QuickVault Inc v. Oracle Corp

I. Executive Summary and Procedural Information

• Parties & Counsel:
  • Plaintiff: QuickVault, Inc. (Georgia)
  • Defendant: Oracle Corporation (Delaware)
  • Plaintiff’s Counsel: OhanianIP; Hill, Kertscher & Wharton, LLP
• Case Identification: 1:23-cv-01522, W.D. Tex., 03/01/2024
• Venue Allegations: Venue is alleged to be proper in the Western District of Texas because Defendant Oracle resides in the district, maintains a regular and established place of business, and has committed alleged acts of infringement there.
• Core Dispute: Plaintiff alleges that Defendant’s Oracle Cloud Infrastructure Platform infringes seven patents related to forensic data tracking, security, and remote data access.
• Technical Context: The technology concerns cybersecurity systems designed to track and control sensitive data across computer networks, including on user endpoints and in cloud environments, to prevent unauthorized data leakage.
• Key Procedural History: This filing is an Amended Complaint. The complaint alleges that Defendant has had knowledge of the asserted patents and its alleged infringement since at least the filing of the original complaint in this case.

Case Timeline

Date	Event
2008-05-16	Priority Date for ’029 and ’437 Patents
2014-09-12	Priority Date for ’200, ’092, ’300, ’840, and ’125 Patents
2017-02-07	U.S. Patent No. 9,565,200 Issued
2018-05-01	U.S. Patent No. 9,961,092 Issued
2021-05-04	U.S. Patent No. 10,999,300 Issued
2023-01-31	U.S. Patent No. 11,568,029 Issued
2023-04-25	U.S. Patent No. 11,637,840 Issued
2024-01-23	U.S. Patent No. 11,880,437 Issued
2024-02-06	U.S. Patent No. 11,895,125 Issued
2024-03-01	Amended Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,565,200 - "Method and System for Forensic Data Tracking" (Issued Feb. 7, 2017)

The Invention Explained

• Problem Addressed: The patent addresses the problem of sensitive data, such as protected health information (PHI), leaking outside of an organization's secure environment (Compl. ¶2-3; ’300 Patent, col. 2:28-34). Existing security measures like firewalls and encryption often fail to prevent breaches or track data once it has left the protected network (’300 Patent, col. 2:41-52).
• The Patented Solution: The invention is a "Forensic Computing Platform" that uses software agents on endpoint devices to scan for, classify, and track sensitive files (’300 Patent, col. 3:4-17). The agent sends a "meta log" containing details about the file (e.g., name, classification, user) to a central cloud control server, which analyzes the data, applies policies, and can generate alerts or reports, thereby tracking the movement of data elements between authorized and unauthorized devices (’300 Patent, Abstract; Fig. 1).
• Technical Importance: This technology aims to provide visibility and control over sensitive data even after it moves beyond the traditional corporate security perimeter (Compl. ¶4; ’300 Patent, col. 2:53-59).

Key Claims at a Glance

• The complaint asserts independent claim 1 (Compl. ¶31).
• Essential elements of claim 1 (a system claim) include:
  • A cloud control server with an analytic component, reporting component, policy database, and meta database.
  • At least one endpoint with a deployed software agent.
  • The system is configured to receive a meta log from the endpoint, store it, analyze it against a policy, and report the results.
• The complaint does not explicitly reserve the right to assert other claims of the ’200 Patent.

U.S. Patent No. 9,961,092 - "Method and System for Forensic Data Tracking" (Issued May 1, 2018)

The Invention Explained

• Problem Addressed: As with the related ’200 Patent, this invention targets the technical challenge of preventing and tracking the unauthorized movement of regulated or confidential data, which conventional security tools often fail to control once the data has been copied or transmitted outside the secure network (Compl. ¶3; ’300 Patent, col. 2:28-52).
• The Patented Solution: The patent describes a method for forensic data tracking where an agent on a first endpoint sends a meta log with file details to a cloud server, which stores and analyzes the data based on configured policies (’300 Patent, col. 3:18-30; Fig. 2). The system can then receive header records from a second endpoint that has received the file, allowing the platform to track the file's movement between devices (’300 Patent, Fig. 2, item 2.4).
• Technical Importance: The method provides a mechanism for continuously monitoring data provenance, allowing organizations to understand the context, origin, and viewership of sensitive information across different devices and users (’300 Patent, col. 2:63-67).

