State and Federal Statutes

35 U.S.C. § 287(a) and the Burdens of Providing Notice for Pre-Suit Damages: Packet Intelligence LLC, v. Netscout Systems, Inc.

In Packet Intelligence LLC, v. Netscout Systems, Inc. the Federal Circuit reversed a jury determination for pre-suit damages, and vacated an enhancement of such damages, for Netscout’s infringement of U.S. Patent 6,665,725, U.S. Patent 6,839,751, and U.S. Patent 6,954,789, all owned by Packet Intelligence. The patents at issue were all directed to monitoring packets exchanged over a computer network. The ‘798 patent includes system claims, and the ‘725 and ‘751 patents include method claims. It was important in this case that infringement of the various system and method claims have different requirements to qualify for pre-suit damages. Pre-suit damages for the system claims are controlled by the marking requirements of 35 U.S.C. § 287(a), whereas pre-suit damages for the method claims are not. With respect to the method claims of the ‘725 and ‘751 patents, Packet Intelligence argued that evidence of direct infringement of the ‘725 and ‘751 patents was sufficient to merit an award of damages for pre-suit activities. Direct infringement would require the method of the patent claims to actually be practiced, i.e., the steps of method actually performed. However, NetScout’s primary activity was to sell and license software, and, as the Federal Circuit pointed out, method claims… Read More »35 U.S.C. § 287(a) and the Burdens of Providing Notice for Pre-Suit Damages: Packet Intelligence LLC, v. Netscout Systems, Inc.

An Inventor Must Be a Natural Person, Not a Machine

The Bicentennial Man is out of luck.* The Patent Office recently issued a ruling that only a human can be an inventor. The application at issue listed “DABUS” as the sole inventor. DABUS is a collection of neural nets designed as a “creativity machine” by Stephen Thaler, who is also the assignee of the application. The application was filed with the help of a team to serve as a test case for categorizing machines as inventors. The team filed the application not only with the United States Patent and Trademark Office but also with the European Patent Office and the United Kingdom Patent Office. The EPO and the UKIPO both rejected the application by stating that an inventor must be human. The USPTO followed suit, also ruling that an inventor must be a natural person. The ruling starts with the language of Title 35, the part of the U.S. Code pertaining to patents. The statute provides this definition: “The term ‘inventor’ means the individual or, if a joint invention, the individuals collectively who invented or discovered the subject matter of the invention.” 35 U.S.C. § 100(f). In finding that the statutes treat inventors as necessarily human, the PTO relied on… Read More »An Inventor Must Be a Natural Person, Not a Machine

CBM Estoppel Limited to Substantially Identical References

A district court recently held the scope of estoppel from covered-business-method (CBM) review encompasses the references used in the CBM as well as almost-identical references. (Solutran, Inc. v. U.S. Bancorp et al. (D. Minn. 2018).) This dispute started with Solutran suing U.S. Bank for infringement of U.S. Patent No. 8,311,945. The ’945 patent covers a method of processing checks. U.S. Bank retaliated by petitioning for CBM review, claiming that the ’945 patent was obvious over admitted prior art in the patent and U.S. Patent App. No. 2005/0071283 to Randle. The Patent Trial and Appeal Board instituted review but eventually sided with Solutran. Solutran now argues that at trial, U.S. Bank cannot argue obviousness and cannot rely on a reference related to the Randle ’283 application. The estoppel provision for CBM reviews states that the “[p]etitioner … may not assert … in a civil action … that the claim was invalid on any ground that the petitioner raised during” the CBM review. (Pub. L. 112-27, § 18(a)(1)(D), 125 Stat. 330 (2011).) The scope is ostensibly narrower than estoppel from inter partes review or post-grant review, which cover “any ground that the petitioner raised or reasonably could have raised during” the review.… Read More »CBM Estoppel Limited to Substantially Identical References

