DataCloud Tech LLC v. Trend Micro Inc

I. Executive Summary and Procedural Information

• Parties & Counsel:
  • Plaintiff: DataCloud Technologies, LLC (Georgia)
  • Defendant: Trend Micro Inc. (California)
  • Plaintiff’s Counsel: Rozier Hardt McDonough PLLC
• Case Identification: 6:23-cv-00289, W.D. Tex., 04/19/2023
• Venue Allegations: Plaintiff alleges venue is proper because Defendant maintains a regular and established place of business in the district and has committed alleged acts of infringement there.
• Core Dispute: Plaintiff alleges that Defendant’s various software applications, network security products, and website infrastructure infringe five patents related to data organization, remote file access, and anonymous network communication.
• Technical Context: The patents address foundational technologies for managing and securing data in networked environments, including methods for organizing information, enabling remote control over data, and providing user anonymity online.
• Key Procedural History: The complaint alleges that Defendant was made aware of the patent portfolio via a letter from Plaintiff's licensing agent on November 17, 2021, and subsequent emails, which may form a basis for allegations of willful infringement.

Case Timeline

Date	Event
2000-01-28	U.S. Patent No. 6,651,063 Priority Date
2000-04-04	U.S. Patent No. 7,209,959 Priority Date
2003-11-18	U.S. Patent No. 6,651,063 Issues
2007-03-13	U.S. Patent No. 8,370,457 Priority Date
2007-03-23	U.S. Patent No. 7,398,298 Priority Date
2007-04-24	U.S. Patent No. 7,209,959 Issues
2008-07-08	U.S. Patent No. 7,398,298 Issues
2012-12-31	U.S. Patent No. 8,762,498 Priority Date
2013-02-05	U.S. Patent No. 8,370,457 Issues
2014-06-24	U.S. Patent No. 8,762,498 Issues
2021-11-17	Plaintiff's agent allegedly sends letter making Defendant aware of patent portfolio
2023-04-19	Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 6,651,063 - Data Organization And Management System And Method (issued November 18, 2003)

The Invention Explained

• Problem Addressed: The patent’s background describes the difficulty faced by businesses and consumers in collecting and organizing the "proliferation of information," such as product manuals, warranties, and service guides, noting that existing storage methods are often "cumbersome, decentralized and otherwise inefficient." (’063 Patent, col. 1:15-25, 46-49).
• The Patented Solution: The invention proposes a system where the provider of information sends it to a recipient in a pre-categorized format. This "information pack" contains a "category identifier" that allows it to be automatically filed in the correct location within the recipient's "User Data Repository." The system also allows the user to create their own "custom" categories and communicate this preference back to the provider for future automatic filing. (’063 Patent, Abstract; col. 3:21-4:12).
• Technical Importance: This approach aimed to shift the primary burden of information categorization from the end-user to the information provider, streamlining data management in an era of increasing digital information. (’063 Patent, col. 2:5-11).

Key Claims at a Glance

• The complaint asserts infringement of at least independent method claim 4 (Compl. ¶24).
• The essential elements of claim 4 include:
  • storing information in an "information pack";
  • associating the pack with a user destination address, a category identifier, and a provider identifier;
  • communicating the pack to a user data repository where it is located based on the category identifier;
  • creating a "custom location" in the repository and placing the pack there;
  • associating a "custom category identifier" with the pack; and
  • sending a "custom category signal" to a processing station to direct future packs from the same provider to the custom location.
• The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 7,209,959 - Apparatus, System, And Method For Communicating To A Network Through A Virtual Domain Providing Anonymity To A Client Communicating On The Network (issued April 24, 2007)

The Invention Explained

• Problem Addressed: The patent identifies privacy threats on the internet, where a user's information can be recorded and traced. It notes that conventional solutions like proxy servers are limited because they still link activity to a single, albeit alternate, identity. (’959 Patent, col. 1:56-2:6).
• The Patented Solution: The invention describes a "DNS Misdirection" architecture involving three distinct algorithmic components: a "deceiver," a "controller," and a "forwarder." A client's request is intercepted by the deceiver and passed to the controller. The controller identifies the true destination, selects an available forwarder, and then tells the deceiver to direct the client's traffic to that forwarder. The forwarder relays communication between the client and the destination, effectively masking the true IP addresses of both parties from each other for that session. (’959 Patent, Abstract; col. 2:35-49).
• Technical Importance: The technology proposed a dynamic, multi-stage architecture for anonymizing network traffic that aimed to be more robust than static proxy servers by creating session-specific, intermediated communication paths. (’959 Patent, col. 2:35-49).

