You did find some, the ITC then said the patent, #5,623,600, was invalid, and you'd think that would be the end of that.

But no, software patents live in their own illogical alternate universe, and because Trend Micro and Barracuda settled instead of getting a court ruling of invalidity, Trend Micro was free to threaten others and to continue to take in royalties on that patent.

Some of you were asking the other day what would happen if a patent was ruled invalid, whether a prior licensee could stop paying. That's exactly what this Fortinet story is about. So we will find out, because Fortinet had earlier signed a license with Trend Micro, and when it noticed the ITC ruling and all the prior art Barracuda had presented, which it says hadn't been disclosed to it or the USPTO by Trend Micro, it didn't want to keep paying money for a license for nothing. It stopped paying, and there is ongoing litigation. In addition, Fortinet wants to finally invalidate this patent in court and at the USPTO, for the benefit of us all, and it would like your help.

First step is to read the 300-page petition for re-examination [PDF] Fortinet just filed with the USPTO on the '600 patent. I'll highlight some things in it, but there's a list of prior art they have already. And here's a Fortinet statement, along with many details on this latest development. A snip from the petition:

Reexamination is requested in view of the substantial new questions of patentability presented herein. Requestor reserves all rights and defenses available including, without limitation, defenses as to invalidity and unenforceability. By filing this Request in compliance with the Patent Rules, Requester does not represent, agree or concur that the ‘600 patent is enforceable, and by asserting the substantial new questions of patentability herein, Requester specifically asserts that claims 1-22 (all claims) of the ‘600 patent are in fact not patentable and as such the United States Patent and Trademark Office (USPTO) should reexamine and find claims 1-22 unpatentable and cancel such claims of the ‘600 patent, rendering the ‘600 patent null, void and otherwise unenforceable.

• MIMESweeper 1.0
• TFS Gateway running with antivirus in the U.S.
• Use of the Norman Firewall to scan email attachments

The relevant date you have to beat is September 26, 1995. And for those of you who may notice that they are on the prior art list and may wonder what more is needed, if you recall using any of these things, or have physical evidence like old ads, marketing materials, manuals, conference proceedings discussing them, or source code, or even contacts (people who recall using it or helped during the design, or system integrators), this would be the time to bring it forth.

Here's a list of prior art listed in the request for reexamination:

In accordance with 37 C.F.R. §§ 1.510(b)(1) and (b)(2), reexamination of claims 1-22 (all issued claims) of the ‘600 patent is requested in view of the following references:

• Exhibit C - “The Design of a Secure Internet Gateway”, by Bill Cheswick, USENIX Summer Conference June 11-15, 1990 (“Cheswick”) ─ Not previously considered during examination.

• Exhibit D - “Firewalls and Internet Security – Repelling the Wily Hacker”, by William R. Cheswick and Steven M. Bellovin, Copyright 1994 (“Cheswick and Bellovin”) ─ Not previously considered during examination.

• Exhibit E - “A Gateway to Internet Health and Happiness”, by Robin Layland, published September 21,1994 in Data Communications, Internetworking Views (“Layland”) ─ Not previously considered during examination.

• Exhibit F - Intel LANProtect Product Documentation (together, Intel LANProtect Product Overview and Intel LANProtect Software Users Guide), copyright 1992, by Intel Corporation (“LANProtect”) ─ Not previously considered during examination.

• Exhibit G - “SPECIAL REPORT: Secure Computing Corporation And Network Security”, published December 1994, the LOCALNetter Newsletter, vol. 14, No. 12 (“Sidewinder”) ─ Not previously considered during examination.

• Exhibit H - “TIS Firewall Toolkit Overview”, published June 30, 1994, by Trusted Information Systems, Inc. and USENIX Association, Proceedings of the Summer 1994 USENIX Conference, June 6-10, 1994 (collectively, “TIS Firewall”) ─ Not previously considered during examination.

• Exhibit I - U.S. Patent No. 5,319,776, issued to Hile et al., filed in September 1992 and issued June 1994 (“Hile”) ─ Previously considered during examination.

• Exhibit J - “TFS gateway”, by TenFour Sweden AB (“TFS Manual”) ─ Not previously considered during examination.

