RightQuestion, LLC v. SAMSUNG ELECTRONICS CO., LTD. et al, No. 2:2021cv00238 - Document 75 (E.D. Tex. 2022)
Court Description: CLAIM CONSTRUCTION OPINION AND ORDER. Signed by Magistrate Judge Roy S. Payne on 4/18/2022. (ch, )
Download PDF
<![CDATA[
RightQuestion, LLC v. SAMSUNG ELECTRONICS CO., LTD. et al Doc. 75 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 1 of 20 PageID #: 3286 IN THE UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF TEXAS MARSHALL DIVISION RIGHTQUESTION, LLC, Plaintiff, v. SAMSUNG ELECTRONICS CO., LTD., and SAMSUNG ELECTRONICS AM., INC., Defendants. § § § § § Case No. 2:21-CV-00238-JRG § § § § § CLAIM CONSTRUCTION OPINION AND ORDER Plaintiff RightQuestion, LLC, asserts claims from U.S. Patents 10,824,696 and 10,929,512 against Defendants Samsung Electronics Co., Ltd., and Samsung Electronics America, Inc. (together, “Samsung”). The patents relate to “authentication translation,” which is a three-part process of (1) receiving a request to access a resource and an authentication input; (2) “translating” that request and input to a stored credential associated with the resource; and (3) providing the stored credential, or output based on the credential, to the resource. See ’696 Patent at [57]; ’512 Patent at [57]. The “resource” may be, for example, a bank or social networking website, and the “authentication input” may be biometric information of the account holder, such as a fingerprint. ’696 Patent at 4:62–66. The “stored credential” may be the user’s username and password for the website. Id. at 6:35–41. The patents represent this process as an improvement to the “tedious experience” of a user providing credentials directly to the resource. Id. at 1:30–39. The parties dispute the scope of six terms from the patents. Samsung challenges four of those terms as indefinite, while the parties dispute the proper construction of the other two terms. Having considered the parties’ briefing, along with arguments of counsel during a March 22, 2022 hearing, the Court resolves the disputes as follows. 1 Dockets.Justia.com Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 2 of 20 PageID #: 3287 I. BACKGROUND According to the patents, “providing credentials to a service, whether via a mobile or other device, is often a tedious experience for a user.” ’696 Patent at 1:30–31. “Unfortunately, to make authentication easier for themselves, users will often engage in practices such as password re-use, and/or the selection of poor quality passwords, which render their credentials less secure against attacks.” Id. at 1:32–35. To address these security issues, the patents teach “authentication translation,” which is the three-step process of (1) receiving a request to access a resource and an authentication input; (2) “translating” that request and input to a stored credential associated with the resource; and (3) providing the stored credential, or some derivative thereof, to the resource. 1 See ’696 Patent at [57]; see also id. Fig.5. As described with reference to Fig. 5, one disclosed embodiment uses an “authentication translator module” 132, which is software installed on a client computer 102 that also includes a web browser. See ’696 Patent at 6:19–27, Fig.1, Fig.5. The module recognizes a user’s attempt to access a website (i.e., a resource) with the browser and prompts the user to provide biometric information, such as fingerprints. Id. at 6:19–27. The module compares the user’s biometric information to information on the computer and, if the information matches, the module provides a previously stored credential to the site, either directly or through a proxy. Id. at 6:35–41. Alternatively, the owner of a particular resource may manage its own authentication translator. See id. at 3:2–6 (explaining, with reference to Fig. 1, “[t]he owner of bank website 122 also operates an authentication translator 134 associated with the bank”). Claim 14 of the ’696 Patent, which is the sole independent method claim of that patent, is narrower than the process described with reference to Fig. 5. The claim requires first and second 1 The parties dispute the scope of this third step as recited in the claims. See Part IV.B infra. 2 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 3 of 20 PageID #: 3288 processors that communicate with one another, but only the second processor is configured to access records in “secure storage.” ’696 Patent at 11:61–67. Those records contain both “a biometric template” and “a credential comprising at least one of a password, a cookie, or a cryptographic key.” Id. at 12:1–6. After “determining a match between a biometric input and the biometric template,” the method “establishes a connection with the [desired] external resource” and “facilitates a login by the user to the external resource” by transmitting output related to the associated credential to the resource. Id. at 12:7–21. Claim 1 and Claim 27 are directed to a system and “computer program product,” respectively, that implement steps like those of Claim 14 in a computer environment. Id. at 10:61–11:25 (Claim 1); id. at 12:56–13:20. (Claim 27). The claims of the ’512 Patent are narrower than those of the ’696 