DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is sent in response to Applicant’s Communication received on 06/19/2020 for application number 16/906,593. The Office hereby acknowledges receipt of the following and placed of record in file: Specification, Drawings, Abstract, Oath/Declaration, and Claims.
Claims 1-22 are presented for examination.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 01/18/2022 was filed before the mailing date of the first office action on the merits. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 5 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 5 recites the limitation "photo selection interface" in line 2. There is insufficient antecedent basis for this limitation in the claim.
Examiner is interpreting this limitation to read “asset selection interface” to be consistent with independent claim from which it depends.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-6 and 10-15 are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 2016/0205103 A1).

Regarding claim 1, Lee teaches a method of managing third-party application access to assets of an end-user device [Abstract], the method comprising: 
identifying an asset privacy management trigger on the end-user device related to a third-party application [Fig. 18, (1810), Para. 122, start personal information monitoring for third party application access]; 
in response to identifying the asset privacy management trigger, displaying a privacy selection interface that enables a user to select a limited asset access option [Figs. 16A-B, 18, (1820), Paras. 108-110, 123, user turning on the personal information monitoring (1640)]; 
in response to the limited asset access option being selected, displaying an asset selection interface configured to define a sub-set of assets of the end-user device as authorized for the third-party application based on user selection [Fig. 16C, Paras. 110-111, user selecting specific personal information to be monitored]; and 
in response to a request to access assets of the end-user device by the third- party application, providing the third-party application with access to only the defined sub-set of assets [Fig. 18, (1830-1840), Paras. 126-127, allowing the third party to access the selected personal information].

While all limitations are disclosed within the reference Lee, several cited paragraphs mention “in some embodiments” but does not explicitly disclose that each mode is definitely part of a single embodiment. However, as each embodiment is not mutually exclusive and would serve to add additional functionality to the device, it would have been obvious to one of ordinary skill in the art at the time the invention was filed to include the cited modes in a single device for the purpose of providing many functions that facilitate third-party application access to end-user assets, as taught by Lee.

Regarding claim 2, Lee teaches all of the limitations of claim 1 as described above. Lee further teaches wherein the privacy selection interface enables the user to select between a full asset access option, a no asset access option, and the limited asset access option [Figs. 7A-B, Paras. 67-74, user can select the access level for the third party application, Always permission (full access), Permission only this time (limited access), and Always prohibit, Termination, or App Deletion (no access)].

Regarding claim 3, Lee teaches all of the limitations of claim 1 as described above. Lee further teaches wherein the asset privacy management trigger involves an operating system settings selection by the user [Fig. 16, Paras. 108-111, user selecting a system setting (i.e. personal monitoring) for third party application access control].

Regarding claim 4, Lee teaches all of the limitations of claim 1 as described above. Lee further teaches wherein the asset privacy management trigger involves a third-party application request to access assets of the end-user device [Fig. 18, (1830), Paras. 125-126, displaying a notification after a third party application is downloaded (i.e. tries to access content)].

Regarding claim 5, Lee teaches all of the limitations of claim 4 as described above. Lee further teaches wherein operations of the privacy selection interface and the asset selection interface are transparent to the third-party application [Paras. 65-66, third party application does not know of the access permissions since they are internal to the operating system settings].

Regarding claim 6, Lee teaches all of the limitations of claim 1 as described above. Lee further teaches wherein the asset privacy management trigger involves a third-party application request to initialize asset privacy management by the user [Fig. 18, (1830), Paras. 125-126, displaying a notification after a third party application is downloaded (i.e. tries to access content)].

Regarding claim 10, Lee teaches a computer-readable medium comprising instructions that, when executed, configure a processor to: 
identify an asset privacy management trigger on the end-user device related to a third-party application [Fig. 18, (1810), Para. 122, start personal information monitoring for third party application access]; 
in response to identifying the asset privacy management trigger, displaying a privacy selection interface that enables a user to select a limited asset access option [Figs. 16A-B, 18, (1820), Paras. 108-110, 123, user turning on the personal information monitoring (1640)]; 
in response to the limited asset access option being selected, displaying an asset selection interface configured to define a sub-set of assets of the end-user device as authorized for the third-party application based on user selection [Fig. 16C, Paras. 110-111, user selecting specific personal information to be monitored]; and 
in response to a request to access assets of the end-user device by the third- party application, providing the third-party application with access to only the defined sub-set of assets [Fig. 18, (1830-1840), Paras. 126-127, allowing the third party to access the selected personal information].

While all limitations are disclosed within the reference Lee, several cited paragraphs mention “in some embodiments” but does not explicitly disclose that each mode is definitely part of a single embodiment. However, as each embodiment is not mutually exclusive and would serve to add additional functionality to the device, it would have been obvious to one of ordinary skill in the art at the time the invention was filed to include the cited modes in a single device for the purpose of providing many functions that facilitate third-party application access to end-user assets, as taught by Lee.

