Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .



DETAILED ACTION
This action is in response to the communication filed on 07/10/2019.
Claims 1-20 are under examination.
The Information Disclosure Statements filed on 10/18/2019 and 10/06/2020 have been entered and considered.


Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claim 19 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  Claim 19 recites “a computer-readable storage medium.”  The broadest reasonable interpretation of “a computer-readable storage medium” covers forms of both non-transitory tangible media and transitory propagating signals per se.  See In re Nuijten, 500 F.3d 1346, 1356-57 (Fed. Cir. 2007); Subject Matter Eligibility of Computer Readable Media, Jan. 26, 2010; p. 1.  Paragraph 0012 of the specification recites “The computer-readable storage may be non-transitory". The specification fails to limit expressly the term “computer-readable storage media” to exclude signals, carrier waves, etc., the term encompasses transitory propagation signals. See Patent Board Decision on application 10/685192 (05/08/2013). Because the broadest reasonable interpretation of the claims cover a signal per se, claim 19 is rejected under 35 U.S.C. § 101 as being directed towards non-statutory subject matter.
The Examiner suggests inserting "non-transitory" before the phrase “computer-readable storage medium.”


Claim Rejections - 35 USC § 102  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Amarendran et al. (US 2016/0078245 A1).
Regarding claim 1, Amarendran et al. discloses: A computing device comprising: a processor; a memory; and an automatic file encryption application stored in the memory and containing processor-executable instructions to automatically encrypt a file [abs, “Data storage systems are disclosed for automatically generating encryption rules based on a set of training files that are known to include sensitive information... Moreover, systems are disclosed that are capable of automatically determining whether to encrypt a file based on the generated encryption rules”, par. 0546, computer program instructions], wherein the instructions, when executed by the processor, are to cause the processor to: identify a characteristic associated with likely sensitive content based on a usage pattern of encrypting files having the characteristic [par. 0479, “the encryption rules generator 1404 uses a number of heuristic algorithms to determine a set of rules for identifying files with sensitive information. The determination may be based on the set of data tokens associated with each file that is determined at the block 1504. The heuristic algorithms can include performing pattern recognition to determine a pattern associated with a particular type of file”, par. 0310, whether the file and/or a version of the file was previously encrypted, par. 0499, the file can be added to the set of files used to generate the encryption rules], detect creation of the file [par. 0012, “the method includes monitoring file creation and/or file modification activity. In response to detecting a file creation and/or modification event with respect to a file, the method can include determining whether the file satisfies an encryption rule from the set of encryption rules”], determine that the file contains sensitive content based upon it having the characteristic, and encrypt the file based on the determination that the file contains sensitive content [par. 0012, “in response to determining that the file satisfies the encryption rule from the set of encryption rules, the method can include identifying the file as protected. Moreover, the method may include determining whether the file satisfies a context condition associated with the encryption rule. In response to determining that the context condition is satisfied, the method may include encrypting the file”, par. 0497].
Regarding claim 2, the rejection of claim 1 is incorporated.
Amarendran et al. further discloses the characteristic of the file includes geo- location data associated with creation of the file [par. 0089, “Metadata can include…  geographic location (e.g., GPS coordinates)”, par. 0524, “The encryption rules engine may be further configured to access a set of encryption rules from the encryption rules repository and to determine whether the file metadata satisfies the encryption rules”].
 Regarding claim 3, the rejection of claim 1 is incorporated.
Amarendran et al. further discloses the characteristic of the file includes timestamp data associated with creation of the file [par. 0325, “Metadata can include…  the time the file was created”, par. 0524, “The encryption rules engine may be further configured to access a set of encryption rules from the encryption rules repository and to determine whether the file metadata satisfies the encryption rules”].
Regarding claim 4, the rejection of claim 1 is incorporated.
Amarendran et al. further discloses wherein the instructions, when executed, are to cause the processor to determine the usage pattern from previous file encryption operations on the computing device [par. 0310, whether the file and/or a version of the file was previously encrypted, par. 0499, “the user indicates that the determination of the encryption rules engine 926 is inaccurate, the file can be added to the set of files used to generate the encryption rules. The process 1500 can then be repeated with the updated set of training files. In some cases, the process 1500 is not repeated in its entirety, but instead one or more encryption rules that generated a contrary result to the user's indication of the status of the file (e.g., protected or unprotected) may be regenerated or modified based on the addition of the file to the set of training files”].
Regarding claim 5, the rejection of claim 1 is incorporated.
Amarendran et al. further discloses wherein the instructions, when executed, are to cause the processor to identify the characteristic by receiving a communication from a- 16 - remote server specifying the characteristic of the file [par. 0473, “The set of files received at the block 1502 may be associated with a specific computing system, server system, or client system for the purposes of generating encryption rules. In such cases, encryption rules generated using the process 1500 may be specific to the particular computing system. However, in other cases, the set of files received at the block 1502 may be used to generate encryption rules for a set of computing systems”, par. 0077, “Computing devices can include servers”, par. 0078, “a computing device includes virtualized and/or cloud computing resources”, par. 0544], and wherein the usage pattern is derived at the remote server from previous file encryption operations on other computing devices [par. 0310, whether the file and/or a version of the file was previously encrypted, par. 0499, “the user indicates that the determination of the encryption rules engine 926 is inaccurate, the file can be added to the set of files used to generate the encryption rules. The process 1500 can then be repeated with the updated set of training files. In some cases, the process 1500 is not repeated in its entirety, but instead one or more encryption rules that generated a contrary result to the user's indication of the status of the file (e.g., protected or unprotected) may be regenerated or modified based on the addition of the file to the set of training files”].
