[00:01:00] Speaker 03: Our next case this morning is number 161510, Trusted Knight Corporation versus IBM. [00:01:12] Speaker 01: Yes, you may proceed. [00:01:16] Speaker 01: Thank you, Judge. [00:01:17] Speaker 01: I can now please the court. [00:01:19] Speaker 01: This is a case about malicious software, otherwise known as malware. [00:01:24] Speaker 01: Bad actors use malware techniques known as key logging to steal [00:01:29] Speaker 01: confidential information, and then frequently money or other assets. [00:01:35] Speaker 01: This is a case also where the specification teaches what the claims mean. [00:01:40] Speaker 01: And if I may, I'd like to start with the in response to term. [00:01:47] Speaker 01: The disputed term in context is in response to the software key logging through the API stack to an internet communication support. [00:01:56] Speaker 01: Now, that term does not say anything. [00:01:58] Speaker 01: about presence or detection, nor should that be read into the claim. [00:02:03] Speaker 01: In fact, the specification is absolutely clear that it's quite the contrary. [00:02:08] Speaker 01: The patent explains the solution. [00:02:10] Speaker 00: Isn't that the whole problem here? [00:02:11] Speaker 00: You've got a claim limitation that seems kind of plain on its face and a specification that says just the opposite. [00:02:19] Speaker 00: And so that's what seems to be the problem here with respect to why the district court below held that the claims were indefinite, because you've got [00:02:28] Speaker 00: A limitation saying X, and then the specification saying just the opposite. [00:02:35] Speaker 01: With all due respect, Your Honor, it all depends on what in response to means. [00:02:40] Speaker 01: This is not a case that, for example, my adversary relies on, like Allen Engineering, where the claim says there's a conflict between parallel and perpendicular. [00:02:56] Speaker 01: The question is, what does in response mean? [00:02:58] Speaker 01: And in this case, the only way we know is by reading the specification. [00:03:05] Speaker 01: The specification says the solution of the present invention does not depend on the detection of malware at all. [00:03:13] Speaker 03: And more importantly, the specification doesn't explain the in response to language, right? [00:03:19] Speaker 03: And if I recall correctly, that language doesn't appear in the specification at all. [00:03:24] Speaker 01: That's correct, Your Honor, but under the cases [00:03:27] Speaker 01: of this court, including the cases that we cite here, Eidos and the others, it doesn't have to. [00:03:39] Speaker 01: What you have to do is say, will a positive understand in the context of the specification what the claims mean? [00:03:48] Speaker 00: The problem is in response to his just plain language that has a very accepted meaning, [00:03:53] Speaker 00: And you're asking us to look to the specification to find that it has a very different reading. [00:03:59] Speaker 01: But, Your Honor, the issue is when you say in response to has a plain meaning, a plain meaning in what context? [00:04:06] Speaker 01: This is not a case about what you and I, if we were having a conversation outside this courtroom, might mean by in response to. [00:04:14] Speaker 01: The question is, what does a posita read this to be? [00:04:19] Speaker 01: And the only way we know what a posita reads this to be [00:04:22] Speaker 01: is if you look at what the specification says. [00:04:25] Speaker 03: I think that it's really a question. [00:04:27] Speaker 03: It's not so much about in response to me. [00:04:29] Speaker 03: It's a question of what the object of in response to is, whether it's talking about a malware invasion or it's talking about a threat of a malware invasion. [00:04:41] Speaker 03: And the problem is on the, would you agree that's the question? [00:04:46] Speaker 01: I think that gets to the question. [00:04:48] Speaker 01: And that also gets to the next point I wanted to make, Judge Dyke. [00:04:51] Speaker 01: which is that the specification also says the background of the invention discloses a prior art method. [00:04:58] Speaker 04: But why do we go to the specification if the in response to term is in the claim? [00:05:05] Speaker 04: Wouldn't we go to see within the claim what in response to refers to? [00:05:12] Speaker 04: It seems to me that when you do that, you end up having two different options. [00:05:17] Speaker 04: One or both can apply, or neither of them can apply. [00:05:21] Speaker 01: Well, the answer to that question, again, is in the specification. [00:05:24] Speaker 01: And if I may, I'd like to go back to Judge Dykes. [00:05:27] Speaker 04: You're avoiding my question. [00:05:28] Speaker 04: Why isn't the answer in the claim? [00:05:29] Speaker 04: Why don't we look at the claim first to see what in response to means? [00:05:34] Speaker 01: This is a classic case, Judge Raina, where the claim needs to be read in the context of the specification. [00:05:41] Speaker 01: There are many, many claims that this