Regarding claim 11, Lee teaches all of the limitations of claim 10 as described above. Lee further teaches wherein the instructions configure the processor to display the privacy selection interface with options including a full asset access option, a no asset access option, and the limited asset access option [Figs. 7A-B, Paras. 67-74, user can select the access level for the third party application, Always permission (full access), Permission only this time (limited access), and Always prohibit, Termination, or App Deletion (no access)].

Regarding claim 12, Lee teaches all of the limitations of claim 10 as described above. Lee further teaches wherein the instructions configure the processor to identify an operating system settings selection by the user as the asset privacy management trigger [Fig. 16, Paras. 108-111, user selecting a system setting (i.e. personal monitoring) for third party application access control].

Regarding claim 13, Lee teaches all of the limitations of claim 10 as described above. Lee further teaches wherein the instructions configure the processor to identify a third-party application request to access assets of the end- user device as the asset privacy management trigger [Fig. 18, (1830), Paras. 125-126, displaying a notification after a third party application is downloaded (i.e. tries to access content)].

Regarding claim 14, Lee teaches all of the limitations of claim 10 as described above. Lee further teaches wherein the instructions configure the processor to display the privacy selection interface and the asset selection interface in a manner that is transparent to the third-party application [Paras. 65-66, third party application does not know of the access permissions since they are internal to the operating system settings].

Regarding claim 15, Lee teaches all of the limitations of claim 10 as described above. Lee further teaches wherein the instructions configure the processor to display the privacy selection interface in response to a third-party application request to initialize asset privacy management by the user [Fig. 18, (1830), Paras. 125-126, displaying a notification after a third party application is downloaded (i.e. tries to access content)].

Claims 7-9 and 16-22 are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 2016/0205103 A1) in view of Higgins et al. (US 10,277,601 B1).

Regarding claim 7, Lee teaches all of the limitations of claim 1 as described above. But Lee does not explicitly teach adding a definition of the sub-set of assets to a database that stores indexed information associating each of a plurality of defined sub-sets of assets and respective third-party application identifiers.
However, Higgins teaches adding a definition of the sub-set of assets to a database that stores indexed information associating each of a plurality of defined sub-sets of assets and respective third-party application identifiers [Fig. 4, Col. 5, line 61 – Col. 7, line 50, setting access permissions to each third party application and giving the applications an ACL entry identifier].

It would have been obvious to a person having ordinary skill in the art at the time the invention was filed to modify the third party application access to user assets of Lee and incorporate the third party application identifiers of Higgins to allow the system to keep a record of each application and their access rights.
A person having ordinary skill in the art would have been motivated to modify and include the third party application identifiers to allow the user to navigate between third party applications while using their assets without the system continuing to prompt an access request, creating an efficient and user friendly system.

Regarding claim 8, Lee as modified by Higgins teaches all of the limitations of claim 7 as described above. Lee further teaches identifying the request to access assets of the end-user device by the third- party application [Fig. 18, (1830), Paras. 125-126, access request from third party application]; and provide the third-party application with access to only the defined sub-set of assets [Fig. 18, (1940), Paras. 127-129, allow/deny access based on the given access permissions to the third party application].
Higgins further teaches identifying the request to access assets of the end-user device by the third- party application [Fig. 4, (402-404), Col. 5, line 61 – Col. 7, line 50, receive access request from third party application]; and using the indexed information in the database to provide the third-party application with access to only the defined sub-set of assets [Fig. 4, (406-410) Col. 5, line 61 – Col. 7, line 50, using the ACL identifier information to allow/deny access to the third party application].

It would have been obvious to a person having ordinary skill in the art at the time the invention was filed to modify the third party application access to user assets of Lee and incorporate the third party application identifiers of Higgins to allow the system to keep a record of each application and their access rights.
A person having ordinary skill in the art would have been motivated to modify and include the third party application identifiers to allow the user to navigate between third party applications while using their assets without the system continuing to prompt an access request, creating an efficient and user friendly system.

Regarding claim 9, Lee as modified by Higgins teaches all of the limitations of claim 7 as described above. Higgins further teaches in response to identifying that new assets were added after the database was last updated, interpreting a new request to access assets of the end-user device by the third-party application as an asset privacy management trigger [Fig. 4, (408-410), Col. 5, line 61 – Col. 7, line 50, modifying the ACL entry (i.e. adding a file or folder content (asset)) for a given third party application].

It would have been obvious to a person having ordinary skill in the art at the time the invention was filed to modify the third party application access to user assets of Lee and incorporate the third party application identifiers of Higgins to allow the system to keep a record of each application and their access rights.
A person having ordinary skill in the art would have been motivated to modify and include the third party application identifiers to allow the user to navigate between third party applications while using their assets without the system continuing to prompt an access request, creating an efficient and user friendly system.

Regarding claim 16, Lee teaches all of the limitations of claim 15 as described above. But, Lee does not explicitly teach in response to identifying new assets were added after the database was last updated, interpreting a new request to access assets of the end-user device by the third-party application as an asset privacy management trigger.
However, Higgins teaches in response to identifying new assets were added after the database was last updated, interpreting a new request to access assets of the end-user device by the third-party application as an asset privacy management trigger [Fig. 4, (408-410), Col. 5, line 61 – Col. 7, line 50, modifying the ACL entry (i.e. adding a file or folder content (asset)) for a given third party application].

