Case 3:17-cv-05659-WHA Document 491 Filed 05/29/19 Page 1 of 19
`
`IN THE UNITED STATES DISTRICT COURT
`
`FOR THE NORTHERN DISTRICT OF CALIFORNIA
`
`FINJAN, INC.,
`Plaintiff,
`
` v.
`JUNIPER NETWORKS, INC.,
`Defendant.
` /
`
`No. C 17-05659 WHA
`
`ORDER ON SECOND ROUND
`OF EARLY MOTIONS FOR
`SUMMARY JUDGMENT AND
`MOTION TO STRIKE AND
`ORDER TO SHOW CAUSE
`
`INTRODUCTION
`In this patent infringement action, each side moves for summary judgment on one
`asserted claim. For the reasons stated below, the patent owner’s motion for summary judgment
`of infringement is DENIED. The accused infringer’s motion for summary judgment of non-
`infringement and on damages is GRANTED to the extent stated below and motion to strike is
`DENIED AS MOOT. The parties are ORDERED TO SHOW CAUSE as to why judgment on the
`patent owner’s motion should not be entered in favor of the accused infringer.
`STATEMENT
`Plaintiff Finjan, Inc. alleges that defendant Juniper Networks, Inc.’s products infringe
`its patents, including, inter alia, United States Patent Nos. 8,141,154 (“the ’154 patent”) and
`6,804,780 (“the ’780 patent”). These patents broadly relate to computer malware protection.
`Pursuant to the second round of early motions for summary judgment, Finjan moves on
`infringement of Claim 1 of the ’154 patent and Juniper moves on non-infringement of Claim 9
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`26
`27
`28
`
`For the Northern District of California
`
`United States District Court
`
`

`

`Case 3:17-cv-05659-WHA Document 491 Filed 05/29/19 Page 2 of 19
`
`of the ’780 patent and limitation of damages (Dkt. Nos. 369, 371). Juniper also moves to strike
`certain infringement theories related to the ’154 patent (Dkt. No. 391).
`THE ’154 PATENT.
`1.
`The ’154 patent is directed toward a system and method “for protecting a client
`computer from dynamically generated malicious content” and statically generated conventional
`viruses (’154 patent at Abstract). The specification explains that “a newer type of virus” —
`namely, “dynamically generated viruses” that are “generated only at run-time” — “take
`advantage of features of dynamic HTML generation, such as executable code or scripts that are
`embedded within HTML pages” (id. at 3:32–38).
`The specification recounts the disadvantages of “conventional reactive content
`inspection and conventional gateway level behavioral analysis content inspection” and
`“desktop anti-virus protection” (id. at 3:65–4:8, 4:18–22). According to the patent,
`conventional gateway level behavior analysis content inspection cannot detect the new type of
`virus (id. at 3:65–4:1). For example, a content inspector “will only detect the presence of a call
`to Document.write( ) with input text [which may involve malicious JavaScript not present in
`the content prior to runtime] that is yet unknown” (id. at 4:1–4). And, desktop anti-virus
`protection must expose its vulnerabilities to hackers, among other disadvantages (id. at
`4:18–21). The specification then announces that “there is a need for a new form of behavioral
`analysis, which can shield computers from dynamically generated malicious code without
`running on the computer itself that is being shielded” (id. at 4:23–26). To that end, the ’154
`patent uses a “security computer” to inspect potentially malicious code (id. at 4:35).
`The basic set up of the ’154 patent’s purported invention involves “[t]hree major
`components”: (1) gateway computer, (2) client computer, and (3) security computer (id. at
`8:45–46). The “present invention operates through a security computer that is preferably
`remote from a client computer that is being shielded while processing network content” (id. at
`4:35–37). A preferred embodiment describes a gateway computer that intercepts content (e.g.,
`HTML pages, Java applets) being sent to the client computer for processing (id. at 8:48–51).
`The gateway computer modifies the content by replacing the call to the original function with a
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`26
`27
`28
`
`2
`
`For the Northern District of California
`
`United States District Court
`
`

