17DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


Claim 7 is rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor regards as the invention.

Claim 7 recites the limitation "the permission label" in lines 3 and 5.  There is insufficient antecedent basis for this limitation in the claim.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claims 8 and 11-13 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Laurila et al US 20130298247 (hereinafter Laurila).

As to claim 8, Laurila teaches a method for controlling exchange of data between applications (abstract, paragraph13, and Figure 6 disclose method for negotiation of data sharing arrangements between applications on user devices and applications of server providers), the method comprising, on a processor of a mixed reality data (MRD) BOT (Figure 4, reference number 412 depicts a processor of a server provider-advertiser which is a mixed reality data BOT): negotiating, in a negotiation phase, by: sending a data request offer to an application (App) BOT, the data request offer comprising a request for permission to access a labelled user information entity (abstract and paragraph 28 disclose service provider’s data request for data access of user information made on the privacy services marketplace, which is the application BOT; paragraph 28 also discloses user and service providers enter into negotiations of data, requested based on application specific permissions which the user set via a privacy analysis interface. Paragraph 40 discloses privacy settings of data for various apps, application programs is made); receiving a counteroffer in response to the data request offer (paragraph 28 also discloses counter offer is made between the users and service providers, also known as the MRD BOT,  these negotiations are in the privacy service marketplace. The server providers offer inducements data request, sharing of data; paragraph 55 discloses both users and service providers negotiate terms for sharing data, presenting profiles to indicate their requirements and offers, see also paragraph 62); filtering potential MRD based on data of the counteroffer (paragraph 62 discloses that filtering potential MRD is made based on the counteroffer bid, wherein a negotiation module choose/filter the highest bid of the MRD  service provider); P201909143US01Page 31 of 38determining a personalization score that takes into account incentive values (paragraphs 52-53 disclose a privacy score metric is set based on the user adjustments to privacy preferences, in addition, the user is able to adjust score based on what sharing to allow and what incentive/compensation to request or accept in exchange for sharing); responsive to determining that the personalization score meets or exceeds a personalization score threshold, sending an acceptance of the counteroffer to the App BOT (paragraphs 56-57 and Figure 5 disclose a matchmaking module is executed to find matching entries associated with the user privacy score and the request of the service provider-MRD BOT, wherein the MRD BOT is the advertiser; when there is a match, privacy score from the service provider meets the user privacy score threshold, acceptances between parties are made, thus acceptance of the data request offer is sent and access is provided of the requested user data, see also Figure 6, step 606 “Match User and Service Provider Information, Identify Entry into Data Sharing Arrangement” and step 608 “Collect Data in Accordance with Data Sharing Arrangement”, see also paragraph 62); and responsive to determining that the personalization score is less than the personalization score threshold, sending a second counteroffer to the App BOT(paragraph 70 discloses when the user privacy score association does not match( or meet the threshold) the advertiser-MRD BOT offer, the user can adjust his/her offer/requests/settings and send a counteroffer to the advertiser-MRD BOT in the marketplace, which is the App BOT).

As to claim 11, Laurila teaches further comprising, in an MRD transmission phase: personalizing MRD to create personalized MRD using a user information entity received from the App BOT(paragraph 55 discloses advertiser’s data, wherein advertiser’s data is MRD, that is personalized because the advertiser’s data is associated with user’s abstraction data categories of interest received from the marketplace, which is the App BOT. Paragraph 62 discloses also details a negotiation marketplace that comprises of personalized advertiser’s data. The advertiser’s data includes service provider-advertiser-MRD  inducement database storing inducements offered by advertisers to users in exchange for sharing data); and sending the personalized MRD to the App BOT  (paragraphs 55, 62, and 70 disclose the advertiser’s data-MRD is sent to the negotiation marketplace, which is the App BOT).

As to claim 12, Laurila teaches wherein the negotiating is triggered by at least one of a change in a scanned context of the user and a placing or reconfiguring of the MRD (paragraphs 62 and 70 disclose the negotiation bids in the marketplace starts by a negotiation module controlling the scanned information of the user and the service provider. This scanned information is shared between users and the advertisers. Since the advertiser information is shared the  advertiser’s information which is the MRD has been placed).

As to claim 13, Laurila teaches wherein the negotiation seeks to maximize an overall value that takes into account a value of a level of permissions or data from the user, and an incentive cost (paragraphs 62 and 70 disclose the negotiation module have access to maximum bids from each of a number of service providers-advertisers. These bids consider the value of levels of permission or user data access and include incentive costs).


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Baker et al US 20200106750 (hereinafter Baker) in view of Laurila et al US 20130298247 (hereinafter Laurila).

