DCT

7:25-cv-00106

DigitalDoors Inc v. Northern Trust Co

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 7:25-cv-00106, W.D. Tex., 03/06/2025
  • Venue Allegations: Plaintiff alleges venue is proper in the Western District of Texas because Defendant maintains physical "brick-and-mortar" business locations, employs staff, and purposefully directs its financial and data security services to customers within the district.
  • Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, which are compliant with or equivalent to the financial industry's "Sheltered Harbor" standard, infringe four patents related to methods for securely filtering, extracting, storing, and reconstructing sensitive data in a distributed computing environment.
  • Technical Context: The technology concerns advanced data security architectures designed to ensure operational continuity for enterprises, particularly financial institutions, in the event of a catastrophic cyberattack that compromises primary systems and conventional backups.
  • Key Procedural History: The complaint does not reference prior litigation, Inter Partes Review (IPR) proceedings, or licensing history concerning the asserted patents. It does, however, extensively frame the patented inventions as being foundational to the Sheltered Harbor data security standard, which was developed by a financial industry consortium beginning in 2015, years after the patents’ priority date.

Case Timeline

Date Event
2007-01-05 Earliest Priority Date for all Patents-in-Suit
2015-04-21 U.S. Patent No. 9,015,301 Issued
2015-XX-XX Sheltered Harbor initiative launched
2017-08-15 U.S. Patent No. 9,734,169 Issued
2019-01-15 U.S. Patent No. 10,182,073 Issued
2019-04-02 U.S. Patent No. 10,250,639 Issued
2025-03-06 Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301 - "Information infrastructure tools with extractor, secure storage, content analysis and classification and method therefor"

  • Patent Identification: U.S. Patent No. 9,015,301, "Information infrastructure tools with extractor, secure storage, content analysis and classification and method therefor," issued April 21, 2015 (the "’301 Patent").

The Invention Explained

  • Problem Addressed: The patent’s background section describes deficiencies in enterprise data management where open, interconnected systems were vulnerable to attack, and enterprises lacked effective methods to manage unstructured information, classify sensitive data, or account for the changing sensitivity of data over its lifecycle (’301 Patent, col. 1:31-2:61). Conventional systems managed data at the file level, not the more granular content level, creating security risks (Compl. ¶27, 29).
  • The Patented Solution: The invention proposes a method of organizing and processing data that shifts focus from the file to the content within it (’301 Patent, Abstract). It uses a system of "categorical filters" to process a data input, identify and obtain "select content" (important or sensitive data) and "associated select content" (contextual or taxonomic data), and store this aggregated content in a corresponding secure data store (’301 Patent, col. 3:17-4:18). This allows specific data processes, such as copying or archiving, to be applied automatically to subsequent data inputs based on the activated filters (Compl. ¶35).
  • Technical Importance: This granular, content-based approach to data security was designed to reduce security risks by storing sensitive data pieces in distributed locations, making it more difficult for an attacker to reconstruct the entire dataset (Compl. ¶36; ’301 Patent, col. 16:7-24).

Key Claims at a Glance

  • The complaint asserts at least independent Claim 25 (Compl. ¶98).
  • Claim 25 of the ’301 Patent recites a method of organizing and processing data, the key steps of which include:
    • Providing a plurality of select content data stores operative with a plurality of designated categorical filters.
    • Activating at least one filter and processing a data input to obtain "select content" and "associated select content" (which is contextually or taxonomically associated).
    • Storing the aggregated select content in a corresponding data store.
    • Associating at least one data process (e.g., copy, extract, archive, distribution, destruction) with the activated filter.
    • Applying that data process to a further data input based on the filter's processing result.
    • The filter activation can be automatic (time-based, condition-based, or event-based) or manual.
  • The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 9,734,169 - "Digital Information Infrastructure and Method for Securing Designated Data and With Granular Data Stores"

  • Patent Identification: U.S. Patent No. 9,734,169, "Digital Information Infrastructure and Method for Securing Designated Data and With Granular Data Stores," issued August 15, 2017 (the "’169 Patent").