Key Claims at a Glance

• The complaint asserts infringement of at least independent method claim 1 (Compl. ¶35).
• The essential elements of claim 1 include:
  • setting up a forwarding session using a "forwarder" disposed between a client and a destination server;
  • implementing the session such that neither the client nor the destination server is aware of the forwarder;
  • employing a "controller" that communicates with the forwarder and a domain name server (DNS) to resolve the destination's name;
  • employing a "deceiver" that receives the client's initial request and triggers the controller to query the DNS; and
  • initiating the forwarding session in response to the controller receiving an answer from the DNS.
• The complaint does not explicitly reserve the right to assert dependent claims.

Multi-Patent Capsule: U.S. Patent No. 7,398,298

• Patent Identification: U.S. Patent No. 7,398,298, Remote Access and Retrieval of Electronic Files, issued July 8, 2008 (Compl. ¶40).
• Technology Synopsis: The patent addresses the problem of users lacking remote control over data directory structures. The invention provides a system where a remote computing application, using a "profile data store" to manage permissions, allows participating users to remotely view and modify not just data files but also the directory structures in which they are stored. (’298 Patent, Abstract; col. 2:36-55).
• Asserted Claims: At least independent method claim 13 (Compl. ¶46).
• Accused Features: The TippingPoint™ Security Management System is accused. The complaint alleges its "Dashboard" application allows users with different roles to manage accounts and permissions stored in a "secure SQL server/database," which allegedly constitutes the claimed method of remotely controlling data directory structures. (Compl. ¶47).

Multi-Patent Capsule: U.S. Patent No. 8,370,457

• Patent Identification: U.S. Patent No. 8,370,457, Network Communication Through A Virtual Domain, issued February 5, 2013 (Compl. ¶51).
• Technology Synopsis: This patent, related to the ’959 Patent, describes a method for creating an anonymous communication channel. It discloses establishing a "forwarding internet protocol (IP) address" for a "pre-defined combination" of a client IP address and a destination IP address. When a request matching this combination is identified, the system forwards the request via the established forwarding IP address. (’457 Patent, Claim 9; col. 1:11-17).
• Asserted Claims: At least independent method claim 9 (Compl. ¶57).
• Accused Features: The EdgeIPS™ product is accused. The complaint alleges that its "advanced firewall settings" establish a "translated IP address" for a pre-defined combination of a client and destination IP, and then forward data requests matching that combination to the destination. (Compl. ¶58).

Multi-Patent Capsule: U.S. Patent No. 8,762,498

• Patent Identification: U.S. Patent No. 8,762,498, Apparatus, System, And Method For Communicating To A Network Through A Virtual Domain, issued June 24, 2014 (Compl. ¶62).
• Technology Synopsis: Also related to the ’959 Patent, this invention describes a method where a "controller device" determines a destination IP address based on a "virtual namespace destination address" (e.g., a domain name). The controller establishes a correlation between this destination IP and a "forwarder IP address" and instructs the forwarder to send the request data to the destination, creating a virtual domain. (’498 Patent, Claim 1; col. 1:21-26).
• Asserted Claims: At least independent method claim 1 (Compl. ¶68).
• Accused Features: Trend Micro websites using TLS v1.2 or v1.3 are accused. The complaint alleges that a "router" acts as the controller to determine a destination IP from a virtual name, correlates it with a forwarder IP, and instructs a "WWW server and SNI Routing" to send the request data. (Compl. ¶69).

