Saturday, 2 July 2011

T 1244/07 – One Click Clipped

This decision deals with the refusal of a divisional application from Amazon’s (in)famous “1-click” application for lack of inventive step. The crucial document is D1, “Implementing a Web Shopping Cart” an article by Baron C. et al in Dr. Dobb’s Journal of September 1996.

Claim 1 of the main request before the Board read:
A method for ordering an item using a client system, the method comprising:
  • receiving from a server system a client identifier of the client system when the client system first interacts with a server system;
  • persistently storing the client identifier at the client system, wherein the client identifier is from then on included in messages sent from the client system to the server system and retrieved by the server system each time a message with an identifier is received from the client system by the server system;
  • storing at the server system for that client and other clients a customer table containing a mapping from each client identifier identifying a client system to a purchaser last associated to said client system;
  • storing at the server system customer information for various purchasers or potential purchasers, said customer information containing purchaser-specific order information, including sensitive information related to the purchaser;
  • connecting at a later point in time, when a purchase is intended, the client system to the server system, comprising the steps of:
  • sending from the client system a request for information describing an item to be ordered along with the client identifier;
  • determining at the server system whether single-action ordering is enabled for that purchaser at the client system;
  • if enabled sending from the server system the requested information to the client system along with an indication to perform a single action to place the order for the item;
  • displaying at the client system information identifying the item and displaying an indication of a single action that is to be performed to order the identified item,
  • performing at the client system that single action and in response to that indicated single action being performed, sending to a server a single action order to order the identified item and automatically sending the client identifier whereby a purchaser does not input identification information when ordering the item, and
  • completing at the server system the order by adding the purchaser-specific order information including said sensitive information that is mapped to the client identifier received from the client system.
The Board essentially confirmed the finding of the Examining Division (ED).

[14] The Board therefore considers that the subject-matter of claim 1 differs from D1 in that the purchaser’s identification information is not inputted when ordering the item, but looked up in the customer table using the client identifier received from the client and that the “single action” indication is only sent if it is “enabled”.

[15] These features can be seen to solve the two above-mentioned problems in the application and stressed by the [applicant], namely to reduce the number of user interactions involved in selecting items, which makes e-commerce easier, faster and more comfortable, and also to reduce the amount of sensitive information sent over the Internet, which may be intercepted.

In the Board’s view the skilled person would have tried to solve these problems because they are both explicitly mentioned in the comment referred to by the ED in “Listing One” […] of D1:

This essentially refutes the [applicant]’s argument that the idea of the invention went against the thinking at that time about internet security because it dispensed with the need for the purchaser to identify or authenticate himself. Although the idea behind the invention might not have been commonly known, the programmer in D1 had in fact already realised that it actually increased security.

[16] In order to read the sensitive data from the database, one would need a key that identifies the purchaser in question. In the Board’s view it would be self-evident to use the user identifier or cookie already available in D1 to do this. The Board thus considers that the skilled person would have been led to modify the third embodiment of D1 to dispense with the need to input this data for every order and arrive at the situation described by the ED […]. Thus, a user using a client would be presented after some interactions with a check-out page like the one in Figure 4, where the details that can be found in the database (name, shipping address, card type, number and expiration date) would be omitted, and would be given an indication in the form of a “Submit Order” button, which is an indication of a single action to order the contents of the shopping cart, i.e. the claimed single action to order an item.

[17] Moreover, it was known, e.g. from D3, at the priority date to use cookies to keep track of purchaser-specific data. The [applicant] argued that in D3 the purpose of using a persistent cookie to store registration information so that a user did not have to enter a login and password each time they visited a site was different from the invention. The website, e.g. the New York Times cited on page 2 of D3, gave the user a cookie in return for information about himself. The cookie did not identify the user for the purposes of purchasing, but rather as an “entrance ticket” to the site. This was analogous to an entrance ticket for a football match where one had to be identified, but no one was actually interested in using the ticket to look up data relating to the ticket holder.

This might be true of the examples on page 2, such as the New York Times, but in the Board’s view, D3 discloses more than this. Specifically, at page 5, third paragraph, D3 states

In most all cases Web sites store minimal information in the persistent cookie on the user’s system but use the cookie as an index into the database where more details are stored.

In other words, it appears that in most cases there is in fact an interest in looking up data about the ticket holder.

In view of the indexing function of cookies, the skilled person would have realised that any sensitive data traditionally requiring a login could be accessed by cookies. The obvious trade-off between the two processes, namely security vs. simplicity, cannot establish an inventive technical contribution.

[18] Concerning enabling the single action, the Board first notes that this feature is so broad that it covers the situation, described in the application at paragraph 17, that if there is not enough information about the purchaser available to perform a single-action order, it is simply not possible to offer single-action ordering and it is therefore by definition not enabled. The claim thus covers a statement of the self-evident.

In appeal, the [applicant] argued that the feature was a broader part of the whole invention and was connected to the security of the system. In particular, the single-action order possibility meant that items could be purchased inadvertently so that it was apparently a necessary feature to mitigate some purchasers’ apprehension about the lack of security inherent in such a single-action possibility. However, this merely shifts the responsibility for the security to the purchaser who judges whether the single-action ordering should be enabled or not. The decision not to enable it might depend on whether the purchaser’s computer is used by other people who should not be allowed to order items on the computer owner’s account.

Such a decision relates to forms of human behaviour and thinking that fall under mental acts, which are excluded from patentability. According to the jurisprudence of the EPO (see e.g. G 3/08 [10.13.2]) these cannot contribute to inventive step. Its implementation by means of a determination and a conditional sending step are clearly routine matters of design and also cannot contribute.

[19] The [applicant] argued that it was important to avoid using hindsight when judging the inventive step. By the time of this appeal, the present invention was so well known and used that it was easy to think that it was “trivial”. This was also pointed out [in] the Campbell article (“Not All Bad: An Historical Perspective on Software Patents”, Campbell-Kelly M., 11 Mich. Telecomm. Tech. L. Rev. 191, 2005, pages 191 to 248) submitted by the applicant during the examination proceedings.

The Board agrees that there is generally room for argument when asserting what the skilled person would do as a matter of routine design in certain cases. However, the scope for discussion is substantially reduced in this case in the light of the above-mentioned comment in “Listing One” in D1 that gives such a decisive indication of the programmer’s thinking, especially considering the remaining supporting disclosure relating to cookie technology.

[20] Finally, the Board notes that a long felt want is often an indicator of inventiveness, usually overshadowing aspects of commercial success. However, in the present case, according to D1 at the top of page 68 cookies were first proposed in 1996 shortly before the invention was made. Thus the invention was not a situation of a long felt want, but more an immediate application of this new programming feature as soon as it had become available in that field. In the Board’s view, this outweighs the fact that the invention was subsequently very successful.

[21] Even if claim 1 can be distinguished or seen to be distinguished over D1 by the lack of an intermediate page in the purchasing process, this difference would concern omitting confirmation steps in an ordering process. Quite apart from the question of whether omitting steps would be obvious in the light of the general desire to simplify computer interactions, the Board considers that such steps relate to a method of doing business and, moreover, optional ones depending on the user’s preferences. Again, such steps cannot contribute to inventive step.

[22] Thus, in the Board’s view, the subject-matter of claim 1 would have been obvious to a skilled person (A 56 EPC 1973).

Should you wish to download the whole decision, just click here.

The file wrapper can be found here.

This decision has also been commented on Visae Patentes long ago, and (today) on Le blog du droit européen des brevets.