• Exhibit K - “MIMEsweeper administrator guide” (“MIMEsweeper”)-published by Integralis Ltd Copyright 1995. ─ Not previously considered during examination.

• Exhibit L - Request for Ex Parte Reexamination U.S. Patent No. 5,623,600 “MpScan-Email Security” (“MpScan”) ─ Published by Cybersoft- Not previously considered during examination.

• Exhibit M - “Network security SunScreen SPF-100” (“SunScreen SPF-100”) - Not previously considered during examination.

The combination of Hile with newly cited art presents a substantial new question of patentability. Although Hile was cited during prosecution of the ‘600 patent and considered in combination with another prior art reference, the Examiner did not substantively consider Hile in combination with Cheswick, the Cheswick and Bellovin reference, the Layland reference, the LANProtect reference, the Sidewinder reference, the TIS Firewall reference, the MpScan reference or the SunScreen SPF-100 reference. These references present new, non-cumulative technological teachings that would have been considered important to a reasonable examiner at the time of prosecution as is shown by a consideration of the prosecution history and reasons for allowance. Accordingly, in light of the new, non-cumulative technological teachings of these references as discussed in detail below, the combination of newly cited art presented herein in combination with Hile presents a substantial new question of patentability as to claims 1-22 (all claims) of the ‘600 patent.

The highly relevant Hile reference previously applied by during prosecution of the ‘600 patent should be carefully reconsidered in combination with the prior art references provided herewith. Under 35 U.S.C. § 303(a), as amended in 2002 “[t]he existence of a substantial new question of patentability is not precluded by the fact that a patent or printed publication was previously cited by or to the Office or considered by the Office.” In so amending, Congress specifically stated that the amendment “overturns the holding of In re Portola Packaging Inc.” Rather than a strict prohibition against reexamination of a patent based on a publication that had been considered during the initial examination of a patent, “the appropriate test . . . should not merely look at the number of references or whether they were previously considered or cited but their combination in the appropriate context of a new light as it bears on the question of the validity of the patent.” A complete listing of all the Exhibits, including relevant publications and patents, is provided at the end of this Request.

The following other written evidence is also made of record, solely to help explain the content of certain of the references listed above. See MPEP § 2205.

• Exhibit N - “An Introduction to the Norman Firewall: The secure way to connect to the Internet and other TCP/IP-based networks” (“Norman Firewall”) - published by Norman Data Defense, Inc. Copyright November 1995.

• Exhibit O - Robert McMillan, “Trend Micro: Barracuda Suit Not About Open Source,” PC World, PCW Business Center, June 13, 2008 (“McMillan”).

• Exhibit P - Steve Chang and Jenny Chang, “Trend Micro: History of the Global No. 1 Internet Security Company,” Trend Micro, Copyright 2002 (“Trend Micro History”).

The ‘600 patent broadly claims a system, an apparatus and methods for detecting computer viruses during transmission over a network. The specification of the ‘600 patent describes a gateway computer consisting of: a prior art computer system, running a prior art operating system, such as Berkeley Software Distribution (BSD) UNIX, connecting two networks using prior art connection methods, providing prior art data transfer services, such as FTP and SMTP, via prior art proxy servers modified according to the teaching of the patent. In other words, the patent describes a basic and entirely routine network implementation. The specification also describes scanning for viruses, which was also in the prior art, at an intermediary node between computers or computer networks. The purportedly novel teaching of the patent application was simply the combination of a rudimentary and well known network implementation, with the addition of equally rudimentary and well known anti-virus scanning on a network gateway.

Independent claim 1 of the ‘600 patent is representative and instructive – demonstrating the obviousness over the prior art systems and publications presented herewith. Claim 1 broadly claims a system implemented on a proxy server for detecting viruses in data transfers—a system which performs the obvious steps of checking data to be transferred for the presence of a virus and performing various equally obvious actions depending on the result of the virus check. In a nutshell, this claim under the broadest reasonable construction arguably covers any anti-virus scanning performed by any network device. In fact, such a broad construction of the ‘600 patent has been openly adopted by applicant as part of its aggressive licensing program and associated litigation (“We [Trend] are litigating [with] Barracuda, who are selling a gateway and putting whatever type of AV, whether it’s ClamAV or Shophos [sic] of whomever’s AV, on there. “In the [‘600] patent, we are not claiming that we invented the antivirus scanner. We are not claiming that we invented the proxy server. But the concept of using these two together so that you can stop the virus during the transition [sic: transmission] is new.”).

