DETAILED ACTION
Applicant’s Application filed on April 8, 2020 has been reviewed. 
Claims 1-20 have been examined.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Information Disclosure Statement
The information disclosure statement (IDS) submitted on April 8, 2020 was filed.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –





Claims 1-2, 6, 10, 12-14 and 17-18 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Harris et al. (US 2021/0365584 A1), hereinafter referred to as Harris.

With respect to claim 1, Harris teaches A method, comprising: 
receiving, at a cloud data privacy service, a request from a user device to permit a first data processor to access private data associated with the user (the user device transmit a request to allow access to particular data corresponding to a particular sensitivity level) to a particular entity [first data processor], para. 0104; the blockchain provider computer [cloud data privacy service] receive the data request; it should be appreciated that the blockchain provider computer is an example of any computing device of the blockchain network, para. 0105; fig. 6), the request comprising: 
a request for a first data access block relating to the private data (the request received from the user identify particular data that is accessible to the blockchain provider computer to one or more blockchains with one or more sensitivity levels), para. 0105; fig. 6); and 
a data filter describing one or more access parameters relating to the first data processor and the private data (the request received from the user identify particular data that is accessible to the blockchain provider computer to one or more blockchains with one or more sensitivity levels), para. 0105; fig. 6; a ; 
generating the first data access block, at the cloud data privacy service (generating one or more personal blockchains associated with the entity, para. 0008; a blockchain include a number of blocks of interaction records, para. 0021), based on the private data and the data filter (each blockchain is a private blockchain for which access allowed or restricted by the blockchain provider computer according to one or more access control policies (e.g., access control policies generated in response to a user request to allow/restrict access to particular data and/or a particular sensitivity level for a particular user/entity), para. 0083); 
transmitting the first data access block from the cloud privacy service to the user device (the blockchain provider computer transmit a notification to the user device indicating that the request has been successfully processed, para. 0106), wherein the user device is configured to transmit the first data access block to the first data processor (the user device transmit a message to the computing device associated with a loan process [first data processor] including an identifier associated with the user (the data owner) and an indication that data is available at the blockchain provider computer, para. 0107); 
receiving, at the cloud data privacy service, a request from the first data processor for the private data (the computing device [first data processor] transmit a data request for user data (e.g., all data available and accessible by the computing device) to the blockchain provider computer, para. 0108), the request comprising the first data access block (the computing device [first data processor] transmit a data ; and 
determining, at the cloud data privacy service, that the first data access block received from first data processor is valid, and in response granting the first data processor at least partial access to the private data (the blockchain provider computer identify one or more access control policies associated with the requesting entity based at least in part on the identifier included in the data request and the particular data requested; the blockchain provider computer consult a mapping to identify one or more access control policies associated with the user identifier and the request user/entity identifier and allow or restrict access to the specific data according to the access control policies, para. 0109).

With respect to claim 2, Harris teaches The method of claim 1, wherein a scope of the at least partial access to the private data granted to the first data processor is based on the first data access block (a blockchain include a number of blocks of interaction records, para. 0021; each blockchain is a private blockchain for which access allowed or restricted by the blockchain provider computer according to one or more access control policies (e.g., access control policies generated in response to a user request to allow/restrict access to particular data and/or a particular sensitivity level for a particular user/entity), para. 0083).

With respect to claim 6, Harris teaches The method of claim 1, wherein the determining, at the cloud data privacy service, that the first data access block received from first data processor is valid comprises: determining that a digital signature for the first data access block is valid (the data  included in a block include payload data and a digital signature; payload data include an access control policy (e.g., indicating one or more entities/users for which access is to the blockchain  is to be allowed and/or restricted) and/or sensitive data, a computing device sign any suitable portion of payload data  using a cryptographic key associated with the computing device or a cryptographic key associated with the data owner to generate the digital signature, para. 0078; each data  is verifiable by verifying the digital signature, para. 0079).

With respect to claim 10, Harris teaches The method of claim 1, further comprising: 
storing the first data access block in a data access block registry (the blockchain network 110 configured to store data (e.g., sensitive data) within one or more blockchains (e.g., blockchains 1-N). In some embodiments, one or more of the blockchains 1-N may be private blockchains, para. 0055; the blockchain network maintain a mapping of one or more blockchains (e.g., identified with a blockchain identifier) to a particular user, para. 0056).