Key Claims at a Glance

• The complaint asserts independent claim 1 (Compl. ¶41).
• Essential elements of claim 1 (a method claim) include:
  • Receiving configuration settings from an administrator.
  • Receiving from a first endpoint a meta log containing file name, classification, tags, date, user name, and endpoint ID.
  • Storing the meta log in a cloud control server meta database.
  • Analyzing the data based on the configured settings and policy.
  • Alerting and reporting the results of the analysis.
• The complaint does not explicitly reserve the right to assert other claims of the ’092 Patent.

U.S. Patent No. 10,999,300 - "Method and System for Forensic Data Tracking" (Issued May 4, 2021)

• Technology Synopsis: Belonging to the same family as the ’200 and ’092 patents, this patent discloses a system and method for tracking data elements as they move between devices. It focuses on using endpoint agents to create and transmit "meta logs" to a central server for policy-based analysis and alerting (Compl. ¶4; ’300 Patent, Abstract).
• Asserted Claims: Claim 1 (Compl. ¶51).
• Accused Features: The Oracle Cloud Infrastructure's alleged deployment of software on endpoints to detect, classify, track data, and enable remote remediation of policy violations (Compl. ¶6).

U.S. Patent No. 11,637,840 - "Method and System for Forensic Data Tracking" (Issued April 25, 2023)

• Technology Synopsis: This patent is also part of the "Forensic Data Tracking" family. It describes a system for monitoring endpoints, classifying data according to policy, and tracking data movement to provide visibility and control over sensitive information (Compl. ¶4; ’840 Patent, Abstract).
• Asserted Claims: Claims 1 and 13 (Compl. ¶61).
• Accused Features: The functions of the Oracle Cloud Infrastructure platform related to endpoint monitoring, data classification, and remediation of policy violations (Compl. ¶6).

U.S. Patent No. 11,568,029 - "Method and System for Remote Data Access" (Issued January 31, 2023)

• Technology Synopsis: This patent addresses secure remote data access, particularly through multi-factor authentication. The system uses a mobile device as an authentication factor to control access to data stored on a remote server, thereby creating a secure framework for data sharing and retrieval (’029 Patent, Abstract).
• Asserted Claims: Claim 1 (Compl. ¶71).
• Accused Features: The Oracle Cloud Infrastructure's multifactor authentication system for managing user and administrator access (Compl. ¶6, 69).

U.S. Patent No. 11,880,437 - "Method and System for Remote Data Access" (Issued January 23, 2024)

• Technology Synopsis: Related to the ’029 Patent, this patent also concerns secure remote data access. The technology focuses on methods for securely storing, retrieving, and sharing data between PCs and mobile devices by controlling and tracking data movement through a central system (’437 Patent, Abstract).
• Asserted Claims: Claim 1 (Compl. ¶81).
• Accused Features: The multifactor authentication system within the Oracle Cloud Infrastructure platform (Compl. ¶6, 79).

U.S. Patent No. 11,895,125 - "Method and System for Forensic Data Tracking" (Issued February 6, 2024)

• Technology Synopsis: This patent is part of the "Forensic Data Tracking" family and describes systems for tracking data elements across authorized and unauthorized devices. It employs endpoint agents and a central server to provide forensic visibility into data movement (’125 Patent, Abstract).
• Asserted Claims: Claim 1 (Compl. ¶91).
• Accused Features: The Oracle Cloud Infrastructure's alleged functions of deploying endpoint software for data detection, classification, tracking, and policy violation remediation (Compl. ¶6).

III. The Accused Instrumentality

• Product Identification: The Oracle Cloud Infrastructure (“OCI”) Platform (Compl. ¶5).
• Functionality and Market Context: The complaint alleges that a central aspect of the OCI Platform is the deployment of software on endpoints to perform security functions (Compl. ¶6). These functions allegedly include detecting, classifying, and tracking data, as well as enabling remote administrators to monitor for and remediate policy violations (Compl. ¶6). The complaint further alleges that the OCI Platform utilizes a multifactor authentication system for managing access (Compl. ¶6).

IV. Analysis of Infringement Allegations

The complaint references, but does not include, detailed infringement analysis in Exhibits F-N (Compl. ¶31, 41, 51, 61, 71, 81, 91). The narrative infringement theory is summarized below.

