DETAILED ACTION
This communication is responsive to the RCE amendment filed 11/09/2020.
Claims 1 and 15 have been amended.
Claims 17-20 have been previously canceled.
Claims 1-16 are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Claim Rejections - 35 USC § 112
The amendment to claim 1 has overcome the rejection of claims 1-15 under 35 U.S.C. § 112(b) as being indefinite.  As such, the rejection of claims 1-15 under 35 U.S.C. § 112(b) has been withdrawn.


Response to Arguments
Applicant Argument:
(A) On pages 6-7 of the Applicant’s arguments, see remarks, filed 11/09/2020, with respect to the rejection(s) of claim(s) 1-3, 6-14 and 15-16 under 35 U.S.C. § 103 have been fully considered and are persuasive.  Therefore, the rejection of claim(s) 1-3, 6-14 and 15-16 under 35 U.S.C. § 103 has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made under 35 U.S.C. 103 as being unpatentable over Ramer et al. (US Pub. 2011/0258049 A1) in view of Nagasundaram et al. (US Pat. 9,665,722 B2).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 9-10, 12 and 14-16… are rejected under 35 U.S.C. 103 as being unpatentable over Ramer et al. (US Pub. 2011/0258049 A1 filed 02/01/2011) in view of Nagasundaram et al. (US Pat. 9,665,722 B2 filed 08/12/2013).
As to claim 1, Ramer discloses:
“A data management system controllable by a user” (Ramer, fig. 1, par. 0110, a wireless search platform 100 for facilitating the access to and integration of multiple data sources and data types for presentation on a mobile communication facility 102) “comprising:
 a hardware interface for electronic coupling with one or more computer systems” (Ramer, fig. 1, par. 0110; mobile communication facility 102 may transmit this query to or via a wireless communication facility 104 for further processing and/or routing to data sources and/or processing facilities);
“a data retrieval module configured to access and retrieve data on a plurality of third-party electronic networks, the data retrieval module further configured to access and retrieve data from one or more electronic devices associated with the user, the data retrieved from the plurality of third-party electronic networks and the data retrieved from the one or more electronic devices associated with the user comprising the user's aggregated data” (Ramer, pars. 1989-1994; user profile exchange platform may be used to collect, receive, analyze, select, aggregate, share, sell, and deliver user profile data relating at least to users of mobile communication facilities, personal computers (and other non-cellular digital devices), set top entertaining facilities, i.e., cable, satellite, and/or broad band television, gaming consoles and data relating to a users' "offline," or non-internet based transactions, commercial behaviors and interactions, e.g., offline catalog purchases);
Ramer discloses wherein privacy facility 152 may include one or more facilities for protecting user privacy, i.e., an encryption facility for encrypting sensitive user data (Ramer, par. 0194).  

