ZTE Corporationv.ContentGuard Holdings, Inc.Download PDFPatent Trial and Appeal BoardJul 1, 201411304794 (P.T.A.B. Jul. 1, 2014) Copy Citation Trials@uspto.gov Paper 61 571-272-7822 Entered: July 1, 2014 UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________ ZTE CORPORATION AND ZTE (USA) INC., Petitioner, v. CONTENTGUARD HOLDINGS, INC., Patent Owner. ____________ Case IPR2013-00133 Patent 7,523,072 B2 ____________ Before JAMESON LEE, MICHAEL W. KIM, and MICHAEL R. ZECHER, Administrative Patent Judges. ZECHER, Administrative Patent Judge. FINAL WRITTEN DECISION 35 U.S.C. § 318(a) and 37 C.F.R. § 42.73 IPR2013-00133 Patent 7,523,072 B2 2 I. BACKGROUND A. Introduction On February 11, 2013, ZTE Corporation and ZTE (USA) Inc. (“ZTE”) filed a Petition requesting inter partes review of claims 1–25 (“the challenged claims”) of U.S. Patent No. 7,523,072 B2 (“the ’072 patent”). Paper 3. In response to a notice of defect(s) in the Petition, ZTE filed a corrected Petition (“Pet.”) on February 15, 2013. 1 Paper 10. ContentGuard Holdings Inc. (“ContentGuard”) 2 timely filed a Patent Owner Preliminary Response. Paper 13. Taking into account ContentGuard’s Preliminary Response, the Board determined that the information presented in the Petition demonstrated that there was a reasonable likelihood that ZTE would prevail in challenging claims 1–25 as unpatentable under 35 U.S.C. § 102(b). Pursuant to 35 U.S.C. § 314, the Board instituted this proceeding on July 1, 2013, as to the challenged claims of the ’072 patent. Paper 15 (“Dec.”). After institution of trial, ContentGuard timely filed a Patent Owner Response (Paper 31, “PO Resp.”), and did not file a motion to amend. ZTE subsequently filed a Reply. Paper 38 (“Pet. Reply”). A consolidated oral hearing for IPR2013-00133, IPR2013-00137, IPR2013-00138, and IPR2013-00139, each involving the same parties, was held on February 26 and 27, 2014. The transcript of the consolidated hearing has been entered into the record. Papers 58–60. 1 The term “the Petition” in this final written decision refers to the corrected petition unless indicated otherwise. 2 The mandatory notice filed pursuant to 37 C.F.R. § 42.8(b)(1) indicates that ContentGuard Holdings, Inc. and Pendrell Corporation are the real parties-in-interest. Paper 12, 2. IPR2013-00133 Patent 7,523,072 B2 3 We have jurisdiction under 35 U.S.C. § 6(c). This final written decision is issued pursuant to 35 U.S.C. § 318(a). Based on the record before us, ZTE has not demonstrated by a preponderance of the evidence that the challenged claims of the ’072 patent are unpatentable. B. Related Proceedings ZTE indicated that the ’072 patent was asserted against it in a patent infringement lawsuit titled ContentGuard Holdings Inc. v. ZTE Corp., No. 1:12-cv-0206-CMH-TCB, filed in the United States District Court for the Eastern District of Virginia on February 27, 2012. Pet. 1. According to ZTE, this patent infringement lawsuit was transferred to the United States District Court for the Southern District of California on May 21, 2012. Id. ContentGuard does not dispute that it asserted the ’072 patent against ZTE. ZTE also filed five other petitions seeking inter partes review of the following patents owned by ContentGuard: U.S. Patent No. 7,225,160 (IPR2013-00134); U.S. Patent No. 7,359,884 (IPR2013-00136); U.S. Patent No. 6,963,859 (IPR2013-00137); U.S. Patent No. 7,139,736 (IPR2013- 00138); and U.S. Patent No. 7,269,576 (IPR2013-00139). Id. C. The Invention of the ’072 Patent The invention disclosed in the ’072 patent generally relates to distributing and enforcing usage rights for digital works. Ex. 1001, 1:27–28. A digital work refers to any work that has been reduced to a digital representation, including any audio, video, text, or multimedia work, and any accompanying interpreter, e.g., software, which may be required to recreate or render the content of the digital work. Ex. 1001, 6:3–7. Usage rights refer to rights granted to a recipient of a digital work that define the manner in which a digital work may be used and distributed. Ex. 1001, IPR2013-00133 Patent 7,523,072 B2 4 4:13–16; 6:9–12. According to the ’072 patent, objectives of the disclosed invention include the following: (1) providing the owner of a digital work the flexibility to distribute the digital work as desired; and (2) a distribution system that transports a means for billing with the digital work. Ex. 1001, 3:15–17; 4:1–3. The ’072 patent discloses permanently attaching usage rights to the digital work. Ex. 1001, 6:16–17. Copies of the digital work also will have the usage rights attached thereto. Ex. 1001, 6:17–18. Therefore, any usage rights and associated fees assigned by the creator and subsequent distributor of the digital work always will remain with the digital work. Ex. 1001, 6:18–21. The ’072 patent further discloses that repositories enforce the usage rights of digital works. Ex. 1001, 4:26–27; 6:22–23. In particular, repositories store digital works, control access to digital works, bill for access to digital works, and maintain the security and integrity of the digital works stored therein. Ex. 1001, 6:23–26. Figure 1 of the ’072 patent, reproduced below, illustrates the basic operations of the disclosed invention. Ex. 1001, 4:52–54; 6:38–40. IPR2013-00133 Patent 7,523,072 B2 5 At shown in step 101 of Figure 1 of the ’072 patent, a creator creates a digital work. Ex. 1001, 6:40–41. At step 102, the creator determines the appropriate usage rights and fees, attaches them to the digital work, and stores the digital work with the associated usage rights and fees in repository 1. Ex. 1001, 6:41–43. At step 103, repository 1 receives a request to access the digital work from repository 2. Ex. 1001, 6:46–48. Such a request, or session initiation, includes steps that help ensure that repository 1 and repository 2 are trustworthy. Ex. 1001, 6:48–51. At step 104, repository 2 requests