• Summary of Infringement Theory (’200 and ’092 Patents): The complaint alleges that the OCI Platform directly infringes claims of the asserted patents by providing services that perform the claimed functions (Compl. ¶29, 39). Specifically, it alleges that OCI’s deployment of software on endpoints to "detect, classify, and track data" and "monitor and remediate policy violations" practices the limitations of the asserted claims (Compl. ¶6). The complaint also alleges that Oracle induces its customers to infringe by providing the OCI Platform and instructional documentation that encourages customers to use the platform in an infringing manner (Compl. ¶34, 36, 44, 46). Knowledge of the patents is alleged to have been established by the filing of the original complaint (Compl. ¶35, 45).
• Identified Points of Contention:
  • Scope Questions: The patents describe a specific "Forensic Computing Platform." A central question for the court may be whether Oracle’s broad OCI Platform, which offers over 100 services, constitutes the specific integrated system required by the claims, or if the complaint combines disparate OCI services to meet the claim limitations.
  • Technical Questions: The complaint alleges that OCI performs functions like "detect, classify, and track data" (Compl. ¶6). A key technical question will be what evidence demonstrates that OCI’s functions match the specific steps required by the claims, such as the creation and transmission of a "meta log" containing the particular data elements recited in claim 1 of the ’200 Patent.

V. Key Claim Terms for Construction

• The Term: "meta log" (asserted in claims of the ’200 and ’092 Patents).

• Context and Importance: This term appears to define the core data structure transmitted from an endpoint to the cloud server for analysis. Its construction will be critical to determining infringement, as the dispute may center on whether the telemetry or monitoring data generated by the OCI Platform qualifies as the claimed "meta log."

• Intrinsic Evidence for Interpretation:

  • Evidence for a Broader Interpretation: Claim 1 of the ’200 Patent defines the term functionally, by what it contains: "a meta log containing one or more of a file name, data classification, data element tags, date created or modified, user name, and endpoint ID." This language may support an interpretation that covers any data packet containing the recited information, regardless of its specific format.
  • Evidence for a Narrower Interpretation: The specification describes the meta log being sent to a "Cloud Control Server" and stored in a "cloud control server meta database" (’300 Patent, Fig. 2). A party could argue that this context implies a specific, structured data record designed for the claimed forensic system, not just any general-purpose security or operational data generated by a cloud platform.

• The Term: "endpoint" (asserted in claims of the ’200 and ’092 Patents).

• Context and Importance: The invention is premised on monitoring and controlling data on "endpoints." Practitioners may focus on this term because the definition will determine which parts of a complex cloud infrastructure (e.g., user devices, virtual machines, servers) fall within the scope of the claims.

• Intrinsic Evidence for Interpretation:

  • Evidence for a Broader Interpretation: The specification provides a broad definition, stating that endpoints "may include but are not limited to PCs, MACs, mobile phones, smart phones, tablet computing devices, servers, computing appliances, medical devices, cameras," and other devices (’300 Patent, col. 3:61-67). This language could support reading the term on a wide range of devices within the OCI ecosystem.
  • Evidence for a Narrower Interpretation: A party might argue that the patent's focus on data leakage from an enterprise (’300 Patent, col. 2:28-40) implies that an "endpoint" should be construed as a device at the edge of a network where a user interacts with data, potentially distinguishing it from a server that is part of the central cloud infrastructure itself.

VI. Other Allegations

• Indirect Infringement: The complaint alleges that Oracle actively induces infringement by providing the OCI Platform to its customers and publishing documentation that allegedly instructs them on how to use the platform in an infringing manner (Compl. ¶34, 36, 44, 46). Knowledge is alleged to exist at least as of the filing of the original complaint (Compl. ¶35, 45).
• Willful Infringement: The complaint does not explicitly allege willful infringement. However, it does request a finding that the case is "exceptional" under 35 U.S.C. § 285, which may suggest an intent to seek enhanced damages or attorneys' fees (Compl., Prayer for Relief ¶E).

VII. Analyst’s Conclusion: Key Questions for the Case

No probative visual evidence provided in complaint.

• A core issue will be one of technical specificity: what evidence will be presented to demonstrate that specific services within the Oracle Cloud Infrastructure platform perform the discrete, multi-step methods of the asserted claims? The case may turn on whether the general data monitoring and security functions of a large-scale cloud platform can be mapped to the specific "meta log" creation, transmission, and policy-based analysis recited in the patents.
• A second key question will be one of architectural scope: can the patents, which describe an integrated "Forensic Computing Platform," be construed to read on a multifaceted cloud service offering like OCI? The dispute may focus on whether OCI as a whole, or a combination of its services used by a customer, constitutes the claimed "system" for forensic data tracking and remote access.