On January 10, 2018, the Court of Appeals for the Federal Circuit handed down Finjan, Inc. v. Blue Coat Systems, Inc.[1] Finjan sued Blue Coat, a subsidiary of rival Symantec Corp., for patent infringement of four of its patents dealing with cybersecurity methods and systems: U.S. Patent Nos. 6,154,844 (‘844), 7,418,731 (‘731), 6,965,968 (‘968), and 7,647,633 (‘633 patent).[2] A jury trial found that Blue Coat infringed these four patents and awarded varying damage amounts to Finjan. A separate bench trial found that the ‘844 patent was directed to a patent-eligible subject matter under 35 U.S.C. §101. The infringement finding of the ‘633 patent was not appealed, and therefore, was not at-issue on appeal. [3]
This is a case chock full of issues, including patent subject matter eligibility, infringement, non-infringement, and damages. The Fed Circuit panel affirmed-in-part (patent-eligibility and infringement of the ‘844 and ‘731 patents, and damages of the ‘731 and ‘633 patents), reversed-in-part (infringement and damages of the ‘968 patent), and remanded-in-part (damages as to the ‘844 patent). This post will only deal with the patent-eligibility of the ‘844 patent.
Claim 1 of the ‘844 patent recites as follows:
A method comprising:
receiving by an inspector a Downloadable;
generating by the inspector a first Downloadable security profile that identifies suspicious code in the received Downloadable; and
linking by the inspector the first Downloadable security profile to the Downloadable before a web server makes the Downloadable available to web clients.[4]
Claim construction at the district court held that the term “Downloadable” was construed to mean “an executable application program, which is downloaded from a source computer and run on the destination computer.”[5] Further, the district court held that “Downloadable security profile that identifies suspicious code in the received Downloadable” was defined as “a profile that identifies code in the received Downloadable that preforms hostile or potentially hostile operations.”[6]
The Fed Circuit panel, consisting of Judges Dyk, Linn, and Hughes, started its legal analysis with the two-step Alice test. That is, in order to determine whether a claim is directed toward patent-eligible subject matter under §101, the reviewer must first determine if the claim is directed to one of the judicially-excluded exceptions: law of nature, natural phenomenon, or abstract idea.[7] If so, the claim’s elements are then reviewed to determine if additional elements transform the claim into something “significantly more” than the abstract idea itself.[8]
The panel looked at two recent Fed Circuit decisions for guidance on §101 patent-eligibility. In Intellectual Ventures I LLC v. Symantec Corp.,[9] the court held that “virus screening is well-known and constitutes an abstract idea.”[10] However, the Finjan ‘844 patent did significantly more than just virus screen. Rather, it is based on a “behavior-based” approach to virus screening, which analyzes a downloaded code for potentially harmful operative code which it can then detect the presence of a virus or other malicious code.[11] This is contrasted with the traditional “code-matching” process which just looks for the presence of a known virus.
Additionally, the Fed Circuit panel looked at Enfish for further guidance. In Enfish, the court determined that any software-based invention can make non-abstract improvements to computers and thus be deemed patent-eligible subject matter under §101 at step 1 of the Alice test without continuing the analysis to step 2 of the test.[12] The Enfish self-referential database allowed users to launch and construct databases in new ways, and did not merely allow a computer to perform regular tasks.[13] The Finjan ‘844 patent actually allows security system to tailor access to different users based on the security threat presented by its security profile. This behavior-based approach to cybersecurity is a non-abstract improvement of the functionality of computers, rather than the merely abstract idea of computer security.[14]
Indeed, the Fed Circuit panel determined:
Here, the claims recite more than a mere result. Instead, they recite specific steps – generating a security profile that identifies suspicious code and linking it to a downloadable – that accomplish the desired result. Moreover, there is no contention that the only thing disclosed is the result and not an inventive arrangement for accomplishing the result . . . . The idea is non-abstract and there is no need to proceed to step two of Alice.[15]
Finjan stands for the proposition that a rather broad, and arguably vague, claim could still pass the rigors of an Alice test analysis. While there have been a number of Fed Circuit cases interpreting Alice, there may be a need for a full en banc decision to demonstrate a more clear-cut Alice interpretative roadmap to assist practitioners.
[1] ___F.3d___ (Fed. Cir. 2018), 2018 U.S. App. LEXIS 601 (Fed. Cir. Jan. 10, 2018), aff’g-in-part, rev’g-in-part, remand-in-part, 2017 WL 446886 (N.D. Cal. Feb. 2, 2017).
[2] Id. (slip op. at 2-3).
[3] Id.
[4] Id. (slip op. at 5).
[5] Id.
[6] Id.
[7] See Alice Corp. v. CLS Bank Int’l, 134 S. Ct. 2347, 2354-55 (2014); Finjan, supra (slip op. at 4).
[8] Finjan, supra (slip op. at 4); Alice, supra, at 2355; see also Mayo Collaborative Servs. v. Prometheus Labs, Inc., 132 S. Ct. 1289, 1294 (2012).
[9] 838 F.3d 1307, 1319 (Fed. Cir. 2016).
[10] Id.
[11] Finjan, supra (slip op. at 5-6).
[12] See Enfish, LLC v. Microsoft Corp., 822 F.3d 1327, 1335-36 (Fed. Cir. 2016); Finjan, supra (slip op. at 7).
[13] Enfish, supra at 1336; Finjan, supra (slip op. at 7).
[14] Finjan, supra (slip op. at 8).
[15] Id. (slip op. at 9).
2 thoughts on “Fed Circuit Watch: Finjan Survives Alice Test for Subject Matter Eligibility”
Comments are closed.