access to the digital work stored in repository 1 for a stated purpose, e.g., to print the digital work or obtain a copy of the digital work. Ex. 1001, 6:51–55. At step 105, repository 1 checks the usage rights associated with the digital work stored therein to determine if access to the digital work may be granted. Ex. 1001, 6:56–58. At step 106, if IPR2013-00133 Patent 7,523,072 B2 6 access is denied, repository 1 terminates the session with repository 2 by transmitting an error message. Ex. 1001, 6:62–63. At step 107, if access is granted, repository 1 transmits the digital work to repository 2. Ex. 1001, 6:63–65. At step 108, both repository 1 and 2 generate billing information prior to transmitting the billing information to a credit server. Ex. 1001, 6:65–7:1. The use of both repositories 1 and 2 for billing prevents attempts to circumvent the billing process. Ex. 1001, 7:1–2. Figure 2 of the ’072 patent, reproduced below, illustrates the various types of repositories and the transaction flow between them. Ex. 1001, 4:55–57; 7:3–6. As shown in Figure 2 of the ’072 patent, repository 201 represents a general instance of a repository having the following two modes of operation: (1) a server mode; and (2) a requester mode. Ex. 1001, 7:8–10. When repository 201 is in server mode, it receives and processes access requests for digital works. Ex. 1001, 7:11–12. When repository 201 is in requester mode, it initiates requests to access digital works. Ex. 1001, 7:12– 14. IPR2013-00133 Patent 7,523,072 B2 7 During the course of operation, repository 201 may communicate with a plurality of other repositories, including rendering repository 203. Ex. 1001, 7:16–21. Communication with rendering repository 203 occurs in connection with rendering a digital work. Ex. 1001, 7:31–32. According to the ’072 patent, rendering repository 203 is coupled to a rendering device, e.g., a printer device, to comprise a rendering system. Ex. 1001, 7:32–35. D. Illustrative Claim Claims 1, 10, and 18 are independent claims. Claims 2–9 depend directly from independent claim 1, claims 11–17 depend directly or indirectly from independent claim 10, and claims 19–25 depend directly or indirectly from independent claim 18. Independent claim 1 is illustrative of the disclosed invention and is reproduced below: 1. A method for securely rendering digital documents, comprising: retrieving, by a document platform, a digital document and at least one usage right associated with the digital document from a document repository, the at least one usage right specifying a manner of use indicating the manner in which the digital document can be rendered; storing the digital document and the at least one usage right in separate files in the document platform; determining, by the document platform, whether the digital document may be rendered based on the at least one usage right; and if the at least one usage right allows the digital document to be rendered on the document platform, rendering the digital document by the document platform. Ex. 1001, 52:8–22 (emphasis added). IPR2013-00133 Patent 7,523,072 B2 8 E. Prior Art Relied Upon ZTE relies upon the following prior art reference: Comerford EP 0268139 A2 May 25, 1988 Ex. 1012 (hereinafter “EP ’139”) F. Ground of Unpatentability We instituted this proceeding based on just one ground of unpatentability set forth in the table below. Claims Basis Reference 1–25 § 102(b) EP ’139 II. ANALYSIS ZTE has to prove unpatentability by a preponderance of the evidence. 35 U.S.C. § 316(e). In patent law, “the name of the game is the claim.” In re Hiniker Co., 150 F.3d 1362, 1369 (Fed. Cir. 1998). Therefore, we begin our analysis with claim construction, and then follow with our analysis regarding whether EP ’139 anticipates the challenged claims. A. Claim Construction In an inter partes review, claim terms in an unexpired patent are interpreted according to their broadest reasonable interpretation in light of the specification of the patent in which they appear. 37 C.F.R. § 42.100(b); Office Patent Trial Practice Guide, 77 Fed. Reg. 48,756, 48,766 (Aug. 14, 2012). Under the broadest reasonable interpretation standard, claim terms are given their ordinary and customary meaning as would be understood by one of ordinary skill in the art in the context of the disclosure. In re Translogic Tech., Inc., 504 F.3d 1249, 1257 (Fed. Cir. 2007). However, if an inventor acts as his or her own lexicographer, the definition must be set IPR2013-00133 Patent 7,523,072 B2 9 forth in the specification with reasonable clarity, deliberateness, and precision. Renishaw PLC v. Marposs Societa’ per Azioni, 158 F.3d 1243, 1249 (Fed. Cir. 1998). An extraneous limitation should not be read into the claims from the specification. See e.g., E.I. du Pont de Nemours & Co. v. Phillips Petroleum Co., 849 F.2d 1430, 1433 (Fed. Cir. 1988). An extraneous limitation is one where its presence in a claim is unnecessary to make sense of the claim. See, e.g., In re Paulsen, 30 F.3d 1475, 1480 (Fed. Cir. 1994); Renishaw PLC, 158 F.3d at 1249. The construction that stays true to the claim language and most naturally aligns with the inventor’s description is likely the correct interpretation. See Renishaw PLC, 158 F.3d at 1250. The challenge is to interpret claims without unnecessarily importing limitations from the specification into the claims. See E-Pass Techs., Inc. v. 3Com Corp., 343 F.3d 1364, 1369 (Fed. Cir. 2003). “Repository” (Claims 1, 10, and 18) In its Petition, ZTE did not provide an explicit construction for the claim term “repository.” In its Patent Owner Preliminary Response, ContentGuard contended that “repository” should be construed as “a trusted system for supporting usage rights.” Prelim. Resp. 18–19. ContentGuard then cited to several portions of the specification of the ’072 patent that allegedly support its proposed claim construction. Id. at 19–21 (citing to Ex. 