BETH LABSON FREEMAN, District Judge.
Before the Court are the parties' respective motions for summary judgment. Plaintiff Finjan, Inc. ("Plaintiff") seeks judgment that defendant Blue Coat Systems, Inc.'s ("Defendant") Internet security software products infringe six of Plaintiff's patents. Defendant seeks partial judgment that certain of its accused products do not infringe those patents. The Court heard oral argument on April 16, 2015 and thereafter took the matter under submission. After careful consideration Plaintiff's Motion for Summary Judgment is DENIED and Defendant's Motion for Summary Judgment is GRANTED IN PART and DENIED IN PART.
Plaintiff asserts six patents against Defendant, all relating to content-based Internet security. Rather than scanning and maintaining a list of known viruses and actual malicious code signatures as would be typical in well-known virus protection systems, content-based security identifies, isolates, and neutralizes actually or potentially malicious code in files downloaded from the Internet based on the detected behavior and characteristics of the code in those files.
The six asserted patents are directed to various aspects of a system of content-based security. Five of the patents share a common inventor—Shlomo Touboul. U.S. Patent No. 6,804,780 (the "`780 Patent") claims a method and system for "generating a Downloadable ID to identify a Downloadable." See `780 Patent at Abstract. A "Downloadable" is "an executable application program, which is downloaded from a source computer and run on the destination computer." Markman Order at 4, ECF 118. Downloadables frequently reference other software components that are not always delivered with the Downloadable when it is requested from a web server. The `780 Patent is generally directed toward identifying such a Downloadable by creating a unique ID for it and its referenced components so that future iterations of that Downloadable can be recognized according to its ID, whether or not that Downloadable is delivered with the components that it references. `780 Patent, cols. 1:65-2:16, 4:64-66.
U.S. Patent No. 6,154,844 (the "`844 Patent") claims a system and methods of network protection wherein an inspector reviews a piece of downloadable-information for suspicious code or behavior according to a set of rules. `844 Patent, col. 2:3-19. The inspector generates a profile characterizing the areas of suspicion and then attaches that profile to the downloadable-information. Id. The profile can include other unique identifiers and certificates that are later read by a protection engine to determine whether or not to trust the profile. Id. col. 2:20-48. By providing verifiable profiles, the object of the invention is to provide flexible, efficient protection against known and unknown hostile downloadable information without having to re-inspect the same piece of downloadable-information each time. Id. col. 2:61-3:7.
U.S. Patent No. 7,418,731 (the "`731 Patent") describes systems and methods of operating computer and network gateways that protect an intranet of computers. The claimed inventions provide for caching of security information and policies at the gateway. `731 Patent at Abstract. This caching of specific types of security profiles and security policies mitigates network latency—delay in the transmission of data—caused when the gateway processes downloadable information to protect intranet devices. Id. col. 1:55-67.
U.S. Patent No. 6,965,968 (the "`968 Patent") is directed to policy-based caching, and more specifically to the management of multiple caches. Content from the Internet can be cached so that the same web page does not have to be retrieved each time a user on the network requests the page. However, users on the same network can also have different security policies—sets of rules that govern whether a file is allowed through the security filter. The `968 Patent provides a system and method of managing cached content in relation to multiple security policies by, inter alia, providing a "policy-based index . . . indicating allowability of cached content relative to a plurality of policies" that can be easily utilized by a cache manager to determine whether cached content is allowable for different requesting users. `968 Patent, cols. 1:63-2:11.
Finally, U.S. Patent Nos. 7,058,822 and 7,647,633 (the "`822 Patent" and "`633 Patent" respectively) are related patents with the same specification.
Plaintiff accuses Defendant's ProxySG, ProxyAV, WebPulse, Malware Analysis Appliance ("MAA"), and Content Analysis System ("CAS") of infringing various claims of the asserted patents. ProxySG is a proxy server that provides, among other things, web security through policy control. Features contained within ProxySG are accused of infringing the asserted claims of the `822 and `633 Patents. ProxySG is often connected to or integrated with some or all of the other accused products to work as a comprehensive web security system. ProxyAV, an appliance that provides anti-virus and other malware detection services, is typically connected to and used in conjunction with ProxySG as a gateway to protect networks from incoming web content. ProxyAV, as well as ProxyAV in combination with ProxySG, are accused of infringing the asserted claims of the `780 Patent. MAA is a customizable sandboxing environment that is individually accused of infringing the asserted claims of the `633 Patent. MAA can integrate with CAS—another antivirus scanner integrated with ProxySG—and therefore the combination of ProxySG, MAA, and CAS is also accused of infringing the asserted claims of the `633 Patent. Finally, WebPulse is a cloud-based infrastructure that categorizes web pages and runs background processes, "some of which look for evidence of malware activity." WebPulse contains a real-time content analyzer component called the Dynamic Real-Time Rating ("DRTR").
As helpfully provided by the parties, the following chart illustrates the patents, asserted claims, and accused products and product combinations at issue:
See Def.'s Mot. 4; Pl.'s Mot. 1, 6.