court has allowed as definite where you don't get the answer of the claim. [00:05:47] Speaker 01: You have to go to the specification. [00:05:48] Speaker 01: And I think this is one of those cases. [00:05:49] Speaker 01: OK, but let's look at the claim first. [00:05:51] Speaker 01: Is the answer in the claim? [00:05:53] Speaker 01: The answer is not in the claim. [00:05:54] Speaker 01: You have to go to the specification to find the answer. [00:05:57] Speaker 03: Well, on the face of it, the claim seems to say in response to means in response to a malware invasion, right? [00:06:04] Speaker 01: Absolutely not, Your Honor. [00:06:05] Speaker 01: And again, I'm very eager, as I've been for the last couple of minutes, if I may, Your Honor, to read the next extract from the specification. [00:06:16] Speaker 01: Because the background of the invention discloses a prior art method. [00:06:19] Speaker 01: But the specification specifically says, [00:06:22] Speaker 01: That method does not effectively protect users against forever threats. [00:06:26] Speaker 01: Were you reading? [00:06:28] Speaker 01: Your honor, this is A29. [00:06:29] Speaker 01: OK. [00:06:32] Speaker 04: We're at an A29. [00:06:34] Speaker 01: An absolutely critical part of the specification. [00:06:37] Speaker 01: About which column? [00:06:38] Speaker 01: A29, your honor, column three, lines 28 to 30. [00:06:44] Speaker 01: So the word threat's not made up. [00:06:45] Speaker 01: It's right there in the specification. [00:06:47] Speaker 01: And what's so important is this is not just a word at random. [00:06:51] Speaker 01: This is talking about why this is such an important invention. [00:06:57] Speaker 01: How does that answer the question that we're dealing with? [00:07:00] Speaker 01: Well, I think it answers Judge Dyck's question about, are we talking about an invasion or are we talking about a threat? [00:07:07] Speaker 01: And the reason this is such a valuable invention is because it does talk and- So let's say that the specification, you're saying that this refers to it as a threat or an invasion? [00:07:18] Speaker 04: A threat, Your Honor, not an invasion. [00:07:20] Speaker 04: But the claim can also be read to relate to in response to as an invasion. [00:07:29] Speaker 01: But Judge Rayner read by whom? [00:07:31] Speaker 01: And it has to be read by a positive. [00:07:33] Speaker 01: And I go back to saying we all use in common speech in response to. [00:07:39] Speaker 01: It's a little bit more difficult than some of the cases in front of this court in the computer area where it's highly technical. [00:07:45] Speaker 01: You would not use that phrase on the street. [00:07:47] Speaker 04: When a person's skilled in the art read and responds to you and say, I don't know what that refers to, and then go right back up to the beginning of that claim and see if the answer's there. [00:08:01] Speaker 04: And even so, let's say that, yes, this part of the specification makes a reference, you say, but you're avoiding the question that I'm asking. [00:08:13] Speaker 04: Doesn't the claim itself refer to both a threat and the attack? [00:08:17] Speaker 01: Absolutely not, Your Honor. [00:08:19] Speaker 01: There's no basis to think that. [00:08:21] Speaker 01: What you do if there's a question about what the claim means, as this Court has said in any number of cases, is you go look at the specification. [00:08:29] Speaker 01: And you also go look at the purpose of the invention. [00:08:35] Speaker 01: I mean, if threat was just a random word that was used in the specification, I would understand Your Honor's question. [00:08:42] Speaker 01: But in this case, [00:08:45] Speaker 01: Since the invention does not depend on the detection of malware or a malware invasion, to use your term, Your Honor, it's a substantial improvement on software products designed only to detect and disable malware. [00:09:02] Speaker 01: We live in a world in which malware is an enormous problem. [00:09:07] Speaker 01: And as I said in the hearing below, [00:09:10] Speaker 01: quote myself, if I may. [00:09:12] Speaker 03: Your problem, it seems to me, is the public notice function of the claim language, which on the face of it seems to be pretty clear. [00:09:18] Speaker 03: It may be contradictory to the purpose of the invention, which is why we've got an indefiniteness problem. [00:09:25] Speaker 03: But on the face of it, it seems to be very difficult to read this claim language as referring to a threat rather than an actual invasion. [00:09:33] Speaker 01: No? [00:09:35] Speaker 01: I don't think so, Your Honor, because if there's any confusion about, as you put it, Your Honor, [00:09:40] Speaker 01: about whether or not in response to means an invasion or a threat. [00:09:46] Speaker 01: One looks at the specification, and the specification lays out, first of all, it uses the word threat, and also points out that the whole point of the invention is to give people better protection. [00:09:57] Speaker 00: I said below when I was... Isn't your invention works in two