A federal judge in Massachusetts has dismissed patent infringement claims brought by cybersecurity ratings company BitSight Technologies against competitor Black Kite, dealing a blow to BitSight’s intellectual property case.
In a ruling issued on September 20, 2024, U.S. District Judge Myong J. Joun granted Black Kite’s motion to dismiss BitSight’s claims that Black Kite had infringed on five of its patents related to methods for assessing third-party cybersecurity risks.
Judge Joun applied the two-step framework established by the Supreme Court in Alice Corp. v. CLS Bank International to determine whether the patents were eligible for protection.
The Alice test’s first step asks whether the claims at issue are directed to a patent-ineligible concept, such as an abstract idea.
If it is an abstract idea, the court then considers whether the claim’s elements, both individually and as an ordered combination, transform the nature of the claim into a patent-eligible application.
In this case, Judge Joun found that BitSight’s patents failed both steps of the Alice test. At step one, he determined that the patents were directed to the abstract ideas of collecting, analyzing, and displaying information. The judge noted that these concepts have been consistently ruled as abstract ideas by federal courts.
Moving to step two, Judge Joun concluded that the patents lacked an inventive concept that would transform the abstract idea into a patent-eligible application. He found that the patents did not describe any innovative techniques or technologies that went beyond conventional computer processes.
For example, regarding one of the patents (the ‘834 patent), Judge Joun wrote that it “does not appear to recite anything beyond the sending and receiving of information” and that it failed to specify “how the DNS queries are formulated to obtain the information in an inventive manner.”
The ruling highlights the challenges technology companies face in securing and enforcing patents on software-based innovations, particularly in the cybersecurity field. Since the Alice decision in 2014, courts have frequently invalidated patents that they deem to be based on abstract ideas implemented using generic computer functionality.
While the patent claims were dismissed, Judge Joun allowed BitSight’s false advertising claims under the Lanham Act to proceed. These claims allege that Black Kite made false or misleading statements on its website comparing its products to BitSight’s, including claims about the number of security controls offered and the speed of adding new vendors to its platform.
The judge found that these advertising claims involved factual disputes that could not be resolved at the motion to dismiss stage. He ruled that BitSight had plausibly alleged the statements were literally false or misleading, allowing this portion of the case to move forward to discovery.
The case will now likely focus on the remaining false advertising claims, unless the parties reach a settlement.
Black Kite’s comment on the ruling here. We have not seen an announcement from BitSight. We created this article as we have only seen Black Kite’s press release and other entities that have picked that up but no original reporting.
Note: This content was generated by Claude AI with light human editing by uploading the 25-page court filing.