With respect to claim 12, Harris teaches The method of claim 1, wherein the cloud privacy service operates in a public cloud environment independent from the first data processor, and wherein the private data is maintained in the public cloud environment (the blockchain provider computer is a server computer as a server .

With respect to claim 13, Harris teaches A system, comprising: 
a processor (processor, para. 0008); and 
a memory storing a program, which, when executed on the processor, performs an operation (the computer readable medium comprising code that, when executed by the processor, causes the blockchain provider computer to perform operations, para. 0008), the operation comprising: 
receiving, at a cloud data privacy service, a request from a user device to permit a first data processor to access private data associated with the user (the user device transmit a request to allow access to particular data corresponding to a particular sensitivity level) to a particular entity [first data processor], para. 0104; the blockchain provider computer [cloud data privacy service] receive the data request; it should be appreciated that the blockchain provider computer is an example of any computing device of the blockchain network, para. 0105; fig. 6), the request comprising: 
a request for a first data access block relating to the private data (the request received from the user identify particular data that is accessible to the blockchain provider computer to one or more blockchains with one or more sensitivity levels), para. 0105; fig. 6); and 
a data filter describing one or more access parameters relating to the first data processor and the private data (the request received ; 
generating the first data access block, at the cloud data privacy service (generating one or more personal blockchains associated with the entity, para. 0008; a blockchain include a number of blocks of interaction records, para. 0021), based on the private data and the data filter (each blockchain is a private blockchain for which access allowed or restricted by the blockchain provider computer according to one or more access control policies (e.g., access control policies generated in response to a user request to allow/restrict access to particular data and/or a particular sensitivity level for a particular user/entity), para. 0083); 
transmitting the first data access block from the cloud privacy service to the user device (the blockchain provider computer transmit a notification to the user device indicating that the request has been successfully processed, para. 0106), wherein the user device is configured to transmit the first data access block to the first data processor (the user device transmit a message to the computing device associated with a loan process [first data processor] including an identifier associated with the user (the data owner) and an indication that data is available at the blockchain provider computer, para. 0107); 
receiving, at the cloud data privacy service, a request from the first data processor for the private data (the computing device [first data processor] transmit a data request for user data (e.g., all data available and accessible by the computing device) to the blockchain provider computer, para. 0108), the request comprising the first data access block (the computing device [first data processor] transmit a data request for user data (e.g., all data available and accessible by the computing device) to the blockchain provider computer, para. 0108); and 
determining, at the cloud data privacy service, that the first data access block received from first data processor is valid, and in response granting the first data processor at least partial access to the private data (the blockchain provider computer identify one or more access control policies associated with the requesting entity based at least in part on the identifier included in the data request and the particular data requested; the blockchain provider computer consult a mapping to identify one or more access control policies associated with the user identifier and the request user/entity identifier and allow or restrict access to the specific data according to the access control policies, para. 0109).

With respect to claim 14, Harris teaches The system of claim 13, wherein a scope of the at least partial access to the private data granted to the first data processor is based on the first data access block (a blockchain include a number of blocks of interaction records, para. 0021; each blockchain is a private blockchain for .