The Court held a Markman hearing on August 22, 2014 and construed ten terms. On April 16, 2015, the Court heard oral argument on the present motions for summary judgment. Following that hearing, the parties filed motions to strike infringement and invalidity theories in their respective expert reports that were not previously disclosed in the contentions required under the Patent Local Rules. See Pl.'s Mot. to Strike, ECF 218; Def.'s Mot. to Strike, ECF 216. Defendant's motion to strike touches upon some of the specific infringement theories on which it has also affirmatively sought summary judgment. Defendant also seeks to strike all of Plaintiff's doctrine of equivalents assertions. Def.'s Mot. to Strike 1-2. These motions are set to be heard on June 4, 2015. The Court therefore addresses the merits of the parties' arguments without deciding whether any theories that survive summary judgment may ultimately be presented to a jury.
The parties have respectively moved for summary judgment of infringement and non-infringement of the asserted patent claims. Summary judgment is only appropriate when there is "no genuine dispute as to any material fact and the movant is entitled to judgment as a matter of law." Fed. R. Civ. P. 56(a); Celotex Corp. v. Catrett, 477 U.S. 317, 322 (1986). A genuine dispute exists if the issue of fact could reasonably be resolved in favor of either party. The dispute is "material" if it could affect the outcome of the suit under the governing law. Anderson v. Liberty Lobby, Inc., 477 U.S. 242, 248-49 (1986).
Infringement, both literal and under the doctrine of equivalents, is an issue of fact. Sunovion Pharm., Inc. v. Teva Pharm. USA, Inc., 731 F.3d 1271, 1275 (Fed. Cir. 2013); Southwall Techs., Inc. v. Cardinal IG Co., 54 F.3d 1570, 1575 (Fed. Cir. 1995). A court may nonetheless determine infringement on summary judgment "when no reasonable jury could find that every limitation recited in the properly construed claim either is or is not found in the accused device." EMD Millipore Corp. v. AllPure Techs., Inc., 768 F.3d 1196, 1201 (Fed. Cir. 2014) (quoting Innovention Toys, LLC v. MGA Entmn't, Inc., 637 F.3d 1314, 1319 (Fed. Cir. 2011)) (internal quotation marks omitted). Where a defendant seeks summary judgment of non-infringement, "nothing more is required than the filing of a . . . motion stating that the patentee had no evidence of infringement and pointing to the specific ways in which accused [products] did not meet the claim limitations." Exigent Tech. v. Atrana Solutions, Inc., 442 F.3d 1301, 1309 (Fed. Cir. 2006). The burden of production then shifts to the patentee to "identify genuine issues that preclude summary judgment." Optivus Tech., Inc. v. Ion Beam Applications S.A., 469 F.3d 978, 990 (Fed. Cir. 2006).
In considering all motions for summary judgment, "[t]he evidence of the non-movant is to be believed, and all justifiable inferences are to be drawn in his favor." Anderson, 477 U.S. at 255; see also Matsushita Elec. Indus. Co. v. Zenith Radio Corp., 475 U.S. 574, 587 (1986).
The infringement analysis entails two separate steps: (1) interpreting the meaning and scope of patent claims through claim construction; and (2) determining whether the claims, as construed, read on the accused product. Markman v. Westview, Instruments Inc., 52 F.3d 967, 976, 979 (Fed. Cir. 1995) (en banc); Southwall Techs., 54 F.3d at 1575. This Court issued its claim construction ruling on October 20, 2014, and the parties have incorporated those constructions in to their summary judgment arguments.
To establish infringement, a patentee must show that the defendant's accused product "meets each claim limitation either literally or under the doctrine of equivalents." Seachange Int'l, Inc. v. C-COR, Inc., 413 F.3d 1361, 1377 (Fed. Cir. 2005). Literal infringement requires a showing that each claim element is present, exactly. Becton Dickinson & Co. v. C.R. Bard, Inc., 922 F.2d 792, 796 (Fed. Cir. 1990). "[A] product or process that does not literally infringe upon the express terms of a patent claim may nonetheless be found to infringe if there is `equivalence' between the elements of the accused product or process and the claimed elements of the patented invention." Warner-Jenkinson Co. v. Hilton Davis Chem. Co., 520 U.S. 17, 21 (1997). Infringement under this doctrine of equivalents can be proven through showing that any difference between the claimed invention and the accused product is "insubstantial." Graver Tank & Mfg. Co. v. Linde Air Prods. Co., 339 U.S. 605, 608 (1950); see also Pozen Inc. v. Par Pharm., Inc., 696 F.3d 1151, 1167 (Fed. Cir. 2012). One way of doing so is "by showing on a limitation by limitation basis that the accused product performs substantially the same function in substantially the same way with substantially the same result as each claim limitation of the patented product." Crown Packaging Tech., Inc. v. Rexam Beverage Can Co., 559 F.3d 1308, 1312 (Fed. Cir. 2009); see also Brilliant Instruments, Inc. v. GuideTech, LLC, 707 F.3d 1342, 1347 (Fed. Cir. 2013). Regardless of how the test is characterized, "`[e]quivalence, in the patent law, is not the prisoner of a formula and is not an absolute to be considered in a vacuum.'" Warner-Jenkinson, 520 U.S. at 24-25 (quoting Graver Tank, 339 U.S. at 609).
Defendant seeks summary judgment that ProxySG, ProxyAV, and WebPulse do not infringe the respective patent claims asserted against them. Defendant does not seek a determination on the accused MAA product. Plaintiff opposes Defendant's motion and cross moves for summary judgment in its favor on infringement by all of the accused products. The Court addresses the parties' respective arguments below in regard to each of the Asserted Patents.
