lenovo PC HK Limited, and Lenovo (United States), Inc. (collectively, "Lenovo") (People's Republic of China; Delaware)
  • Plaintiff’s Counsel: McKool Smith, P.C.
• Case Identification: 1:22-cv-01310, W.D. Tex., 12/14/2022
• Venue Allegations: Plaintiff alleges venue is proper in the Western District of Texas because Lenovo maintains a regular and established place of business in the district, including employing individuals in Austin, and has committed the alleged acts of infringement within the district.
• Core Dispute: Plaintiff alleges that certain Lenovo computers and devices, by incorporating either Microsoft's "Find My Device" feature or Absolute Software's "Absolute Persistence" technology, infringe seven patents related to persistent, low-level electronic device security and tracking systems.
• Technical Context: The technology at issue involves embedding security and tracking software into tamper-resistant portions of a device's architecture, such as the BIOS or a hidden hard drive partition, to ensure the software survives theft-related events like operating system reinstallation or hard drive replacement.
• Key Procedural History: The asserted patents claim priority to 2003 and relate to Plaintiff’s predecessor’s “TheftGuard” technology, which the complaint notes was the subject of a 2003 press release involving Phoenix Technologies and Absolute Software concerning its installation on OEM BIOSs. One of the asserted patents, U.S. Patent No. 8,506,649, was the subject of a post-complaint Inter Partes Review (IPR) proceeding (IPR2023-01185), which resulted in a disclaimer of all claims (1-25) of that patent.

Case Timeline

Date	Event
2003-08-23	Earliest Priority Date for all Asserted Patents
2009-09-15	U.S. Patent No. 7,590,837 Issued
2012-03-06	U.S. Patent No. 8,128,710 Issued
2012-03-20	U.S. Patent No. 8,137,410 Issued
2012-03-27	U.S. Patent No. 8,145,892 Issued
2012-10-16	U.S. Patent No. 8,287,603 Issued
2013-08-13	U.S. Patent No. 8,506,649 Issued
2013-08-20	U.S. Patent No. 8,516,235 Issued
2022-12-14	Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 7,590,837 - “Electronic Device Security and Tracking System and Method,” Issued September 15, 2009

The Invention Explained

• Problem Addressed: The patent’s background describes the ineffectiveness of then-current device security measures. Software-based solutions were easily disabled by thieves because they were stored on accessible parts of a hard drive, while physical security measures were costly and did not permit tracking or recovery of a stolen device (Compl. ¶30; ’837 Patent, col. 1:12-30).
• The Patented Solution: The invention proposes a persistent, multi-part security system. It comprises an "application component" running in the main operating system, a "non-viewable security component" stored in a hidden or protected area, and a "BIOS security component" residing in a secure, non-volatile area like the BIOS ROM. The BIOS component is configured to check the integrity of the other components during the boot process and, if they have been tampered with, restore them, thereby ensuring the security system's survival (Compl. ¶31; ’837 Patent, col. 17:62-18:8). Figure 44 of the patent illustrates this three-part architecture, showing the BIOS component (4410) interacting with the non-viewable component (4415) and application component (4425).
• Technical Importance: This architecture provided a technical framework for security software to persist through events that would typically erase it, such as reformatting the hard drive, which represented a significant advance in anti-theft technology (Compl. ¶26).

Key Claims at a Glance

• The complaint asserts at least independent Claim 1 (Compl. ¶78).
• Claim 1 of the ’837 Patent recites an electronic device security and tracking system with these essential elements:
  • An electronic device supporting an operating system (OS).
  • An application component that executes in the OS environment, is configured to send location information to a server, and can determine if the device is reported stolen.
  • A non-viewable security component with a validator module to determine if the application component is present and has been tampered with.
  • A non-volatile storage device with a secure area.
  • A basic input/output system (BIOS) security component stored in the secure area, configured to check the integrity of the application component during the boot process.

U.S. Patent No. 8,506,649 - “Electronic Device Security and Tracking System and Method,” Issued August 13, 2013

The Invention Explained

• Problem Addressed: The patent addresses the challenge of securing mobile electronic devices where traditional software, stored on standard, user-accessible memory, could be easily removed or altered after theft, preventing data recovery or device tracking (Compl. ¶36; ’649 Patent, col. 1:24-32).
• The Patented Solution: The invention describes a security application for a mobile device that stores its code, at least in part, in a "system area" of memory that "cannot be modified by the user." Upon receiving a remote notification that the device is lost or stolen, this application can disable certain user functions, copy user data to a remote server for recovery, and continue communicating with the security service (Compl. ¶37, ¶38; ’649 Patent, col. 3:44-60, col. 18:1-19). This is depicted in Figure 45, which shows an "ESTSM Application Component" (4530) residing in a "System Area (Non-Changeable to Normal User)" (4520).
• Technical Importance: This approach enabled persistent security and data recovery on mobile devices by partitioning memory into a user-inaccessible area for critical security code, making the system more resilient to tampering (Compl. ¶37).