`

`Case 3:17-cv-05659-WHA Document 491 Filed 05/29/19 Page 3 of 19
`
`corresponding call to a substitute function, which operates to send the input of the original
`function to a security computer for inspection (id. at 5:10–12). The gateway computer then
`transmits “the modified content” to the client computer, which processes the modified content
`(id. at 5:14–16). When the substitute function is invoked, the client computer transmits the
`input to the security computer for inspection (id. at 5:16–18). The security computer then
`inspects the input and transmits “an indicator of whether it is safe for the client computer to
`invoke the original function with the input” (id. at 5:20–22). The client computer invokes the
`original function “only if the indicator . . . indicates that such invocation is safe” (id. at
`5:22–25). Figure 2 illustrates a “simple topology” of this set up (id. at 8:41–44, 62):
`
`THE ’780 PATENT.
`2.
`A prior order has described in detail the ’780 patent’s purported invention (Dkt. No.
`180). The ’780 patent describes generation of an ID for a downloadable (“Downloadable ID”)
`
`3
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`26
`27
`28
`
`For the Northern District of California
`
`United States District Court
`
`

`

`Case 3:17-cv-05659-WHA Document 491 Filed 05/29/19 Page 4 of 19
`
`in order to match it against previously encountered suspect downloadables. This saves the
`malware-protection system from going through an intensive analysis every time that
`downloadable attempts to enter the user’s system. The patent discloses an ID generator that
`generates a Downloadable ID by fetching components called out by the incoming file, then
`running a hash function across the combined code.
`3.
`THE ACCUSED PRODUCTS.
`A.
`SRX Gateways.
`Juniper’s SRX Series Gateways (“SRX”) are secure routers that can act as firewalls to
`protect a computer on a network from receiving malicious content. Once SRX receives
`content sent from a network such as the Internet, it blocks data already recognized as
`malicious. If SRX does not recognize the content, it will then send it to the cloud-based Sky
`Advanced Threat Prevention (“Sky ATP”) for analysis.
`B.
`Sky ATP.
`Sky ATP, sold as an add-on to SRX, is a cloud-based scanning system that inspects
`content with its “Malware Analysis Pipeline” to determine the threat level posed by a
`“Downloadable.” The Malware Analysis Pipeline scans an unrecognized Downloadable using
`static and dynamic analysis. Static analysis involves evaluating the Downloadable’s contents
`without actually running it. Dynamic analysis evaluates the Downloadable’s contents by
`executing and observing the file in a safe environment called the “sandbox.” The multi-stage
`pipeline analysis identifies easily detected malware first (through static analysis), then analyzes
`progressively harder-to-detect malware process through the pipeline (ending with dynamic
`analysis). This pipeline renders a “verdict,” i.e., how dangerous the file is.
`C.
`ATP Appliance.
`Advanced Threat Prevention Appliance (“ATP Appliance”) — a product previously
`sold by Cyphort (which Juniper acquired in 2017) — operates in a manner similar to Sky ATP.
`Instead of a cloud-based service, however, ATP Appliance is a local network appliance that
`includes “collectors” that capture information regarding network traffic by copying files being
`downloaded from the network such as the Internet. The ATP Appliance hashes a copy of a file
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`26
`27
`28
`
`4
`
`For the Northern District of California
`
`United States District Court
`
`

`

`Case 3:17-cv-05659-WHA Document 491 Filed 05/29/19 Page 5 of 19
`
`being downloaded over the network to determine whether the file has already been analyzed.
`If the file is not recognized, then it is sent to ATP Appliance’s “SmartCore,” which performs a
`multi-stage analysis (including static and dynamic analysis). The results of the analysis are
`then sent to the system administrator for future reference.
`* * *
`Finjan now accuses the following products of infringing Claim 1 of the ’154 patent: (1)
`SRX; (2) Sky ATP; and (3) the Advanced Threat Prevention Appliance (“ATP Appliance”)
`(Dkt. No. 369 at 1). Finjan asserts that these products infringe Claim 1 “because they analyze
`content received over a network using a security computer for advanced analysis” (Dkt. No.
`369 at 2). Juniper opposes, arguing that under its proposed constructions of the terms “content
`processors” and “safe,” the accused products do not infringe Claim 1 (Dkt. No. 390 at 13).
`Juniper also moves for non-infringement of Claim 9 of the ’780 Patent (Dkt. No. 371).
`Juniper further moves on the issue of damages — that is, because Finjan allegedly failed to
`provide notice of Juniper’s (supposed) infringement of the ’780 patent, Finjan is not entitled to
`any damages. Finjan opposes the motion in connection with ATP Appliance only (see Dkt.
`No. 393 at 1–2). This order follows full briefing and oral argument.
`ANALYSIS
`Summary judgment is proper when there is no genuine dispute of material fact and the
`moving party is entitled to judgment as a matter of law. FRCP 56(a). A genuine dispute of
`material fact is one that “might affect the outcome of the suit under the governing law.”
`Anderson v. Liberty Lobby, Inc., 477 U.S. 242, 247–48 (1986). In deciding a motion for
`summary judgment, the court must accept the non-movant’s non-conclusory evidence and
`draw all justifiable inferences in its favor. Id. at 255.
`1.
`FINJAN’S MOTION ON CLAIM 1 OF THE ’154 PATENT.
`Claim 1 of the ’154 patent reads as follows (’154 patent at 17:32–44):
`1.
`A system for protecting a computer from dynamically generated
`malicious content, comprising:
`a content processor (i) for processing content received
`over a network, the content including a call to a first
`function, and the call including an input, and (ii) for
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`26
`27
`28
`
`5
`
`For the Northern District of California
`
`United States District Court
`
`

