Tviim, LLC v. McAfee, Inc.

Full title: TVIIM, LLC, Plaintiff, v. MCAFEE, INC., Defendant.

Court: UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF CALIFORNIA

Date published: Jun 28, 2015

Case No. 13-cv-04545-HSG (N.D. Cal. Jun. 28, 2015)

Opinion

Case No. 13-cv-04545-HSG

06-28-2015

TVIIM, LLC, Plaintiff, v. MCAFEE, INC., Defendant.

HAYWOOD S. GILLIAM, JR. United States District Judge

ORDER GRANTING IN PART AND DENYING PLAINTIFF'S MOTION FOR PARTIAL SUMMARY JUDGMENT, DENYING DEFENDANT'S MOTION FOR SUMMARY JUDGMENT, AND CONSTRUING RELEVANT TERMS Re: Dkt. Nos. 112, 120

I. INTRODUCTION

This is a patent infringement action brought under 35 U.S.C. § 271(a). Plaintiff TVIIM's First Amended Complaint ("FAC") alleges that certain of Defendant McAfee's security software programs sold between 2007 and the present infringe United States Patent No. 6,889,168 (the " '168 Patent"). FAC ¶¶ 6, 11 (Dkt. No. 22). McAfee asserts counterclaims for non-infringement, invalidity, and inequitable conduct. Dkt. Nos. 24, 102.

Presently, the parties are before the Court on two motions: (1) TVIIM's motion for partial summary judgment as to (a) McAfee's Fifth Affirmative Defense and Third Counterclaim for inequitable conduct, and (b) McAfee's Second Affirmative Defense and Second Counterclaim for invalidity (Dkt. No. 112); and (2) McAfee's motion for summary judgment of invalidity of Claims 1-3, 7-9, 11-12, and 19-20 of the '168 Patent on anticipation grounds (Dkt. No. 120). In addition, the parties raise a dispute regarding the meaning of the term "vulnerability" as used in the '168 Patent's claims. Dkt. No. 120 at 5-6; Dkt. No. 125 at 10, 12-16.

Having read and considered the papers filed by the parties, and the arguments made at the May 13, 2015 hearing, the Court: (1) GRANTS in part and DENIES in part TVIIM's motion for partial summary judgment, (2) DENIES McAfee's motion for summary judgment in its entirety, and (3) construes the disputed claim term as set forth below.

II. CLAIM CONSTRUCTION

A. Construction of the Term "Vulnerability" is Required

As a threshold matter, McAfee contends that the plain and ordinary meaning of the term "vulnerability" should control and, as a result, the Court need not construe the term. Dkt. No. 120 at 5 ("No terms of the asserted claims require construction by the Court, and all should be given their plain and ordinary meaning."). While claim terms should ordinarily be given their plain and ordinary meaning, "[a] determination that a claim term needs no construction or has the plain and ordinary meaning may be inadequate when a term has more than one ordinary meaning or when reliance on a term's ordinary meaning does not resolve the parties' dispute." O2 Micro Int'l Ltd. v. Beyond Innovation Tech. Co., 521 F.3d 1351, 1361 (Fed. Cir. 2008) (internal citations and quotation marks omitted). "[E]ven if a claim term has a plain and ordinary meaning, the court should construe the term if construction is required to resolve a dispute about the scope of the asserted claims, which is a question of law to be decided by the Court." Takeda Pharm. Co. v. Handa Pharm., LLC, No. C-11-00840 JCS, 2012 WL 1243109, at *7 (N.D. Cal. Apr. 11, 2012); see also O2 Micro, 521 F.3d at 1361 ("In this case, the 'ordinary' meaning of a term does not resolve the parties' dispute, and claim construction requires the court to determine what claim scope is appropriate in the context of the patents-in-suit.").

The parties here dispute the scope of the term "vulnerability" as used in the '168 Patent claims. Both parties purport to propose an "ordinary meaning" construction of the term. Dkt. No. 125 at 12; Dkt. No. 138 at 2. TVIIM argues that "vulnerability" should be construed to mean "pre-existing security problem," defined as a "mistake" or "defect" in software. Dkt. No. 125 at 13, 16. In its reply brief, McAfee proposed that "vulnerability" should be construed to mean "any exploitable weakness in a computer system." Dkt. No. 138 at 2-3. But at oral argument, McAfee clarified that, in the alternative, it simply seeks a finding that the plain and ordinary meaning of "vulnerability" as used in the claims is not limited to "pre-existing security problems." Hr'g. Tr. at 8:6-12 ("And it's our belief that that narrowing is artificial and not supported by the intrinsic or the extrinsic evidence . . . . [F]rom our perspective, it would suffice for Your Honor to reject that narrowing and to hold that the plain and ordinary meaning is broader than the plaintiff suggests. We don't think a formal definition is required."). Because the parties fundamentally dispute the meaning and scope of the term "vulnerability" as used in the '168 Patent's claims, the Court finds that some degree of claim construction is required.

