DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Double Patenting


The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.   A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with 

Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b).

Claims 1-20 are provisionally rejected on the ground of nonstatutory double patenting over claims 1-20 of copending application No. 16522511. This is a provisional double patenting rejection since the conflicting claims have not in fact been patented.


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.



Claims 1-7, 15-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.

Claims 1, 15 recites “A method for a multi-country data…the entered data and the user are all physically located…comprises non-personal data and PII…”.  There is insufficient 


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 are rejected under 35 U.S.C. 103 as being obvious over Hughes et al (Pub. No. US 2015/0150144) in view of Durvasula et al (Pub. No. US 2020/0065521).
The applied reference has a common Applicant “Pearson Education, Inc.” with the instant application. Based upon the earlier effectively filed date of the reference, it constitutes prior art under 35 U.S.C. 102(a)(2). 
This rejection under 35 U.S.C. 103 might be overcome by: (1) a showing under 37 CFR 1.130(a) that the subject matter disclosed in the reference was obtained directly or indirectly from the inventor or a joint inventor of this application and is thus not prior art in accordance with 35 U.S.C.102(b)(2)(A); (2) a showing under 37 CFR 1.130(b) of a prior public disclosure under 35 U.S.C. 102(b)(2)(B); or (3) a statement pursuant to 35 U.S.C. 102(b)(2)(C) establishing that, not later than the effective filing date of the claimed invention, the subject matter disclosed and the claimed invention were either owned by the same person or subject to an obligation of assignment to the same person or subject to a joint research agreement. See generally MPEP § 717.02.



As per claim 1, Hughes discloses a method for a multi-country data pipeline to protect Personally Identifying Information (Pll) for each user in a plurality of users, comprising the steps of: receiving, by a first application, entered data from a user, wherein the first application, the entered data and the user are all physically located in a first country and the entered data comprises non-personal data and Pll (the user’s system and the privacy server are located in Canada and the application server is located in the United States…teacher registers a student by entering the student’s information, including PII…see par. 21, 27-28); receiving, by the first application, a schema based on a privacy policy for the first country (the privacy server is located in Canada…and includes modules to support a PII registration process…where the privacy server generates and uses a token…e.g. an education application such as a Learning Management System…see par. 21, 27); identifying, by the first application, the non-personal data and the Pll in the entered data based on the schema (see par. 27-28); storing, in an identity store, the ID tag and the Pll, wherein the identity data store is configured so that when it receives the ID tag, the identity data store outputs the Pll (see the PII identifier and storing the PII identifier in par. 37); upon authenticating the user, transmitting the ID tag to the identity data store; receiving the Pll associated with the ID tag from the identity data store (…the privacy server uses the token to locate the PII that corresponds to the token stored in the PII database and substitutes the appropriate PII…see par. 39). Hughes does not explicitly disclose generating, using a one-way hash, an identification (ID) tag for the PII. Hughes does not explicitly disclose generating, using a one-way hash, an Identification (ID) tag for the Pll; creating an anonymized data by replacing the Pll, in the entered data, with the ID tag for the Pll, wherein the anonymized data contains no Pll; transmitting, through the multi-country data pipeline, the anonymized data from the first country to an analytics function in a second country; generating, by the analytics function, a results based on the anonymized data; creating an anonymized results by adding the ID tag to the results, wherein the anonymized results contains no Pll; transmitting, through the multi-country data pipeline, the anonymized results from the second country to a second application in the first country; adding the Pll received from the identity store to the anonymized results to create an identified results; and performing an action by the second application based on the identified results. However Durvasula discloses generating, using a one-way hash, an Identification (ID) tag for the Pll (one-way data transformation transforms PII…see par. 20); creating an anonymized data by replacing the Pll, in the entered data, with the ID tag for the Pll, wherein the anonymized data contains no Pll (data anonymization with removal of PII from a data set to create anonymous dataset…see par. 18-20); transmitting, through the multi-country data pipeline, the anonymized data from the first country to an analytics function in a second country; generating, by the analytics function, a results based on the anonymized data; creating an anonymized results by adding the ID tag to the results, wherein the anonymized results contains no Pll (the network hosting the platform is implemented on the one or more data centers where each data center could correspond to a different geographic location…removing PII from a dataset to create an anonymous dataset…for any given quasi-identifier…see par. 19, 22-24); transmitting, through the multi-country data pipeline, the anonymized results from the second country to a second application in the first country; adding the Pll received from the identity store to the anonymized results to create an identified results; and performing an action by the second application based on the identified results (see par. 24, 29-31). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Durvasula in Hughes for including the above limitations because one ordinary skill in the art would recognize it would improve the manner in which PII data may be derived for 