Plaintiff accuses ProxyAV, individually and in conjunction with ProxySG, of infringing Claims 9, 13, and 18 of the `780 Patent. Claims 9 and 18 are independent claims, and Claim 13 depends from Claim 9. Claim 9 reads:
Claim 18 is directed toward a computer-readable storage medium storing program code for causing a computer to perform steps accomplishing the task of the system described in Claim 9.
All three claims share the limitation that the ID generator be capable of "performing a hashing function on the Downloadable and the fetched software components to generate a Downloadable ID." The parties agreed that this limitation should be construed as "performing a hashing function on the Downloadable together with its fetched software components," and the Court adopted that construction in its Markman order.
Defendant contends that ProxyAV does not perform a hashing function on a Downloadable "together with" its referenced components because ProxyAV "performs a hashing function only on [an] individual file or object." Def.'s Mot. 8; Decl. of Olivia Kim, ECF 174-3 Exh. 6 (Ahlander Dep. Pt. 1) 54:9-56:14; id. Exh. 4 (Rebuttal Expert Report of Dr. Azer Bestavros, hereinafter "Bestavros Report") ¶¶ 149-56; id. Exh. 7 (Bestavros Dep.) 90:14-21. ProxyAV receives "independent files" and objects and applies an MD5 hashing computation to each, never hashing two or more files or objects together. Def.'s Mot. 8; see also Bestavros Report ¶ 149; Def.'s Reply 3. In Defendant's view, then, ProxyAV does not infringe because the limitation of performing a hashing function on a Downloadable "together with" its referenced components means that the Downloadable and the disparate files and objects it references must be combined and hashed as a whole. See Def.'s Reply 3-5.
Plaintiff strenuously disagrees with this interpretation of the parties' agreed construction. Plaintiff asserts that the hashing function limitation reads on ProxyAV because it retrieves a web page and the components referenced in the web page and loads them all into a buffer for processing. Pl.'s Opp. 6-7, ECF 187-3; see also Pl.'s Mot. 25; Decl. of James Hannah, ECF 175-5 Exh. 30 (Ahlander Dep. Pt. 2) 51:16-59:18; Kim Decl. Exh. 1 (Expert Report of Dr. Michael Mitzenmacher, hereinafter "Mitzenmacher Report") ¶¶ 68, 75, 139-145, 147, 156-61. Critically, however, Plaintiff does not dispute that an MD5 computation is applied to each file or object in the buffer, and not to a combination of the files and objects. See Pl.'s Opp. 7-8 (citing source code functions such as [REDACTED\]); see also Mitzenmacher Report ¶ 145 (ProxyAV Products create "MD5 hashes" of Downloadables and fetched software components "in parallel" by [REDACTED\] (emphasis added)); Kim Decl. Exh. 28 (Mitzenmacher Dep. Pt. 2) 273:17-274:4; Decl. of Benu Wells, ECF 188-2 Exh. 1 (Mitzenmacher Dep. Pt. 1) 261:12-23 ("when they all reside on the ProxyAV . . . each has the MD5 function applied to it" (emphasis added)). Rather, Plaintiff appears to be arguing that "together with" is satisfied by togetherness in time. In other words, because the Downloadable and its fetched components are buffered, processed "in parallel," and then combined into a Downloadable ID, Plaintiff argues that an overall hashing function (the collection of individual MD5 computations) is applied to the Downloadable "together with" its fetched components. See Pl.'s Opp. 7; Mitzenmacher Dep. Pt. 1, 253:3-20, 261:12-23 ("when there's a Downloadable that has associated software components, those are fetched. Generally, those are grouped and then in parallel they would be processed").
Defendant replies that this interpretation eliminates the requirement that the Downloadable and its fetched components be hashed "together." Def.'s Reply 3. Defendant further contends that there is no evidence that ProxyAV combines the hashes of individual files and objects into a single Downloadable ID. See id. at 4-5. In order to assess this dispute, the Court must first determine what the parties agreed construction means.
The Court begins by observing that neither party asserts that there is a definition of "hashing function" that is generally known in the art. Dr. Mitzenmacher indicates that "[a] hash function takes an object, such as a file, and by computing a function on the contents of that objects [sic], such as the characters it contains, produces an output number or string, that is usually some fixed length, such as 32 bits, 64 bits, or 128 bits, depending on the context. This number or string output from the hash function is an identifier (ID) for the object." Mitzenmacher Report ¶ 76. Accepting that a hashing function is an operation that transmutes a file of indeterminate size or length into a fixed-length "number or string output," there is ample disclosure in the `780 Patent to support Defendant's argument that a hashing function performed on a Downloadable "together with" its referenced components must operate across the combination of a Downloadable and its fetched components.