B. Claim Construction Legal Standard

Claim construction is a question of law to be determined by the Court. Markman v. Westview Instruments, Inc., 517 U.S. 370, 391 (1996). The purpose of claim construction is to "determin[e] the meaning and scope of the patent claims asserted to be infringed." O2 Micro, 521 F.3d at 1360 (internal quotation marks and citations omitted). Generally, claim terms should be given their ordinary and customary meaning—i.e., the meaning that the terms would have to a person of ordinary skill in the art at the time of the invention. Phillips v. AWH Corp., 415 F.3d 1303, 1312-13 (Fed. Cir. 2005). There are only two circumstances where a claim is not entitled to its plain and ordinary meaning: "1) when a patentee sets out a definition and acts as his own lexicographer, or 2) when the patentee disavows the full scope of a claim term either in the specification or during prosecution." Thorner v. Sony Computer Entm't Am. LLC, 669 F.3d 1362, 1365 (Fed. Cir. 2012).

When construing claim terms, the Federal Circuit emphasizes the importance of intrinsic evidence such as the language of the claims themselves, the specification, and the prosecution history. Phillips, 415 F.3d at 1312-17. The claim language can "provide substantial guidance as to the meaning of particular claim terms," both through the context in which the claim terms are used and by considering other claims in the same patent. Id. at 1314. The specification is likewise a crucial source of information. Although it is improper to read limitations from the specification into the claims, the specification is "the single best guide to the meaning of a disputed term." Id. at 1315 ("[T]he specification is always highly relevant to the claim construction analysis. Usually, it is dispositive.") (internal quotation marks omitted); see also Merck & Co. v. Teva Pharms. USA, Inc., 347 F.3d 1367, 1371 (Fed. Cir. 2003) ("[C]laims must be construed so as to be consistent with the specification.").

Despite the importance of intrinsic evidence, courts may also consider extrinsic evidence—technical dictionaries, learned treatises, expert and inventor testimony, and the like—to help construe the claims. Phillips, 415 F.3d at 1317-18. However, extrinsic evidence is "less significant than the intrinsic record in determining the legally operative meaning of claim language." Id. at 1317 (internal quotation marks omitted).

C. Construction of "Vulnerability"

The '168 Patent, titled "Method and Apparatus for Assessing the Security of a Computer System," describes a "method and apparatus for analyzing a computer system and identifying security vulnerabilities, and more specifically . . . a method and apparatus for performing a series of procedures which identify security vulnerabilities and discrepancies in the computer system and in some cases suggesting and implementing corrective measures." '168 Patent at 1:11-17. The term vulnerability is used over 30 times in the '168 Patent, including in independent claims 1 and 11, and dependent claims 7, 9, 12, and 13. For example, independent claim 1 describes a "security system comprising:"

at least one security module which under direction from the processor accesses and analyzes selected portions of the computer apparatus to identify vulnerabilities; [and]

at least one utility module which under the direction from the processor, performs various utility functions with regards to the computer apparatus in response to the identified vulnerabilities . . . .

'168 Patent at 10:65-11:8 (emphasis added).

Similarly, claim 7, which depends from claim 1, describes:

The security system of claim 1 wherein the security modules include at least one of:

a configuration/system module which performs an initial analysis of the computer system to acquire configuration information;

a directory checking module which analyzes directories and files in the system memory to determine if security critical files have been tampered with;

a user manager module which analyzes the system memory with regards to improper or invalid permissions given to users of the system for accessing particular files;

an integrity checking module which analyzes files in the system memory to identify system vulnerabilities;

a network checking module which analyzes the computer apparatus to identify
vulnerabilities created as a result of the computer apparatus connecting with a data network;

a password checking module which analyzes passwords for users of the computer apparatus to identify vulnerabilities.

Id. at 11:25-46 (emphasis added).

In support of its argument that "vulnerability" means "pre-existing security problem," TVIIM argues that "the specification expressly links 'vulnerability' with 'pre-existing security problems." Dkt. No. 125 at 15. The section of the specification cited by TVIIM concerns the "integrity check module." '168 Patent 5:46-49 ("The integrity check module searches for pre-existing security problems by cross-referencing against a vulnerability database which is stored in local memory.").

