RC4 Source Code Posted - A Response from RSA Data Security, Inc.
Bruce Schneier
As most of you probably know, source code to RC4 was anonymously posted
to sci.crypt and to the Cypherpunks mailing list, and is now available
for anonymous ftp from sites all over the world. The following is RSA
Data Security, Inc.'s response to this. It seems like they wish to stuff
the genie back into the bottle.
Bruce
>From Mercury!RSA.COM!jim Fri Sep 16 18:42:29 1994
Return-Path: <Mercury!RSA.COM!jim>
Date: Fri, 16 Sep 94 16:08:34 PDT
From: j...@RSA.COM (Jim Bidzos)
To: schn...@chinet.chinet.com
Subject: Thank you Bob Anderson (fwd)
FYI... I'd appreciate if you posted this wherever you saw RC4...
WARNING NOTICE
It has come to RSA Data Security's attention that certain RSA
trade secrets, in the form of confidential and proprietary source
code, have been misappropriated and disclosed. Please be advised that
these acts, as well as any retransmission or use of this
misappropriated source code is a violation of the Uniform Trade
Secrets Act and various other state and federal laws. Any person or
entity that acquires, discloses or uses this information is subject to
criminal and civil penalties including an injunction, compensatory
damages, punitive damages and payment of RSA's attorneys fees.
RSA considers this misappropriation to be most serious. Not only
is this act a violation of law, but its publication is a gross abuse
of the Internet. RSA has begun an investigation and will proceed with
legal action against anyone found to have violated its intellectual
property rights.
Nick Jacobs
> It has come to RSA Data Security's attention that certain RSA
>trade secrets, in the form of confidential and proprietary source
>code, have been misappropriated and disclosed.
In other words, he's saying that the posted RC4 code is *not*
just code which duplicates the functionality of RSA's code.
He's saying that the actual posted code was stolen from
RSA. If that were the case, my sympathies in the matter would
be entirely with RSA. The big question is: Is Mr Bidzos telling
the truth?
Nick
Ken Arromdee
Nick Jacobs <nja...@access3.digex.net> wrote:
>> It has come to RSA Data Security's attention that certain RSA
>>trade secrets, in the form of confidential and proprietary source
>>code, have been misappropriated and disclosed.
>In other words, he's saying that the posted RC4 code is *not*
>just code which duplicates the functionality of RSA's code.
>He's saying that the actual posted code was stolen from
>RSA. If that were the case, my sympathies in the matter would
>be entirely with RSA. The big question is: Is Mr Bidzos telling
>the truth?
He's _not_ saying the posted code was stolen from RSA. He's _implying_ the
posted code was stolen from RSA, but he doesn't actually _say_ it.
In messages from lawyers, such things can make a difference.
--
Ken Arromdee (email: arro...@jyusenkyou.cs.jhu.edu)
ObYouKnowWho Bait: Stuffed Turkey with Gravy and Mashed Potatoes
"You, a Decider?" --Romana "I decided not to." --The Doctor
David Sternlight
Why would he lie? If it comes to trial, and there's good reason to believe
this one will, and he lied it would kill his case.
By the way, if you accept his statement literally (and thanks for pointing
out the phrasing--I didn't notice it) then all the stuff about reverse
engineering in our discussions of this become a red herring, and the problem
becomes the much simpler one of stolen trade secret (and copyright) code
having been disclosed, and then republished in whole AND part (as part of
the discussion of the code itself) by third parties.
David
David
--
People who post newsgroup flames
Must have flammable gas for brains.
Burma Shave.
ssatchell on BIX
>David
>David
As a licensee of RSA, I have a copy of the "offical" RC4 code. If someone
would email me the FTP information, I could look and see if the posted code
is identical to the code distributed by RSA.
--
Stephen Satchell, Satchell Evaluations ssat...@bix.com
Testing modems for magazines and industry since 1984 s...@well.sf.ca.us
Publisher of SEPTeL modem testing journal 70007...@compuserve.com
------------------------------------------------------------------------------
"I'm one less vote for an agenda that makes you want to throw up."
-- Republican Lindsey Graham.
Dan Hankins
> Why would he lie? If it comes to trial, and there's good reason to believe
> this one will, and he lied it would kill his case.
For the same reason I might raise on a hand of 2 4 6 7 K: To get my
opponent to fold on the chance I might have a strong hand.
Dan Hankins
dhan...@vnet.net
Alan Cox
>In other words, he's saying that the posted RC4 code is *not*
>just code which duplicates the functionality of RSA's code.
>He's saying that the actual posted code was stolen from
>RSA. If that were the case, my sympathies in the matter would
>be entirely with RSA. The big question is: Is Mr Bidzos telling
>the truth?
And would he like to post the original for comparison 8)
Alan
--
..-----------,,----------------------------,,----------------------------,,
// Alan Cox // iia...@www.linux.org.uk // GW4PTS@GB7SWN.#45.GBR.EU //
``----------'`----------------------------'`----------------------------''
ssatchell on BIX
I can't locate my source disks quickly, so any comparision will have to wait
for the weekend. There is the chance, too, that my source disks (they are
quite old) may not be the same version, complicating matters.
The updates I have received from RSA are binary-only.
Alan L Nelson
>Trade secrets and copyrights are not compatible. If the code has
>a copyright then it is not covered by trade secret statutes.
> --Ken Pizzini
FALSE. If the information is a trade secret, you can cut a diagonal
strip, usually 1 cm wide, across the page and submit that with the first
and last apges to the US Copyright office.
-Al
David Honig
be...@Uni-Trier.DE (Jochen Bern) writes:
>Just interested, is this still "an obviously US-related Discussion",
>as someone called it, or may I safely ask what Nations this Threat
>actually applies to?
Man, if you're in Haiti and you're using unauthorized RC4, are you up the
creek.
David Sternlight
He is the president of two important firms in this field, representing the
interests of MIT and Stanford. I don't think he'd play poker with his
clients' interests unless he had what Mark Twain called "the calm confidence
of a Christian with four aces."
Piet van Oostrum
KP> Trade secrets and copyrights are not compatible. If the code has
KP> a copyright then it is not covered by trade secret statutes.
False: if you write a piece of code, you (or your employer) have the
copyright. You don't have to do anything to get the copyright. The
copyright owner can release the work in the PD, thereby giving up the
copyright. But if you don't do that the work is copyrighted, even if you
keep it secretly in a vault.
--
Piet* van Oostrum, Dept of Computer Science, Utrecht University, (*`Pete')
Padualaan 14, P.O. Box 80.089, 3508 TB Utrecht, The Netherlands.
Telephone: +31 30 531806 Telefax: +31 30 513791 Internet: pi...@cs.ruu.nl
PGP public key by finger or WWW http://www.cs.ruu.nl/~piet
David Sternlight
ssatchell on BIX <ssat...@BIX.com> wrote:
>
>I can't locate my source disks quickly, so any comparision will have to wait
>for the weekend. There is the chance, too, that my source disks (they are
>quite old) may not be the same version, complicating matters.
If you confirm that the posted code is the real thing, would you be
violating your non-disclosure agreements (if any) by so doing?
David A. Honig
>If you confirm that the posted code is the real thing, would you be
>violating your non-disclosure agreements (if any) by so doing?
He is only offering to produce one bit, not to be a characterstic
function for RC4 over the set of all possible codes.