The clearest example of this can be seen in the flowchart at Figure 8 and its accompanying description of "a method 800 for generating a Downloadable ID." `780 Patent, col. 9:58-59. Within this method, "[t]he ID generator 315 in step 820 may fetch some or all components referenced in the Downloadable code, and in step 830 includes the fetched components in the Downloadable code." Id. col. 9:62-65 (emphasis added). The ID generator then "in step 840 performs a hashing function on at least a portion of the Downloadable code to generate a Downloadable ID." Id. col. 9:65-67; see also id. Fig. 8. Thus, when "a hashing function" is performed, it is performed on Downloadable code that includes components referenced in the code and fetched by the ID generator. See also id. col. 5:52-54 ("the code scanner 325 uses conventional parsing techniques to decompose the code (including all prefetched components) of the Downloadable into the DSP data 310" (emphasis added)); id. col. 7:63-67 ("The ID generator 315 in step 604 generates a Downloadable ID identifying the received Downloadable, preferably, by generating a digital hash of the Downloadable code (including prefetched components)." (emphasis added)). Furthermore, although "a hashing function" may not necessarily be limited to a single MD5 computation or the like, it must create a unique and reproducible ID when applied to a Downloadable and its components. The advantage of this feature of the claimed invention is stated in the inventor's own words:
Kim Decl. Exh. 30 (July 31, 2003 Amendment and Response to Office Action); see also `780 Patent col. 4:64-66 ("Accordingly, the Downloadable ID for the Downloadable will be the same each time the ID generator 315 receives the same Downloadable."). As such, the plain import of these disclosures is that the limitation "performing a hashing function on the Downloadable and the fetched software components to generate a Downloadable ID," as construed to mean "performing a hashing function on the Downloadable together with its fetched software components to generate a Downloadable ID," requires a hashing function that transmutes the Downloadable and its components into a unique and reproducible "number or string output."
Contrary to Plaintiff's assertion at oral argument, this interpretation of the disputed limitation does not violate the general rule that the indefinite articles "`a' or `an' can mean `one or more.'" Baldwin Graphic Sys., Inc. v. Siebert, Inc., 512 F.3d 1338, 1342 (Fed. Cir. 2008). First, as the Court already stated, the `780 Patent is not so limited that "a hashing function" means a single hash—the overall function of hashing an object or combination of objects could potentially be accomplished by a sequence of several hashes or computations. Second, the rule that indefinite articles mean "one or more" is most applicable in "open-ended claims containing the transitional phrase `comprising.'" KCJ Corp. v. Kinetic Concepts, Inc., 223 F.3d 1351, 1356 (Fed. Cir. 2000). The claim at issue here refers to a system that comprises components, one of which carries out the limitation of "performing a hashing function." Thus, while Claim 9 of the `780 Patent may contemplate a system containing more than one ID generator, it does not necessarily follow that the ID generator performs "one or more" hashing functions to generate "one or more" Downloadable IDs for each Downloadable. Indeed, such would obviate the advantage of generating the same ID for the same Downloadable. Thus, the more sensible reading would be that the ID generator performs "one or more" hashing functions to generate "one or more" Downloadable IDs for "one or more" Downloadables. Finally, when "a hashing function" and "a Downloadable ID" are taken out of a vacuum and considered in the context of a specific Downloadable being processed, it is clear that the phrase "performing a hashing function on the Downloadable together with its fetched software components to generate a Downloadable ID," requires a computation or combination of computations that transmutes the Downloadable and its components into a unique and reproducible ID for that Downloadable. Thus clarified, the Court turns to whether Plaintiff has evidence that ProxyAV performs this limitation.
As previously stated, there is no material dispute that ProxyAV applies MD5 computations to each file or object that it buffers, and not to a combination of the files and objects in the buffer. Although Dr. Mitzenmacher opines extensively about the processing of these files and objects "in parallel" in the "object pipeline," see Mitzenmacher Report ¶¶ 139-60, the only evidence of what ProxyAV does with the results of the MD5 computations is in paragraph 161 of his report. There, Dr. Mitzenmacher states: "[REDACTED\]" Mitzenmacher Report ¶ 161. Plaintiff asserts that Dr. Mitzenmacher testified "[i]n no uncertain terms" that ProxyAV generates a single Downloadable ID. Pl.'s Opp. 7 (citing Mitzenmacher Dep. Pt. 1, 253:3-20). However, immediately following the cited portion, Dr. Mitzenmacher clarified that "[t]here's a single Downloadable ID, which I believe as I described in my report corresponds to the combination of applying an MD5 function to the individual software components in the file." Mitzenmacher Dep. Pt. 1, 253:25-254:3 (emphasis added). Elsewhere in his deposition, Dr. Mitzenmacher further states that "when we think of the Downloadable ID, the hashing function consists of applying MD5 to each component and then putting those components together." Id. 255:8-12. While it is not overwhelming, there is thus some evidence in the record that ProxyAV combines MD5 computations of the individual components in a buffer in a way that would be understood by one of ordinary skill in the art as an overall "hashing function" to create a Downloadable ID. Dr. Bestavros's non-infringement report for Defendant does not directly address this assertion. As such, there is a genuine dispute of material fact concerning how ProxyAV uses the MD5 computations of the Downloadable and its corresponding components. Rendering all inferences in Plaintiff's favor, a reasonable jury could find that if ProxyAV performs in the manner described by Dr. Mitzenmacher, it would meet the "performing a hashing function on the Downloadable together with its fetched software components to generate a Downloadable ID" limitation of the `780 Patent asserted claims.
Plaintiff's literal infringement theory veers admittedly close into doctrine of equivalents territory, as in both instances Plaintiff argues that a combination of hashes of individual components comprises the Downloadable ID described in the patents. Compare Pl.'s Opp. 6-9 with id. at 9-10; compare Mitzenmacher Report ¶¶ 139-161 with id. ¶ 165 ("[a] hash function is applied to the Downloadable and the fetched software components, so each individual part is hashed, and one can use the union of these individual hashes as the Downloadable ID for the Downloadable and the fetched software components"). In truth, the difference appears to be semantic (whether the combination is part of a hashing function or is only equivalent to a hashing function) and the doctrine of equivalents is likely where Plaintiff's case lies.