In response, McAfee points out that claim 7 describes other types of security modules beyond the integrity checking module that also identify "vulnerabilities," and argues that nothing in the intrinsic record suggests that the vulnerabilities identified by these other modules are limited to "pre-existing" vulnerabilities. For example, the "network checking module" described in claim 7 "analyzes the computer apparatus to identify vulnerabilities created as a result of the computer apparatus connecting with a data network." '168 Patent at 11:40-43. But the section of the specification discussing this module does not limit "vulnerability" to "pre-existing" vulnerabilities. Id. at 5:63-6:1 ("The network check module . . . performs various analysis to detect vulnerabilities which may occur due to a computer or server being connected to a network. The checks which may be performed include: checking vulnerable configuration files . . . ."). Similarly, the "password checking module" described in claim 7 "analyzes passwords for users of the computer apparatus to identify vulnerabilities," Id. at 11:44-46, but these "vulnerabilities," by definition, are the type that arise from the use of a computer, not from pre-existing flaws in its programming.

The Court agrees that the intrinsic evidence is dispositive, and does not support TVIIM's proposed construction. "Claim terms are presumed to be used consistently throughout the patent." Research Plastics, Inc. v. Fed Packaging Corp., 421 F.3d 1290, 1295 (Fed. Cir. 2005). Moreover, when a dependent claim describes "elements using the word 'the' or 'said,' it should be construed to refer back to elements already disclosed in the independent claim." Phase Four Indus., Inc. v. Marathon Coach, Inc., No. 04-CV-04801 JW, 2006 WL 3742216, at *6 (N.D. Cal. Dec. 19, 2006). Here, dependent claim 7 describes "[t]he security system of claim 1 wherein the security modules include at least one of" six specified types of modules. '168 Patent at 11:25-26 (emphasis added). Applying the above rule of construction, dependent claim 7 is construed to refer back to the "security system" described in claim 1. That security system describes "security modules" which "identify vulnerabilities." '168 Patent at 10:65-67, 11:1-3. Accordingly, each of the modules listed in claim 7 is a "security module," and because the intrinsic record does not limit the vulnerabilities identified by all of these modules to "pre-existing vulnerabilities," TVIIM's proposed limitation is unfounded. See AK Steel Corp. v. Soliac, 344 F.3d 1234, 1242 (Fed. Cir. 2003) ("[D]ependent claims are presumed to be of narrower scope than the independent claims from which they depend.").

The specification's description of locations where "vulnerabilities" can be found further undermines TVIIM's position. The specification discusses "vulnerabilities" that can be found or identified in "configurations" ('168 Patent at 3:42-44), user accounts (Id. at 5:8-11), the access privileges of files, the owner of the files, and the group of the files (Id. at 5:39-42). In particular, the specification describes detection of vulnerabilities that "may occur due to a computer or server being connected to a network." Id. at 5:63-6:1. Configurations, user accounts, access privileges, and vulnerabilities that "may occur" due to connection to a network all suggest that vulnerability is not limited to "pre-existing" security flaws or software defects. Instead, configuration errors, groups, file permissions and errors that could occur as a result of being connected to a network suggest that vulnerabilities can develop over time as a computer is used. TVIIM suggests that some configuration and permission errors can be pre-existing "in that they can exist by default in the software or arise from the installation of the software." Dkt. No. 126 at 14. Whether or not this could be true in theory, the fact remains that the patent specification, claim terms, and file history do not support the blanket limitation proposed in TVIIM's construction.

Accordingly, the Court concludes that "vulnerability" should be given its plain and ordinary meaning as understood by persons of ordinary skill in the art at the time of the invention. The Court further finds that this plain and ordinary meaning is not limited only to "pre-existing security problems." See Eon CorpIP Holdings LLC v. Aruba Networks Inc, 62 F. Supp. 3d 942, 953 (N.D. Cal. 2014) ("If the Court agrees with a party that a term needs no construction, the Court is holding as a matter of law that the limitations proposed by the other party do not inhere in the term, and the parties will not be able to argue for such a limitation to a jury.").

III. MOTIONS FOR SUMMARY JUDGMENT

A. Facts

1. HostGUARD, HostCHECK, and the '168 Patent

Each of the motions in this case involves three separate software security programs: "HostGUARD," "HostCHECK," and the invention claimed by the '168 Patent. It is undisputed that all three programs shared some of the same creators: Bruce Hartley, Eric Knight, and Kevin Reynolds. Mueller Decl. Ex 5 at 33:2-6, 85:1-3, 203:9-204:19 (8/5/14 Knight Dep.), Dkt. No. 120-9; Mueller Decl. Ex. 7 at 13:23-25, 14:4-8 (Hartley Dep.), Dkt. No. 120-11; Mueller Decl. Ex. 8 at 21:5-18, 65:25-66:7 (Reynolds Dep.), Dkt. No. 120-12. It is further undisputed that each is a computer security program that addresses "vulnerabilities" in some respect. The record shows that HostGUARD was developed first, then HostCHECK, and finally, the invention claimed by the '168 Patent. Nonetheless, the '168 Patent applicants did not present any evidence regarding HostGUARD to the patent examiner during the '168 Patent prosecution (though as shown below, they did disclose HostCHECK). What the parties dispute, and what the resolution of the issues in the case will turn upon, is whether the three programs address "vulnerabilities" in the same way such that the '168 Patent is invalid for either anticipation (by HostGUARD) or inequitable conduct (based on nondisclosure of HostGUARD to the PTO).

