[00:00:20] Speaker 01: Next case is Ingres University of North Carolina, et al., 2018-2013. [00:00:28] Speaker 01: Mr. Doar, is it? [00:00:30] Speaker 01: Doaray. [00:00:31] Speaker 00: Doaray. [00:00:32] Speaker 01: Doaray. [00:00:33] Speaker 00: It's pretty much impossible to get from the spelling. [00:00:41] Speaker 01: Thank you. [00:00:43] Speaker 00: Good morning. [00:00:43] Speaker 00: May I please the court? [00:00:44] Speaker 00: My primary goal here today is to answer any questions the court may have regarding our positions, and I will try not to merely rehash what was already presented in the briefs. [00:00:54] Speaker 00: Helen. [00:00:54] Speaker 03: On page 57 of the blue brief, you say that PTAB's claim to construction of intercepting a first permission request as an encompassing stopping of a permission request until certain actions are performed is unreasonable and should be set aside. [00:01:15] Speaker 00: I don't think so, only because of the second, or at least I'm going to say it first, I don't think so because of the second additional argument that the board also failed to consider the additional limitations of claim 22. [00:01:28] Speaker 00: So perhaps we would lose with respect to two of the independent claims, but not necessarily with respect to claim 22. [00:01:34] Speaker 00: So with respect to that, the two primary concerns that the appellants have with the board decision, I'll go ahead and jump into that first one, which is intercepting a permission request. [00:01:44] Speaker 00: And I want to emphasize two major points with this. [00:01:48] Speaker 00: The first is that our position is that the board failed to interpret this in light of the specification. [00:01:53] Speaker 00: And the second is that even under the board's stated plain and ordinary meaning of intercept, the references simply do not teach intercepting a permission request. [00:02:02] Speaker 03: Where in the record do we find that Kirke does not disclose intercepting or permitting methods? [00:02:13] Speaker 00: The issue is, where in the record does it disclose intercepting a permission request? [00:02:17] Speaker 00: In other words, the burden is on the board to establish that, or sorry, the burden is on the office to establish a prima faca case that includes establishing that the claim limitations are met. [00:02:29] Speaker 00: I don't think that Kirkup discloses intercepting a permission request. [00:02:35] Speaker 00: The examiner simply kind of alleged that it did as a factual. [00:02:39] Speaker 03: Go ahead. [00:02:41] Speaker 03: I'm going to tell you straight up. [00:02:43] Speaker 03: My view of your problem in this blueprint is what you just said, I don't think. [00:02:49] Speaker 03: And what I mean by that is, I view most of this as it's addictive. [00:02:55] Speaker 03: It's pure counsel argument. [00:02:58] Speaker 03: And you can say, well, the burden's on them, so we don't have to do anything. [00:03:04] Speaker 03: And my personal analysis as counsel is this. [00:03:08] Speaker 03: But you haven't cited this to anything. [00:03:14] Speaker 00: But what I've tried to do and I apologize for that difficulty is I have tried to to go through Kirk up and in particular the portions of Kirk up that the examiner is alleging and then the board affirmed based on those findings is alleging represents intercepting a permission request. [00:03:30] Speaker 00: And like I said I mean that there's the first major point is [00:03:34] Speaker 00: I think that the entire construction that the board was relying on, that the examiner was relying on, that the solicitor seems to be relying on. [00:03:40] Speaker 03: You don't have a person of skill telling us that. [00:03:42] Speaker 03: You have us, you, telling us that. [00:03:46] Speaker 00: Well, and what I would respond to that is, I guess, even under their plain and ordinary meaning, I don't necessarily think we have intercepting a permission request here. [00:03:56] Speaker 00: But with respect to the first one, I don't think [00:04:01] Speaker 00: that the board really appreciated and looked at the specification. [00:04:05] Speaker 00: And the reason is, if you look at the OAuth reference, and you go and look through the OAuth reference, our specification explicitly discusses the OAuth reference. [00:04:13] Speaker 00: So I don't necessarily mean, I fully appreciate your point, and I apologize for not having expert declaration or testimony or something like that. [00:04:20] Speaker 00: The specification actually discusses the OAuth reference. [00:04:23] Speaker 00: The specification talks about how we're intercepting the standard OAuth 2.0 authorization flow. [00:04:29] Speaker 