
    SECURE WEB CONFERENCE CORPORATION, Plaintiff-Appellant v. MICROSOFT CORPORATION, Defendant-Appellee. Logitech Inc., Defendant.
    No. 2015-1321.
    United States Court of Appeals, Federal Circuit.
    Feb. 17, 2016.
    
      Wayne Michael Helge, Davidson Ber-quist Jackson & Gowdey, LLP, McLean, VA, argued for plaintiff-appellant. Also represented by James Daniel Berquist, Arlington, YA; Jonathan Tad Suder, Friedman, Suder & Cooke, Fort Worth, TX.
    Chad J. Peterman, Patterson Belknap Webb & Tyler LLP, New York, NY, argued for defendant-appellee. Also represented .by William F. Cavanaugh, Jr.
    Before Lourie, Bryson, and Stoll, Circuit Judges.
   STOLL, Circuit Judge.

Secure Web Conference Corporation (“Secure Web”) appeals the district court’s construction of several patent claim terms in a patent infringement lawsuit it initiated against Microsoft Corporation (“Microsoft”). Secure Web argues that the district court improperly imported limitations from specific embodiments into the challenged constructions. Because the district court correctly construed the terms at issue by considering the language of the claims themselves and by looking to the patent specification for guidance on claim term meaning, we affirm.

Background

Secure Web owns U.S. Patent Nos. 6,856,686 (“'686 patent”) and 6,856,687 (“'687 patent”), which are both directed to providing a method and system for enabling encryption of data in a manner that provides increased security. '686 patent, col. 1, ll. 50-51; '687 patent, col. 1 ll. 34-41. The patents differ little. The '686 patent, issued on February 15, 2005, describes a method for securing communications between two microprocessor devices, such as between two telephones, fax machines, and/or computers. The patent describes achieving secured communications through the use of a “security device,” which has encryption and decryption capa-" bilities and interfaces with each of the microprocessor devices. Figure 1 depicts the system at a high level.

Exemplary claim 1, with the- term at issue in this appeal italicized, recites:

1. A method for exchanging data between a plurality of microprocessor based devices over a computer network so as to frustrate unauthorized access to said data, said method comprising: providing a plurality of security devices each being associated with at least one of said plurality of microprocessor based devices;
establishing a point-to-point electronic communications session between a first of said security devices being associated with a first of said microprocessor based devices and a second of said security devices being associated with a second of said microprocessor based devices;
exchanging security data between said first and second security devices using said point-to-point communications session;
encrypting data to be transmitted using said first security device and said security data; and,
transmitting said encrypted data from said first microprocessor based device to said second microprocessor based device over said computer network.

'686 patent col. 14 11. 40-61.

The '687 patent issued on February 15, 2005 as a continuation-in-part of the application that became the '686 patent. The '687 patent further claims a security device operable on both wired and wireless networks and with varying network bandwidths. Claim 29, with the terms at issue in this appeal italicized, is the only asserted claim from the '687 patent:

29. A device for providing secure communications over a network comprising: a communication port for transfer of audio data;
a plurality of communication ports for transfer of digital data;
a keypad;
an encoding/decoding device; a conversion device operable to convert between audio and digital data;
a processor, in communication with a memory, said keypad and said encoding/decoding device, operable to execute code for:
selecting a configuration of a transmission and a reception port from among said communication ports dependent upon the presence of a network communication device and an input/output device in communication with said selected ports;
providing data received from said selected reception port to said encryption/decryption device for encrypting; and
providing said encrypted data to said selected transmission port.

'668 patent col. 101.58-col. 121.6.

Secure Web sued Microsoft in the United States District Court for the Eastern District of New York, accusing Microsoft’s Skype and Lync products of infringing the asserted claims of the '686 and '687 patents. The district court entered a claim construction order largely in Microsoft’s favor, at which point the parties stipulated to a judgment of noninfringement. The stipulation provides that, for each patent, each of the appealed claim constructions constitutes a separate and independent ground for noninfringement, both literally and under the doctrine of equivalents.