1001, 11:58–67; 12:63–64; 13:15–20; 51:33–37). When instituting trial, we construed “repository” as “a trusted system which maintains physical, communications and behavioral integrity, and supports usage rights.” Dec. 10. For reasons discussed below, we adhere to the same interpretation for this final written decision. IPR2013-00133 Patent 7,523,072 B2 10 The specification provides a glossary that explicitly sets forth a definition for “repository.” For convenience, that glossary definition is reproduced below: Conceptually a set of functional specifications defining core functionality in the support of usage rights. A repository is a trusted system in that it maintains physical, communications and behavioral integrity. Ex. 1001, 51:34–37 (emphasis added). By setting forth the term in a glossary and using the verb “is” following “repository” in the second sentence, the specification sets forth an explicit definition of “repository” as “a trusted system in that it maintains physical, communications and behavioral integrity.” The first sentence also is relevant to the definition of “repository” because it specifies that the repository supports usage rights. Accordingly, we construe “repository” as “a trusted system which maintains physical, communications and behavioral integrity, and supports usage rights.” However, our analysis does not end here. In order to understand “a trusted system,” it is necessary to construe “physical integrity,” “communications integrity,” and “behavioral integrity.” Those terms are described in a section of the specification labeled “Repositories.” Ex. 1001, 11:58–14:32. For “physical integrity,” the specification describes the following: Physical integrity refers to the integrity of the physical devices themselves. Physical integrity applies both to the repositories and to the protected digital works. Thus, the higher security classes of repositories themselves may have sensors that detect when tampering is attempted on their secure cases. In addition to protection of the repository itself, the repository design protects access to the content of digital works. In contrast with the design of conventional magnetic and optical devices-such as IPR2013-00133 Patent 7,523,072 B2 11 floppy disks, CD-ROMs, and videotapes-repositories never allow non-trusted systems to access the works directly. A maker of generic computer systems cannot guarantee that their platform will not be used to make unauthorized copies. The manufacturer provides generic capabilities for reading and writing information, and the general nature of the functionality of the general computing device depends on it. Thus, a copy program can copy arbitrary data. This copying issue is not limited to general purpose computers. It also arises for the unauthorized duplication of entertainment “software” such as video and audio recordings by magnetic recorders. Again, the functionality of the recorders depends on their ability to copy and they have no means to check whether a copy is authorized. In contrast, repositories prevent access to the raw data by general devices and can test explicit rights and conditions before copying or otherwise granting access. Information is only accessed by protocol between trusted repositories. Ex. 1001, 12:1–26 (emphases added). The description reproduced above makes use of permissive terms such as “may” and “can” and, thus, do not reflect or indicate a required limitation for “physical integrity.” The specification also appears to use the terms or phrases in each of the following three groups interchangeably: 1. data, content, digital work, information; 2. non-trusted system, general device; and 3. “never allow access” and “prevent access.” When referring to the relationship between the repository and data, the specification uses absolute terms such as “never” and “only.” In light of the foregoing, we construe “physical integrity” as “preventing access to information by a non-trusted system.” For “communications integrity,” the specification describes the following: IPR2013-00133 Patent 7,523,072 B2 12 Communications integrity refers to the integrity of the communications channels between repositories. Roughly speaking, communications integrity means that repositories cannot be easily fooled by “telling them lies.” Integrity in this case refers to the property that repositories will only communicate with other devices that are able to present proof that they are certified repositories, and furthermore, that the repositories monitor the communications to detect “impostors” and malicious or accidental interference. Thus the security measures involving encryption, exchange of digital certificates, and nonces described below are all security measures aimed at reliable communication in a world known to contain active adversaries. Ex. 1001, 12:27–39 (emphases added). We construe “communications integrity” as “only communicates with other devices that are able to present proof that they are trusted systems, e.g., by using security measures such as encryption, exchange of digital certificates, and nonces.” The Encyclopedia of Cryptography defines “nonce” as “[a] number used in a cryptographic protocol to indicate the unique character of a message.” ENCYCLOPEDIA OF CRYPTOGRAPHY 197 (1997) (Ex. 3001). For “behavioral integrity,” the specification describes the following: Behavioral integrity refers to the integrity in what repositories do. What repositories do is determined by the software that they execute. The integrity of the software is generally assured only by knowledge of its source. Restated, a user will trust software purchased at a reputable computer store but not trust software obtained off a random (insecure) server on a network. Behavioral integrity is maintained by requiring that repository software be certified and be distributed with proof of such certification, i.e. a digital certificate. The purpose of the certificate