Upload
shawn-ambwani
View
216
Download
0
Embed Size (px)
Citation preview
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
1/65
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
2/65
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
3/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
ii
C. Summary of Relevant Prosecution File History ............................ - 10 -
D. Person of Ordinary Skill in the Art ................................................ - 11 -
V. CLAIM CONSTRUCTION ..................................................................... - 11 -
A. “verified web service” .................................................................... - 12 -
B. “metadata of the encrypted digital media” ..................................... - 13 -
C. “two way data exchange” ............................................................... - 13 -
VI. PROPOSED REJECTIONS SHOWING THAT PETITIONER HAS AREASONABLE LIKELIHOOD OF PREVAILING ............................... - 14 -
A. Ground 1: Claims 1–10, 12–15, and 17–24 are unpatentable asobvious over DeMello (EX1005) and Wieder (EX1007) in viewof the admitted prior art. ................................................................. - 14 -
B. Ground 2: Claims 1–10, 12–15, and 17–24 are unpatentable asobvious over Pestoni (EX1006) and Wieder (EX1007) in viewof the admitted prior art. ................................................................. - 14 -
C. Ground 3: Claims 11, 16, and 25-26 are unpatentable over DeMello (EX1005) in combination with Wieder (EX1007) andWiser (EX1008) and the admitted prior art. ................................... - 52 -
D. Ground 4: Claims 11, 16 and 25-26 are unpatentable over Pestoni (EX1006) and Wieder (EX1007) and the admitted priorart in combination with Wiser (EX1008). ...................................... - 52 -
VII. CONCLUSION ......................................................................................... - 60 -
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
4/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
iii
EXHIBIT LIST
Exhibit No. Description
1001 U.S. Patent No. 8,402,555 to Grecia.
1002 Grecia v. Amazon.com , No. 2:14–cv–00530 (W.D. Wash. Dec.22, 2014) (Joint claim construction statement by Patent Ownerand Amazon), and Ex. C
1003 Sony Network Entertainment Int’l v. Grecia , IPR2015–00422,Preliminary Response (PTAB Mar. 11, 2015)
1004 Notice of Allowability of U.S. Patent No. 8,402,555 to Grecia
1005 U.S. Patent No. 6,891,953 to DeMello et al. , Prior Art under 35U.S.C. § 102(b)
1006 U.S. Pub. No. 20080313264 to Pestoni, Prior Art under 35U.S.C. § 102(b)
1007 U.S. Pat. 8,001,612 to Wieder, Prior Art under 35 U.S.C. §102(e)
1008 U.S. Pat. 6,385,596 to Wiser, Prior Art under 35 U.S.C. § 102(b)
1009 Declaration of Ravi S. Cherukuri & Exhibits A–D
1010 Unified Patents LLC Voluntary Interrogatories
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
5/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 1 -
I. MANDATORY NOTICES
A. Real Party–in–Interest
Pursuant to 37 C.F.R. § 42.8(b)(1), Petitioner certifies that Unified is the real
party–in–interest, and further certifies that no other party exercised control or
could exercise control over Unified’s participation in this proceeding, the filing of
this petition, or the conduct of any ensuing trial. See EX1010, Unified Patents
LLC Voluntary Interrogatories.
B. Related Matters
U.S. Patent No. 8,402,555 (“ ’555 Patent (EX1001)) is a parent of a
continuation U.S. Patent No. 8,533,860 (“ ’860 Patent”), which has a continuation
U.S. Patent No. 8,887,308 (“ ’308 Patent”), against which IPR petitions are being
concurrently filed. On Dec. 6, 2013 Grecia sued Microsoft, Google, Sony Network
Entertainment International and Apple for infringement of the ’860 Patent.
Between Feb. 20, 2014 and Nov. 30, 2015, Grecia has sued the following for
infringement of different combinations of the three patents: Adobe Systems,
American Express, Visa, MasterCard, Charter Communications, Time Warner
Cable, AT&T Services, DirecTV, WideOpenWest Finance, RCN Telecom
Services, Network L.C.C., Charter Communications, Time Warner Cable,
Comcast, DISH Network, Amazon.com, Samsung Telecommunications America
and Vudu.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
6/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 2 -
A Petition for Inter Partes review of the ’860 Patent was filed by Sony Network
Entertainment International LLC, IPR2015–00422, PTAB, December 14, 2014 and
dismissed by request of the parties. Petitioner filed IPR2016-00600 against the
’860 Patent on Feb. 17, 2016. Petitioner filed IPR2016-00602 against the ’308
Patent on March 3, 2016.
C. Counsels
Lead Counsel for Petitioner is Paul C. Haughey (Reg. No. 31,836), of
Kilpatrick Townsend & Stockton LLP. Back–up Counsel is Jonathan Stroud (Reg.
No. 72,518), of Unified, and Scott E. Kolassa (Reg. No. 55,337), of Kilpatrick
Townsend & Stockton LLP.
D. Service Information, Email, Hand Delivery, and Postal
Unified consents to electronic service at
[email protected] , [email protected] , and
II. CERTIFICATION OF GROUNDS FOR STANDING
Petitioner certifies pursuant to Rule 42.104(a) that the patent for which
review is sought is available for inter partes review and that Petitioner is not
barred or estopped from requesting and inter partes review challenging the patent
claims on the grounds identified in this Petition.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
7/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 3 -
III. OVERVIEW OF CHALLENGE AND RELIEF REQUESTED
Pursuant to Rules 42.22(a)(1) and 42.104(b(1)–(2), Petitioner challenges
claims 1–26 of the ’555 Patent.
A. Prior Art Patents and Printed Publications
The following references are pertinent to the grounds of unpatentability
explained below: 1
1. U.S. Patent No. 6,891,953 (filed on June 27, 2000 and issued on May 10,
2005) (“ DeMello” ( EX1005)), which is prior art under 35 U.S.C. § 102(b).
2. U.S. Pub. No. 2008/0313264 (filed on Jun. 12, 2007 and published on Dec.
18, 2008) (“ Pestoni ” (EX1006)), which is prior art under 35 U.S.C. §
102(b).
3. U.S. Pat. 8,001,612, filed Aug. 12, 2005 and issued Aug. 16, 2011
(“Wieder ” (EX1007)), which is prior art under 35 U.S.C. § 102(e). Wieder
is used to show the claimed token database.
1 The ’555 Patent issued from a patent application filed prior to enactment of
the America Invents Act (“AIA”). Accordingly, pre–AIA statutory framework
applies.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
8/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 4 -
4. U.S. Pat. 6,385,596 (filed Feb. 6, 1998 and issued May 7) (“ Wiser ”
(EX1008)), which is prior art under 35 U.S.C. § 102(b). Wiser is used to
show the customization module and “royalty scheme” of claims 11, 16, 25
and 26.
B. Grounds for Challenge
This Petition, supported by the declaration of Ravi S. Cherukuri (“Cherukuri
Decl.” (EX1009)) requests cancellation of challenged claims 1–26 of the ’555
Patent as unpatentable under 35 U.S.C. §103. Two main references are used, with
additional references for dependent claims.
IV. OVERVIEW OF THE ’555 PATENT
A. Priority Date of the ’555 Patent
The ’555 Patent is a continuation of Application No. 12/985,351, filed on
Jan. 6, 2011, which is a continuation of Application No. 12/728,218, filed on Mar.
21, 2010, now abandoned. In the 11–27–2012 response in the prosecution history
of the ’555 Patent, Patent Owner claimed priority to his Provisional Application
No. 61/303,292 (filed Feb. 10, 2010) to swear behind Baiya U.S. Pub. No.
20110288946. Petitioner does not believe the ’555 Patent is entitled to the Feb. 10,
2010 priority date, but assumes that is the effective date for the purposes of this
petition since all the prior art is more than a year earlier than this date.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
9/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 5 -
B. Summary of the ’555 Patent
The ’555 Patent is directed to Digital Rights Management (DRM). The prior
art was alleged to tie media to a particular user or limited number of devices:
“The current metadata writable DRM measures do not offer a
way to provide unlimited interoperability between different
machines. Therefore, a solution is needed to give consumers the
unlimited interoperability between devices ….” (’555 Patent at
2:67 – 3:4).
