Zscaler Inc v. Symantec Corp

1. Case Identification

• Case #: IPR2017-01342
• Patent #: 8,661,498
• Filed: May 1, 2017
• Petitioner(s): Zscaler, Inc.
• Patent Owner(s): Symantec Corporation
• Challenged Claims: 1-2, 13-15, 23-28, and 35-39

2. Patent Overview

• Title: Secure and scalable detection of preselected data embedded in electronically transmitted messages
• Brief Description: The ’498 patent describes methods and systems for detecting preselected, sensitive data in messages transmitted over a network. To avoid exposing the sensitive data within the monitoring system itself, the invention creates an "abstract data structure" derived from the protected data (e.g., using hash functions) that does not reveal the underlying data elements. This abstract structure is then used to search outgoing messages and block those found to contain the protected data.

3. Grounds for Unpatentability

Ground 1: Anticipation of Claims 1-2, 13, 23-28, and 35-39 by Peled

• Prior Art Relied Upon: Peled (Patent 7,681,032).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that Peled discloses every limitation of the challenged claims. Peled describes a system for monitoring and blocking the unauthorized transport of digital content (e.g., confidential or copyrighted material) over a network. To do this, Peled’s system creates a "database of signatures" of the protected content. Petitioner contended this database of signatures, which are derived from the content using methods like hashing, is the claimed "abstract data structure," as it is derived from the preselected data but does not reveal the underlying data elements. Peled’s system then monitors network traffic, extracts signatures from messages, compares them to the stored signatures, and blocks messages that match a pre-set policy. This process was argued to directly map to the identifying, searching, and preventing steps of independent claims 1, 28, and 39. Petitioner further mapped disclosures in Peled for protecting specific data types like spreadsheets ("database data" of claim 2), selecting data based on a policy (claim 13), and monitoring traffic at various network exit points (claim 21).

Ground 2: Obviousness of Claims 13-15, 26, and 35-38 over Peled and Liddy

• Prior Art Relied Upon: Peled (Patent 7,681,032) and Liddy (Patent 6,829,613).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner asserted that Peled taught the foundational system for monitoring network traffic using an abstract data structure, as detailed in Ground 1. Liddy was introduced to supply teachings for specific dependent claim limitations not explicitly found in Peled. Specifically, Liddy teaches techniques for controlling information distribution based on a "security policy" and discloses using a graphical user interface (GUI) to accept user input for defining or specifying that policy, which Petitioner argued renders claims 14 and 15 obvious. Liddy also describes various network architectures, including distributing system components across a single Local Area Network (LAN), multiple distinct LANs, or other configurations, which allegedly makes the system configurations of claims 35-38 obvious variations. Finally, Liddy’s disclosure of classifying messages based on a security policy and Peled’s disclosure of logging transport activity were argued to teach the "reporting violations" limitation of claim 26.
  • Motivation to Combine: A POSITA would combine Peled and Liddy because both address the same technical problem of monitoring electronic communications to prevent unauthorized data leakage. Liddy’s teachings on user-defined security policies via a GUI represent a known, common-sense approach to making a security system like Peled’s more flexible and user-friendly. A POSITA would have been motivated to integrate such a feature to improve the functionality of Peled’s system.
  • Expectation of Success: Petitioner argued that combining the references would have been a predictable integration of known technologies. Implementing a GUI for policy configuration (from Liddy) into a network content monitoring system (Peled) involved standard software engineering practices and presented no technical hurdles that a POSITA could not overcome with a reasonable expectation of success.

4. Key Claim Construction Positions

• "abstract data structure … not revealing elements of the preselected data to be protected": Petitioner proposed construing this term to mean "a structure for storing or organizing data that does not contain fragments or copies of the preselected data to be protected."
• Relevance: This construction was central to the petition. Petitioner argued the patent’s asserted novelty hinged on the "abstract" nature of the data structure. By defining the term to exclude "fragments or copies," Petitioner could equate Peled’s "database of signatures" (e.g., hash values) with the claimed structure, as a hash is a representation of data but not a fragment or copy of it. This construction was critical for establishing that Peled anticipated the claims.

5. Arguments Regarding Discretionary Denial

• Petitioner argued that discretionary denial under 35 U.S.C. §325(d) was unwarranted because the Office had not previously considered the asserted grounds. Although the patent owner had listed Peled in an Information Disclosure Statement during prosecution, the examiner never provided a substantive analysis of it. The Liddy reference was never before the examiner at all. Therefore, Petitioner contended that the petition raised new issues that warranted review.

6. Relief Requested

• Petitioner requests institution of inter partes review and cancellation of claims 1-2, 13-15, 23-28, and 35-39 of the ’498 patent as unpatentable.