No Estoppel for Art in Contentions but Not IPR Petition

Earlier this month in Koninklijke Philips N.V. v. Wangs Alliance Corp., Civil Action No. 14-12298-DJC (D. Mass. Jan. 2, 2018), the District of Massachusetts added another case to the majority view of the scope of inter partes review estoppel, deciding that Wangs could assert prior art included in invalidity contentions but omitted from a subsequent IPR petition. Philips had asserted infringement of seven patents: Patent Nos. 6,147,458; 6,250,774; 6,561,690; 6,586,890; 6,788,011; 7,038,399; and 7,352,138. In due course, Wangs filed invalidity contentions against the patents-in-suit, and at the one-year deadline, Wangs petitioned for IPRs. The PTAB granted the IPRs for six of the seven patents. While the court stayed the case, the PTAB handled the IPRs, ruling for Wangs on some claims but not others. In the immediate motion, Philips moved to prevent Wangs from relying on prior art left out of its contentions under local rules, and to estop Wangs from relying on prior art included in its contentions but not in its IPR petitions. Several courts have tackled the IPR estoppel issue, to differing results. Section 315(e) of Title 35 estops a party from raising “any ground that the petitioner raised or reasonably could have raised during that inter… Read More »No Estoppel for Art in Contentions but Not IPR Petition

IPR Estoppel Remains Elusive for Patent Owners

In Finjan v. Blue Coat Systems, LLC, No. 15-cv-03295-BLF, (N.D. Cal. July 28, 2017), the court took the majority view on the scope of Inter Partes review estoppel, finding no estoppel for grounds of invalidity not included in a petition and for grounds of invalidity denied institution by the Patent Trial and Appeal Board. Finjan had sued Blue Coat, among several others, for infringement of several cybersecurity patents relating to “content-based security,” counteracting malicious code in downloaded files based on the behavior of the code rather than a maintained list of viruses and malicious code. Finjan’s enforcement campaign had spawned numerous IPR petitions before the PTAB. Blue Coat had joined four inter partes reviews filed by other defendants against U.S. Patent Nos. 8,677,494 and 8,225,408, which the PTAB instituted, with some claims of the ’494 patent and all claims of the ’408 patent surviving. Finjan moved for summary judgment that the grounds of invalidity left out of the petitions but raised in the litigation against the ’494 and ’408 patents should be estopped. Blue Coat had also filed its own IPR petitions against U.S. Patent Nos. 6,154,844; 6,965,968; 7,418,731; and 8,079,086, but the PTAB denied institution. Finjan moved for summary… Read More »IPR Estoppel Remains Elusive for Patent Owners

Action Brought Under DMCA and CFAA Dismissed (Part II)

In Part I of this post, we discussed copyright infringement and Digital Millennium Copyright Act (DMCA) claims brought in LivePerson, Inc. v. 24/7 Customer Inc., 2015 U.S. Dist. LEXIS 3688, No. 1:2014cv01559 (S.D.N.Y. Jan. 13, 2015). Now we turn to the Computer Fraud and Abuse Act (CFAA) claim brought in the case, and lessons from pleading deficiencies with respect to the CFAA claim. The CFAA establishes a private cause of action against a person who “knowingly accessed a computer without authorization or exceeding authorization” resulting in a loss in excess of $5000 (and other injuries not relevant here). To state a claim for the loss of $5000 or more, Plaintiff must plead that Defendant: (1) accessed a “protected computer”; (2) without any authorization or exceeding its authorized access; and (3) caused loss in excess of $5000. 18 U.S.C. § 1030(g) (2012). The ultimate question here was whether Defendant’s access was unauthorized or exceeded its authorization. (Remember that Defendant already had access pursuant to the license agreement.) There is a circuit split on the issue of when access exceeds authorization; the Second Circuit has not yet ruled on the issue. The First, Fifth, Seventh, and Eleventh Circuits have held that a… Read More »Action Brought Under DMCA and CFAA Dismissed (Part II)

Hi-Jacked LinkedIn Account Doesn’t Cause “Loss” Under the CFAA

A plaintiff’s claim under the Computer Fraud and Abuse Act, 18 U.S.C. §§ 1030(a)(2)(C) and 1030(a)(5)(C), based on her ex-employer’s alleged hi-jacking of her LinkedIn account, has failed to survive the defendant’s motion for summary judgment because the plaintiff failed to show a “loss” under the CFAA.  Eagle v. Morgan, No. 11-4303 (E.D. Pa. Oct. 4, 2012). The plaintiff had maintained a LinkedIn account identifying her as the defendant’s president while she was so employed.  After the defendant fired her, it changed the password on the plaintiff’s LinkedIn account so as to deny her access.  The defendant also edited the LinkedIn account to identify it with the defendant’s new president. As discussed elsewhere on this blog, different courts have taken different approaches to defining “loss” under the CFA.  According to this court, a legally cognizable “loss” under the CFAA requires “impairment or damage to a computer or computer system,” or at least “lost revenue resulting from an interruption of service or the inoperability of computers.”  Mere allegations of harm to an ongoing business are insufficient. Here, the plaintiff had adduced at most evidence that she had “missed out” on professional opportunities because of her inability to access the LinkedIn account.… Read More »Hi-Jacked LinkedIn Account Doesn’t Cause “Loss” Under the CFAA

