FairWarning IP, LLC v. Iatric Systems, Inc., No. 2015-1985, --- F.3d --- (Stoll, Louris, and Plager) (October 11, 2016)
- 8,578,500 | Entitled, “System and Method of Fraud and Misuse Detection”
Affirmance of district court holding that the invention was a patent ineligible abstract idea
Method to detect fraud and misuse by identifying unusual patterns in users’ access of sensitive data.
The district court dismissed the complaint with prejudice holding that the claims were directed to patent-ineligible subject matter under 35 U.S.C. §101. The panel reviewed the district court’s holding de novo, but quickly found that the alleged invention ineligible. The court agreed with the district court’s characterization of the abstract idea as “the concept of analyzing records of human activity to detect suspicious behavior” and noted the specification’s description of the invention as “relat[ing] to a system and method of detecting fraud and/or misuse in a computer environment based on analyzing data such as in log files, or other similar records, including user identifier data.”
The panel provided additional context for the expansion of abstract ideas from the realm discussed in Alice – economic practices – to other systems of analysis:
We have explained that the “realm of abstract ideas” includes “collecting information, including when limited to particular content.” Elec. Power Grp., LLC v. Alstom S.A., 830 F.3d 1350, 1353 (Fed. Cir.2016) (collecting cases). We have also “treated analyzing information by steps people go through in their minds, or by mathematical algorithms, without more, as essentially mental processes within the abstract-idea category.” Id. And we have found that “merely presenting the results of abstract processes of collecting and analyzing information, without more (such as identifying a particular tool for presentation), is abstract as an ancillary part of such collection and analysis.” Id. Here, the claims are directed to a combination of these abstract-idea categories. Specifically, the claims here are directed to collecting and analyzing information to detect misuse and notifying a user when misuse is detected. See id.
The panel held that the claims did not provide additional content that transforms the nature of the claim from an abstract idea, stating “[w]hile the claims here recite using one of a few possible rules to analyze the audit log data, this does not make them eligible.” The panel went on to state:
FairWarning’s claims merely implement an old practice in a new environment. See Alice, 134 S.Ct. at 2356. The claimed rules ask whether accesses of PHI, as reflected in audit log data, are 1) “by a specific user,” 2) “during a pre-determined time interval,” or 3) “in excess of a specific volume.” ’500 patent col. 16 ll. 34–36. These are the same questions (though perhaps phrased with different words) that humans in analogous situations detecting fraud have asked for decades, if not centuries. Although FairWarning’s claims require the use of a computer, it is this incorporation of a computer, not the claimed rule, that purportedly “improve[s] [the] existing technological process” by allowing the automation of further tasks. Alice, 134 S.Ct. at 2358.
Finally, the panel completed its analysis by considering the claims with a more focused eye to analyze if the combination of elements contributed “something more” to the claimed invention. The panel held that it did not:
After closely examining the claims of the ’500 patent in search of “something more” to transform the underlying abstract idea into a patent-eligible application, we conclude that there is nothing claimed in the patent—either by considering the claim limitations individually or as an ordered combination—that makes its claims patent eligible.