2. '168 Patent Prosecution History

TVIIM applied for the '168 Patent on April 12, 2001. '168 Patent. On October 28, 2003, the patent examiner rejected claims 1-20 for obviousness under 35 U.S.C. § 103, making the invention unpatentable over another invention called CyberCop Scanner that was created by McAfee (at that time known as "Network Associates"), as described in an article published by InfoWorld in February of 1999. Shaeffer Decl. Ex. 4 at 84902DOC011690-692 (" '168 Patent file history"), Dkt. Nos. 113-4 - 113-6.

In order avoid invalidity for obviousness, TVIIM first argued that the '168 Patent claimed priority to an earlier provisional patent application (the '270 Provisional Application) which had an effective date of June 15, 1998. Id. at 84902DOC011696-707. As part of TVIIM's priority argument to the PTO, it compared the elements of the '168 Patent to HostCHECK, which was described in the '270 Provisional Application. Id. In essence, TVIIM argued that because HostCHECK, as described in the '270 Provisional Application, taught the same elements as the '168 Patent claims, the '168 Patent was a continuation of the '270 Provisional Application. Id.

Despite these arguments, the patent examiner again rejected the '168 Patent, finding that CyberCop was available for use prior to TVIIM's newly claimed priority date, making the invention unpatentable for obviousness. Id. at 84902DOC11776-780 (finding that TVIIM's arguments had been "fully reviewed," but were unpersuasive in light of CyberCop's earlier priority date).

TVIIM again requested reconsideration from the PTO. Id. at 84902DOC11785-791. This time, instead of claiming an earlier priority date than CyberCop, TVIIM argued that CyberCop did not disclose the same features as those claimed in the '168 Patent, and as a result, CyberCop could not be considered prior art sufficient to render the '168 Patent "obvious" under 35 U.S.C. § 103. See id. Subsequently, on December 21, 2004, the PTO ended the patent prosecution and issued a notice of allowance for issuance, which ultimately resulted in the approval of the '168 Patent. Id. at 84902DOC011794. The PTO did not explain the basis for its conclusion that the '168 Patent application finally passed muster. Id. The '168 Patent issued on May 3, 2005. Id. at 84902DOC001428; '168 Patent.

B. McAfee's Motion for Summary Judgment for Invalidity Based on Anticipation

McAfee seeks a summary judgment of invalidity on claims 1-3, 7-9, 11-12, and 19-20 of the '168 Patent, arguing anticipation by the HostGUARD materials.

1. Legal Standard

Under the version of Section 102 applicable here, a patent is invalid for anticipation where "the invention was patented or described in a printed publication . . . more than one year prior to the date of the application for patent." 35 U.S.C. § 102 (2000).¹ Anticipation under § 102 is a two-step inquiry. Medichem, S.A. v. Rolabo, S.L, 353 F.3d 928, 933 (Fed. Cir. 2003). The first step is claim construction, which the Court has addressed above. The second step requires a comparison of the properly construed claims to the prior art. Id. A prior art reference is anticipatory if it discloses the substance of each element of the claimed invention, though the language need not be identical. In re Bond, 910 F.2d 831, 832-33 (Fed. Cir. 1990) (the elements need not satisfy "an ipsissimis verbis test" to be expressly anticipating). For a claim to be anticipated under § 102, and thus invalid, "each claim element must be disclosed, either expressly or inherently, in a single prior art reference, and the claimed arrangement or combination of those elements must also be disclosed, either expressly or inherently, in that same prior art reference." Therasense, Inc. v. Becton, Dickinson & Co, 593 F.3d 1325, 1332-33 (Fed. Cir. 2010). "[I]nherent anticipation requires that the missing descriptive material is necessarily present, not merely probably or possibly present, in the prior art." Trintec Indus., Inc. v. Top-U.S.A. Corp., 295 F.3d 1292, 1295 (Fed. Cir. 2002) (internal quotation marks omitted). Whether prior art anticipates the accused device is a question of fact. Orion IP, LLC v. Hyundai Motor Am., 605 F.3d 967, 974 (Fed. Cir. 2010).

1 35 U.S.C. § 102 was amended in May of 2015, but the version of the statute in effect at the time '168 Patent was being prosecuted applies here. See Patent Law Treaties Implementation Act of 2012, Pub. L. No. 112-211, § 203 (b) (2), 126 Stat. 1527, 1537.