The Invention Explained

  • Problem Addressed: The patent addresses the need for secure data management in distributed, cloud-based computing systems where sensitive information must be protected from unauthorized access while remaining available for authorized use (’169 Patent, col. 1:1-2:68).
  • The Patented Solution: The invention describes a method for a distributed cloud-based system that provides separate stores for different types of data: "select content data stores" for security-designated data and "granular data stores" for other data (’169 Patent, Abstract). The method involves extracting the sensitive data and storing it in the secure "select content" stores, while parsing the "remainder data" and storing it separately in the "granular data stores." Access to the sensitive data is then permitted only through the application of specific access controls, allowing for secure withdrawal and reconstruction (’169 Patent, col. 3:28-4:27).
  • Technical Importance: This architecture provides a framework for segregating sensitive data within a cloud environment, enhancing security by isolating critical information and subjecting it to stricter access controls than the non-critical remainder data (Compl. ¶131).

Key Claims at a Glance

  • The complaint asserts at least independent Claim 1 (Compl. ¶129).
  • Claim 1 of the ’169 Patent recites a method of organizing and processing data in a distributed cloud-based system, the key steps of which include:
    • Providing a plurality of select content data stores, a plurality of granular data stores, and a cloud-based server, all coupled by a communications network.
    • Extracting and storing security-designated data in the select content data stores.
    • Activating at least one select content data store to permit access based on one or more access controls.
    • Parsing "remainder data" not extracted and storing it in the granular data stores.
    • Withdrawing security-designated data and parsed data from their respective stores only when the access controls are applied.
  • The complaint does not explicitly reserve the right to assert dependent claims.

Multi-Patent Capsule: U.S. Patent No. 10,182,073

  • Patent Identification: U.S. Patent No. 10,182,073, "Information Infrastructure Management Tools with Variable and Configurable Filters and Segmental Data Stores," issued January 15, 2019 (the "’073 Patent").
  • Technology Synopsis: This patent focuses on an information infrastructure where initially configured filters, used to identify and separate sensitive and select content, can be dynamically altered or modified. The invention allows for expanding, contracting, or changing the classification of the filters, which in turn generates modified filters to organize subsequent data throughput (Compl. ¶181; ’073 Patent, Abstract).
  • Asserted Claims: At least independent Claim 1 (Compl. ¶165).
  • Accused Features: The complaint alleges that the accused systems, such as the Dell PowerProtect system, infringe by providing a user interface that allows the enterprise to define, run, and modify existing "protection policies" (the alleged filters) to change their parameters and outcomes (Compl. ¶182, 184).

Multi-Patent Capsule: U.S. Patent No. 10,250,639

  • Patent Identification: U.S. Patent No. 10,250,639, "Information Infrastructure Management Data Processing Tools for Processing Data Flow with Distribution Controls," issued April 2, 2019 (the "’639 Patent").
  • Technology Synopsis: This patent describes a method for "sanitizing" data by extracting sensitive content based on sensitivity levels and security clearances. The core of the method involves using a combination of content, contextual, and taxonomic filters to "inference" the sanitized data, thereby analyzing and classifying it to obtain "inferenced sensitive content data" (’639 Patent, Abstract; Compl. ¶217).
  • Asserted Claims: At least independent Claim 16 (Compl. ¶192).
  • Accused Features: The complaint alleges infringement through the accused systems' use of categorical filters ("protection policies") to extract critical financial data and the use of contextual or taxonomic associations, such as metadata tags, to group and filter the data for storage (Compl. ¶218-219).

III. The Accused Instrumentality

Product Identification

  • The "Accused Instrumentalities" are Defendant's systems and methods for processing and backing up data that are compliant with the "Sheltered Harbor" industry specification, or are the functional equivalent thereof (Compl. ¶95). The complaint identifies the Dell PowerProtect Cyber Recovery solution as an exemplary and endorsed Sheltered Harbor system (Compl. ¶71, 78).