ways? [00:10:01] Speaker 00: One, if there's just a threat, and one, if there's an actual invasion, right? [00:10:06] Speaker 00: I mean, if there is an actual invasion, [00:10:10] Speaker 00: your invention, your software will work. [00:10:14] Speaker 00: I mean, I think your specification might disclose both in the event of a threat and in the event of an invasion. [00:10:20] Speaker 01: No, Your Honor, because the whole point of the invention is that the software is always running to protect against a threat. [00:10:30] Speaker 01: Whether the threat turns into a reality, it really doesn't make any difference. [00:10:35] Speaker 00: But what if it does become a reality? [00:10:38] Speaker 01: And then the software is designed [00:10:39] Speaker 01: to prevent the invasion. [00:10:41] Speaker 01: But that does not make the claim indefinite. [00:10:48] Speaker 01: Because the specification is stating that we have a big problem. [00:10:53] Speaker 01: What do we do about it? [00:10:54] Speaker 01: Do we wait to get attacked? [00:10:55] Speaker 01: Or do we take care of it and not wait until the moment of attack? [00:10:59] Speaker 01: So in this situation, if you have the guard against the threat, yes, you also have the guard against the invasion. [00:11:09] Speaker 01: But that does not make the phrase in response to indefinite, or does not cause the claim to be indefinite on account of that. [00:11:18] Speaker 01: What it simply does is to say, in response to what? [00:11:24] Speaker 01: I think it's also helpful to consider what action is performed. [00:11:29] Speaker 01: And that was something that the district court, I think, struggled with because the district court did not look at what the specification said. [00:11:39] Speaker 01: the claim limitation proceeding. [00:11:41] Speaker 03: Your problem is that these claims are badly drafted, right? [00:11:45] Speaker 03: I mean, if you meant to say threat, it should have said threat. [00:11:50] Speaker 03: And if it meant to have the word is in claim, what is it, 22, the word is would have been there. [00:12:01] Speaker 03: It's just not a well-drafted claim. [00:12:03] Speaker 03: And the question is, what are the consequences of that? [00:12:06] Speaker 01: I think that's absolutely right, Your Honor. [00:12:08] Speaker 01: But there are many, many cases beginning with the Supreme Court decision on nautilus and also the decision from this court on remand where the courts say claims don't have to be perfectly drafted. [00:12:23] Speaker 01: As this court said on remand, there's a bargain that's made between promoting inventiveness and encouraging inventiveness on the one hand and perfection of claims. [00:12:35] Speaker 01: The claim doesn't have to be perfect. [00:12:37] Speaker 01: under multiple cases beginning with the Supreme Court decision in Nautilus, the issue is whether or not, with the benefit of the specification, a positor can understand the claim. [00:12:50] Speaker 04: And let's go back to understanding the claim, because now I'm having a hard time understanding your argument. [00:12:57] Speaker 04: You're saying that the software works for purposes of a threat. [00:13:02] Speaker 04: Does it also work for purposes of an invasion? [00:13:05] Speaker 01: Well, Your Honor, it's there to protect against a threat. [00:13:08] Speaker 01: So yes, of course. [00:13:09] Speaker 04: But does it work in response to an actual threat? [00:13:14] Speaker 04: And it does, right? [00:13:15] Speaker 04: I mean, if there's an invasion, the software goes into operation and takes certain steps. [00:13:22] Speaker 01: No, Your Honor. [00:13:23] Speaker 01: The whole point is that the software is already operating in response to the threat. [00:13:28] Speaker 01: The operation doesn't change depending on whether there's an actual invasion. [00:13:32] Speaker 01: It does not, because the point is that what gets the software going is simply installing it because of the threat. [00:13:42] Speaker 01: Whether or not there's an invasion is immaterial to the software. [00:13:46] Speaker 01: The threat is the purpose of the software. [00:13:49] Speaker 04: Once there's a threat and the threat is detected, does the software shut down? [00:13:54] Speaker 01: Your Honor, it's always running. [00:13:57] Speaker 01: It doesn't detect threats, right? [00:14:00] Speaker 01: It's in response to the threat. [00:14:01] Speaker 03: And the software doesn't detect actual invasions, right? [00:14:08] Speaker 03: That's correct. [00:14:09] Speaker 03: And the operation doesn't change depending on whether there's an actual invasion? [00:14:13] Speaker 01: It's always running. [00:14:14] Speaker 01: It's always running. [00:14:15] Speaker 01: It doesn't respond to the actual invasion. [00:14:18] Speaker 01: It doesn't have to, because it's already always running in response to the threat. [00:14:27] Speaker 04: What happens? [00:14:28] Speaker 04: I mean, surely the software does more than just simply [00:14:33] Speaker 04: notify or identify a threat, it takes action against a malware. [00:14:37] Speaker 