“DRM schemes for e–books include embedding credit card
information and other personal information inside the metadata
area of a delivered file format and restricting the compatibility
of the file with a limited number of reader devices and
computer applications.” Id. at 2:18–22.
The alleged innovation of the ’555 Patent is to obtain a membership
identification reference (e.g., Facebook ID) from a website providing membership
and write it into the metadata of the media. This allows anyone with the
membership reference ID to access the media on any device. The claim elements
of claim 1 and the other challenged claims correspond to the steps of Fig. 6 of the
’555 Patent, copied below:
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
10/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 6 -
Claim 1 of the ’555 Patent is simple but lengthy, and is summarized below
with the letters corresponding to the elements in the claim charts below, and the
numbers corresponding to Fig. 6 above:
[A] Preamble: Authorizing media access for plural data processing devices
(multiple user devices).
[B] (602) Receive user request, with membership verification token (e.g.,
Amazon password), for content access and branding. Patent Owner admits
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
11/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 7 -
that corresponding steps B and C of the ’860 Patent are in the prior art (as
discussed below).
[C] (604) The verification token is authenticated.
[D] (606) Establish a connection with user communication console (with
GUI and API for a verified web service, e.g., Facebook)
[E] (608) An identification reference (e.g., Facebook login) is requested
from the user.
[F] (610) The identification reference is received.
[G] (612)The membership verification token and identification reference are
written into the content metadata. Patent Owner admits the corresponding step in
the ’860 Patent is in the prior art.
With respect to the continuation ’860 Patent, the Patent Owner has
suggested that the particular order set forth above is required, and that all
corresponding 6 modules of Fig. 1 must be present and separate. See Sony Network
Entertainment Int’l v. Grecia , IPR2015–00422 at 3–4, 17–18 (PTAB Mar. 11,
2015) (Preliminary Response) (“Sony v. Grecia Preliminary Response” (EX1003)).
However, the Provisional Application never mentioned the word “module” as used
in the claims, and did not have the module diagram of Fig. 1. The “module” term
was added to claim 12, and the order of the modules (e.g., first and second receipt
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
12/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 8 -
modules in claim 12) and method steps (e.g., claim 1) is described in the ’555
Patent as not limiting:
“In this document, relational terms such as `first` and
second`, and the like may be used solely to distinguish
one entity or action from another entity or action without
necessarily requiring or implying any actual such
relationship or order between such entities or actions.”
’555 Patent, 4:60–64.
Fig. 3 of the ’555 Patent, copied below, shows an embodiment where a user
obtains content using GUI 301 on the left, using a “verification token” that is
authenticated (a “membership verification token” in the ’555 Patent claims,
described in the application as having a list of options). This corresponds to the
first two steps, 602 and 603, which are admitted prior art in the continuation ’860
Patent. Note the same described system performs both steps. Then, the user uses
GUI 307 on the right to contact a “verified web service” (e.g., Facebook) to verify
the user using an electronic ID (e.g., Facebook login). The same system performs
the last 3 steps.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
13/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 9 -
Petitioner notes that the term “excelsior enabler” as used in the specification
simply means user. Patent Owner characterized it as follows: “authorized users
(excelsior enablers).” June 12, 2012 response to office action for the ’555 Patent.
The term “enabler” was also in the original claims of the ’555 Patent, but was
replaced with “user.” “Excelsior” refers to the main, or first user: “[T]he excelsior
enabler and secondary enablers defined comprises human beings or computerized
mechanisms programmed to process steps of the invention as would normally be
done manually by a human being.” ’555 Patent, 5:12–16.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
14/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 10 -
C. Summary of Relevant Prosecution File History
The claims in the parent ’555 Patent were originally rejected as obvious
under §103 U.S. Pre-Grant Publication Number 2011/0288946 to Baiya (“ Baiya ”)
in view of U.S. Patent 7,526,650 to Wimmer (“ Wimmer ”). The Examiner’s
reasons for allowance (EX1004) noted that Baiya and Wimmer taught the first and
last elements of claim 1. Neither of them show a user’s membership used to brand
digital content so it could be used on multiple devices. Baiya describes a content
management system for a group or a business, where libraries for documents and
other media are established and authorized users are given keys to access those
libraries. Wimmer describes branding video content with an end user's personal
identity information as a deterrent against unauthorized redistribution. Thus, the
Examiner found no reference where a user’s membership was used to brand digital
content so it could be used on multiple devices. This feature, however, is clearly
present in the prior art references discussed herein.
In the Certificate of Correction, the claim language “obtained from a verified
web service” was changed to “related to a verified web service.”
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
15/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 11 -
D. Person of Ordinary Skill in the Art
One of ordinary skill in the art at time of the earliest claimed effective filing
date of the ’555 Patent (Feb. 10, 2010) would possess at least a university degree
or have equivalent professional experience related to electronics and/or software,
with some experience in digital rights management such as two years of work
experience. ( See Cherukuri Decl. (EX1009), ¶¶ 28–32, 59–61.) The claims of the
’555 Patent are directed to a DRM system used with standard computers
communicating over known network means. Thus, one of ordinary skill in the art
requires knowledge of DRM programs, generally. ( Id. , ¶ 22.)
V. CLAIM CONSTRUCTION
Claim terms of a patent in inter partes review are normally given the
“broadest reasonable construction in light of the specification.” See 37 C.F.R. §
42.100(b): see also In re Cuozzo Speed Techs., LLC, 778 F.3d 1271, 1279–81
(Fed. Cir. 2015).
The following discussion proposes constructions and support for those
constructions. Any claim terms not included in the following discussion should be
given their ordinary meaning in light of the specification, as commonly understood
by those of ordinary skill in the art. The broadest reasonable interpretation of a
claim term may be the same as or broader than the construction under the standard
set forth in Phillips v. AWH Corp, 415 F.3d 1303 (Fed. Cir. 2005), but it cannot be
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
16/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 12 -
narrower. See Facebook, Inc. v. Pramatus AV LLC , 2014 U.S. App. LEXIS 17678,
*11 (Fed. Cir. 2014). The constructions proposed below should be applied
regardless of whether the terms are interpreted under the Phillips standard or the
“broadest reasonable interpretation” standard.
There have been no claim construction orders yet in the District Court
litigations involving the ’555 Patent. There has been a joint claim construction
statement by Patent Owner and Amazon. ( See Grecia v. Amazon.com , No. 2:14–
cv–00530 (W.D. Wash. Dec. 22, 2014) (Joint claim construction statement by
Patent Owner and Amazon), and Ex. C (“ Grecia v. Amazon.com Claim
Construction” (EX1002)); see also 37 C.F.R. § 42.62 and F.R.E. 801(d)(2). See
also Cherukuri Decl. (EX1009) at ¶¶ 43–55.
A. “verified web service”Outside the claims, this term only appears once in the ’860 patent:
“The web service equipped with the API is usually a well–
known membership themed application in which the users must
use an authentic identification. Some example includes
Facebook …. Other verified web services in which real member
names are required such as the LinkedIn API and the PayPal
API …” (’555 Patent at 10:42–51, emphasis added.)
In the Grecia v. Amazon litigation, Patent Owner proposed “a web service
accessible with an authenticated credential” and Amazon proposed “a web service
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
17/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 13 -
that is used to authenticate the identity of a user or device.” See Grecia v.
Amazon.com Claim Construction (EX1002), Ex. C, p. 16. The Patent Owner term
of an “authenticated credential” does not appear in the ’860 Patent and the identical
specification of the continuation ’308 Patent, and the example is a Facebook login
name and password to authenticate the user, not authenticate the credential. Thus,
the Amazon proposal is correct: the proper construction is any web service that is
used to authenticate the identity of a user or a device, or, in other words, any web
service which verifies an identity, such as through a user name and password .
