DETAILED ACTION
This action is in response to amendment filed on 8/6/20. Claims 1-24 are pending examination.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


	Claims 1-24 are rejected under 35 U.S.C. 103 (a) as being unpatentable over Ross et al (US 8468057) using its publication (US 20050165639) in view of Prakash et al (US 20140090091).
Regarding claim 1, Ross et al disclose a device for secure vehicular data management, comprising: 
communication circuitry to communicate with at least a vehicular control architecture for controlling operation of a vehicle (paragraph 16, lines 1-8 and Fig. 1, #120) but does not explicitly disclose a user interface to configure privacy settings. However, Prakash et al disclose the limitation, at least see paragraph 23, lines 1-9. It would have been obvious to modify the teaching of Ross et al to include a user interface to configure privacy settings to set the privacy information of user or driver to protect data; 
trusted execution environment including a secure workspace in which only known-good programs execute, the known-good programs having privacy enforcement circuitry to: receive operational data from the vehicular control architecture via the communication circuitry (paragraph 57, lines 6-10); and 
but does not explicitly disclose generate filtered data by filtering the operational data based on privacy settings. However, Prakash et al disclose the limitation, at least see paragraph 27, lines 1-12. It would have been obvious to modify the teaching of Ross et al to include generate filtered data by filtering the operational data based on privacy settings to receive data based user/driver settings. 

Regarding claim 2, Ross et al disclose the limitations indicated above and further disclose wherein the device is integrated within the vehicular control architecture (paragraph 16, lines 1-8).
Regarding claim 3, Ross et al disclose the limitations indicated above and further disclose wherein, upon the user interface identifying a driver of the vehicle (paragraph 16, lines 1-8 and Fig. 1, #120), but does not explicitly disclose the trusted execution environment is to store at least driver biometric identification data received via the vehicular control architecture. However, Prakash et al disclose the limitation, at least see paragraph 492, lines 1-11. It would have been obvious to modify the teaching of Ross et al to include biometric identification data received via the vehicular control architecture to raise the level of security on user data.
Regarding claim 4, Ross et al disclose the limitations indicated above and further disclose wherein the operational data comprises at least the driver biometric identification data (paragraph 16, lines 1-8 and Fig. 1, #120) and vehicle location tracking data (paragraph 2, line 5-7), but does not explicitly disclose the vehicle event tracking data. However, Prakash et al disclose the limitation, at least see paragraph 727, lines 10-20. It would have been obvious to modify the teaching of Ross et al to include vehicle event tracking data to be able to locate the vehicle.
Regarding claim 5, Ross et al disclose the limitations indicated above and further disclose wherein in generating filtered data the privacy enforcement circuitry is to remove at least a portion of the operational data from the filtered data based on the privacy settings (vehicle communication bus, Fig. 
Regarding claim 6, Ross et al disclose the limitations indicated above and further disclose wherein in generating filtered data the privacy enforcement circuitry (paragraph 17, lines 7-9 and vehicle communication bus, Fig. 1-112), to at least one of replace the at least a portion of the operational data with coded data or to alter at least a portion of the operational data (paragraph 8, lines 1-9).
Regarding claim 7, Ross et al disclose the limitations indicated above and further disclose wherein the vehicular control architecture comprises a plurality of controllers for controlling different areas of vehicular operation, at least one controller providing the user interface (paragraph 3, lines 1-10).
Regarding claim 8, Ross et al disclose the limitations indicated above and further disclose wherein a requirement for operation received from at the least one data consumer causes the communication circuitry to transmit the operational data to the at least one data consumer (paragraph 46, lines 1-13 and Fig. 3, 360).
Regarding claim 9, Ross et al disclose a method for secure vehicular data management, comprising:
a vehicular control architecture for controlling operation of the vehicle (paragraph 16, lines 1-8 and Fig. 1, #120) but does not explicitly disclose configuring privacy settings in a user interface. However, Prakash et al disclose the limitation, at least see paragraph 23, lines 1-9. It would have been obvious to modify the teaching of Ross et al to include a configuring privacy settings in a user interface to set the privacy information of user or driver to protect data; 
receiving operational data from the vehicular control architecture (paragraph 16, lines 1-8 and Fig. 1, #120);

