Multi-level Encryption Patent Survives § 101 Challenge in District Court
On May 23, 2017, the District Court for the Eastern District of Virginia (“District Court”) denied a motion for summary judgment that the patent claims asserted in a lawsuit brought by TecSec, Inc. (“TecSec”) are invalid under 35 U.S.C. § 101.
In the lawsuit, TecSec accused Adobe Systems, Inc. (“Adobe”) of infringing four related patents directed to a multi-level encryption system that allows “encrypted objects [to] be nested within other [encrypted] objects . . . resulting in multiple layers of encryption.” Representative Claim 1 from the ’702 Patent is reproduced below:
1. A method for providing multi-level multimedia security in a data network, comprising the steps of:
A) accessing an object-oriented key manager;
B) selecting an object to encrypt;
C) selecting a label for the object;
D) selecting an encryption algorithm;
E) encrypting the object according to the encryption algorithm;
F) labelling the encrypted object;
G) reading the object label;
H) determining access authorization based on the object label; and
I) decrypting the object if access authorization is granted.
Patent Eligibility Inquiry
The eligibility inquiry under 35 U.S.C. § 101 proceeds in two steps. First, the court determines whether the patent claim at issue is directed to one of the patent-ineligible concepts (e.g., abstract idea, law of nature, or natural phenomenon) (“step one”). If the claim is not directed to a patent-ineligible concept, the inquiry ends. Otherwise, the court determines whether the claim includes any additional elements that transform the nature of the claim into a patent-eligible application (“step two”). If a claim is found to be directed to a patent-ineligible concept in step one and also lack any additional elements that transform the nature of the claim into a patent-eligible application in step two, the claim is ineligible for patent protection under § 101.
Arguments before the District Court
Adobe argued that the claims in the asserted patents are directed to the abstract idea of “managing access to objects using multiple levels of encryption.” According to Adobe, Claim 1 of the ’702 patent “provides no guidance at all as to how to encrypt an object, how to nest objects, or any specific type of object that the process may operate on” and is thus “abstract because it provides ‘no restriction on how the result is accomplished.’”
TecSec contended that Adobe failed to properly perform the step one analysis “by overgeneralizing the claims, failing to tie the identification of the abstract idea to the claim language at issue, and oversimplifying the claims and downplaying the invention’s benefits.” Further, TecSec argued that there is no risk of preemption because “there are other ways to manage access to objects using multiple levels of encryption that do not require an [object-oriented key manager] component along with the recited encryption and labelling steps.”
District Court’s Discussion
Siding with TecSec, the District Court found that the claims in the asserted patents are not directed to an abstract idea, law of nature, or natural phenomenon. According to the District Court, the patent claims provide “a solution to a computer-centric problem” that “would not exist but for the ubiquity of computer technology.” Rejecting Adobe’s contention that the claims are reducible to “putting a sealed envelope (single-level encryption) into a second sealed envelope (multi-level encryption) for extra security,” the District Court stated that “the claims provide a specific solution” that allows “multiple users in multiple locations [to access] information at different security levels from a central repository.”
Further, the District Court noted that the asserted patents “preempt systems which make use of the specific method of an ‘object-oriented key manager’” without “foreclos[ing] all forms of multi-level security.” Having determined that the patent claims are not directed to an abstract idea, the District Court ended the patent-eligibility analysis and denied Adobe’s motion for summary judgment.
This case illustrates that (i) a solution that is necessarily rooted in computer technology as illustrated in DDR and (ii) evidence of no preemption as illustrated in McRO both continue to play an important role in helping patent owners survive § 101 challenges. When drafting claims, patent applicants should carefully consider how the claims solve a computer-specific problem without preempting all possible ways of solving such a problem.
On the other hand, patent challengers should emphasize how the problem solved by the claims is a conventional one, and not one that exists only because of the Internet or the computer technology. Additionally, patent challengers should point out why the claims impermissibly preempt an entire field of ideas. Here, Adobe presumably had some difficulty arguing that TecSec’s claims cover all types of multi-level encryption because Adobe also had to argue that its multi-level encryption system did not infringe the asserted claims. In such cases, patent challengers may want to, if possible, formulate the abstract idea in a way that does not include their own products.
 TecSec Inc. v. Adobe Systems Inc., et al., Case No. 1:10-cv-115, Doc. No. 879 (E.D. Va. May 23, 2017) (hereinafter “TecSec v. Adobe”).
 U.S. Patent Nos. 5,369,702 (hereinafter “’702 Patent”), 5,680,452, 5,717,755, and 5,898,781.
 See ’702 Patent at 4:25-28.
 Alice Corp. v. CLS Bank Int’l, 134 S. Ct. 2347, 2355 (2014).
 See id.
 Enfish, LLC v. Microsoft Corp., Case No. 2015-1244, slip op. at 18 (Fed. Cir. May 12, 2016).
 See Alice at 2355.
 See id.
 Adobe Systems Inc.’s March 31, 2017 Memorandum in Support of its Motion for Summary Judgment, Case No. 1:10-cv-115, Doc. No. 865 at 13.
 Id. at 16 (citing Internet Patents Corp. v. Active Network, Inc., 790 F.3d 1343, 1347-1348 (Fed. Cir. 2015).
 TecSec, Inc.’s April 18, 2017 Brief in Opposition to Adobe Systems Inc.’s Motion for Summary Judgment, Case No. 1:10-cv-115, Doc. No. 869 at 14 (internal quotations omitted) (citing Enfish at 1338).
 Id. at 24-25.
 TecSec v. Adobe at 6.
 See Id. at 8.
 See Id.
 See Id. at 9.
 See Id. at 6.
 DDR Holdings, LLC v. Hotels.com, L.P., 773 F.3d 1245 (Fed. Cir. 2014).
 McRO, Inc. v. Bandai Namco Games Am. Inc., 837 F.3d 1299 (Fed. Cir. 2016).