`

`Case 3:17-cv-05659-WHA Document 491 Filed 05/29/19 Page 6 of 19
`
`invoking a second function with the input, only if a
`security computer indicates that such invocation is safe;
`a transmitter for transmitting the input to the security
`computer for inspection, when the first function is
`invoked; and
`receiver for receiving an indicator from the security
`computer whether it is safe to invoke the second function
`with the input.
`The contested terms are italicized. Juniper argues that its accused products do not infringe
`Claim 1 because (1) they do not include the claimed “content processor,” and (2) they do not
`indicate whether invoking the second function is “safe” (Dkt. No. 390 at 13, 20–23). This
`order therefore must first construe the disputed terms to determine the scope of Claim 1 before
`determining whether Claim 1 reads onto Juniper’s accused products.
`Claim terms “are generally given their ordinary and customary meaning,” i.e., “the
`meaning that the term would have to a person of ordinary skill in the art in question at the time
`of the invention.” Phillips v. AWH Corp., 415 F.3d 1303, 1312–13 (Fed. Cir. 2005) (en banc).
`To properly construe a claim, a court must examine the claim, the rest of the specification, and,
`if in evidence, the prosecution history. Amgen Inc. v. Hoechst Marion Roussel, Inc., 314 F.3d
`1313, 1324 (Fed. Cir. 2003).
`Here, the parties dispute the following terms in connection with the instant motion
`(Dkt. No. 390 at 5–6):
`
`CLAIM TERM
`Safe
`
`Content processor
`
`JUNIPER
`Security profile does not
`violate the client computer’s
`security policy
`Plain and ordinary meaning
`(a processor on a client/user
`computer that processes
`modified content)
`Because this order finds construction of “content processor” as dispositive, it need not
`reach construction of any other term.
`
`FINJAN
`Something that is not
`potentially harmful or
`malicious
`Plain and ordinary meaning
`(a component that processes
`content)
`
`6
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`26
`27
`28
`
`For the Northern District of California
`
`United States District Court
`
`

`

`Case 3:17-cv-05659-WHA Document 491 Filed 05/29/19 Page 7 of 19
`
`“Content Processor.”
`A.
`Both parties assert that they propose the “plain and ordinary meaning” of the term
`“content processor.” Of course, both parties disagree as to what the plain and ordinary
`meaning of the term actually entails. Juniper argues that a person of ordinary skill in the art
`would understand the term — particularly in light of the specification and file history — as “a
`processor on a client/user computer that processes modified content.” It further argues that
`Finjan’s proposed construction “is redundant and disregards the patent’s express description of
`the ‘present invention’ ” (id. at 7).
`A court may not impose improper limitations from the specification into the claims.
`Phillips, 415 F.3d at 1323. That being said, the specification is “the single best guide to the
`meaning of a disputed term” and “[u]sually, it is dispositive.” Id. at 1315 (citation and
`quotations omitted). This order concludes that a person of ordinary skill in the art would
`understand that the “content processor” in Claim 1 processes modified content.
`That the “content” being processed in Claim 1 has been modified is made evident by
`the claim language and specification. The United States Court of Appeals for the Federal
`Circuit has explained that the ’154 patent “has four independent claims (1, 4, 6, and 10), each
`reciting a system or software program that executes a substitute function. . . . In the language
`of the ’154 patent, the ‘first function’ is the inspection step in which the content is assessed for
`safety, and the ‘second function’ is when, having been deemed safe, the content is actually
`run.” Palo Alto Networks, Inc. v. Finjan, Inc., 752 F. App’x 1017, 1018 (Fed. Cir. 2018); see
`also Finjan, Inc. v. Cisco Systems, Inc., 2018 WL 3537142, at *20–23 (N.D. Cal. July 23,
`2018) (Judge Beth Labson Freeman) (construing the terms “first function” to mean “substitute
`function” and “second function” as “original function, which is different than the first
`function”). The claimed “first function” then clearly involves the “substitute function,” which
`sends the content’s input to the security computer for inspection once invoked. According to
`the specification, the substitute function exists only after the original content is modified at the
`gateway computer (see, e.g., ’154 patent at 9:13–28). Accordingly, the claimed “content”
`necessarily refers to modified content.
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`26
`27
`28
`
`7
`
`For the Northern District of California
`
`United States District Court
`
`

