In Finjan v. Blue Coat Systems, the Court of Appeals for the Federal Circuit rendered a decision containing interesting rulings on patentable subject matter (affirming the District Court determination that certain claims were patent eligible) and reasonable royalty damages (vacating part of a jury verdict for failure to adequately apportion the royalty base). This article examines the patent-eligibility ruling, which is interesting in itself and also because the opinion was authored by Judge Dyk and joined by Judge Hughes, both of whom have a pronounced history of finding claims ineligible.

Claimed Invention

Claims 1, 7, 11, 14 and 41 of U.S. Patent No. 6,154,844 (the ’844 patent) recite a system and method for providing computer security by attaching a security profile to a downloadable.[1] Claim 1 of the ’844 patent, which the District Court found representative for § 101 purposes, reads:

1. A method comprising:

receiving by an inspector a Downloadable;

generating by the inspector a first Downloadable security profile that identifies suspicious code in the received Downloadable; and

linking by the inspector the first Downloadable security profile to the Downloadable before a web server makes the Downloadable available to web clients.

At claim construction in the District Court, the parties agreed that “Downloadable” should be construed to mean “an executable application program, which is downloaded from a source computer and run on the destination computer.” Additionally, the District Court construed “Downloadable security profile that identifies suspicious code in the received Downloadable” to mean “a profile that identifies code in the received Downloadable that performs hostile or potentially hostile operations.”

Section 101 Analysis

The court begins its patent-eligibility analysis by noting that at step one, i.e., Alice Step 2A, we must first examine the ’844 patent’s “claimed advance” to determine whether the claims are directed to an abstract idea. In cases involving software innovations, this inquiry often turns on whether the claims focus on “the specific asserted improvement in computer capabilities or, instead, on a process that qualifies as an ‘abstract idea’ for which computers are invoked merely as a tool.” Opinion at 5. Only when the claim is deemed to be “directed to” an abstract idea under Step 2A does the analysis proceed to Step 2B, which asks whether the claim includes “significantly more.”[2]

As can be seen in the discussion below, the court found that the “behavior-based” virus scan recited by claim 1 constitutes improvement in computer functionality, and thus claim 1 is not “directed to” an abstract idea under Step 2A of the Alice test. This result is interesting given the superficial breadth of claim 1, and it reinforces that the lesson drawn from the Visual Memory[3] decision is that a robust written description including specific statements concerning how the disclosed invention improves upon the prior art can be key to showing that the claims are not directed to an abstract idea and thus are patent eligible under § 101. Even broader claims that do not recite the technical detail and improvements can be saved by a robust written description.[4]

Alice Step 2A

The court began its Step 2A analysis by noting that in Intellectual Ventures I[5], the court found that “[b]y itself, virus screening is well-known and constitutes an abstract idea,” and that performing the virus scan on an intermediary computer – so as to ensure that files are scanned before they can reach a user’s computer – is a “perfectly conventional” approach and is also abstract. In contradistinction, the court said, “Here the claimed method does a good deal more.” Opinion at 6.

According to the court, claim 1 scans a downloadable and attaches the virus scan results to the downloadable in the form of a newly generated file: a “security profile that identifies suspicious code in the received Downloadable.” The court referenced the District Court’s claim construction decision emphasizing that this “identif[y] suspicious code” limitation can be satisfied only if the security profile includes details about the suspicious code in the received downloadable, such as all potentially hostile or suspicious code operations that may be attempted by the Downloadable.

The security profile must include the information about potentially hostile operations produced by a “behavior-based” virus scan. According to the court, this operation is distinguished from traditional, “code-matching” virus scans that are limited to recognizing the presence of previously identified viruses, typically by comparing the code in a downloadable to a database of known suspicious code. The court then found that this behavior-based virus scan in the ’844 patent constitutes improvement in computer functionality. Id.

The court noted that the behavior-based approach to virus scanning was pioneered by Finjan and is disclosed in the ’844 patent’s specification. In contrast to traditional code-matching systems, which simply look for the presence of known viruses, behavior-based scans can analyze a downloadable’s code and determine whether it performs potentially dangerous or unwanted operations – such as renaming or deleting files. Because security profiles communicate the granular information about potentially suspicious code made available by behavior-based scans, they can be used to protect against previously unknown viruses as well as “obfuscated code” – known viruses that have been cosmetically modified to avoid detection by code-matching virus scans. The court further commented that the security profile approach also enables more flexible and nuanced virus filtering. According to the court, after an inspector generates a security profile for a downloadable, a user’s computer can determine whether to access that downloadable by reviewing its security profile according to the rules in whatever “security policy” is associated with the user, and administrators can easily tailor access by applying different security policies to different users or types of users. Opinion at 7.

