DCT

7:25-cv-00111

DigitalDoors Inc v. Western Alliance Bank

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 7:25-cv-111, W.D. Tex., 03/06/2025
  • Venue Allegations: Plaintiff alleges venue is proper in the Western District of Texas because Defendant maintains physical business locations, employs personnel, and generates substantial revenue within the district, in addition to targeting customers and making its services available there.
  • Core Dispute: Plaintiff alleges that Defendant’s data backup and disaster recovery systems, particularly those compliant with the financial industry's "Sheltered Harbor" standard, infringe four patents related to methods for securely filtering, extracting, storing, and reconstructing sensitive data in a distributed computing environment.
  • Technical Context: The technology at issue addresses secure data vaulting for disaster recovery, a critical function in the financial services sector where maintaining data integrity and availability in the face of cyberattacks is a paramount operational and regulatory concern.
  • Key Procedural History: The complaint does not reference prior litigation involving these parties, IPR proceedings, or relevant licensing history.

Case Timeline

Date Event
2007-01-05 Earliest Priority Date for all Patents-in-Suit
2015-04-21 U.S. Patent No. 9,015,301 Issues
2015-01-01 Sheltered Harbor Initiative Launched
2017-08-15 U.S. Patent No. 9,734,169 Issues
2019-01-15 U.S. Patent No. 10,182,073 Issues
2019-04-02 U.S. Patent No. 10,250,639 Issues
2025-03-06 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,015,301

  • Patent Identification: U.S. Patent No. 9,015,301, "Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor," issued April 21, 2015.

The Invention Explained

  • Problem Addressed: The patent describes a technological landscape where enterprises struggled to manage and secure information in "open ecosystems" with numerous access points. Specific deficiencies included the inability to manage unstructured data, classify sensitive information efficiently using semantic analysis, address the changing sensitivity of data over its lifecycle, or securely disperse granular data for storage and recovery (Compl. ¶27; ’301 Patent, col. 1:31-2:61).
  • The Patented Solution: The invention proposes a method and system for organizing and processing data in a distributed system by shifting focus from the data file to the content within it (Compl. ¶28). The system uses a variety of "categorical filters" (e.g., content-based, contextual, taxonomic) to identify and obtain "select content" from a data input. This extracted content is stored in corresponding data stores, and specific "data processes" (such as copy, extract, archive, or destruction) are associated with the activated filters to manage the data lifecycle (Compl. ¶26; ’301 Patent, Abstract, col. 3:28-4:27).
  • Technical Importance: This approach provided a method for granularly managing sensitive content within larger data streams, enhancing security by enabling specialized storage and controlled reconstruction (Compl. ¶26, ¶35).

Key Claims at a Glance

  • The complaint asserts at least independent claim 25 (’301 Patent, col. 129:30-130:23).
  • The essential elements of Claim 25 include:
    • A method of organizing and processing data in a distributed computing system for an enterprise, where the data includes "select content" represented by predetermined words, characters, images, or data objects.
    • Providing a plurality of "select content data stores" that are operative with a plurality of "designated categorical filters."
    • Activating at least one categorical filter and processing a data input through it to obtain "select content" and "associated select content," which is contextually or taxonomically associated.
    • Storing the "aggregated select content" in a corresponding data store.
    • For the activated filter, associating at least one data process (from a group including copy, extract, archive, distribution, and destruction).
    • Applying the associated data process to a further data input based on the results of that input being processed by the filter.
    • Wherein the filter activation is automatic (e.g., time-based, condition-based, or event-based) or manual.

U.S. Patent No. 9,734,169

  • Patent Identification: U.S. Patent No. 9,734,169, "Digital Information Infrastructure and Method for Securing Designated Data and With Granular Data Stores," issued August 15, 2017.