B. “metadata of the encrypted digital media”
In the Grecia v. Amazon litigation, Patent Owner proposed “data about the
digital content” and Amazon proposed “data that describes the digital content, in
the same media file as the digital content.” Id . (EX1002), Ex. C, p. 1. Petitioner
submits it is well known that metadata doesn’t just describe the digital content, and
thus Amazon’s construction is too narrow. Also, meta data is not necessarily in the
same media file. See Cherukuri Decl. ¶50. Petitioner, for the purposes of this
petition, submits the construction is data about the digital media .
C. “two way data exchange”
In the Grecia v. Amazon litigation related to the continuation ’860 Patent, a
similar term including “session” was construed (“two way data exchange session”).
Patent Owner proposed “requesting the at least one identification reference from
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
18/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 14 -
the at least one communications console and receiving the at least one
identification reference from the at least one communications console.” Amazon
proposed “transfer of information from a device to a server and from the server to
the device.” Grecia v. Amazon.com (EX1002), Ex. C, p. 19. The Patent Owner
proposal adds in other limitations from the claim and is thus too detailed, and
Amazon adds a server and device limitation. In any event, without the term
“session,” the plain meaning appears clear. Petitioner submits the construction is
an exchange of data .
VI. PROPOSED REJECTIONS SHOWING THAT PETITIONER HAS AREASONABLE LIKELIHOOD OF PREVAILING
The references addressed below anticipate and/or render obvious the claimed
subject matter, and are corroborated by the opinion in the Cherukuri Decl.
(EX1009).
A. Ground 1: Claims 1–10, 12–15, and 17–24 are unpatentable as obviousover DeMello (EX1005) and Wieder (EX1007) in view of the admittedprior art.
Grounds 1 and 2 are discussed together below in order use the same claim
charts and fit within the allowed page limits. Only independent claim 1 is
separately discussed.
B. Ground 2: Claims 1–10, 12–15, and 17–24 are unpatentable as obviousover Pestoni (EX1006) and Wieder (EX1007) in view of the admittedprior art.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
19/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 15 -
Claim 1– DeM ell o . DeMello describes a system for delivery of electronic books or
other media. Id . at 4:41–49. A purchaser can link a book to a “persona” so that it
can be read on multiple user devices (readers) or shared with others associated
withthe same persona. The user provides PASSPORT credentials (a user ID and a
password – PASSPORT is Microsoft’s single sign–on service). An activation
server authenticates the user using the PASSPORT credentials in communication
with the PASSPORT servers. The PASSPORT ID is associated with the
purchaser’s persona and written to an activation certificate. Id . at 13: 21–35.
As shown in Fig. 4 of DeMello above, the user requests content at a retail
site 71 on the left, and there is “user authentication,” as noted below box 72. As
described below, user authentication can be performed by establishing a
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
20/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 16 -
membership using authentication credentials (e.g., Amazon.com log–on
credentials), which is a verification token. A separate HTTPS connection 70 on
the right is used to establish a connection with an Activation Site 75, where a
user’s PASSPORT ID is used to verify the user and brand the metadata of the
content.
[A] – Preamble. DeMello discloses a DRM system which monitors access to
encrypted content and facilitates interoperability between a plurality of processing
devices. The claim chart below shows the specific language from DeMello for
these limitations.
’555 Patent(emphasis
added)
Prior Art (emphasis added)
[A] 1. A methodfor monitoringaccess to anencrypteddigitalmedia , themethodfacilitatinginteroperabilitybetween a
pluralityof dataprocessingdevices , themethodcomprising:
DeMello (EX1005) “A server architecture for a digital rights management system that distributes and protects rights in content.” Id . atAbstract, ll. 1–2.
An encrypted digital media: “ “source sealed” and“individually sealed” content is encrypted.” Id . at 2:6–10.
Facilitating interoperability between a plurality of data processing devices: “The PASSPORT object 96 provides the
required interfaces into the PASSPORT.TM. servers thatauthenticate the end–users using, for example, their hotmailaccounts (or other PASSPORT credentials). In accordance withaspects of the present invention, this object advantageouslyassociates the activation certificate with a persona, insteadof a single PC , thus allowing each persona to utilize multiplereaders to read level 5 titles .” Id . at 13:17–24.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
21/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 17 -
“activation ‘quotas’ that allow users to activate readers onmultiple devices … as well as allow them to activate newdevices as they upgrade their hardware, reformat their
hard disks, etc. Id. at 25:29–36. [B] This element (chart below) requires an encrypted digital media access
branding request (which eventually results in a metadata read/write) along with a
membership verification token [this was alleged vs. the Amazon Kindle logon, for
example] from a communications console (the user device). Patent Owner admits
the corresponding element in the continuation ’860 Patent, and the corresponding
following element [C] are shown in the prior art:
“…communicating access rights over the Internet to a
license server–the first and second steps of method claim
1 in the ‘860 patent–was well known in the digital rights
management field.” Sony v. Grecia Preliminary
Response at p. 14 (EX1003). See also p. 6, lines 6–7:
“Clearly, many prior art systems taught the verification
of a token through a GUI interface.”
Element [B] is nearly identical to the admitted prior art elements of the ’860
Patent, except a “membership” verification token is used instead of the list of
possible tokens in the ’860 Patent. That list includes items in claim 2 describing
types of membership tokens, such as a password or e–mail address. This claim
also uses “branding” instead of write, which means the same thing. Also, another
difference is that the last part of this element says “the request comprising a
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
22/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 18 -
membership verification token provided by a first user, corresponding to the
encrypted digital media.” This clearly means the request corresponds to the digital
media, since the membership verification token is not related to the media until the
branding is completed.
DeMello teaches “user authentication” and establishing a membership
relationship with a retailer (left of Fig. 4), which inherently would include
providing a token, such as a retailer password and/or email (e.g., Amazon log–on
credentials). User authentication and establishing a membership are obvious in
view of the admitted prior art. The admitted prior art steps are described in the
’555 Patent as verifying membership to a site to buy content, and DeMello recites
establishing such a membership relationship. It would be obvious to use the
verification token of the admitted prior art to establish a membership relationship.
See Cherukuri Decl. (EX1009) ¶74 and Ex. C.
[B] receiving an encrypteddigital media accessbrandingrequest from at least onecommunications console of
the plurality of data processingdevices, the branding requestbeing a read or writerequest of meta data of theencrypted digital media , therequest comprising a
The corresponding element in the ’860 Patent isadmitted prior art.
DeMello (EX1005) – Retail site (Fig. 4)
“Bookstore servers 72 may communicate withusers via web browsing software (e.g., by
providing web pages for viewing with aMICROSOFT INTERNET EXPLORER browseror a NETSCAPE NAVIGATOR browser).Through this communication [access request],
bookstore servers 72 may allow users to shop for
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
23/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 19 -
membershipverification token provided
by a first user, corresponding
to the encrypted digitalmedia ;
eBook titles, establish their membershiprelationship with the retailer [verification token],
pay for their transactions, and access proof–of
purchase pages (serve–side receipts).” Id . at 9:9– 16.
[C] As described above, the corresponding element in the ’860 Patent was
also admitted by Patent Owner to be in the prior art. The only differences is a
particular (membership) token is recited, and a token database is recited, which is
necessary to authenticate any token. DeMello shows authenticating the username
and other credentials (verification token) of this element as described in the chart
below. The authentication can be of the credit card or membership information by
the retail site (e.g., Amazon log–on). It is inherent that a database is used for such
an authentication. These all correspond to the admitted prior art.
Wieder (EX1007) describes a “usage–rights repository” 24 ( Wieder Fig. 1)
for storing “usage–rights tokens” (a token database) used for validation of user
ownership by different “experience providers” that allow custom playlists (e.g.,
Apple iTunes, Microsoft Windows Media). Wieder , 4:46–5:39; 8:24–28; 15:1–4.
The database stores the tokens which include “Token–Owner,” “Usage–Rights,”
and “Purchase–Record.” Id . at Fig. 13, 7:30–31. It is inherent in DeMello that the
credit card data are authenticated using a database of membership records of
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
24/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 20 -
customers of an online book store. It is obvious to combine DeMello with Wieder ,
which shows authenticating a “Purchase–Record” (verification token).