`

`Case 3:17-cv-05659-WHA Document 491 Filed 05/29/19 Page 8 of 19
`
`This reading is made all the more apparent by the ’154 patent’s own description of the
`“present invention” (’154 patent at 4:55–60):
`To enable the client computer to pass function inputs to the
`security computer and suspend processing of content pending
`replies from the security computer, the present invention operates
`by replacing original function calls with substitute function calls
`within the content, at a gateway computer, prior to the content
`being received at the client computer.
`“When a patent [] describes the features of the ‘present invention’ as a whole, this description
`limits the scope of the invention.” Regents of Univ. of Minnesota v. AGA Med. Corp., 717 F.3d
`929, 936 (Fed. Cir. 2013) (quoting Verizon Servs. Corp. v. Vonage Holdings Corp., 503 F.3d
`1295, 1308 (Fed. Cir. 2007)).
`As Juniper points out, this construction is consistent with the Patent Trial Appeals
`Board’s (“PTAB”) understanding (under the broadest reasonable interpretation) of Claim 1,
`which understood the ’154 patent specification to refer to “three categories of content” (Dkt.
`No. 390-19 at 9 (emphasis added)):
`First, there is the “original content” that is scanned and modified at
`the gateway computer. Second, there is the “modified content”
`transmitted to, and received by, the client computer. Third is the
`“dynamically generated malicious content” that is generated at
`runtime and, thus, is undetected by the gateway computer in the
`“original content.”
`The PTAB further noted that “[n]otwithstanding the variety of content described in the
`Specification, the term ‘content’ is recited broadly in all challenged claims as ‘content
`including a call to a first function’ ” (ibid.). It then explained that (id. at 10 (first emphasis
`and alteration in original, second emphasis added)):
`Because the recited “first function” is the substituted function
`whose input is verified, the claimed “content,” in the context of the
`surrounding claim language, must refer to the modified content
`received at the client computer. See id. at 17:39–40 (“transmitting
`the input [of the first function call] to the security computer for
`inspection, when the first function is invoked”). The claimed
`content cannot refer to the “original content” that is received by
`the gateway computer and over the Internet because that content,
`according to the Specification, would be capable of generating the
`undetected dynamically generated malicious content from which
`the client computer is to be protected.
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`26
`27
`28
`
`8
`
`For the Northern District of California
`
`United States District Court
`
`

