Finjan Inc., v. Blue Coat Systems, Inc., Federal Circuit 2018 (Software Patents)

Finjan brought suit against Blue Coat for infringement of software patents directed to identifying and protecting against malware.  One of the software patents is directed to a method of providing computer security by scanning a downloadable and attaching the results of that scan to the downloadable itself in the form of a “security profile.”

Claim 1 of the patent reads:

1. A method comprising:

  • receiving by an inspector a Downloadable;
  • generating by the inspector a first Downloadable security profile that identifies suspicious code in the received Downloadable; and
  • linking by the inspector the first Downloadable security profile to the Downloadable before a web server makes the Downloadable available to web clients.

The parties agreed that “Downloadable” should be construed to mean “an executable application program, which is downloaded from a source computer and run on the destination computer.” Additionally, the district court construed “Downloadable security profile that identifies suspicious code in the received Downloadable” to mean “a profile that identifies code in the received Downloadable that performs hostile or potentially hostile operations.”

The Federal Circuit noted that they had previously determined in Intellectual Ventures I LLC v. Symantec Corp. that, by itself, virus screening is well-known and constitutes an abstract idea. They also found that performing the virus scan on an intermediary computer—so as to ensure that files are scanned before they can reach a user’s computer— is a “perfectly conventional” approach and is also abstract.   However, they felt that, here, the claimed method does a
good deal more.

The method of claim 1 scans a downloadable and attaches the virus scan results to the downloadable in the form of a newly generated file:  a “security profile that identifies suspicious code in the received Downloadable.”

The district court’s claim construction decision emphasized that this “identify suspicious code” limitation can only be satisfied if the security profile includes “details about the suspicious code in the received downloadable, such as . . . ‘all potentially hostile or suspicious code operations that may be attempted by the Downloadable.’”  The security profile must include the information about potentially hostile operations produced by a “behavior-based” virus scan. This operation is distinguished from traditional, “code-matching” virus scans that are limited to recognizing the presence of previously-identified viruses, typically by comparing the code in a downloadable to a database of known suspicious code. The question, then, is whether this behavior-based virus scan constitutes an improvement in computer functionality. The Federal Circuit believes that it does.

The “behavior-based” approach to virus scanning was pioneered by Finjan and is disclosed in the software patent’s specification.  Traditional “code-matching” systems simply look for the presence of known viruses.

“Behavior-based” scans can analyze a downloadable’s code and determine whether it performs potentially dangerous or unwanted operations—such as renaming or deleting files. Because security profiles communicate the granular information about potentially suspicious code made available by behavior-based scans, they can be used to protect against previously unknown viruses as well as “obfuscated code”—known viruses that have been cosmetically modified to avoid detection by code-matching virus scans.

The security profile approach also enables more flexible and nuanced virus filtering. After an inspector generates a security profile for a downloadable, a user’s computer can determine whether to access that downloadable by reviewing its security profile according to the rules in whatever “security policy” is associated with the user. Administrators can easily tailor access by applying different security policies to different users or types of users. And having the security profile include information about particular potential threats enables administrators to craft security policies with highly granular rules and to alter those security policies in response to evolving threats.

The Federal Circuit’s cases confirm that software inventions can make “non-abstract improvements to computer technology” and be deemed patent-eligible subject matter at step 1 of the Alice software patent inquiry. In Enfish, for example, the Federal Circuit determined that claims related to a database architecture that used a new, self-referential logical table were non-abstract because they focused on “an improvement to computer functionality itself, not on economic or other tasks for which a computer is used in its ordinary capacity.”

The self referential database found patent eligible in Enfish did more than allow computers to perform familiar tasks with greater speed and efficiency; it actually permitted users to
launch and construct databases in a new way. While deployment of a traditional relational database involved extensive modeling and configuration of the various database, Enfish’s self-referential database could be launched with no or only minimal column definitions and configured and adapted “on-the-fly.”

Similarly, according to the Federal Circuit, the software patent method of claim 1 employs a new kind of file that enables a computer security system to do things it could not do before. The security profile approach allows access to be tailored for different users and ensures that threats are identified before a file reaches a user’s computer. The fact that the security profile identifies suspicious code allows the system to accumulate and utilize newly available, behavior-based information about potential threats. According to the Federal Circuit, the asserted claims are therefore directed to a non-abstract improvement in computer functionality, rather than the abstract idea of computer security at large.