Regarding claim 6, the rejection of claim 1 is incorporated.
[par. 0473, “The set of files received at the block 1502 may be associated with a specific computing system, server system, or client system for the purposes of generating encryption rules. In such cases, encryption rules generated using the process 1500 may be specific to the particular computing system. However, in other cases, the set of files received at the block 1502 may be used to generate encryption rules for a set of computing systems”, par. 0077, “Computing devices can include servers”, par. 0078, “a computing device includes virtualized and/or cloud computing resources”, par. 0544]; identify the usage pattern based on one or more of the associated filed characteristics common to the previous file encryption operations; and identify the characteristic from the usage pattern [par. 0310, whether the file and/or a version of the file was previously encrypted, par. 0499, “the user indicates that the determination of the encryption rules engine 926 is inaccurate, the file can be added to the set of files used to generate the encryption rules. The process 1500 can then be repeated with the updated set of training files. In some cases, the process 1500 is not repeated in its entirety, but instead one or more encryption rules that generated a contrary result to the user's indication of the status of the file (e.g., protected or unprotected) may be regenerated or modified based on the addition of the file to the set of training files”].
Regarding claim 7, the rejection of claim 1 is incorporated.
Amarendran et al. further discloses wherein the instructions, when executed, are to cause the processor to encrypt by at least one of moving the file to a local disk-based encrypted [par. 0312, “Once the encryption rules engine 226 determines that a file should be encrypted, the encryption module 222 can encrypt the file using an encryption algorithm”, par. 0318, “As illustrated in FIG. 2, the primary storage device 104 can include an unencrypted files repository 210 configured to store unencrypted files and an encrypted files repository 212 configured to store encrypted files”].
Regarding claim 8, the rejection of claim 1 is incorporated.
Amarendran et al. further discloses the file comprises one of a photo, a video, or an audio recording [par. 0120, “video files 124, image files 126”].
Regarding claim 9, the rejection of claim 1 is incorporated.
Amarendran et al. further discloses the computing device is a mobile device [par. 0077, “Other computing devices can include mobile or portable computing devices”].
Regarding claim 10, it recites limitations similar to claim 1. The reason for the rejection of claim 1 is incorporated herein.
Regarding claim 11, it recites limitations similar to claim 2. The reason for the rejection of claim 2 is incorporated herein.
Regarding claim 12, it recites limitations similar to claim 3. The reason for the rejection of claim 3 is incorporated herein.
Regarding claim 13, it recites limitations similar to claim 4. The reason for the rejection of claim 4 is incorporated herein.
Regarding claim 14, it recites limitations similar to claim 5. The reason for the rejection of claim 5 is incorporated herein.
Regarding claim 15, the rejection of claim 1 is incorporated.
Amarendran et al. further discloses identifying the characteristic of the file based on a threshold number of other computing devices performing the previous file encryption operation with respect to a respective file having the characteristic [par. 0310, whether the file and/or a version of the file was previously encrypted, par. 0499, “the user indicates that the determination of the encryption rules engine 926 is inaccurate, the file can be added to the set of files used to generate the encryption rules. The process 1500 can then be repeated with the updated set of training files. In some cases, the process 1500 is not repeated in its entirety, but instead one or more encryption rules that generated a contrary result to the user's indication of the status of the file (e.g., protected or unprotected) may be regenerated or modified based on the addition of the file to the set of training files”, par. 0473, “The set of files received at the block 1502 may be associated with a specific computing system, server system, or client system for the purposes of generating encryption rules. In such cases, encryption rules generated using the process 1500 may be specific to the particular computing system. However, in other cases, the set of files received at the block 1502 may be used to generate encryption rules for a set of computing systems”,  (Threshold number is one)].
Regarding claim 16, it recites limitations similar to claim 6. The reason for the rejection of claim 6 is incorporated herein.
Regarding claim 17, it recites limitations similar to claim 7. The reason for the rejection of claim 7 is incorporated herein.
Regarding claim 18, it recites limitations similar to claim 8. The reason for the rejection of claim 8 is incorporated herein.
Regarding claim 19, it recites limitations similar to claim 1. The reason for the rejection of claim 1 is incorporated herein.
Regarding claim 20, it recites limitations similar to claim 2. The reason for the rejection of claim 2 is incorporated herein.

 
Conclusion
The prior art made of record and not relied upon is considered pertinent to Applicant’s disclosure:
US 10607027 B1		Secretless secure data distribution and recovery process
US 20060075228 A1		Method and apparatus for recognition and real time protection from view of sensitive terms in documents
US 20060005017 A1		Method and apparatus for recognition and real time encryption of sensitive terms in documents
US 20070283150 A1		System and method for secure messaging and web service communication
US 20160132694 A1		Preventing Sharing of Sensitive Information Through Code Repositories
US 20190050592 A1		SYSTEMS AND METHODS FOR PROCESSING AND HANDLING PRIVACY-SENSITIVE IMAGE DATA

US 20120096257 A1		Apparatus and Method for Protecting Storage Data of a Computing Apparatus in an Enterprise Network System
US 20150326570 A1		SYSTEMS AND METHODS FOR DISCERNING EYE SIGNALS AND CONTINUOUS BIOMETRIC IDENTIFICATION

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JASON CHIANG whose telephone number is (571)270-3393.  The examiner can normally be reached on 9 AM to 6 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571) 272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/JASON CHIANG/Primary Examiner, Art Unit 2431