4th Circuit Adopts Narrow Construction of CFAA

Does an employee act “without authorization” or “exceed authorized access” under the Computer Fraud and Abuse Act, 18 USC § 1030, by accessing  computers with a username and password provided by an employer, albeit in a manner against the employer’s policies and/or interests?  The Fourth Circuit has joined other courts taking a narrow view of the CFAA, holding that the statute does not give rise to a cause of action in such circumstances.  WEC Carolina Energy Solutions, Inc. v. Miller, 687 F.3d 199 (4th Cir. July 26, 2012). Mike Miller, before resigning his employment from the plaintiff, WEC, allegedly obtained proprietary information that he subsequently used to successfully win business on behalf of Arc Energy Solutions, WEC’s competitor.  Miller and his assistant, Kelly, allegedly downloaded documents and emailed them to personal email addresses.  The downloading was accomplished via user accounts that WEC had provided to Miller and Kelly.  The District Court held that this conduct could not be the basis for a CFAA claim. As the Fourth Circuit noted, and as a review of CFAA cases discussed on this blog amply illustrates, the circuits (and the district courts) have been split on the issue of whether an employee using an… Read More »4th Circuit Adopts Narrow Construction of CFAA

Violations of Employer’s Computer Use Restrictions Does Not Violate CFAA

Hospital employees did not “exceed authorized access” under the Computer Fraud and Abuse Act (CFAA), 18 USC § 1030, when they violated the hospital’s computer usage policy by attaching removable storage devices to computers that they were otherwise authorized to access.  Wentworth-Douglass Hospital v. Young & Novis Professional Ass’n., No. 10-cv-120-SM (D. N.H. June 29, 2012). The plaintiff hospital brought its claim under the CFAA, 18 USC § 1030(a)(2)(C), because the defendants allegedly “without the prior authorization and approval of the [hospital’s] Information Systems Department and in violation of the [hospital’s use policy], . . . connected removable storage devices or external hardware to hospital computers and obtained or altered information from [hospital] computers . . . that they were not entitled to obtain or alter.”  The defendants argued that they should not be liable for “exceeding authorized access” in light of the recent Ninth Circuit decision in United States v. Nosal, 676 F.3d 854 (9th Cir. 2012).  The Nosal court held “that the phrase ‘exceeds authorized access’ in the CFAA does not extend to violations of use restrictions.” The court here agreed that the narrow view of “exceeds authorized access” under the CFAA was the better interpretation.  Where an… Read More »Violations of Employer’s Computer Use Restrictions Does Not Violate CFAA

Attempted CFAA Class-Action Claim Against Amazon Dismissed on Failure to Plead “Loss”

Plaintiffs seeking to bring a class action lawsuit against Amazon failed to allege a “loss” under the Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030, by simply pleading that Amazon had taken and exploited, for financial gain, private information that the plaintiffs could not show had financial value to them.  Del Vecchio v. Amazon.com, Inc., No. C11-366RSL (W.D. Wash. June 1, 2012). The plaintiffs alleged that Amazon circumvented browsers’ security settings to force users to accept cookies, and used gathered information for its benefit and for the benefit of third parties in contravention of its Privacy Notice.  The plaintiffs further alleged that class members’ property rights, and their rights to control dissemination of their own information, were violated in an amount “substantially in excess of 1/100 of one cent” for each class member.  Plaintiffs accordingly sought “relief on behalf of themselves and a proposed class under the” CFAA, as well as various state laws.  Amazon brought its third motion to dismiss after the plaintiffs amended their complaint for the second time. A civil cause of action under the CFAA requires a showing of “loss to 1 or more persons during any 1-year period . . . aggregating at least… Read More »Attempted CFAA Class-Action Claim Against Amazon Dismissed on Failure to Plead “Loss”