Because Wieder and DeMello both relate to Digital Rights Management, and
both relate to supporting multiple users or user devices, it would be obvious to
combine Wieder with DeMello to implement a database of user personas associated
with multiple user readers. Also, DeMello specifically refers to “credit card
validation” and “requiring the users to authenticate themselves,” thus referencing
the many standard ways of doing this, of which Wieder is just one example.
Because DeMello describes linking content to a PASSPORT ID instead of a device
ID, it would be obvious to add the PASSPORT ID to the token contents shown in
Fig. 13 of Wieder , thus providing a database of PASSPORT IDs. Additionally, it
would be obvious to include in the record of the database other information, such
as the username and other credentials identified in DeMello . The Wieder database
is also described as including other information, and it would be obvious to include
the other data of DeMello , and it would be obvious to do this in a single database
or multiple databases. Wieder thus shows more details of actions specifically
described in DeMello . See Cherukuri Decl. (EX1009) ¶ ¶ 75-85.
[C]authenticating themembership
The corresponding element in the ’860 Patent is admittedprior art.
DeMello (EX1005) – Retail site authentication :
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
25/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 21 -
verificationtoken, theauthentication
beingperformed inconnectionwith atokendatabase ;
“ After the buying customer has selected the titles he/she wishesto purchase and decides to complete an order, the merchant will
process the order according to their existing methods (e.g., creditcard validation , billing, etc.). This may include requiring theusers to authenticate themselves (for those which require amembership record from their customers) … ” id. at 40:23–29.] Wieder (EX1007) :“There may also be one or more usage-rights repositories (usage-rights authorities) 24 [token database]. The usage-rightrepository utilizes a common "standard for usage-rights tokens"25 so that a user's collection of compositions, represented by theset of usage-rights tokens a user acquires, may be recognized andusable with all experience-providers. Each usage-rights token may be defined to limit use to only a specific individual user or agroup of specific users (e.g., a family).” Wieder at 8:37–47.
“A secure database of all issued tokens may be maintained inthe usage-rights repository.” Id . at 14:11–12.
“Usage-Rights Representations:
In one embodiment, the token may represent a receipt ofownership or allowable usage that may be understood andvalidated by any experience-provider 26.” Id . at 15:1–4.
Token applicable to multiple devices:“In one preferred embodiment, the token may be defined to bevalid for all available (network interface-able) user-devices and their corresponding formats. This is a major convenience foruser's since they no longer need to be concerned with the detailsof user-device formats, format translations and compatibility
problems. The user is guaranteed that their token will be good foruse with all their user-devices.” Id . at 15:13–19.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
26/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 22 -
[D] This element is establishing a connection with user communication
module which has a GUI and an API related to a verified web service (e.g.,
Facebook). Patent Owner admitted that such GUIs and APIs for verified web
services are known in the prior art:
“The web service equipped with the API is usually a
well–known membership themed application in which
the users must use an authentic identification. Some
example includes Facebook in which as a rule, membersare required to use their legal name identities. A
reference number or name with the Facebook Platform
API represents this information. Other verified web
services in which real member names are required such
as the LinkedIn API and the PayPal API and even others
could be used ….” ’555 Patent at 10:42–50
DeMello discloses the “communications console” of this element as the
reader. The reader provides access to a bookstore feature, which is the required
GUI. The user is prompted at the reader (e.g., a prompt in a GUI) to login using
PASSPORT credentials to authenticate the user at the PASSPORT server. The
reader then sends the login credentials to the PASSPORT server via the API of the
PASSPORT server to authenticate the user at the PASSPORT server. Id . at 9:6–
14; 23:6–10, 23:19–23. It is obvious that the reader in DeMello would formulate
its request according to the protocol specified by the API of the verified web
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
27/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 23 -
service (the PASSPORT server). The PASSPORT server meets the claim
construction definition of a verified web service that authenticates the identity of a
user :
“The PASSPORT object 96 provides the required
interfaces into the PASSPORT.TM. servers that
authenticate the end–users using, for example, their
hotmail accounts (or other PASSPORT credentials).” Id.
at 13:31–35, 13:54–61
The PASSPORT web service facilitates a two way data exchange session to
complete a verification process. Id . at 23:6–10, 23:19–23; 24:33–35. The data
exchange can include the activation certificate, which contains the PASSPORT ID,
and which corresponds to the “account identifier” in the list of options for the
“electronic identification reference” in element [E].
In addition to being admitted prior art, it is obvious that the browser of the
reader mentioned in DeMello includes a GUI, since browsers provide a GUI (See
Cherukuri Decl. (EX1009) Ex. C, claim 1[D]), and the ’555 Patent acknowledges
the tie of a browser to a GUI:
“a web browser … interact with the API of a remote Internet
server system as desired. A Graphic User Interface ( GUI ) can
be installed for human interaction ….” Id. at 10:30–37,
emphasis added.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
28/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 24 -
The PASSPORT API mentioned in DeMello facilitates communication of
PASSPORT credentials for authentication between the reader and the PASSPORT
server via the activation server. The data exchange session is shown by the
exchange of the user name and password for the activation certificate. See
Cherukuri Decl. Ex. C, claim 1[D].
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
29/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 25 -
[D]establishing aconnection with
the at least onecommunicationsconsole whereinthecommunicationsconsole is acombination ofa graphic userinterface (GUI)and anApplicationProgrammableInterface (API)
protocol,wherein the APIis related to averified webservice, theverified web
service capableof facilitating atwo way dataexchange tocomplete averification
process ;
DeMello (EX1005)
“At step 150, the reader client opens into the integrated
bookstore feature and connects, via secure sockets layer (SSL) [establishing a connection], to the activation servers 94, whereusers are prompted to login using, in this example, theirPASSPORT™ credentials (step 152).” Id. at 23:5–17
“Activation Server 94 includes a PASSPORT object 96 and anactivation server ISAPI Extension DLL 98. The PASSPORTobject 96 provides the required interfaces into thePASSPORT.TM. servers that authenticate the end–users using, for example, their hotmail accounts (or otherPASSPORT credentials ).” Id. at 13:30–35.
“Once user's PASSPORT.TM. credentials are authenticated(step 156), a PASSPORT.TM. API is queried for the useralias and e–mail address (step 158).
“The secure repository executable and activation certificate arethen downloaded [two way data exchange] to the client (steps188 and 190 ).” Id. at 24:33–35.
“ Moreover, the activation server arrangement preferablyprovides a given activation certificate [two way dataexchange] (that is, an activation certificate having a particularkey pair) only after authenticating credentials (e.g., ausername and password ) associated with a persona.” Id. at2:50–54.“the PASSPORT ID is contained in the activation certificate ,…” Id. at 15:67–16:49.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
30/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 26 -
[E] DeMello shows the “electronic identification reference,” specified as “a
verified web service account identifier” of this element is communicated by the
reader (also client or user computing device – the “communications console”).
DeMello shows sending an activation certificate (which includes the account
identifier PASSPORT ID and other identifiers) by the activation server. The data
exchange is both explicitly described and is inherent, since the activation
certificate would not be communicated unless it was requested or understood to be
requested. See Cherukuri Decl. (EX1009) ¶ 64, Ex. C, claim 1[E].
[E] requesting at leastone electronicidentification referencefrom the at least onecommunicationsconsole wherein theelectronic identificationreference comprises averifiedweb service accountidentifier of the firstuser;
DeMello (EX1005)
“At step 150, the reader client opens into the integrated bookstore feature and connects, via secure sockets layer(SSL), to the activation servers 94, where users areprompted to login [requesting] using, in this example,their PASSPORT.TM. credentials (step 152).” Id . at23:6–11.
“PASSPORT ID -The persona ID associated with theuser, which is provided by the user during activation .…” Id. at 15:65–16:51.
[F] The “identification reference” (PASSPORT ID in activation certificate)
is received from the communications console (the reader). This element is part of
element [E], since a requested element is clearly received.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
31/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 27 -
[F] receiving theat least oneelectronic
identificationreference fromthe at least onecommunicationsconsole; and
DeMello (EX1005)
“At step 150, the reader client … connects, via secure sockets
layer (SSL), to the activation servers 94, where users areprompted to login [requesting] using, in this example, theirPASSPORT.TM. credentials (step 152).” Id . at 23:6–10.
