DCT

7:25-cv-00102

DigitalDoors Inc v. Amarillo National Bank

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 7:25-cv-00102, W.D. Tex., 03/06/2025
  • Venue Allegations: Plaintiff alleges venue is proper in the Western District of Texas because Defendant maintains physical branch locations, employs staff, and conducts substantial business within the district.
  • Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, particularly those compliant with the financial industry's "Sheltered Harbor" specification, infringe four patents related to methods for securely filtering, extracting, and storing sensitive data in a distributed computing environment.
  • Technical Context: The technology concerns advanced data security architectures designed to protect critical information by isolating sensitive content in secure, often "air-gapped," data vaults, providing resilience against catastrophic cyberattacks.
  • Key Procedural History: The complaint asserts that the patents-in-suit are "pioneering" and have been cited as relevant prior art in hundreds of subsequent patent applications by major technology and financial services companies, but does not mention any prior litigation or post-grant validity challenges.

Case Timeline

Date Event
2007-01-05 Earliest Priority Date for all Asserted Patents
2015-04-21 U.S. Patent No. 9,015,301 Issued
2015-01-01 Sheltered Harbor initiative launched (approximate date)
2017-08-15 U.S. Patent No. 9,734,169 Issued
2019-01-15 U.S. Patent No. 10,182,073 Issued
2019-04-02 U.S. Patent No. 10,250,639 Issued
2025-03-06 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301 - "Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor"

The Invention Explained

  • Problem Addressed: The patent describes a state of the art where enterprises struggled to manage and secure information, particularly unstructured data, within open, vulnerable network ecosystems. Prior methods were allegedly inefficient at classifying sensitive data, controlling access at a granular level, and managing the changing value of information over its lifecycle (’301) Patent, col. 1:31-2:61).
  • The Patented Solution: The invention proposes a method of organizing and processing data by moving beyond file-level security to content-level security. It uses a system of designated "categorical filters" (which can be content-based, contextual, or taxonomic) to automatically identify and extract specific, important "select content" from a larger data stream. This extracted content is then stored in corresponding secure data stores, and specific data processes (e.g., copy, archive, destroy) are associated with the filters to manage the data (’301 Patent, Abstract; col. 3:17-4:17).
  • Technical Importance: This approach provided a framework for automatically securing specific pieces of critical information within a data stream, rather than simply protecting the entire file or database, which was a significant shift in data security architecture (Compl. ¶26).

Key Claims at a Glance

  • The complaint asserts independent claim 25 (’301 Patent, col. 131:25-134:1).
  • Essential elements of claim 25 include:
    • A method of organizing and processing data in a distributed computing system for an enterprise.
    • Providing a plurality of select content data stores operative with a plurality of designated categorical filters.
    • Activating at least one categorical filter and processing a data input to obtain aggregated select content that is contextually or taxonomically associated.
    • Storing the aggregated select content in a corresponding data store.
    • Associating at least one data process (from a group including copy, extract, archive, distribution, and destruction) with the activated filter.
    • Applying the associated data process to a further data input based on a result of the further data being processed by the filter.
    • Wherein the filter activation can be automatic (time-based, condition-based, or event-based) or manual.

U.S. Patent No. 9,734,169 - "Digital Information Infrastructure and Method for Security Designated Data and with Granular Data Stores"

The Invention Explained

  • Problem Addressed: The patent addresses the need for secure data storage in distributed, and particularly cloud-based, systems where data is vulnerable to unauthorized access (’169) Patent, col. 1:15-2:2).
  • The Patented Solution: The invention describes a method for separating data into more and less sensitive components. The system provides "select content data stores" for "security designated data" and separate "granular data stores." A cloud-based server processes data, extracts the sensitive portions for storage in the secure stores under specific access controls, and parses the remaining, non-extracted data for storage in the separate granular stores. The system allows for the secure withdrawal and reconstruction of the data when authorized (’169 Patent, Abstract).
  • Technical Importance: This architecture provides a method for isolating an enterprise's most critical data in a secure, access-controlled environment while leaving the bulk of less-sensitive data in more accessible production systems, a key concept in modern cyber-resilience (Compl. ¶69, ¶72).