The Invention Explained

  • Problem Addressed: The patent addresses the need for secure, distributed data storage architectures that can protect sensitive information while allowing for its controlled reconstruction, particularly in environments vulnerable to cyberattacks or other disruptions (Compl. ¶52).
  • The Patented Solution: The invention describes a method for processing data in a "distributed cloud-based computing system" that segregates different types of data into different types of storage. The system extracts "security designated data" and stores it in secure "select content data stores," while "parsing remainder data" and storing it separately in "granular data stores." Access to the secured data is permitted only upon application of specific access controls, and the system allows for the selective withdrawal of data for reconstruction (’169 Patent, Abstract; Compl. ¶136).
  • Technical Importance: This architecture enhances security by physically or logically separating sensitive data extracts from the remainder of the data, requiring an attacker to compromise multiple, distinct storage locations and overcome separate access controls (’169 Patent, col. 16:25-47).

Key Claims at a Glance

  • The complaint asserts at least independent claim 1 (’169 Patent, col. 131:67-132:52).
  • The essential elements of Claim 1 include:
    • A method of organizing and processing data in a "distributed cloud-based computing system" having select content.
    • Providing a plurality of "select content data stores" for security designated data, a plurality of "granular data stores," and a cloud-based server, with each select content store having access controls.
    • Providing a communications network coupling the data stores and server.
    • Extracting and storing the "security designated data" in the select content data stores.
    • Activating a select content data store to permit access based on applying access controls.
    • Parsing "remainder data" not extracted and storing it in the granular data stores.
    • Withdrawing some or all of the security designated data and parsed data from their respective stores only in the presence of the applied access controls.

Multi-Patent Capsules

U.S. Patent No. 10,182,073

  • Patent Identification: U.S. Patent No. 10,182,073, "Information Infrastructure Management Tools With Variable and Configurable Filters and Segmental Data Stores," issued January 15, 2019.
  • Technology Synopsis: This patent discloses a method for creating a data processing infrastructure that uses an initial set of filters to identify sensitive and select content. The key inventive concept is the ability to dynamically alter these filters—by expanding, contracting, or changing their classification—and then generate modified filters to organize further data throughput (’073 Patent, Abstract).
  • Asserted Claims: The complaint asserts at least independent claim 1 (Compl. ¶165).
  • Accused Features: The complaint alleges that the accused systems, which allow an enterprise to define, run, monitor, and modify data protection policies and their parameters, infringe this patent (Compl. ¶181, ¶182, ¶185).

U.S. Patent No. 10,250,639

  • Patent Identification: U.S. Patent No. 10,250,639, "Information Infrastructure Management Data Processing Tools for Processing Data Flow With Distribution Controls," issued April 2, 2019.
  • Technology Synopsis: This patent describes a method for "sanitizing" data by processing it through a system with configurable filters. The system extracts sensitive content based on sensitivity levels and security clearances, stores the extracted data separately, and then uses various filters (content, contextual, taxonomic) to perform "inferencing" on the sanitized data to generate new insights or classifications (’639 Patent, Abstract).
  • Asserted Claims: The complaint asserts at least independent claim 16 (Compl. ¶192).
  • Accused Features: The complaint alleges that the accused systems, which extract critical financial data into a secure vault (thereby creating sanitized versions) and use filters to analyze and manage this data, infringe this patent (Compl. ¶197, ¶214, ¶217).

III. The Accused Instrumentality

Product Identification

  • The "Accused Instrumentalities" are Defendant's systems and methods for processing and backing up data that are compliant with the "Sheltered Harbor" specification, or that provide substantially equivalent functionality (Compl. ¶95). The complaint uses Dell's PowerProtect Cyber Recovery solution as an exemplary and endorsed implementation of the Sheltered Harbor standard (Compl. ¶71).

Functionality and Market Context

  • The complaint alleges that the Accused Instrumentalities implement the Sheltered Harbor standard, an industry-wide initiative for financial institutions to ensure data resiliency against catastrophic cyberattacks (Compl. ¶62). The core functionality involves nightly extracting critical customer account data, converting it to a standard format, and storing it in a secure, immutable, and "air-gapped" digital vault that is isolated from the institution's production and primary backup systems (Compl. ¶69, ¶72, ¶76). This vault allows the institution to recover critical data and restore customer-facing services after a severe operational failure (Compl. ¶62). The complaint provides a diagram from a Dell solution brief illustrating this architecture, which separates a "Production Environment" from a "Data Vault Environment" via a secure replication process (Compl. ¶72, p. 31).