--
David A. Honig, informivore, AAAS, EFF, IEEE, LP
Why doesn't Philip Glass have carpal-tunnel syndrome?
Politicians prefer unarmed peasants without encryption technology...
Peter Berger
David Sternlight <strn...@netcom.com> wrote:
>In article <35lo6p$3...@ralph.vnet.net>, Dan Hankins <dhan...@vnet.net> wrote:
>>In artice <strnlghtC...@netcom.com> David Sternlight (strn...@netcom.com) wrote:
>>> Why would he lie? If it comes to trial, and there's good reason to believe
>>> this one will, and he lied it would kill his case.
>>
>>For the same reason I might raise on a hand of 2 4 6 7 K: To get my
>>opponent to fold on the chance I might have a strong hand.
>
>He is the president of two important firms in this field, representing the
>interests of MIT and Stanford. I don't think he'd play poker with his
>clients' interests unless he had what Mark Twain called "the calm confidence
>of a Christian with four aces."
That's what lawyers _do_, David. It's what we do. It's our job. It's
what we're paid for. He didn't get to where he is today be being a bad
poker player.
--
........................................................................
Peter G. Berger, Esq. Telerama Public Access Internet, Pittsburgh
Internet: pet...@telerama.lm.com Phone: 412/481-3505 Fax: 412/481-8568
http://www.lm.com/ gopher://gopher.lm.com/ ftp://ftp.lm.com/
Bill Dorsey
> [Jim Bidzos] is the president of two important firms in this field,
> representing the interests of MIT and Stanford. I don't think he'd play
> poker with his clients' interests unless he had what Mark Twain called
> "the calm confidence of a Christian with four aces."
David, where did you ever get the crazy idea that Jim Bidzos represents
the interests of MIT and Stanford? Public Key Partners owns the rights
to several patents originally field by MIT and Stanford. I don't see
how you jump from this fact to the assertion that PKP's president, Jim
Bidzos, represents MIT's and Stanford's interests. Please enlighten
those of us not equipped with your indefatigable sense of logic.
Also, this thread probably doesn't belong on sci.crypt. Doesn't anyone
out there know how to edit the Newsgroups and Followup-To fields
anymore?
--
Bill Dorsey "Nothing that results from human progress is achieved
dor...@lila.com with unamimous consent. And those who are enlightened
PGP 2.X pubkey before the others are condemned to pursue that light
available in spite of the others." -- Christopher Columbus
William Unruh
>David, where did you ever get the crazy idea that Jim Bidzos represents
>the interests of MIT and Stanford? Public Key Partners owns the rights
>to several patents originally field by MIT and Stanford. I don't see
Licenses the rights not owns the rights. As far as I have been told by the people at MIT
MIT still owns the patents. They simply gave PKP exclusive licenses.
--
Bill Unruh
un...@physics.ubc.ca
Dave Mack
Jay Ashworth <j...@zeus.IntNet.net> wrote:
>strn...@netcom.com (David Sternlight) writes:
>>In article <ssatchell...@bix.com>,
>>ssatchell on BIX <ssat...@BIX.com> wrote:
>>>I can't locate my source disks quickly, so any comparision will have to wait
>>>for the weekend. There is the chance, too, that my source disks (they are
>>>quite old) may not be the same version, complicating matters.
>
>>If you confirm that the posted code is the real thing, would you be
>>violating your non-disclosure agreements (if any) by so doing?
>
>
>Almost certainly not. He had no control over the release of the code I
>mailed him. He did not reverse engineer anything. He did not copy
>anything illegally. He did not release any code.
>
If I were you, I'd be a bit cautious about dispensing legal advice
unless you are actually a lawyer specializing in the intellectual
property area.
If I were a juror, it might be possible to convince me that someone with
privileged access to a trade secret would be violating an NDA by
confirming that a published item actually *is* the trade secret.
Analogy: someone posts a "Just Like Betty Crocker's German Chocolate
Cake" recipe in the cooking section of the local newspaper. A reader
who once worked for Betty Crocker and had access to Betty Crocker's
recipe writes a letter to the food editor informing them that the recipe
actually *is* the Betty Crocker recipe. Before that revelation, it was
just a recipe that produced a cake that tasted a lot like the one from
the Betty Crocker mix. After the revelation, you know a trade secret.
You can now go to your local black market bakery and begin flooding
the market with counterfeit Betty Crocker German Chocolate Cake mix
and become fabulously wealthy. (Betty Crocker is almost certainly
someone's trade mark - your guess is as good as mine.)
Before anyone jumps on me for offering a defective analogy - testing
crypto code can be done a whole lot more precisely than cake tasting and
equivalent output over a sufficient spectrum of input is essentially
proof of identity (we need not apply the cake analogy to this part, I
think :-) - let me remind you that the issue would be the
monetary loss suffered by the owner of the trade secret, in this case
RSADSI. If I want to sell a software package and assert in my advertising
that the encryption is compatible with RC4, I have to worry a little
bit about whether or not I have it right and if not, how badly I'm
going to get sued. Maybe it's cheaper to pay RSADSI for the real thing.
If I *know* that the posted RC4 is in fact the real thing thanks to
ssat...@BIX.com doing a source code comparison for me, I can use
it without having to pay any sort of royalty to RSADSI (legally, in
all probability - but don't take my word for it :-). RSADSI has therefore
suffered a monetary loss and has a legal right to compensation.
Does a trade secret cease to be a trade secret when something is
published which is *asserted* to be that secret or when a person
with privileged knowledge of the secret *confirms* that the published
item actually is the secret? I wouldn't want to bet my house on a
judge or jury rejecting the latter case.
--
Dave Mack
Manager, Computer Facilities
Senior Systems Administrator
IntelliGenetics, Inc./BIOSCI Project
Jay Ashworth
>In article <ssatchell...@bix.com>,
>ssatchell on BIX <ssat...@BIX.com> wrote:
>>I can't locate my source disks quickly, so any comparision will have to wait
>>for the weekend. There is the chance, too, that my source disks (they are
>>quite old) may not be the same version, complicating matters.
>If you confirm that the posted code is the real thing, would you be
>violating your non-disclosure agreements (if any) by so doing?
Since I'm the one who mailed him the posting, I'll take this one.
Almost certainly not. He had no control over the release of the code I
mailed him. He did not reverse engineer anything. He did not copy
anything illegally. He did not release any code.
Cheers,
-- jra
--
Jay R. Ashworth High Technology Systems Comsulting Ashworth
Designer Linux: The Choice of a GNU Generation & Associates
ka1fjx/4
j...@baylink.com "Hey! Do any of you guys know how to Madison?" 813 790 7592
scott johnson
>In article <366sm4$p...@zeus.intnet.net>,
[Betty Crocker analogy deleted.]
>
>Does a trade secret cease to be a trade secret when something is
>published which is *asserted* to be that secret or when a person
>with privileged knowledge of the secret *confirms* that the published
>item actually is the secret? I wouldn't want to bet my house on a
>judge or jury rejecting the latter case.
Well... it would seem to me that for RSADSI to claim that someone violated
their trade secret, they would have to testify that the text/information in
question actually IS their trade secret. If the RC4 code is NOT their trade
secret, then they have no claim on it whatsoever (even if it is, the only
complaint they have now is a possible copyright violation; they have no claim
on the algorithm. At least IMHO.)