Key Claims at a Glance

• The complaint asserts at least independent Claim 1 (Compl. ¶83).
• Claim 1 of the ’649 Patent recites a mobile electronic device with these essential elements:
  • A security application operable to perform operations comprising:
  • Causing the device to periodically communicate with a security service.
  • Accepting a notification from the service indicating the device is lost or a disable is requested.
  • In response, automatically disabling at least one user function while maintaining communication with the service.
  • Automatically causing user data to be copied to a server.
  • The security application uses code residing at least partially in a "system area" of non-volatile memory that "cannot be modified by the user."

Multi-Patent Capsule: U.S. Patent No. 8,516,235

• Patent Identification: U.S. Patent No. 8,516,235, “Basic Input/Output System Read Only Memory Image Integration System and Method,” issued August 20, 2013.
• Technology Synopsis: The patent describes a persistent security system architecture with three distinct components: an application component, a non-viewable component, and a BIOS component. The BIOS component is configured to check the integrity of the other two components during the boot process and automatically restore the application component if it detects tampering, thus ensuring the security function cannot be easily removed (Compl. ¶42, ¶43, ¶44).
• Asserted Claims: At least independent Claim 8 (Compl. ¶88).
• Accused Features: The "Absolute Functionality" in Lenovo devices (Compl. ¶88).

Multi-Patent Capsule: U.S. Patent No. 8,145,892

• Patent Identification: U.S. Patent No. 8,145,892, “Providing an Electronic Device Security and Tracking System and Method,” issued March 27, 2012.
• Technology Synopsis: The technology involves a security system for an electronic device comprising application, non-viewable, and BIOS components that are "substantially distinct" from each other. The system is designed such that after a security service is activated, the BIOS component verifies the presence and integrity of the other components and can automatically restore the application component if it has been compromised (Compl. ¶48, ¶49, ¶50).
• Asserted Claims: At least independent Claim 12 (Compl. ¶93).
• Accused Features: The "Absolute Functionality" in Lenovo devices (Compl. ¶93).

Multi-Patent Capsule: U.S. Patent No. 8,137,410

• Patent Identification: U.S. Patent No. 8,137,410, “Electronic Device Disabling System and Method,” issued March 20, 2012.
• Technology Synopsis: This patent discloses an apparatus and method for device security centered on a "hidden partition" in the device's memory. The system first determines if the hidden partition is valid and, if so, loads a "non-viewable component" from it. This non-viewable component then determines if the main application component loaded correctly during the last power-up and restores it from a backup fileset if it did not (Compl. ¶53, ¶54, ¶55).
• Asserted Claims: At least independent Claim 8 (Compl. ¶98).
• Accused Features: The "Absolute Functionality" in Lenovo devices (Compl. ¶98).

Multi-Patent Capsule: U.S. Patent No. 8,287,603

• Patent Identification: U.S. Patent No. 8,287,603, “Electronic Device With Protection From Unauthorized Utilization,” issued October 16, 2012.
• Technology Synopsis: The invention focuses on a method to prevent a stolen device from booting. It describes an application component that determines if the device is stolen and if it is operating correctly. The application then provides information indicating its correct operation to a BIOS component, which, during a subsequent boot, will prevent the boot from completing if it does not find that information (Compl. ¶59, ¶61).
• Asserted Claims: At least independent Claim 18 (Compl. ¶103).
• Accused Features: The "Absolute Functionality" in Lenovo devices (Compl. ¶103).

Multi-Patent Capsule: U.S. Patent No. 8,128,710

• Patent Identification: U.S. Patent No. 8,128,710, “Electronic Device Security System and Method,” issued March 6, 2012.
• Technology Synopsis: The patent describes a persistent security system that includes the capability to remotely erase data from a stolen device. The system architecture includes an application component, a non-viewable component, and a BIOS component for integrity checks, and further includes steps for presenting an option on a remote device to confirm erasure, accepting that confirmation, and causing the stolen device to erase its non-volatile storage (Compl. ¶65, ¶67).
• Asserted Claims: At least independent Claim 2 (Compl. ¶108).
• Accused Features: The "Absolute Functionality" in Lenovo devices (Compl. ¶108).