“an encryption module that applies encryption to the user's aggregated data such that an at least a subset of the user's aggregated data is available in response to a request  for data;
an encrypted database for storing encrypted user's aggregated data”
However, Nagasundaram discloses:
“an encryption module that applies encryption to the user's aggregated data such that an at least a subset of the user's aggregated data is available in response to a request  for data” (Nagasundaram, col. 4 lines 35-64, col. 5 lines 17-24 and col. 24 lines 22-26; encryption/tokenization data module may anonymize information by encrypting or tokenizing a user’s sensitive data by implementing a customizable rule-based anonymization of large amounts of data based on each particular customer's need and capabilities. For example, if a customer service representative is helping a customer by inspecting a prior purchase on their account for a return, the customer service representative may have no need for a large amount of data, i.e., the consumer’s social security number, personal account number, financial information, etc. on the consumer's database record).
A person of ordinary skill in the art prior to effective filing date the invention would have been motivated to combine the features of Ramer with Nagasundaram in order to anonymize a user’s sensitive or private information in order to transform information from an identity-rich state to an identity-free state, allow protection from unlawful use of consumer information or other private information, provide prevention from identification 
Nagasundaram further discloses:
“an encrypted database for storing encrypted user's aggregated data” (Nagasundaram, fig. 6, col. 21 line 64 – col. 22 line 1; a sensitive data record database 630, and a plurality of databases for storing the sensitive data records after various stages of anonymization processing 621-627).
A person of ordinary skill in the art prior to effective filing date the invention would have been motivated to combine the features of Ramer with Nagasundaram in order to provide an anonymization engine that provides data protection, access control, and privacy control for databases of information and communications while protecting private information from export outside of a secure environment, as well as for providing easily customizable anonymized data for a specific purpose of a requestor (Nagasundaram, col. 3 lines 45-53).
Ramer discloses:
“a data leveraging module configured to receive a request for data from a third-party electronic  network, the request for data comprising a Boolean-type request” (Ramer, pars. 1497, 1819, 1829 and 1831; monetization platform server 3802 accesses an enriched behavioral database 3912 populated with associations between aggregated user profile data that is derived from user behavioral data and third party data 3914 acquired from one or more third parties, i.e., public databases, subscription databases, and the like; backend data processing associated with the dynamic inventory explorer may include, constructing boolean queries from campaign targeting parameters) 
 and
“whereby the data leveraging module is configured to retrieve and selectively transmit to a third party electronic network according to criteria selected by the data derived from the encrypted user's aggregated data comprising data related to the user and retrieved by the user from:
a)	the plurality of third-party electronic networks; and 
b)	the data retrieved from the one or more electronic devices associated with the user, and whereby in response to the request for data, the data management system is configured to  transmit partially anonymized data to the third party electronic network according to the criteria selected by the user, whereby the partially anonymized data comprises a Boolean -type response (Ramer, pars.0132, 0194 and 1989-1994; user profile exchange platform may be used to collect, receive, analyze, select, aggregate, share, sell, and deliver user profile data relating at least to users of mobile communication facilities, e.g., mobile phone (see par. 0228), personal computers (and other non-cellular digital devices), set top entertaining facilities, cable devices, etc. and data relating to a users' "offline," or non-internet based transactions, commercial behaviors and interactions, e.g., offline catalog purchases; privacy facility 152 may also include a facility for protecting the user from undesired content, i.e., unwanted commercial email, spam, spyware, etc. wherein the privacy facility may suggest modified queries that are less likely to reveal a user's confidential information or that are less likely to return undesired content; search facility 142 may initiate a search, such as by causing a query that is based on Boolean search logic, categories of results, or any other known search facilities using any other known search algorithm)

As to claim 2, Ramer and Nagasundaram disclosed the invention of claim 1. Ramer further discloses:
“wherein the aggregated data is associated with personal information corresponding to a user” (Ramer, par. 1484 and 1497; Availability conditions 3818 associated with behavioral data may include restrictions on access to personal identification data, i.e., a name, address, mobile phone number, and the like… blinded data also may provide privacy to wireless mobile network subscribers so that the ad server 3804 can target individuals based on behavioral profile data but cannot access personal information obtained from aggregated user profile data).



“an outbound  data encryption module configured to encrypt a set of data transmitted from the data management system to the third-party electronic network.”
However, Nagasundaram discloses:
“an outbound  data encryption module configured to encrypt a set of data transmitted from the data management system to the third-party electronic network” (Nagasundaram, col. 5 lines 17-24 and col. 24 lines 30-31; encryption/tokenization data module may anonymize information by encrypting or tokenizing sensitive data; a merchant with a specific and/or narrow purpose, e.g., aggregation of online purchase details of a particular product for marketing purposes, for the anonymized data may have received anonymized information that has all unnecessary information removed, sensitive data masked, data separated into various data groupings, and data de-contexted to ensure the highest level of anonymization).
A person of ordinary skill in the art prior to effective filing date the invention would have been motivated to combine the features of Ramer with Nagasundaram in order to provide an anonymization engine that provides data protection, access control, and privacy control for databases of information and communications while protecting private information from export outside of a secure environment, as well as for providing easily customizable 

As to claim 10, Ramer and Nagasundaram disclosed the invention of claim 1.  Ramer further discloses:
“a data  leveraging module configured to receive a request for data from the third-party electronic network” (Ramer, pars. 1497, 1819, 1829 and 1831; monetization platform server 3802 accesses an enriched behavioral database 3912 populated with associations between aggregated user profile data that is derived from user behavioral data and third party data 3914 acquired from one or more third parties, i.e., public databases, subscription databases, and the like).