Patent. In particular, Claim 11 requires the “second processor” to take the additional steps of “performing a cryptographic operation” and “performing a secure backup of the record to a storage service.” ’512 Patent at 12:15, 12:26–30. And like the ’696 Patent, the ’512 Patent includes system and “computer program product” claims that implement similar steps in a computer environment. See id. at 10:62–11:29 (Claim 1); id. at 12:61–13:29 (Claim 21). The parties dispute the scope of six terms from the patents. First, the parties differ on the proper construction of two terms—“secure storage” and “based at least in part on”—that appear in each of the independent claims at issue. Second, Samsung alleges “secure backup” in claims of the ’512 Patent is indefinite because the intrinsic record provides no guidance as to what makes a backup “secure.” Finally, Samsung alleges three “wherein” clauses render certain claims indefinite by interjecting an operational step into apparatus claims. 3 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 4 of 20 PageID #: 3289 II. LEGAL STANDARDS A. Generally “‘The claims of a patent define the invention to which the patentee is entitled the right to exclude.’” Phillips v. AWH Corp., 415 F.3d 1303, 1312 (Fed. Cir. 2005) (en banc) (quoting Innova/Pure-Water, Inc. v. Safari Water Filtration Sys., Inc., 381 F.3d 1111, 1115 (Fed. Cir. 2004)). As such, if the parties dispute the scope of the claims, the court must determine their meaning. See, e.g., Verizon Servs. Corp. v. Vonage Holdings Corp., 503 F.3d 1295, 1317 (Fed. Cir. 2007); see also Markman v. Westview Instruments, Inc., 517 U.S. 370, 390 (1996), aff’g, 52 F.3d 967, 976 (Fed. Cir. 1995) (en banc). Claim construction, however, “is not an obligatory exercise in redundancy.” U.S. Surgical Corp. v. Ethicon, Inc., 103 F.3d 1554, 1568 (Fed. Cir. 1997). Rather, “claim construction is a matter of [resolving] disputed meanings and technical scope, to clarify and when necessary to explain what the patentee covered by the claims . . . .” Id. A court need not “repeat or restate every claim term in order to comply with the ruling that claim construction is for the court.” Id. When construing claims, “there is a heavy presumption that claim terms are to be given their ordinary and customary meaning.” Aventis Pharm. Inc. v. Amino Chems. Ltd., 715 F.3d 1363, 1373 (Fed. Cir. 2013) (citing Phillips, 415 F.3d at 1312–13). Courts must therefore “look to the words of the claims themselves . . . to define the scope of the patented invention.” Id. (citations omitted). “The ordinary and customary meaning of a claim term is the meaning that the term would have to a person of ordinary skill in the art in question at the time of the invention, i.e., as of the effective filing date of the patent application.” Phillips, 415 F.3d at 1313. This “person of ordinary skill in the art is deemed to read the claim term not only in the context of the particular claim in which the disputed term appears, but in the context of the entire patent, 4 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 5 of 20 PageID #: 3290 including the specification.” Id. Intrinsic evidence is the primary resource for claim construction. See Power-One, Inc. v. Artesyn Techs., Inc., 599 F.3d 1343, 1348 (Fed. Cir. 2010) (citing Phillips, 415 F.3d at 1312). For certain claim terms, “the ordinary meaning of claim language as understood by a person of skill in the art may be readily apparent even to lay judges, and claim construction in such cases involves little more than the application of the widely accepted meaning of commonly understood words.” Phillips, 415 F.3d at 1314; see also Medrad, Inc. v. MRI Devices Corp., 401 F.3d 1313, 1319 (Fed. Cir. 2005) (“We cannot look at the ordinary meaning of the term . . . in a vacuum. Rather, we must look at the ordinary meaning in the context of the written description and the prosecution history.”). But for claim terms with less-apparent meanings, courts consider “‘those sources available to the public that show what a person of skill in the art would have understood disputed claim language to mean[,] [including] the words of the claims themselves, the remainder of the specification, the prosecution history, and extrinsic evidence concerning relevant scientific principles, the meaning of technical terms, and the state of the art.’” Phillips, 415 F.3d at 1314 (quoting Innova, 381 F.3d at 1116). B. Indefiniteness “A patent is invalid for indefiniteness if its claims, read in light of the specification delineating the patent, and the prosecution history, fail to inform, with reasonable certainty, those skilled in the art about the scope of the invention.” Nautilus, Inc. v. Biosig Instruments, Inc., 572 U.S. 898, 901 (2014). “A patent must be precise enough to afford clear notice of what is claimed,” but that consideration must be made while accounting for the inherent limitations of language. Id. at 908–09. “Indefiniteness must be proven by clear and convincing evidence.” Sonix Tech. Co. v. Publ’ns Int’l, Ltd., 844 F.3d 1370, 1377 (Fed. Cir. 2017). 