The Software IP Report

Patent Directed to “Data Security System for a Database” Qualifies for Covered Business Method Review at PTAB

In Square Inc v. Protegrity Corp., CBM2014-00182 (March 2, 2016), the Patent Trial and Appeal Board (PTAB) offered some insight as to when patent claims will be subject to covered business method (CBM) review.

The patent at issue is US 8,402,281, titled “Data Security System for a Database.” Claim 33 was one of the illustrative claims, and the primary focus of the CBM analysis:

33. A computer-implemented data processing method comprising:
maintaining a database comprising a plurality of data portions, each data portion associated with a data category;
maintaining a separate data protection table comprising, for at least one data category, one or more data processing rules associated with the data category that must each be satisfied before a data portion associated with the data category can be accessed;
receiving a request to access a data portion associated with a first data category from a user;
determining whether each of the one or more data processing rules associated with the requested data portion are satisfied; and
granting the user access to the requested data portion responsive to each of the retrieved one or more data processing rules being satisfied.

The America Invents Act (AIA) defines a “covered business method” patent as one that “claims a method or corresponding apparatus for performing data processing or other operations used in the practice, administration, or management of a financial product or service, except that the term does not include patents for technological inventions.” AIA § 18(d)(1). CBM review was intended to apply to patents that are “financial in nature, incidental to a financial activity or complementary to a financial activity.” Transitional Program for Covered Business Method Patents—Definitions of Covered Business Method Patent and Technological Invention, 77 Fed. Reg. 48,734, 48,735 (Aug. 14, 2012) (Final Rule) (quoting 157 Cong. Rec. S5432 (daily ed. Sept. 8, 2011) (statement of Sen. Schumer)).

Even though claim 33 does not literally recite data processing as it relates to financial products or services, the PTAB nevertheless found that, by preponderance of the evidence, claim 33 encompasses activities that are financial in nature, incidental to financial activity, or complementary to a financial activity since the claimed method protects against unauthorized data access, which is important in banking.

The PTAB then considered whether claim 33 recites a “technological invention” that would exempt the claim from CBM review. A “technological invention” is one that 1) recites a technological feature that is novel or non-obvious over the prior art, and 2) solves a technical problem using a technical solution. 37 C.F.R. §42.301(b).
In its analysis of the first prong, the PTAB essentially equated the word “technology” to “computer hardware.” The PTAB was not persuaded by any purported novelty of the database and data structures recited in the claim, especially since claim 33 does not recite any particular structure. Accordingly, the PTAB held that claim 33 fails the first prong of the exception.

Although it doesn’t appear that it needed to move on to the second prong, the PTAB proceeded in its analysis and found that claim 33 does not solve a technical problem with a technical solution. The Petitioner set forth a few objectives and problems solved by the ‘281 patent. The PTAB, however, criticized those objectives as lacking any basis in the specification and claims.

Accordingly, the PTAB held that claim 33 of the ‘281 patent is subject to CRM review.

There are several takeaways from this case. This decision suggests that claims could be subject to CBM review even though the claims and specification are not directly linked to financial products or services. Moreover, this decision illustrates that the PTAB likes to see objectives, problem statements, and solutions in the patent specification, as opposed to relying on extrinsic evidence, especially in the context of determining whether the claims solve a technical problem using a technical solution.