cryptography word cloud

Link to Case: TecSec, Inc. v. Adobe Inc., No. CV-19-2192, slip op. (Fed. Cir. October 23, 2020)

On Friday, October 23, 2020, the United States Court of Appeals for the Federal Circuit (CAFC) released their opinion for the latest round in the TecSec, Inc. v. Adobe Inc. saga. This time, the court addressed the eligibility of several of TecSec's "DCOM" patent claims. As the court noted, DCOM or Distributed Cryptographic Object Method is used to enhance systems' security for transmitting files in a data network. TecSec's patents focus on assigning a security level to documents according to a certain combination of access controls and encryption. Claim 1 of U.S. Patent No. 5,369,702 (the '702 patent) recites:

  1. method for providing multi-level multimedia security in a data network, comprising the steps of:

A) accessing an object-oriented key manager;
B) selecting an object to encrypt;
C) selecting a label for the object;
D) selecting an encryption algorithm;
E) encrypting the object according to the encryption algorithm;
F) labelling the encrypted object;
G) reading the object label;
H) determining access authorization based on the object label; and
I) decrypting the object if access authorization is granted.

Procedural History

TecSec filed its complaint related to the DCOM patents in 2010, alleging infringement by Adobe, IBM, and others. In March 2011, after staying all defendants besides IBM, the district court construed claims which included the term "multimedia." The court's constructions led it to a finding of non-infringement, and the Federal Circuit affirmed.

When the Adobe cases proceeded, though, after the district court found non-infringement based on their claim construction of "multimedia," the CAFC reversed the district court's construction. In October 2014, just over a year since TecSec's DCOM patents had expired, the district court granted Adobe's motion for summary judgment finding non-infringement. The CAFC again remanded, citing material issues of fact.

After failing to nudge the district court on in a 101 challenge, Adobe again filed a non-infringement judgment motion in April 2018. The district court denied the motion in June 2018, and two months later, in August, Adobe stipulated that there had been "at least one occasion" of direct infringement. In October 2018, with trial nearing, Adobe asked the court in an omnibus motion in limine to preclude argument, evidence, or testimony over intent to induce or willfully infringe unless TecSec conceded the admissibility of the court's previous order (finding non-infringement in 2011). TecSec did not indicate that it would the admission would give it pause to proceed on the issues.

On November 9, 2018, during oral argument, the court indicated its intention to preclude any reference to Adobe's post-March 2011 conduct. Effectually the court made the admissibility issue immaterial. On November 13, before the court ruled, TecSec filed a supplemental brief arguing that "the Court should not preclude TecSec from presenting evidence on Adobe's intent to induce infringement." On November 21, 2018, the district court granted Adobe's motion to exclude the evidence, noting that after the favorable claim construction, Adobe could not have the requisite intent to induce third-party infringement and that admitting the evidence would confuse the jury. The jury ultimately found that Adobe had directly infringed all asserted claims but had not committed inducement, awarding TecSec $1.75 million in damages. In ruling on Adobe's post-trial motion, the court did not disturb the verdicts of infringement and invalidity. Still, it changed the jury award to $0, explaining that TecSec had only presented evidence supporting damages under the theory of inducement.

Induced Infringement

The CAFC began by reiterating, "where a district court rules, as a matter of patent law, that a party is precluded from introducing evidence, we apply Federal Circuit law and review the district court's ruling de novo."

Willfulness and the Standard of Intent

The CAFC reversed the district court's Motion in Limine ruling and related exclusion of evidence related to inducement. They noted Halo Electronics, Inc. v. Pulse Electronics, Inc., 136 S. Ct. 1923 (2016), which held that a finding of willfulness "may rest on the subjective bad faith of the infringer" despite objective indicators and is, therefore, a fact issue. The CAFC next brought up Cheek v. United States, 498 US 192 (1991), where the Court found that the jury had to be permitted to decide whether a taxpayer in good faith believed the incorrect, legally payment was not due, despite objective reasonableness of that belief. Similarly, Adobe might have thought that the March 2011 claim construction would likely be reversed.

Jury Confusion

The Federal Circuit next seized on the district court's second ground for excluding the evidence, that "allowing TecSec to argue [post-March 3, 2011] induced or willful infringement . . . would taint the trial and any verdict with undue prejudice and juror confusion." The CAFC found this ruling in err whether they reviewed it de novo or for abuse of discretion.

