Stupid Patent Of The Month: This Captcha Patent Is An All-American Nightmare
from the this-turing-test-outs-patent-trolls dept
A newly formed patent troll is looking for big money from small business websites, just for using free, off-the-shelf login verification tools.
Defenders of the American Dream, LLC (DAD ), is sending out its demand letters to websites that use Google’s reCAPTCHA system, accusing them of infringing U.S. Patent No. 8,621,578. Google’s reCAPTCHA is just one form of a Captcha test, which describes a wide array of test systems that websites use to verify human users and keep out bots.
DAD’s letter tells targeted companies that DAD will take an $8,500 payment, but only if “licensing terms are accepted immediately.” The threat escalates from there. If anyone dares to respond that DAD’s patent might be not infringed, or invalid, fees will rise to at least $17,000. If DAD’s patent gets subject to a legal challenge, DAD says they’ll increase their demand to at least $70,000. In the footnotes, DAD advises its targets that “not-for-profit entities are eligible for a discount.”
The DAD demand letters we have reviewed are nearly identical, with the same fee structure. They mirror the one filed by the company itself (with the fee structure redacted) as part of their trademark application. This demand letter campaign is a perfect example of how the U.S. patent system fails to advance software innovation. Instead, our system enables extortionate behavior like DAD’s exploding fee structure.
DAD Didn't Invent Image Captcha
DAD claims it invented a novel and patentable image-based Captcha system. But there’s ample evidence of image-based Captcha tests that predate DAD’s 2008 patent application.
The term “Captcha” was coined by a group of researchers at Carnegie Mellon University in 2000. It’s an acronym, indicating a “Completely Automated Public Turing test to tell Computers and Humans Apart.” Essentially, it blocks automated tools like bots from getting into websites. Such tests have been important since the earliest days of the Internet.
Early Captcha tests used squiggly lines or wavy text. The same group of CMU researchers who coined “Captcha” went on to work on an image-selection version they called ESP-PIX, which they had published and made public by 2005.
By 2007, Microsoft had developed its own image-categorization Captcha, which used photos from Petfinder.com, then asked users to identify cats and dogs. At the sime time, PayPal was working on new captchas that “might resemble simple image puzzles.” This was no secret—researchers from both companies spoke to the New York Times about their research, and Microsoft filed its own patent application, more than a year before DAD’s.
There’s also evidence of earlier image-based Captcha tests in the patent record, like this early 2008 application from a company called Binary Monkeys. Here's an image from the Binary Monkeys Patent:
And here's an image from DAD's patent:
So how did DAD end up with this patent? During patent prosecution, DAD’s predecessor argued that they had a novel invention because the Binary Monkeys application asks users to select “all images” associated with the task, as opposed to selecting “one image,” as in DAD’s test. The patent examiner suggested adding yet another limitation: that the user still be granted access to the website if they got one “known” image and one “suspected” image.
Unfortunately, adding trivial tweaks to existing technology, such as small details about the needed criteria for passing a Captcha test, can and often does result in a patent being granted. This was especially true back in 2008, before patent examiners should have applied guidance from the Supreme Court’s 2014 Alice v. CLS Bank decision. That’s why we have told the patent office to vigorously uphold Supreme Court guidelines, and have defended the Alice precedent in Congress.
Where did DAD come from?
DAD’s patent was originally filed by a Portland startup called Vidoop. In 2010, Vidoop and its patent applications were purchased by a San Diego investor who re-branded it as Confident Technologies. Confident Tech offered a “clickable, image-based CAPTCHA,” but ultimately didn’t make it as a business. In 2017 and 2018, Confident Tech sued Best Buy, Fandango Media, Live Nation, and AXS Group, claiming that the companies infringed its patent by using reCAPTCHA. Those cases all settled.
In 2020, Trevor Coddington, an attorney who worked on Confident Tech’s patent applications, created Defenders of the American Dream LLC. He transferred the patents to this new entity and started sending out demand letters.
They haven’t all gone to large companies, either. At least one of DAD’s targets has been a one-person online publishing company. Coddington’s letter complains about how Confident Tech failed in the marketplace and suggests that because of this, reCAPTCHA users should pay—well, him. The letter states:
[O]nce Google introduced its image-based reCAPTCHA for free, no less, [Confident Technologies] was unable to to maintain a financially viable business… Google’s efficient infringement forced CTI to abandon operations and any return on the millions of dollars of capital investment used to develop its patented solutions. Meanwhile, your company obtained and utilized the patented technology for free.”