Secure Web timely appealed, and we have jurisdiction to review under 28 U.S.C. § 1295(a)(1).

Discussion

The “ultimate interpretation” of a claim term, as well as interpretations of “evidence intrinsic to the patent (the patent claims and specifications, along with the patent’s prosecution history),” are legal conclusions, which this court reviews de novo. Teva Pharm. USA, Inc. v. Sandoz, Inc., — U.S.-, 135 S.Ct. 831, 841, — L.Ed.2d - (2015). Where a district court “make[s] factual findings about ... extrinsic evidenced[, however,] th[e] subsidiary factfinding must be reviewed for clear error on appeal.” Id. Because the district court relied only on intrinsic evidence in this case, our review is de novo.

I. '686 Patent

The district court construed the claim term “security device” as “a standalone telecommunications device, external to and separate from the associated microprocessor based or electronic device, capable of encrypting and decrypting data.” Secure Web Conference Corp. v. Microsoft Corp., No. 13-CV-2642, 2014 WL 4954644, at *2-5 (E.D.N.Y. Oct. 2, 2014) (Dist. Ct. Op.) (emphases added). Secure Web disputes that a person of ordinary skill in the art, having considered the intrinsic record, would understand that a security device is limited to “stand-alone” devices that are “external to and separate from” the underlying microprocessor based devicé(s).

Claim construction seeks to ascribe the “ordinary and customary meaning” to claim terms as they would be understood to a person of ordinary skill in the art at the time of invention. Phillips v. AWH Corp., 415 F.3d 1303, 1312-14 (Fed.Cir. 2005) (en banc) (citing Vitronics Corp. v. Conceptronic, Inc., 90 F.3d 1576, 1582 (Fed.Cir.1996)). “[T]he claims themselves provide substantial guidance as to the meaning of particular claim terms,” id. at 1314, and therefore “the context of the surrounding words of the claim also must be considered in determining the ordinary and customary meaning of those terms,” ACTV, Inc. v. Walt Disney Co., 346 F.3d 1082, 1088 (Fed.Cir.2003). But “the person of ordinary skill in the art is deemed to read the claim term not only in the context of the particular claim in which the disputed term appears, but in the context of the entire patent, including the specification.” Phillips, 415 F.3d at 1313. Indeed, the specification is “the single best guide to the meaning of a disputed term” and “[u]sually, it is dispositive.” Id. Thus, “claims ‘must be read in view of the specification, of which they are a part.’ ” Id. at 1315 (quoting Markman v. Westview Instruments, Inc., 52 F.3d 967, 979 (Fed.Cir. 1995) (en banc), aff'd, 517 U.S. 370, 116 S.Ct. 1384, 134 L.Ed.2d 577 (1996)).

Applying those principles here, we conclude that one of ordinary skill in the art reading the specification would have understood a security device to be a standalone device that is separate from and external to the associated microprocessor device(s). All descriptions of the security device in the intrinsic record are limited to a stand-alone device. Nothing in .the intrinsic record suggests that the patentee intended a broader notion of a security device. Significantly, at no point does the specification contemplate a security device embedded within a microprocessor-based device. To the contrary, the specification touts the separate and stand-alone nature of the security device as an advantage,

First, the Background of. the Invention section characterizes the security device as an add-on component to existing microprocessor-based devices, explaining that “as many users already possess telephones, facsimile machines and computers, it is desirable to provide a security device capable of performing [security] functions in connection with these existing devices.” '686 patent col. 111. 43-48. The remainder of the specification reinforces that using a stand-alone security device is not mere happenstance.