Functionality and Market Context

  • The Accused Instrumentalities are alleged to be data backup and disaster recovery systems used by financial institutions to protect critical customer account data (Compl. ¶101). Their core alleged functionality involves creating "extremely secure (and segmented) backups" by extracting critical financial data, converting it to a standard format, and storing it in an isolated, immutable, and encrypted "data vault" that is "air-gapped" from the institution's production and primary backup systems (Compl. ¶69, 72, 76). The complaint includes a diagram from a Dell Solution Brief illustrating the accused architecture, which shows a "Production Environment" connected via a secure, air-gapped replication link to a "Data Vault Environment" where data is processed and stored in a locked vault (Compl. ¶72, p. 31). The Sheltered Harbor standard is positioned as a critical initiative for the stability of the U.S. financial markets, with participation from institutions holding nearly three-quarters of U.S. deposit accounts (Compl. ¶62, 64).

IV. Analysis of Infringement Allegations

U.S. Patent No. 9,015,301 Infringement Allegations

Claim Element (from Independent Claim 25) Alleged Infringing Functionality Complaint Citation Patent Citation
providing, in said distributed computing system, a plurality of select content data stores operative with a plurality of designated categorical filters... The Accused Instrumentalities provide a "data vault" with designated data stores that operate with "protection policies," which are alleged to be the claimed categorical filters. ¶104, ¶106 col. 13:25-39
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content... The system activates protection policies to extract critical financial account information (select content) and uses metadata tags for grouping (associated select content). ¶109, ¶110 col. 13:40-47
storing said aggregated select content for said at least one categorical filter in said corresponding select content data store; The extracted critical account data is stored in the secure data vault, which contains corresponding storage units. ¶112, ¶113 col. 13:48-51
for the activated categorical filter, associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process; The system associates processes such as backup (copy), extraction, and archiving with the data identified by the protection policies. ¶115, ¶116 col. 13:52-57
applying the associated data process to a further data input based upon a result of said further data being processed by said activated categorical filter... Once a protection policy is established, subsequent data inputs (e.g., nightly data) are automatically processed in the same way according to that policy. ¶118, ¶119 col. 13:58-62
wherein activating said designated categorical filter encompasses an automatic activation...and said automatic activation is time-based, distributed computer system condition-based, or event-based. The system automatically processes data on a designated time interval (nightly), upon a designated condition (detection of new data), or via manual activation. ¶121, ¶123 col. 14:1-6
  • Identified Points of Contention:
    • Scope Questions: A central question may be whether the "protection policies" of the accused Sheltered Harbor systems, which define what data to back up, function as the "categorical filters" required by the claim. A further question is whether creating a secure, isolated backup of critical data constitutes "obtaining" select content in the manner claimed, as opposed to simple data replication.
    • Technical Questions: The analysis may turn on what evidence shows that the accused system performs distinct "data processes" (copy, extract, archive) that are "associated" with a filter, rather than performing a single, monolithic backup operation governed by a set of rules.

U.S. Patent No. 9,734,169 Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
providing... (i) a plurality of select content data stores... (ii) a plurality of granular data stores; and (iii) a cloud-based server... The accused architecture includes a secure "data vault" (select content data stores), production and backup systems (granular data stores), and is designed for deployment in cloud environments. ¶132, ¶137, ¶139 col. 3:33-40
extracting and storing said security designated data in respective select content data stores; The system extracts critical customer account data from the production environment and stores it in the secure data vault. ¶143, ¶144 col. 4:1-3
activating at least one of said select content data stores in said cloud-based computing system thereby permitting access to said select content data stores...based upon an application of one or more of said access controls... The data vault is safeguarded by security measures, including credential-controlled and multi-factor authentication, which must be applied to permit access. ¶148, ¶149 col. 4:4-9
parsing remainder data not extracted from data processed by said cloud-based system and storing the parsed data in respective granular data stores; Data not extracted for the vault (remainder data) is stored in the production and backup systems, which are separate from the vault. A diagram from Dell shows "Backup Workloads" in the production environment feeding the vault. ¶151, ¶152, p. 76 col. 4:10-13
withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto. Emergency restoration of data from the vault and production systems requires satisfying strict security and access control protocols. ¶157, ¶158 col. 4:14-19
  • Identified Points of Contention:
    • Scope Questions: The dispute may focus on whether the accused system’s "production environment" and "data vault environment," as depicted in complaint visuals (Compl. ¶81, p. 35), legally constitute the claimed "granular data stores" and "select content data stores," respectively.
    • Technical Questions: A key technical question will be whether the accused system’s process of replicating data to a secure vault constitutes "extracting" sensitive data and separately "parsing remainder data." A defendant may argue this is a mischaracterization of a secure backup process, while the plaintiff will likely argue that selecting critical data for vaulting is a form of extraction, with the unselected data constituting the remainder.