As to claim 12, Ramer and Nagasundaram disclosed the invention of claim 10.  Ramer further discloses:
“wherein the request for data is a Boolean-type request” (Ramer, pars. 1497, 1819, 1829 and 1831; monetization platform server 3802 accesses an enriched behavioral database 3912 populated with associations between aggregated user profile data that is derived from user behavioral data and third party data 3914 acquired from one or more third parties, i.e., public databases, subscription databases, and the like; backend data processing associated with the dynamic inventory explorer may include, constructing boolean queries from campaign targeting parameters).

  Ramer does not explicitly disclose:
“wherein encryption applied to the data by the encryption module comprises at least one of aggregating and compiling the data.”
However, Nagasundaram discloses:
“wherein encryption applied to the data by the encryption module comprises at least one of aggregating and compiling the data” (Nagasundaram, col. 5 lines 17-24 and col. 24 lines 30-31; encryption/tokenization data module may anonymize information by encrypting or tokenizing sensitive data; a merchant with a specific and/or narrow purpose, e.g., aggregation of online purchase details of a particular product for marketing purposes, for the anonymized data may have received anonymized information that has all unnecessary information removed, sensitive data masked, data separated into various data groupings, and data de-contexted to ensure the highest level of anonymization).
A person of ordinary skill in the art prior to effective filing date the invention would have been motivated to combine the features of Ramer with Nagasundaram in order to provide an anonymization engine that provides data protection, access control, and privacy control for databases of information and communications while protecting private information from export outside of a secure environment, as well as for providing easily customizable anonymized data for a specific purpose of a requestor (Nagasundaram, col. 3 lines 45-53).


As to claim 16, claim 16 represents a method that is substantively similar in scope to the system of claim 2.  Claim 16 is therefore rejected for the same reason outlined in the rejection of claim 2 above.

Claims 3, 6-8, 11 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Ramer in view of Nagasundaram in further view of Stack et al. (US Pub. 2011/0060905 A1 filed 05/11/2010).
As to claim 3, Ramer and Nagasundaram disclosed the invention of claim 1.  Ramer does not explicitly disclose:
“a local data module configured to access data on an electronic device.”
However, Stack discloses:
“a local data module configured to access data on an electronic device” (Stack, figs. 1 – 6, par. 0031 and 0067; MDA’s access to remote and local data stores).
A person of ordinary skill in the art prior to effective filing date the invention would have been motivated to combine the features of Ramer and Nagasundaram with Stack in order to encrypt a user’s aggregated data obtained from a plurality of information sources so that any personally identifiable data of a user will not be shared with third 

As to claim 6, Ramer and Nagasundaram disclosed the inventon of claim 1.  Ramer does not explicitly disclose:
“a data deletion module configured to access data on an electronic device.”
However, Stack discloses:
“a data deletion module configured to access data on an electronic device” (Stack, par. 0029; Once the BIDs are derived, the encryption process then purges the uploaded names, postal addresses, and other PII data).
A person of ordinary skill in the art prior to effective filing date the invention would have been motivated to combine the features of Ramer and Nagasundaram with Stack in order to provide a mechanism to purge a user’s personally identifiable information maintained by a third party, thereby protecting the user from further exposure of the aggregated user information once the third party ends a particular business inquiry (Stack, par. 0029).
.
As to claim 7, Ramer, Nagasundaram and Stack disclosed the invention of claim 6.  Ramer does not explicitly disclose:
“wherein the data deletion module  is configured to delete data on the electronic device.”
However, Stack discloses:
(Stack, par. 0029).
A person of ordinary skill in the art prior to effective filing date the invention would have been motivated to combine the features of Ramer and Nagasundaram with Stack in order to provide a mechanism to purge a user’s personally identifiable information maintained by a third party, thereby protecting the user from further exposure of the aggregated user information once the third party ends a particular business inquiry (Stack, par. 0029).

As to claim 8, Ramer and Nagasundaram disclosed the invention of claim 1.  Ramer does not explicitly disclose:
“a data filter module configured to filter a stream of data transmitted through the data management system.”
However, Stack discloses:
“a data filter module configured to filter a stream of data transmitted through the data management system” (Stack, par. 0042; matching process may apply criteria to narrow match results by filtering the results through segment matching).
A person of ordinary skill in the art prior to effective filing date the invention would have been motivated to combine the features of Ramer and Nagasundaram with Stack in order to apply data filters to aggregated user information thereby limiting any inquiries to targeted business purposes only (Stack, par. 0042).