But does not explicitly disclose generating filtered data by filtering the operational data based on the privacy settings, wherein the filtered data is generated by privacy enforcement circuitry and causing the filtered data to be transmitted by communication circuitry in the device to at least one data consumer remotely situated from the device.  However, Prakash et al disclose the limitation, at least see paragraph 27, lines 1-12. It would have been obvious to modify the teaching of Ross et al to include generating filtered data by filtering the operational data based on privacy settings, the filtered data being generated by a privacy enforcement module and causing the filtered data to be transmitted by communication circuitry in the device to at least one data consumer remotely situated from the device to limit transmitted data information based on the user preference.  
Regarding claim 10, Ross et al disclose the limitations indicated above and further disclose wherein the device is integrated within the vehicular control architecture (paragraph 16, lines 1-8).
Regarding claim 11, Ross et al disclose the limitations indicated above and further disclose further comprising, upon the user interface identifying a driver of the vehicle (paragraph 16, lines 1-8 and Fig. 1, #120), but does not explicitly disclose storing, with the trusted execution environment, at least driver biometric identification data received via the vehicular control architecture. However, Prakash et al disclose the limitation, at least see paragraph 492, lines 1-11. It would have been obvious to modify the teaching of Ross et al to include biometric identification data received via the vehicular control architecture to raise the level of security on user data.
Regarding claim 12, Ross et al disclose the limitations indicated above and further disclose wherein the operational data comprises at least the driver biometric identification data (paragraph 16, 
Regarding claim 13, Ross et al disclose the limitations indicated above and further disclose wherein generating filtered data comprises (vehicle communication bus, Fig. #112), but does not explicitly disclose removing, with the privacy enforcement circuitry, at least a portion of the operational data from the filtered data based on the privacy settings. However, Prakash et al disclose the limitation, at least see paragraph 667, lines 1-4. It would have been obvious to modify the teaching of Ross et al to include removing the operational data from the filtered data to provide the user full control over the user interface.
Regarding claim 14, Ross et al disclose the limitations indicated above and further disclose wherein generating filtered data (paragraph 17, lines 7-9 and vehicle communication bus, Fig. 1-112), at least one of comprises at least one of replacing, with the privacy enforcement circuitry, a portion of the operational data with coded data or altering the at least a portion of the operational data (paragraph 8, lines 1-9).
Regarding claim 15, Ross et al disclose the limitations indicated above and further disclose wherein the vehicular control architecture comprises a plurality of controllers for controlling different areas of vehicular operation, at least one controller providing the user interface (paragraph 3, lines 1-10).
Regarding claim 16, Ross et al disclose the limitations indicated above and further disclose further comprising causing the communication circuitry to transmit the operational data to the at least one data consumer based on a requirement for operation received from at the least one data consumer. (paragraph 46, lines 1-13 and Fig. 3, 360).

a vehicular control architecture for controlling operation of the vehicle (paragraph 16, lines 1-8 and Fig. 1, #120) but does not explicitly disclose configuring privacy settings in a user interface. However, Prakash et al disclose the limitation, at least see paragraph 23, lines 1-9. It would have been obvious to modify the teaching of Ross et al to include a configuring privacy settings in a user interface to set the privacy information of user or driver to protect data; 
receive operational data from the vehicular control architecture (paragraph 16, lines 1-8 and Fig. 1, #120); 
generate filtered data by filtering the operational data based on the privacy settings, wherein the filtered data is generated by privacy enforcement circuitry included in a trusted execution environment in the device, the trusted execution environment including a secure workspace in which only known-good programs execute (paragraph 17, lines 1-9).
But does not explicitly disclose generate filtered data by filtering the operational data based on the privacy settings, wherein the filtered data is generated by privacy enforcement circuitry and causing the filtered data to be transmitted by communication circuitry in the device to at least one data consumer remotely situated from the device.  However, Prakash et al disclose the limitation, at least see paragraph 27, lines 1-12. It would have been obvious to modify the teaching of Ross et al to include generating filtered data by filtering the operational data based on privacy settings, the filtered data being generated by a privacy enforcement module and causing the filtered data to be transmitted by communication circuitry in the device to at least one data consumer remotely situated from the device to limit transmitted data information based on the user preference.  

Regarding claim 19, Ross et al disclose the limitations indicated above and further disclose further comprising instructions to, upon the user interface identifying a driver of the vehicle (paragraph 16, lines 1-8 and Fig. 1, #120), but does not explicitly disclose store, with the trusted execution environment, at least driver biometric identification data received via the vehicular control architecture. However, Prakash et al disclose the limitation, at least see paragraph 492, lines 1-11. It would have been obvious to modify the teaching of Ross et al to include biometric identification data received via the vehicular control architecture to raise the level of security on user data.
Regarding claim 20, Ross et al disclose the limitations indicated above and further disclose wherein the operational data comprises at least the driver biometric identification data (paragraph 16, lines 1-8 and Fig. 1, #120) and vehicle location tracking data (paragraph 2, line 5-7), but does not explicitly disclose the vehicle event tracking data. However, Prakash et al disclose the limitation, at least see paragraph 727, lines 10-20. It would have been obvious to modify the teaching of Ross et al to include vehicle event tracking data to be able to locate the vehicle.
Regarding claim 21, Ross et al disclose the limitations indicated above and further disclose wherein the instructions to generate filtered data (vehicle communication bus, Fig. #112), but does not explicitly disclose comprise instructions to remove, with the privacy enforcement circuitry, at least a portion of the operational data from the filtered data based on the privacy settings. However, Prakash et al disclose the limitation, at least see paragraph 667, lines 1-4. It would have been obvious to modify the teaching of Ross et al to include removing the operational data from the filtered data to provide the user full control over the user interface.
Regarding claim 22, Ross et al disclose the limitations indicated above and further disclose wherein the instructions to generate filtered data (paragraph 17, lines 7-9 and vehicle communication 
Regarding claim 23, Ross et al disclose the limitations indicated above and further disclose wherein the vehicular control architecture comprises a plurality of controllers for controlling different areas of vehicular operation, at least one controller providing the user interface (paragraph 3, lines 1-10).
Regarding claim 24, Ross et al disclose the limitations indicated above and further disclose further comprising instructions to cause the communication circuitry to transmit the operational data to the at least one data consumer based on a requirement for operation received from at the least one data consumer (paragraph 46, lines 1-13 and Fig. 3, 360).

Response to Arguments
Applicant's arguments in regards to claims above have been considered but are moot in view of the new ground(s) of rejection.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ADAM ALHARBI whose telephone number is 313-446-6621.  The examiner can normally be reached on Monday - Friday from 9:00 AM to 5:30PM EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Geepy Pe can be reached on 571-270-3703.  The fax phone number for the organization where this application or proceeding is assigned is 571-270-8406.
http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ADAM M ALHARBI/Primary Examiner, Art Unit 3663