is to authenticate that the software has been tested by an authorized organization, which attests that the software does what it is supposed to do and that it does not compromise the behavioral integrity of a repository. If the digital certificate IPR2013-00133 Patent 7,523,072 B2 13 cannot be found in the digital work or the master repository which generated the certificate is not known to the repository receiving the software, then the software cannot be installed. Ex. 1001, 12:40–56 (emphases added). We construe “behavioral integrity” in the context of a repository as “requiring software to include a digital certificate in order to be installed in the repository.” We acknowledge that the record is not without evidence contrary to our claim interpretation. The nature of claim interpretation, however, is to come to the appropriate conclusion in light of all of the evidence. All of the evidence does not have to point uniformly in a single direction. Table 2 in the specification indicates ten different levels of security for repositories. The lowest level, i.e., level “0,” is described as follows: Open system. Document transmission is unencrypted. No digital certificate is required for identification. The security of the system depends mostly on user honesty, since only modest knowledge may be needed to circumvent the security measures. The repository has no provisions for preventing unauthorized programs from running and accessing or copying files. The system does not prevent the use of removable storage and does not encrypt stored files. Ex. 1001, 14:64–15:15. Thus, according to Table 2, repositories are not all trusted systems. Level “0” security means having an open system lacking in physical, communications, and behavioral integrity, and without support for managing usage rights. That is directly contrary to the meaning of “repository” as defined in the glossary. For reasons discussed below, we adhere to the definition provided in the glossary. The contrary evidence based on level “0” security shown in Table 2 is insufficient to outweigh the rest of the evidence including, in particular, the explicit definition provided IPR2013-00133 Patent 7,523,072 B2 14 in the glossary. We make our determination based on the totality of the evidence. As noted above, the disclosed invention is about distribution and usage rights enforcement of digital works. The problems described in the background portion of the specification concern unauthorized and unaccounted distribution or usage of electronically published materials. See generally Ex. 1001, 1:32–3:17. The ’072 patent states that it solves preexisting problems by both permanently attaching usage rights to digital works and placing elements in repositories that enforce those usage rights. Ex. 1001, 6:16–27. Here, the definition set forth in the glossary for “repository” is consistent fully with the description of the acknowledged prior art, and the objective or goal to be achieved by the invention of the ’072 patent. The specification also contains detailed preferred embodiments utilizing repositories, which are trusted systems to provide usage control for digital works. Ex. 1001, 7:3–41, 7:60–61, 13:7–14, 21–23, 14:8–20, 18:11–13, 26:40–29:20, 41:9–42:12. The bulk of the disclosure consistently is directed to repositories, which are trusted systems for providing usage control for digital works. For example, the specification states: The enforcement elements of the present invention are embodied in repositories. Among other things, repositories are used to store digital works, control access to digital works, bill for access to digital works and maintain the security and integrity of the system. Ex. 1001, 6:23–27 (emphasis added). Other references to “repository” in the specification recite necessary features of repositories and also support the IPR2013-00133 Patent 7,523,072 B2 15 definition in the glossary that a repository is a trusted system. For example, the specification states: The core repository services 1302 comprise a set of functions required by each and every repository. The core repository services 1302 include the session initiation transactions which are defined in greater detail below. This set of services also includes a generic ticket agent which is used to “punch” a digital ticket and a generic authorization server for processing authorization specifications. Ex. 1001, 14:8–14 (emphasis added). In another example, the specification discloses that “[a]s a prerequisite to operation, a repository will require possession of an identification certificate,” and that “identification certificates 1306 are required to enable the use of the repository.” Ex. 1001, 13:7–8, 14:18–20 (emphasis added). In yet another example, the specification states “[p]rovisions for security and privacy are part of the requirements for specifying and implementing repositories and thus form the need for various transactions.” Ex. 1001, 26:35–38 (emphasis added). Indeed, by using words such as “require” and “requirements,” these examples amply support the definition provided in the glossary that a repository is a trusted system. In summary, even applying the rule of broadest reasonable interpretation consistent with the specification, the weight of the evidence supports the definition provided in the glossary. We regard as significant that the definition states in an unequivocal manner that a repository “is a trusted system.” ContentGuard’s Contentions According to ContentGuard, our claim interpretation of “repository” is incorrect because it is too broad in one respect and too narrow in another. IPR2013-00133 Patent 7,523,072 B2 16 PO Resp. 14–17. For the reasons discussed below, however, the specification of the ’072 patent does not support adequately either contention. As a consequence, we are not persuaded by ContentGuard’s contentions. We first address ContentGuard’s contention that our construction is too broad, and then its contention that our construction is too narrow. 