Key Claims at a Glance

  • The complaint asserts independent claim 1 (’169 Patent, col. 132:14-50).
  • Essential elements of claim 1 include:
    • A method of organizing and processing data in a distributed cloud-based computing system.
    • Providing a plurality of select content data stores, a plurality of granular data stores, and a cloud-based server, with the data stores coupled over a communications network.
    • Extracting and storing security designated data in the select content data stores.
    • Activating a data store to permit access based on access controls.
    • Parsing remainder data not extracted from the processed data.
    • Storing the parsed remainder data in the granular data stores.
    • Withdrawing the security designated data and parsed data from their respective stores only when access controls are applied.

U.S. Patent No. 10,182,073 - "Information Infrastructure Management Tools With Variable and Configurable Filters and Segmental Data Stores"

  • Technology Synopsis: The technology claimed in the ’073 Patent centers on creating an information infrastructure where a plurality of filters are used to identify and separate sensitive and select content from a data stream. A key aspect is the ability to dynamically alter these initially configured filters by expanding, contracting, or re-classifying their scope to generate modified filters that are then used to organize further data throughput (’073 Patent, Abstract).
  • Asserted Claims: Independent claim 1 is asserted (Compl. ¶165).
  • Accused Features: The complaint alleges that the accused systems, such as the Dell PowerProtect platform, provide a user interface that allows the enterprise to define, run, monitor, and modify existing "protection policies" (the alleged filters), which dynamically alters how data is subsequently processed and vaulted (Compl. ¶181-182, ¶185). A screenshot from a Dell instructional video shows a user interface for selecting and applying filters to a report, which the complaint offers as an example of this functionality (Compl. p. 94).

U.S. Patent No. 10,250,639 - "Information Infrastructure Management Data Processing Tools for Regulating Data Flow With Distribution Controls"

  • Technology Synopsis: The technology described in the ’639 Patent relates to a method for "sanitizing" data based on multiple sensitivity levels and associated security clearances. The system extracts sensitive content from a data input, stores it in a secure "extract store," and stores the remaining data separately. It then uses content, contextual, and taxonomic filters to perform "inferencing" on the sanitized data (’639 Patent, Abstract).
  • Asserted Claims: Independent claim 16 is asserted (Compl. ¶192).
  • Accused Features: The complaint alleges that the Sheltered Harbor framework embodies this invention by extracting critical financial data ("sensitive content") into a secure data vault ("extract data stores") while leaving remainder data in production systems. This process allegedly creates a "sanitized" version of the data, and the system uses policies ("filters") to analyze and manage this data (Compl. ¶214, ¶217).

III. The Accused Instrumentality

Product Identification

The "Accused Instrumentalities" are Defendant Amarillo National Bank's data backup and disaster recovery systems and methods. The complaint identifies systems that are compliant with the "Sheltered Harbor" industry specification, or their functional equivalents, as the primary example (Compl. ¶4, ¶95).

Functionality and Market Context

The complaint alleges that the Defendant, a financial institution, uses systems that implement the Sheltered Harbor standard to protect critical customer data from cyberattacks and ensure operational continuity (Compl. ¶4, ¶7). This process involves extracting critical account data, converting it to a standard format, and storing it in a secure, isolated, and immutable "data vault" that is "air-gapped" from the production network (Compl. ¶69, ¶72, ¶76). The complaint includes a diagram illustrating how data is extracted from a "Production Environment" and replicated to a secure "Data Vault Environment" across an "Air-gap" (Compl. p. 32). The data in the vault is used for restoration in the event of a catastrophic system failure (Compl. ¶70, ¶77). The complaint frames these systems as an industry-standard solution for cyber-resilience in the financial sector (Compl. ¶62, ¶94).