5 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 6 of 20 PageID #: 3291 III. THE LEVEL OF ORDINARY SKILL IN THE ART The level of ordinary skill in the art is the skill level of a hypothetical person who is presumed to have known the relevant art at the time of the invention. In re GPAC, 57 F.3d 1573, 1579 (Fed. Cir. 1995). In resolving the appropriate level of ordinary skill, courts consider the types of and solutions to problems encountered in the art, the speed of innovation, the sophistication of the technology, and the education of workers active in the field. Id. Importantly, “a person of ordinary skill in the art is also a person of ordinary creativity, not an automaton.” KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398, 421 (2007). Here, the parties generally agree on the appropriate level of skill in the art at the time of invention. Plaintiff’s expert opines a skilled artisan “would have had a bachelor’s degree in electrical engineering, computer engineering, computer science, or a related field, and approximately 2 years of experience working with secure computing systems or a related field.” Jones Decl., Dkt. No. 49-4 ¶ 24. Samsung’s expert contends a skilled artisan would have had “at least a bachelor’s degree in electrical engineering, computer engineering, computer science, or a related field, and at least two years of experience in the research, design, development, and/or testing of authentication techniques, and related firmware and software, or the equivalent.” Crovella Decl., Dkt. No. 51-2 ¶ 26; see also id. at ¶ 27. To the extent there are differences between these two proffered levels of ordinary skill, neither party argues the correct constructions of disputed terms turns on resolving those differences. 6 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 7 of 20 PageID #: 3292 IV. THE DISPUTED TERMS A. “secure storage” (’696 Patent, Claims 1, 14, 27; ’512 Patent, Claims 1, 11, 21) Plaintiff’s Construction Defendants’ Construction Plain and ordinary meaning; no construction “storage that is not accessible to users or necessary. applications” 2 Each of these claims refers to “secure storage” associated with a “second processor.” In the ’696 Patent, for example, each claim recites a second processor “configured to access at least one record stored at least in part in a secured storage.” ’696 Patent at 10:65–67 (Claim 1), 11:65– 67 (Claim 14), 12:62–64 (Claim 27). The independent claims of the ’512 Patent include similar language. See ’512 Patent at 11:2–11 (requiring a second processor “configured to . . . access a record stored in a secure storage, wherein the record is associated at least with the external resource”), 12:2–11 (same), 13:2–11 (same). The dispute about “secure storage” relates to the distinction, if any, between secure data and secure storage. Although Plaintiff suggests no construction is necessary, it contends the term “means that whatever is stored is secure from unwanted or unintended outside access.” Dkt. No. 49 at 8. Plaintiff says this meaning “is apparent from the claim language and the specification.” Id. at 7 (citing ’512 Patent at 3:60–4:26, Fig.3; Jones Decl., Dkt. No. 49-4 ¶ 27). Samsung, on the other hand, contends “secure storage” relates to the accessibility of that storage. Relying primarily on Fig. 3, which Samsung describes as a “clear dividing line between ‘secure storage’ and ‘insecure storage,’” it contends users and applications can read and write to “insecure storage,” but not “secure storage.” Dkt. No. 51 at 6. 2 Samsung originally proposed “secure storage” should be construed as “storage that is not accessible to users or user applications.” See Dkt. No. 51 at 5 n.4 (“To narrow the issues in dispute, Samsung has amended its proposed construction to replace ‘user applications’ with ‘applications,’ consistent with the usage in the specification.”). 7 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 8 of 20 PageID #: 3293 The patents mainly discuss “secure” and “insecure” storage with respect to Fig. 3. They explain: In some embodiments, profiles, templates, and vaults (collectively “authentication information”) are stored entirely in an unprotected storage area, and are stored in the clear. In other embodiments, secure storage techniques are used to secure at least a portion of the authentication information. One example of a device with secure storage is illustrated in Fig. 3. In the example shown, a mobile phone 300 includes a large and insecure storage 302 attached to a fast processor 304, and a smaller but secure storage 306 attached to a dedicated processor 308 and a sensor 310 (e.g., a camera or a fingerprint reader). Users (and applications) can read from and write to the insecure storage area. However, users cannot access the secure storage area, and the fast processor can only communicate with the dedicated processor/sensor via a restricted API. As another example, a unique decryption key associated with a given vault can be stored in a profile. The vault is an encrypted and authenticated container that can be stored on insecure storage, e.g., on the device, and also backed up (e.g., to a cloud storage service 140 or to an alternate form of external storage). As needed, authentication information or portions thereof