1. ContentGuard contends that our claim construction regarding “behavioral integrity” as “requiring software to include a digital certificate in order to be installed in the repository” is “excessively broad” and should be limited to software that makes the repository operative—otherwise known as “repository software.” Id. at 14. For convenience, ContentGuard’s argument is reproduced below: [The Board’s construction] is too broad because it is not restricted to what the ’072 patent refers to as “repository software”—that is software that makes the repository operative. (See Ex. 1001, 12:46-48.) According to the ’072 patent specification, “[b]ehavioral integrity refers to the integrity in what repositories do.” (Ex. 1001, 12:40-41.) What repositories do, in turn, “is determined by the software that they execute.” (Id. at 12:41-42.) But not all software relates “to the integrity in what repositories do.” (Ex. 1001, 12:40-41[.]) Repositories, along with usage rights, are used to manage the use and distribution of digital content. (Ex. 1001, 51:65-67.) Allowing them to do so, repositories can perform several functions to implement the transmission of content and usage rights. (E.g., Ex. 1001, 13:29-34.) But content itself does not necessarily supply that function to a repository. (Ex. 2013, [Declaration of Dr. Michael T. Goodrich] ¶ 48.) Rather, repository software implements the repository functions that are used to manage the use and distribution of the content. (Ex. 1001, 4:26-27; 6:38- IPR2013-00133 Patent 7,523,072 B2 17 7:2; 11:58-67; 13:15-41; 51:34-38.) Thus, since “[b]ehavioral integrity refers to the integrity in what repositories do,” the relevant software is not any “software . . . to be installed in the repository,” but the software the repository uses to manage the use and distribution of content. PO Resp. 14–15. With respect to what repositories do, ContentGuard overlooks and fails to discuss the portions of the specification which indicate that repositories, themselves, also can be rendering devices that run and execute the software- type digital works, the usage rights of which they control. For instance, the ’072 patent states the following with regard to software capable of being run on a repository: An Install transaction is a request to install a digital work as runnable software on a repository. In a typical case, the requester repository is a rendering repository and the software would be a new kind or new version of a player. Ex. 1001, 41:64–67 (emphases added). This disclosure in the specification does not support ContentGuard’s contention that a repository merely manages the use and distribution of digital content, such as software, and does not perform, run, or execute that digital content. The disclosure quoted above refers to a digital work that is “runnable software on a repository,” and states that, in a typical case, the repository asking for the digital work is itself a rendering repository that identifies the software digital work as application software—not as operating software. As such, the specification conveys information contrary to ContentGuard’s contention. ContentGuard does not explain the disclosure identified above, nor does it point to any testimony of its expert witness that addresses such disclosure in light of its “excessively broad” contention. IPR2013-00133 Patent 7,523,072 B2 18 Because a repository, itself, may run and execute software, the usage and distribution of which is managed by the repository, we are not persuaded that the reference to “repository software” in the portion of the specification discussing “behavioral integrity” (Ex. 1001, 12:40–56) is restricted to software that only manages usage rights. Indeed, in the context of installing software identified as “a new kind or new version of a player,” which does not control usage rights, the specification discusses extracting a copy of the digital certificate for that software (Ex. 1001, 42:9–12), in the same manner that the specification describes requiring a digital certificate in the digital work to ensure behavioral integrity of the repository (Ex. 1001, 12:46-48). Moreover, some repositories are rendering repositories. Ex. 1001, 41:64–67. “Repository software,” as used in the specification, is broad enough to cover application software, such as the “player” referenced in the specification (Ex. 1001, 41:64–67), as well as what ContentGuard refers to as “operating software,” which enables the repository to regulate usage rights. We do not credit the testimony of ContentGuard’s expert, Dr. Michael T. Goodrich, in paragraph 48 of his Declaration (Ex. 2013). In that paragraph, Dr. Goodrich attests that, in his opinion, a person of ordinary skill in the art in 1994 would have understood that the term “repository software” in the ’072 patent identifies and refers to the operating software of the repository, and not the software digital works, the usage rights of which are controlled by the repository. Dr. Goodrich’s testimony is unpersuasive because it does not account for the disclosure of the specification, discussed above, which conveys that some repositories are rendering depositories that run and execute the software digital works the rights of which they control, such as a new version of a “player.” IPR2013-00133 Patent 7,523,072 B2 19 2. ContentGuard contends that our claim construction regarding “behavioral integrity” as “requiring software to include a digital certificate in order to be installed in the repository” is “excessively narrow” because it unnecessarily requires the inclusion of a “digital certificate” to maintain behavioral integrity. PO Resp. 15–16. According to ContentGuard, in order to maintain behavioral integrity, it is necessary only that the broader purpose of a repository doing what it is supposed to do is satisfied. Id. at 