III. The Accused Instrumentality

Product Identification

The accused products are Lenovo computers and devices that utilize either "Absolute Functionality" (e.g., Absolute Home & Office, Absolute Computrace Persistence) or "Windows Functionality" (e.g., Microsoft's "Find My Device") (Compl. ¶10, ¶14). The complaint provides an extensive, multi-page list of accused Lenovo product models (Compl. ¶14).

Functionality and Market Context

• The complaint alleges Lenovo sells computers with these two distinct security functionalities. "Absolute Functionality" is described as a persistent security solution where a component, Computrace, is "embedded in the firmware" by Lenovo during manufacturing (Compl. ¶12, ¶74). Once activated, this component is designed to "self-heal" by reinstalling the security software if it is removed, allowing it to survive OS reinstalls or hard drive replacements (Compl. ¶74). A screenshot in the complaint from Absolute's support page explains that Computrace is a component of Absolute Home & Office that enables this self-healing capability (Compl. ¶74). Another graphic alleges this provides "undeletable security" by being "embedded at the factory" (Compl. ¶76).
• "Windows Functionality" refers to Microsoft's "Find My Device" feature included in Windows 10 and 11. This feature allows a user to locate, lock, or send a message to their device by logging into their Microsoft account from a different computer (Compl. ¶71, ¶72). The complaint asserts this functionality relies on a security service residing on Microsoft servers and segregates access to create a "system area that cannot be modified by a user" to prevent tampering (Compl. ¶41, ¶72).

IV. Analysis of Infringement Allegations

U.S. Patent No. 7,590,837 Infringement Allegations

Claim Element (from Independent Claim 1)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
an application component to execute within an OS environment... configured to cause the electronic device to send... a message that contains location information... and... to determine whether the electronic device has been reported stolen...	The Absolute Functionality includes an OS-level software agent that, upon activation, communicates with a server, allowing a user to view the device's location on a map and remotely lock or delete files, which requires a determination of the device's status.	¶74, ¶75	col. 35:45-56
a non-viewable security component in the electronic device comprising a validator module capable of determining whether the application component is present and... has been tampered with	The Absolute Persistence component is allegedly "embedded in the firmware" and can "self-heal our software onto the device if we are removed," which suggests it validates the presence of the application component and detects its absence or tampering.	¶74, ¶76	col. 35:57-65
a non-volatile storage device comprising a secure area; and a basic input/output security (BIOS) component stored in the secure area...	The Absolute Persistence component is allegedly embedded directly into the device BIOS or firmware at the factory, which constitutes a secure, non-volatile storage area.	¶12, ¶74, ¶76	col. 35:66-36:2
the BIOS security component configured to check the integrity of the application component during a boot process for the electronic device.	The "self-heal" capability allegedly ensures that if the main software is removed, the firmware-level component will automatically reinstall it, which implies a process of checking for the software's integrity or presence.	¶74	col. 36:3-7

• Identified Points of Contention:
  • Scope Questions: A primary question may be whether the "Absolute Persistence" component, which resides in modern UEFI firmware, meets the claim construction of a "basic input/output security (BIOS) component" as described in the patent, which has a 2003 priority date.
  • Technical Questions: The case may turn on the specific technical mechanism of the accused "self-heal" feature. The complaint alleges this feature performs an integrity check and restoration, but the precise operation will be subject to discovery and may differ from the specific boot-time integrity check and restoration process required by the claim.

U.S. Patent No. 8,506,649 Infringement Allegations

Claim Element (from Independent Claim 1)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
causing the mobile electronic device to periodically communicate with the security service;	The "Find My Device" feature, when enabled, causes the device to send its identifying information to Microsoft's security service and periodically send its location.	¶41	col. 36:58-62
accepting a notification... indicating that the owner... has reported a loss or requested disabling...	A user can log into their Microsoft account from another device and select an option to "lock" the stolen device, which sends a corresponding command or notification to it.	¶72, ¶41	col. 37:22-30
automatically disabling at least one user function... while still allowing the mobile electronic device to communicate with the security service;	The "lock" feature disables the device in response to the notification, but the device can still communicate with the server to share its location.	¶41	col. 37:31-36
automatically causing at least some user data to be copied from the mobile electronic device to at least one of the servers;	When an owner accesses their Microsoft account, device "details and location" from the owner's account are sent to the server, which the complaint alleges involves copying user data.	¶41	col. 37:37-41
wherein the security application utilizes code residing at least partially in the system area that... cannot be modified by the user...	The complaint alleges that Microsoft provides a "system area that cannot be modified by a user" by "segregating access and not allowing the user access to the administrator area."	¶41	col. 37:42-47