It would have been obvious to a person having ordinary skill in the art at the time the invention was filed to modify the third party application access to user assets of Lee and incorporate the third party application identifiers of Higgins to allow the system to keep a record of each application and their access rights.
A person having ordinary skill in the art would have been motivated to modify and include the third party application identifiers to allow the user to navigate between third party applications while using their assets without the system continuing to prompt an access request, creating an efficient and user friendly system.

Regarding claim 17, Lee teaches a system comprising: 
one or more processors [Para. 37, smartphone, tablet, or personal computer (i.e. containing a processor)]; 
one or more cameras configured to capture photos [Para. 37, smartphone, tablet, or personal computer (i.e. containing a camera)]; 
a memory for storing program instructions for the one or more processors, where the instructions, when executed [Para. 37, smartphone, tablet, or personal computer (i.e. containing a memory to store instructions to be executed by a processor)], cause the one or more processors to: 
maintain a photo library based on the captured photos [Fig. 16C, Para. 110, assets to be photos (i.e. photo library)], 
in response to identifying the photo library privacy management trigger, display a privacy selection interface that enables a user to select a limited photo library access option [Figs. 16A-B, 18, (1820), Paras. 108-110, 123, user turning on the personal information monitoring (1640)]; 
in response to the limited photo library access option being selected, display a selection interface configured to define a sub-set of assets as authorized for the third-party application based on user selection [Fig. 16C, Paras. 110-111, user selecting specific personal information to be monitored]; 
in response to a subsequent request to access the photo library by the third-party application, provide the third-party application with access to only the defined sub-set of assets [Fig. 18, (1830-1840), Paras. 126-127, allowing the third party to access the selected personal information].

But, Lee does not explicitly teach identify a photo library privacy management trigger related to a third- party application; in response to the limited photo library access option being selected, display a photo selection interface configured to define a sub-set of photos in the photo library as authorized for the third-party application based on user selection; in response to a subsequent request to access the photo library by the third-party application, provide the third-party application with access to only the defined sub-set of photos.
However, Higgins teaches identify a photo library privacy management trigger related to a third- party application [Fig. 2, Col. 4, line 55 – Col. 5, line 32, identify folder and files access request]; in response to the limited photo library access option being selected, display a photo selection interface configured to define a sub-set of photos in the photo library as authorized for the third-party application based on user selection [Fig. 2, Col. 4, line 55 – Col. 5, line 32, user can select which type of content (i.e. folders, files, file types, etc.) to be allowed or denied access by each third party application]; in response to a subsequent request to access the photo library by the third-party application, provide the third-party application with access to only the defined sub-set of photos [Fig. 2, Col. 4, line 55 – Col. 5, line 32, allowing access to the files and content selected for the third party application].

It would have been obvious to a person having ordinary skill in the art at the time the invention was filed to modify the third party application access to user assets of Lee and incorporate the folder and file specific access for third party applications of Higgins to allow the system to allow only specific content to third party applications.
A person having ordinary skill in the art would have been motivated to modify and include the folder and file specific access for third party applications to allow the user to select individual content for user by third party applications, creating an efficient and user friendly system.

Regarding claim 18, Lee as modified by Higgins teaches all of the limitations of claim 17 as described above. Lee further teaches to display the privacy selection interface with options including a full photo library access option, a no photo library access option, and the limited photo library access option [Figs. 7A-B, Paras. 67-74, user can select the access level for the third party application, Always permission (full access), Permission only this time (limited access), and Always prohibit, Termination, or App Deletion (no access)].

Regarding claim 19, Lee as modified by Higgins teaches all of the limitations of claim 17 as described above. Lee further teaches to identify an operating system settings selection by the user as the photo library privacy management trigger [Fig. 16, Paras. 108-111, user selecting a system setting (i.e. personal monitoring) for third party application access control].

Regarding claim 20, Lee as modified by Higgins teaches all of the limitations of claim 17 as described above. Lee further teaches to identify a third-party application request to access the photo library as the photo library privacy management trigger [Fig. 18, (1830), Paras. 125-126, displaying a notification after a third party application is downloaded (i.e. tries to access content)].

Regarding claim 21, Lee as modified by Higgins teaches all of the limitations of claim 17 as described above. Lee further teaches to display the privacy selection interface and the photo selection interface in a manner that is transparent to the third-party application [Paras. 65-66, third party application does not know of the access permissions since they are internal to the operating system settings].

Regarding claim 22, Lee as modified by Higgins teaches all of the limitations of claim 17 as described above. Lee further teaches to display the privacy selection interface in response to a third-party application request to initialize photo library privacy management by the user [Fig. 18, (1830), Paras. 125-126, displaying a notification after a third party application is downloaded (i.e. tries to access content)].

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ROLAND J CASILLAS whose telephone number is (571)272-4994. The examiner can normally be reached 8am - 6pm PST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Renee Chavez can be reached on 571-270-1104. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ROLAND J CASILLAS/Primary Examiner, Art Unit 2179