15. ContentGuard’s contention that our construction is too narrow is inconsequential to the outcome of this proceeding because a broader interpretation of “behavioral integrity” would not render inapplicable any teaching of the prior art which was applied under the narrower construction. For convenience, ContentGuard’s argument is reproduced below: The Board’s construction is also too narrow because it requires “a digital certificate.” After explaining that “[b]ehavioral integrity refers to the integrity in what repositories do” and that “[w]hat repositories do is determined by the software that they execute,” the ’072 patent says that “[t]he integrity of the software is generally assured only by knowledge of its source.” (Ex. 1001, 12:42[-]43.) Although the specification does say that “behavioral integrity is maintained by requiring that repository software be certified and be distributed with proof of such certification, i.e., a digital certificate,” the specification continues by explaining the broader purpose of the certificate. (Id., 12:46-48.) “The purpose of the certificate is to authenticate that the software has been tested by an authorized organization, which attests that the software does what it is supposed to do and that it does not compromise the behavioral integrity of a repository.” (Id., 12:48-52 (emphasis added).) So, as long as there is some assurance that “the software does what it is supposed to do,” IPR2013-00133 Patent 7,523,072 B2 20 whether by source certification or otherwise, behavioral integrity can be maintained. PO Resp. 15 (emphasis in original). The breadth argued by ContentGuard is on the extreme end of a spectrum for the meaning of “repository”—whatever ensures a repository does what it is supposed to do. ContentGuard would like to generalize the feature into a generic goal or purpose, entirely removed from any specific means for its implementation. There are several obstacles precluding such an interpretation. First, the restrictive language in the specification does not permit such an expansive construction. Although it is true that the broadest reasonable interpretation standard applies for claim interpretation, the construction must be reasonable in light of the specification. In that connection, the specification states that “[b]ehavioral integrity is maintained by requiring that repository software be certified and be distributed with proof of such certification, i.e., a digital certificate.” Ex. 1001, 12:46–48 (emphasis added). Second, ContentGuard does not point to any other means described in the specification for maintaining behavioral integrity of a repository. The sole disclosure in that regard, as identified by ContentGuard, relates to the use of digital certificates. There is no basis to assume, on this record, that digital certificates are representative of all ways for ensuring that a digital work is authentic. Even ContentGuard does not make that assertion. Thus, the scope of disclosure is not commensurate with the breadth for the construction of “repository” desired by ContentGuard. IPR2013-00133 Patent 7,523,072 B2 21 Third, the general assertion that a repository “does what it is supposed to do” is not accompanied by any well-defined or otherwise recognized standard for making an objective determination in that regard. If we accepted ContentGuard’s proposed claim construction, the scope of the claims would be uncertain and indeterminable. We do not credit the testimony of ContentGuard’s expert, Dr. Goodrich, that “a person of ordinary skill in the art of 1994 would [have understood] that the ’072 patent specification refers to the use of digital certificates as only an exemplary method of preserving the behavioral integrity of a repository.” Ex. 2013 ¶ 46. This testimony is unexplained and conclusory—it does not account for the various factors we have considered and discussed above. B. Anticipation by EP ’139—Claims 1–25 ZTE contends that claims 1–25 are anticipated under § 102(b) by EP ’139. Pet. 11–27. In support of that alleged ground of unpatentability, ZTE provides explanations as to how EP ’139 describes each claim limitation. Id. ZTE also submits the Declaration of Dr. Vijay K. Madisetti (Ex. 1005 ¶¶ 85–96) to support its positions. Upon reviewing ZTE’s Petition and supporting evidence, as well as ContentGuard’s Patent Owner Response and supporting evidence, we determine that ZTE has not demonstrated by a preponderance of the evidence that claims 1–25 are anticipated by EP ’139. We begin our analysis with the principles of law that generally apply to a ground of unpatentability based on anticipation, followed by a brief discussion of EP ’139, and then we turn to the arguments presented by both ZTE and ContentGuard that are directed to whether EP ’139 describes a IPR2013-00133 Patent 7,523,072 B2 22 “document repository” that maintains “behavioral integrity,” as required by independent claims 1, 10, and 18. 1. Principles of Law To establish anticipation under § 102(b), “all of the elements and limitations of the claim must be shown in a single prior reference, arranged as in the claim.” Karsten Mfg. Corp. v. Cleveland Golf Co., 242 F.3d 1376, 1383 (Fed. Cir. 2001). “A claim is anticipated only if each and every element as set forth in the claim is found, either expressly or inherently described, in a single prior art reference.” Verdegaal Bros. v. Union Oil Co. of California, 814 F.2d 628, 631 (Fed. Cir. 1987). We analyze the ground of unpatentability based on anticipation by EP ’139 with the principles stated above in mind. 2. EP ’139 EP ’139 discloses a data processing system with a software copy protection mechanism. Ex. 1012, 1:4–6. To provide security, each computer or host that runs a protected software application is associated with a logically and physically secure coprocessor. Ex. 1012, 1:25–29. Figure 1 of EP ’139, reproduced below, describes the important components of