Symantec Corp v. Finjan Inc

1. Case Identification

• Case #: IPR2015-01549
• Patent #: 7,930,299
• Filed: July 3, 2015
• Petitioner(s): Symantec Corporation
• Patent Owner(s): Finjan, Inc.
• Challenged Claims: 13-18 and 20

2. Patent Overview

• Title: System and Method for Appending Security Information to Search Engine Results
• Brief Description: The ’299 patent discloses a system that combines a web search engine with a content security filter. The system appends security assessments to search results, allowing a user to distinguish safe links from potentially harmful ones by dynamically generating and updating a combined search and security results summary.

3. Grounds for Unpatentability

Ground 1: Anticipation of Claims 13-18 and 20 under 35 U.S.C. §102 over Dixon

• Prior Art Relied Upon: Dixon (Patent 8,296,664).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that Dixon, which discloses a "Web reputation service" for providing real-time safety information about websites, teaches every limitation of the challenged claims. Independent claims 13 and 20 recite a client computer that issues a search request, receives results, and requests security assessments from a content scanner. Petitioner asserted that Dixon’s client computer, communicating with a reputation service host (the content scanner), performs these exact functions. Critically, Petitioner contended that Dixon meets the limitations of "dynamically generating" and "dynamically updating" a combined security summary. This is allegedly taught by Dixon’s disclosure of presenting results with known reputations (e.g., from a cache) while labeling other sites "Unknown" as their reputations are being computed, and then "iteratively updat[ing]" those reputations once the analysis is complete.
  • Key Aspects: Petitioner also mapped Dixon’s disclosure of "alert[s], caution, [and] warning[s]" to the claim limitation of displaying a warning of potential risk prior to the security summary being fully updated. Dependent claims were addressed by mapping specific features in Dixon, such as user-configurable warning preferences (claim 14), color-coding links based on risk (claim 15), and using icons to indicate risk (claim 16).

Ground 2: Obviousness of Claims 13-18 and 20 under 35 U.S.C. §103 over Rowan in view of Dixon

• Prior Art Relied Upon: Rowan (Patent 7,694,135) and Dixon (Patent 8,296,664).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner asserted that Rowan serves as the primary reference, disclosing the foundational system for appending security information to search results. Rowan teaches a service that provides a "trustworthiness report" for websites returned by a search engine, often in the form of an icon next to each link. While Rowan provides the framework of a client computer that issues search requests and displays security indicators, Petitioner argued it does not explicitly disclose the scanning of web page content for threats like viruses. Dixon was argued to supply this missing element, as it explicitly teaches a content scanner (a "reputation service host") that performs security risk assessments, including virus checking.
  • Motivation to Combine: The primary motivation asserted was an explicit teaching in Rowan to use "virus checking software" in conjunction with its trustworthiness service. Petitioner argued a person of ordinary skill in the art (POSITA), seeking to implement Rowan's suggestion, would have naturally looked to known, contemporaneous technologies like Dixon’s system for scanning web content and providing security assessments. Combining the two would have been an application of a known technique (Dixon's scanning) to a known system (Rowan's framework) to predictably enhance its security capabilities.
  • Expectation of Success: A POSITA would have had a high expectation of success because the combination involved integrating a known type of security analysis into a system designed to display such security information, yielding the predictable result of providing more comprehensive security/virus assessments for web content associated with search results.

4. Key Claim Construction Positions

• "dynamically updat[e/es] the combined search and security results summary"
  • Petitioner argued for a construction of this term as "updating the presented search results and assessments of potential security risks to present additional assessments of potential security risks after additional assessments of potential security risks are received." This construction was central to the petition’s arguments, particularly for anticipation under Ground 1. Petitioner contended that the claims require an initial presentation of a summary that includes some, but not all, security assessments (e.g., those available from a cache), which is then updated as further assessments are completed and received. This interpretation was allegedly supported by the patent’s specification, which emphasizes efficiency and minimizing latency by presenting available results to the user immediately.

5. Relief Requested

• Petitioner requests institution of an inter partes review (IPR) and cancellation of claims 13-18 and 20 of the ’299 patent as unpatentable.