Because patents are presumed valid, a party challenging the validity of a patent bears the burden of proving invalidity by clear and convincing evidence. 35 U.S.C. § 282(a); Ericsson, Inc. v. D-Link Systems, Inc., 773 F.3d 1201, 1224 (Fed. Cir. 2014). Whether a prior art reference "disclose[s] each and every element of the claimed invention" is largely a fact-dependent inquiry. In re Gleave, 560 F.3d 1331, 1334 (Fed. Cir. 2009). "Summary judgment is proper if no reasonable jury could find that the patent is not anticipated" based on the undisputed facts. Telemac Cellular Corp. v. Topp Telecom, Inc., 247 F.3d 1316, 1327 (Fed. Cir. 2001) (internal citation omitted); Oney v. Ratliff, 182 F.3d 893, 895 (Fed. Cir. 1999) ("[S]ummary judgment is inappropriate if a trier of fact applying the clear and convincing standard could find for either party."). Therefore, in evaluating whether McAfee is entitled to summary judgment for anticipation, the Court, viewing the evidence in the light most favorable to TVIIM, must decide whether any reasonable jury would have to find that every element of the '168 Patent was disclosed by the HostGUARD materials.

2. Discussion

According to McAfee, the HostCHECK materials, which TVIIM relied upon in obtaining the priority date for the '168 Patent, describe the "same or similar" functionality as HostGUARD materials. Dkt. No. 120 at 2. McAfee argues that because the HostGUARD materials disclose the claim limitations of the '168 Patent "in precisely the same way" that the '168 Patent applicants argued the HostCHECK materials disclose the '168 Patent claim limitations, the HostGUARD materials necessarily anticipate, and therefore invalidate, the '168 Patent. Id. at 1-2; see also '168 Patent File History at 84902DOC011696-1707 (Response to PTO citing HostCHECK Materials); '168 Patent File History at 84902DOC011708-732 (HostCHECK Materials). In support of this contention, McAfee compares the relevant language from a HostGUARD brochure (Mueller Decl. Ex. 10) and website (Mueller Decl. Ex. 9) to (1) the HostCHECK Materials that were provided to the patent examiner and (2) the '168 Patent's claim limitations. App'x A: Claim Chart (Dkt. No. 121).

TVIIM argues that the HostGUARD materials do not anticipate the asserted claims for five reasons. See Dkt. No. 125 at 18. Because there are disputed issues of material fact as to whether the HostGUARD materials constitute invalidating prior art and disclose every element of the '168 Patent, the Court denies the motion for summary judgment on that basis, and does not address TVIIM's other arguments.

a. There are Material Issues of Fact as to Whether the HostGUARD Materials are Invalidating Prior Art

TVIIM advances two main arguments as to why the HostGUARD materials cannot be considered invalidating prior art: (1) the materials were not sufficiently publically accessible to be considered invalidating, and (2) the materials were not "enabled."²

2 TVIIM also argues that because the HostGUARD brochure was not disclosed in McAfee's original infringement contentions, it may not be relied upon as prior art under Patent Local Rule 3-3(a). Dkt. No. 125 at 20. The Court disagrees. The purpose of the patent local rule is to disclose invalidity theories and provide all parties with adequate notice of the information necessary to prepare the case. The Court finds that TVIIM has had ample notice and time to prepare its defenses. Additionally, TVIIM does not claim any prejudice resulting from the exclusion of these materials from the contentions.

Starting with the first argument, to be invalidating, prior art must have described the patented invention in a printed publication that was publically accessible more than a year before the patent issued. See 35 U.S.C. § 102 (2000). The determination of whether a particular printed publication was "publically accessible" depends on a satisfactory factual showing that such a document has been "disseminated or otherwise made available to the extent that persons interested and ordinarily skilled in the subject matter or art[,] exercising reasonable diligence, can locate it." Sri International, Inc. v. Internet Security Systems, Inc., 511 F.3d 1186, 1194-95 (Fed. Cir. 2008) (internal citations and quotation marks omitted) (vacating and remanding summary judgment of invalidity based on prior art where the "court perceive[d] factual issues" regarding whether a particular publication was "publically accessible" which "prevente[d] entry of summary judgment").

The evidence in the record that the HostGUARD brochure was disseminated at a trade show in 1996 is derived from deposition testimony of one of HostGUARD's creators, Bruce Hartley. Mueller Decl. Ex. 6 at 176:15-177:11, 212:20-213:10 (Hartley Dep.) (acknowledging that the brochure was created for and publicly disseminated at a trade show); Ex. 10 (HostGUARD Brochure); Ex. 11 (article describing HostGUARD at the "23^rd Annual Computer Security Conference" in Chicago from 11/10-11/12/1996). However, whether Hartley's deposition testimony and the rest of the record establish by clear and convincing evidence that the HostGUARD brochure was presented at the trade show in a manner that made it "publically accessible" is a disputed issue of fact that cannot be resolved at summary judgment.

