Computer-Related Data Security Patents Found to Recite Patent Eligible Subject Matter
By Joseph Herndon --
Spex sued Apricorn for infringing U.S. Patent Nos. 6,088,802 and 6,003,135 in the U.S. District Court for the Central District of California. Apricorn moved to dismiss the complaint due to the patents at issue being directed to abstract ideas under 35 U.S.C. § 101.
The Court analyzed the claims under the two-step Alice framework for distinguishing patents that claim laws of nature, natural phenomena, and abstract ideas from those that claim patent eligible applications of those concepts. That framework requires that first, the Court determine whether the claims at issue are directed to one of those patent-ineligible concepts. If so, then the second step requires the Court to search for an "inventive concept" by considering the elements of each claim -- both individually and as an ordered combination -- to determine whether the additional elements transform the nature of the claim into a patent-eligible application. If the claims at issue are directed to a patent-ineligible concept and the elements of each claim do not transform it into a patent-eligible application, then the claims are patent-ineligible under 35 U.S.C. § 101.
The Court denied the motion, and found that the claims at issue are not directed to a patent-ineligible abstract idea, and thus, the Court did not analyze the claims under step two.
Looking at the patents, the '802 patent is entitled "Peripheral Device with Integrated Security Functionality," and the '135 patent is entitled "Modular Security Device." The patents at issue cover a device and the systems/methods that occur between that device and a host computer. The '135 patent specifically describes a modular, typically portable, device (as well as the methods employed by such a modular device, and the systems including such a modular device and host computing device with which the modular device communicates) that can communicate with a host computing device to enable one or more security operations to be performed by the modular device on data stored within the host computing device. In addition, the '802 patent is similar and adds that the invention relates to a peripheral device that can communicate with a host computing device to enable one or more security operations to be performed by the peripheral device on data stored within the host computing device, data provided from the host computing device to the peripheral device, or data retrieved by the host computing device from the peripheral device.
Independent claim 11 of the '802 patent is representative and is reproduced below:
11. A peripheral device, comprising:
security means for enabling one or more security operations to be performed on data;
target means for enabling a defined interaction with a host computing device;
means for enabling communication between the security means and the target means;
means for enabling communication with a host computing device; and
means for mediating communication of data between the host computing device and the target means so that the communicated data must first pass through the security means.
Independent claim 57 of the '135 patent is representative and is reproduced below:
57. For use in a modular device adapted for communication with a host computing device, the modular device comprising a security module that is adapted to enable one or more security operations to be performed on data and a target module that is adapted to enable a defined interaction with the host computing device, a method comprising the steps of:
communicating with the host computing device to exchange data between the host computing device and the modular device;
performing one or more security operations and the defined interaction on the exchanged data;
mediating communication of the exchanged data between the host computing device and the modular device so that the exchanged data must first pass through the security module; and
operably connecting the security module and/or the target module to the host computing device in response to an instruction from the host computing device.
The Court noted that under step one of the analysis, a court needs to consider whether a patent claim's "character as a whole" is "directed to" excluded subject matter, such as an abstract idea. During this step, a court needs to avoid oversimplifying a patent's claims because, to a certain extent, all inventions are built from abstract ideas.
The Court noted that there is a distinction between (1) systems or methods that simply use a computer and (2) systems or methods that improve computer technology.
1. Systems or Methods that Simply Use a Computer are Abstract Ideas
The Court reviewed prior Federal Circuit cases to identify examples in which claims were directed to Abstract Ideas. One example includes claims directed to mathematical algorithms, including those executed on a generic computer, are abstract ideas. Without additional limitations, a process using mathematical algorithms to alter existing data is not patent eligible. Another example includes the concept of data collection, recognition, and storage, generically recited, will be considered an abstract idea.
2. Systems or Methods that Improve Computer Technology Are Not Abstract Ideas
The Court noted, however, that other courts have found that claiming an improvement in computer capabilities does not always entail claiming an abstract idea. Here, the Court highlighted the Enfish case, in which the Federal Circuit determined that a logical model for a computer database was not abstract because it was "designed to" improve the way that a computer stores and retrieves data. The Court also highlighted the McRO case, in which the Federal Circuit determined that the claims were limited to achieving automated lip synchronization of 3-D characters, and it had a computer conduct a task that humans did not previously perform. Therefore, the Federal Circuit in McRO determined that the claims were directed to improving automated lip-synchronization, and not directed to an abstract idea.
Applying this analysis to claim 11 of the '802 patent, the Court found that claim 11 is not directed to an abstract idea. The Court found that claim 11 is tied to a specific structure, which is a peripheral device, and produces a technological improvement. The invention addresses security problems pertaining to peripheral devices, and the "means" components of claim 11 describe a physical structure that contains a combination of components, in contrast to a method or system that uses a general computer, to secure access to secret information. Thus, the Court found that claim 11 is not directed to an abstract idea, and did not need to review the claim under step 2 of the section 101 analysis.
Applying this analysis to claim 57 of the '135 patent, the Court again found that claim 57 is not directed to an abstract idea. The preamble of the claim describes a series of steps that a modular device can use with a host computing device. The Court noted that the steps occur "to enable one or more security operations to be performed on data and a target module that is adapted to enable a defined interaction with the host computing device . . . ." Therefore, the steps in claim 57 occur for the purpose of creating a technological improvement, which is to enhance security operations, so this claim is not an abstract idea.
The Court did note that while a full Alice analysis of step two was not performed, it would appear that the technological improvements in the context of peripheral devices are inventive concepts.
Thus, the Court denied the motion to dismiss.
The analysis by the Court was very conclusory, but a welcome surprise. With respect to the device claim, the analysis indicated that because a specific structure is recited (e.g., "means" components), the functions are tied to a particular application and is patentable subject matter. This appears to be a good way to address claim 11, and allow any novelty/obviousness challenges to occur separately. Claim 57 appears stronger in that the functions are necessarily rooted in computer technology, and the Court was convinced that this created a technological improvement. Such strategies are seen as the best ways to overcome section 101 challenges.
Spex Technologies Inc. v. Apricorn (C.D. Cal. 2017)
Order Regarding Motion to Dismiss by Judge James V. Selna