Patent eligibility determinations seem to vary greatly based on the judges on the Federal Circuit panel hearing the case.  In this case, the novelty of the method seemed to influence the patent-eligibility determination.  If novelty is a main consideration, why even bother with the Alice 35 U.S.C. 101 analysis when reviewing software patents?  While the claim was short, many claim terms were construed as requiring very specific steps.  That may have helped with the patent-eligibility determination.

Visual Memory LLC v. NVIDIA Corp., Federal Circuit 2017 (Software Patents)

This case concerned an appeal from a district court case which held that Visual Memory’s U.S. Patent No. 5.953,740 was drawn to patent-ineligible subject matter.

The patent teaches that computer systems frequently use a three-tiered memory hierarchy to enhance performance. The three tiers include: 1) a low-cost, low speed memory, such as a magnetic disk, for bulk storage of data; 2) a medium-speed memory that serves as the main memory; and 3) an expensive, high-speed memory that acts as a processor cache memory. Because the cache memory is the most expensive, it is typically smaller than the main memory and cannot always store all the data required by the processor. The memory hierarchy alleviates the limitations imposed by the cache’s size because it allows code and non-code data to be transferred from the main memory to the cache during operation to ensure that the currently executing program has quick access to the required data. Replacement algorithms determine which data should be transferred from the main memory to the cache and which data in the cache should be replaced. As a result, the code and non-code data to be executed by the processor are continually grouped into the cache, thereby facilitating rapid access for the currently executing program. These prior art memory systems lacked versatility because they were designed and optimized based on the specific type of processor selected for use in that system. Designing a different memory system for every processor type is expensive.

The patent purports to overcome these deficiencies by creating a memory system with programmable operational characteristics that can be tailored for use with multiple different processors without the accompanying reduction in performance. It discloses a main memory and three separate caches: an internal cache, a pre-fetch cache, and a write buffer cache.

The three caches possess programmable operational characteristics that are programmable based on the type of processor connected to the memory system. When the system is turned on, information about the type of processor is used to self-configure the programmable operational characteristics. For example, depending on the type of processor, the internal cache can store both code and noncode data, or it can store only code data. Similarly, write buffer cache 20 can be programmed to buffer data “solely from a bus master other than the system processor,” or to buffer data writes by any bus master including the system processor. By separating the functionality for the caches and defining those functions based on the type of processor, the patented system can allegedly achieve or exceed the performance of a system utilizing a cache many times larger than the cumulative size of the subject caches. Using a programmable operational characteristic based on the processor type can also improve the main memory.

Claim 1 recites:
1. A computer memory system connectable to a processor and having one or more programmable operational characteristics, said characteristics being defined through configuration by said computer based on the type of said processor, wherein said system is connectable to said processor by a bus, said system comprising:
a main memory connected to said bus; and
a cache connected to said bus; wherein a programmable operational characteristic
of said system determines a type of data stored by said cache.

Under step one of the Alice test, the district court had concluded that the claims were directed to the “abstract idea of categorical data storage,” which humans have practiced for many years. The court’s step-two analysis found no inventive concept because the claimed computer components—a main memory, cache, bus, and processor—were generic and conventional.

The Federal Circuit noted that two recent cases inform their evaluation of whether the claims are directed to an abstract idea: Enfish and Thales (described in other posts in this blog). In Enfish, the Federal Circuit held claims reciting a self-referential table for a computer database were patent-eligible under Alice step one because the claims were directed to an improvement in the
computer’s functionality. In Thales, the Federal Circuit determined that claims reciting a unique configuration of inertial sensors and the use of a mathematical equation for calculating the location and orientation of an object relative to a moving platform were patent-eligible under Alice step one.

The Federal Circuit’s review of the claims at hand demonstrated that they are directed to an improved computer memory system, not to the abstract idea of categorical data storage. None of the claims recite all types and all forms of categorical data storage.