For example, in an embodiment where the microprocessor-based device is a computer, the specification explains that separating the security device from the microprocessor-based device advantageously allows a user to secure data residing in the microprocessor-based device in the event it is lost or stolen. Explaining how the separate security device will store a decryption key needed to decipher messages, the specification notes that “separation of the [security] device 10 from the computer 40 acts as a means of securing data residing in the computer 40.” Id. col. 10 1.67 — col. 11 l.2. Continuing, the specification explains that a user “could instruct computer 40 to transmit a file to the [security] device 10 for encryption with the permanent key”' and the “encrypted file would then be re-transmitted back to the computer.” Id. col. 11 11. 4-6. “In this way, even if the computer 40 becomes lost or stolen, unauthorized access to the encrypted file could still be frustrated by adequately safeguarding device 10.” Id. col. 11 ll. 12-15. This benefit is derived directly from the separation of the security device and the computer.

Not only does the specification describe specific advantages gained from separating the security device from the microprocessor-based device, but also it never once suggests embedding the security device within the microprocessor-based device. Figure 1 of the '686 patent illustrates the system described by the patent and clearly depicts the security device separate from and external to the microprocessor-based devices connecting to it. Figure 2 provides a detailed view of the security device itself. Figure 2 shows, and the associated text describes, several sets of input/output ports on the security device so that various microprocessor-based devices may become “coupled” to it. Id. Fig. 2 and col. 3 11. 8-34. Figure 2 and its associated text also indicate that the security device has its own microcontroller. Id. The existencé of ports for interfacing with other devices and the use of an independent microcon-troller exhibit the level of self-sufficiency expected of a stand-alone device.

We are mindful not to limit claims to preferred embodiments, but in this case, the district court did not err in concluding that Figures 1 and 2 depict the essence of the claimed invention rather than a preferred embodiment. Particularly, the specification describes Figure 1 as depicting “a communication system according to the present invention” and Figure 2 as depicting “a telecommunications security device according to the instant invention.” Id. col. 2 ll.16-19. While the specification later describes Figure 2 as “a block diagram of a preferred form of the security device according to the instant invention” (Id. col. 3 ll.7-9), this statement does not change the understanding of “security device” at least because the specification repeatedly notes the importance of using an external security device, reinforcing that the security device of the invention is limited to stand-alone security devices. See Toro Co. v. White Consol. Indus., 199 F.3d 1295, 1300-01 (Fed.Cir.1999) (construing claim to require a particular configuration where specification described the importance of the configuration and did not disclose others).

Microsoft presented the district court with dictionary definitions of the word “device.” Secure Web argues these definitions led the district court astray, despite recognizing that “the district court did not expressly cite to or rely on Microsoft’s dictionary definitions in its Order.” Appellant Br. 25. This argument is unpersuasive, as the intrinsic record alone wholly supports the district court’s construction. Therefore, we, like the district court, do not rely on dictionary definitions to reach our construction. See Phillips, 415 F.3d 1303, 1318 (Fed.Cir.2005) (citing Markman, 52 F.3d at 980) (indicating that use of extrinsic evidence in claim construction is permissive, not mandatory); Virnetx, Inc. v. Cisco Sys., Inc., 767 F.3d 1308, 1316 (Fed.Cir.2014) (“Although courts are permitted to consider extrinsic evidence like expert testimony, dictionaries, and treatises, such evidence is generally of less significance than the intrinsic record.”).

Even were we to rely on dictionaries in this case, we would not likely find the definition of “device” useful because our construction does not hinge on the word “device” used in isolation. See IGT v. Bally Gaming Int’l, Inc., 659 F.3d 1109, 1117 (Fed.Cir.2011) (“Extracting a single word from a claim divorced from the surrounding limitations can lead construction astray. Claim language must be construed in the claim in which it appears.”). For this same reason, we are also unconvinced by Secure Web’s argument that because Figure 2 depicts an “encryption/decryption device” embedded within the security device, an inference can be drawn that the patentee used the term “device” throughout the patent to mean a component capable of being embedded. This attenuated argument does not overcome the specification’s consistent treatment of the actual term-in-dispute — “security device” — as a separate, stand-alone device.