As per claim 8, Hughes discloses a method for a multi-regional data pipeline to protect Personally Identifying Information (Pll) for each user in a plurality of users, comprising the steps of: receiving, by a first application, entered data from a user, wherein the first application, the entered data and the user are all physically located in a first geographical region and the entered data comprises non-personal data and a plurality of Pll (the user’s system and the privacy server are located in Canada and the application server is located in the United States…teacher registers a student by entering the student’s information, including PII…see par. 21, 27-28); receiving, by the first application, a schema based on a privacy policy for the first geographical region (the privacy server is located in Canada…and includes modules to support a PII registration process…where the privacy server generates and uses a token…e.g. an education application such as a Learning Management System…see par. 21, 27); identifying, by the first application, the non-personal data and the plurality of Pll in the entered data based on the schema (see par. 27-28); storing, in an identity store, the plurality of Pll and their corresponding plurality of ID tags, wherein the identity data store is configured so that when it receives an ID tag, the identity data store outputs the corresponding Pll (see the PII identifier and storing the PII identifier in par. 37); upon authenticating the user, transmitting the plurality of ID tags to the identity data store; receiving the plurality of Pll corresponding with the plurality of ID tags from the identity data store (…the privacy server uses the token to locate the PII that corresponds to the token stored in the PII database and substitutes the appropriate PII…see par. 39). Hughes does not explicitly disclose generating, using a one-way hash, an identification (ID) tag for the PII. Hughes does not explicitly generating, using a one-way hash, an Identification (ID) tag for each Pll in the plurality of Pll in the entered data, thereby generating a plurality of ID tags that correspond to the plurality of Pll in the entered data; creating an anonymized data by replacing each Pll in the plurality of Pll with its corresponding ID tag, wherein the anonymized data contains none of the plurality of Pll; transmitting, through the multi-country data pipeline, the anonymized data from the first country to an analytics function in a second country;
generating, by the analytics function, a results based on the anonymized data; creating an anonymized results by adding the plurality of ID tags to the results, wherein the anonymized data contains no Pll; transmitting, through the multi-country data pipeline, the anonymized results from the second country to a second application in the first country; adding the Pll received from the identity store to the anonymized results to create an identified results; and
performing an action by the second application based on the identified results. However Durvasula discloses generating, using a one-way hash, an Identification (ID) tag for each Pll in the plurality of Pll in the entered data, thereby generating a plurality of ID tags that correspond to the plurality of Pll in the entered data (one-way data transformation transforms PII…see par. 20); creating an anonymized data by replacing each Pll in the plurality of Pll with its corresponding ID tag, wherein the anonymized data contains none of the plurality of Pll (data anonymization with removal of PII from a data set to create anonymous dataset…see par. 18-20); transmitting, through the multi-country data pipeline, the anonymized data from the first country to an analytics function in a second country;
generating, by the analytics function, a results based on the anonymized data;
creating an anonymized results by adding the plurality of ID tags to the results, wherein the anonymized data contains no Pll (the network hosting the platform is implemented on the one or more data centers where each data center could correspond to a different geographic location…removing PII from a dataset to create an anonymous dataset…for any given quasi-transmitting, through the multi-country data pipeline, the anonymized results from the second country to a second application in the first country; adding the Pll received from the identity store to the anonymized results to create an identified results; and performing an action by the second application based on the identified results (see par. 24, 29-31). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Durvasula in Hughes for including the above limitations because one ordinary skill in the art would recognize it would improve the manner in which PII data may be derived for certain data repositories…including certain PII stored in the data repositories…see Durvasula, par. 4-5.