“PASSPORT ID -The persona ID associated with the user,which is provided by the user during activation .…” Id. at 15:65–16:51.
[G] This element requires that the verification token and identification
reference be written into metadata. Patent Owner admits this was shown in the
prior art for the verification token in the ’860 Patent:
This disclosure corresponds to, for example, the first,
second, and sixth steps of claim 1 of the ‘860 patent as
illustrated in Figure 3 at 301, 303, and 305 (i.e., receiving
a write request and authentication) and 302 (i.e., writingthe verification token into the metadata). Wimmer stops
there, however, and critically lacks the third, fourth, and
fifth steps of claim 1 of the ‘860 patent ….
Sony v. Grecia Preliminary Response (EX1003) at p. 13. See also Cherukuri
Decl. (EX1009) at ¶23.
DeMello discloses the writing of the identification reference (verified web
service account identifier) to metadata in two different ways. The PASSPORT ID
(an identification reference) is part of the activation certificate, as described above,
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
32/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 28 -
and the public key of the user's activation certificate is cryptographic hashed with
meta–data. The PASSPORT ID is also written into (“stores” into) a registry ( Id . at
16:48–49), which constitutes additional metadata because it is associated with the
content. See Cherukuri Decl. ¶ 64, Ex. C, claim 1[G].
DeMello also discloses the writing of the membership verification token to
metadata. The purchaser credit card and name (a verification token) are written
into the eBook title metadata. Id . at 5:45–48. See Cherukuri Decl. at ¶ 68 and
Ex. C, claim 1[G].
[G] brandingmetadata oftheencrypteddigital media
by writingthemembershipverificationtoken and theelectronicidentificationreferenceinto the
metadata.
DeMello (EX1005)
PASSPORT ID as verification token written to metadata“… stores the PASSPORT ID in the registry [metadata] on theuser's computing device, …” Id . at 16:48–49.
“the PASSPORT ID is contained in the activation certificate , …” Id . at 15:65–16:51. “the key is a symmetric key 14A that is sealedwith a cryptographic hash of meta–data 12 or, in the case of level5 titles, with the public key of the user's activation certificate .” Id .at 6:42–45.
Purchaser name as verification token written to metadata:“An "individually sealed" title is an eBook whose meta–data includes information related to the legitimate purchaser (e.g., the
user's name or credit card number , the transaction ID …..” Id .at 5:45–48.
Claim 1– Pestoni (EX1006) . Pestoni discloses a networked system where a
user can obtain content from a content provider, which may refer the user to a
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
33/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 29 -
license server for a content license that is bound to the user’s domain membership
ID. Id . at Abstract; [0002]; [0012]. A separate domain administrator authenticates
the user, with a password, and provides the user’s device, as well as any another
other of the user’s devices, with a domain membership license to allow access to
the content based on the user’s domain membership. Id . The content license is
metadata with a domain membership ID. Id . Patent Owner admits that the
corresponding elements [B] and [C] of the ’860 Patent are in the prior art (as
discussed above). See Cherukuri Decl. (EX1009) ¶¶ 86-102 and Ex. D, claim 1.
[A] – Preamble. Pestoni discloses a method for facilitating digital–media
access rights between multiple user devices. Id . at [0013].
’555 Patent(emphasis added)
Pestoni (EX1006) (emphasis added)
[A] 1. A methodfor monitoringaccess to anencrypted digitalmedia, the methodfacilitatinginteroperability
between a plurality
of data processingdevices, themethodcomprising:
Pestoni (EX1006) :moni tori ng access to encrypted digi tal media by f aci l itatinginteroperabili ty between mul tiple devices . . .“. . . Management of a domain refers to . . . imposingrestrictions on members of the domain, including addingdevices to the domain, removing devices from the domain . ... When a device 112, 114 joins a domain, the device 112,114 is given a domain membership license . . . [that] allowsthe device to access and play back any protected content that
has been bound to that domain, as discussed in more detail below.” Pestoni at [0017]. The pieces of content provided todevices 112, 114 are typically protected . . . throughencryption . . ..” Id. at [0018].
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
34/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 30 -
[B] As noted, Patent Owner has admitted as prior art the corresponding
element, which requires an access branding request (which eventually results in a
metadata read/write) along with a membership verification token from a
communications console (the user device). Pestoni discloses this as a domain
membership license obtained with a join–domain request 220 which includes “user
credentials such as a user id and password.” Id. at [0041]. Pestoni discloses
concurrently submitting content and join–domain requests 240, 220. Id. at [0038].
The admitted prior art steps include the ’555 Patent’s verifying membership at a
site to buy content, and Pestoni recites establishing a domain membership
relationship. It would be obvious to use the verification token of the admitted prior
art to establish a membership relationship.
[B] receivingan encrypteddigital mediaaccessbrandingrequest from atleast onecommunications console of the
plurality ofdata processingdevices, the
brandingrequest being aread or writerequest of
The corresponding element in the ’860 Patent is admittedprior art.Pestoni (EX1006) : receiving an access request . . .“[0038] ….To join a domain, device 202 issues a join-domainrequest 220 to domain administrator 102.”“[0067] Device 202 communicates with content provider 104 toobtain pieces of protected content. Protected content can beobtained by device 202 before it joins a domain, after it joins a
domain, or concurrently with joining a domain. The protectedcontent is bound to a particular domain via its content license, asdiscussed in more detail below. Device 202 [apparatus withCPU] submits a content request 240 to content provider 104,requesting one or more pieces of protected content.”
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
35/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 31 -
meta data ofthe encrypted
digital media ,the request comprising amembershipverificationtoken provided
by a first user,correspondingto theencrypteddigital media ;
the access request compr ises verification data . . .In Pestoni , the request for domain membership license includes auser id and password , which constitutes “verification data” that
is “recognized by the apparatus as a verification token.” Id . at[0039], [0041].
“The join–domain request includes various parameters . . . [suchas] a device certificate, user credentials , and optionally a devicedescription.” Id . at [0039]. “The user credentials can take any ofa variety of different forms, such as a user id and password , adigital certificate attesting to the user’s identity and digitallysigned by a trust authority, and so forth.” Id . at [0041].
the branding request being a r ead or wr ite request of meta data . . .“The content license is . . . sent to the device . . . [which]maintains the content license in its content license store [210].”
Id . at [0096]; also see, id. at [0034].
[C] As noted, the corresponding element in the ’860 Patent was admitted by
Patent Owner to be in the prior art. Pestoni does a similar authentication, as in the
admitted prior art, and thus it is the part of Pestoni is admitted to be obvious. In
Pestoni , for example, the user id/password [verification token] included in the
access branding request is authenticated using domain administer 102, which
compares against stored passwords. Pestoni at [0038], [0041], [0045]. It is
obvious to combine Pestoni with the token database of Wieder , which shows
authenticating a “Purchase–Record” (verification token).
Because Wieder and Pestoni both relate to Digital Rights Management, and
both relate to supporting multiple users or user devices, it would be obvious to
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
36/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 32 -
combine Wieder with Pestoni to implement a database of user domains associated
with multiple user readers. The Wieder database is also described as including
other information, and it would be obvious to include the other data of Pestoni , and
it would be obvious to do this in a single database or multiple databases. Wieder
thus shows more details of actions specifically described in Pestoni .
[C]authenticating
themembershipverificationtoken, theauthenticationbeingperformed inconnectionwith atokendatabase ;
This element is admitted prior art Pestoni (EX1006) :
“The join–domain request includes various parameters . . . [suchas] a device certificate, user credentials, and optionally a devicedescription. Id. at [0039]. “The user credentials can take any of avariety of different forms, such as a user id and password , adigital certificate attesting to the user’s identity and digitallysigned by a trust authority, and so forth.” Id . at [0041].