Creating new and better Captcha software is an area of ongoing research and innovation. While the lawyers and investors behind DAD have turned to patent threats to make money, other developers are actively innovating and competing with reCAPTCHA. There are competing image-based Captchas like hCaptcha and visualCaptcha, as well as long lists of Captcha alternatives and companies that are trying to make Captchas obsolete.
These individuals and companies are all inventive, but they’re not relying on patent threats to make a buck. They’ve actually written code and shared it online. Unfortunately, because of their real contributions, they’re more likely to end up the victims of aggressive patent-holders like DAD.
We’ll never patent our way to a better Captcha. Looking at the history of the DAD patent—which shares no code at all—makes it clear why the patent system is such a bad fit for software.
Originally posted to the EFF Deeplinks Blog
Related documents:
- Defenders of the American Dream Patent Demand Letter
- Defenders of the American Dream Trademark Application w/ Demand Letter
- Answer & Counterclaims to Confident Tech patent lawsuit against Best Buy
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: captcha, innovation, patent trolls, patents, recaptcha, shakedown, stupid patent, threats, trevor coddington
Companies: confident technologies, dad llc, defenders of the american dream llc, vidoop
Reader Comments
Subscribe: RSS
View by: Time | Thread
Fixed that for you
CAPTCHAs tend to do a depressingly good job at keeping out human users, and when it fails, support is almost universally useless.
[ link to this | view in chronology ]
Re: Fixed that for you
Are you saying that I may not be a bot after all?
Because I've struggled and almost given up against captchas to access data sets that I've been expected to process in the course of my work. Both these image captchas and the obfuscated text recognition kind.
[ link to this | view in chronology ]
Re: Re: Fixed that for you
If you thought these were difficult, try an audio captcha. I don't think I've ever solved one of Recaptcha's, which I assume are there for the sole purpose of providing plausible deniability for accessibility lawsuits.
Apparently, the "easy" way to get around these is to set up a website, and have your users solve captchas that other websites asked you to solve.
[ link to this | view in chronology ]
I want you to fix this for me
There is, of course, an XKCD for that.
[ link to this | view in chronology ]
Re: I want you to fix this for me
This XKCD is probably more appropriate given the minefield that is US patents....
[ link to this | view in chronology ]
Re: Re: Fixed that for you
A particular (un)favorite of mine are text captchas using a font that doesn't distingush between things like uppercase I and lowercase L or the letter O and number 0.
[ link to this | view in chronology ]
Re: Re: Fixed that for you
Actually, you're the only real human. The rest of us are all bots. Always have been, always will be. Also, we have way more fun than you do. Just thought you might like to know.
[ link to this | view in chronology ]
Re: Fixed that for you
Relevant: https://reductress.com/post/wow-this-woman-found-out-she-was-a-robot-by-failing-a-captcha-11-times/
[ link to this | view in chronology ]
AND?
For all the ability of this nation,
NOT understanding how easy things are to program, is a BIG ONE.
Computer programs should not be Copy written.
Changing abit of code this or that way is very easy, insted of getting hte numbers or graphics one way there are Others.
Even at this point in time, games have so much Int. property, its as bad as most movies. Between audio, video, everything gets copyrighted, by more then 1 company.
[ link to this | view in chronology ]
A problem that shouldn't exist
'You're using a program/product offered/sold by someone else that we claim is infringing therefore you, not they, owe us money' is a tactic that should be widely known as utterly useless and grounds for legal sanctions for attempted extortion, yet here we are with a parasite using it for great profits.
If a company's offering is considered infringing then the only legal target for a demand like this should be that company, and if that means that the poor 'victim' claiming infringement has to go up against a juggernaut of a company rather than one unable to fight back then too damn bad.
[ link to this | view in chronology ]
Re: A problem that shouldn't exist
In reading the threat letter, the "lawyer" appears to be misreading the indemnification clause to justify suing the end user. He's basically saying "Google is violating the patent, but you're using it, and you agreed to indemnify them, so you're responsible."
I'm pretty sure indemnification doesn't work that way.
[ link to this | view in chronology ]
Re: Re: A problem that shouldn't exist
IANAL but I think indemnification works however a contract/waiver/agreement says it does. Perhaps you're thinking of patent exhaustion, which is built in (doesn't require a specific agreement between parties) and works in the direction you indicate. However I'm not sure that applies either.
"The doctrine of patent exhaustion holds that once a patent owner has sold a patented product for the first time, they no longer have control over it: the buyer can use, sell, license, or destroy it as they wish."
https://www.wipo.int/wipo_magazine/en/2017/04/article_0008.html
This case involves a patent troll who isn't making or selling a product at all. Their claim is not that someone bought their captcha product and then misused it somehow, but that they used someone else's product that was infringing. This type of claim should also be completely barred IMO but I don't know if it is.