IV. Analysis of Infringement Allegations

U.S. Patent No. 9,015,301 Infringement Allegations

Claim Element (from Independent Claim 25) Alleged Infringing Functionality Complaint Citation Patent Citation
a method of organizing and processing data in a distributed computing system having select content important to an enterprise... Defendant operates a distributed network of servers and hardware for processing and vaulting critical customer financial account data in compliance with Sheltered Harbor specifications. ¶99 col. 3:17-25
providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters... The accused systems provide a "data vault" which includes multiple data stores for backup, copy, lock, and analysis, which house content derived from designated categorical filters established by the enterprise. ¶104, ¶106 col. 13:31-40
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content, which associated select content is at least one of contextually associated select content and taxonomically associated select content, as aggregated select content... The accused systems activate "protection policies" (the alleged filters) to extract critical financial account information. This extracted data is contextually associated, for example by using virtual machine tags and metadata to group assets for protection. ¶108, ¶110 col. 13:41-47
storing said aggregated select content for said at least one categorical filter in said corresponding select content data store... The accused systems perform protective vaulting, which places the aggregated select content (e.g., critical customer account data) into corresponding data stores or storage units within the data vault. ¶112, ¶113 col. 4:1-4
and for the activated categorical filter, associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process... The accused systems associate data processes such as copying, archiving, and extracting with specific data types based on the enterprise's policies for data backup and vaulting. ¶115, ¶116 col. 4:5-10
applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter utilizing said aggregated select content data... Once a protection policy is established, all further data inputs are processed in the same way, for example, by automatically running dynamic filters when new assets are detected or existing assets are modified. ¶118, ¶119 col. 4:10-14
activating a designated categorical filter, which encompasses an automatic activation or a manual activation and said automatic activation is time-based, distributed computer system condition-based, or event-based. Processing occurs automatically at a designated time interval (e.g., nightly backups), upon a designated condition (e.g., detection of new data), or manually on demand. ¶121, ¶123 col. 13:58-64

Identified Points of Contention:

  • Scope Questions: The case may turn on whether the "protection policies" and "backup rules" of a disaster recovery system like Sheltered Harbor can be construed as the "categorical filters" with associated "data processes" as described in the ’301 Patent. A court may need to decide if the patent's more general data management terminology reads on the specific application of cyber-resilience.
  • Technical Questions: A potential point of contention is the limitation "applying the associated data process to a further data input based upon a result of said further data being processed." The complaint alleges that applying the same policy to the next night's data meets this limitation. However, this language could be interpreted to require an adaptive or learning system where the process itself is modified based on the results of prior processing, which may differ from the operation of a standard backup routine.

U.S. Patent No. 9,734,169 Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
a method of organizing and processing data in a distributed cloud-based computing system having select content... The accused systems are implemented in a distributed, cloud-based environment (e.g., AWS, Azure) to manage and protect critical financial account data. ¶130, ¶132 col. 1:15-18
providing... (i) a plurality of select content data stores for respective ones of a plurality of security designated data; and (ii) a plurality of granular data stores; and (iii) a cloud-based server... The accused systems provide a secure "data vault" (the select content data stores) and production/backup systems (the granular data stores), which are managed by cloud-based servers and connected by a network. ¶136, ¶139 col. 1:21-29
extracting and storing said security designated data in respective select content data stores... The systems extract critical financial account information ("security designated data") and store it in the secure data vault. ¶143, ¶144 col. 1:33-35
activating at least one of said select content data stores in said cloud-based computing system thereby permitting access to said select content data stores... based upon an application of one or more of said access controls... Access to the data vault is safeguarded by security measures, such as multi-factor authentication and strict, credential-controlled access protocols. ¶148, ¶149 col. 1:35-39
parsing remainder data not extracted from data processed by said cloud-based system and storing the parsed data in respective granular data stores... Data not extracted for the vault ("remainder data") is stored in the production and backup systems (the "granular data stores"). ¶151, ¶152 col. 1:39-42
withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto. Data is withdrawn from the vault to a restoration platform only upon satisfaction of strict security and access controls. ¶157, ¶158 col. 1:46-50

Identified Points of Contention:

  • Scope Questions: The dispute may focus on the patent's specific definitions of "select content data stores" versus "granular data stores." A key question will be whether a financial institution's production environment and its primary backup systems fit the claim's definition of "granular data stores" for "remainder data."
  • Technical Questions: The dependent claims, which the complaint reserves the right to assert, require specific types of "parsing" for the remainder data, including "randomly parsing" or parsing "according to a predetermined algorithm" (’169 Patent, cl. 10). The complaint alleges that standard data encryption satisfies this limitation (Compl. ¶155). A court may need to determine if "encryption" is synonymous with or a species of the "parsing" required by the claim.

V. Key Claim Terms for Construction

"categorical filters" ('301 Patent, claim 25)

  • Context and Importance: This term is the core mechanism for identifying the data to be secured. The infringement case hinges on whether the "protection policies" and rules-based systems used in the Sheltered Harbor framework (Compl. ¶87) meet the definition of "categorical filters." Practitioners may focus on this term to determine if the patent covers any rule-based system or requires the more specific taxonomic and contextual filtering engines detailed in the specification.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The specification states the system includes "content-based filters, contextual filters and taxonomic classification filters" (’301 Patent, col. 13:34-36), suggesting the term is a genus that could encompass various rule types.
    • Evidence for a Narrower Interpretation: The patent's summary and detailed description heavily emphasize the use of "taxonomic classification filters" and a "Knowledge Expander (KE) search engine" to build hierarchical classification systems (’301 Patent, col. 10:22-32). Defendant may argue that these more complex, content-aware features are required elements of a "categorical filter," not just simple rules like "backup the 'Finance' VM folder" (Compl. ¶87).

"parsing remainder data" ('169 Patent, claim 1)

  • Context and Importance: This step defines what happens to the data left behind after sensitive information is extracted. The complaint's theory is that the standard operation of the accused system—leaving non-critical data in production and backup systems, often in an encrypted state—satisfies this limitation (Compl. ¶151, ¶155). The viability of this infringement theory depends on whether "parsing" can mean simply "separating" or requires a more active algorithmic manipulation or reorganization of the remainder data.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The patent abstract describes "parsing remainder data not extracted... and storing the parsed data," which could simply imply separating the two data sets (extracted vs. non-extracted) and storing them in different places (’169 Patent, Abstract).
    • Evidence for a Narrower Interpretation: The specification discusses using an "Information Dispersal Algorithm (IDA)" to break data into granular pieces for security and reconstitution (’169 Patent, col. 16:1-17:2). Defendant may argue that "parsing" requires such an algorithmic dispersal or transformation of the remainder data, not merely leaving it in its original state on production servers.

VI. Other Allegations

Willful Infringement

The complaint alleges that Defendant has been on notice of the patents-in-suit since at least the date of service of the complaint. It further alleges constructive notice since at least November 21, 2023, based on Defendant's awareness of patent infringement lawsuits filed by the Plaintiff against competitor financial institutions (Compl. ¶226). The complaint also alleges that Defendant has a policy or practice of not reviewing the patents of others, constituting willful blindness (Compl. ¶227).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A core issue will be one of technical mapping: can the standardized, rules-based data backup and recovery processes of the Sheltered Harbor framework, which are focused on disaster recovery, be mapped onto the patent claims' descriptions of dynamic, content-aware filtering and data management systems? The defense may argue a fundamental mismatch between the accused product's purpose (creating a failsafe copy) and the patents' broader focus on granular data classification and control.
  • A central question of claim construction will be whether industry-standard architectural components like an "air-gapped data vault" and "production systems" fall within the scope of patent-specific terms such as "select content data stores" and "granular data stores," or if the patents require a more specific and distinct configuration.
  • For the '301 patent, a key evidentiary question will be one of operational function: does the accused system's nightly backup routine perform the claimed step of "applying the associated data process to a further data input based upon a result of said further data being processed," or does it merely apply a static, pre-configured policy to new data without any adaptive feedback loop as the claim language may suggest?