Importantly, the court cited Enfish[6] for the proposition that software-based innovations can make non-abstract improvements to computer technology and be deemed patent-eligible subject matter at Step 2A. Id. The claims in Enfish recited a database architecture that used a new, self-referential logical table and were deemed non-abstract because they focused on “an improvement to computer functionality itself, not on economic or other tasks for which a computer is used in its ordinary capacity.” Enfish, 822 F.3d at 1336. (See our previous discussions of Enfish here and here.) Similarly, according to the court, the method of Finjan’s claim 1 “employs a new kind of file that enables a computer security system to do things it could not do before.” Opinion at 8. “The security profile approach allows access to be tailored for different users and ensures that threats are identified before a file reaches a user’s computer. The fact that the security profile ‘identifies suspicious code’ allows the system to accumulate and utilize newly available, behavior-based information about potential threats. The asserted claims are therefore directed to a non-abstract improvement in computer functionality, rather than computer security writ large.” Id.

Blue Coat had argued that Finjan’s claims, even if directed to a new idea, remain abstract because they do not sufficiently describe how to implement that idea. In response, the court distinguished the cases cited by Blue Coat, including Affinity Labs[7] and other similar cases, which the court said hearken back to the foundational patent law principle that a result, even an innovative result, is not itself patentable. Opinion at 9. “Here the claims recite more than a mere result. Instead, they recite specific steps – generating a security profile that identifies suspicious code and linking it to a downloadable – that accomplish the desired result. Moreover, there is no contention that the only thing disclosed is the result and not an inventive arrangement for accomplishing the result. There is no need to set forth a further inventive concept for implementing the invention. The idea is non-abstract and there is no need to proceed to step [2B] of Alice.” Id.


For software-related inventions, patent eligibility can be established at Alice Step 2A by showing that the disclosed invention results in an improvement to the operation of the underlying computer system. This analysis can and should include construing the claims and reviewing the written description to determine whether and how the claimed subject matter makes non-abstract improvements to computer technology. In this regard, the studious reader might question whether the court’s decision in this case can be squared with Intellectual Ventures I LLC v. Symantec, which also involved software filtering technology. We believe the court distinguished Finjan’s invention from that of Intellectual Ventures I based on what it believed to be novel features of the Finjan invention, even though those features are not explicitly recited in the claims. In other words, the court was reading into the claims certain aspects from this specification. It did not even attempt to do this in Intellectual Ventures I, perhaps because there was nothing in the specification that could save the claims. The take-home lesson in this regard is that it’s important to consider the specification before deciding patent eligibility.

[1] The ’844 patent states that the present invention provides systems for protecting a network from suspicious Downloadables, e.g., Java™ applets, ActiveX™ controls, JavaScript™ scripts, or Visual Basic scripts. The network system includes an inspector for linking Downloadable security profiles to a Downloadable, and a protection engine for examining the Downloadable and Downloadable security profiles to determine whether or not to trust the Downloadable security profiles.

[2] The Alice test is articulated in Alice Corp. v. CLS Bank International, 134 S. Ct. 2347 (2014). In summary, the Supreme Court instructs us to use a two-step framework to distinguish patents that claim laws of nature, natural phenomena and abstract ideas from those that claim patent-eligible applications of those concepts. Alice, 134 S. Ct. at 2355. At the first step, we determine whether the claims at issue are directed to a patent-ineligible concept. If they are, we then consider the elements of each claim both individually and as an ordered combination to determine whether the additional elements transform the nature of the claim into a patent-eligible application. This is the search for an “inventive concept” – something sufficient to ensure that the claim amounts to “significantly more” than the abstract idea itself.

[3] Visual Memory LLC v. NVIDIA CORP., 867 F.3d 1253 (Fed. Cir. 2017).

[4] See our review of Visual Memory here.

[5] Intellectual Ventures I LLC v. Symantec Corp., 838 F.3d 1307 (Fed. Cir. 2016).

[6] Enfish, LLC v. Microsoft Corp., 822 F.3d 1327, 1335–36 (Fed. Cir. 2016).

[7] Affinity Labs of Tex., LLC v. DIRECTV, LLC, 838 F.3d 1253, 1257 (Fed. Cir. 2016).