can be loaded into secure storage and decrypted. For example, one can use AES to encrypt the files one by one, using a key stored on the secured storage. A message authentication technique, such as HMAC, can be used for authenticating the encrypted files to provide tamper prevention. Profiles and vaults can be updated while in secure storage; if this occurs, they are encrypted and MACed before being written back to the insecure storage, which may in tum propagate them to external backup storage. In yet other embodiments, profiles and vaults are stored entirely in secure storage, in plaintext, which allows them to be both read and written—and in particular, searched. ’696 Patent at 3:62–4:22 (emphasis added). The only other mention of secure or insecure storage in the Detailed Description concerns Fig. 5 and, more specifically, the registration of a new device: In some embodiments, to register a new device, a user provides an identifier, such as a username or an account number to the device. The new device connects to an external storage (such as cloud storage 140), provides the user identifier and credential, and downloads the user’s templates/vaults from the service. In some embodiments, the templates/vaults are encrypted. Once downloaded, the template is decrypted and stored in a secure storage area, while the still encrypted vault can be stored in insecure storage. ’696 Patent at 7:10–18 (emphasis added). 8 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 9 of 20 PageID #: 3294 Based on these references, Samsung’s construction is too limiting. The specification indicates there may be multiple “secure storage techniques.” ’696 Patent at 3:59–61. Although Fig. 3 discusses one such technique, there may be others, and the applicant is not required to disclose them all. See SunRace Roots Enter. Co. v. SRAM Corp., 336 F.3d 1298 (Fed. Cir. 2003) (“A patent applicant is not required to describe in the specification every conceivable and possible future embodiment of his invention.”); see also Teleflex, Inc. v. Ficosa N. Am. Corp., 299 F.3d 1313, 1327 (Fed. Cir. 2002) (“the number of embodiments disclosed in the specification is not determinative of the meaning of disputed claim terms”). Here, nothing in the excerpts on which Samsung relies suggests the term should be limited to just the technique described with reference to Fig. 3, or that the described technique is definitional in nature. Samsung also relies on what it calls “contemporaneous admissions” by the inventor in a book published near the patents’ effective filing date. Dkt. No. 51 at 7. It claims the inventor distinguished “secure” and “insecure” storage by explaining, with reference to a figure very similar to Fig. 3 of the patents, that “users can load apps on the device, but neither users nor software on the device can modify or directly access the contents or components of the fingerprint reader.” Id. (quoting Markus Jakobsson, Mobile Authentication, Problems and Solutions, Dkt. No. 51-4 at RIGHTQUESTION0001848). But even if an author’s publication might help establish his subjective intent as to the meaning of the term in question, it does not establish the objective plain and ordinary meaning of that term to a skilled artisan, nor does Samsung contend as much. Short of clear and unambiguous lexicography, which the Court does not find here, the applicant’s intent about the meaning of the term is not relevant to its plain and ordinary meaning. That said, neither “plain and ordinary meaning” nor Plaintiff’s “alternative” construction 9 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 10 of 20 PageID #: 3295 are appropriate here. As Samsung notes, Plaintiff’s construction could encompass the notion of encrypted data within the definition of “storage,” see Dkt. No. 51 at 9–12, but secure data and secure storage are different things. In other words, Plaintiff’s position concerns “whatever is stored,” not the storage medium itself. Yet the specification makes the distinction between those clear by explaining the encrypted vault can be stored in insecure storage. See ’696 Patent at 4:6– 8. Accordingly, the Court construes “secure storage” as “storage protected from unauthorized access,” which comports with the well-understood meaning of “secure” in this context. http://www.yourdictionary.com/secure (last visited Mar. 29, 2022) (“[p]rotected from unauthorized access”). B. The “Transmitting” Terms Plaintiff’s Construction Defendants’ Construction ’696 Patent, Claims 1, 14, 27 Plain and ordinary meaning; construction necessary. no “transmitting . . . output that includes the credential retrieved from the at least one record” ’512 Patent, Claims 1, 11, 21 Plain and ordinary meaning; construction necessary. no “transmitting . . . output that includes the at least one of the password, the cryptographic key, or the cookie retrieved from the record” In the ’696 Patent, the independent claims each require “at least one record” comprising “a credential comprising at least one of a password, a cookie, or a cryptographic key.” ’696 Patent at 11:2–6 (Claim 1), 12:2–6 (Claim 14), 12:66–13:3 (Claim 27). The claims then recite “transmitting . . . output based