01: It doesn't even notify, Your Honor. [00:14:39] Speaker 04: No, no, no. [00:14:39] Speaker 04: I know that. [00:14:41] Speaker 04: I know it doesn't do that. [00:14:42] Speaker 04: But it does more than just sit there and wait until to detect a threat. [00:14:48] Speaker 04: It's always running so that whether or not there's a... But once the actual invasion occurs, then the software also has steps that it takes. [00:14:59] Speaker 01: No, Your Honor, because the software [00:15:02] Speaker 01: when installed does the following. [00:15:05] Speaker 01: And this is why the what part is so important that I was trying to get to. [00:15:12] Speaker 01: The action that's performed is submitting the keyed-in data while clearing the confidential data. [00:15:18] Speaker 01: That's always happening. [00:15:19] Speaker 01: So data gets inputted. [00:15:22] Speaker 01: And the software, my client's software, will always take that software, will always encrypt it, will take it through the level [00:15:32] Speaker 01: three area, which is the area where the malware is operating. [00:15:37] Speaker 01: And it will always deposit unencrypted data where it should be, for example, a bank browser. [00:15:43] Speaker 01: That's always happening. [00:15:45] Speaker 01: It's always happening because of the thread. [00:15:48] Speaker 01: And that process, which I just described, in no way varies if there's an invasion. [00:15:54] Speaker 01: The software doesn't care if there's an invasion. [00:15:56] Speaker 01: The software is taking these three steps. [00:16:00] Speaker 00: is that it's going to take those three steps and it's going to move the data so it's not in response to key logging. [00:16:10] Speaker 00: Exactly right. [00:16:12] Speaker 00: I understand your position. [00:16:13] Speaker 00: I still have a problem because your claim specifically says in response to the key logging. [00:16:20] Speaker 00: And as Judge Raina pointed out, you look at the claim and you see in response to it and [00:16:26] Speaker 00: what comes after that language to try to figure out what it's in response to. [00:16:31] Speaker 00: And then your specification says something different. [00:16:35] Speaker 00: I don't see how you make them consistent. [00:16:39] Speaker 01: Well, but Your Honor, as I said in the beginning, it doesn't say in response to detection. [00:16:44] Speaker 01: It doesn't say in response to presence. [00:16:45] Speaker 01: If you want to know what it's in response to. [00:16:48] Speaker 00: It does say it's in response to the software keylogging through the API stack, which when I look to your specification, that's talking about malware action. [00:16:57] Speaker 01: And keylogging and malware are exactly the same thing, Your Honor, under the terms of art here. [00:17:03] Speaker 01: Keylogging is not re-inputting. [00:17:08] Speaker 01: Keylogging is another synonym for malware. [00:17:12] Speaker 00: Yes. [00:17:13] Speaker 00: So it says in response to the software keylogging, or as you would say, in response to the malware. [00:17:18] Speaker 01: Yeah, in response to the malware, this program will always do take the inputted keystrokes. [00:17:28] Speaker 01: It will always encrypt them, take the data safely through the level three area, deposit it in, for example, a bank browser, and unencrypt it. [00:17:38] Speaker 01: It always will do that in response to the threat. [00:17:41] Speaker 01: And threat is the word in the specification. [00:17:43] Speaker 01: It will always do that. [00:17:44] Speaker 01: It doesn't care whether there's an invasion or not. [00:17:47] Speaker 01: That's what it will always do. [00:17:50] Speaker 03: Your Honor, I think we're out of time here. [00:17:53] Speaker 03: Mr. Gupta, we'll give you two minutes for a bottle. [00:17:55] Speaker 03: Thank you, Your Honor. [00:17:58] Speaker 03: Mr. Nelson. [00:18:01] Speaker 02: Thank you, Your Honors. [00:18:01] Speaker 02: Good morning. [00:18:02] Speaker 02: Dave Nelson on behalf of IBM. [00:18:04] Speaker 02: So let me just address the question Your Honors were asking about whether the specification discusses actions taken in response to malware, and it certainly does. [00:18:12] Speaker 02: I mean, for example, in column four, which is a summary of the invention about lines 47, [00:18:19] Speaker 02: It says the present system detects attempts to place hooks by techniques such as modification of important tables or the insertion of inline hooks. [00:18:27] Speaker 02: Line 47? [00:18:27] Speaker 02: Correct, Your Honor. [00:18:29] Speaker 02: 47 to 49, I believe it is. [00:18:31] Speaker 02: So there's a reference there where there are specific actions that are taken. [00:18:34] Speaker 02: This is column four. [00:18:36] Speaker 02: It's in column four in the summary of the invention. [00:18:39] Speaker 02: Taken in response to malware. [00:18:41] Speaker 02: Another example in response to Your Honor's direct question about whether [00:18:45] Speaker 02: there are things that are done when malware is detected. [00:18:48] Speaker 