III. The Accused Instrumentality

• Product Identification: The complaint names a wide range of accused instrumentalities, which can be grouped into four categories:
  1. Trend Micro™ Android Apps (e.g., VPN Proxy One Pro, Password Manager) (Compl. ¶16).
  2. Trend Micro's website infrastructure (including sites using TLS 1.2 or 1.3) (Compl. ¶16, ¶36).
  3. TippingPoint™ Security Management System (Compl. ¶16).
  4. EdgeIPS™ network security appliance (Compl. ¶16).
• Functionality and Market Context:
  • The accused products provide a variety of data management and network security functions. The Android apps are alleged to store and control access to data in a repository (Compl. ¶25). The website infrastructure is alleged to use a multi-component architecture (router, firewall, server switch) to handle client requests anonymously (Compl. ¶36). The TippingPoint SMS is described as a system for remote, role-based management of network security policies and data (Compl. ¶47). The EdgeIPS appliance is alleged to use advanced firewall settings to translate and forward IP traffic based on pre-defined rules (Compl. ¶58).
  • The complaint does not provide specific details on the commercial importance of these products but identifies them as part of Defendant's core business offerings in consumer and enterprise security.
  • No probative visual evidence provided in complaint.

IV. Analysis of Infringement Allegations

6,651,063 Patent Infringement Allegations

Claim Element (from Independent Claim 4)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
storing information to be provided in an information pack	Storing information by "uploading to servers/saving image files" which is referred to as an "information pack."	¶25	col. 24:28-29
associating with said information pack at least a user destination address... and a category identifier... [and] a provider identifier	The "information pack" is associated with "the address of a data repository, a category identifier (e.g., 'data' directory), and a provider identifier (Trend Micro)."	¶25	col. 24:30-36
communicating said information pack by means of a network to said user data repository	"The information pack is sent to the specified data repository..."	¶25	col. 24:37-39
creating a custom location in said user data repository; placing said information pack in said custom location	"...a file folder in the relevant Trend Micro™ Apps directory is reserved for information..."	¶25	col. 24:48-50
associating a custom category identifier with said information pack	A "custom category identifier" is assigned, which "can be the digital signature for the relevant Trend Micro™ Apps."	¶25	col. 24:51-52
sending a custom category signal to a processing station... whereby subsequent of said information packs from said provider are placed in said custom location	The custom category identifier (digital signature) is subsequently used to identify other information packs (e.g., app updates from the same author) that should be stored in the same location.	¶25	col. 24:53-55

• Identified Points of Contention:
  • Scope Questions: Does the term "information pack", as described in the patent in the context of discrete consumer transactions (e.g., car purchases, prescriptions), read on the general data handling and file uploads of a software application as alleged? (Compl. ¶25).
  • Technical Questions: What evidence does the complaint provide that an application's "digital signature" functions as a "custom category identifier" that is communicated to a "processing station" to direct the placement of future, distinct "information packs" (e.g., app updates) in the specific manner required by the claim? (Compl. ¶25).

7,209,959 Patent Infringement Allegations

Claim Element (from Independent Claim 1)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
in response to a request by a client to initiate communication with a destination website	A client initiates a request (e.g., "Client Hello") to a destination website (e.g., www.trendmicro.com).	¶36	col. 5:48-50
setting up a forwarding session... employing a forwarder disposed between the client and the destination server	A forwarding session is set up from the internet to a WWW server, employing a "front-end server switch" as the forwarder.	¶36	col. 5:51-56
wherein the forwarding session is set up and implemented such that neither the client or the destination server is aware of the employment of the forwarder	The WWW server has a direct TCP connection with a local IP address and a client IP address, which are different, allegedly making neither party aware of the forwarder.	¶36	col. 6:2-6
employing a controller configured to communicate with the forwarder and a domain name server	A "firewall" is employed as the controller, communicating with the "front-end server switch" (the forwarder) and a DNS.	¶36	col. 6:7-10
employing a deceiver configured to communicate with the controller and the client... wherein the deceiver receives the request by the client	A "router" is employed as the deceiver, communicating with the firewall (controller) and the client, and receiving the client's initial request.	¶36	col. 6:11-17