• Identified Points of Contention:
  • Scope Questions: A central dispute will likely involve the term "system area... that cannot be modified by the user." The defense may argue that standard OS file protections do not create the kind of immutable, partitioned memory area contemplated by the patent, which contrasts it with a changeable "file system."
  • Technical Questions: It raises the evidentiary question of whether viewing device "details" on a web portal constitutes "automatically causing at least some user data to be copied from the mobile electronic device," as the claim requires, or if it is merely a status report.

V. Key Claim Terms for Construction

For the '837 Patent and related patents (’235, ’892, etc.):

• The Term: "BIOS security component"
• Context and Importance: The infringement theory against Absolute Functionality hinges on equating a modern UEFI firmware module with the claimed "BIOS component." Practitioners may focus on this term because its construction will determine if the patent's architecture, conceived in the era of legacy BIOS, can read on current technology.
• Intrinsic Evidence for Interpretation:
  • Evidence for a Broader Interpretation: The specification states the component "consists of a small piece of code that resides in the system BIOS ROM image located in a secure non-volatile area," a general description that could encompass firmware ('837 Patent, col. 17:64-67).
  • Evidence for a Narrower Interpretation: The patent repeatedly refers to the "BIOS" and its specific boot process (e.g., POST), which could be used to argue the claim is limited to the specific legacy BIOS environment and does not extend to the more complex and distinct UEFI firmware environment ('837 Patent, col. 18:10-14).

For the '649 Patent:

• The Term: "system area... that cannot be modified by the user"
• Context and Importance: This term is critical for the infringement allegation against Microsoft's "Find My Device." The viability of this part of the case depends on whether standard Windows OS protections create a legally sufficient "system area."
• Intrinsic Evidence for Interpretation:
  • Evidence for a Broader Interpretation: The patent specification describes this area as "non-changeable to a normal user" ('649 Patent, Fig. 45), language that Plaintiff may argue covers OS-protected directories that a non-administrator user cannot alter.
  • Evidence for a Narrower Interpretation: Figure 45 of the patent depicts the "System Area" as physically distinct from the "Changeable Area (Acts Like File System)." This suggests a hardware- or firmware-level partition, not merely software-based permissions that an administrator ("the user") could potentially overcome.

VI. Other Allegations

Indirect Infringement

The complaint alleges inducement of infringement across all asserted patents. The factual basis is that Lenovo allegedly encourages customers to use the accused features by "providing, inter alia, functionality, instructions, user manuals and other documentation" (Compl. ¶80, ¶85). The complaint provides hyperlinks to Lenovo and Verizon websites that allegedly encourage activation of Absolute Functionality and use of Find My Device (Compl. ¶23).

Willful Infringement

Plaintiff alleges willful infringement and seeks enhanced damages (Compl. ¶112.B-C). The complaint asserts that Lenovo had knowledge of the asserted patents "at least as early as the filing of this Complaint" (Compl. ¶15), which supports a claim for post-filing willfulness.

VII. Analyst’s Conclusion: Key Questions for the Case

• Architectural Equivalence: A core technical question will be whether the accused "Absolute Persistence Technology," which is embedded in modern UEFI firmware, is structurally and functionally equivalent to the "BIOS security component" architecture that was described in patents with a 2003 priority date and rooted in the legacy BIOS environment of that era.
• Definitional Scope: For the allegations involving Microsoft's "Find My Device," a key legal question is one of definitional scope: can standard, permission-based operating system file protections be construed as creating a "system area... that cannot be modified by the user," as required by claims like Claim 1 of the '649 patent, or does the patent require a more fundamental, hardware-level partition?
• Impact of IPR and Family Validity: The post-filing disclaimer of all claims of the '649 Patent in an IPR proceeding introduces a significant issue. While this action resolves the dispute over the '649 patent, it raises the question of whether the invalidity arguments raised in that proceeding could be successfully applied to the remaining six asserted patents, which arise from the same family and share a common specification.