at least in part on the credential retrieved from the at least one record.” Id. at 11:17–19 (Claim 1), 12:17–19 (Claim 14), 13:14–16 (Claim 13). The independent claims of the ’512 Patent include similar language, but the output is based on “at least one of a password, a cookie, or a cryptographic key” retrieved from the record. ’512 Patent at 11:9–13, 10 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 11 of 20 PageID #: 3296 11:19–22, 12:9–13, 12:20–23, 13:9–13, 13:19–22. Notably, the ’512 Patent does not use “credential” in its independent claims. The parties’ dispute centers on the phrase “based at least in part on.” According to Plaintiff, not only is the claim language clear that the credential itself need not be transmitted, the specification discloses specific examples of just that. Dkt. No. 49 at 12–13 (citing ’512 Patent at 3:51–59). Samsung, however, contends this limitation “requires the transmittal of an output that includes the credential” or, in the case of the ’512 Patent, whatever is retrieved from the record stored in secured storage. See Dkt. No. 51 at 12. Samsung’s position relies in part on the Background of the Invention, which it claims articulates the purpose of the claimed invention as “to simplify the process of ‘[p]roviding credentials to a service’ on the user’s behalf.” Dkt. No. 51 at 13 (citing ’696 Patent at 1:30–31). But the Background says nothing about simplifying the process of providing credentials. Rather, the Background simply explains that then-existing techniques led to security issues, and then explained “improvements in authentication techniques would be desirable,” especially if they were “widely deployable, including on existing/legacy systems.” ’696 Patent at 1:30–39. Samsung also cites the descriptions of Fig. 2 and Fig. 5, stressing “every embodiment in the Asserted Patents shows that the information transmitted to the external resources includes the retrieved credential.” Dkt. No. 51 at 13–14. But even if Samsung is accurate in its assertion, “a patent claim term is not limited merely because the embodiments in the specification all contain a particular feature.” C.R. Bard, Inc. v. U.S. Surgical Corp., 388 F.3d 858, 865 (Fed. Cir. 2004). Therefore, the Court agrees with Plaintiff. The claim language clearly indicates the transmitted output need only be “based at least in part on” the credential and does not require the 11 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 12 of 20 PageID #: 3297 credential itself. “Credential” in the claims is not limited to only one of a password, cookie, or cryptographic key. Rather, the credential could include more than one of these, or any combination of these plus something else. If an accused system used a “credential” (as that term is used in the claims) that included, for example, all three of a password, cookie, or cryptographic key, but the transmitted output was only one of the three components (e.g., only the password), the output would be consistent with the information transmitted in the embodiments described with reference to Fig. 2 and Fig. 5. See, e.g., ’512 Patent at 2:57–3:1 (noting “each of the services 120–124 requires a username and password (and/or a cookie) from a user”); see also id. at ’512 Patent at 6:39–61 (“For example, Alice’s username and password for site 120 are transmitted to site 120 at 506.”). Moreover, Samsung’s position would render meaningless not only “based . . . on,” but “in part.” Similar reasoning applies to the independent claims of the ’512 Patent, which do not use the word “credential.” Instead, the claims only require the system or method to “retrieve, from the record, at least one of a password, a cookie, or a cryptographic key.” E.g., ’512 Patent at 11:12–13. Contrary to Samsung’s proposed construction, nothing in the claims or the specification limits an embodying system from retrieving, for example, all three of a password, a cookie, and a cryptographic key, but then only transmitting one of those, in which case the output would be “based at least in part on” the three retrieved components. Samsung, however, would require that all information retrieved from the record also be transmitted as “output,” without any persuasive support for that position in the intrinsic evidence. The Court rejects Samsung’s constructions for these terms, along with the notion the output must include the credential (in the ’696 Patent) or all information retrieved from the record (in the ’512 Patent). These terms will be given their plain and ordinary meanings. 