Next, TVIIM claims that both the HostGUARD brochure and website were not sufficiently enabled to constitute anticipating "prior art." Dkt. No. 125 at 24 (citing Amgen Inc. v. Hoechst Marion Roussel, Inc., 314 F.3d 1313, 1354 (Fed. Cir. 2003)) ("A prior art reference cannot anticipate a claimed invention if the allegedly anticipatory disclosures cited as prior art are not enabled."). In order to be enabling, a prior art reference must describe "the claimed invention sufficiently to enable a person of ordinary skill in the art to carry out the invention." Impax Labs., Inc. v. Aventis Pharm. Inc., 468 F.3d 1366, 1383 (Fed. Cir. 2006). The only evidence in the record bearing directly on the enablement issue is Bruce Hartley's testimony that the HostGUARD brochure is "very high level" and "does not contain much content." Grant Decl. Ex. 14 at 178:2-15 (Hartley Dep.), Dkt. No. 127-16. Hartley otherwise expressed no opinion as to whether the HostGUARD brochure would be sufficient to allow a person of ordinary skill in the art to carry out the invention. Based on the sparse evidence presented on this issue, the Court cannot conclude that the descriptions in the HostGUARD materials (the brochure or the website) are enabled and therefore anticipate the '168 patent claims as a matter of law.

b. There are Material Issues of Fact as to Whether the HostGUARD Materials Sufficiently Disclose Each Element of the '168 Patent

TVIIM also argues that the HostGUARD materials cannot have anticipated the '168 Patent claims because they do not take any action with respect to vulnerabilities. Whether the HostGUARD materials disclose specified actions taken in response to vulnerabilities is a factual question. The crux of the issue here is whether the HostGUARD materials, which describe modules that identify vulnerabilities and "allow corrective measures to be taken with the tool," necessarily teach the same claims as the '168 Patent does. According to TVIIM, HostGUARD merely identifies and reports "potential" vulnerabilities, whereas the '168 Patent teaches an invention that takes actions in response to identified "actual" vulnerabilities. Dkt. No. 125 at 23. Without the ability to act on "actual," instead of "potential" vulnerabilities, TVIIM argues, HostGUARD cannot be said to anticipate each and every element of the '168 Patent claims.

The great weight of the evidence in the record regarding what the inventions teach (corrective measures focused on "actual" versus "potential" vulnerabilities, the ability to take corrective measures as part of a utility function, and the necessity of the presence of a "utility module") comes from expert reports and deposition testimony. Credibility disputes regarding deposition testimony, expert opinions and witness statements cannot be decided by the Court as a matter of law at summary judgment. At the summary judgment stage, the Court "does not assess credibility or weigh the evidence, but simply determines whether there is a genuine factual issue for trial." House v. Bell, 547 U.S. 518, 559-60, (2006). On this record, the Court cannot conclude that any reasonable jury would have to find that the '168 Patent is anticipated by the HostGUARD materials.

For the foregoing reasons, McAfee's Motion for Summary Judgment of Invalidity is DENIED.

C. TVIIM's Motion for Partial Summary Judgment

1. Inequitable Conduct - Legal Standard

TVIIM moves for partial summary judgment on McAfee's Fifth Affirmative Defense and Third Counterclaim, both of which allege inequitable conduct. "Inequitable conduct is an equitable defense to patent infringement that, if proved, bars enforcement of a patent." Therasense, 649 F.3d at 1285. "To prevail on the defense of inequitable conduct, the accused infringer must prove that the applicant misrepresented or omitted material information with the specific intent to deceive the PTO" by "clear and convincing evidence." Id. at 1287. Intent and materiality are separate requirements. Hoffmann-La Roche, Inc. v. Promega Corp., 323 F.3d 1354, 1359 (Fed. Cir. 2003). Both intent and materiality are questions of fact. 1st Media, LLC v. Elec. Arts, Inc., 694 F.3d 1367, 1372 (Fed. Cir. 2012).

To meet the clear and convincing evidence standard, the accused's specific intent to deceive must be "the single most reasonable inference able to be drawn from the evidence." Star Scientific Inc. v. R.J. Reynolds Tobacco Co., 537 F.3d 1357, 1366 (Fed. Cir. 2008). Because evidence of direct intent is rare, intent may be inferred from indirect and circumstantial evidence. Therasense, 649 F.3d at 1290. Where there are multiple reasonable inferences that may be drawn from the accused's conduct, intent to deceive cannot be found. Id.