“Domain request approval module 224 [of domain administrator102] obtains and verifies that the user credentials fromrequest 220 are correct . This verification can take differentforms, such as comparing a password (or hash thereof) against astored password (or hash thereof), accessing a remote service(not shown) to verify that the received password matches thereceived user id, . . . and so forth.” Id. at [0045].
Wieder (EX1007) : See element C under Ground 1, claim 1above.
Elements [D]–[F], as described under Ground 1 above, set forth using a GUI
and an API to communicate with a verified web service to request [E] and receive
[F] a “verified web service account identifier.” As described above, the use of a
GUI and an API to access a verified web service is admitted prior art. In addition,
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
37/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 33 -
since both DeMello and Pestoni were assigned to Microsoft, and both relate to very
similar digital rights systems, the use of a GUI and API discussed in DeMello
above is evidence of the common practice of Microsoft programmers in
implementing these systems.
Element [D] requires a two way data exchange session to complete a
verification process. Pestoni describes completing the verification process by
establishing a connection with “license server 106.” To do so, the user device
sends to the license server “a content license request 252” that includes “a domain
certificate,” which is verified web service account identifier. Pestoni teaches that
the license server 106 is a verified web service because the license server 106 is
accessible only with a domain ID, which can only be obtained after domain
administrator 102 authenticates the user credential, such as the user id/password.
Pestoni at [0038], [0041], [0045], [0072], [0073]. This meets the verified web
service claim construction above of any web service that authenticates the identity
of a user or a device , or, in other words, any web service which verifies an
identity, such as through a user name and password .
[D] establishing aconnection with the atleast onecommunicationsconsole wherein thecommunications
Use of GUI & API are admitted prior art.
establishing a connection with the at least onecommunications console . . .Pestoni (EX1006): “Device 202 communicates withlicense server 106 to obtain content licenses for pieces
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
38/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 34 -
console is acombination of agraphic user interface
(GUI) and anApplicationProgrammable Interface(API) protocol, whereinthe API is related to averified web service, theverified web servicecapable of facilitating atwo way data exchangeto complete a verification
process ;
of protected content . . . Device 202 sends a contentlicense request 252 . . . [that] includes various
parameters . . . [such as] a key ID, a domain ID, and a
domain certificate.” Id . at [0072].the verified web service capable of facilitating a two– way data exchange to complete a verification process;“In response to content license request 252, licenseserver 106 validates the domain certificate included inrequest 252.” Id . at [0075]. “The content license 254,
bound to domain 204, is returned to device 202. Oncedevice 202 has the content license for a piece of
protected content, content playback module 214 is ableto access the protected content ….” Id . at [0084].
Element [E] sets forth requesting a verified web service account identifier,
while Pestoni describes the device 202 sending a domain ID [verified web service
account identifier] in content license request 252. Varying which side initiates the
request for the verified web service account identifier is an obvious matter of
design choice. One of skill in the art would recognize that the License Server
could request the domain ID in response to a license request, or the device could
simply supply the domain ID as part of the request.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
39/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 35 -
[E] requesting at least oneelectronic identification referencefrom the at least one
communications console whereinthe electronic identificationreference comprises a verified webservice account identifier of thefirst user;
Pestoni (EX1006) : “Device 202communicates with license server 106 toobtain content licenses for pieces of
protected content . . . Device 202 sends acontent license request 252 . . . [that]includes various parameters . . . [such as] akey ID, a domain ID, and a domaincertificate .” Id . at [0072].
[F] The license server 106 receives from device 202 a content license
request 252, which includes various identification references, including a key ID, a
domain ID, and a domain certificate. This element is part of element [E], since a
requested element is clearly received.
[F] receiving the atleast one electronicidentification referencefrom the at least onecommunicationsconsole; and
Pestoni (EX1006) : “Device 202 communicates withlicense server 106 to obtain content licenses for pieces of
protected content . . . [License server 106 receives fromdevice 202] . . . a content license request 252 . . . [that]includes various parameters . . . [such as] a key ID, adomain ID, and a domain certificate .” Id . at [0072].
Element [G] is shown. Pestoni shows the verified web service as License
Server 106, which requests and receives “Domain ID” and “domain certificate.”
See id. at par. 0072–74. A “content license” is generated, and bound to the domain
associated with the “Domain ID.” Id . at par. 0079–82. The content license 254,
bound to domain 204, is returned to device 202, which stores the license in content
license store 210. Once device 202 has the content license, it is able to access the
protected content. Id . at par. 0084. The content license 254, bound to domain 204
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
40/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 36 -
and stored in content license store 210 of device 202, obviously constitutes
metadata, since this is data is about the content stored in device content store 208
of the device 202. Additionally, Pestoni refers to the content metadata (par. 0071)
as including a key ID which identifies the content, which associates the content
license, which contains the domain ID, as set forth in the below claim chart.
The ’555 Patent admits in the background that it was common to store credit
card and other personal information in metadata. It would be obvious to combine
this admitted prior art with Pestoni since both relate to DRM metadata, and one of
skill in the art would recognize that metadata would have many other components.
Pestoni mentions a “join–domain request includes various parameters . . . [such
as]… user credentials,” and user credentials would obviously be personal
information as described in the admitted prior art. Id . at [0041].
Other embodiments . The “verification token” is also shown by user
credentials, such as a user id and password, a digital certificate and other
parameters in Pestoni, with the “identification reference” being shown by the
Domain ID, Domain Certificate or other parameters. Not only does the ’555
Patent say the order of steps can be different, as noted above, but Pestoni says the
same in paragraph [0097].
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
41/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 37 -
[G] brandingmetadata of theencrypted digital
media by writingthe membershipverification token andthe electronicidentificationreference into themetadata.
Admitted prior ar t’ 555 Patent Background: “DRM schemes for e-booksinclude embedding credit card information and other
personal information [membership verification token]inside the metadata area of a delivered file format ….” Id .at 3:18-20.
Pestoni (EX1006): “Content license generator 260generates a content license for the requested pieces ofcontent. The content license includes a content key, adomain ID [identification reference], usage rights, [and]verification information.” Id . at [0079].
Claim 2. Claim 2 recites a list of possible verification tokens including a
email address, password or a redeemable instrument of trade which is equated with
a credit card (’555 Patent 8:45–51) and a credit card is listed as equivalent in claim
1 of the child ’860 Patent (“payment system, credit card, … redeemable
instruments of trade,” ’860 Patent 14:47-49). DeMello shows a UserName string
that includes a credit card number for verification by the retailer, and establishing a
membership relationship that one of skill in the art would recognize to mean
providing a log-on email and password. Pestoni shows that the verification token
can take “any of a variety of different forms, such as a user id and password, a
digital certificate attesting to the user’s identity and digitally signed by a trust
authority, and so forth.” Pestoni at [0041].
’555 Patent Prior Art (Emphasis added)2. The method See claim 1, element [B] above.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
42/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 38 -
according toclaim 1,wherein the
membershipverificationtoken is one ormore of astructuredpassword, arandompassword , e– mail address ,
paymentsystem andone or moreredeemableinstruments oftrade foraccess rightsof theencrypteddigital media.
DeMello (EX1005) “Through this communication [access request], bookstore servers
72 may allow users to shop for eBook titles, establish theirmembership relationship with the retailer [email, password], pay for their transactions, and access proof–of purchase pages(serve–side receipts).” Id . at 9:9–16.
“UserName—a string containing ,,, credit card number ….” Id. at16:16-38.
“‘[I]ndividually sealed " content includes in the rights– management data information pertinent to the rightful owner(e.g., the owner's name , credit card number, receipt number ortransaction ID for the purchase transaction, etc. [verificationtoken]), such that this information cannot be removed from aworking copy of the content. . . .” Id. at 2:12–17.
Pestoni (EX1006) “The join–domain request includes various parameters . . . [suchas] a device certificate, user credentials, and optionally a devicedescription.” Pestoni at [0039]. “The user credentials can take any
of a variety of different forms, such as a user id and password, adigital certificate attesting to the user’s identity and digitallysigned by a trust authority, and so forth.” Id . at [0041].