02: If you look at column six about line 39 through 41, it specifically says in describing various aspects of the invention, the software program further comprises a module for detecting malicious behaviors of a known malware and a module for removing the malware. [00:19:06] Speaker 02: Similarly, if we start... Where was that one? [00:19:08] Speaker 02: That was in column six, your honor, line 39 to 41. [00:19:12] Speaker 02: So is the module for removing the malware, is that referenced in the claim? [00:19:19] Speaker 02: Well, that's exactly part of the problem, Your Honor, because it does. [00:19:22] Speaker 02: The claim references, and if I just refer to the in response to claim first, which is 1 in 23, I believe. [00:19:31] Speaker 02: In response to, in the parlance of computer system technology, has a meaning. [00:19:36] Speaker 02: And frankly, in general parlance, has a meaning, too. [00:19:40] Speaker 02: And it has a meaning. [00:19:41] Speaker 02: that's not modified by this specification, which is there is an action, and that causes something else to happen. [00:19:48] Speaker 02: That's what it in response to means. [00:19:50] Speaker 02: And that's the problem with this claim, because it says very specifically that there is one of the steps, the last of the three steps that are described in the process, that there's a process consisting of two separate events. [00:20:04] Speaker 02: I understand counsel's argument that there's the word while, so one happens [00:20:08] Speaker 02: while another happens, but that doesn't change the fact that they're two different events. [00:20:12] Speaker 02: They're numbered that way in the claim. [00:20:14] Speaker 02: And I can do two things in a computer system or in life at the same time. [00:20:20] Speaker 02: Two things can happen at the same time. [00:20:21] Speaker 02: It doesn't make them the same event. [00:20:23] Speaker 02: So then the language goes on and says very specifically that in response to the software key logging through the API stack to an internet communication port, right? [00:20:34] Speaker 02: So that doesn't tell me. [00:20:38] Speaker 02: in that particular claim, or in the specification anywhere, that action, the in response to, what is it taken in response to? [00:20:48] Speaker 02: What is the triggering event for that? [00:20:49] Speaker 02: That's never discussed anywhere in this specification, never laid out in the specification. [00:20:55] Speaker 02: And therefore, we don't know what it means. [00:20:59] Speaker 03: I think what you're saying, if I understand correctly, is the specification is itself conflicting. [00:21:04] Speaker 03: In some places, it says that it [00:21:08] Speaker 03: is in response to actual malware, those two examples that you gave us just now. [00:21:14] Speaker 03: In other places, it says it doesn't depend on detecting. [00:21:17] Speaker 02: Well, that's correct. [00:21:18] Speaker 02: That is correct, Your Honor. [00:21:19] Speaker 02: And that goes back to the public notice function. [00:21:21] Speaker 02: Because if I just take those broadly, those are two very different claims. [00:21:28] Speaker 02: One is a system that does certain things when malware is present and takes certain action. [00:21:33] Speaker 02: And another one is that it doesn't do those things. [00:21:37] Speaker 02: Now, what other ramifications that has with respect to divided infringement or things, well, that's not what we're here for today, but those are two very different scopes. [00:21:47] Speaker 00: It's kind of a weird case, in a way, to me, in the sense that it seems as if this limitation could possibly be interpreted narrowly to actually mean what it says in response to software key logging, or it could be indefinite [00:22:05] Speaker 00: as a result of the specification being inconsistent. [00:22:09] Speaker 00: Did you have different arguments below? [00:22:12] Speaker 02: We didn't make different arguments below with respect to this, Your Honor. [00:22:18] Speaker 02: We could have, and we considered those things. [00:22:20] Speaker 02: And I understand what Your Honor is saying. [00:22:22] Speaker 02: And part of the further problem on the specificity question that Your Honor just asked is software key logging is actually a specific form. [00:22:34] Speaker 02: in this patent. [00:22:35] Speaker 02: Because if you go back to the beginning of the patent, where it's talking about the various forms of attacks that it's trying to protect against, it doesn't equate software keylogging with malware. [00:22:50] Speaker 00: Are you looking at a particular column one? [00:22:52] Speaker 00: Yes, I am, Your Honor. [00:22:52] Speaker 02: I apologize. [00:22:53] Speaker 02: I'm looking at column one, for example. [00:22:57] Speaker 02: And the discussion of software keylogging begins at line, I believe, 61. [00:23:03] Speaker 02: And you'll see that there's a description of software keyloggers and how they attack and what they do. [00:23:08] Speaker 02: But then there's other techniques described. [00:23:12] Speaker 02: For