The Federal Circuit Finds Finjan’s Behavior-Based Virus Scanning Patent-Eligible

Finjan owns several patents in the field of cybersecurity and virus protection, which it asserted against Symantec-owned Blue Coat Systems. Over the objections of Blue Coat, the U.S. District Court for the Northern District of California concluded that the subject matter of a challenged subset of Finjan’s asserted claims was eligible for patent protection. Among some other rulings, Blue Coat appealed the finding on subject-matter eligibility to the U.S. Court of Appeals for the Federal Circuit. It argued that the claims should receive the same treatment as the claims involving virus screening that were invalidated in Intellectual Ventures I v. Symantec Corp., 838 F.3d 1307 (Fed. Cir. 2016). In that case, the Federal Circuit found that the general concept of scanning for viruses was an abstract idea ineligible for patent protection. The Court also held that performing a virus scan specifically on an intermediary computer, rather than the destination computer, was both conventional and abstract. 
In Finjan, Inc. v. Blue Coat Sys., No. 2016-2520, 2018 U.S. App. LEXIS 601 (Fed. Cir. Jan. 10, 2018), the Federal Circuit distinguished the claims on appeal from the claims at issue in Symantec. It emphasized that the claims on appeal required a behavior-based scanning approach involving looking for undesirable or unnecessary behaviors in the code, such as renaming or deleting files. Behavior-based virus scanning also involved applying a security profile to the scanned results, meaning that an administrator could restrict general users from accessing the files while permitting users with administrative access and computer security professionals to access the files. The Court contrasted this approach with a conventional virus-scanning approach, which generally involved comparing the code in a file to a database of code confirmed to be malicious, also called “code-matching.” The behavior-based process required by the claims on appeal better protected against superficial code changes that would thwart code-matching scans. Behavior-based virus scanning also better tailored the actions permissible after a scan by matching the accessibility code flagged as malicious or suspicious to the administrative level of the user. As a result, the Court determined that the claims represented an improvement in computer functionality, and were not abstract under step one of the Mayo/Alice test.
This decision underscores that the inquiry for subject-matter eligibility after Mayo and Alice is not merely a process of categorizing a patent claim into a technical field that is or is not abstract. Instead, decision-makers are required to analyze the claims as a whole to determine what kind of advancement over the prior art they present. Patent claims that are drafted in broad, general terms, where the advancement lies merely in applying a practice to a particular technology, and the improvement flows from that technology’s conventional uses, may remain easier to invalidate under the Mayo/Alice analysis. But when the advancement is rooted in technology, alters the conventional operation of hardware, and results in improved hardware capabilities, those qualities can be emphasized to overcome a subject-matter eligibility challenge, even in fields where claims have previously been invalidated as unpatentably abstract. 

The information you obtain at this site is not, nor is it intended to be, legal advice. You should consult an attorney for advice regarding your individual situation.