03: Well, how do you deal with page 25 of the red break? [00:04:32] Speaker 03: where the director says, quote, UNC's assertion that sections 1.4.2 and 1.4.3 of OAuth do not pertain to a web client was not raised below and is thus waived on appeal. [00:04:51] Speaker 00: So I would respond in two ways. [00:04:53] Speaker 03: The first way that I would respond is that I hope you'll respond by telling me where it was raised on below. [00:05:03] Speaker 00: Well, I would respond by saying that we can't raise an APA challenge to a lack of substantial evidence below. [00:05:09] Speaker 00: That the issue here is the examiner made a factual finding that this was disclosed, and we can't challenge that. [00:05:16] Speaker 00: We can't challenge that under the APA for a lack of substantial evidence at the board. [00:05:20] Speaker 01: The board said that the references need not use the exact word intercepted. [00:05:27] Speaker 01: And if you look at Kirkup, [00:05:31] Speaker 01: Kirkup says the application permissions module may be configured such that at a later time a request for applications permissions may be repeated. [00:05:44] Speaker 01: And just above that, this is column five. [00:05:50] Speaker 01: They may be configured to review the list and modify or disable certain options. [00:05:55] Speaker 01: Isn't that sufficient for intercepting? [00:06:00] Speaker 00: I would say that that doesn't really constitute intercepting. [00:06:03] Speaker 00: I don't know that even constitutes interrupting in progress, which was the board's stated definition of intercepting. [00:06:10] Speaker 00: There you're talking about, I guess what I would set back and ask is in Kirkup, what is it that the office is alleging is the permission request? [00:06:17] Speaker 00: So in Kirkup, you have this permissions module manager, right? [00:06:22] Speaker 00: And so Kirkup discloses, [00:06:24] Speaker 00: For example, did it use use of an application permissions module, which may identify and then parenthetical. [00:06:31] Speaker 00: And I'm reading from APPX 509, which is Kirk up paragraph 23. [00:06:37] Speaker 01: And don't we owe deference to the board in its interpretation of what the reference teaches? [00:06:48] Speaker 00: I would say that from a claim construction perspective, for the first issue, it's de novo. [00:06:56] Speaker 00: In terms of deference to what the board teaches, yes, but I think that here there's not substantial evidence support for the board's finding. [00:07:03] Speaker 00: And also, I'm not sure the board on some of these even made an explicit factual finding. [00:07:08] Speaker 00: But moving back to that portion of Kirkup. [00:07:10] Speaker 00: So it says, discloses use of an application permissions module, which may identify, and then it says parenthetical, [00:07:16] Speaker 00: e.g. [00:07:17] Speaker 00: receive from each software application closed parenthetical a set of application permissions required for that software application. [00:07:24] Speaker 00: So I think the first thing I would query is what exactly is the permissions request. [00:07:30] Speaker 00: So is it the communication that's received from each software application or is it as the board or the examiner sometimes seem to suggest some sort of pop-up interface that actually then shows you and gives you the ability for a user to accept. [00:07:45] Speaker 00: In the first case I would say if it's actually the [00:07:48] Speaker 00: communication of receiving from that software application at the application permissions module, I would say that's just the intended flow, right? [00:07:56] Speaker 00: I mean, the permissions request is communicated from the software application and then received at the application permission module. [00:08:06] Speaker 00: I don't know how that's really being interrupted in progress. [00:08:08] Speaker 00: It's just being communicated in accordance with what the application expects to do. [00:08:14] Speaker 01: Under the second if you're modifying aren't you necessarily interrupting? [00:08:21] Speaker 00: Well, I would say that they've they've received it And I don't know that they're really interrupting they talk about it could be done again later After the users made their first decision presumably I think in contrast what the present application the present claims are focusing on is you have a [00:08:39] Speaker 00: communication, a permissions request that is not intended to be intercepted by the web browser extension at all, and then it is, and it's intercepted. [00:08:48] Speaker 00: That's not the intended recipient, whereas here that's the intended recipient. [00:08:52] Speaker 00: And the interface in both