`

`Case 3:17-cv-05659-WHA Document 491 Filed 05/29/19 Page 9 of 19
`
`As such, the PTAB concluded that the claimed “content” refers to “data or information, which
`has been modified and is received over a network” (id. at 14 (emphasis added)). This order
`agrees with the PTAB’s understanding to the extent that it found that the claimed “content”
`“has been modified.” Markman v. Westview Instruments, Inc., 517 U.S. 370, 389 (1996)
`(claims are to be construed “in a way that comports with the instrument as a whole”).
`In light of the foregoing, Finjan’s assertion that Juniper’s proposed construction
`“makes no sense in the context of the claims because it would have the content processor
`processing both modified and unmodified content simultaneously” is unpersuasive (Dkt. No.
`415 at 2). The claimed “content” refers to the modified content, and the content processor
`processes that modified content. There is no incongruity.
`Finjan’s contention that the “modified content” limitation would read out preferred
`embodiments is similarly unpersuasive, as it misapprehends the context of those embodiments.
`Finjan argues that because the patent “describ[es] that ‘content’ received for processing has the
`‘original’ function,” the content in that embodiment is unmodified (ibid. (citing ’154 patent at
`6:4–14)). But read in context, the described “content” in that citation containing the “original”
`function clearly refers to the (unclaimed) first category of content the PTAB identified — i.e.,
`the content that is intially “scanned and modified at the gateway computer” before it is
`transmitted to the client computer (id. at 9). Finjan further points out that the patent describes
`a “content processor” “for processing content received over a network,” and thus contends that
`this is “an example where unmodified content is processed using a content processor” (ibid.
`(citing ’154 patent at 7:22–23)). Again, when read in context, that citation clearly refers to the
`second category of content identified by the PTAB — i.e., “the ‘modified content’ transmitted
`to, and received by, the client computer.” Finjan also recites various examples of unmodified
`content disclosed in the specification, such as “HTML web page, XML document, a Java
`applet, an EXE file, JavaScript, . . . or any such data container that can be rendered by a client
`web browser” (id. at 2–3 (citing ’154 patent at 13:49–52)). Again, these examples refer to the
`unclaimed unmodified content received by the gateway.
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`26
`27
`28
`
`9
`
`For the Northern District of California
`
`United States District Court
`
`

`

`Case 3:17-cv-05659-WHA Document 491 Filed 05/29/19 Page 10 of 19
`
`Finjan also argues that the ’154 patent “is explicit when something is ‘modified’ from
`its original form” (id. at 3 (citing ’154 patent at 3:9–12)). It further asserts that “the content
`being ‘modified’ was not intended to be in the claims” because it removed the word
`“modified” from the claim language during prosecution (ibid.). That is, Finjan struck out the
`word “modified” from “content” from dependent Claim 2 (Dkt. No. 415-3). While this
`argument has some force, it is ultimately unpersuasive in light of the claim language and
`specification as a whole. Nor is Finjan’s citation to other claims that include the word
`“modified” helpful, as those terms refer to modified input variable, which is distinct from
`Claim 1’s modified content.1
`Finjan further asserts that Juniper’s expert witness, Dr. Aviel Rubin, had taken an
`inconsistent position during a prior IPR proceeding (Dkt. No. 369 at 7). Specifically, Dr.
`Rubin previously opined that the term “content processor” should be given its plain and
`ordinary meaning (Dkt. No. 390 at 10). This order, however, does not necessarily find the
`inconsistency Finjan complains of. Dr. Rubin testified during the IPR proceeding that he
`interpreted the claim terms the petitioner did not specifically propose for construction
`(including “content processor”) under their ordinary meaning “in light of [the ’154 patent’s]
`specification” (Dkt. No. 389-6 ¶ 23 n.1). He now makes explicit Claim 1’s clear implication.
`And, even assuming Dr. Rubin’s testimony contains an inconsistency, this order does not find
`it fatal to Juniper’s current proposed construction under these circumstances.
`Finally, this order rejects Finjan’s proposition that because another court in our district
`has already construed the term “content processor” under the plain and ordinary meaning, it
`needs no further construction (Dkt. No. 369 at 6). Finjan cites three claim construction
`decisions by Judge Haywood Gilliam Jr., who adopted Finjan’s proposed construction (id. at
`6–7). Judge Gilliam, however, adopted Finjan’s proposed construction because those
`
`1 During oral argument, Finjan argued that Juniper’s reasoning regarding the substitute function described the claims
`of United States Patent No. 7,757,289 (“the ’289 patent”), of which the ’154 patent is a continuation, “to a tee” (Dkt. No.
`457 at 21:15–17). This order finds the argument unpersuasive. First, Claim 1 of the ’154 patent differs from the ’289 patent
`claims in that Claim 1 does not claim the whole system — including the gateway, client, and security computer — as the ’289
`patent does. Claim 1 of the ’154 patent as construed thus does not track the ’289 patent’s claims “to a tee.” Second, given
`that the ’154 patent is a continuation the ’289 patent, significant overlap in the substance of the claims is not surprising.
`
`10
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`26
`27
`28
`
`For the Northern District of California
`
`United States District Court
`
`