Defendant's Motion for Summary Judgment is accordingly DENIED with respect to non-infringement by ProxyAV of the asserted claims of the `780 Patent either literally or under the doctrine of equivalents.
Plaintiff asserts Claims 1, 7, 11, 15, 16, and 41 of the `844 Patent against Defendant's WebPulse product. Claims 7 and 11 depend from independent Claim 1; Claim 16 depends from independent Claim 15; and Claim 41 is an independent claim. Plaintiff also alleges that WebPulse in combination with ProxySG infringes independent Claim 1 of the `731 Patent. Common to all of these claims is a "security profile" limitation. For example, Claim 1 of the `844 Patent provides:
`844 Patent, col. 11:13-21; see also id. at 44-46 (Claim 11) ("wherein the first Downloadable security profile includes a list of operations deemed suspicious"). The Court previously construed "Downloadable security profile that identifies suspicious code in the received Downloadable" to mean "a profile that identifies code in the received Downloadable that performs hostile or potentially hostile operations." Markman Order at 16-18. In doing so, the Court rejected Defendant's proffered construction requiring that the profile more specifically identify suspicious code but noted that "identifies" connotes more than simply detecting the presence of suspicious code. Id. at 16. Similarly, Claim 1 of the `731 Patent provides a computer gateway including a scanner "for scanning incoming files from the Internet and deriving security profiles for the incoming files, wherein each of the security profiles comprises a list of computer commands that a corresponding one of the incoming files is programmed to perform." `731 Patent, col. 11:38-42. Thus, all of the asserted claims of the `844 and `731 Patents require a "security profile" that variously identifies suspicious code, includes a list of suspicious operations, or comprises a list of computer commands.
Plaintiff contends that WebPulse creates the "security profile" claimed in the `844 and `731 Patents through its Dynamic Real Time Rating ("DRTR") component, which generates a profile that is then stored in DRTR's "response cache." Pl.'s Opp. 11; see also Pl.'s Mot. 18-19. Part of this alleged profile is the metadata Cookie2, which is the center of the parties' dispute. [REDACTED\]. Def.'s Mot. 12-13; Bestavros Report ¶¶ 182-84. Defendant argues that because Cookie2 is merely[REDACTED\]," there is no evidence that Cookie2 contains any of the data required to be in the security profile limitation of the asserted claims. Def.'s Mot. 12-13 (quoting Kim Decl. Exh. 11). In contrast, Plaintiff disputes the manner of WebPulse's operation and how much information Cookie2 actually contains. Specifically, Plaintiff identifies[REDACTED\] [REDACTED\] Pl.'s Opp. 11-13; Kim Decl. Exh. 2 (Expert Report of Dr. Eric Cole, hereinafter "Cole Report") ¶ 137; Mitzenmacher Report ¶ 825; see also Def.'s Mot. 13-15. Furthermore,[REDACTED\]" that more specifically identifies the potentially malicious code. Pl.'s Opp. 11; see also e.g., Cole Report ¶ 143; Mitzenmacher Report ¶ 829. Plaintiff asserts that all of this information in Cookie2 constitutes a "security profile" that identifies suspicious operations in the scanned file, lists those operations, and lists commands that the corresponding incoming file is programmed to perform. Pl.'s Opp. 13-14; Cole Report ¶¶ 135-39; see also Mitzenmacher Report ¶¶ 820-26.
The parties' dispute concerning the actual operation and use of Cookie2 precludes summary judgment for either side. Rendering all inferences in Plaintiff's favor, a reasonable jury could find that the totality of information reported in Cookie2—[REDACTED\] —satisfy each of the "security profile" limitations found in the asserted claims of the `844 and `731 Patents. Likewise, even if the Cookie2 information does not literally infringe, there is substantial room for disagreement regarding whether Cookie2 is a "security profile" under the doctrine of equivalents. Def.'s Mot. 16-17; Pl.'s Opp. 14-16. Infringement under the doctrine of equivalents is thus also a question of fact for the jury to resolve.
Defendant's Motion for Summary Judgment is accordingly DENIED with respect to non-infringement by WebPulse of the asserted claims of the `844 and `731 Patents either literally or under the doctrine of equivalents.
Plaintiff asserts that the combination of Defendant's ProxySG and WebPulse products infringes Claims 1, 9, and 33 of the `968 Patent, which provides a system and methods for storing and managing policy-based caches. A "policy" includes one or more rules that determine whether a file is allowed or not allowed to pass through the filter, and "typically only allowable [files] are cached." `968 Patent, col. 1:39-47. The claimed invention "enabl[es] a single cache to serve as multiple caches" so as to "control content relative to a plurality of policies." Id. col. 1:63-67. This is accomplished through a "policy index" for the contents of a cache. The parties agree that this "policy index" is "a data structure indicating allowability of cached content relative to a plurality of policies." Markman Order at 4. Independent Claims 1 and 33 both describe iterations of the claimed system, and Claim 9 depends from Claim 1. The policy index limitation is common to all three asserted claims with the further requirement that "the policy index includ[es] entries that relate cache content and policies by indicating cache content that is known to be allowable relative to a given policy, for each of a plurality of policies." `968 Patent, col. 9:49-53 (Claim 1); see also id. col. 13:5-9 (Claim 33).