If nobody confirms that the alledged RC4 code is indeed RSADSI's trade secret
(either RSADSI or someone else), then I see no reason for them to complain.
/sj/
David Sternlight
Jay Ashworth <j...@zeus.IntNet.net> wrote:
>strn...@netcom.com (David Sternlight) writes:
>>ssatchell on BIX <ssat...@BIX.com> wrote:
>>>I can't locate my source disks quickly, so any comparision will have to wait
>>>for the weekend. There is the chance, too, that my source disks (they are
>>>quite old) may not be the same version, complicating matters.
>
>>If you confirm that the posted code is the real thing, would you be
>>violating your non-disclosure agreements (if any) by so doing?
>
>
>Almost certainly not. He had no control over the release of the code I
>mailed him. He did not reverse engineer anything. He did not copy
>anything illegally. He did not release any code.
Consider the following: "A" posts the formula for Coca Cola, asserting that
it is just that. We don't know how "A" got what he posted, and we don't know
if it is the real formula or not.
"B", who knows the formula for Coca Cola, and is under non-disclosure, says
that the formula "A" posted is, in fact the real formula and that the reason
he knows that is that he has the real formula. It is known that "B" signed
the usual non-disclosure agreement, and it is known that the real formula
for Coca Cola is a trade secret.
Question: Has "B" done anything actionable at law?
William Unruh
>Before anyone jumps on me for offering a defective analogy - testing
>crypto code can be done a whole lot more precisely than cake tasting and
>equivalent output over a sufficient spectrum of input is essentially
>proof of identity (we need not apply the cake analogy to this part, I
>think :-) - let me remind you that the issue would be the
>monetary loss suffered by the owner of the trade secret, in this case
>RSADSI. If I want to sell a software package and assert in my advertising
It has already been confirmed that the published RC4 is the same
functionally as RC4. Thus as far as any user is concerned that is all
that needs to be known, and as far as damage that is what did the
damage. The question here is whether or not the publiched RC4 is
identical to the RC4 source code in explicit expression. I do not see
how that could increase the damage to RSA. In fact it might be argued (
how persuasively is up to you to decide) that it eitehr does nothing or
lessens the damage. If we all know that the publiched RC4 is in
expression identical to the RC4 source, then some people may well
refrain from using an item which was clearly stolen. So you pays your
lawyer (not me I'm not one) and you gets your argument. On the ohter
hand the report is that it is not the same. Does that constitute
violation of the trade secret or nondisclosure? Is a black crow a
confirming instance of the proposition that all cows are brown (to bring
up an old philosphical conundrum)?
--
Bill Unruh
un...@physics.ubc.ca
Kenneth Lerman
...
: That's what lawyers _do_, David. It's what we do. It's our job. It's
: what we're paid for. He didn't get to where he is today be being a bad
: poker player.
To (mis)quote a friend of mine:
The secret to making money playing poker is to find some poker
players who play worse than you do.
[And Peter (if I may address you by your first name), I find your
posts add some useful light to a morass of legal ignorance.]
: --
: ........................................................................
: Peter G. Berger, Esq. Telerama Public Access Internet, Pittsburgh
: Internet: pet...@telerama.lm.com Phone: 412/481-3505 Fax: 412/481-8568
: http://www.lm.com/ gopher://gopher.lm.com/ ftp://ftp.lm.com/
--
Kenneth Lerman ler...@seltd.newnet.com
Systems Essentials Limited (203)426-4430
55 Main Street
Newtown, CT 06470
Sean Donelan
> "B", who knows the formula for Coca Cola, and is under non-disclosure, says
> that the formula "A" posted is, in fact the real formula and that the reason
> he knows that is that he has the real formula. It is known that "B" signed
> the usual non-disclosure agreement, and it is known that the real formula
> for Coca Cola is a trade secret.
>
> Question: Has "B" done anything actionable at law?
I know the secret formula for Coca Cola. I also know KFC's secret spices.
Have I done anything actionable at law?
--
Sean Donelan, Data Research Associates, Inc, St. Louis, MO
Domain: se...@dra.com, Voice: (Work) +1 314-432-1100
Jeffrey T Berntsen
>In article <366sm4$p...@zeus.intnet.net>,
>Jay Ashworth <j...@zeus.IntNet.net> wrote:
>>strn...@netcom.com (David Sternlight) writes:
>>>In article <ssatchell...@bix.com>,
>>>ssatchell on BIX <ssat...@BIX.com> wrote:
>>>>I can't locate my source disks quickly, so any comparision will have to wait
>>>>for the weekend. There is the chance, too, that my source disks (they are
>>>>quite old) may not be the same version, complicating matters.
>>
>>>If you confirm that the posted code is the real thing, would you be
>>>violating your non-disclosure agreements (if any) by so doing?
>>
>>Since I'm the one who mailed him the posting, I'll take this one.
>>
>>Almost certainly not. He had no control over the release of the code I
>>mailed him. He did not reverse engineer anything. He did not copy
>>anything illegally. He did not release any code.
>Consider the following: "A" posts the formula for Coca Cola, asserting that
>it is just that. We don't know how "A" got what he posted, and we don't know
>if it is the real formula or not.
>"B", who knows the formula for Coca Cola, and is under non-disclosure, says
>that the formula "A" posted is, in fact the real formula and that the reason
>he knows that is that he has the real formula. It is known that "B" signed
>the usual non-disclosure agreement, and it is known that the real formula
>for Coca Cola is a trade secret.
>Question: Has "B" done anything actionable at law?
Far be it for me to defend Mr. Sternlight _BUT_ I think he has a point here.
In a scenario like the one above (and I think it _is_ a good analogy to the
question of the RC4 code posted here being RSA's), it could be construed that
if "B" says the formula is in fact the real forumla, he has disclosed what
the formula is even though he didn't originally post by giving definite
information about what the formula _is_ (what "A" posted). However, if "B"
were to say that the formula is _not_ the original formula (assuming it isn't,
of course) he hasn't disclosed anything about the formula itself, only about
what the formula "A" posted _is_ (not the original). He hasn't disclosed any
specific information about the formula he is guarding. Enough such answers
("no, it isn't that") could yeild actual specific information about the
formula but no single such answer could. (If you're curious, get and read
some info on so-called "zero-knowledge proofs") I think a single confirmation
that the formula is real could be actionable, but a single denial probably
could not be.
Where the analogy breaks down is that the actual question here is not about
RC4's "formula" (the RC4 altorithm), but about how it's presented (the actual
code). I think that my thoughts about confirmation vs. denial are still valid
when applied to confirmation vs. denial of the code posted. There may be a
gray area about confirmation vs. denial of the algorithm itself.
Of course, I'm trying to apply logic to an interpretation of the law and we
know what kind of problems _that_ can cause......
Jeff Berntsen
je...@world.std.com
William Unruh
>Consider the following: "A" posts the formula for Coca Cola, asserting that
>it is just that. We don't know how "A" got what he posted, and we don't know
>if it is the real formula or not.
>"B", who knows the formula for Coca Cola, and is under non-disclosure, says
>that the formula "A" posted is, in fact the real formula and that the reason
>he knows that is that he has the real formula. It is known that "B" signed
>the usual non-disclosure agreement, and it is known that the real formula
>for Coca Cola is a trade secret.
>Question: Has "B" done anything actionable at law?