Claims 3–6 . Claim 3 is directed to a second user, who is validated by a
membership web service. This is shown by DeMello’s PASSPORT membership
service and Pestoni’s domain membership, which both provide for validating
multiple members. See also Cherukuri Decl. (EX1009) Exhibits C & D.
Claim 4 is directed to users (e.g., a first user and a second user), who are
granted with access rights based on verification of the membership verification
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
43/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 39 -
token by a content provider (e.g., a bookstore). Claim 4 merely recites the
verification function of the verification token shown above by DeMello and
Pestoni with respect to claim 1.
Claim 5 says digital media is shared among multiple users with membership
status, similar to claim 3, but depending from claim 1, and is also shown by
DeMello and Pestoni . The validation of the membership is done in DeMello by
authenticating the user. Pestoni similarly shows a validated domain.
Claim 6 sets forth that the users can be humans or computerized
mechanisms in a network, which is met by the “user” of DeMello and Pestoni . The
’555 Patent doesn’t describe any separate network of users, just the cloud/internet,
which is also shown in the below quoted sections of DeMello & Pestoni . Thus,
claims 2–6 are separately invalid as obvious over both DeMello and Pestoni .
’555 Patent Prior Art (Emphasis added)3. The method according toclaim 1, wherein the brandingrequest being a request fromthe first user through a data
processing device of the plurality of data processingdevices, the first useracquiring access rights to theencrypted digital media;
or wherein the brandingrequest being a request fromone or more secondary users
DeMello (EX1005) “Thus, a user is unlikely to share his PASSPORTID and password with a large group of people,thereby ensuring that the persona to which areader is activated is genuinely associated with a particular user (or, possibly, a family thatshares a single PASSPORT account ).” Id . at13:49–54.
“The PASSPORT object 96 … authenticate theend–users using, for example, their hotmailaccounts (or other PASSPORT credentials.” Id . at13:30–35.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
44/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 40 -
connected to the first user, theone or more secondary userscomprising one or more of
human beings or programmedcomputerized mechanisms innetwork of the first user;
wherein the one or moresecondary users are validatedby a membership webservice .
Pestoni (EX1006)“[0016] Each domain 108 is associated with a
particular user or group of users [secondaryusers].” Presoni at [0016]. “The user can haveeach device that he or she owns join his or herdomain …. Alternatively, domain administratorcould employ a domain policy that allowsmultiple users [secondary users] to share adomain ….” Id. at [0041].
Claim 7. This claim simply refers to an ID of the media being cross
referenced to the user (token) in a database. It is obvious to link purchased media
to the purchaser. DeMello describes a bookstore database with book IDs that are
inherently associated with user membership information (verification token) during
a book purchase.
Wieder (EX1007) describes a “usage–rights repository” 24 database that
stores the tokens which include “Token–Owner,” “Usage–Rights,” and “Purchase–
Record.” Id . at Fig. 13, 7:30–31. Thus, DeMello in combination with Wieder
teaches the limitations of claim 7. It is obvious to combine to provide the extra
items in the database listed in Wieder .
Pestoni discloses that the digital media is associated with domain
membership license ( Pestoni at 0049) and that the domain membership license is
cross referenced with user details such as user credentials. Pestoni at 0102.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
45/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 41 -
Pestoni also discloses that the domain membership license is stored in Domain
license store, i.e., a database. Pestoni at 0034. In addition, one of skill in the art
would recognize that the user identity would be linked to the user credentials and
stored in a database. It would also be obvious to combine Pestoni with Wieder for
the reasons set forth above.
’555 Patent Prior Art (Emphasis added)7. The methodaccording toclaim 1,wherein theencrypteddigital mediais associatedwith anidentifierstored in a
database, theidentifier being cross– referencedwith acorrespondingtoken from alist ofassociatedtokens storedin the tokendatabase forverification.
DeMello (EX1005)
See claim 1, element [C] .
“A bookstore (retailer) database is populated with the Book IDs[identifier] generated by a tool for managing the LIT files of a
particular content provider's data center.” Id. at 28:34-36.
“It will be recalled that individualized titles (e.g., level 3 and level5) incorporate the user's name [verification token] into the LITfile and bind [cross-reference] that name to the decryption key, sothat the origin of unauthorized distribution of content can bedetected. Id. at 16:16-38.
Pestoni (EX1006)“Domain membership license 300 includes a device ID 302, adomain ID 304 [identifier], a domain private key 306, a domaincertificate 308, an integrity verification value 310, a certificaterevocation list 312, and a rights list 314 [digital media].” Id . at0049.
“[0080] …. The domain ID is the identifier of the domain towhich the content is to be bound, as identified by the domain IDin request 252. The usage rights describe the rights that are beinglicensed to device 202.”“A user [token] is associated with a particular domain, and eachof the user's media playback devices communicates with adomain administrator to obtain a domain membership license.”
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
46/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 42 -
Id . at 0012.“Content license generator 260 generates a content license for therequested pieces of content [digital media]. The content license
includes [cross-referenced] a content key, a domain ID [identifier], usage rights, verification information ….” Id . at[0079].
Claim 8 recites a list of possible digital media including a video file, audio
file, etc. which are explicitly described in both DeMello and Pestoni .
’555 Patent Prior Art (Emphasis added)8. The methodaccording to claim 1,wherein the encrypteddigital media is one ofa video file , audio file ,container format,document, metadata aspart of video gamesoftware and othercomputer basedapparatus in which
processed data isfacilitated.
DeMello (EX1005)
“A preferred embodiment of the invention is described,which is directed to the processing and delivery ofelectronic books, however, the invention is not limitedto electronic books and may include all digital contentsuch as video , audio , software executables , data , etc.”4:43–49.
Pestoni (EX1006) “The digital media can be any of a variety of types ofcontent, such as audio content , movie content, imagecontent, textual content, graphics content, and so forth,as well as combinations of one or more of thesedifferent types of content.” Pestoni at [0015].
Claim 9 recites that the “electronic identification reference” of claim 1 is a
“key file.” Claim 1 specifies that the “electronic identification reference” is a
“verified web service identifier.” Thus, the “key file” is either the “verified web
service identifier” already shown above, or a version encrypted with a key, which
is also shown. The claim further says that the key file is uploaded by at least one
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
47/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 43 -
communications console for branding encrypted digital media for giving access to
the encrypted digital media. This is shown by DeMello’s PASSPORT membership
service which exchanges an activation certificate including a key and a Passport ID
for credentials to authenticate a user at a reader. The reader stores [uploads] the
Passport ID to the registry on the reader. The activation certificate includes a key
which is used to protect the content (e.g., a key stored in an electronic Book file)
and to later enable the reader to open protected content. This is also shown by
Pestoni , which discloses that binding can be achieved by encrypting at least a
portion of the content license (e.g., at least the content key) with the public key
provided from the device 202 via request 252. Pestoni at [0082].
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
48/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 44 -
’555 Patent Prior Art (emphasis added)9. Themethod
according toclaim 1,wherein theelectronicidentificationreference is akey file , thekey file
beinguploaded bythe at leastonecommunications consolefor brandingtheencrypteddigitalmedia;
therebygiving accessto theencrypteddigitalmedia.
See claim 1, element [G] above.
DeMello (EX1005) “In a preferred embodiment, the key is a symmetric key 14A that issealed with a cryptographic hash of meta–data 12 or, in the case oflevel 5 titles, with the public key of the user's activationcertificate . This key is stored either as a separate stream in asub–storage section of the eBook file (DRM Storage 14 in thediagram) or, in the case of level 5 titles, in the license.” Id. at 6:42– 48.
“In one example, the “data” includes an activation certificate havinga public key and an encrypted private key , and the "code" is a
program ( e.g., a "secure repository") that accesses the private key inthe activation certificate by applying, in a secure manner, the keynecessary to decrypt the encrypted private key.” Id. at 2:35–40.
Pestoni (EX1006) “Domain binding encryption module 258 binds the content licensegenerated by content license generator 260 to the domain identifiedin request 252. This binding can be achieved in different manners.
In one or more embodiments, this binding is achieved byencrypting at least a portion of the content license (e.g., at least thecontent key) with the public key [key file] of the domain identifiedin request 252. The public key of the domain identified in request252 is included in request 252. Pestoni at [0082].