example, in column two, line five, another one relevant to these claims, it says another technique is hook-based keylogging. [00:23:19] Speaker 02: So software keylogging, hook-based keylogging are not the same thing. [00:23:25] Speaker 02: But each is an example of malware. [00:23:28] Speaker 02: Each is an example of malware, Your Honor. [00:23:30] Speaker 02: But remember, their argument is that the in-response to language [00:23:34] Speaker 02: which, and if I read that language again, just to remind myself, it says, in response to the software key logging through the API stack to an internet communication portal. [00:23:46] Speaker 02: Now, software key logging cannot refer to the presence of malware generally, because the patent doesn't equate to it. [00:23:51] Speaker 03: OK, but so they say to respond to the threat of this particular kind of malware. [00:23:59] Speaker 03: Does this claim make sense if it's read [00:24:03] Speaker 03: literally, in other words, to say that this happens when there is an actual invasion of software key logging? [00:24:12] Speaker 02: No, it doesn't make sense in light of the specification, your honor, because there is no description of such function. [00:24:17] Speaker 02: So just to go back, let's just accept their argument and set aside that we're talking about a specific form of malware here. [00:24:25] Speaker 02: If we say it's in response to the threat of malware, one, we don't know which of these two are in response to that. [00:24:33] Speaker 03: That seems to me not to get you anywhere because it's on the face of it, it's talking about a specific kind of malware. [00:24:41] Speaker 02: I apologize, Your Honor. [00:24:43] Speaker 02: When I said which of these two, I meant the two steps in that last thing of the claim where it says one and two, the process of submitting and the clearing. [00:24:53] Speaker 02: So I apologize for that ambiguity. [00:24:55] Speaker 02: But there are two other steps. [00:24:59] Speaker 02: And in the specification, [00:25:01] Speaker 02: If I just accept their argument to talk about malware generally, all of those things would happen in response to the threat. [00:25:08] Speaker 02: They're all part of the same thing. [00:25:10] Speaker 02: So a claim that tries to refer to a specific form of malware and a specific action taken with response to only one of those threats doesn't make any sense in light of the specification. [00:25:22] Speaker 02: So there's no description to one of ordinary skill in the art of what would be that triggering event. [00:25:29] Speaker 00: Do you have another argument besides that one? [00:25:31] Speaker 00: You have another argument besides that one. [00:25:34] Speaker 00: I mean, I think that some of your other arguments on indefiniteness are better than saying, I can't tell which phrase this is modifying. [00:25:43] Speaker 02: No, understood, Your Honor. [00:25:47] Speaker 02: You're talking about which phrase one, either one or two. [00:25:50] Speaker 00: That's what I understood you to be talking about. [00:25:53] Speaker 00: And you were also saying, it seems like this step would be in response to everything that's done in other parts of the claim, so you can't tell what it's modifying. [00:26:01] Speaker 00: I think that's what you're saying. [00:26:02] Speaker 00: And I guess I just was saying that, do you have another argument? [00:26:07] Speaker 00: Because that one, to me at least, isn't the real reason why there's indefiniteness here. [00:26:11] Speaker 02: No, the most direct reason why there's indefiniteness, and this goes back to the claim language. [00:26:18] Speaker 02: My understanding of the case is, yes, you read the claim language in light of the specification. [00:26:23] Speaker 02: You don't discard the claim language and say, I'm just going to go to the specification and rewrite it and figure out what it means. [00:26:30] Speaker 02: And here, the claim language is specific. [00:26:32] Speaker 02: And if we look at the last element, it says a process of one, submitting the keyed-in data to a designated entity through the API stack, while two, clearing confidential data from intercepted data at the zero ring level prior to a subsequent transmission, which does not contain said confidential data, in response to the software key logging through the API stack to an internet communication [00:26:58] Speaker 04: So let's say that I read in response to that it could be the one or two or both. [00:27:07] Speaker 04: But the fact that it's set out in the claim, would that make it, do we still have an indefinite issue? [00:27:15] Speaker 04: Yeah, we do have an indefinite issue. [00:27:16] Speaker 04: Because it's specifically telling you it's one or both. [00:27:19] Speaker 04: Here they are. [00:27:19] Speaker 04: This is in response to number one or two. [00:27:23] Speaker 04: And the arguments that I hear is that we have a problem [00:27:26] Speaker 04: here because it doesn't tell you which and both of them could apply or neither of them could apply. [00:27:39] Speaker 02: It doesn't make