Defendant contends that Plaintiff has no evidence that ProxySG stores, as entries in the policy index, allowability determinations resulting from consultation with user policies. Def.'s Mot. 17-18. Plaintiff disputes this assertion, pointing to the "policy cache" in ProxySG, which allegedly stores "the results of applying policy conditions to content in a policy index." Pl.'s Opp. 16-18. In support of this assertion, Plaintiff relies upon the testimony of Defendant's 30(b)(6) designee, Gary Tomic, who testified that the policy cache stores "[REDACTED\]" Decl. of James Hannah 175-5 Exh. 25 (Tomic Dep.) 122:1-4; see Pl.'s Mot. 17. As Defendant notes, Mr. Tomic clarified that the "decision" stored in the policy cache refers to "[REDACTED\]" Tomic Dep. 122:1-23. [REDACTED\]" Id.; see Def.'s Reply 8-9. Similarly, Dr. Mitzenmacher's report indicates that[REDACTED\]" Mitzenmacher Report ¶ 331. "[REDACTED\] Id.; Tomic Dep. 151:15-17 ("[REDACTED\]"). Dr. Mitzenmacher also provides some evidence that when ProxySG analyzes content pursuant to a user-defined policy layer, the condition evaluation is determinative of whether the evaluated content is allowed relative to the user policy. Mitzenmacher Report ¶ 330; Pl.'s Opp. 18-19 (citing Hannah Decl. Exh. 33).
There is no dispute that to the extent ProxySG stores any determinations as "entries," it stores only the results of condition evaluations; that is, whether certain conditions referenced in a policy are satisfied. See Def.'s Opp. 17-19; Pl.'s Reply 9; see also Mitzenmacher Report ¶ 331; Bestavros Report ¶ 319. However, the parties dispute whether these condition evaluations are the same as determinations of allowability. Plaintiff argues that the results of condition evaluations are "entries related to allowability of cached content" "because conditions are stored that indicate whether a rule is met in a particular context, or in other words, whether content is allowable based on a particular policy." Pl.'s Opp. 19 (citing Hannah Decl. Exh. 35); see also Mitzenmacher Report ¶ 331. Defendant asserts that the condition evaluation results do not indicate allowability but are instead precursors to that determination: ProxySG makes an allowability determination each time using a specific user's policy settings and the cached condition evaluation results, "regardless of whether the content was previously denied or allowed." Def.'s Reply 10-11; see also Bestavros Report ¶¶ 319-43. In short, Defendant contends that the condition evaluations stored in ProxySG's policy cache are not related to content allowability while Plaintiff contends that they are. Although Defendant's argument would likely prevail if all policies consist of multiple rules or conditions, the `968 Patent specifically provides that a policy can be just one rule. `968 Patent, col. 1:39-47. Reducing a policy down to a single rule or condition presents a closer question on literal infringement. Rendering all inferences in Plaintiff's favor, a reasonable jury could find that the "policy index" limitation literally reads on ProxySG when the ProxySG policy cache contains a number of condition evaluations, each of which is determinative of whether a file is allowable relative to one of a plurality of single condition policies. Whether that ever occurs in ProxySG is a question of fact for the jury.
As to whether ProxySG infringes the asserted claims of the `968 Patent under the doctrine of equivalents, the parties dispute whether the condition evaluations stored in the policy cache perform substantially the same function as cached allowability determinations based on application of entire policies. Def.'s Mot. 19-20; Pl.'s Opp. 19-20; Mitzenmacher Report ¶¶ 363-65; Bestavros Report ¶¶ 344-48. Infringement under the doctrine of equivalents is therefore also a question of fact for the jury to resolve.
Defendant's Motion for Summary Judgment is accordingly DENIED with respect to non-infringement by ProxySG and WebPulse of the asserted claims of the `968 Patent either literally or under the doctrine of equivalents.
Defendant seeks summary judgment that the Pop-Up Blocker feature of ProxySG does not infringe Claims 9 and 10 of the `822 Patent and Claim 8 of the `633 Patent.
The `822 and `633 Patents are related patents that provide methods and systems for monitoring malicious mobile code by first inspecting the content of incoming downloadable information to determine whether it includes executable code. Claim 10 of the `822 Patent depends from independent Claim 9. Claim 8 of the `633 Patent is an independent claim. Critical to the motions before the Court is the requirement in all of the asserted claims that mobile protection code ("MPC") is communicated to the destination of the downloadable-information "if the downloadable-information is determined to include executable code." `822 Patent, col. 22:5-10 (Claim 9); `633 Patent, col. 20:58-62 (Claim1).
Defendant argues that the accused Pop-Up Blocker feature of ProxySG does not infringe the asserted claims because the feature, when it is turned on, injects MPC in the form of JavaScript into "each and every web page," regardless of whether it contains executable code.
Plaintiff opposes Defendant's motion by arguing that the motion does not address Plaintiff's other infringement theories and with the conclusory assertion that "[Plaintiff] factually disputes how ProxySG operates and when pop-up blocking code is into [sic] webpages." Pl.'s Opp. 21-22. To be sure, Plaintiff has advanced other infringement theories against Defendant that are not addressed in Defendant's motion. These include the ProxySG's active content manipulation and "defang[ing]" of malicious active code. Pl.'s Opp. 21; see also Pl.'s Mot. 20-21. That there are other theories that are not the subject of Defendant's motion fails to address, however, whether—Pop-Up Blocker—the feature that is the subject of Defendant's motion communicates MPC conditioned upon a determination that the downloadable-information contains executable code. On that narrow issue, Plaintiff fails to raise a genuine dispute.
