DCT
6:21-cv-00737
Ancora Tech Inc v. Roku Inc
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: Ancora Technologies, Inc. (Delaware)
- Defendant: Roku, Inc. (Delaware)
- Plaintiff’s Counsel: Susman Godfrey LLP; Parker, Bunt & Ainsworth, P.C.
- Case Identification: 6:21-cv-00737, W.D. Tex., 07/16/2021
- Venue Allegations: Venue is asserted based on Defendant Roku, Inc. maintaining a regular and established place of business within the Western District of Texas.
- Core Dispute: Plaintiff alleges that Defendant’s streaming devices and televisions, through their over-the-air (OTA) software update mechanism, infringe a patent directed to a method for securely verifying and restricting software operation.
- Technical Context: The technology at issue involves using a hardware-rooted key, stored in a device's non-volatile memory, to authenticate software before it is executed, a foundational concept in digital rights management and secure boot processes.
- Key Procedural History: The complaint notes that the patent-in-suit has an extensive litigation history against numerous technology companies. It has survived multiple validity challenges, including a reexamination, a rejected Covered Business Method (CBM) review petition at the Patent Trial and Appeal Board, and a Federal Circuit decision holding the asserted claim patent-eligible under 35 U.S.C. § 101. The complaint also cites several prior claim construction orders from other district courts.
Case Timeline
| Date | Event |
|---|---|
| 1998-05-21 | '941 Patent Priority Date |
| 2002-06-25 | '941 Patent Issue Date |
| 2004-12-21 | '941 Patent assigned to Ancora Technologies, Inc. |
| 2010-06-01 | '941 Patent Reexamination Certificate Issued |
| 2021-07-16 | Complaint Filing Date |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 6,411,941 - "Method of Restricting Software Operation Within a License Limitation," issued June 25, 2002
The Invention Explained
- Problem Addressed: The patent addresses the problem of software piracy and the inadequacy of purely software-based protection schemes, which are vulnerable to "hackers." It also notes that hardware-based solutions like external "dongles" are often expensive and inconvenient for users (ʼ941 Patent, col. 1:11-35).
- The Patented Solution: The invention proposes a method to tie a software license to a specific computer's hardware. This is achieved by using a unique key stored in a non-modifiable, non-volatile portion of the computer's BIOS (e.g., ROM). A license record for a given program is encrypted with this key and stored in a separate, modifiable non-volatile memory (e.g., E2PROM or Flash memory). Before running the program, a verifier checks if the program is authorized by using the hardware key to validate the encrypted license record. This creates a security check rooted in the hardware itself (ʼ941 Patent, Abstract; col. 1:46-col. 2:29).
- Technical Importance: The described method offered a model for integrated, hardware-rooted software security that did not rely on external physical tokens, aiming to provide a more robust defense against unauthorized software duplication than was common at the time (ʼ941 Patent, col. 3:5-18).
Key Claims at a Glance
- The complaint asserts infringement of at least Claim 1.
- Independent Claim 1 recites a method with the following essential elements:
- A method for use with a computer having an erasable, non-volatile BIOS memory area and a volatile memory area.
- Selecting a program that resides in the volatile memory.
- Using an agent to set up a "verification structure" in the erasable, non-volatile memory of the BIOS, where the structure contains at least one "license record."
- Verifying the program using the verification structure from the BIOS memory.
- Acting on the program based on the outcome of the verification.
III. The Accused Instrumentality
Product Identification
The complaint names the Roku Ultra as a representative accused product, along with a broad list of other Roku streaming players, sticks, and televisions manufactured by partners such as TCL, Hisense, and Philips (Compl. ¶¶ 28-29).
Functionality and Market Context
The accused functionality is the over-the-air (OTA) software update system for Roku OS (Compl. ¶27). The complaint alleges that Roku servers transmit software updates to the accused devices, which are configured to automatically download, verify, and install them (Compl. ¶31). This process is described as a "pre-configured software update process" that users are required to accept to maintain device functionality and security, as stated in Roku's End User License Agreement (Compl. ¶¶ 31, 47-48). A screenshot from Roku's developer documentation describes a "roRegistry" as an area of non-volatile storage for persistent settings, which the complaint alleges is an example of the claimed BIOS memory (Compl. ¶32, p. 9).