sense in response to language in light of the claim itself, right? [00:27:45] Speaker 02: Because when it says it's in response to it, it needs to be in response to something. [00:27:51] Speaker 02: There has to be some triggering event. [00:27:53] Speaker 04: It could be one or two. [00:27:55] Speaker 04: It could be threat or [00:27:57] Speaker 02: But that's not what the claim says, Your Honor. [00:27:58] Speaker 02: And the specification doesn't help us with that. [00:28:02] Speaker 04: And that's just not their argument either. [00:28:04] Speaker 02: It isn't their argument. [00:28:05] Speaker 02: And just to go back to the public notice function, the problem with that is the claim language does not say that. [00:28:12] Speaker 02: If there were a description in the specification that was very clear, then maybe we would have a different case. [00:28:18] Speaker 02: But the problem is we're left with somebody writing an ambiguous claim. [00:28:22] Speaker 02: And just to take Your Honor's example, that could go out there [00:28:26] Speaker 02: and now try to enforce the claim, seeing what people are doing and saying, well, what I really meant is one or two, or what I really meant was only one and not two, depending upon what that prior art is. [00:28:36] Speaker 02: And that's the problem with the public notice function with these cases, or excuse me, with these claims is that at the time when you're doing your bargain with the baton office, you've got to make your decision. [00:28:47] Speaker 02: You've got to make your decision of what the scope of your claim is. [00:28:50] Speaker 02: Write that in clearly so people of ordinary skill and the art are placed on notice. [00:28:55] Speaker 02: have some kind of ambiguous claim that's still ambiguous in light of the reading and the specification since they can't point to any language in the specification where that in response to is described. [00:29:06] Speaker 03: So if the specification said the invention here is encryption or some other software process that protects the data, [00:29:20] Speaker 03: and it's designed to deal, to act in response to threats of malware, then that might lead to the kind of interpretation that they're talking about. [00:29:35] Speaker 03: But you're saying that the specification isn't clear enough to lead to that interpretation. [00:29:40] Speaker 02: Correct, Your Honor. [00:29:41] Speaker 02: That may be a closer case. [00:29:43] Speaker 02: That isn't this case here. [00:29:45] Speaker 02: As I said, there are examples of things being done when malware is actually present and detected. [00:29:50] Speaker 02: And there are ones that are when it's not there. [00:29:53] Speaker 02: But in addition, we'd still have the problem of software key logging, setting aside the fact that there are different types, being a specific act. [00:30:07] Speaker 02: It's something that's out there. [00:30:08] Speaker 02: And in fact, the rest of the language implies that even more because it's [00:30:11] Speaker 02: through an API stack to an internet communication port. [00:30:14] Speaker 02: In other words, it's not a generic statement. [00:30:17] Speaker 02: If the intent was to say, I'm doing all of this in response to the threat of malware, that's a very easy thing to say, right? [00:30:25] Speaker 02: But to attempt to perhaps write a narrower claim, and I don't know what was in the minds of the patentee when they were in front of the patent office, and then come in and say, well, what I really meant is go head court and fix this. [00:30:42] Speaker 02: to say I was just referring to essentially what would be throw away language now and all this works in response to the threat of malware isn't consistent with the public notice function. [00:30:53] Speaker 04: So what's an API stack? [00:30:56] Speaker 02: The API stack would, that was, I think we had an agreed upon definition and I can get that specifically. [00:31:02] Speaker 04: There was an agreed, okay. [00:31:03] Speaker 02: Yeah, but it's, I mean basically it's the set of APIs that would be used for particular applications. [00:31:10] Speaker 02: most commonly be provided by the operating system, but not always necessarily provided by the operating system. [00:31:16] Speaker 00: So things like accepting keystrokes and basic functions? [00:31:20] Speaker 02: Yeah, correct. [00:31:21] Speaker 02: I mean, you can have those things. [00:31:23] Speaker 02: Oftentimes, something at that level, which would go to the hardware level, would actually be taking care of what I would call below the level of APIs, maybe at a more privileged access level. [00:31:35] Speaker 02: But it would be those types of things. [00:31:38] Speaker 00: Can you give a couple more examples for the court? [00:31:40] Speaker 02: Sure. [00:31:41] Speaker 02: An example of an API may be something to transfer information or get information from a particular form if we take the input from the application to take these particular fields so that I can encapsulate those things in packets and send those out. [00:31:58] Speaker 