`

`Case 3:17-cv-05659-WHA Document 491 Filed 05/29/19 Page 11 of 19
`
`defendants unsuccessfully attempted to either construe the term as a means-plus-function or
`limit the term to one specific embodiment. See Finjan, Inc. v. Proofpoint, Inc., 2015 WL
`7770208, at *9–11 (N.D. Cal. Dec. 3, 2015) (rejecting defendant’s construction of “content
`processor” as a means-plus-function claim); Finjan, Inc. v. Bitdefender Inc., Case No. C 17-
`04790 HSG, 2019 WL 634985, at *11–12 (N.D. Cal. Feb. 14, 2019) (also rejecting defendant’s
`construction of “content processor” as a means-plus-function claim); Finjan, Inc. v. Symantec
`Corp., Case No. C 14-02998 HSG, 2017 WL 550453, at *10–11 (N.D. Cal. Feb. 10, 2017)
`(rejecting defendant’s proposed limiting of “content processor” to the specific embodiment
`describing “software that renders the content for interactive viewing on a display monitor”).
`At no point during those proceedings did Judge Gilliam have the opportunity to address the
`specific issues raised in the instant motion.
`Accordingly, this order construes the term “content processor” as “a processor that
`processes modified content.”2
`B.
`Accused Products Do Not Infringe.
`Under the adopted construction, Juniper’s accused products (SRX, Sky ATP, and ATP
`Appliance) do not infringe Claim 1 of the ’154 patent. Finjan offers no evidence that the
`accused products’ alleged content processor processes modified content. Rather, the current
`record shows that those products process only unmodified content. Specifically, Dr. Rubin,
`Juniper’s expert witness, affirmatively declared that “the accused products and the technology
`claimed . . . do not modify or ‘instrument’ content; as a result, they all process unmodified
`content received from the web server” (Dkt. No. 390-1 ¶ 38; see also id. at ¶¶ 28, 31, 34).
`Because the foregoing construction excludes SRX, Sky ATP, and ATP Appliance from
`infringement for this reason, Finjan’s motion for summary judgment of infringement of Claim
`1 of the ’154 patent is DENIED.
`
`2 In construing the term “content processor,” this order finds the issue of “processing modified content” dispositive
`to this instant motion. Therefore, though Juniper makes a strong argument for the proposition that the content processor
`resides on the client computer, this order need not and does not reach that issue in construing the term.
`
`11
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`26
`27
`28
`
`For the Northern District of California
`
`United States District Court
`
`

`

`Case 3:17-cv-05659-WHA Document 491 Filed 05/29/19 Page 12 of 19
`
`In light of the foregoing, even though Juniper did not itself cross-move for summary
`judgment on Claim 1 of the ’154 patent, both sides are ORDERED TO SHOW CAUSE in writing
`by MAY 13 AT NOON why summary judgment should not be granted in favor of Juniper with
`replies by MAY 16 AT NOON.
`2.
`JUNIPER’S MOTION ON CLAIM 9 OF THE ’780 PATENT.
`The ’780 patent makes yet another showing in the second round of early motions for
`summary judgment. During the first round, a prior order found that Juniper’s SRX and Sky
`ATP products did not infringe Claim 1 of the ’780 patent after construing the term “performing
`a hashing function on the Downloadable and the fetched software components to generate a
`Downloadable ID” (Dkt. No. 180 at 10).
`Juniper now moves for summary judgment of non-infringement on Claim 9 regarding
`all three accused products (i.e., SRX, Sky ATP, and ATP Appliance). Finjan argues that ATP
`Appliance (which was not at issue in the first round of early motions for summary judgment)
`infringes Claim 9, which substantially overlaps with Claim 1, of the ’780 patent.3
`Juniper also moves on the issue of damages — that is, according to Juniper, Finjan is
`not entitled to any damages in connection with ATP Appliance because it failed to provide
`actual or constructive notice of infringement in compliance with 35 U.S.C. § 287 before the
`’780 patent’s expiration date on November 6, 2017 (Dkt. No. 371 at 2). Section 287 provides
`that:
`
`Patentees . . . may give notice to the public that [an article] is
`patented, either by fixing thereon the word “patent” or the
`abbreviation “pat.”, together with the number of the patent . . . . In
`the event of failure so to mark, no damages shall be recovered by the
`patentee in any action for infringement, except on proof that the
`infringer was notified of the infringement and continued to infringe
`thereafter, in which event damages may be recovered only for
`infringement occurring after such notice.
`
`3 Finjan does not to argue that SRX and Sky ATP infringe Claim 9 under the Court’s previously construed term.
`This order thus only considers ATP Appliance as the accused product in connection with the instant motion.
`
`12
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`26
`27
`28
`
`For the Northern District of California
`
`United States District Court
`
`