The best evidence that Plaintiff can muster is the testimony of Mr. Tomic and the report from Plaintiff's expert on these patents, Dr. Eric Cole. See Pl.'s Opp. 20-21 (citing Tomic Dep. 217:7-25 and Cole Report ¶¶ 501, 532). As to the former, it is not clear from the cited excerpt that Mr. Tomic is testifying about Pop-Up Blocker when he agrees that ProxySG would add code "to the beginning of JavaScript." Tomic Dep. 217:22-25. As to the latter, Dr. Cole's report addresses all of Plaintiff's various infringement theories and does little to refute Dr. Hicks's report that the Pop-Up Blocker injects code indiscriminately. See Cole Report ¶¶ 499-525. Even if Dr. Cole "spent an extensive amount of time configuring and testing the ProxySG products" and is willing and able to reproduce his testing for a jury, his report is light on factual specificity. Pl.'s Opp. 21; Cole Report ¶¶ 29-30. "In the context of a motion for summary judgment, an expert must back up his opinion with specific facts." United States v. Various Slot Machines on Guam, 658 F.2d 697, 700 (9th Cir. 1981); see also Intellectual Sci. & Tech., Inc. v. Sony Electronics, Inc., 589 F.3d 1179, 1183 (Fed. Cir. 2009) ("To satisfy the summary judgment standard, a patentee's expert must set forth the factual foundation for his infringement opinion in sufficient detail for the court to be certain that features of the accused product would support a finding of infringement under the claim construction adopted by the court, with all reasonable inferences drawn in favor of the non-movant."). Here, there are no facts in Dr. Cole's report, which mentions Pop-Up Blocker only twice, to indicate that Pop-Up Blocker injects JavaScript into a web page in response to a determination that the page contains executable code. The conclusory statement that he "tested the ProxySG product and [ ] confirmed that it will insert mobile protection code into a javascript which intercepts potentially malicious code from executing" hardly suffices to create a genuine dispute, as it is entirely consistent with Dr. Hicks's assertion that Pop-Up Blocker always injects JavaScript when it is active. See Cole Report ¶ 532.
Contrary to Plaintiff's argument, this is not a situation in which the accused product infringes because it sometimes accomplishes the entire method of the claimed invention. Rather, much as in Ferguson Beauregard/Logic Controls, Division of Dover Resources, Inc. v. Mega Systems, LLC, this is a situation in which the accused feature never performs an essential element of the claimed method even if it sometimes arrives at the same result. 350 F.3d 1327, 1346 (Fed. Cir. 2003). At best, Plaintiff has evidence that the Pop-Up Blocker feature injects JavaScript into a web page that contains executable code. Wells Decl. Exh. 8 (Cole Dep.) 212:2-213:12. That does not mean that the converse—that code is not injected into a page that does not contain executable code—is true. Absent evidence that the injection of popup blocking code is conditioned upon a determination that the web page contains executable code, Plaintiff fails to carry its burden of production to demonstrate a genuine dispute of material fact. Defendant's evidence, supported by Dr. Hick's detailed testimony regarding his testing efforts, amply demonstrates that the Pop-Up Blocker feature of ProxySG does not deploy MPC "if the downloadable-information is determined to include executable code"; when enabled, the feature deploys popup blocking code always. As such, no reasonable juror could find that the accused Pop-Up Blocker feature contains every limitation recited in Claims 9 and 10 of the `822 Patent and Claim 8 of the `633 Patent. Defendant is accordingly entitled to summary judgment on those claims as they pertain to ProxySG's Pop-Up Blocker.
Likewise, Defendant is entitled to summary judgment of non-infringement under the doctrine of equivalents. Plaintiff offers scant proof on this theory, particularly in regards to how a feature that always deploys mobile protection code is equivalent to the claimed limitation requiring that the communication occur "if the downloadable-information is determined to include executable code." See Pl.'s Opp. 22; see generally Cole Report ¶¶ 533-37. Dr. Cole's cursory conclusion that "[t]he JavaScript is packaged into the received web content with additional code if the web content is determined to include certain code elements, thereby preventing the malicious attack" is insufficiently particular to support a finding, or even a triable issue of fact, of infringement under the doctrine of equivalents. Stumbo v. Eastman Outdoors, Inc., 508 F.3d 1358, 1365 (Fed. Cir. 2007); see also Tex. Instruments, Inc. v. Cypress Semiconductor Corp., 90 F.3d 1558, 1567 (Fed. Cir. 1996) ("[A] patentee must . . . provide particularized testimony and linking argument as to the `insubstantiality of the differences' between the claimed invention and the accused device or process, or with respect to the function, way, result test when such evidence is presented to support a finding of infringement under the doctrine of equivalents.").
Based on the foregoing, Defendant's Motion for Summary Judgment is GRANTED with respect to non-infringement by ProxySG's Pop-Up Blocker of Claims 9 and 10 of the `822 Patent and Claim 8 of the `633 Patent either literally or under the doctrine of equivalents.