02: Things like that would be handled through APIs. [00:32:01] Speaker 02: Typically, it's a division when you have an API would be a division in the [00:32:06] Speaker 02: the programming so that the operating system, for example, and the underlying software may provide functionality. [00:32:13] Speaker 02: The application itself doesn't need to provide that same functionality to write all that code and repeat all that code. [00:32:19] Speaker 02: It can just make a call to the operating system and say, do this for me. [00:32:24] Speaker 02: So that's generally what we're talking about here. [00:32:28] Speaker 02: But again, on that particular point, if I go back to that language that I read in column four, [00:32:37] Speaker 02: The in response to language, the software key logging through the API stack to an internet communication port, that wouldn't be the only way that the software-based key logging works. [00:32:51] Speaker 02: That's why I say it's a very specific form that's in the claim. [00:32:55] Speaker 02: Because you see that in column four, that language I read at line 47, the present system detects attempts to place hooks by techniques such as modification of important tables [00:33:05] Speaker 02: or the insertion of inline hooks. [00:33:07] Speaker 02: So there can be other things, modifying the operating system tables and things like that, which again leads one of ordinary skill in the art to the point that what is written in this claim is very specific, isn't just a general statement about a threat. [00:33:23] Speaker 03: OK. [00:33:23] Speaker 03: Thank you, Mr. Nelson. [00:33:24] Speaker 02: Thank you, Your Honor. [00:33:28] Speaker 03: Mr. Gupta, you've got two minutes. [00:33:30] Speaker 01: Yes, Your Honor. [00:33:30] Speaker 01: I just want to cite two cases. [00:33:33] Speaker 01: I don't think this patent should be held to a higher standard. [00:33:36] Speaker 01: And this court has held many, including EDOS. [00:33:39] Speaker 01: EDOS, as Your Honor will recall, talked about a contact hole. [00:33:43] Speaker 01: And the debate was, does that mean a single contact hole or separate and distinct contact holes? [00:33:50] Speaker 01: And the court correctly found, based on the specification, that it meant something totally different than the common ordinary English meaning would have it. [00:34:01] Speaker 01: I can't say anything any better than you did, Judge Dyke. [00:34:05] Speaker 01: in your dissent and strike path, where you said, if I may, we must look to the specification as a single best guide to meaning of a disputed term, even in cases where language on its face appears to have a plain meaning. [00:34:19] Speaker 01: Because as Phillips states, the specification is always highly relevant to the claim constructed analysis. [00:34:25] Speaker 01: The only meaning that matters is the meaning in the context of the patent. [00:34:31] Speaker 01: And that's why the test is the posita. [00:34:35] Speaker 01: I don't have a lot of time to rebut every one of Mr. Nelson's citations. [00:34:40] Speaker 04: Let me, I think there are- Can you rebut his argument that the specification is inconsistent? [00:34:47] Speaker 01: It is not inconsistent. [00:34:48] Speaker 01: I think there were a lot of irrelevant citations to the specification, Your Honor, and they don't relate- Or irrelevant language, you mean, when it talks about detecting malware? [00:34:58] Speaker 01: Detecting malware in that context is not related to this limitation. [00:35:03] Speaker 01: Yes, the word detecting exists. [00:35:05] Speaker 01: but not in the context of in response to. [00:35:08] Speaker 00: You're saying that's maybe a separate embodiment? [00:35:11] Speaker 01: Totally separate. [00:35:11] Speaker 01: Totally separate, Your Honor. [00:35:13] Speaker 01: But there's no claims that do that, right? [00:35:17] Speaker 01: Claims 1 and 23 and 22 do not do that. [00:35:21] Speaker 03: But are there claims that do, that act in response? [00:35:25] Speaker 01: Not claims that are being asserted in this case, Your Honor. [00:35:28] Speaker 01: In the patent. [00:35:29] Speaker 01: In the patent. [00:35:30] Speaker 01: Are there any claims that operate in response? [00:35:32] Speaker 01: No, there are not. [00:35:33] Speaker 01: There are not. [00:35:35] Speaker 01: The relevant part, again, of the specification is where the specification specifically says it does not depend on detection or malware. [00:35:44] Speaker 01: It talks about threats. [00:35:45] Speaker 01: And so I guess the last point I may make, if I could, is Mr. Nelson's bogeyman of, OK, we could broaden this patent, apply it as we see fit, as we look at litigation possibilities. [00:36:00] Speaker 01: That's totally untrue. [00:36:02] Speaker 01: What we have here is a solid record. [00:36:05] Speaker 01: about what exactly this patent does and the delimitations of what the patent does. [00:36:10] Speaker 03: Okay. [00:36:10] Speaker 03: Thank you, Mr. Gupta. [00:36:11] Speaker 03: I thank both counsels. [00:36:12] Speaker 03: The case is submitted.