DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement filed August 16, 2019 has been placed in the application file and the information referred to therein has been considered as to the merits.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

s 1, 11-12, 16-17 and 19-20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by US 20190140844 granted to Brown et al.
Regarding claim 1, Brown meets the claimed limitations as follows:
“A method comprising:
maintaining, by an escrow system, encrypted identity data associated with a user, the encrypted identity data representative of a digital identity of the user;
receiving, by the escrow system, an access request from a service provider system for the service provider system to have access to the digital identity of the user when the user attempts to access a service provided by the service provider system;
transmitting, by the escrow system in response to the access request, an authorization request to a computing device associated with the user, the authorization request prompting the user to authorize sharing of the digital identity with the service provider system; 
receiving, by the escrow system from the computing device associated with the user, authorization data indicating that the user authorizes sharing of the digital identity with the service provider system; 
and providing, by the escrow system in response to receiving the authorization data from the computing device associated with the user, the service provider system with access to the digital identity.” see paragraphs [0147]-[0152]; [0167]-[0176]; [0178]-[0190] and Figures 1, 3, 4, 7 and 11.

The examiner is taking the position that the following elements are the claimed escrow system (elements 108, 1108), service provider (106, 1106) and user (104, 1104). 


Regarding claim 11, Brown meets the claimed limitations as follows:
“The method of claim 1, embodied as computer-executable instructions on at least one non-transitory computer-readable medium.” see paragraph [0258].
Regarding claim 12, Brown meets the claimed limitations as follows:
“A method comprising:
receiving, by a service provider system, a service request from a user, the service request requesting access by the user to a service provided by the service provider system;
transmitting, by the service provider system in response to the service request, an access request to an escrow system that maintains encrypted identity data representative of a digital identity of the user, the access request requesting access by the service provider system to the digital identity of the user; and
receiving, by the service provider system based on the access request, data that facilitates access to the digital identity of the user.” see paragraphs [0199]-[0207] and Figures 1, 3, 6, 7 and 11.

The examiner is taking the position that the following elements are the claimed escrow system (elements 108, 1108), service provider (106, 1106) and user (104, 1104). 

Regarding claim 16, Brown meets the claimed limitations as follows:

Regarding claim 17, Brown meets the claimed limitations as follows:
“A method comprising:
transmitting, by an application executed by a computing device associated with a user, a service request to a service provider system, the service request requesting access by the user to a service provided by the service provider system;
receiving, by the application executed by the computing device and based on the service request, an authorization request from an escrow system separate from the service provider system and that maintains encrypted identity data representative of a digital identity of the user, the authorization request prompting the user to authorize sharing of the digital identity of the user with the service provider system;
transmitting, by the application executed by the computing device and in response to input provided by the user, authorization data to the escrow system, the authorization data indicating that the user authorizes sharing of the digital identity with the service provider system; and
receiving, by the application executed by the computing device and based on the authorization data, access to the service.” see paragraphs [0191]-[0204]; and Figures 1, 3, 5, 7 and 11.

The examiner is taking the position that the following elements are the claimed escrow system (elements 108, 1108), service provider (106, 1106) and user (104, 1104). 


Regarding claim 19, Brown meets the claimed limitations as follows:
“The method of claim 17, embodied as computer-executable instructions on at least one non-transitory computer-readable medium.” see paragraph [0258].

Claim 20 is a system claim that is substantially equivalent to method claim 1. Therefore, claim 20 is rejected by a similar rationale.

Allowable Subject Matter
Claims 2-10, 13-15 and 18 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter:  
With respect to claim 2, the cited prior art fails to specifically teach the method of claim 1, wherein the providing of the service provider system with access to the digital identity comprises transmitting the encrypted identity data and a public key corresponding to the service provider system to the computing device, wherein the computing device is configured to decrypt the encrypted identity data with a private key corresponding to the user, re-encrypt the decrypted identity data with the public key corresponding to the service provider system, and transmit the re-encrypted identity data to the service provider system.

With respect to claim 4, the cited prior art fails to specifically teach the method of claim 3, wherein a split key maintained by the service provider system and a third-party entity is required to decrypt the reencrypted identity data.
With respect to claim 5, the cited prior art fails to specifically teach the method of claim 1, wherein the providing of the service provider system with access to the digital identity comprises transmitting, to the service provider system, metadata indicating that the digital identity is available for access on demand by the service provider system.
With respect to claim 6, the cited prior art fails to specifically teach the method of claim 5, wherein the metadata includes data configured to facilitate future access to the digital identity by an operator of the service provider system.
With respect to claim 7, the cited prior art fails to specifically teach the method of claim 5, further comprising: receiving, by the escrow system from the service provider system subsequent to the transmitting of the metadata to the service provider system, a request for the escrow system to transmit data representative of the digital identity to the service provider system; decrypting, by the escrow system in response to the request for the service provider system to transmit the data representative of the digital identity to the service provider system, the encrypted identity data; re-encrypting, by the escrow system, the decrypted identity data with a public key corresponding to the 
With respect to claim 8, the cited prior art fails to specifically teach the method of claim 1, further comprising: transmitting, by the escrow system in response to receiving the authorization data from the computing device associated with the user, metadata associated with the encrypted identity data; wherein the metadata includes information representative of at least one of a description of one or more attributes of the digital identity represented by the encrypted identity data, a digital signature indicating that the digital identity represented by the encrypted identity data has been verified by a validator, and an access control rule that specifies one or more access parameters associated with the digital identity.
With respect to claim 9, the cited prior art fails to specifically teach the method of claim 1, wherein: the digital identity represented by the encrypted identity data comprises a plurality of attributes; the access request comprises a request to have access to an attribute subset included in the plurality of attributes, a total number of attributes included in the attribute set being less than a total number of attributes included in the plurality of attributes; and the providing of the service provider with access to the digital identity comprises providing the service provider system with access to the attribute subset; and abstaining from providing the service provider system with access to attributes included in the plurality of attributes but not included in the attribute subset.
With respect to claim 10, the cited prior art fails to specifically teach the method of claim 1, wherein the transmitting of the authorization request to the computing device 
With respect to claim 13, the cited prior art fails to specifically teach the method of claim 12, wherein: the receiving of the data that facilitates access to the digital identity of the user comprises receiving a version of the identity data that has been decrypted and then re-encrypted with a public key corresponding to the service provider system; and the method further comprises decrypting, by the service provider system, the re-encrypted identity data using a private key corresponding to the service provider system.
With respect to claim 14, the cited prior art fails to specifically teach the method of claim 13, wherein: the decrypting and re-encrypting of the identity data is performed by the escrow system; and the receiving of the re-encrypted identity data comprises receiving the reencrypted identity data from the escrow system by way of a network.
With respect to claim 15, the cited prior art fails to specifically teach the method of claim 13, wherein: the decrypting and re-encrypting of the identity data is performed by a computing device associated with the user; and the receiving of the re-encrypted identity data comprises receiving the reencrypted identity data from the computing device by way of a network.
With respect to claim 18, the cited prior art fails to specifically teach the method of claim 17, wherein the receiving of the access to the service comprises: receiving, from the escrow system, the encrypted identity data and a public key corresponding to the service provider system; decrypting the encrypted identity data with a private key corresponding to the user; re-encrypting the decrypted identity data with the public key .

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MATTHEW B SMITHERS whose telephone number is (571)272-3876.  The examiner can normally be reached on 8:00-4:00 (Teleworking).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 571-272-4063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access 


/MATTHEW SMITHERS/
Primary Examiner
Art Unit 2437