“a data access module configured to retrieve the at least partially-anonymized subset of the data from the encrypted database in response to the request for data.”
However, Stack discloses:
“a data access module configured to retrieve the at least partially-anonymized subset of the data from the encrypted database in response to the request for data” (Stack, par. 0031; After the encryption processing, e.g., has completed, the MDA 108 stores records that include BIDs and the advertiser appended custom segment data and/or generic segment data appended by the MDA).
A person of ordinary skill in the art prior to effective filing date the invention would have been motivated to combine the features of Ramer and Nagasundaram with Stack in order to receive requests for user data from third party entities authorized to obtain user data for business purposes (Stack, par. 0067)

As to claim 13, Ramer, Nagasundaram and Stack disclosed the invention of claim 11.  Ramer further discloses:
“wherein the data leveraging module is configured to transmit the at least partially-anonymized subset of the data in response to the request for data” (Ramer, fig. 40B, pars. 1484, 1497 and1529; a request 4004 from a publisher 4002 may be received by a monetization platform server 3802, and a plurality of content inventories 4010 may be searched for a content 4024 that is relevant to the request and databases containing behavioral data 4040 (data blinded to protect the privacy of wireless network subscribers), demographic data 4042, and geographic data 4044 relating to users of mobile communication facilities associated with the monetization platform server 3802; once the monetization platform server 3802 receives the relevant content 4024, the relevant content 4024 may be transmitted to the publisher 4002 originating the request).

Claims 4-5 are rejected under 35 U.S.C. 103 as being unpatentable over 
Ramer in view of Nagasundaram in further view of Sharma et al. (US Pub. 2013/0111545 A1 filed 11/02/2011)
As to claim 4, Ramer and Nagasundaram disclosed the invention of claim 1.  Ramer does not explicitly disclose:
“a privacy module configured to access privacy settings on the third-party electronic network.”
However, Sharma discloses:
“a privacy module configured to access privacy settings on the third-party electronic network” (Sharma, fig. 1, par. 0022; a privacy management system 100 having a privacy manager 102 configured to retrieve and update subscriber data 103 stored at a service provider database 104).
A person of ordinary skill in the art prior to effective filing date the invention would have been motivated to combine the features of Ramer and 

As to claim 5, Ramer and Nagasundaram disclosed the invention of claim 4.  Ramer does not explicitly disclose:
“wherein the privacy module is configured to change privacy settings on the third-party electronic network.”
However, Sharma discloses:
“wherein the privacy module is configured to change privacy settings on the third-party electronic network” (Sharma, par. 0034 and 0037 - 0038; various rule types (i.e., for consent flow of data) configured and enforced at runtime may involve layered privacy consent to provide resolution for conflicting consent states (i.e., changing Allowed state to Blocked) depending on the state of the next layer privacy rule). 
A person of ordinary skill in the art prior to effective filing date the invention would have been motivated to combine the features of Ramer and Nagasundaram, with Sharma to provide access to third-party network applications according to a user’s privacy preferences, while also providing the ability to dynamically change privacy rules in the event of a conflicting set . 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Kohan et al. (US Pat. 8,275,850 B2) discloses systems and processes for assembling de-identified patient healthcare data records in a longitudinal database implementation using multiple data suppliers and common database facilities while ensuring patient privacy; stored patient-identifying attributes in the data records are placed in standard format and then doubly encrypted using a pair of encryption keys before transmission to a common database facility. Encrypted data records are assigned dummy labels or tags by which the data records can be longitudinally linked in the database.
King (US Pat. 8,364,969 B2) discloses methods and apparatus used to protect personal information by decoupling it from user identity by associating each user with an anonymous token that is decoupled from the user's identity. User’s personal information (e.g., a user's physical or geographic location) is stored in association with this anonymous token, with no apparent connection to the user. Authorized persons are allowed to access the personal information through a variety of mechanisms to connect the anonymous token back to the owner.
Kalaboukis et al. (US Pat. 8,914,342 B2) discloses systems and methods for data policy management of a user, wherein the data management policies for a user associated with a context and an identifier of the user and the user’s personal data, 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to /FELICIANO S MEJIA/ whose telephone number is (571)270-5994.  The examiner can normally be reached on 8:30am - 5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/FELICIANO S. MEJIA/
Examiner
Art Unit 2492




/SALEH NAJJAR/Supervisory Patent Examiner, Art Unit 2492