Newegg Beats Patent Troll Over SSL and RC4 Encryption

New submitter codguy writes to note that a few days ago, and after a previous failed attempt to fight patent troll TQP Development in late 2013, Newegg has now beaten this troll in a rematch. From the linked post: "Newegg went against a company that claimed its patent covered SSL and RC4 encryption, a common encryption system used by many retailers and websites. This particular patent troll has gone against over 100 other companies, and brought in $45 million in settlements before going after Newegg." This follows on Intuit's recent success in defending itself against this claim.

Good

[msobkow]

What would be fitting is for all those "settlements" to be automatically overturned and the troll forced to refund the money.

But I know it doesn't work that way. If you wuss out and pay the toll, there is no getting your money back from the troll.

Re:Good

[mspohr]

Usually the settlement documents specifically state that if the patent/etc. is declared invalid that they get to keep the money anyway.

So... $45 million is not a bad run for this troll. It will probably encourage them to keep the extortion ring going with another worthless patent.

Re:Good

[alvinrod]

What money?

Do you think the patent trolls are going to keep that money on hand where something like that might happen. The money will have been spent on something, like a big bonus for the CEO or paid out in fees for expert witness testimony to someone's friend. Perhaps they needed a new company car which just happens to be a Rolls-Royce or something similar.

Anyone crooked and morally bankrupt enough to even run this type of enterprise isn't going to keep the money sitting around. Eventually the jig is up and if there's no money left, it's easy to abandon and move on to something else.

Re:Good

[KGIII]

I do not think so? The judgment is usually that the party is not infringing as charged. There may be legitimate (in the legal sense) suits against other people. I did not read the article however.

Re:Good

[Solandri]

This. This needs to be made illegal. Patent licensing fees should be returned (minus reasonable administrative fees) if the patent is overturned. Force the burden of proving the patent is indeed valid back upon the patent holder. Don't force the purported violator to prove the patent is invalid.

If the USPTO could control the patents it gives out so the rate they're overturned upon challenge is low, then it makes sense to force violators to prove the patent is invalid. But because they're seemingly willing to give out patents for anything and the rate they're overturned, it makes more sense to shift the burden onto the patent applicant to take reasonable steps to make sure his patent is ironclad and will not be overturned. If the patent applicant's confidence in his own patent is so low he isn't sure it won't be overturned upon a detailed review, then that's a pretty good indication the idea isn't really worthy of a patent in the first place.

This also has the effect of making pure IP companies a high-risk business. If all you do is license patents and one of your main patents gets overturned, it could bankrupt you. But if you're actually using the patent to make stuff, then you'll have an alternate revenue stream which will allow you to survive having to pay back the licensing fees.

There is a drawback in that companies may be more willing to license specious patents, in hopes that someone else will go through the expense of fighting it. If someone else fights it and wins, you get your money back, so why should you fight it? On the patent's holder's side, this creates a multi-year potential liability in the accounting books even if you have a valid patent. A sunset period of a few years after which you can't recover licensing fees (or a graduated return period, so after say 3 years you have to pay back 50%, after 5 years 25%, after 7 years you can keep it all) would address both problems.

Re:Good

[dissy]

Usually the settlement documents specifically state that if the patent/etc. is declared invalid that they get to keep the money anyway.

So... $45 million is not a bad run for this troll. It will probably encourage them to keep the extortion ring going with another worthless patent.

I see no mention in the newegg blog about the patent being declared invalid, only that newegg was declared not infringing upon it.

While I'm sure this ruling will help anyone else in the future who is simply using SSL on their web server, it doesn't really help anyone else the troll sues who they feel is using SSL/RC4 differently.

They only really need a new worthless patent to go after the same targets they already sued or planned to sue for the same reason.
They get to keep using this same worthless patent still however, just against a different group of targets.

Re:Good

[fredgiblet]

I don't agree. A pure research/engineering company that produces ideas and sells them with no intent on actually putting them into production THEMSELVES isn't a bad thing. As long as they are actually, you know, producing rather than just buying unenforced patents and suing people.

Just in time to phase it out

[jandrese]

Sure is nice that we can freely use this form of encryption that should never be used anymore.

Re:Just in time to phase it out

[Qzukk]

That's OK, the troll has probably already filed for patents on using some other encryption algorithm they didn't invent with some other communications protocol they didn't invent, that was originally designed to be able to use the algorithm in the way they claim they invented.

Justice?

[Stan92057]

And liberty and justice for all...who can afford it.

Sale

[Coren22]

They are also throwing a sale to celebrate.

http://www.newegg.com/When-We-...

I was taken a little by surprise over this yesterday when I got the email about it, I wasn't even aware of the court fight going on. I am happy to hear that Newegg is standing up to the trolls, and their shirt about it is kind of cute.

http://www.newegg.com/Product/...

Newegg looks to be doing the right thing...

[QuietLagoon]

It is great to see Newegg fighting the right battles and winning against patent trolls.

.
Kudos to Newegg.

Obsolete crypto shows problem of software patents

[l2718]

It's worth noting that there are known attacks against RC4 (especially SSL using RC4). While these aren't quite practical yet, it is clear that RC4 is obsolete, and that current programmers should choose other stream cyphers (AES). Even supposing the patent was legitimate, the technology it covers has become obsolete well within its lifetime.

This illustrates one of the key reasons software (that is, algorithms) shouldn't be patentable: the field moves so fast that 20-year patent protection isn't useful. Even supposing the authors of software need patent protection to recoup their "investment" in inventing the algorithm, 20-year protection is effectively an infinite term, since by the time the protection ends, the technology is obsolete.

As an aside, note that patenting a protocol (such as RC4) automatically ends its usefulness. Protocols are only useful if the other party to the communication can participate, and interoperability is very important in software. Patents are ill-suited for this. Copyright, on the other hand, works well: the code you write is protected, but anyone else can write their own code to implement the protocol and communicate with you.

Re:Obsolete crypto shows problem of software paten

[l2718]

So what's your stance on RSA, one of the early software patents, which is still used everywhere?

I didn't try to articulate every problem with software patents, merely those illustrated by the just-overturned patent covering SSL using RC4. Note that RC4 itself is about 30 years old, and was developed by RSA security.

In any case, regarding the RSA cryptosystem itself, it was developed by several academics (independent of its previous, secret, invention GCHQ), and clearly it would have been developed and published even without the extra bonus of patent protection. It's important to remember that patents are a means to an end ("promot[ion] of Progress of Science and useful Arts") -- which is not to make money for inventors but to provide them an incentive to invent for the public good. In other words, a Patent is a way for the public to give up something (the natural possibility of making use of an invention you hear about) in return for a different advantage (getting the invention made in the first place). If inventors would invent even without the extra incentive, there is not need for the incentive.

Since practically all the value of inventiveness in the software business can be captured simply by writing the software (and, in cryptography especially, by ordinary academic incentives such as promotion, tenure and professional recognition), software patents don't help. Instead they hinder.

For a salient example consider the LZW patent. The algorithm was designed by two academics (Lempel and Ziv of the Technion). The main effect of the patent was to end the widespread use of .gif files (the GIF standard specified LZW compression), which dominated the early internet. Rather than knuckle under and pay licensing fees (and end free-software projects like Mozilla), the internet community developed PNG, an equivalent but patent-unencumbered compressed raster image format. Practically the whole internet switched to PNG -- showing that useful technology can be invented without the patent incentive, and that when there is no patent it is much more widely used for everyone's enjoyment.

PS: It is likely that the LZW patent was invalid (patenting an abstract algorithm), but nobody wanted to take the legal risk of going to course to invalidate it. This obnoxious patent has since expired.