IV. Analysis of Infringement Allegations

9,015,301 Patent Infringement Allegations

Claim Element (from Independent Claim 25) Alleged Infringing Functionality Complaint Citation Patent Citation
A method of organizing and processing data in a distributed computing system having select content important to an enterprise... The Accused Instrumentalities are distributed systems used by Defendant (the enterprise) to manage and protect critical customer financial account data (the select content). ¶99, ¶101 col. 13:28-35
providing... a plurality of select content data stores operative with a plurality of designated categorical filters... The accused Sheltered Harbor-compliant systems provide a "data vault" with designated storage units (select content data stores) intended to house content derived from predefined "protection policies" (categorical filters). ¶104, ¶106 col. 13:36-41
activating at least one of said designated categorical filters and processing a data input therethrough to obtain said select content and associated select content, which... is at least one of contextually associated select content and taxonomically associated select content, as aggregated select content. The systems activate protection policies (filters) to extract critical financial account data. This data is contextually associated (e.g., via metadata tags grouping assets by department) and aggregated for protective vaulting. ¶108, ¶110 col. 13:42-48
storing said aggregated select content for said at least one categorical filter in said corresponding select content data store. The extracted critical account data is stored in corresponding storage units or "data trees" within the secure data vault. The complaint includes a diagram showing multiple storage components within a "Cyber Recovery Vault," including "Backup," "Copy," and "Lock." ¶112, ¶113; p. 52 col. 13:49-51
and for said activated categorical filter, associating at least one data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process. The systems associate data processes with the filtered content; for example, they perform a copy/backup process to move the data to the vault, where it is archived according to retention policies. ¶115, ¶116 col. 13:52-57
applying the associated data process to a further data input based upon a result of said further data... Once a protection policy is established, all subsequent data inputs matching the filter are processed in the same way (e.g., nightly backups are copied to the vault). ¶118, ¶119 col. 13:58-62
wherein activating said designated categorical filter encompasses an automatic activation... said automatic activation is time-based, distributed computer system condition-based, or event-based. The data processing and backup occurs automatically on a designated time interval (nightly), based on a condition (detection of new data), or can be run manually. ¶121, ¶122 col. 14:1-5
  • Identified Points of Contention:
    • Scope Questions: A central question may be whether the term "categorical filter" as defined in the patent (encompassing content-based, contextual, and taxonomic classifications) can be construed to read on the "protection policies" and rule-based systems (e.g., "VM Folder Name, Contains, Finance") of the accused Sheltered Harbor implementations (Compl. ¶87).
    • Technical Questions: The analysis may focus on whether the accused system's standard backup and replication process performs the claimed step of "associating at least one data process... and applying [it] to a further data input." The court may need to determine if a recurring backup job satisfies this limitation's specific requirements.

9,734,169 Patent Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
A method of organizing and processing data in a distributed cloud-based computing system... The accused systems are distributed computing systems that can be implemented on-premises or in a cloud environment (e.g., AWS, Azure, Google Cloud). ¶130, ¶132 col. 4:28-37
providing... (i) a plurality of select content data stores for respective ones of a plurality of security designated data; and (ii) a plurality of granular data stores; and (iii) a cloud-based server, each select content data store having respective access controls thereat. The system provides a secure "data vault" (select content data stores) for critical data, which is separate from production and backup systems ("granular data stores"). The complaint provides a reference architecture diagram showing a "Production" environment and a separate "CR Vault." Access to the vault is controlled by credentials. ¶136, ¶139; p. 65 col. 4:43-52
extracting and storing said security designated data in respective select content data stores. The system extracts critical financial account data ("security designated data") and stores it in the secure, air-gapped data vault. ¶143, ¶144 col. 4:56-58
parsing remainder data not extracted... and storing the parsed data in respective granular data stores. Data not extracted for the vault remains in the production and primary backup systems (granular data stores). The complaint includes a diagram showing "Backup Workloads" in the production "Data Center" as distinct from the vault. ¶151, ¶152; p. 76-77 col. 4:63-65
withdrawing some or all of said security designated data and said parsed data from said respective data stores only in the presence of said respective access controls applied thereto. Data is withdrawn from the vault to a "restoration platform" only upon satisfaction of strict security measures, such as multi-factor authentication. ¶157, ¶158 col. 5:1-5
  • Identified Points of Contention:
    • Scope Questions: The construction of "distributed cloud-based computing system" will be critical. The complaint alleges this covers both third-party cloud services and on-premise private clouds (Compl. ¶132), a point a defendant may contest.
    • Technical Questions: A factual dispute may arise over whether the accused system performs an active step of "parsing remainder data... and storing" it, or whether it simply leaves non-selected data in its original location. The argument may turn on whether the routine backup of the production environment constitutes the claimed "storing" step for the "remainder data."