cases, both in the OAuth reference as well as in the Kirkop reference, is only displayed after that permissions request communication is fully communicated. [00:09:03] Speaker 00: It's never that screen, which the board and the office and the examiners seem to suggest constitutes. [00:09:11] Speaker 00: Again, it's not clear whether they think that is the permissions request or whether it's the actual electronic communication ahead of time. [00:09:16] Speaker 00: The electronic communication has already been completed before that interface is even displayed. [00:09:21] Speaker 02: Mr. Dore, you argue that the board's claim construction with regard to intercepting was too broad, should be set aside. [00:09:33] Speaker 02: Correct? [00:09:34] Speaker 02: Yes. [00:09:35] Speaker 02: Is there anything that prevents you from amending your claims? [00:09:41] Speaker 00: Well, here we actually tried to work with the examiner several times to amend the claims. [00:09:46] Speaker 00: At one point we even sat down with the examiner, the inventor did as well, and tried to work with him. [00:09:51] Speaker 00: And we proposed multiple different claim amendments. [00:09:54] Speaker 00: We actually did amend the claims and came up with this. [00:09:56] Speaker 00: And repeatedly, every time we admitted the claims, he came up with a new unreasonable claim construction. [00:10:02] Speaker 00: And eventually, we just decided to appeal it. [00:10:05] Speaker 00: Maybe that was the wrong call. [00:10:07] Speaker 00: But ultimately, we don't think that his factual findings and reading of the references is correct here. [00:10:16] Speaker 02: You seem to be complaining that intercepting was so broad that it would read on intercepting a request from anywhere. [00:10:27] Speaker 02: seem to be arguing that the claim should be limited to require that requests be generated in a remote location or something to that effect. [00:10:38] Speaker 02: Why not just put that in the claim? [00:10:41] Speaker 00: We certainly can. [00:10:42] Speaker 00: And at the lower, at the board, we certainly focused a lot on the argument. [00:10:46] Speaker 00: We didn't feel like that was necessarily getting a lot of traction. [00:10:50] Speaker 00: We continue to think that it's just the intercepting. [00:10:52] Speaker 00: And looking at the way the board issues a decision, we feel like the part that was [00:10:56] Speaker 00: incorrect was construing it to be intercepting a permission request at all, and that that's most clearly emphasized by the construction of intercepting to read on the OAuth authorization prior art flow that was specifically disclosing the specification as being intercepted. [00:11:13] Speaker 02: Even the examiner in the examiner's office section laid out in several paragraphs, I'm referring to appendix 360 and 361, [00:11:26] Speaker 02: It would help if you could amend your claims and clarify exactly what you're trying to find, trying to recite. [00:11:37] Speaker 02: It seems to me that the problem here is that you've left yourself vulnerable to the arguments that you're saddled with, but you're as an applicant, you have the right to amend. [00:11:53] Speaker 00: Entirely correct, Your Honor. [00:11:54] Speaker 00: I think that one of the frustrating parts, and I'll sit down after this, is that the examiner frequently in office actions would just allege in a blanket manner, recite all the claim recitation back at us, and then allege with some sort of blanket site to a portion of a reference that it was disclosed when in fact it wasn't there. [00:12:12] Speaker 02: But if you amend the claim, then you can argue specifically to the examiner, no, here it is. [00:12:17] Speaker 02: It's in the claim. [00:12:18] Speaker 00: And when we amend it, he would then use that new amended language and just point to either the same portion or a different portion, even though it just wasn't there. [00:12:25] Speaker 00: Like here. [00:12:26] Speaker 02: Maybe, but you'd be in a better position to argue before the board and us than you are now. [00:12:31] Speaker 00: OK. [00:12:32] Speaker 02: I'll reserve the remainder of my time for a minute. [00:12:34] Speaker 01: I was going to intercept you, but I don't need to. [00:12:37] Speaker 00: Thank you. [00:12:38] Speaker 01: I'll save the remainder of your time. [00:12:48] Speaker 04: Thank you, Your Honors, and may it please the Court. [00:12:50] Speaker 04: UNC is seeking broad method claims to a method of customizing permissions granted to third party applications. [00:12:57] Speaker 04: It has focused much of its briefing and its arguments on the disclosure or the deficiencies of the OAuth reference. [00:13:03] Speaker 