Claim 14 of the `633 Patent, as previously construed by the Court, provides:
`633 Patent, cols. 21:58-22:5; Markman Order at 13-14. Relying on the Federal Circuit's ruling in IPXL Holdings, L.L.C. v. Amazon.com, Inc., 430 F.3d 1377 (Fed. Cir. 2005), Defendant contends that Claim 14 is indefinite because it contains both apparatus and method claim limitations, thereby rendering it impossible for one of skill in the art to determine when the claim is infringed. Def.'s Mot. 24-25. Plaintiff asserts that the claim language is sufficiently clear in reciting functional limitations describing the "steps performed by the program code" that is claimed. Pl.'s Opp. 25. These arguments were initially presented in the parties' claim construction briefing and the Court deferred decision until a more fulsome factual evidentiary record could be developed. Markman Order at 13-14. The Court now concludes that Claim 14 is not indefinite.
"[A] patent is invalid for indefiniteness if its claims, read in light of the specification delineating the patent, and the prosecution history, fail to inform, with reasonable certainty, those skilled in the art about the scope of the invention." Nautilus, Inc. v. Biosig Instruments, Inc., 134 S.Ct. 2120, 2124 (2014); 35 U.S.C. § 112. In other words, a patent claim is indefinite if the skilled artisan cannot reasonably determine what conduct constitutes infringement of the claim. IPXL, 430 F.3d at 1384. In IPXL, the Federal Circuit determined that a system claim with a limitation that "the user uses the input means" to perform a certain function was indefinite because it recited both a system and a method for using that system such that the scope of the claimed invention would not be reasonably clear to one of skill in the art. Id. Defendant contends that much as in IPXL, Claim 14 recites an apparatus—the computer product—as well as method claims—the "providing," "receiving," and "causing" limitations—such that it is not clear to the public when infringement occurs. Def.'s Mot. 24. However, "[t]he use of functional language— generally the gerund form of a verb—does not automatically convert the claims into method claims." Radware, Ltd. v. A10 Networks, Inc., No. C-13-02021, 2014 WL 2738538, at *4 (N.D. Cal. June 11, 2014). Rather, courts confronted with an argument that a claim improperly encompasses two statutory classes generally look to see whether the claim language requires the affirmative performance of the functional limitations in order to infringe. Id.; HTC Corp. v. IPCom GmbH & Co., KG, 667 F.3d 1270, 1277-78 (Fed. Cir. 2012); Microprocessor Enhancement Corp. v. Texas Instruments Inc., 520 F.3d 1367, 1374-75 (Fed. Cir. 2008); cf. Rembrandt Data Techs., LP v. AOL, LLC, 641 F.3d 1331, 1339 (Fed. Cir. 2011).
Here, although it is likely undisputed that Claim 14 is poorly drafted, it is clear that infringement does not require performance of the "providing," "receiving," and "causing" limitations. Specifically, the two "wherein" clauses following "providing a system" indicate that the computer readable program code provides a system, wherein the system is linked to the "receiving" and "causing" steps performed by or at the respective system components—the information re-communicator and the mobile code executor. Thus, much as in Radware, the "receiving" and "causing" limitations refer to the functionality of the claimed system, as opposed to actual method steps that must be carried out. Radware, 2014 WL 2738538, at *4.
To be sure, Plaintiff never outright explains its position regarding what constitutes infringement under Claim 14. Nevertheless, based upon Plaintiff's arguments and the testimony of its validity expert, Dr. Trent Jaeger, the Court gathers that Claim 14 is infringed when an accused infringer makes, uses, offers to sell, or sells an apparatus containing a computer usable medium that stores computer readable program code that, if executed, will provide the system capable of performing the functional limitations recited in Claim 14. See Pl.'s Opp. 24-25; Wells Decl. Exh. 13 (Expert Report of Dr. Trent Jaeger, hereinafter "Jaeger Report") ¶¶ 80-81; see also HTC, 667 F.3d 1270 at 1277; Radware, 2014 WL 2738538, at *6. Stated as such, the Court finds no confusion over when infringement of Claim 14 occurs. Defendant's Motion for Summary Judgment is therefore DENIED with respect to indefiniteness of Claim 14.
Plaintiff seeks summary judgment that Defendant infringes all of the asserted claims.
As to the `822 and `633 Patents, Defendant has demonstrated as a matter of law that ProxySG's Pop-Up Blocker does not infringe Claims 9 and 10 of the `822 Patent and Claim 8 of the `633 Patent. Plaintiff also accuses MAA of infringing the asserted claims of the `633 Patent and seeks summary judgment in that respect. Pl.'s Mot. 12-14, 20-22. Defendant, however, has raised a genuine issue of fact concerning whether ProxySG in combination with CAS actually communicates any mobile protection code to the MAA sandbox, as opposed to sending a remote API "call" that triggers actions by the MAA that, by their very nature, intercept actually or potentially malicious code without needing further communication of MPC. Def.'s Opp. 17; Hicks Report ¶ 150. Plaintiff's cross motion is therefore DENIED in its entirety.
In the alternative, Plaintiff requests partial summary judgment that certain claim "elements" are present in the Accused Products. Pl.'s Mot. 10-17. Defendant acknowledges that some of these supposedly undisputed elements are indeed undisputed, but contends that others are very much disputed.
For the foregoing reasons, Plaintiff's Motion for Summary Judgment is DENIED. Defendant's Motion for Summary Judgment is GRANTED IN PART and DENIED IN PART:
1. The motion is DENIED with respect to non-infringement of the `780, `844, `731, and `968 Patents, either literally or under the doctrine of equivalents, as well as with respect to the indefiniteness of Claim 14 of the `633 Patent.
2. The motion is GRANTED with respect to non-infringement (both literal and under the doctrine of equivalents) of the `822 and `633 Patents by the ProxySG Pop-Up Blocker.