As with Enfish’s self-referential table and the motion tracking system in Thales, the claims here are directed to a technological improvement: an enhanced computer memory system. Therefore, the claims are patent-eligible.

The dissent contended that the claimed programmable operational characteristic is nothing more than a black box, and that the patent lacks any details about how the invention’s purpose] is achieved. The majority noted some flaws with this conclusion. First, the patent included a microfiche appendix having 263 frames of computer code. The dissent argued that this code would not teach one of ordinary skill in the art the innovative programming effort. The majority stated that such an assumption is improper when reviewing a motion to dismiss for failure to state a claim. Second, whether a patent specification teaches an ordinarily skilled artisan how to implement the claimed invention presents an enablement issue under 35 U.S.C. § 112, not an eligibility issue under § 101. Third, the dissent assumed that the “innovative” effort in the patent lies in the programming required for a computer to configure a programmable operational characteristic of a cache memory. This assumption is inconsistent with the patent specification itself. The specification makes clear that the inventors viewed their innovation as the creation of “a memory system which is efficiently operable with different types of host processors, and the patent discloses how to implement such a memory system.

Enfish v Microsoft, Federal Circuit 2016 (Software Patents)

Enfish sued Microsoft for infringement of U.S. Patent 6,151,604 and U.S. Patent 6,163,775 related to a logical model for a computer database. A logical model is a model of data for a computer database explaining how the various elements of information are related to one another. A logical model generally results in the creation of particular tables of data, but it does not describe how the bits and bytes of those tables are arranged in physical memory devices. Contrary to conventional logical models, the patented logical model includes all data entities in a single table, with column definitions provided by rows in that same table. The patents describe this as a “self-referential” property of the database.

This self-referential property can be best understood in contrast with the more standard “relational” model.  With the relational model, each entity (i.e., each type of thing) that is modeled is provided in a separate table. For instance, a relational model for a corporate file repository might include the following tables:
document table,
person table,
company table.

The document table might contain information about documents stored on the file repository, the person table might contain information about authors of the documents, and the company table might contain information about the companies that employ the persons.

In contrast to the relational model, the patented self referential model has two features that are not found in the relational model: first the self-referential model can store all entity types in a single table, and second the self-referential model can define the table’s columns by rows in that same table.

Claim 17 of the ’604 patent recites:
A data storage and retrieval system for a computer memory, comprising:
means for configuring said memory according to a logical table, said logical table including:
a plurality of logical rows, each said logical row including an object identification number (OID) to identify each said logical row, each said logical row corresponding to a record of information;
a plurality of logical columns intersecting said plurality of logical rows to define a plurality of logical cells, each said logical column including an OID to identify each said logical column; and
means for indexing data stored in said table.

The Federal Circuit reviewed de novo the district court’s determination that the claims at issue do not claim patent-eligible subject matter.

Section 101 of the patent act provides that a patent may be obtained for “any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof.” 35 U.S.C. § 101.  The Federal Circuit noted that they, as well as the Supreme Court, have long grappled with the exception that “[l]aws of nature, natural phenomena, and abstract ideas are not patentable.” Ass’n for Molecular Pathology v. Myriad Genetics, Inc., — U.S. —-, 133 S. Ct. 2107, 2116 (2013) (quoting Mayo Collaborative Servs. v. Prometheus Labs., Inc., — U.S. —-, 132 S. Ct. 1289, 1293 (2012)).

The Federal Circuit noted that Supreme Court precedent instructs them to “first determine whether the claims at issue are directed to a patent-ineligible concept.” Alice Corp. Pty Ltd. v. CLS Bank Int’l. If this threshold determination is met, we move to the second step of the inquiry and “consider the elements of each claim both individually and ‘as an ordered combination’ to determine whether the additional elements ‘transform the nature of the claim’ into a patent-eligible application.” Id. (quoting Mayo, 132 S. Ct. at 1298, 1297).

The Supreme Court has not established a definitive rule to determine what constitutes an “abstract idea” sufficient to satisfy the first step of the Mayo/Alice inquiry.

Rather, both the Federal Circuit and the Supreme Court have found it sufficient to compare claims at issue to those claims already found to be directed to an abstract idea in previous cases.