IV. Analysis of Infringement Allegations
'941 Patent Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| a method...with a computer including an erasable, non-volatile memory area of a BIOS of the computer, and a volatile memory area | The Roku Ultra device contains flash memory (erasable, non-volatile) and RAM (volatile). The complaint alleges the "Registry" partition within the flash memory functions as the claimed "erasable, non-volatile memory area of a BIOS." | ¶32, ¶35 | col. 6:61-63 |
| selecting a program residing in the volatile memory | After an OTA update is downloaded, the Roku device is configured to reboot and load the update into its volatile memory (RAM) to begin the secure boot and verification process. | ¶39 | col. 6:64-65 |
| using an agent to set up a verification structure in the erasable, non-volatile memory of the BIOS...accommodating...at least one license record | Roku’s OTA servers transmit a software update file to the device, which is saved to the device's flash memory (the alleged BIOS). This update file, containing cryptographic elements like a SHA-1 checksum, constitutes the "verification structure" and "license record." | ¶34, ¶36 | col. 6:66-col. 7:2 |
| verifying the program using at least the verification structure from the erasable non-volatile memory of the BIOS | As part of its secure boot process, the Roku device uses a public key to verify the signature of the OTA update stored in flash memory. The complaint provides source code, such as the "aimage_v1_process" function, as an example of this verification. | ¶39-¶40 | col. 7:3-4 |
| acting on the program according to the verification | If the OTA update's signature is successfully verified, the Roku device proceeds to install and execute the new software; otherwise, the process would be halted. | ¶42 | col. 7:4 |
- Identified Points of Contention:
- Scope Questions: The central dispute may turn on claim construction. A primary question is whether the term "BIOS," as described in a patent from the late 1990s in the context of a "conventional computer" (ʼ941 Patent, col. 1:47), can be construed to read on the firmware architecture and specific memory partitions (e.g., "Registry") of a modern, embedded-system streaming device (Compl. ¶32). Another question is whether a cryptographic artifact like a checksum or digital signature (Compl. ¶37) qualifies as a "license record" as that term is used in the patent.
- Technical Questions: A key factual question is whether the accused process aligns with the claim steps. For instance, the complaint alleges Roku's open-source documentation shows an automatic update process from a TFTP server where a verified update is stored in Flash (Compl. ¶34, p. 10). The court will have to determine whether this process of receiving and storing a signed file in flash memory constitutes "setting up a verification structure in the erasable, non-volatile memory of the BIOS" as claimed.
V. Key Claim Terms for Construction
The Term: "BIOS"
- Context and Importance: This term appears in multiple limitations of the asserted claim and is foundational to the infringement theory. The viability of the plaintiff's case may depend on construing "BIOS" to cover the firmware and flash memory system of the accused Roku devices. Practitioners may focus on this term because the complaint maps it to a "Registry" partition in a modern streaming device, which differs from the "conventional BIOS module" of a 1990s-era personal computer described in the patent (ʼ941 Patent, col. 1:48-49; Compl. ¶32).
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The specification describes the BIOS as having multiple parts, including a first non-volatile area (like ROM) and a "second non-volatile section...e.g. E2PROM" that is erasable (ʼ941 Patent, col. 1:65-col. 2:2). This could support an argument that "BIOS" refers generally to a system of non-volatile firmware storage rather than a specific, monolithic component.
- Evidence for a Narrower Interpretation: The patent repeatedly refers to a "conventional computer" and its "conventional BIOS module" (ʼ941 Patent, col. 1:47-49). This language could be used to argue that the term's meaning is tied to the specific PC architecture understood at the time of the invention and does not extend to the firmware of modern embedded devices.
The Term: "license record"
- Context and Importance: The definition of this term is critical for determining whether the data within the alleged "verification structure"—such as SHA-1 checksums and RSA signatures (Compl. ¶¶34, 37)—meets the claim requirements.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The patent states that the "manufacturer of the licensed-software-program may specify the license-record format" (ʼ941 Patent, col. 4:41-43), suggesting flexibility. The claim itself only requires that the verification structure accommodate "data that includes at least one license record" (ʼ941 Patent, col. 7:1-2).
- Evidence for a Narrower Interpretation: The primary example of a license record in the specification includes "author name, program name and number of licensed users" (ʼ941 Patent, col. 1:55-57). This could support an argument that a "license record" must contain commercial or user-facing licensing information, not just a cryptographic token used for technical verification.
VI. Other Allegations
- Indirect Infringement: The complaint alleges that Roku "caused to be performed each of the Claim 1 steps" by providing the OTA updates (Compl. ¶43). It further alleges that Roku requires users to accept these updates via its End User License Agreement to maintain device functionality, which may support a claim for induced infringement (Compl. ¶¶ 46-48). The allegations that Roku controls the OTA servers and determines the timing of updates also suggest a theory of direct infringement by a single, divided actor (Compl. ¶¶ 52-53).
- Willful Infringement: The complaint does not contain a separate count for willful infringement or plead specific facts related to pre-suit knowledge. However, it does request enhanced damages under 35 U.S.C. § 284 in the prayer for relief (Compl. p. 15, ¶B).
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of definitional scope: can the term "BIOS," which is rooted in the patent's description of a "conventional computer" from the 1990s, be construed to encompass the distributed firmware and flash memory partitions of a modern, embedded streaming device as alleged by the Plaintiff?
- A central evidentiary question will be one of technical mapping: does Roku's automated process of delivering a signed software update file to a device's flash memory for verification constitute "setting up a verification structure in the erasable, non-volatile memory of the BIOS" as specifically required by the claim language, or is there a fundamental mismatch in the location and nature of the technologies?