Or to make the analogy with the current discussion,keep all facts above
the same but "B" says that the formula A posted is not the secret
formula. Has he done anything actionable? Remember that that is what has
happened in the case of RC4.
--
Bill Unruh
un...@physics.ubc.ca
Clifton T. Sharp
>Before anyone jumps on me for offering a defective analogy - testing
>crypto code can be done a whole lot more precisely than cake tasting and
... but doesn't include the high-altitude recipe for RC4...
--
Cliff Sharp Whatever it is that hits the fan,
WA9PDM it will not be evenly distributed.
cli...@indep1.chi.il.us --The Third Law of Reality
Paul Rubin
>interests of MIT and Stanford. I don't think he'd play poker with his
>clients' interests unless he had what Mark Twain called "the calm confidence
>of a Christian with four aces."
If he is doing such a good job representing these interests, then why
is Cylink, one of the partners in Public Key Partners, suing him?
David C. Brower
a poster writes:
>I can't locate my source disks quickly, so any comparision will have to wait
>for the weekend....
Ahh, maybe this is how a perp got RSA source to evaluate.
"It's 11:00. Do you know where your RSADSI source disks are?"
Be careful out there.
-dB
--
"Not speaking for Oracle. I just got here!" da...@acm.org
>> Learn about Splay Trees in "Software Solutions in C", edited by Dale <<
>> Schumacher, Academic Press Professional, ISBN 0-12-632360-7 <<
David Sternlight
Beats me. You tell us.
georgec clinkscales
da...@sternlight.com "David Sternlight" writes:
> Xref: demon sci.crypt:10173 talk.politics.crypto:5762 alt.security:5067
> alt.privacy:8865 comp.security.misc:4780
> Newsgroups: sci.crypt,talk.politics.crypto,alt.security,alt.privacy,
> comp.security.misc
> Path: llor.demon.co.uk!demon!news.sprintlink.net!howland.reston.ans.net!
> vixen.cso.uiuc.edu!uchinews!ncar!csn!csus.edu!netcom.com!strnlght
> From: strn...@netcom.com (David Sternlight)
> Subject: Re: RC4 Source Code Posted - A Response from RSA Data Security, Inc.
> Message-ID: <strnlghtC...@netcom.com>
> Reply-To: da...@sternlight.com (David Sternlight)
> Organization: DSI/USCRPAC
> References: <35gtd7$4...@ccu2.auckland.ac.nz> <ssatchell...@bix.com>
> <strnlghtC...@netcom.com> <366sm4$p...@zeus.intnet.net>
> Date: Tue, 27 Sep 1994 01:36:00 GMT
> Lines: 35
' done anything actionable at law? '
... a little vocabulary builder here,
the word is .. culpable
... ie responsible for wrong or error, and
subject to prosecution
--
"Mind is knowledge ... knowledge [is] identical with the
object of knowledge. [Knowing this is liberation.]"
Guru Gita
nobody
In article <strnlghtC...@netcom.com>, David Sternlight (strn...@netcom.com) writes:
> In article <phrCwu...@netcom.com>, Paul Rubin <p...@netcom.com> wrote:
> >In article <strnlghtC...@netcom.com>,
> >David Sternlight <strn...@netcom.com> wrote:
> >>He is the president of two important firms in this field, representing the
> >>interests of MIT and Stanford. I don't think he'd play poker with his
> >>clients' interests unless he had what Mark Twain called "the calm confidence
> >>of a Christian with four aces."
> >
> >If he is doing such a good job representing these interests, then why
> >is Cylink, one of the partners in Public Key Partners, suing him?
> Beats me. You tell us.
I suppose it's because Cylink feels RSADSI is dealing unfairly, and is
calling Mr. Bidzos' bluff. Cylink and RSADSI were never in bed together
as soulmates. It was a marriage of convenience.
Pick out the real reasons for yourself. Here are Cylink's original
complaint (relatively short), and RSADSI's motion to dismiss (quite
lengthy and dreary, actually, but interesting). They were OCRed by
another kind soul.
(I have tried to remove inappropriate newsgroups, such as sci.crypt,
from the header, and tried to redirect followups as appropriate.)
------- Forwarded Message -------
Contents:
1) - Cylink's complaint against RSA -
2) - RSA's motion to dismiss the Cylink complaint -
-- Cylink's complaint against RSA ------------------------------------------
Jon Michaelson, Esq., (State Bar No. 083815)
Kurt H. Taylor, Esq., (State Bar No. 127077)
Robert W. Ricketson, Esq., (State Bar No. 148481)
HOPKINS & CARLEY
A Law Corporation
150 Almaden Boulevard, Fifleenth Floor
San Jose, California 95113-2089
Telephone: (408) 286-9800
Attorneys for Plaintiff
CYLINK CORPORATION
IN THE UNITED STATES DISTRICT COURT
IN AND FOR THE NORTHERN DISTRICT OF CALIFORNIA
CYLINK CORPORATION,
Plaintiff,
v.
RSA DATA SECURITY, INC.,
Defendants.
COMPLAINT FOR DECLARATORY
JUDGMENT AND INJUNCTIVE
RELIEF AND DEMAND FOR JURY
TRIAL
I . Plaintiff Cylink Corporation is incorporated under the laws of the
State of California, and has its principal place of business therein.
2. Defendant RSA Data Security, Inc. ("RSADSI") is a corporation
incorporated under the laws of the State of Delaware, and has its principal
and a regular and established place of business a 100 Marine Boulevard,
Redwood City, CA 94065.
3. Jurisdiction of this Court arises under the Federal Declaratory
Judgments Act, Title 28, United States Code, Sections 2201 and 2202, and
under the laws of the United States concerning actions relating to patents,
Title 28, United States Code, Section 1338(a), as shown by the facts
alleged below.
4. On September 20, 1983, U.S. Letter Patent No. 4,405,829 entitled
"Cryptographic Communications System and Method" was issued to inventors
and assignors R. Rivest, A. Shamir and L. Adleman ("the Patent").
5. Cylink is informed and believes and on that basis alleges that in or
about 1984 defendant RSADSI obtained an exclusive license to the Patent.
6. Cylink has made and/or offered for sale within the past six years and
since the issuance of the said Letters Patent, certain encryption products.
7. Beginning in or about December 1993, RSADSI has charged that Cylink's
manufacture and sale of said encryption products infringes the Patent and
all claims thereof. On June 28, 1993, RSADSI delivered to Cylink's wholly-
owned subsidiary, in this judicial district, a letter expressly stating
RSADSI's intent to bring an infringement action against Cylink. A true and
correct copy of RSADSI 's letter to Cylink dated June 29, 1994 is attached
hereto as Exhibit A.
8. There is a substantial and continuing justiciable controversy between
Cylink and RSADSI as to RSADSIs right to threaten or maintain suit for
infringement of the Patent, and as to the validity, scope, and
enforceability thereof, and as to whether any of Cylink's products
infringes any valid claim thereof.
9. Cylink is informed and believes and on that basis alleges that the
Patent is invalid unenforceable, and void, for one or more of the following
reasons:
(a) The alleged invention was not novel;
(b) The differences (if any) between the alleged invention and the
prior art were such that the alleged invention would have been obvious at
the time made to a person having ordinary skill in the art;
(c) The claims of the Patent, and/or the Patent as a whole, fails to
meet one or more of the requirements of 35 U.S.C. section 1 12.