04: But it's disregarding that the examiner and the board relied on the combination of OAuth with Kirkup and that Kirkup teaches [00:13:11] Speaker 04: much of the disputed limitations, including the intercepting limitation. [00:13:15] Speaker 04: And in fact, UNC admitted in its opening brief at page 24 that Kirkup is a great example of a method for customizing the permissions to a third-party application. [00:13:24] Speaker 03: If we disagree with UNC's claim constructions, the rest of the case go away? [00:13:34] Speaker 04: I don't believe so, Your Honor. [00:13:35] Speaker 04: As we laid out in our brief at page 34, [00:13:38] Speaker 04: Kirkup discloses intercepting under either construction. [00:13:42] Speaker 04: So I think either way. [00:13:44] Speaker 03: But if we. [00:13:45] Speaker 04: Oh, sorry. [00:13:46] Speaker 04: I think I twisted your question. [00:13:48] Speaker 04: If you disagree with their construction, yes, I believe so, because substantial evidence supports the rest of the board and the examiner's conclusions with respect to claim 22. [00:13:59] Speaker 04: In particular, for those additional limitations that it focused on, the examiner laid out [00:14:05] Speaker 04: where each of the limitations was disclosed by the combination of Kirkup and the OAuth reference. [00:14:12] Speaker 04: In response, UNC chose just to say that it was not disclosed. [00:14:16] Speaker 04: That's pretty much the summary of their argument that no, the prior art does not disclose what the examiner thinks it's disclosing full stop. [00:14:24] Speaker 04: The board considered that argument and found it unpersuasive of error. [00:14:27] Speaker 04: So I think on a balance when you have the examiner's citation to the statutory basis, the exact citations in the prior art, [00:14:34] Speaker 04: and a summary of its analysis in light of just saying, no, it's not there, I think that's a pretty good case of substantial evidence supporting the examiner and the board's interpretation. [00:14:45] Speaker 04: Just speaking briefly to the board's construction and intercepting, as I mentioned, it's disclosed by Kirkup under either construction. [00:14:53] Speaker 04: I think it's pretty clear that Kirkup explains that you have this phone and you want to install an app. [00:15:00] Speaker 04: And before this module was invented by Kirkup, [00:15:03] Speaker 04: your application would install on your phone, and maybe it would not have the full set of permissions that it needed to run. [00:15:09] Speaker 04: Or maybe it would have more permissions than the user would want to give the application. [00:15:13] Speaker 04: So Kirkup has this module that intercepts the permission requests as they come in and allows the user to modify them. [00:15:19] Speaker 04: So that's completely consistent with the claim limitations here. [00:15:24] Speaker 04: The board's construction is also completely reasonable as it is consistent with the claims. [00:15:30] Speaker 04: The claims do not recite [00:15:32] Speaker 04: intercepting an OAuth flow or intercepting a conventional authorization flow, it's intercepting a first permission request. [00:15:40] Speaker 04: So the board's construction was completely consistent with the claim language. [00:15:45] Speaker 04: It was also consistent with the spec that while UNC focuses on the one preferred embodiment on Appendix 57 that talks about intercepting conventional flow, the rest of the specification is much broader than that. [00:15:58] Speaker 04: And I would point you to paragraphs 19 on Appendix 43 and also paragraph 35 on Appendix 45, which just broadly discuss intercepting a first permission request, just like Kirkup does. [00:16:11] Speaker 04: And in fact, paragraph 19 in Appendix 43 talks about the receiving of a first permission request, which is the exact same language that Kirkup uses in its paragraph 23, which Your Honors discussed earlier. [00:16:25] Speaker 04: So finally, I think with respect to claim 22, the last point I'd like to raise is that there were a number of arguments raised on appeal. [00:16:35] Speaker 04: Some only raised newly in the reply brief regarding the disclosures of the OAuth reference and the deficiencies on claim 22. [00:16:43] Speaker 04: We would argue that those are raised. [00:16:44] Speaker 04: Your Honor raised the first point about [00:16:47] Speaker 04: Section 1.4.2, and I don't believe my co-counsel actually identified where that was raised. [00:16:53] Speaker 04: I don't believe that there's any precedent supporting the fact that the APA provides some loopholes that you can only raise arguments for the first time on appeal to this court. [00:17:02] Speaker 04: In addition, they raised the argument that the web browser extension is not an authorization server. [00:17:07] Speaker 04: That was not raised below. [00:17:08] Speaker 04: Indeed, they focused on the functionality throughout the case about the function of the web browser extension. [00:17:15] Speaker 04: And that's exactly what the examiner focused on, the parsing, the determining, all of those functions. [00:17:22] Speaker 04: And they raised one final argument in their reply brief, something about a scope token being a code, scope parameter being a token request versus a code. [00:17:32] Speaker 04: I'd just like to point out, again, that was just raised in the reply brief, not to the board, the examiner, or even in their opening brief. [00:17:40] Speaker 04: So unless your honors have any other questions, I'll yield the remainder of my time. [00:17:44] Speaker 01: Thank you, counsel. [00:17:45] Speaker 01: Mr. DeRay has a little bit of time. [00:17:52] Speaker 00: May I please the court? [00:17:53] Speaker 00: Thank you, Your Honors. [00:17:54] Speaker 00: I want to spend the last of my time talking about the additional limitations of Claim 22, which I think the solicitor briefly mentioned at the end there, talking about even accepting that I'm unsuccessful, that UNCC is unsuccessful on the intercepting argument on convincing this court that the claim construction of intercepting is erroneous. [00:18:12] Speaker 00: LAMP-22 includes a number of additional languages. [00:18:15] Speaker 00: For instance, it talks about parsing by a web browser extension a first URI loaded via the web browser and determining that URI contains a substring, indicating that the first URI represents a permission request. [00:18:31] Speaker 00: None of this is disclosed in the OAuth reference. [00:18:36] Speaker 00: Notably, the solicitor in the brief doesn't even specifically allege or try to support the examiner's findings regarding this, that this is somehow disclosed in the reference. [00:18:45] Speaker 00: Instead, the solicitor proceeds on a waiver theory. [00:18:48] Speaker 00: This was somehow waived and similarly proceeds on a waiver theory with respect to some of the other arguments made. [00:18:55] Speaker 00: Somehow or not raised below? [00:18:58] Speaker 00: Well, I would submit that, [00:19:00] Speaker 00: What was raised below and the argument below was this claim limitation is not disclosed in the prior art. [00:19:06] Speaker 00: And that an additional explanation of exactly why is not, I would submit that's not raising a new argument. [00:19:12] Speaker 00: That's responding to points the solicitor made. [00:19:14] Speaker 00: That's additionally explaining, emphasizing why it's simply not contained in the prior art. [00:19:20] Speaker 00: The examiner's entire allegation and made a specific factual finding basically just quoting the claim recitation [00:19:27] Speaker 00: and then pointing to three different sections of the reference without actually explaining where in the reference it was. [00:19:34] Speaker 00: And the fact is it just isn't there. [00:19:35] Speaker 00: I mean, it is... [00:19:38] Speaker 00: It is a strange thing to ask to flip the prima facie burden, to ask the applicant to go through the entire every single section recited or quoted, and then explain why each one of those sections does not represent the recited claim language. [00:19:52] Speaker 00: Plain fact is, none of it represents the recited claim language, and it's pretty clear. [00:19:55] Speaker 01: The claim language extends over two pages. [00:19:59] Speaker 00: It does, and it was not found in that specific, I mean the specific step of parsing by a web browser extension, a first URI loaded via the web browser, determining by the web browser extension that the URI contains, that step, that claim limitation is just not found in OAuth, in the OAuth 2.0 reference, which isn't surprising given that the entire specification talks about how it's an improvement on that OAuth 2.0 [00:20:26] Speaker 00: flow. [00:20:27] Speaker 00: So it's unsurprising that, in fact, that was not contained in the OAuth reference. [00:20:32] Speaker 00: The office is trying to flip the burden. [00:20:35] Speaker 00: And then when I explain exactly why that limitation is not there, they're then saying that it was waived. [00:20:42] Speaker 00: We raised the argument below that limitation was not there. [00:20:44] Speaker 00: We have attempted to explain why. [00:20:47] Speaker 01: Thank you. [00:20:47] Speaker 01: Thank you, counsel. [00:20:48] Speaker 01: The case will be submitted. [00:20:55] Speaker 00: during until Monday morning. [00:20:56] Speaker 00: It's an o'clock a.m.