To prevail on its partial motion for summary judgment, TVIIM has the burden of establishing the absence of evidence supporting an essential element of McAfee's case. Celotex Corp. v. Catrett, 477 U.S. 317, 325 (1996); Optium Corp. v. Emcore Corp., 603 F.3d 1313, 1319-20 (Fed. Cir. 2010). That is, if the Court finds that genuine issues of material facts exist regarding either the materiality of the omitted information or the specific intent of the '168 Patent applicants, summary judgment must be denied. See Ohio Willow Wood Co. v. Alps S., LLC, 735 F.3d 1333, 1345, 1351-1352 (Fed. Cir. 2013) (finding that summary judgment of no inequitable conduct was precluded where genuine issues of material facts existed as to the but-for materiality of the withheld information and the intent of the patent applicants).

2. Discussion

McAfee alleges that TVIIM engaged in inequitable conduct in violation of 37 C.F.R. § 1.56 by failing to present evidence of HostGUARD and another software program called System Security Scanner ("SSS") to the patent examiner during the prosecution of the '168 Patent. Dkt. No. 102 ¶ 16. McAfee asserts that each of these software programs constitutes "prior art" to the '168 Patent which would have prevented the '168 Patent from issuing had it been presented to the patent examiner.

TVIIM responds that neither SSS nor HostGUARD was invalidating prior art, and thus both are immaterial in the inequitable conduct inquiry. TVIIM contends, as it did in its defense to McAfee's anticipation argument, that these programs merely identify vulnerabilities, but do not take any action in response to identified vulnerabilities, which it claims distinguishes them from the invention described in the '168 Patent. Dkt. 112 at 8-9. Additionally, TVIIM argues that both the SSS and HostGUARD software materials were duplicative of materials that the patent examiner considered such as Enterprise Security Manager ("ESM") and Titan, both security programs that detect or 'fix' "potential security problems." Dkt. No. 112 at 8; Shaeffer Decl. Ex. 4 at 612-13, 628 (ESM and Titan materials in the '168 Patent file history).

Whether these programs constitute invalidating prior art, and whether information about them would have been material to the patent examiner, are heavily-contested issues of fact in this case, making their resolution on summary judgment inappropriate.

TVIIM's arguments for summary judgment on the specific intent issue also fail. Regarding SSS, TVIIM argues that McAfee cannot show the specific intent required to prove inequitable conduct because McAfee has not proffered any evidence tending to show that "[the '168 Patent] inventors knew about SSS and HostGUARD . . . and deliberately withheld them from the [PTO]." Dkt. No. 112 at 13. The evidence in the record paints a different picture. The record supports an inference that during the prosecution of the '168 Patent, the applicants selectively submitted documents that compared HostCHECK's performance in scanning for vulnerabilities with that of SSS. '168 Patent file history at 84902DOC011717, 84902DOC11719, and 84902DOC011720. Additionally, Bruce Hartley testified that DMW Worldwide, LLC, the company that created HostCHECK and Hartley's former employer, must have had a copy of SSS or technical documents about it in order to produce the documents submitted to the PTO during the '270 Provisional Application process (where materials comparing HostCHECK to SSS were first submitted to the PTO). Mueller Decl. Ex. 3 at 159:1-3, 159:20-160:4.

With respect to HostGUARD, at least three of the named inventors on the '168 Patent, (Bruce Hartley, Eric Knight, and Kevin Reynolds) helped develop HostGUARD. Id. at 12:15-17; Mueller Decl. Ex 5 at 33:2-8, 85:1-3; Ex. 8 at 21:5-18, 65:25-66:7. Though not dispositive, McAfee has presented at least some evidence suggesting that the HostGUARD materials disclose some of the same functions claimed in the '168 Patent. It strains credulity to believe that Hartley, Knight, and Reynolds did not know about HostGUARD or its functionality. Given the arguable similarities between HostCHECK and HostGUARD, a reasonable jury could conclude that TVIIM's failure to present the PTO with evidence of HostGUARD provided a "misleadingly incomplete" description of prior art that can be considered evidence of deceptive intent to mislead the PTO. Apotx Inc. v. UCB, Inc., 763 F.3d 1354, 1362 (Fed. Cir. 2012); see also Worldwide Home Products, Inc. v. Bed, Bath & Beyond, Inc., No. 11CV3633-LTS-MHD, 2015 WL 568710, at *10 (S.D.N.Y. Feb. 11, 2015) ("Selectively withholding material information is indicative of an intent to deceive for the purposes of inequitable conduct.").

Drawing all inferences in favor of McAfee, a reasonable jury could find, based on the evidence in the record at this stage, that the '168 Patent applicants acted with specific intent to deceive the PTO.

For all of these reasons, the Court DENIES TVIIM's motion for summary judgment as to McAfee's inequitable conduct defense and counterclaim (Fifth Affirmative Defense and Third Counterclaim).

D. Indefiniteness

TVIIM also moves for summary judgment on McAfee's invalidity counterclaim and defenses pursuant to 35 U.S.C. § 112 for indefiniteness.³ In its opposition, McAfee contends that "to the extent that" claim 1 of the '168 Patent is an apparatus claim which requires actions to be performed, claim 1 and its dependent claims (2, 3, 7, and 8) are invalid for indefiniteness. Dkt. No. 129 at 16.