(d) If there is any invention in the subject matter of the Patent,
which is denied, the Patent nevertheless was not obtained in a manner
consistent with the provisions of Title 35 of the United States Code.
(e) The claims of the Patent are functional, indefinite, and are
broader than the alleged invention as set forth in the specification of the
Patent.
10. Cylink will seek leave of court to amend this complaint to assert such
additional grounds for invalidity as may be ascertained and shall give such
notice prior to trial as may be required by 35 U.S.C. section 282 of the
matters specified therein.
11. Cylink is informed and believes and on that basis alleges that its
encryption products do not infringe on the Patent or its claims.
12. Cylink is informed and believes and on that basis alleges that the
Patent is unenforceable for reasons including, but not necessarily limited
to the following:
(a) RSADSI, with full knowledge of the activities of Cylink, has
failed to assert the Patent for a period of 3 years while Cylink invested
time and money in building its business and goodwill, and RSADSI is now
guilty of laches and cannot maintain any cause of action against plaintiff
under the Patent.
(b) Pursuant to certain written agreements, RSADSI has obligated
itself to license Cylink to make, use, and sell products employing all
inventions claimed in the patent, and is therefore estopped from asserting
the Patent against Cylink. True and correct copies of these agreements are
attached hereto and incorporated in this complaint as Exhibits B and C.
13. RSADSI has denied that it is obligated to license Cylink as alleged in
paragraph 12(b) above. Cylink and its wholly owned subsidiary have
initiated an arbitration proceeding against RSADSI pursuant to the written
agreements between the parties. By bringing this suit, as it has been
forced to do in order to protect itself against the threat of litigation by
RSADSI, Cylink does not waive its right to a determination through
contractually mandated arbitration that RSADSI is obligated to grant to
Cylink a license to the Patent according to the terms of the parties'
agreements.
WHEREFORE, plaintiff demands:
(a) Entry of judgment that RSADSI is without right or authority to
threaten or to maintain suit against plaintiff or its customers for alleged
infringement of Letters Patent No. 4,405,829; that the Patent is invalid,
unenforceable, and void in law; and that the Patent is not infringed by
Cylink because of the making, selling, or using of any products made, sold,
or used by Cylink.
(b) Entry of a preliminary injunction enjoining RSADSI, its officers,
agents, servants. employees, and attorneys, and those persons in active
concert or participation with it who receive actual notice thereof from
initiating infringement litigation and from threatening Cylink or any of
its customers, dealers, agents, servants, or employees, or any prospective
or present seller, dealer, or use of Cylink's products, with infringement
litigation or charging any of them either verbally or in written with
infringement of Letters Patent No. 4,405,829 because of the manufacture,
use, sale, or offering for sale of products made by Cylink, to be made
permanent following trial.
(c) Entry of judgment for its costs and reasonable attorney fees
incurred by Cylink herein.
(d) Such other and further relief as the Court may deem appropriate.
DATED: June 30, 1994
HOPKINS & CARLEY
A Law Corporation
BY: Kurt H. Taylor, Esq.
Attorneys for Plaintiff
CYLINK CORPORATION
DEMAND FOR JURY TRIAL
Cylink hereby demands trial by jury of all issues triable of right by jury.
DATED: June 30, 1994
HOPKINS & CARLEY
A Law Corporation
By Kurt H. Taylor, Esq.
Attorneys for Plaintiff
CYLINK CORPORATION
-- End ---------------------------------------------------------------------
-- RSA's motion to dismiss the Cylink complaint ------------------------------
JAMES R. BUSSELLE (SBN 75980)
THOMAS E. MOORE III (SBN 115107)
MARY O'BYRNE, (SBN 121067)
TOMLINSON, ZISKO, MOROSOLI & MASER
200 Page Mill Road, Second Floor
Palo Alto, California 94306
Telephone: (415) 325-8666
Attorneys for Defendant
RSA Data Security, Inc.
UNITED STATES DISTRICT COURT
NORTHERN DISTRICT OF CALIFORNIA
CYLINK CORPORATION,
Plaintiff,
vs .
RSA DATA SECURITY, INC.,
Defendant.
CASE NO.: C 94 02332 CW
NOTICE OF MOTION TO DISMISS
UNDER RULE 12(b)(7)
DATE: September 9, 1994
TIME: 10:30 a.m.
BEFORE: Hon. Claudia Wilken
TO THE PLAINTIFF AND ITS COUNSEL OF RECORD:
PLEASE TAKE NOTICE that on September 9, 1994 at 10:30 a.m., or as soon
thereafter as counsel may be heard by the above entitled Court, located at
450 Golden Gate Avenue, San Francisco, California, defendant RSA Data
Security, Inc. will and hereby does move the Court to dismiss the action
pursuant to Federal Rule of Civil Procedure 12(b)(7) for failure to join
parties under Federal Rule of Civil Procedure 19. Such motion will be made
on the grounds that Caro-Kann Corporation, Public Key Partners, the
Massachusetts Institute of Technology and Stanford University are necessary
parties to the action within the meaning of Rule l9(a).
This motion is based on this Notice of Motion, the accompanying Memorandum
of Points and Authorities, the Declaration of D. James Bidzos, all
pleadings and papers on file in this action, and other such other matters
as may be presented to the Court at the time of the hearing.
Dated: July 25, 1994
TOMLINSON, ZISKO, MOROSOLI & MASER
By
Thomas E. Moore III
Attorneys for Defendant RSA Data Security, Inc.
-- Arguments supporting RSA's move for dismissal ---------------------------
JAMES R. BUSSELLE (SBN 75980)
THOMAS E. MOORE III (SBN 115107)
MARY O'BYRNE, (SBN 121067)
TOMLINSON, ZISKO, MOROSOLI & MASER
200 Page Mill Road, Second Floor
Palo Alto, California 94306
Telephone: (415) 325-8666
Attorneys for Defendant
RSA Data Security, Inc.
UNITED STATES DISTRICT COURT
NORTHERN DISTRICT OF CALIFORNIA
CYLINK CORPORATION,
Plaintiff,
vs.
RSA DATA SECURITY, INC.,
Defendant.
CASE NO.: C 94 02332 CW
MEMORANDUM OF POINTS AND
AUTHORITIES IN SUPPORT OF
MOTION TO DISMISS UNDER RULE
12(b)(7)
DATE: September 9, 1994
TIME: 10:30 a.m.
BEFORE: Hon. Claudia Wilken
TABLE OF CONTENTS
I. INTRODUCTION AND ISSUES PRESENTED
II. STATEMENT OF FACTS
III. ARGUMENT
A. Rule 19 is Designed to Protect the Interests of Absent Parties Whose
Rights May be Impaired If the Action were to go Forward Without them
B. MIT and PKP are Necessary Parties Because They Each Hold Substantial
Rights to the MIT Patent, Including the Right to Bring an Infringement
Action Against Cylink
C. CKC and Stanford are Necessary Parties Because Each has an Interest that
Would be Impaired if the MIT Patent were Held Invalid, and Their
Relationship to Cylink is Such that RSA Could Not Adequately Represent
Their Interests
IV. CONCLUSION
TABLE OF AUTHORITIES
CASES
CP National Corp. v. Bonneville Power Admin.,
928 F.2d 905 (9th Cir. 1991)
Caldwell Manufacturing Co. v. Unique Balance
Co.. Inc., 18 F.R.D. 258, 108
U.S.P.Q. 7 (S.D.N.Y. 1955)
Channel Master Corp. v. JFD Electronics
Corp., 260 F. Supp. 568, 152
U.S.P.Q. 687 (E.D.N.Y. 1967)
Classic Golf Co. v. Karsten Manufacturing
Co., 231 U.S.P.Q. 884 (N.D. Ill.