The CAFC rejected Adobe's advocation for the district court's rationale, invoking Rule 403 of the Federal Rules of Evidence, explaining that this evidentiary exclusion rule did not contemplate such a broad application as the court made in the instant case. They found no precedential support for such a foreclosure of liability and reasoned that the district court would have had to consider more evidence to determine that the court could not fairly try the case. Nor did the district court consider such means as cautionary jury instructions to reduce unfairness. Finally, the CAFC noted that the district court decided for itself that the evidence would be far too prejudicial to TecSec, despite its intent to proceed with the inducement theory even if the district court admitted the evidence.

Jury Instructions

After rejecting Adobe's willfulness argument, the CAFC rejected TecSec's challenge of several Jury Instructions. Specifically, TecSec challenged Jury Instruction Nos. 25 and 28, questioning the inclusion of a February 2009 blog post wherein an employee documented direct infringement, arguing that it had "never agreed that Adobe only admitted to a single act of infringement," and therefore, the instruction was misleading. However, the CAFC rejected this argument, noting that the instructions "left TecSec free to argue" regarding other instances of Adobe-admitted infringement.

TecSec next challenged Jury Instruction No. 28, where the district court told the jury that inducement of infringement requires affirmative action and that "mere inaction" was not enough. TecSec argued that this instruction "opened the door" for Adobe to imply that TecSec had accused Adobe only of inaction. But the CAFC quashed this challenge, noting that TecSec was not challenging the instruction's accuracy but Adobe's conduct. It went on to note that TecSec forfeited a challenge to the closing argument by failing to object contemporaneously.

Damages

Next, the CAFC rejected TecSec's challenge regarding the district court's reduction of the jury's damage award to zero. TecSec argued that 35 USC §284 entitled it to a non-zero reasonable royalty. But the CAFC reiterated that a patent owner might waive its right to damages when it deliberately "abandons valid theories of recovery in the singular pursuit of an ultimately invalid damages theory." Promega Corp. v. Life Techs. Corp., 875 F.3d 651, 666 (Fed. Cir. 2017). Since infringement only occurred after users bought the Adobe software (when installed), direct infringement cannot directly measure damages to levy against Adobe.

Eligibility under 35 U.S.C. §101

Among the CAFC's discussion was a hearty analysis of Adobe's cross-appeal of the district court's dismissal of its ineligibility argument. The CAFC discussed the foundation of the abstract idea exception under Alice and the resulting two-step test. The CAFC noted that at step 1 of the inquiry, a court should consider whether the claims at issue are "directed to" one of the judicial exceptions. The CAFC again reiterated its caution against "overgeneralizing claims" in the § 101 analysis. It started analysis of Step 1 by looking to whether the claims focused on specific improvements to computer capabilities or were just directed to an abstract idea using computers "merely as a tool." The CAFC has found two inquiries significant: (1) whether the focus of the claimed advance is on a solution to "a problem specifically arising in the realm of computer networks"; and (2) whether the claim identifies a specific improvement to computer capabilities. The court then discussed several cases on either side of the line of eligibility, followed by a reiteration that "the accuracy of [the characterization of what the claims require] is crucial to the sound conduct of inquiries into the problem being addressed."

The CAFC rebutted Adobe's characterization of the claims being "directed to the impermissibly abstract idea of managing access to objects using multiple levels of encryption" as materially inaccurate. Homing in on claim 1, the CAFC reasoned that:

"Claim 1 requires more. It goes beyond managing access to objects using multiple levels of encryption … Notably, it expressly requires, as well, accessing an 'object-oriented key manager' and specified use of a 'label' as well as encryption for the access management."

'702 patent, col. 12, lines 4-16. The CAFC found the prosecution history significant. In responding to an indefiniteness rejection, TecSec defined "object-oriented key manager" as "a software component that manages the encryption of an object by performing one or more of the functions of generating, distributing, changing, replacing, storing, checking on, and destroying cryptographic keys." Importantly, the "labels" within the manager are also encrypted. The CAFC then noted sections of the specification that described secure labeling improvement in terms of access control and usability by security officers and administrators.

The CAFC made a point to address the fact that the claims addressed a specific problem in computing:

"While non-computer settings may have security issues addressed by multilevel security, it does not follow that all patents relating to multilevel security are necessarily ineligible for patenting. Here, although the patent involves multilevel security, that does not negate the conclusion that the patent is aimed at solving a particular problem of multicasting computer networks."

The CAFC finally rejected Adobe's modified definition of the asserted claims, "[t]he representative claims are directed to the abstract idea of managing access to objects using multiple layers of encryption and labels." The CAFC found the argument that Adobe's view that the techniques of the claim are "commonplace," it did not meaningfully address the combination that the patent asserts "as the focus of the claimed advance."