V. Key Claim Terms for Construction

  • The Term: "activating at least one of said designated categorical filters... to obtain said select content" (from '301 Patent, Claim 25)
  • Context and Importance: This phrase is central to the infringement theory for the '301 Patent. The case will likely depend on whether the "protection policies" of the Sheltered Harbor framework, which dictate what data is backed up to a secure vault, meet the definition of "activating... categorical filters to obtain" data. Practitioners may focus on this term because it links the abstract concept of a filter to the concrete action of data segregation.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The specification suggests filters can be based on a wide range of criteria, including "content-based filters, contextual filters and taxonomic classification filters" (’301 Patent, col. 13:33-35). This language may support an argument that any rule-based system for selecting data, like the accused protection policies, qualifies as a categorical filter.
    • Evidence for a Narrower Interpretation: The detailed description provides specific examples of filter modules, such as a "contextual filter module" (21) and a "taxonomic filter module" (22), that perform complex analyses (’301 Patent, col. 11:18-24). A defendant might argue that the term requires these specific, sophisticated filtering structures, not just high-level backup policy rules.
  • The Term: "extracting and storing said security designated data" vs. "parsing remainder data" (from '169 Patent, Claim 1)
  • Context and Importance: The distinction between these two actions is fundamental to the structure of Claim 1 of the ’169 Patent. The infringement case rests on the allegation that creating a secure copy of critical data in a vault is "extracting," while leaving the original data and other non-critical data on the production system is what is meant by "parsing remainder data."
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The patent abstract describes the invention as separating "select content data" (Sec-D data) from "granular data," which could be interpreted broadly to mean separating a critical subset from the whole. The patent states the goal is to have sensitive data "separately stored apart from the select content" (’169 Patent, col. 4:25-27), which the accused air-gapped vault architecture arguably achieves.
    • Evidence for a Narrower Interpretation: Some embodiments in related patents describe extraction as removing data and replacing it with placeholders (’301 Patent, col. 19:53-58), a more active process than creating a backup copy. A defendant may argue that "parsing remainder data" requires an affirmative act of processing the non-extracted data, not simply leaving it in place on the production server.

VI. Other Allegations

  • Willful Infringement: The complaint alleges that Defendant's infringement is willful (Compl. Count V). The basis for willfulness includes alleged actual notice of the patents upon service of the complaint, and constructive notice based on alleged awareness of prior lawsuits filed by the Plaintiff against competitor financial institutions (Compl. ¶226). The complaint further alleges that Defendant maintains a "policy or practice of not reviewing the patents of others" and is therefore willfully blind to Plaintiff's patent rights (Compl. ¶227).

VII. Analyst’s Conclusion: Key Questions for the Case

  • Definitional Scope: A core issue will be one of definitional scope: can the term "categorical filter," as described in the 2007-priority patents, be construed to cover the "protection policies" used in the modern, industry-developed Sheltered Harbor data security standard? The outcome may depend on whether the court views these policies as merely selecting data for backup or as performing the specific filtering and classification functions claimed in the patents.
  • Functional Equivalence: A key evidentiary question will be one of technical operation: does the accused act of replicating critical data to an isolated, air-gapped "vault" constitute the claimed method of "extracting" sensitive data and separately "parsing remainder data"? The case may turn on whether the accused process is seen as a sophisticated form of data backup or as a genuine implementation of the patented data segregation architecture.
  • The Industry Standard Defense Narrative: The central tension in the case arises from the timeline: the patents claim priority to 2007, while the accused Sheltered Harbor standard was a collective industry response to cyber threats that began development in 2015. While not a formal defense, the question of whether the patents are foundational to, or are being opportunistically read upon, a later-developed industry solution will likely frame the entire dispute.