I know. You can't believe you are being asked to find prior art again for this stupidness. But there you are. It'd be nice to hop into their software patent world long enough to blast the patent to smithereens and then leave, knowing we never have to do it again, that it's really dead this time, not just mostly dead.

Here's more from Fortinet's statement on exactly what has been happening in the courts, for those interested in a more complete picture:

Trend Micro did not invent network antivirus functionality. In fact, in response to Barracuda’s calls for help, the open source community responded by, among other things, identifying a good deal of invalidating prior art — antivirus functionality invented well in advance of Trend Micro’s purported invention. Thanks to the help of the open source community, patent experts at the International Trade Commission (ITC) issued a pre-trial opinion [PDF] that Trend Micro’s patent was invalid. Unfortunately, this ruling was only beneficial to Barracuda, who settled the case before it could benefit the wider security community. Trend Micro, faced with patent uncertainty after the ITC decision, quickly settled with Barracuda.

Fortinet is working to finish the job that the open source community and Barracuda started, which is to drive a wooden stake through the heart of Trend Micro’s invalid patent once and for all. Yesterday, Fortinet filed with the U.S. Patent and Trademark Office (US PTO) a petition [PDF] to re-examine Trend Micro’s patent. The petition identifies prior art revealing the invalidity of Trend Micro’s patent and is one of several avenues Fortinet is pursuing to finally and publically defang Trend Micro and bring the invalidity of this patent into the sunlight.

Fortinet has also recently received favorable rulings [PDF] in federal and state courts in challenges to the validity of the same patent. Recently, the legal atmosphere has become much less favorable to patent aggressors like Trend Micro − case law has made clear that certain patent licensees need not pay something for nothing − they do not owe royalties for invalid patents.

If you don't like legal intricacy, skip the rest, because this is where it gets complex, and I'm only going to hit the highlights. It's been a hard-fought litigation, in two courts, one federal and one state, both in California, and there is prior litigation also between the parties and an ITC complaint, all of which came into play. For the rest of us, here's an overview.

Late in 2008, after the Barracuda revelations, Fortinet told Trend Micro it thought its patent was invalid and that it didn't think it should have to pay royalties on an invalid patent, and when Trend Micro didn't agree, Fortinet filed suit, seeking a declaratory judgment of patent invalidity not only regarding the '600 patent about gateways, but also on a '943 patent, "Apparatus and Method for Electronic Mail Virus Detection and Elimination", which Fortinet describes as "a continuation-in-part of the application that eventually became the '600 patent". Trend Micro got some claims tossed by saying the license agreement Fortinet signed precluded them, and it added a counterclaim for breach of contract.

Beginning on page 7, Fortinet tells the court that Trend Micro tried to fool Fortinet and the court by issuing what Fortinet feels was a cynical covenant not to sue, one that Fortinet says doesn't give it or its partners or customers the protection it needs, since Fortinet is obligated to indemnify them, and Trend Micro then asked the court to dismiss Fortinet's claims, based on the covenant not to sue. The court granted Trend Micro's motion. Fortinet appealed, and beginning on page 12, they present the prior art. And it sets forth prior litigation against other companies brought by Trend Micro beginning on page 14, which Fortinet describes as anticompetitive. It includes the Barracuda story, that Barracuda asked the Open Source community for help finding prior art and thus discovered the TFS Gateway, which the ITC found dispositive. Groklaw is mentioned on page 20. Slashdot is referenced too. Trend Micro had not disclosed the TFS Gateway, Fortinet points out. Isn't it nice to know the call for prior art proved so helpful?

All of this is, as best I can make out, to establish Fortinet's standing to sue, since they signed a license, got a covenant not to sue, settled earlier litigation, etc. And as Fortinet's statement pointed out, it's made headway, but from what I'm reading, Trend Micro is a very aggressive and able opponent. I didn't say nice.