With respect to claim 17, Harris teaches A non-transitory computer program product (the computer readable medium comprising code that, when executed by the processor, causes the blockchain provider computer to perform operations, para. 0008), the computer program product comprising: 
a computer-readable storage medium having computer-readable program code embodied therewith, the computer-readable program code executable by one or more computer processors to perform an operation (the computer readable medium comprising code that, when executed by the processor, causes the blockchain provider computer to perform operations, para. 0008), the operation comprising: 
receiving, at a cloud data privacy service, a request from a user device to permit a first data processor to access private data associated with the user (the user device transmit a request to allow access to particular data corresponding to a particular sensitivity level) to a particular entity [first data processor], para. 0104; the blockchain provider computer [cloud data privacy service] receive the data request; it should be appreciated that the blockchain provider computer is an example of any computing device of the blockchain network, para. 0105; fig. 6), the request comprising: 
a request for a first data access block relating to the private data (the request received from the user identify particular data that is accessible to the blockchain provider computer to one or more blockchains with one or more sensitivity levels), para. 0105; fig. 6); and 
a data filter describing one or more access parameters relating to the first data processor and the private data (the request received from the user identify particular data that is accessible to the blockchain provider computer to one or more blockchains with one or more sensitivity levels), para. 0105; fig. 6; a sensitivity level associated with a type of access to be allowed/restricted, para. 0105); 
generating the first data access block, at the cloud data privacy service (generating one or more personal blockchains associated with the entity, para. 0008; a blockchain include a number of blocks of interaction records, para. 0021), based on the private data and the data filter (each blockchain is a private blockchain for which access allowed or restricted by the blockchain provider computer according to one or more access control policies (e.g., access control policies generated in response to a user request to allow/restrict access to particular data and/or a particular sensitivity level for a particular user/entity), para. 0083); 
transmitting the first data access block from the cloud privacy service to the user device (the blockchain provider computer transmit a notification to the user device indicating that the request has been successfully processed, para. 0106), wherein the user device is configured to transmit the first data access block to the first data processor (the user device transmit a message to the computing device associated with a loan process [first data processor] including an identifier associated with the user (the data owner) and an indication that data is available at the blockchain provider computer, para. 0107); 
receiving, at the cloud data privacy service, a request from the first data processor for the private data (the computing device [first data processor] transmit a data request for user data (e.g., all data available and accessible by the computing device) to the blockchain provider computer, para. 0108), the request comprising the first data access block (the computing device [first data processor] transmit a data request for user data (e.g., all data available and accessible by the computing device) to the blockchain provider computer, para. 0108); and 
determining, at the cloud data privacy service, that the first data access block received from first data processor is valid, and in response granting the first data processor at least partial access to the private data (the blockchain provider computer identify one or more access control policies associated with the requesting entity based at least in part on the identifier included in the data request and the particular data requested; the blockchain provider computer consult a mapping to identify one or more access control policies associated with the user identifier and the request user/entity identifier and allow or restrict access to the specific data according to the access control policies, para. 0109).

With respect to claim 18, Harris teaches The computer program product of claim 17, wherein a scope of the at least partial access to the private data granted to the first data processor is based on the first data access block (a blockchain include a number of blocks of interaction records, para. 0021; each blockchain is a private blockchain for which access allowed or restricted by the blockchain provider computer according to one or more access control policies (e.g., access control policies generated in response to a user request to allow/restrict access to particular data and/or a particular sensitivity level for a particular user/entity), para. 0083).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing 

Claims 3-5, 7, 11, 15 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Harris et al. (US 2021/0365584 A1), hereinafter referred to as Harris, in view of Van De Craen et al. (US 2016/0117448 A1), hereinafter referred to as Van De Craen.

With respect to claim 3, Harris teaches The method of claim 1 as described above, 
Harris does not explicitly teach further comprising: 
determining, at the cloud data privacy service, based on the first data access block received from first data processor, that the data filter specifies user approval prior to granting the first data processor access to the private data, and in response: 
transmitting from the cloud data privacy service to the user device a request for approval; and 
receiving, at the cloud data privacy service from the user device, a message indicating approval.
However, Van De Craen teaches further comprising: 
determining, at the cloud data privacy service, based on the first data access block received from first data processor, that the data filter specifies user approval prior to granting the first data processor access to the private data (when the data provider [cloud data privacy service] receives a request for medical data first data processor] with the added feature that the data provider is arranged to request authentication from the patient [user approval] before providing the requested medical data to the physician device, para. 0057-0058; fig. 4), and in response: 
transmitting from the cloud data privacy service to the user device a request for approval (the data provider responds by requesting authentication from the patient to whom the requested medical data corresponds; the data provider responds to the data access request from the physician device by transmitting an authentication request to the patient device [user device], para. 0058); and 
receiving, at the cloud data privacy service from the user device, a message indicating approval (after the authentication information has been inputted, the patient device transmits the authentication information to the data provider, the data provider compare the received authentication information to known authentication information for the patient, and determine that authentication is successful if the received authentication information matches the known authentication information; the data provider respond to successful authentication by providing the requested medical data to the physician device, para. 0058; also see para. 0013, 0039 and 0072; fig. 4) in order to ensure privacy it is desirable for the medical data to be shared in a safe and secure manner, and in particular for the patient to be able to control who is allowed to access their medical data as taught by Van De Craen (para. 0002).