12 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 13 of 20 PageID #: 3298 C. “secure backup” (’512 Patent, Claims 1, 11, 21) Plaintiff’s Construction Defendants’ Construction Plain and ordinary meaning; no construction necessary. Indefinite. Each of the independent claims of the ’512 Patent recites “perform[ing] a secure backup of the record to a storage service.” ’512 Patent at 11:25–26 (Claim 1), 12:26–27 (Claim 11), 13:25–26 (Claim 21). The term does not appear in the specification. Samsung contends that “because the specification provides no guidance as to what makes a backup secure and, indeed, does not even use that phrase or provide an example, a [skilled artisan] cannot determine with reasonable certainty whether a backup is a ‘secure backup’ or not.” Dkt. No. 51 at 19. It presents three possibilities, which it characterizes as “equally possible”: • • • “performing a backup in which data is transmitted (‘backed up’) via a ‘secure connection,’ but may be stored in a remote regular (i.e., ‘insecure’) storage”; “a backup process where the transmission of data is insecure, but the data is stored in a manner that is protected in some way (e.g., by requiring a user identifier and credential, or by way of encryption)”; and “a backup process where the transmission of data is insecure, but data is stored in a remote ‘secure storage’”; Id. at 19–20. According to Plaintiff, however, “performing a secure backup” first encrypts the data and then backs up the encrypted data to cloud storage or another storage service.” Dkt. No. 49 at 16. Plaintiff bases its conclusion on the grammatical syntax of the claims and reasons the “backup,” rather than any storage, must be secure. Id. at 15. Plaintiff then cites two excerpts from the ’512 Patent allegedly supporting its position. Id. at 15–16 (citing ’512 Patent at 3:60– 4:26, 7:14–31). Samsung counters that Plaintiff’s reliance on encryption is contrary to the intrinsic 13 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 14 of 20 PageID #: 3299 record and irrelevant. Plaintiff specifically refers to Claim 4, which depends from Claim 1 and requires that “the record downloaded by the second device is encrypted,” and Claim 5, which depends from Claim 4 and further requires that “the encrypted record is stored to an insecure storage associated with the second device.” Dkt. No. 51 at 22 (citing ’512 Patent at 11:41–45; see also id. at 12:39–44 (Claims 14 & 15)). “If,” argues Samsung, “the ‘secure backup’ of the independent claims already means backup of ‘encrypted’ data, claims 4 and 14 would be rendered meaningless.” Id. To start, the Court disagrees a skilled artisan would consider one of the three options proffered by Samsung as “likely.” Samsung describes each of those options based on the “secure” or “insecure” nature of storage and transmission, rather than the act of backing up. Yet neither Samsung nor its expert cites to anything in the specification showing these are options from which a skilled artisan must choose. See Dkt. No. 51 at 19–21 (citing Crovella Decl., Dkt. No. 51-2 ¶¶ 75–76). To the contrary, Samsung’s expert agrees the specification does not use “secure connection” or “secure storage” “in connection with performing a ‘backup,’” Crovella Decl., Dkt. No. 51-2 ¶ 76, but does not explain why the ordinary meaning of the language should not apply. The words of this disputed phrase have well-understood meanings. Generally, a “backup” may be either (1) the act of backing up, or (2) a backup copy of data. See, e.g., https://www.yourdictionary.com/backup (last visited Mar. 29, 2022) (defining “backup” as “the act or an instance of backing up computer data, files, etc.” and, alternatively, as “[a] backup copy of data, a file, etc.”). Here, the claims recite “performing a . . . backup,” which aligns only with the former—performing the act of backing up. The limitation is silent as to whether the storage is secure or insecure, but requires the act be “secure.” “Secure” in this context, as already 14 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 15 of 20 PageID #: 3300 determined with respect to “secure storage,” means “protected from unauthorized access.” Applying those well-understood meanings here, the Court construes “perform a secure backup of the record to a storage service” as “create a backup of the record that is protected from unauthorized access and transmit it to a storage service.” D. The Allegedly Impermissible Mixing of Operational Steps Into Apparatus Claims Disputed Term Plaintiff’s Construction “wherein the user is logged in to the external resource” (’696 Patent, Claims 1, 27; ’512 Patent, Claims 1, 21) Defendants’ Construction Plain and ordinary meaning. Indefinite “wherein a second device associated with the user is registered with the storage service, and wherein the record is downloaded from the Plain and ordinary meaning. storage service device” (’512 Patent, Claims 1, 21) Indefinite “wherein the second device is registered with the storage service at least in part by: connecting to the storage service; and providing at least one of a user identifier or a credential to Plain and ordinary meaning. the storage service, wherein the user identifier comprises at least one of or an account number” (’512 Patent, Claim 3) Indefinite Samsung alleges these terms are indefinite because a skilled artisan would not understand whether he infringes by creating a system or taking some other action. See Dkt. No. 51 at 23 (citing H-W Tech., L.C. v. Overstock.com, Inc., 758 F.3d 1329, 1336 (Fed. Cir. 2014), In re Katz Interactive Call Processing Patent Litig., 639 F.3d 1303, 1318 (Fed. Cir. 2011), and IPXL Holdings, LLC, v. Amazon.com, Inc., 430 F.3d 1377, 1384 (Fed. Cir. 2005)). Because these claims require a specific result, says Samsung, they are invalid. Id. As always, the