• Identified Points of Contention:
  • Scope Questions: The infringement theory relies on mapping standard network hardware (router, firewall, switch) onto the patent's specific architectural roles of "deceiver", "controller", and "forwarder". A central question will be whether these generic components can be construed to meet the specific functional definitions of the claimed terms.
  • Technical Questions: Does the alleged architecture operate in the same way as the claimed invention? The complaint alleges a series of communications between these components, but it raises the question of whether a standard load-balanced web server architecture actually performs the specific "DNS Misdirection" algorithm taught by the patent, or if there is a functional mismatch. (Compl. ¶36).

V. Key Claim Terms for Construction

For the ’063 Patent:

• The Term: "information pack"
• Context and Importance: The infringement case for the '063 Patent hinges on whether the data handled by the accused apps qualifies as a claimed "information pack". Practitioners may focus on this term because the complaint equates it with general "uploading to servers/saving image files," which may be a broader interpretation than the patent's examples support.
• Intrinsic Evidence for Interpretation:
  • Evidence for a Broader Interpretation: The claims define the pack by its contents and associations: stored information associated with identifiers for category, provider, and user destination. This could be argued to cover any data object with corresponding metadata. (’063 Patent, col. 24:28-36).
  • Evidence for a Narrower Interpretation: The specification's detailed examples consistently describe the "information pack" in the context of a consumer receiving a bundle of formal documents following a specific transaction, such as a car purchase (manual, warranty) or a prescription fill (dosage, contraindications). This may suggest a more structured, document-centric meaning than general application data. (’063 Patent, Fig. 2, Fig. 5).

For the ’959 Patent:

• The Term: "deceiver"
• Context and Importance: The viability of the infringement claim against the website infrastructure depends on mapping a standard "router" to the functionally specific role of a "deceiver". The definition of this term is critical because the patent’s novelty is rooted in its unique three-part architecture.
• Intrinsic Evidence for Interpretation:
  • Evidence for a Broader Interpretation: The claim requires the deceiver to receive the client's request and initiate the controller to query the DNS. An argument could be made that a network router in a load-balanced or firewalled environment performs this function. (’959 Patent, col. 6:11-26).
  • Evidence for a Narrower Interpretation: The patent repeatedly describes the "deceiver", "controller", and "forwarder" as three distinct algorithmic components of a novel "DNS Misdirection" system. The figures depict them as separate logical blocks, not just re-labeled, off-the-shelf hardware. This could support a narrower construction requiring a system intentionally built to operate according to this specific three-part algorithm. (’959 Patent, col. 2:35-42; Fig. 1).

VI. Other Allegations

• Indirect Infringement: The complaint makes general allegations that Defendant "makes, uses, imports, offers for sale, sells, and/or advertises" the accused products (e.g., Compl. ¶23). It does not, however, plead specific facts to support claims of induced or contributory infringement, such as identifying instructional materials that direct users to perform infringing acts.
• Willful Infringement: The complaint alleges that Defendant had pre-suit knowledge of the patents-in-suit based on a letter from Plaintiff's licensing agent dated November 17, 2021, and subsequent follow-up communications (Compl. ¶8). This allegation provides a basis for a claim of willful infringement and a request for enhanced damages and attorneys' fees.

VII. Analyst’s Conclusion: Key Questions for the Case

1. A central issue will be one of definitional scope: Can the specific, and at times idiosyncratic, terminology of the patents-in-suit (e.g., "information pack", "deceiver", "virtual namespace") be construed to read on the functionality of Defendant’s conventional, modern software products and network infrastructure? The outcome of claim construction will likely be dispositive for several of the asserted claims.

2. A key evidentiary question will be one of functional operation: Beyond the labels, do the accused systems actually work in the same way as the patented inventions? For the patents on anonymous communication, the case may turn on whether Trend Micro's standard network architecture performs the specific, multi-component "DNS Misdirection" algorithm described in the patents, or if there is a fundamental mismatch in technical operation that the conclusory allegations in the complaint do not address.