With respect to claim 4, Harris in view of Van De Craen  teaches The method of claim 3 as described above, 
Further, Van De Craen teaches wherein the determining, at the cloud data privacy service, that the data filter specifies user approval further comprises: determining, based on the first data access block received from first data processor, an identifier for the data filter; and retrieving from a filter repository the data filter based on the identifier (after the authentication information has been inputted, the patient device transmits the authentication information to the data provider, the data provider compare the received authentication information to known authentication information for the patient, and determine that authentication is successful if the received authentication information matches the known authentication information; the data provider respond to successful authentication by providing the requested medical data to the physician device, para. 0058; also see para. 0013, 0039 and 0072; fig. 4) in order to ensure privacy it is desirable for the medical data to be shared in a safe and secure manner, and in particular for the patient to be able to .
Therefore, based on Harris in view of Van De Craen, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Van De Craen to the method of Harris in order to ensure privacy it is desirable for the medical data to be shared in a safe and secure manner, and in particular for the patient to be able to control who is allowed to access their medical data as taught by Van De Craen (para. 0002).

With respect to claim 5, Harris in view of Van De Craen  teaches The method of claim 4 as described above, 
Furthermore, Van De Craen teaches wherein the data filter is generated based on input from the user at the user device (the user interface can receive user input selecting one or more access parameters relating to how medical data should be shared with a second device; this allows a user to define the extent to which the medical data will be shared with the second device; access parameters that can be selected by user input include a time period during which the second device is allowed to access the medical data, and data element restrictions, the medical data can include a plurality of data elements, and a user can set the data element restrictions to control which of the data elements accessed by the second device, para. 0048) in order to ensure privacy it is desirable for the medical data to be shared in a safe and secure manner, and in particular for the patient to be able to control who is allowed to access their medical data as taught by Van De Craen (para. 0002).


With respect to claim 7, Harris teaches The method of claim 1 as described above, 
Harris does not explicitly teach wherein the user device is configured to transmit an address for the cloud privacy service to the first data processor along with the first data access block, and wherein the first data processor is configured to transmit the request for the private data to the cloud privacy service based on the address.
However, Van De Craen teaches wherein the user device is configured to transmit an address for the cloud privacy service to the first data processor along with the first data access block (the patient device [user device] display data request information for use in accessing the medical data through the data provider [cloud privacy service]; the data request information comprises a Uniform Resource Locator (URL) which links to the data provider, para. 0040; the physician device obtain the data request information by capturing an image of the patient device, para. 0043), and wherein the first data processor is configured to transmit the request for the private data to the cloud privacy service based on the address (the physician first data processor] transmits a data access request to the data provider to request access to the medical data, by navigating to the URL and transmitting the data request token included in the data request information, para. 0070; also see para. 0082) in order to ensure privacy it is desirable for the medical data to be shared in a safe and secure manner, and in particular for the patient to be able to control who is allowed to access their medical data as taught by Van De Craen (para. 0002).
Therefore, based on Harris in view of Van De Craen, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Van De Craen to the method of Harris in order to ensure privacy it is desirable for the medical data to be shared in a safe and secure manner, and in particular for the patient to be able to control who is allowed to access their medical data as taught by Van De Craen (para. 0002).

With respect to claim 11, Harris teaches The method of claim 1 as described above, 
Harris does not explicitly teach wherein the first data processor is granted access to the private data for a limited duration, and wherein the first data processor is configured to remove the private data after the limited duration expires.
However, Van De Craen teaches wherein the first data processor is granted access to the private data for a limited duration, and wherein the first data processor is configured to remove the private data after the limited duration expires (the patient device receives user input selecting one or more access .
Therefore, based on Harris in view of Van De Craen, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Van De Craen to the method of Harris in order to ensure privacy it is desirable for the medical data to be shared in a safe and secure manner, and in particular for the patient to be able to control who is allowed to access their medical data as taught by Van De Craen (para. 0002).