V. Key Claim Terms for Construction

For the ’301 Patent (Claim 25):

  • The Term: "designated categorical filters"
  • Context and Importance: This term is foundational to the claim. The infringement theory depends on equating the patent's "categorical filters" with the accused systems' "protection policies," which are defined by rules and attributes (Compl. ¶87, ¶106). Practitioners may focus on whether the specification limits "categorical filters" to the specific types listed (content, contextual, taxonomic) or if it can be interpreted more broadly to cover any rule-based data selection mechanism.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The claim itself refers to "designated categorical filters," which suggests the enterprise can designate what constitutes such a filter. The specification also states that enterprise-designated filters screen data for policies such as "service level of policy, customer privacy policy, enterprise human resource policies," suggesting a broad, policy-based application ('301 Patent, col. 4:15-21).
    • Evidence for a Narrower Interpretation: The summary of the invention repeatedly and specifically lists "content-based filters, contextual filters and taxonomic classification filters" as the operative components ('301 Patent, col. 3:39-41). The detailed description provides specific examples of these types, which could be argued to limit the scope of the broader term.

For the ’169 Patent (Claim 1):

  • The Term: "distributed cloud-based computing system"
  • Context and Importance: This term appears at the start of the claim and may define the entire scope of the invention's applicability. The complaint's position is that this language covers systems deployed "on Amazon Web Services Cloud, Google Cloud... or an alternative functional equivalent," including on-premise private clouds (Compl. ¶132). The viability of the infringement allegation may depend on this construction.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The patent does not appear to provide an explicit definition that limits the term to off-premise, third-party providers. The specification describes a system of interconnected computers, servers, and storage, which is consistent with the general architecture of both public and private cloud environments (’169 Patent, Fig. 6).
    • Evidence for a Narrower Interpretation: A defendant could argue that in the context of the patent's filing date, a person of ordinary skill would have understood "cloud-based" to mean a service provided by a third-party vendor (like AWS), rather than an on-premise "vault" architecture that is merely networked. The patent does not explicitly describe a multi-tenant, third-party cloud architecture.

VI. Other Allegations

  • Willful Infringement: The complaint alleges that Defendant's infringement is and has been willful. The basis for this allegation is Defendant's purported actual notice of the patents since at least the date of service of the complaint. Alternatively, the complaint alleges notice as of November 21, 2023, based on Defendant's alleged awareness of similar lawsuits filed by Plaintiff against competitor banks. The complaint further alleges a policy or practice of "willful blindness" wherein Defendant instructs its employees not to review patents of others (Compl. ¶223, ¶226-227).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A core issue will be one of definitional scope: can the patent terms "categorical filter" and "distributed cloud-based computing system," which are described with specific examples in the patents, be construed broadly enough to encompass the industry-standard "Sheltered Harbor" architecture and its various on-premise and cloud-based implementations? The outcome may depend on whether the court views the patent's examples as illustrative or limiting.
  • A key evidentiary question will be one of operational mapping: does the accused system's process of selecting critical data for isolated backup, while leaving the remainder in the production environment, perform the specific, affirmative steps of "associating data processes," "parsing remainder data," and "altering filters" as recited in the asserted claims, or is there a fundamental mismatch between the accused backup/recovery operations and the claimed data manipulation methods?