Another filing takes the story the next step more or less up to the present, Fortinet's MEMORANDUM OF POINTS AND AUTHORITIES IN SUPPORT OF ITS OPPOSITION TO PLAINTIFFS’ DEMURRERS TO FORTINET’S THIRD AFFIRMATIVE DEFENSE [PDF]. Here's what a demurrer is, if you are curious. What we learn from this document is that Fortinet in 2008 brought a Lear challenge in the Northern District of California, asserting the invalidity and unenforceability of Trend's patents. Here's what that is:

In Lear, Inc. v. Adkins, 395 U.S. 653 (1969), the Supreme Court held that a party that has entered into a license to pay royalties for the use of a patented invention could attack the validity of the licensed patent. In doing so, the Court rejected the contract-law doctrine of licensee estoppel. The Court also held that the licensee was not required to continue to pay royalties until its challenge to the validity of the patent was resolved. Thus, Lear allows a licensee to stop making royalty payments and to challenge the patent’s validity at any time.

Fortinet basically says that Trend has been using all the legal machinations it can to avoid a court ruling on the patent, more or less telling the state court one thing, and the federal court another, a la the early SCO. So, Fortinet says, Trend would tell the state court the federal court should rule, and then it would tell the federal court it shouldn't, because the state court had the matter in hand, as best I can make out. I gather as long as there is no official court ruling, Trend Micro can continue to act like it has a patent it can ask people to take a license to use. A court at some point has to decide if the ITC was right or not.

You'll find all that beginning on page 7 of the PDF, page 3 of the filing, if you want to check my math, so to speak. In Lear, Fortinet writes, "the US Supreme Court articulated a strong federal policy encouraging licensees to challenge bad patents." And what Barracuda presented made Fortinet conclude this was a bad patent:

After finishing these cases with Fortinet, Trend instituted a new ITC proceeding on its ‘600 patent, this time against Barracuda Networks. (See TRJN Ex. 4 ¶ 23.) During this proceeding, Barracuda presented newly‐discovered, compelling evidence that the ‘600 patent was invalid. (See id. at ¶¶ 25‐26.) That evidence included a product called the “TFS Gateway,” which was on the market before Trend applied for its patent, and which performed the same functions Trend’s patent describes. (See id.) Based on an independent review of the evidence, including the TFS Gateway, an ITC 1 staff attorney concluded that each asserted claim of the ‘600 patent was invalid. (See Garber Decl. at ¶¶ 3‐4.) Soon after, Trend and Barracuda settled the ITC proceeding. (See id.)

Evident from the above history is Trend’s dual strategy of extracting in [redacted] royalties from its patents while insulating those patents from judicial review. Trend settled with Barracuda just after the ITC staff attorney issued his invalidity findings, leaving no binding decision. (See Garber Decl. at ¶ 4.) Trend asserted res judicata to try to block Fortinet’s 2008 challenge to its patents. (See FRJN Ex. 1.) Upon losing that motion, Trend engineered the dismissal of the 2008 case without prejudice to its being refiled in state court. (See TRJN Ex. 6.) Now that the case is here, Trend argues that “only a federal court can invalidate a patent.” (Document No. 53 (Trend’s Mem. in Opposition to Fortinet’s Motion to Stay) at 8:24‐9:1.) And Trend renews its rejected res judicata challenge. (Dem. 6‐13.) These efforts, as we now show, must fail.

Update, September 23, 2010: Fortinet has now publicly acknowledged your help in searching for prior art, and they let us know that the USPTO has now ordered a reexamination of Trend Micro's patent, based on prior art submitted:

As a follow-up to my earlier blog post on the subject of Trend Micro’s history of patent aggression, there are a couple recent developments worth noting:

First, on September 16, the United States Patent and Trademark Office (US PTO) issued a formal order granting Fortinet’s petition to re-examine the validity of Trend Micro’s patent on antivirus functionality, the 5,623,600 patent, stating that a “substantial new question of patentability” exists with respect to the patent based on prior art currently being considered by the US PTO.

Second, and most notably, a member of the open source community has recently filed a separate petition (control number 90/011,022) with the US PTO to re-examine the same Trend Micro patent presenting even more evidence of the patent’s invalidity. This is significant because it validates Fortinet’s position and it shows the resolve and resourcefulness of the open source community to challenge invalid patents that are a menace to the community. Indeed, the open source community at large provided valuable assistance to Fortinet in researching its challenge to Trend Micro’s aggressive patent approach.