As per claim 15, Hughes discloses a method for a multi-country data pipeline to protect Personally Identifying Information (Pll) for each user in a plurality of users, comprising the steps of: receiving, by a first application, entered data from a user, wherein the first application, the entered data and the user are all physically located in a first country and the entered data comprises non-personal data and Pll (the user’s system and the privacy server are located in Canada and the application server is located in the United States…teacher registers a student by entering the student’s information, including PII…see par. 21, 27-28);
receiving, by the first application, a schema from a third country based on a privacy policy for the first country, wherein the schema is stored with a plurality of schema in a database and the plurality of schema in the database are stored in the third country (the privacy server is located in Canada…and includes modules to support a PII registration process…where the privacy server generates and uses a token…e.g. an education application such as a Learning Management System…see par. 3, 21, 27); identifying, by the first application, the non-personal data and the Pll in the entered data based on the schema (see par. 27-28); storing, in an identity store, the ID tag and the Pll, wherein the identity data store is configured so that when it receives the ID tag, the identity data store outputs the Pll (see the PII identifier and storing the PII identifier in par. 37); upon authenticating the user, transmitting the ID tag to the identity data store;
receiving the Pll associated with the ID tag from the identity data store (…the privacy server uses the token to locate the PII that corresponds to the token stored in the PII database and substitutes the appropriate PII…see par. 39). Hughes does not explicitly disclose generating, using a one-way hash, an Identification (ID) tag for the Pll; creating an anonymized data by replacing the Pll, in the entered data, with the ID tag for the Pll, wherein the anonymized data contains no Pll; transmitting, through the multi-country data pipeline, the anonymized data from the first country to an analytics function in a second country; generating, by the analytics function, a results based on the anonymized data; creating an anonymized results by adding the ID tag to the results, wherein the anonymized data contains no Pll; transmitting, through the multi-country data pipeline, the anonymized results from the second country to a second application in the first country; adding the Pll received from the identity store to the anonymized results to create an identified results; and performing an action by the second application based on the identified results. However Durvasula discloses generating, using a one-way hash, an Identification (ID) tag for the Pll (one-way data transformation transforms PII…see par. 20); creating an anonymized data by replacing the Pll, in the entered data, with the ID tag for the Pll, wherein the anonymized data contains no Pll (data anonymization with removal of PII from a data set to create anonymous dataset…see par. 18-20); transmitting, through the multi-country data pipeline, the anonymized data from the first country to an analytics function in a second country; generating, by the analytics function, a results based on the anonymized data; creating an anonymized results by adding the ID tag to the results, wherein the anonymized data contains no Pll (the network hosting the platform is transmitting, through the multi-country data pipeline, the anonymized results from the second country to a second application in the first country; adding the Pll received from the identity store to the anonymized results to create an identified results; and performing an action by the second application based on the identified results (see par. 24, 29-31). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Durvasula in Hughes for including the above limitations because one ordinary skill in the art would recognize it would improve the manner in which PII data may be derived for certain data repositories…including certain PII stored in the data repositories…see Durvasula, par. 4-5.


As per claims 2, 9, 16, the combination of Hughes and Durvasula discloses wherein the schema identifies a plurality of Pll fields in the entered data based on the privacy policy for the first country (Hughes: see par. 31-32).


As per claims 3, 10, 17, the combination of Hughes and Durvasula discloses wherein the schema was received from, and is stored in, a third country and the first country, the second country and the third country are three different countries (Hughes: see par. 21-22).


As per claims 4, 11, 18, the combination of Hughes and Durvasula discloses wherein the Pll never leaves the first country (Hughes: see par. 22-23).


As per claims 5, 12, 19, the combination of Hughes and Durvasula discloses wherein the first application is a different application from the second application (Hughes: see par. 38-39).


As per claims 6, 13, 20, the combination of Hughes and Durvasula discloses wherein the first application is the same application as the second application (Hughes: see par. 35).


As per claims 7, 14, the combination of Hughes and Durvasula discloses wherein a plurality of schemas include the schema and the plurality of schemas are all stored in a database in a third country (Hughes: see par. 21-23).



Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see PTO-form 892).


Bender et al (Pub. No. US 2002/0099824); “Method and System for Sharing Anonymous User Information”;
-Teaches validating name and address information received from PII database…see par. 95-96.

Khi et al (Pub. No. US 2017/0286717); “Method and System for Managing Personal Information Within Independent Computer Systems and Digital Networks”; 
-Teaches securing several independent cryptographic data within a single ledger transaction within the ledger…see par. 53.


Any inquiry concerning this communication or earlier communications from the examiner should be directed to GHAZAL B SHEHNI whose telephone number is (571)270-7479.  The examiner can normally be reached on Mon-Fri 9am-5pm PCT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 5712724219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/GHAZAL B SHEHNI/Primary Examiner, Art Unit 2436