1986)
Dentsply International Inc. v. Centrex. Inc.,
553 F. Supp. 289, 220 U.S.P.Q. 948
(D.-Del. 1982)
Diamond Scientific Co. v. Amico. Inc., 848
F.2d 1220 (Fed. Cir. 1988)
Lear. Inc. v. Adkins, 395 U.S. 653 (1969)
Messerschmitt-Boelkow-Blohm GmbH. v. Huqhes
Aircraft Co., 483 F. Supp. 49, 208
U.S.P.Q. 643 (S.D.N.Y. 1979)
Micro-Acoustics Corp. v, Bose Corp., 493 F.
Supp. 356, 207 U.S.P.Q. 378
(S.D.N.Y. 1980)
Shermoen v. United States. 982 F.2d 1312 (9th
Cir. 1992)
United Mine Workers of America v. Gibbs, 383
U.S. 715 (1966)
Waterman v, MacKenzie, 138 U.S. 252 (1891)
STATUTES AND RULES
Federal Rule of Civil Procedure 12(b)(7)
Federal Rule of Civil Procedure l9(a)
Federal Rule of Civil Procedure l9(b)
MISCELLANEOUS
6 Chisum, Patents, 21.03[4], pp. 21-300
21-301 (1993)
3A Moore, Moore's Federal Practice,
119.05[2], p. 19.78 (2d ed. 1993)
3A Moore, Moore's Federal Practice,
119.07-1, p. 19.90-1 (2d ed. 1993)
3A Moore, Moore's Federal Practice,
1 19.07[2.--1], p. 19.103 (2d ed. 1993)
I. INTRODUCTION AND ISSUES PRESENTED
This is a declaratory relief action to invalidate a patent that permits the
coding or "encryption" of computer data transmissions. Prior to 1990, the
plaintiff, Cylink Corporation ("Cylink") was in the data encryption market
as a manufacturer of computer hardware, operating under a license to the
so-called "Stanford Patents." The defendant, RSA Data Security, Inc.
("RSA"), was in the data encryption market as a software manufacturer,
operating under a license to the so-called "MIT Patent." The MIT Patent is
the subject of this invalidation action.
In 1990, at Cylink's instigation, Cylink and RSA created complex inter-
relationships between each other, Stanford University ("Stanford") and the
Massachusetts Institute of Technology ("MIT") to exploit the licensing
potential of both sets of patents. Two new entities were created: Caro-Kann
Corporation ("CKC"), a wholly-owned subsidiary of Cylink; and Public Key
Partners ("PKP"), a partnership between Cylink/CKC and RSA, whose sole
assets consist of the licensing rights to both sets of patents.
By filing this action, Cylink not only seeks to pull the thread that
unravels these inter-relationships but also hopes to do so in the absence
of PKP, CKC, MIT and Stanford. Because (i) PKP and MIT hold significant
rights to the MIT Patent, including the right to bring infringement actions
and (ii) the action stands to impair the interests of CKC and Stanford, the
action must be dismissed under Federal Rule of Civil Procedure 12(b)(7),
subject to the joinder of those parties as necessary parties under Rule
l9(a).[1]
II. STATEMENT OF FACTS
RSA is a local company operating out of Redwood City, California. RSA
develops, markets and distributes encryption software. Encryption software
utilizes complex mathematical formulas or algorithms to create unbreakable
codes for securing computer communications, such as data transmissions over
telephone lines via modems, from eavesdropping. [2] RSA has been a pioneer
in the field of developing encryption software and has worked in this field
since 1982, when it was first formed. (Bidzos Decl. 11 2, 3).
The founders of RSA were three scientists from MIT, Ronald L. Rivest, Adi
Shamir, and Leonard M. Adleman (the letters "RSA" are the initials of those
three men). Together, they invented an algorithm which makes it possible to
secure data transmissions. This algorithm was patented on September 20,
1983 as U.S. Letter Patent No. 4,405,829 and entitled "Cryptographic
Communications System and Method" (the "MIT Patent"). Rivest, Shamir and
Adleman assigned the patent to MIT. MIT owned, and continues to own, the
MIT Patent. (Bidzos Decl., 1 4)
Rivest, Shamir and Adleman formed RSA, and MIT granted RSA an exclusive
license to the MIT Patent. RSA has paid royalties to MIT ever since.
(Bidzos Decl., 1 5)
After an initial slow period, RSA grew to be successful. It developed and
marketed an "end user" product called "MailSafe in 1986 and sold thousands
of copies. It also developed a software tool kit which was first sold to
Lotus Corporation in 1986 and has since been sold to many other companies
who have acted as original equipment manufacturers or "OEM's." RSA also
sold patent licenses for use of the MIT Patent to a modem company called
Racal and also to Motorola and Digital Equipment. (Bidzos Decl., 1 6).
During 1987 and 1988, representatives from Stanford began to claim that
RSA's MIT Patent rights could not be used by RSA or anyone else without
infringing patent rights owned by Stanford (the "Stanford Patents). This
dispute was resolved when Stanford licensed rights to its patents to MIT,
and MIT in turn passed on those rights to RSA. In exchange for those
rights, Stanford received from MIT a portion of the royalty payments that
RSA had been paying to MIT for RSA's use of the MIT Patent. (Bidzos Decl.,
1 7)
It was at this point that plaintiff Cylink appeared on the scene. Cylink is
primarily a hardware manufacturer -- it builds computer chips that are used
in the data encryption process and markets them to others for incorporation
in hardware products eventually sold to the end user customers. Before
Stanford agreed to license rights to the Stanford Patents to MIT, Cylink
and only a very few other companies had license rights to the Stanford
Patents. (Bidzos Decl., 1 8).
Cylink was very concerned when it discovered that RSA had acquired rights
to the Stanford Patents through MIT. On or about October 17, 1989, Cylink's
Chief Executive Officer, Lew Morris ("Morris"), first approached RSA by
calling Bidzos on the telephone. Morris threatened to sue RSA unless a deal
could be reached by which Cylink would purchase RSA. From this inauspicious
beginning, the discussions eventually lead to how RSA and Cylink might work
together. (Bidzos Decl., 1 9)
The parties' discussions culminated in an Agreement of Intent entered into
on April 6, 1990. Under that Agreement, Cylink and RSA each agreed to give
up the rights to license and sublicense their respective patent rights in
the MIT and Stanford Patents and vest those rights in a new partnership,
PKP, exclusively. (Bidzos Decl., 1 10, Ex. A).
The two partners in PKP are RSA and CKC, a wholly-owned subsidiary of
Cylink. The sole assets of PKP are the licensing rights to the MIT and
Stanford Patents. [3] (Bidzos Decl., 1 11).
As part of the formation of PKP, the royalty payments owed to Stanford and
MIT were simplified. To accomplish this, RSA and Cylink entered into
amendments to their respective license agreements with MIT and Stanford.