With respect to claim 15, Harris teaches The system of claim 13 as described above, 
Harris does not explicitly teach the operation further comprising: 
determining, at the cloud data privacy service, based on the first data access block received from first data processor, that the data filter specifies user approval prior to granting the first data processor access to the private data, and in response: 
transmitting from the cloud data privacy service to the user device a request for approval; and 
receiving, at the cloud data privacy service from the user device, a message indicating approval.
However, Van De Craen teaches the operation further comprising: 
determining, at the cloud data privacy service, based on the first data access block received from first data processor, that the data filter specifies user approval prior to granting the first data processor access to the private data (when the data provider [cloud data privacy service] receives a request for medical data from the physician device [first data processor] with the added feature that the data provider is arranged to request authentication from the patient [user approval] before providing the requested medical data to the physician device, para. 0057-0058; fig. 4), and in response: 
transmitting from the cloud data privacy service to the user device a request for approval (the data provider responds by requesting authentication from the patient to whom the requested medical data corresponds; the data provider responds to the data access request from the physician device by transmitting an authentication request to the patient device [user device], para. 0058); and 
receiving, at the cloud data privacy service from the user device, a message indicating approval (after the authentication information has been inputted, the patient device transmits the authentication information to the data provider, the data provider compare the received authentication information to known authentication information for the patient, and determine that .
Therefore, based on Harris in view of Van De Craen, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Van De Craen to the system of Harris in order to ensure privacy it is desirable for the medical data to be shared in a safe and secure manner, and in particular for the patient to be able to control who is allowed to access their medical data as taught by Van De Craen (para. 0002).

With respect to claim 19, Harris teaches The computer program product of claim 17 as described above, 
Harris does not explicitly teach the operation further comprising: 
determining, at the cloud data privacy service, based on the first data access block received from first data processor, that the data filter specifies user approval prior to granting the first data processor access to the private data, and in response: 
transmitting from the cloud data privacy service to the user device a request for approval; and 
receiving, at the cloud data privacy service from the user device, a message indicating approval.
However, Van De Craen teaches the operation further comprising: 
determining, at the cloud data privacy service, based on the first data access block received from first data processor, that the data filter specifies user approval prior to granting the first data processor access to the private data (when the data provider [cloud data privacy service] receives a request for medical data from the physician device [first data processor] with the added feature that the data provider is arranged to request authentication from the patient [user approval] before providing the requested medical data to the physician device, para. 0057-0058; fig. 4), and in response: 
transmitting from the cloud data privacy service to the user device a request for approval (the data provider responds by requesting authentication from the patient to whom the requested medical data corresponds; the data provider responds to the data access request from the physician device by transmitting an authentication request to the patient device [user device], para. 0058); and 
receiving, at the cloud data privacy service from the user device, a message indicating approval (after the authentication information has been inputted, the patient device transmits the authentication information to the data provider, the data provider compare the received authentication information to known authentication information for the patient, and determine that authentication is successful if the received authentication information matches the known authentication information; the data provider respond to successful .
Therefore, based on Harris in view of Van De Craen, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Van De Craen to the product of Harris in order to ensure privacy it is desirable for the medical data to be shared in a safe and secure manner, and in particular for the patient to be able to control who is allowed to access their medical data as taught by Van De Craen (para. 0002).

Claims 8-9, 16 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Harris et al. (US 2021/0365584 A1), hereinafter referred to as Harris, in view of Anderson et al. (US 2018/0005228 A1), hereinafter referred to as Anderson.