the software protection mechanism and how they interact. Ex. 1012, 21:29–31. IPR2013-00133 Patent 7,523,072 B2 23 According to the embodiment shown in Figure 1, EP ’139 discloses a software protection mechanism embodied in a composite computing system. Ex. 1012, 21:58–22:5. This composite computer system includes host 10 and coprocessor 20 connected via communication link 14. Ex. 1012, 22:3– 6. Coprocessor 20 also includes permanent, non-volatile memory 25 and temporary memory 26. Ex. 1012, 22:19–21. In order to execute a protected application, a user must install a right to execute the application, in the form of a software decryption key, in permanent memory 25. Ex. 1012, 22:22– 32. To install this right to execute, the user receives from a software vendor hardware cartridge 30 and distribution disk 16. Ex. 1012, 22:32–36. In one embodiment, distribution disk 16 stores the following three files: (1) the protected software application including an encrypted portion; (2) software decryption key AK, encrypted by a different decryption key CSK provided by the vendor and already stored in coprocessor 20; and (3) token data encrypted by the software decryption key. Ex. 1012, 22:23–27, 36–48. To install the right to execute, coprocessor 20 decrypts the software decryption key in temporary memory, and then verifies that the hardware cartridge is authentic by querying the token data included in the cartridge to IPR2013-00133 Patent 7,523,072 B2 24 determine if they match those in the token data file. Ex. 1012, 23:1–8. Hardware cartridge 30 will contain the token data only if it has not been used. Ex. 1012, 23:8–11. After verifying that the hardware cartridge is authentic and unused, coprocessor 20 will accept the right to execute and store the software decryption key AK in permanent memory 25. Ex. 1012, 23:11–16. With access to the software decryption key AK, the protected application file can be decrypted and stored in temporary memory 26 so that it may be executed by coprocessor 20. Ex. 1012, 23:16–21. In one embodiment, EP ’139 discloses a source composite processor, including source host 10 and coprocessor 20, that communicates with a sink composite processor, including sink host 110 and sink coprocessor 120. Ex. 1012, 25:49–52. The source and sink processors are interconnected via communication link 200. Ex. 1012, 26:5–6. EP ’139 discloses that source coprocessor 20 and sink coprocessor 120 exchange encrypted information. Ex. 1012, 26:10–20. Only coprocessors that are “member[s] of the family” are capable of decrypting and recognizing the information transmitted thereto. Ex. 1012, 26:7–10, 20–23. EP ’139 also discloses that source coprocessor 20 can encrypt a right to execute a particular software program and send it to sink coprocessor 120. Ex. 1012, 26:32–35. 3. “Document Repository” (Claims 1, 10, and 18) Independent claims 1, 10, and 18 each require a “document repository.” Ex. 1001, 52:10–14, 51–54; 53:29–32. As discussed above, a “repository” is construed as “a trusted system which maintains physical, communications and behavioral integrity, and supports usage rights.” “Physical integrity” is construed as “preventing access to information by a IPR2013-00133 Patent 7,523,072 B2 25 non-trusted system.” “Communications integrity” is construed as “only communicates with other devices that are able to present proof that they are trusted systems, for example, by using security measures such as encryption, exchange of digital certificates, and nonces.” “Behavioral integrity” is construed as “requiring software to include a digital certificate in order to be installed in the repository.” ZTE takes the position that EP ’139’s source computing system 10, 20, constitutes the claimed “document repository.” Pet. 13–14, 18. In our analysis below, we determine whether EP ’139’s source computing system 10, 20 constitutes the claimed “document repository” that maintains “behavioral integrity.” a. Behavioral Integrity ContentGuard contends that EP ’139’s source computing system 10, 20 does not amount to the claimed “document repository” because it does not exhibit “behavioral integrity.” PO Resp. 17–22. That contention has three layers of complexity. 1. The first relates to ContentGuard’s contention that “behavioral integrity” of a repository is directed to, and concerns only, the operating software of the repository, i.e., the software that enables the repository to control the usage rights and distribution of digital works, and not the software digital works managed by the repository, itself. PO Resp. 17–18. In our claim construction analysis, we already found that contention of ContentGuard unpersuasive. 2. The second relates to ContentGuard’s contention that “behavioral integrity” of a repository does not require the presence and use of a digital IPR2013-00133 Patent 7,523,072 B2 26 certificate to authenticate the software digital work being installed in a repository. PO Resp. 19–21. Instead, ContentGuard argues that “behavioral integrity” of a repository merely requires checking that the software loaded onto the repository is authentic or unaltered prior to rendering the software. Id. at 20–21. In our claim construction analysis, we also found that contention of ContentGuard unpersuasive. 