`

`Case 3:17-cv-05659-WHA Document 491 Filed 05/29/19 Page 13 of 19
`
`This order agrees with Juniper and thus holds that Finjan cannot recover any damages on the
`ATP Appliance.4 Further, because Finjan does not oppose Juniper’s motion in connection with
`SRX or Sky ATP under the Court’s present construction of Claim 1 (and only opposes in
`connection with ATP Appliance), this order finds non-infringement of Claim 9 of the ’780
`patent regarding SRX and Sky ATP.
`A.
`Actual Notice.
`Finjan failed to provide Juniper or Cyphort (from whom Juniper acquired ATP
`Appliance) actual notice. Actual notice requires an affirmative communication by the patentee
`to be “sufficiently specific to support an objective understanding that the recipient may be an
`infringer,” including a “charge of infringement of specific patents by a specific product or
`group of products.” Funai Elec. Co. v. Daewoo Elecs. Corp., 616 F.3d 1357, 1373 (Fed. Cir.
`2010) (citations omitted).
`Finjan first generally states that Finjan and Cyphort began licensing discussions in
`February 2015, with a follow up letter sent in January 2016 “identifying certain Finjan patents”
`(Dkt. No. 393 at 10–11, 32). That letter, however, did not mention the ’780 patent (see Dkt.
`No. 392-12). The draft license Finjan relies on similarly failed to specifically mention the ’780
`patent (see Dkt. Nos. 392-24, 392-26).
`It next argues that it provided Cyphort notice during a presentation Finjan gave in 2016
`given during their licensing discussions (Dkt. No. 393 at 32). This presentation “introduced
`Finjan and its technology to Cyphort and gave a complete overview of Finjan’s history and
`patents” and “the identification of Finjan’s patent portfolio” (including the ’780 patent) (Dkt.
`No. 392-4 at 11). As Juniper points out, however, that presentation merely noted in general the
`’780 patent as one of the patents previously asserted against other third party defendants (see
`Dkt. No. 392-16). At no point during the presentation (under the current record) did Finjan
`specifically charge infringement of the ’780 patent against ATP Appliance.
`
`4 Finjan argues that the issue of damages is outside the scope of the showdown procedure. This order disagrees.
`Damages are part and parcel to Finjan’s claim of infringement. Juniper does not raise the Section 287 issue as a defense
`against infringement, but rather, now properly moves on the Section 287 issue.
`
`13
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`26
`27
`28
`
`For the Northern District of California
`
`United States District Court
`
`

`

`Case 3:17-cv-05659-WHA Document 491 Filed 05/29/19 Page 14 of 19
`
`During oral argument, Finjan attempted to cobble together a showing of actual notice
`by pointing to the various letters, draft license, and presentation. Its attempt falls short. Finjan
`argued that the draft license was meant for the entire patent portfolio, which included the ’780
`patent (as called out in the presentation). But that draft license agreement covered patent rights
`that were so broad that they could not provide meaningful notice. Specifically, the draft
`license stated that (Dkt. No. 392-26):
`“Finjan’s Patent Rights” means any issued patent and any pending
`patent application anywhere in the world that Finjan owns or
`controls at any time during the term of this Agreement where such
`patent or patent application was filed, or claims priority to an
`application filed on, or before the Effective Date, including but not
`limited to all of the patents identified in Exhibit C.
`Incredibly, Finjan thus would have Cyphort on notice of future patents it does not yet own and
`patents Finjan did not bother to identify in “Exhibit C” under its logic.
`Moreover, Finjan’s reliance on Novo Nordisk A/S v. Becton Dickinson & Co., 96 F.
`Supp. 2d 309, 319–20 (S.D.N.Y. 2000), aff’d, 304 F.3d 1216 (Fed. Cir. 2002), for the
`proposition that actual notice may be satisfied “in the context of the overall dealings between
`the parties” is unpersuasive for two reasons (Dkt. No. 393 at 33). First, the out-of-district
`decision is not binding. Contrary to Finjan’s representations during oral argument, the United
`States Court of Appeals for the Federal Circuit did not affirm the district court’s decision