With respect to claim 8, Harris teaches The method of claim 1 as described above, 
Harris does not explicitly teach further comprising: 
providing, by the first data processor to a second data processor, access to at least a portion of the private data, comprising: 
generating, at the cloud data privacy service based on the first data access block, a second data access block relating to a second data processor; 
transmitting, from the cloud data privacy service to the first data processor, the second data access block, wherein the first data processor is configured to provide the second data access block to the second data processor; 
receiving, at the cloud data privacy service from the second data processor, a request to access the at least the portion of the private data, the request comprising the second data access block; and 
determining, at the cloud data privacy service, that the second data access block received from second data processor is valid, and in response granting the second data processor at least partial access to the at least the portion of the private data.
	However, Anderson teaches further comprising: 
providing, by the first data processor to a second data processor, access to at least a portion of the private data (the first merchant 112 [first data processor] sends a copy of the payment token to the second merchant 118 [second data processor], para. 0043; fig. 2), comprising: 
generating, at the cloud data privacy service based on the first data access block, a second data access block relating to a second data processor (the merchant service provider [cloud data privacy service] collect the consumer's payment data via an inline payment frame, the merchant service ; 
transmitting, from the cloud data privacy service to the first data processor, the second data access block (the merchant service provider sends a copy of the payment token to the first merchant 112, para. 0043; fig. 2), wherein the first data processor is configured to provide the second data access block to the second data processor (the first merchant 112 [first data processor] sends a copy of the payment token to the second merchant 118 [second data processor], para. 0043; fig. 2); 
receiving, at the cloud data privacy service from the second data processor, a request to access the at least the portion of the private data, the request comprising the second data access block (the merchants 118 [second data processor] transmit information, such as order information, or a request to create an account, to tokenize payment data, and/or to process a transaction to the service provider, which performs one or more services based at least on the transaction information received from the merchants 112 [first data processor], para. 0024; also see para. 0039); and 
determining, at the cloud data privacy service, that the second data access block received from second data processor is valid, and in response granting the second data processor at least partial access to the at least the portion of the private data (the second merchant 118 sends the .
Therefore, based on Harris in view of Anderson, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Anderson to the method of Harris in order to reduce the risk of payment tokens being used in fraudulent transactions as taught by Anderson (para. 0053).

With respect to claim 9, Harris in view of Anderson teaches The method of claim 8 as described above, 
Further, Anderson wherein the second data access block reflects access to only a portion of the private data for the second data processor (once the request is authorized, a token verification module compare the payment token which accompanied the request to the payment token in token data ; if the payment tokens match, then the payment data corresponding to the payment token can be retrieved; the payment data can then either be sent to a payment processor by the merchant service provider or returned to the second merchant for processing, para. 0054) in order to reduce the risk of payment tokens being used in fraudulent transactions as taught by Anderson (para. 0053).


With respect to claim 16, Harris teaches The system of claim 13 as described above, 
Harris does not explicitly teach the operation further comprising: 
providing, by the first data processor to a second data processor, access to at least a portion of the private data, comprising: 
generating, at the cloud data privacy service based on the first data access block, a second data access block relating to a second data processor;
transmitting, from the cloud data privacy service to the first data processor, the second data access block, wherein the first data processor is configured to provide the second data access block to the second data processor; 
receiving, at the cloud data privacy service from the second data processor, a request to access the at least the portion of the private data, the request comprising the second data access block; and 
determining, at the cloud data privacy service, that the second data access block received from second data processor is valid, and in response granting the second data processor at least partial access to the at least the portion of the private data.
However, Anderson teaches the operation further comprising: 
providing, by the first data processor to a second data processor, access to at least a portion of the private data (the first merchant 112 [first data processor] sends a copy of the payment token to the second merchant 118 [second data processor], para. 0043; fig. 2), comprising: 
generating, at the cloud data privacy service based on the first data access block, a second data access block relating to a second data processor (the merchant service provider [cloud data privacy service] collect the consumer's payment data via an inline payment frame, the merchant service provider tokenizes the obtained payment data, and, the merchant service provider stores the resulting payment token along with additional information about the consumer (e.g., name, billing address, etc.) in the token data and/or merchant/consumer data, para. 0043);
transmitting, from the cloud data privacy service to the first data processor, the second data access block (the merchant service provider sends a copy of the payment token to the first merchant 112, para. 0043; fig. 2), wherein the first data processor is configured to provide the second data access block to the second data processor (the first merchant 112 [first data processor] sends a copy of the payment token to the second merchant 118 [second data processor], para. 0043; fig. 2); 
receiving, at the cloud data privacy service from the second data processor, a request to access the at least the portion of the private data, the request comprising the second data access block (the merchants 118 [second data processor] transmit information, such as order information, or a request to create an account, to tokenize payment data, and/or to process a transaction to the service provider, which performs one or more services based at least on the transaction information received from the merchants 112 [first data processor], para. 0024; also see para. 0039); and 
determining, at the cloud data privacy service, that the second data access block received from second data processor is valid, and in response granting the second data processor at least partial access to the at least the portion of the private data (the second merchant 118 sends the payment token back to the merchant service provider, para. 0043; fig. 2; additional authorization and verification methods used to determine that a particular transaction request using a payment token is valid, para. 0055; the payment token can be verified and the request can be authorized, para. 0053) in order to reduce the risk of payment tokens being used in fraudulent transactions as taught by Anderson (para. 0053).
Therefore, based on Harris in view of Anderson, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Anderson to the system of Harris in order to reduce the risk of payment tokens being used in fraudulent transactions as taught by Anderson (para. 0053).