relevant inquiry concerns the understanding of the claim language by a 15 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 16 of 20 PageID #: 3301 skilled artisan. In IPXL Holdings, for example, the Federal Circuit concluded “that, as a result of the combination of two separate statutory classes of invention, a manufacturer or seller of the claimed apparatus would not know from the claim whether it might also be liable for contributory infringement because a buyer or user of the apparatus later performs the claimed method of using the apparatus.” IPXL Holdings, 430 F.3d at 1384. But “the conclusion of IPXL Holdings was based on the lack of clarity as to when the mixed subject matter claim would be infringed.” Microprocessor Enhancement Corp. v. Texas Instruments Inc., 520 F.3d 1367, 1374 (Fed. Cir. 2008). There is no such lack of clarity here. Both the system and software claims of the patents recite a “second processor” configured to facilitate a login of the user to the external resource at least in part by transmitting, via the established connection, output based at least in part on the at least one of the password, the cryptographic key, or the cookie retrieved from the record, and wherein the user is logged in to the external resource based at least in part on the output . . . . ’696 Patent at 11:16–21 (emphasis added); see also id. at 13:13–18 (Claim 27); ’512 Patent at 11:17–24 (Claim 1); id. at 13:17–24 (Claim 21). Nothing in this language requires the user to do the “logging in.” This is clear not only from the passive-voice nature of the clause, but from the specification, which “translates” the user’s biometric data into the stored credentials required by this claim and transmits output relating to those credentials for the purpose of logging in the user. Similar reasoning applies to other terms found in Claims 1, 3, and 21 of the ’512 Patent. Claims 1 and 21 recite that the same “second processor” is “configured to . . . perform a secure backup of the record to a storage service, wherein a second device associated with the user is registered with the storage service, and wherein the record is downloaded from the storage service by the second device . . . .” ’512 Patent at 11:25–29; see also id. at 13:25–29. Claim 3 16 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 17 of 20 PageID #: 3302 recites “wherein the second device is registered with the storage service at least in part by: connecting to the storage service; and providing at least one of a user identifier or a credential to the storage service . . . .” Id. at 11:34–40. Again, nothing in these limitations requires the user, rather than the system or software, to register with, or download the record from, the storage service. The three appellate cases on which Samsung relies are distinguishable. In IPXL Holdings, Claim 1 recited “an electronic financial transaction system” comprising “an input mechanism for providing input to a processor.” IPXL Holdings, 430 F.3d at 1384. Claim 25, which indirectly depended from Claim 1, recited “the user uses the input [mechanism] to either change the predicted transaction information or accept the displayed transaction type and transaction parameters.” Id. Unlike the passive-voice language of the present claims that relate to how a processor is configured, the claim language in IPXL Holdings clearly required the user to take some action with respect to a keypad, touchscreen, point-and-click device, or other physical input mechanism. See U.S. Patent 6,149,055 at 14:59–65. In In re Katz, Judge Bryson wrote: Claims 1, 2, and 83 of the [patent at issue] cover a system with an “interface means for providing automated voice messages . . . to certain of said individual callers, wherein said certain of said individual callers digitally enter data.” The district court found “no meaningful distinction” between those claims and the claim at issue in IPXL. Katz seeks to distinguish IPXL on the ground that the term “wherein” does not signify a method step but instead defines a functional capability. We disagree and uphold the district court’s ruling. Like the language used in the claim at issue in IPXL (“wherein . . . the user uses”), the language used in Katz’s claims (“wherein . . . callers digitally enter data” and “wherein . . . callers provide . . . data”) is directed to user actions, not system capabilities. In re Katz, 639 F.3d at 1318. Again, the claim language was written such that there was no question about who was using (the user), entering data (callers), or providing data (callers). 17 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 18 of 20 PageID #: 3303 The Federal Circuit had similar reasoning in H-W Technology. The patent at issue recited “a tangible computer readable medium encoded with computer program . . . comprising the steps of:” wherein said user completes a transaction with at least one of said merchants listed without the need to generate a voice call; wherein said information received by said user comprises a variety of offers, wherein said user selects one of said variety of offers associated with said one of said merchants listed, wherein said selected offer is transmitted to said one of said merchants listed electronically . . . . H-W Tech., L.C., 758 F.3d at 1335. The court concluded “the disputed language (‘wherein said user completes . . .’ and ‘wherein said user selects . . .’) is nearly identical to the disputed language in [IPXL Holdings and In re Katz]. And, as in those cases, it is unclear here when infringement would occur.” Id. at 1336 (holding the claim indefinite). Samsung also cites this Court’s claim-construction opinion in Barkan Wireless IP Holdings, L.P. v. Samsung Elecs. Co., No. 2:18-CV-28-JRG, 2019 WL 497902 (E.D. Tex. Feb. 7, 2019). In Barkan Wireless, Claim 1 was directed to an apparatus—“an add-on base station” to expand an existing cellular network—that included a transceiver, an interface, and a controller. Barkan Wireless, 2019 WL 497902, at *5–6. Claim 5 further limited Claim 1’s invention such that “the add-on base station is owned and installed by an individual or entity.” Id. at *33. Thus, unlike the language now at issue, which concerns how a recited processor is “configured” to operate, there was no reasonable reading of Claim 5 of the Barkan Wireless patent that did not require an individual or entity to install hardware, a clear mixing of statutory classes. Samsung also argues that construing the language in question as a capability would render it superfluous. Dkt. No. 51 at 25–26. In particular, it suggests, with respect to Claim 1 of each patent, that if “wherein the user is logged in . . . ” is a capability of the processor, the clause 18 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 19 of 20 PageID #: 3304 is superfluous given the prior-recited capability of “facilitate[ing] a login of the user.” Id. But this argument is not persuasive because the scope of these two phrases is not the same. To the contrary, it requires two distinct capabilities: (1) facilitating a login by transmitting output, and (2) logging the user in based on the output. Moreover, even to the extent certain language might be considered superfluous, “the preference for giving meaning to all terms . . . is not an inflexible rule that supersedes all other principles of claim construction.” SimpleAir, Inc. v. Sony Ericsson Mobile Commc’ns AB, 820 F.3d 419, 429 (Fed. Cir. 2016). In the end, “the construction that stays true to the claim language and most naturally aligns with the patent’s description of the invention will be, in the end, the correct construction.” Phillips, 415 F.3d at 1316. Here, the system and software-product claims recite capabilities to be implemented rather than operational steps to be performed. Because a skilled artisan would understand the scope of this claim language with reasonable certainty, these terms are not indefinite. V. CONCLUSION Term The Court’s Construction “secure storage” (’696 Patent, Claims 1, 14, 27; ’512 Patent, Claims 1, 11, 21) “storage protected from unauthorized access” “transmitting . . . output based at least in part on the credential retrieved from the at least one record” (’696 Patent, Claims 1, 14, 27) “transmitting . . . output based at least in part on the at least one of the password, the cryptographic key, or the cookie retrieved from the record” (’512 Patent, Claims 1, 11, 21) Plain and ordinary meaning. “perform a secure backup of the record to a storage “create a backup of the record that is service” protected from unauthorized access and (’512 Patent, Claims 1, 11, 21) transmit it to a storage service” 19 Case 2:21-cv-00238-JRG Document 75 Filed 04/18/22 Page 20 of 20 PageID #: 3305 “wherein the user is logged in to the external resource” (’696 Patent, Claims 1, 27; ’512 Patent, Claims 1, 21) Not indefinite. “wherein a second device associated with the user is registered with the storage service, and wherein the record is downloaded from the storage service device” (’512 Patent, Claims 1, 21) Not indefinite. “wherein the second device is registered with the storage service at least in part by: connecting to the storage service; and providing at least one of a user identifier or a credential to the storage service, Not indefinite. wherein the user identifier comprises at least one of or an account number” (’512 Patent, Claim 3) The Court ORDERS each party not to refer, directly or indirectly, to its own or any other party’s claim-construction positions in the presence of the jury. Likewise, the Court ORDERS the parties to refrain from mentioning any part of this opinion, other than the actual positions adopted by the Court, in the presence of the jury. Neither party may take a position before the jury that contradicts the Court’s reasoning in this opinion. Any reference to claim construction proceedings is limited to informing the jury of the positions adopted by the Court. SIGNED this 3rd day of January, 2012. SIGNED this 18th day of April, 2022. ____________________________________ ROY S. PAYNE UNITED STATES MAGISTRATE JUDGE 20
]]>
Some case metadata and case summaries were written with the help of AI, which can produce inaccuracies. You
should read the full case before relying on it for legal research purposes.
This site is protected by reCAPTCHA and the Google
Privacy Policy and
Terms of Service apply.