Claim 10. This claim spells out that the branding request of claim 1 is an
access request with a verification token and a rights token (which is a flag). This
claim also recites standard components of a system including a combination of
memory, CPU, server, database, and cloud system, all of which are disclosed by
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
49/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 45 -
DeMello. This claim simply recites more details of an element the Patent Owner
admitted element is shown in the prior art as discussed above.
DeMello describes the rights token/flag by the “establish their membership
relationship with the retailer … and access proof-of purchase pages (serve-side
receipts) [rights token].” One of skill in the art would recognize that it is obvious to
provide proof-of purchase only if the membership relationship is first successfully
implemented. Pestoni similarly shows authenticating a domain membership as
discussed above. Based on DeMello and Pestoni and the admitted prior art, it
would be obvious to send a verification token of the admitted prior art along with a
rights token (indicating that the verification token is successfully verified) in an
access request to establish a membership relationship. See Cherukuri Decl.
(EX1009) Exs. C & D, claim 10.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
50/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 46 -
’555 Patent Prior Art (emphasis added)10. The method of claim 1,wherein the method facilitates
access rights authenticationfor the encrypted digitalmedia, the branding request isan access request, andwherein the read or writerequest of metadata is
performed in connection witha combination of a memory,CPU, server, database, andcloud system; the accessrequest is generated by eithera human user, a machine, or ahuman programmedcomputerized device; theaccess request furthercomprises a membershipverification token and a rightstoken wherein the rightstoken is a flag indicating the
verification token issuccessfully verified.
See claim 1, elements [A] and [B] above.
DeMello (EX1005)
“As shown in FIG. 2, an exemplary system forimplementing the invention includes a general
purpose computing device in the form of aconventional personal computer or network server 20 or the like, including a processing unit [CPU]21, a system memory 22 ….” Id. at 7:14-18.
a cloud system : “…communications over thewide area network 52, such as the Internet .” Id .at 8:24–25. [Internet=cloud]
“Through this communication, bookstoreservers 72 may allow users to shop for eBooktitles, establish their membership relationship withthe retailer, pay for their transactions, and access
proof-of purchase pages (serve-side receipts)[rights token flag].” Id. at 9:9-16.]
Pestoni (EX1006) : See claim 1, element [B]
Claim 12 . This claim is nearly identical to claim 1, converting method
references to a system. The one addition is that the system works as a “front–end
agent.” The term “front–end agent” only appears in claim 9. There is one relevant
use of “front–end” in the body of the ’555 Patent: “As explained earlier, the system
we will discuss will work as a front–end to encrypted files as an authorization
agent for decrypted access.” ’555 Patent, 5:37–39. The term “front–end” is also
used to describe the user GUI, which is a different use. Id ., 11:10–11. DeMello
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
51/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 47 -
describes the activation process being on “front–end activation servers,” and thus
shows this.
Pestoni also shows a system accessed over the Internet, and Pestoni
discloses that the devices can interact with the domain management system
directly; that is, as a front–end agent. See Cherukuri Decl. (EX1009) ¶¶86–102 &
Ex. D, claim 9.
’555 Patent Prior Art (Emphasis added)Marked to showadditions and[deletions] comparedto claim 1.[A] [1] 12. A system[method] for monitoringaccess to an encrypteddigital media, thesystem [method]
facilitatinginteroperability betweena plurality of data
processing devices,
[A1] the systemworking as a front–endagent for access rightsauthorization between a
plurality of data
processing devices, thesystem [method]comprising:
See claim 1, element [A] above.
[A1] DeMello (EX1005) “ The activation server ISAPI Extension DLL 98 carriesout tasks associated with the activation process on thefront–end activation servers ,… . Id. at 13:62–64.
“Fully individualized’ content …cannot be accessed inthe absence of a "activation certificate," which areissued by the activation server…. Id . at 2:22–28.
“Moreover, the activation server arrangement preferably provides a given activation certificate (that is,an activation certificate having a particular key pair)only after authenticating credentials (e.g., a usernameand password) associated with a persona.” Id . at 2:50– 54.
Pestoni (EX1006)“In accordance with one or more aspects, a device
accesses a domain administrator in order to obtain adomain membership license.” Pestoni at [0003].
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
52/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 48 -
Elements [B]–[G] are the same as claim 1 except as indicated by underlining
below.
[B] a first receipt module, the first receipt module receiving anencrypted digital media access branding request … ;
See claim 1,element [B] above
[C] an authentication module, the authentication moduleauthenticating the membership verification token … ;
See claim 1,element [C] above.
[D] a connection module, the connection module establishing aconnection …;
See claim 1,element [D]
above.[E] a request module, the request module requesting the at least oneidentification reference …;
See claim 1,element [E] above.
[F] a secondary receipt module, the secondary receipt modulereceiving the at least one identification reference … ; and
See claim 1,element [F] above.
[G] a branding module, the branding module writing at least one ofthe verification token or the identification reference into the
metadata.
See claim 1,element [G]
above.
Claim 13 . This claim is nearly identical to claim 8, converting method
references to a system, and is invalid for the same reasons.
’555 Patent Prior ArtMarked to show additions and [deletions] compared to claim 8. [8] 13. The system [method] according to claim 12 [1], wherein theencrypted digital media is …. ;
See claim 8.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
53/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 49 -
Claim 14 . This claim is nearly identical to claim 9, converting method
references to a system, and changing “key file” to “key certificate file.” Claim 14
is invalid for the same reasons as claim 9.
’555 Patent Prior ArtMarked to show additions and [deletions] compared to claim 9. [9] 14. The system [method] according to claim [1] 12, wherein theelectronic identification reference is a key certificate file, the keycertificate file being uploaded by the at least one communicationsconsole for branding the encrypted digital media; thereby giving
access to the encrypted digital media
See claim 9.
Claim 15 . This is a program code claim corresponding to method claim 1,
converting method references of claim 1 to a program code for use with a
computer, where the computer program product comprises a non–transitory
computer usable medium having a computer readable program code stored therein
for performing the elements of claim 1. Elements [B]–[G] are the same as claim 1.
’555 Patent Prior ArtMarked to show additions and [deletions] compared to claim 1.[A] [1] 15. A [method] computer program product for use with acomputer, the computer program product comprising a non– transitory computer usable medium having a computer readable
program code stored therein for monitoring access to an encrypted
digital media, the method facilitating interoperability between a plurality of data processing devices, the computer program product performing the steps of [method comprising]:
See claim 1,element [A]above.
[B] receiving an encrypted digital media access branding request… ;
See claim 1,element [B].
[C] authenticating the membership verification token … ; See claim 1,element [C].
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
54/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 50 -
[D] establishing a connection …; See claim 1,element [D].
[E] requesting the at least one identification reference …; See claim 1,
element [E].[F] receiving the at least one identification reference … ; and See claim 1,
element [F].[G] writing at least one of the verification token or theidentification reference into the metadata.
See claim 1,element [G].
Claim 17 . This claim is nearly identical to claim 10, converting method
references to a computer program product, and is invalid for the same reasons.
’555 Patent Prior ArtMarked to show additions and [deletions] compared to claim 10. [10] 17. The [method] computer program product of claim [1] 15, …;
See claim10.
Claims 18–22 . These claims recite language similarly recited in claims 3–6,
respectively as shown below, with the method references converted to a computer
program product in each of the claims. Thus, each of claims 18–22 are invalid for
the same reasons as each of claims 3–6, respectively.
Claims 18 and 19 include a combination of the subject matter of claim 3,
reciting language similarly recited in claim 3. The method references are
converted to a computer program product in claims 18 and 19, and are invalid for
the same reasons as claim 3.
8/19/2019 Unified Patents Inc. v. William Grecia, IPR2016-00789, Paper 1 (PTAB Mar. 22, 2016)
55/65
IPR2016–00789 PetitionU.S. Patent 8,402,555
- 51 -
’555 Patent Prior ArtMarked to show additions and [deletions] compared to claim 3. [3] 18. The [method] computer program product according to