With respect to claim 20, Harris teaches The computer program product of claim 17 as described above, 
Harris does not explicitly teach the operation further comprising: 
providing, by the first data processor to a second data processor, access to at least a portion of the private data, comprising: 
generating, at the cloud data privacy service based on the first data access block, a second data access block relating to a second data processor; 
transmitting, from the cloud data privacy service to the first data processor, the second data access block, wherein the first data processor is configured to provide the second data access block to the second data processor; 
receiving, at the cloud data privacy service from the second data processor, a request to access the at least the portion of the private data, the request comprising the second data access block; and 
determining, at the cloud data privacy service, that the second data access block received from second data processor is valid, and in response granting the second data processor at least partial access to the at least the portion of the private data.
However, Anderson teaches the operation further comprising: 
providing, by the first data processor to a second data processor, access to at least a portion of the private data (the first merchant 112 [first data processor]  [second data processor], para. 0043; fig. 2), comprising: 
generating, at the cloud data privacy service based on the first data access block, a second data access block relating to a second data processor (the merchant service provider [cloud data privacy service] collect the consumer's payment data via an inline payment frame, the merchant service provider tokenizes the obtained payment data, and, the merchant service provider stores the resulting payment token along with additional information about the consumer (e.g., name, billing address, etc.) in the token data and/or merchant/consumer data, para. 0043); 
transmitting, from the cloud data privacy service to the first data processor, the second data access block (the merchant service provider sends a copy of the payment token to the first merchant 112, para. 0043; fig. 2), wherein the first data processor is configured to provide the second data access block to the second data processor (the first merchant 112 [first data processor] sends a copy of the payment token to the second merchant 118 [second data processor], para. 0043; fig. 2); 
receiving, at the cloud data privacy service from the second data processor, a request to access the at least the portion of the private data, the request comprising the second data access block (the merchants 118 [second data processor] transmit information, such as order information, or a request to create an account, to tokenize payment data, and/or to process a transaction to the service provider, which performs one or more services based first data processor], para. 0024; also see para. 0039); and 
determining, at the cloud data privacy service, that the second data access block received from second data processor is valid, and in response granting the second data processor at least partial access to the at least the portion of the private data (the second merchant 118 sends the payment token back to the merchant service provider, para. 0043; fig. 2; additional authorization and verification methods used to determine that a particular transaction request using a payment token is valid, para. 0055; the payment token can be verified and the request can be authorized, para. 0053) in order to reduce the risk of payment tokens being used in fraudulent transactions as taught by Anderson (para. 0053).
Therefore, based on Harris in view of Anderson, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Anderson to the product of Harris in order to reduce the risk of payment tokens being used in fraudulent transactions as taught by Anderson (para. 0053).

Contact Information 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HAO NGUYEN whose telephone number is (571)272-2666.  The examiner can normally be reached on Monday through Friday from 7:30 A.M. to 4:00 P.M. (EST).
Joon H. Hwang can be reached on 571-272-4036.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/H.H.N/Examiner, Art Unit 2447                                                                                                                                                                                                        
March 12, 2022

/JOON H HWANG/Supervisory Patent Examiner, Art Unit 2447