Preface
- Protegrity filed suit against Netskope for patent infringement (US7305707).
- US7305707 "Method for intrusion detection in a database system" basically has predefined user accessing rules into which users are categorized and any user accessing beyond the rules triggers the system to act including changing the permissions of the alleged hacker.
- Netskope filed for a judgment on the pleadings (before even the Court did claim construction) which was granted based on the Court's decision that the patent had ineligible subject matter, that is, a 35 U.S.C. § 101 rejection largely on the basis of "abstract idea" ala Alice Corp. v. CLS Bank Int’l, 134 S. Ct. 2347 (2014).
Reality
While the judgment on the pleadings did not have a formal claim construction Netskope the defendant, stipulated to the plaintiff’s claim construction in another case on the same patent (Protegrity v Gazzang). This was a very smart move by Netskope and Protegrity’s attempt to raise other claim construction issues was late, lame, incomplete, and swept aside rightfully by the Court. The Court did address the defined terms and did the 2 step Alice analysis [ (1) abstract idea and (2) is there something more ]. The Court gave an overview of several abstract case decisions and with irony noted only the DDR Holdings case of having something more and tried to distance itself from the Internet-centric nature of DDR Holdings so that its decision would appear more consistent.
Quoting “The Court finds that the claims at issue are generally directed to the abstract concept of limiting access to information based on specified criteria.” “The method described is essentially as follows: define intrusion detection policies; associate each user with a policy; receive a database query from a user; and determine if the results of the query violate the applicable policy. If the query would result in a policy violation, alter the user’s authorization (in “real time”) such that they cannot access the results.”
The Court considered this to predate computers and be nothing more than “physical security and access policies regarding a variety of sensitive information housed in filing rooms or warehouses.” The addition of computers and databases did not save the day.
Protegrity shot themselves in the foot big time in the Background of the application by admitting to “inference detection” of intrusion detection which includes patterns of information access. The Court, by my count, shot Protegrity quote “critically” 6 times in the decision by citing “inference detection” which Protegrity admitted to, against them
Conclusion
- Keep background admissions to an absolute minimum. Do not try and be helpful by distinguishing your invention over any prior art in the background or anywhere in the application.
- Raise claim construction issues in a lawsuit early and don't leave anything out.