3. The third relates to ContentGuard’s contention that software decryption key AK disclosed in EP ’139, which is associated with the software digital work being sent to source coprocessor 20, is not a digital certificate. PO Resp. 21–22. In its Reply, ZTE does not identify specifically an element or feature disclosed in EP ’139 that constitutes a digital certificate. See generally Pet. Reply 4–6. However, according to ZTE’s expert, Dr. Madisetti, the software decryption key AK disclosed in EP ’139 constitutes a digital certificate. Ex. 1024 ¶¶ 14, 15. Taking into account the evidence presented by both parties, we determine that ZTE has not demonstrated by a preponderance of the evidence that, in the disclosed system of EP ’139, the decryption key AK accompanying a software digital work constitutes a digital certificate for the software that authenticates the source of the software. Dr. Madisetti testified that, in his opinion, the source coprocessor 20 encrypting a right-to-execute and transmitting that encrypted right-to- execute to sink coprocessor 120, as described in column 26, lines 32–35 of EP ’139, indicates that the software in EP ’139 must include a digital certificate to be installed in a repository. Ex. 1024 ¶ 14. Dr. Madisetti explained that the right-to-execute is required in order for the protected IPR2013-00133 Patent 7,523,072 B2 27 software to be decrypted, stored, and executed. Id. (citing Ex. 1012, 23:16– 21). On that basis, Dr. Madisetti concludes that “in EP [’]139, the [decryption key] AK serves as a digital certificate under the Board’s construction as the AK is required in order to install the software in the repository.” Id. The reasoning of Dr. Madisetti is tenuous, as the issue is not whether, in some respect, a decryption key under certain operating conditions, may “serve as” or substitute for a digital certificate authenticating the source of the software, but whether a decryption key, itself, “is” a digital certificate. Dr. Madisetti’s testimony falls short of stating that EP ’139’s decryption key AK would be referred to or identified by one with ordinary skill in the art as a digital certificate. In our discussion of the construction of “behavioral integrity,” we were not persuaded by ContentGuard’s contention that a digital certificate is not required, and that anything which accomplishes a similar objective in substantially the same way is satisfactory. ZTE does not account adequately for the fact that, even if decryption of software with EP ’139’s decryption key AK is regarded as authentication of the source of the software, the decryption key AK, itself, does not authenticate anything. Rather, it has to be applied in a decryption step—it is that process which determines an ascertainable result for further evaluation. Thus, EP ’139’s decryption key AK is unlike a digital certificate which, by itself, authenticates the source of the software. Moreover, ZTE does not explain adequately why decryption indicates authenticity of the software source. ZTE’s contention assumes that no one tampered with the software while preserving the proper encryption, or that no one created a false or unauthorized version having the proper encryption. IPR2013-00133 Patent 7,523,072 B2 28 Those assumptions are speculative in the context of providing security. ZTE identifies in EP ’139 a description of several means for checking the authenticity of the software after it has been decrypted. Pet. Reply 6. For instance, EP ’139 discloses that a message authentication code may be used to ensure that a plain text message recovered on decryption can be checked to see if it matches one actually expected. Ex. 1012, 8:21–39. Indeed, such disclosure is evidence that decryption, by itself, does not authenticate the source of the software, which is contrary to ZTE’s position. Insofar as “assurance” means a specifically expressed indication, we credit the testimony of ContentGuard’s expert, Dr. Goodrich, that “one of ordinary skill [in the art in 1994] would [have understood] a digital certificate to be an assurance that downloaded software comes from a reputable source, including a measure of tamper resistance.” Ex. 2013 ¶ 46 (citing the definition of “digital certificate” from the MICROSOFT COMPUTER DICTIONARY (4th ed. 1999)). An unexpressed and subjective thought, on the other hand, does not qualify. As discussed above, EP’139’s decryption key AK does not meet the requirements of that definition of “digital certificate.” In summary, EP ’139’s source computing system 10, 20 does not constitute a “document repository” that maintains “behavioral integrity,” as required by independent claims 1, 10, and 18, because ZTE has not persuaded us that the decryption key AK disclosed in EP ’139 constitutes a digital certificate. For the foregoing reasons, we conclude that ZTE has not demonstrated by a preponderance of the evidence that independent claims 1, 10, and 18 are anticipated by EP ’139. IPR2013-00133 Patent 7,523,072 B2 29 4. Claims 2–9, 11–17, and 19–25 As we indicated previously, claims 2–9, 11–17, and 19–25 depend directly or indirectly from independent claims 1, 10, and 18, respectively. Therefore, each of claims 2–9, 11–17, and 19–25 incorporate by reference the same limitations as their underlying base claim. For the same reasons discussed above with respect to independent claims 1, 10, and 18, we conclude that ZTE has not demonstrated by a preponderance of the evidence that dependent claims 2–9, 11–17, and 19–25 are anticipated by EP ’139. III. CONCLUSION ZTE has not demonstrated by a preponderance of the evidence that the challenged claims of the ’072 patent are anticipated under 35 U.S.C. § 102(b) by EP ’139. IV. ORDER In consideration of the foregoing, it is: ORDERED that ZTE has not demonstrated by a preponderance of evidence that claims 1–25 of the ’072 patent are unpatentable; and FURTHER ORDERED that, because this is a final written decision, parties to the proceeding seeking judicial review of the decision must comply with the notice and service requirements of 37 C.F.R. § 90.2. IPR2013-00133 Patent 7,523,072 B2 30 For PETITIONER: Jon Beaupre Rickard DeMille David Bluestone Miyoung Shin Peter Lee Lawrence Chen BRINKS HOFER GILSON & LIONE jbeaupre@brinkshofer.com rdemille@brinkshofer.com dbluestone@brinkshofer.com mshin@brinkshofer.com plee@brinkshofer.com lchen@brinkshofer.com For PATENT OWNER: Robert Sterne Jon Wright Jason Eisenberg STERNE, KESSLER, GOLDSTEIN & FOX PLLC rsterne-PTAB@skgf.com jwright-PTAB@skgf.com jasone-PTAB@skgf.com Copy with citationCopy as parenthetical citation