3 In its first amended answer and counterclaim to TVIIM's first amended complaint (Dkt. No. 102), McAfee presented invalidity counterclaims under 35 U.S.C. §§ 101 and 112. McAfee has since withdrawn those contentions with the exception of its indefiniteness claims. McAfee Reply at 16 (Dkt. No. 129). The Court accordingly DISMISSES the remaining invalidity counterclaims.

The definiteness requirement of 35 U.S.C. § 112 requires that "a patent claim must particularly point[ ] out and distinctly claim[ ] the subject matter which the inventor . . . regards as the invention." 35 U.S.C. § 112 (b). "Whether a claim satisfies the so-called definiteness requirement of Section 112 [b] is a matter of law and is therefore appropriately decided at summary judgment." Apple, Inc. v. Samsung Electronics Co., 876 F. Supp. 2d 1141, 1153 (N.D. Cal. 2012). Proof of indefiniteness must meet "an exacting standard." Haemonetics Corp. v. Baxter Healthcare Corp., 607 F.3d 776, 783 (Fed. Cir. 2010). "Only claims not amenable to construction or insolubly ambiguous are indefinite." Id.

A claim may be invalid for indefiniteness where it recites both an apparatus claim and a method for using that apparatus. IPXL Holdings, L.L.C. v. Amazon.com, Inc., 430 F.3d 1377, 1384 (Fed. Cir. 2005); 35 U.S.C. § 112. However, "apparatus claims are not necessarily indefinite for using functional language." Microprocessor Enhancement Corp. v. Texas Instruments Inc., 520 F.3d 1367, 1375 (Fed. Cir. 2008). Functional language is that which defines an apparatus "by what it does rather than what it is." Halliburton Energy Servs., Inc. v. M-I LLC, 514 F.3d 1244, 1255 (Fed. Cir. 2008) (holding that a claim term that discussed the ability of an invention was not indefinite). Language that identifies "capabilities of the claimed apparatus" when a user performs a predicate act is not considered indefinite under § 112. See Apple, 876 F. Supp. 2d 1141.

McAfee contends that claim 1 is indefinite because in its invalidity contentions, TVIIM "appear[ed] to assert that claim 1 requires the action of actually performing a utility function." Dkt. No. 129 at 17. This argument is meritless. Claim 1 describes:

A security system for a computer apparatus, wherein said computer apparatus includes a processor and system memory comprising:

at least one security module which under direction from the processor accesses and analyzes selected portions of the computer apparatus to identify vulnerabilities;

at least one utility module which under the direction from the processor, performs various utility functions with regards to the computer apparatus in response to the identified vulnerabilities; and

a security system memory which contains security information for performing the analysis of the computer apparatus.

'168 Patent at 10:65-11:10 (emphasis added).

The plain language of claim 1 makes clear that the phrase "performs various utility functions" is functional language that describes what the "utility module" does. Unlike the claim at issue in IXPL, nothing in claim 1 describes action by a "user." McAfee has failed to show the existence of any genuine issue of material fact with regard to this issue as required by Celotex. Accordingly, TVIIM is entitled to summary judgment on McAfee's indefiniteness claims as a matter of law.

IV. CONCLUSION

For the foregoing reasons:

1. McAfee's Motion for Summary Judgment for Invalidity for anticipation is DENIED in its entirety.

2. TVIIM's Motion for Partial Summary Judgment is GRANTED with respect to McAfee's claims and defenses for indefiniteness under 35 U.S.C. § 101 and 35
U.S.C. § 112 (Second Affirmative Defense and Second Counterclaim).⁴

3. TVIIM's Motion for Partial Summary Judgment is DENIED with respect to McAfee's claims and defenses for inequitable conduct (Fifth Affirmative Defense and Third Counterclaim).

4. The term "vulnerability" shall have its plain and ordinary meaning, and is not limited in scope to "pre-existing" security problems or vulnerabilities.

4 In conjunction with its motion for summary judgment, TVIIM objected to and moved the court to strike the declaration of Aviel Rubin filed in support of McAfee's motion for summary judgement. (Dkt. No. 126). Because the Court did not rely on the Rubin declaration, the motion to strike is DENIED as moot. See Ross v. Indep. Living Res. of Contra Costa Cnty., No. C08-00854 TEH, 2010 WL 2898773, at *2, n.1 (N.D. Cal. July 21, 2010) (denying evidentiary objections as moot because the court did not rely on the evidence to which the objections were lodged). --------

IT IS SO ORDERED. Dated: June 28, 2015

/s/_________

HAYWOOD S. GILLIAM, JR.

United States District Judge