Refreshingly, the Federal Circuit in Enfish stated that: “We do not read Alice to broadly hold that all improvements in computer-related technology are inherently abstract and, therefore, must be considered at step two.  Indeed, some improvements in computer-related technology when appropriately claimed are undoubtedly not abstract, such as a chip architecture, an LED display, and the like. Nor do we think that claims directed to software, as opposed to hardware, are inherently abstract and therefore only properly analyzed at the second step of the Alice analysis. Software can make non-abstract improvements to computer technology just as hardware improvements can, and sometimes the improvements can be accomplished through either route. We thus see no reason to conclude that all claims directed to improvements in computer-related technology, including those directed to software, are abstract and necessarily analyzed at the second step of Alice, nor do we believe that Alice so directs. Therefore, we find it relevant to ask whether the claims are directed to an improvement to computer functionality versus being directed to an abstract idea, even at the first step of the Alice analysis.”

The Federal Circuit stated that, for that reason, the first step in the Alice inquiry in this case asks whether the focus of the claims is on the specific asserted improvement in computer capabilities (i.e., the self-referential table for a computer database) or, instead, on a process that qualifies as an “abstract idea” for which computers are invoked merely as a tool.

The Federal Circuit concluded that in this case, the plain focus of the claims is on an improvement to computer functionality itself, not on economic or other tasks for which a computer is used in its ordinary capacity.  Therefore, it was not necessary to proceed to step two of the Mayo analysis.

Accordingly, the Federal Circuit found in this case, that the claims at issue in this appeal are not directed to an abstract idea within the meaning of Alice. Rather, they are directed to a specific improvement to the way computers operate, embodied in the self-referential table.

The district court had concluded that the claims were directed to the abstract idea of “storing, organizing, and retrieving memory in a logical table” or, more simply, “the concept of organizing information using tabular formats.”

However, describing the claims at such a high level of abstraction and untethered from the language of the claims all but ensures that the exceptions to § 101 swallow the rule. See Alice (noting that “we tread carefully in construing this exclusionary principle [of laws of nature, natural phenomena, and abstract ideas] lest it swallow all of patent law”); cf. Diamond v. Diehr (cautioning that overgeneralizing claims, “if carried to its extreme, make[s] all inventions unpatentable because all inventions can be reduced to underlying principles of nature which, once known, make their implementation obvious”).

Here, the claims are not simply directed to any form of storing tabular data, but instead are specifically directed to a self-referential table for a computer database. For claim 17, this is reflected in step three of the “means for configuring” algorithm described above.

Moreover, the Federal Circuit was not persuaded that the invention’s ability to run on a general-purpose computer dooms the claims. Unlike the claims at issue in Alice or, more recently in Versata Development Group v. SAP America, Inc., 793 F.3d 1306 (Fed. Cir. 2015),  the claims here are directed to an improvement in the functioning of a computer. In contrast, the claims at issue in Alice and Versata can readily be understood as simply adding conventional computer components to well-known business practices.

The Federal Circuit also noted that the fact that an improvement is not defined by reference to “physical” components does not doom the claims.  To hold otherwise risks resurrecting a bright-line machine-or-transformation test, cf. Bilski v. Kappos (“The machine-or-transformation test is not the sole test for deciding whether an invention is a patent-eligible ‘process.’”), or creating a categorical ban on software patents, cf. id. at 603.  Much of the advancement made in computer technology consists of improvements to software that, by their very nature, may not be defined by particular physical features but rather by logical structures and processes.   The Federal Circuit did not see in Bilski or Alice, or our cases, an exclusion to patenting this large field of technological progress.

The Federal Circuit went on to say that, in other words, they were not faced with a situation where general-purpose computer components are added post-hoc to a fundamental economic practice or mathematical equation. Rather, the claims are directed to a specific implementation of a solution to a problem in the software arts. Accordingly, the Federal Circuit found the claims at issue were not directed to an abstract idea.

Because the claims were not directed to an abstract idea under step one of the Alice/Mayo analysis, the Federal Circuit did not need to proceed to step two of that analysis.

The Federal Circuit concluded that the claims were patent-eligible under 35 USC 101.