In sum, a person of ordinary skill in the art having considered the intrinsic record would have understood the term security device to describe a stand-alone, external device that is separate from the underlying microprocessor device(s). Therefore, the district court did not err in construing “security device.”

The parties stipulated to a final judgment of noninfringement of the '686 patent under the construction of “security device” adopted by the district court. Because we adopt the district court’s construction of “security device,” we do not address the construction underlying the alternative stipulated ground for noninfringement as we need not decide more than is necessaiy to dispose of the case regarding to the '686 patent.. See Network Commerce, Inc. v. Microsoft Corp., 422 F.3d 1353, 1357 n. 3 (Fed.Cir.2005) (declining to construe claim term when noninfringement judgment is affirmed on other claim construction ground).

II. '687 Patent

The claim construction dispute for the related '687 patent concerns not the security device, but the network communication and input/output devices, which are the devices with which the security device interfaces. Nevertheless, the heart of the dispute remains the same: whether the security device and the interfacing devices must be separate from and external to one another.

The district court determined that the devices needed to be separate and external, construing the '687 claim term “network communications derice” as “a separate, external device, connected via a communications port on the ‘device for providing secure communications over a network,’ that allows for communications over the network” and the term “input/output device” as “a separate, external device, connected via a communications port on the ‘device for providing secure communications over a network,’ that inputs data into and receives data from the device.” Dist. Ct. Op., 2014 WL 4954644, at *7-8 (emphases added). Similar to its argument for the “security device" term in the '686 patent, Secure Web disputes that a person of ordinary skill in the art would recognize a “separate, external” limitation for these devices.

The constructions the district court reached for the terms “network communication device” and “input/output derice” have considerable support, particularly from the language of the '687 patent’s sole asserted claim, claim 29. As noted, “the claims themselves provide substantial guidance as to the meaning of particular claim terms.... the context in which a term is used in the asserted claim can be highly instructive.” Phillips, 415 F.3d at 1314 (citing Vitronics, 90 F.3d at 1582; ACTV, 346 F-3d at 1088). Here, asserted claim 29 recites that the security device contains “a plurality of communication ports for the transfer of digital data.” '687 patent col. 10 ll. 61-62. The security device also contains a processor used for “selecting a configuration of a transmission and a reception port from among said communication ports dependent upon the presence of a network communication device and an input/output device in communication with said selected ports.” Id. col. 11 ll.4-8 (emphases added). Thus, the claim is drawn to a security device that different devices can be connected to or disconnected from, resulting in a configuration change of the security device.

If the network communication device and input/output device were not separate from the security device, this capability would be unnecessary; the security device would not need to determine whether a network communication device or input/output device was present because they always would be. Instead, the claim language makes clear that the network configuration device and inpui/output device are, as the district court explained, “only contingently present.” Dist. Ct. Op., 2014 WL 4954644, at *13. This is to say that the devices are separate from and external to one another. We are not convinced by Secure Web’s argument that the “in communication with selected ports” limitation somehow cuts against this inference.

Beyond support from claim 29, the '687 patent specification provides additional support, for the district court’s construction, similar to that found for the security device construction in the '686 patent. For example, the specification describes that the security device is “portable,” which is made possible by use of a battery. '687 patent col. 4 ll. 59-63; see also id. col. 1 ll. 37, 55. The logical import of this description is that the security device and the devices with which it interfaces must be separate so that the security device remains portable. And, as with the '686 patent, the '687 patent figures and associated descriptions consistently depict and describe the security device as separate from and external to the network communication device and the input/output device.

Based on the intrinsic evidence, we conclude that the district court correctly construed “network communications device” and “input/output device.” Per the stipulated final judgment entered by the parties, each of these constructions is a ground for noninfringement of the '687 patent for Microsoft.

Conclusion

For the foregoing reasons, we affirm the district court’s entry of stipulated judgment of noninfringement.

AFFIRMED  