Under the terms of those amendments, first, the direct license arrangement
between Stanford and MIT was essentially nullified. Second, while RSA
remained obligated to pay royalties to MIT, and Cylink/CKC remained
obligated to pay royalties to Stanford, the royalties owed to each
university were based on PKP's unsegregated revenues from both the Stanford
and MIT Patents: RSA pays MIT a percentage of PKP's distributions to RSA,
and Cylink/CKC pays Stanford a percentage of PKP's distributions to
Cylink/CKC.4 (Bidzos Decl., 11 12, 13, Exs. B, C).
The-amendment to the MIT Patent license governs the various parties' rights
to sue for patent infringement of the MIT Patent. Under Section 8 of that
amendment:
(a) PKP may institute an infringement action and join RSA and MIT (costs
borne by PKP);
(b) PKP and MIT may jointly bring such an action and join RSA (costs shared
by PKP and MIT);
(c) PKP and RSA may jointly bring such an action and join MIT (costs shared
by PKP and RSA);
(d) MIT may institute such an action with PKP's consent; and
(e) RSA may institute such an action and join PKP and MIT (costs borne by
RSA). (Bidzos Decl., Ex. B, pp. 13-14).
Footnotes:
[1] Under Rule 12(b)(7), an objection to a plaintiff's failure to join a
party under Rule 19 may be made by motion before pleading. 3A Moore,
Moore's Federal Practice, 119-05[2]. p. 19.78 (2d ed. 1993).
[2] To explain the function of RSA's software, RSA's President, D. James
Bidzos ("Bidzos"), describes unprotected computer communications as the
electronic equivalent of typewritten postcards -- such communications can
be read by anybody, and no one can be sure who wrote them. RSA sells the
equivalent of signatures, so that the writer can be verified, and the
equivalent of envelopes, so the messages cannot be read except by those to
whom they are addressed. (Bidzos Decl., 1 2).
[3] RSA and Cylink did not part with all of their rights to their
respective patents. RSA and Cylink retained their right to continue to
conduct business as they had done previously. RSA continued to market
encryption software, and Cylink continued to market hardware incorporating
data encryption technology. (Bidzos Decl., 1 11).
[4] RSA, PKP, Cylink, CKC, MIT and Stanford are the principal parties with
a vested interest in the validity of the MIT Patent because of the royalty
revenue that such Patent generates for them. In addition, two other absent
parties, David P. Newman, a Washington D.C. patent lawyer, and Prof. Martin
E. Hellman, a Stanford professor, also receive royalties based on the MIT
Patent and also have a vested interest in the validity of the MIT Patent.
Because of uncertainty about the exact arrangement regarding their receipt
of royalties, RSA is not seeking their joinder at this time. (Bidzos Decl.,
1 14).
III. ARGUMENT
A. Rule 19 is Designed to Protect the Interests of Absent Parties Whose
Riqhts May be Impaired If the Action were to Go Forward Without them.
Federal Rule of Civil Procedure 19(a) authorizes joinder of "necessary"
parties to the action. [5] Rule l9(a) states in pertinent part:
(a) Persons to be Joined if Feasible. A person who is subject to service of
process and whose joinder will not deprive the court of jurisdiction . . .
shall be joined as a party in the action if (1) in the person's absence
complete relief cannot be accorded among those already parties, or (2) the
person claims an interest relating to the subject of the action and is so
situated that the disposition of the action in the person's absence may (i)
as a practical matter impair or impede the persons ability to protect that
interest or (ii) leave any of the persons already parties subject to a
substantial risk of incurring double, multiple, or otherwise inconsistent
obligations . . . .
Thus, Rule 19 is designed to protect the interests of absent parties, as
well as those already before the court, from multiple litigation,
inconsistent judicial determinations or the impairment of interests or
rights. CP National Corp. v. Bonneville Power Admin., 928 F.2d 90S, 911
(9th Cir. 1991).
A persons status as a necessary party is not judged by any precise
formula, but depends on the context of the particular litigation. CP
National, 928 F.2d at 912. However, "Under the Rules, the impulse is toward
entertaining the broadest possible scope of action consistent with fairness
to the parties; joinder of claims, parties and remedies is strongly
encouraged." United Mine Workers of America v. Gibbs, 383 U.S. 715, 724
(1966). Necessary-parties have therefore been described as:
[T]hose `[p]ersons having an interest in the controversy, and who ought to
be made parties, in order that the court may act on that rule which
requires it to decide on, and finally determine the entire controversy, and
do complete justice, by adjusting all the rights involved in it.'
CP National, 928 F.2d at 912 (quoting Shields v. Barrow, 58 U.S. 130, 139
(1855)).
The context of this particular litigation requires joinder of PKP, CKC, MIT
and Stanford as defendants. PKP and MIT are holders of substantial rights
to the MIT Patent, including the right to bring infringement actions. CKC
and Stanford receive significant revenues from the MIT Patent which would
be lost if the patent were to be invalidated. Moreover, CKC and Stanford's
relationship to Cylink is unique to them and cannot be adequately
represented by RSA.
B. MIT and PKP are Necessary Parties Because They Each Hold Substantial
Riqhts to the MIT Patent. Including the Right to Bring an Infringement
Action Against Cylink.
MIT and PKP are necessary parties. MIT is the patent owner. MIT, PKP and
RSA have substantial rights to the MIT Patent, including the significant
right to bring infringement actions, subject to the other parties' right to
join and share the costs of suit.
"Generally, the patent owner is an indispensable party to a declaratory
judgment action." Classic Golf Co. v. Karsten Manufacturing Co., 231
U.S.P.Q. 884, 886 (N.D. Ill. 1986). The issue becomes more complex,
however, when the patent owner transfers some kind of interest to a third
party, who is then sued to invalidate the patent. Dentsply International
Inc. v. Centrex. Inc., 553 F. Supp. 289, 293-4, 220 U.S.P.Q. 948 (D. Del.
1982). At one extreme, the interest that the patent owner transferred is
deemed to be a license, and the patent owner is deemed to be a necessary
party to the invalidation action. Id. At the other extreme, the interest
transferred is deemed to be an assignment, and the patent holder is not
considered to be a necessary party. Dentsply, 553 F. Supp. at 294; see
generally Waterman v. MacKenzie, 138 U.S. 252, 255 (1891). The rationale of
the latter situation is that the patent owner suffers no prejudice from a
judgment of invalidity in its absence, if the patent owner has entrusted
the assignee with the right to protect its interests by suing for
infringement. Messerschmitt-BoelRow-Blohm GmbH. v. Hughes Aircraft Co., 483
P. Supp. 49, 52, 208 U.S.P.Q. 643 (S.D.N.Y. 1979).
As the Dentsply court acknowledged, many cases, such as the present one,
fall between the two extremes. DentsDly, 553 F. Supp. at 294. The Dentsdlv
court added, however, that the court's task is simplified if the agreement
between the parties allocates the right to sue and be sued on the patent.
Id. The allocation of the right to sue for infringement under the parties'
agreement is the "true test" that determines the identities of the
necessary parties. Channel Master Corws. v. CFD Electronics CorD., 260 F.
Supp. 568, 572, 152 U.S.P.Q. 687 (E.D.N.Y.-1967)(action dismissed for lack
of an indispensable party because defendant licensee could not bring suit
for infringement until after the absent patent owner had declined to do
so); Caldwell Manufacturing Co. v. Unique Balance Co.. Inc., 18 F.R.D. 258,
263-4, 108 U.S.P.Q. 7 (S.D.N.Y. 1955); 6 Chisum, Patents, 21.03[4], pp.