[ link to this | view in chronology ]
Re: Re: Re: A problem that shouldn't exist
IANAL either but I've had some experience with contracts. Indemnification, as I've seen it used, works as follows: "We are providing you a service. If you do something illegal/unlawful with our service and we get sued for it, you agree to pay us back for our costs in dealing with your bad acts."
Thinking along those lines, If the end user was violating the patent while using Google's service, and Google got sued, the end user would be on the hook to reimburse Google. I would have no problem with this. But that's not what this lawyer is trying to claim. This lawyer is apparently trying to say that indemnification means the end user is on the hook for Google's violations, which doesn't make any sense.
[ link to this | view in chronology ]
Re: Re: Re: Re: A problem that shouldn't exist
That would make sense, but most indemnification clauses are much broader than that. Usually, one agrees to indemnify the company for anything connected with one's use of the service—regardless of legality or whether it was the user's fault. Courts will likely be reluctant to uphold this... but in theory, if a company is sued because they violate a patent in providing a service to me (for example), I'd be required to pay their legal fees and any judgements. Me alone, or me and other users jointly.
Still, I'm pretty sure third parties couldn't come after the indemnifying users directly. The indemnified party would have to be sued and then come after their users for costs.
[ link to this | view in chronology ]
In a world where robots are common, i will patent a CAPTCHA, but for not on the internet. It will also be a CAPTCHA, but with a different genre of stuff to discern.
Unfortunately, adding trivial tweaks to existing technology, such as small details about the needed criteria for passing a Captcha test, can and often does result in a patent being granted.*
And yet, who the hell uses this specific CAPTCHA requirement? Seems like any trolling claim should be invalidated right there.
While this is idiotic, i believe this troll has opened a can of worms they won't be able to chew. Hopefully one of the larger targets cleans this guy's clock before smaller parties can be seriously wounded.
[ link to this | view in chronology ]
How nice the troll gives a discount to non profits,
its like the taliban saying we only shoot people over the age of 14.
I think software patents are like nuclear weapon,s ,they are a tax on startups, and small companys ,eg they are a blight on humanity .
software is already protected by copyright on programs and software code.
hopefully some big company will challenge the patent in court as theres plenty of prior art.google should sue them as they are sueing companys for using standard google software
[ link to this | view in chronology ]
My general rule of thumb: encounter a CAPTCHA, leave the site and never return.
[ link to this | view in chronology ]
Re:
You... must enjoy a lot of spam filled sites in that case, because that's the primary purpose for captcha's, as an anti-bot measure.
[ link to this | view in chronology ]
Google reCAPTCHA should be banned
I don't enjoy spam-filled sites, but I despise captchas far more. The forums I read are patrolled by people who hunt down and eliminate spam, with the help of user reports. Yes, it may be more work for the admins than relying on a captcha, but it is vastly less frustrating for the users. Like grandparent, I treat the presence of a captcha as a "Visitors not welcome" sign, because my success rate on solving them is so close to 0% that it's far easier to live with a site that sometimes has spam visible for up to an hour than it is to get past the captcha. Usually, the captcha fails to load outright. On those rare cases where it loads, I'm lost in an endless maze of captchas that variably tell me I'm wrong when I'm not, challenge me again and again and again for no reason, or simply fail when I submit the answer. Nothing says quality work like getting back "Server error" when you send in your answer.
[ link to this | view in chronology ]
If Google wasn't evil, they would take up these cases, since they are the ones offering the Captcha.
[ link to this | view in chronology ]
Re:
Never mind evil or lack thereof Google should wade in and curb stomp this parasite anyway as if it becomes known that using their Captcha system is a good way to get sued that's likely to drive people far away from Google.
[ link to this | view in chronology ]
Re: Re:curb stomp this parasite
Google should wade in and curb stomp this parasite
And then use the paper copy of DEAD's patent to wipe the crud off the bottom of their boot.
[ link to this | view in chronology ]
Re:
I don't think Google can just decide to be a defendant in a case they're not involved in, even if they want to. They could help with the defense though.
[ link to this | view in chronology ]
DEAD
DEfenders of the American Dream. Must be some powerful peyote they're smoking first. Perhaps they can serve up images of the best toads to lick.
[ link to this | view in chronology ]
So, with these cases, let me ask a stupid question, why don't the companies simply claim patent exhaustion and ask that they be replaced with Google?
[ link to this | view in chronology ]
Let's play patent-troll bingo.
[ link to this | view in chronology ]
Got a letter from DAD
I got this letter and I cannot afford the stated fees. I'm a one-man operation.
Any advice on how to handle this?
[ link to this | view in chronology ]