21-300 - 21-301 (1993)("Thus, a person is a proper party defendant if but
only if that person had standing to sue the plaintiff for infringement").
In this case, none of the parties had an independent, unconditional right
to instigate litigation without offering the others the opportunity to join
and share the expenses of litigation. PKP, RSA and MIT each retained the
right to join and take part. Because of these mutual rights, each is a
necessary party in this action to invalidate the MIT Patent. [6]
C. CKC and Stanford are Necessary Parties Because Each has an Interest that
Would be Impaired if the MIT Patent were Held Invalid. and Their
Relationship; to Cylink is Such that RSA Could Not Adequately represent
Their Interests.
CKC and Stanford are also necessary parties. [7] CKC and Stanford
admittedly lack standing to bring a patent infringement action against
Cylink. Nevertheless, both have important interests that would be impaired
by this action, and RSA could not adequately represent those interests. In
addition, as a practical matter, the inter-relationship of the various
parties in this case counsels in favor of CKC's and Stanford's joinder.
The issue of whether a person is a necessary party under Rule l9(a) depends
first, on whether such person has an interest that is impaired by the suit
and second, on whether such impairment may be minimized if the absent party
is adequately represented in the suit. Shermoen v. United States, 982 F.2d
1312, 1318 (9th Cir. 1992). In determining whether a persons interest is
impaired, it is not necessary that the judgment be binding on that person
in a technical sense; it is enough that as a practical matter that person's
rights will be affected. 3A Moore, Moore's Federal Practice, 1 19.07[2.--
1], p. 19.103.
CKC and Stanford's rights would be impaired if this action were to go
forward in their absence. Both CKC and Stanford are the beneficiaries
Cylink's entry into the Agreement of Intent and transfer of the Stanford
Patents to PKP. (Bidzos Decl., Ex. A). Both CKC and Stanford derive
significant royalty income from PKP's rights to the MIT Patent. Both CKC
and Stanford would lose those royalties if Cylink prevails and invalidates
the MIT Patent.
RSA cannot adequately represent the interests of CKC and Stanford. CKC and
Stanford's relationship to Cylink is unique. Implicit in Cylink's formation
of PKP to exploit the MIT Patent were Cylink's representations to CKC and
Stanford that the MIT Patent was-valid and that Cylink would protect, not
defeat, its validity. Stanford in particular relied to its detriment on
Cylink's formation of PKP by waiving its independent right to royalties
directly from MIT. (Bidzos Decl., 11 7, 13). Thus, Stanford and CKC may
have their own unique estoppel defense to the present action.[8]
Finally, as a practical matter, the inter-relationships among the parties
make this more than a simple patent case. If this case is to be resolved in
a reasonable length of time, then all the parties and all the issues should
be before this Court. Because of this, RSA urges the Court to err in favor
of joinder with respect to CKC and Stanford.
Footnotes:
[5] Rule 19 distinguishes between necessary" parties under subdivision (a)
and "indispensable" parties under subdivision (b). The court must first
determine whether an absent person is a "person to be joined if feasible"
pursuant to subdivision (a). If joinder is feasible, a ruling as to the
person's indispensability under subdivision (b) is not required, since
subdivision (b) comes into play only where joinder is not feasible. 3A
Moore, Moore's Federal Practice, 119.07-1, p. 19.90-1 (2d ed. 1993). RSA is
not aware of any reason why joinder of CKC, PKP, MIT and Stanford would not
be feasible. It is therefore unnecessary to analyze whether any of those
parties are indispensable under Rule l9(b).
[6] This express allocation of the right to sue for infringement
distinguishes this case from cases such as Micro-Acoustics Corp. v. Bose
CorD., 493 F. Supp. 356, 207 U.S.P.Q. 378 (S.D.N.Y. 1980), in which the
patent owner retained no right, conditional or otherwise, to institute an
action for infringement.
[7] RSA intends through its answer and counter-claim to assert that CKC and
Cylink are alter-egos of each other. RSA is not, by this motion, asserting
that Cylink is under any obligation to sue itself. This motion only
requires Cylink to be consistent. If Cylink believes that CKC is an
independent party, then Cylink should join CKC as a party defendant. If
Cylink concedes that CKC is not an independent party, then RSA is willing
to accept such concession and drop its request that CKC be joined.
[8] The use of estoppel as a defense to an action to invalidate a patent is
complex and involves a balancing between private contractual rights and the
public interest in freeing the use of ideas from the monopoly of invalid
patents. Lear. Inc. v. Adkins, 395 U.S. 653 (1969)(invalidating "licensee
estoppel"); Diamond Scientific Co. v. Amico, Inc., 848 F.2d 1220 (Fed. Cir.
1988)(upholding "assignor estoppel"). Stanford and CKC's potential estoppel
defense does not fall neatly within the doctrines examined in either Lear
or Diamond Scientific. The legitimacy of that defense cannot be properly
raised and considered unless Stanford and CKC are made party defendants.
IV. CONCLUSION
Joinder of parties is strongly encouraged. Joinder of the absent parties in
this case i9 feasible. MIT and PKP should be joined because of their
substantial rights in the MIT Patent. CKC and Stanford should be joined
because of the potential impairment of their rights and the inability of
RSA to protect those rights adequately. For these reasons and those set
forth above, RSA respectfully urges the Court to grant this motion.
Dated: July 25, 1994
TOMLINSON, ZISKO, MOROSOLI & MASER
Attorneys for Defendant RSA Data Security, Inc.
PROOF OF SERVICE
CYLINK CORPORATION V. RSA DATA SECURITY, INC.
UNITED STATES DISTRICT COURT, NORTHERN DISTRICT OF CALIFORNIA
CASE NO: C 94 02332 CW
STATE OF CALIFORNIA, COUNTY OF SANTA CLARA
I am employed in the County of Santa Clara, State of California. I am over
the age of 18 and not a party to the within action. My business address is
200 Page Mill Road, Second Floor, Palo Alto, California 94306.
On July 25, 1994, I served the following documents:
MEMORANDUM OF POINTS AND AUTHORITIES IN SUPPORT OF
MOTION TO DISMISS UNDER Rule 12(b)(7)
to the following:
Liza X. Toth, Esq.
Jon Micha-lson, Esq.
Hopkins & Carley
150 klmaden Boulevard, 15th Fl.
San Jose, California 95113-2089
[X] BY MAIL
[ ] I deposited such envelope in the mail at Palo Alto, California. The
envelope was mailed with postage thereon fully prepaid.
[X] As follows: I am readily familiar with the firm's practice of
collection and processing correspondence for mailing. Under that practice
it would be deposited with the U.S. postal service on that same day with
postage thereon fully prepaid at Palo Alto, California in the ordinary
course of business. I am aware that on motion of the party served, service
is presumed invalid if postal cancellation date or postage meter date is
more than one day after date of deposit for mailing in affidavit. Executed
on July 25, 1994, at Palo Alto, California.
[X] STATE: I declare under penalty of perjury under the laws of the State
of California that the above is true and correct.
[ ] FEDERAL: I declare that I am employed in the office of a member of the
bar of this Court at whose direction the service was made.
Sharon L. Sotelo
-- End ---------------------------------------------------------------------
------- End Forwarded Message -------