As to claim 1, Baker teaches a method for controlling exchange of data (abstract and Figure 3 teaches methods for providing a programmatic control channel for granting or denying access to user data), the method comprising: on a processor of an application (App)-BOT (paragraph 19 discloses application servers  which are App-BOT for managing data and paragraphs 104-106 disclose a processing device that has memory and an operating system that include application programs)  scanning a context of a user of the application ( Figure 3, step 302, paragraph 54 discloses receive an input stream and for the input stream to be received it has been scanned; paragraph 55 discloses this input stream comprises real-time data received from client devices and the input stream can comprise of records of personal data and consent data) and obtaining current scanned user data entities (Figure 3, step 304, paragraph 54 disclose extracting a user identifier, RCC (real-time regulatory control channel), and record data from the scanned/received data); determining a set of user information entities from the scanned user data entities containing current information about the user and surroundings of the user (Figure 3, step 306, paragraphs 55 and 60-61 disclose retrieve a stored RCC associated with the user identifier data from the input stream/scanned data, and paragraph 55 disclose the data can comprise location of the device or demographic data); labelling each user information entity of the set of user information entities with a user data permission to access the user information entity (Figure 3, step 308 “Compose Final RCC” and paragraph  60 disclose labelling is achieved by discussing preferences regarding consent to access and process data of specific types of user data is set, the preferences are encoded into the RCC format; paragraphs 62-63 disclose the method of step 308 involves applying any objection or restrictions fields in the RCC, select the consent data having the most restriction on the access/transfer of data); negotiating by: receiving a data access request offer from a mixed reality data MRD-BOT (paragraph 43 discloses a data requestor comprising a third-party computing system requesting access to user data, wherein the data requestors comprise programmatic advertising systems which are MRD-BOTs).
Baker does not teach a method for controlling exchange of data between applications;  negotiating, in a negotiation phase, by: the data access request offer comprising a request offer for a set of application specific permissions that are requested permissions to access a labelled user information entity ;estimating a privacy leak score that represents a user value attributed to permission to access the labelled user information entity based on the data access request offer; responsive to determining that the privacy leak score is equal to or exceeds a privacy leak score threshold, sending an acceptance of the data access request offer to the MRD BOT and providing access requested by the data access request; and responsive to determining that the privacy leak score is less than the privacy leak score threshold, sending a counteroffer to the access request offer to the MRD BOT.
Laurila teaches a method for controlling exchange of data between applications(abstract, paragraph13, and Figure 6 disclose method for negotiation of data sharing arrangements between applications on user devices and applications of server providers); negotiating, in a negotiation phase (abstract and paragraphs 28 and 55 disclose method for negotiation of data sharing arrangements), by; the data access request offer comprising a request offer for a set of application specific permissions that are requested permissions to access a labelled user information entity (abstract and paragraph 28 disclose service provider’s data request for data access of user information made on the privacy services marketplace, which is the application BOT; paragraph 28 also discloses user and service providers enter into negotiations of data, requested based on application specific permissions which the user set via a privacy analysis interface. Paragraph 40 discloses privacy settings of data for various apps, application programs is made); estimating a privacy leak score that represents a user value attributed to permission to access the labelled user information entity based on the data access request offer (abstract discloses the service provider data requests by service providers is compared with the user profile vector/permission rights; paragraphs  47-51 disclose how the privacy score of different types of user data is computed; paragraphs 52-53 disclose a privacy score/metric is obtained by presenting selection of user data types with user permission as a result of a service provider data request; the user may make selections to increase or decrease the level of abstraction at which data is shared; the method of the limitation is found in Figure 6, reference number 602 “Compute Privacy Score and Cost”); responsive to determining that the privacy leak score is equal to or exceeds a privacy leak score threshold, sending an acceptance of the data access request offer to the MRD BOT and providing access requested by the data access request (paragraphs 57 and 63, and Figure 5 disclose a matchmaking module is executed to find matching entries associated with the user privacy score and the request of the service provider-MRD BOT, wherein the MRD BOT is the advertiser; when there is a match, privacy score from the service provider meets the user privacy score threshold, acceptances between parties are made, thus acceptance of the data request offer is sent and access is provided of the requested user data, see also Figure 6, step 606 “Match User and Service Provider Information, Identify Entry into Data Sharing Arrangement” and step 608 “Collect Data in Accordance with Data Sharing Arrangement”, see also paragraph 70); and responsive to determining that the privacy leak score is less than the privacy leak score threshold, sending a counteroffer to the access request offer to the MRD BOT (paragraph 70 discloses when the user privacy score association does not match( or meet the threshold) the advertiser-MRD BOT offer, the user can adjust his/her offer/requests/settings and send a counteroffer to the advertiser-MRD BOT in the marketplace, which is the App BOT).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Baker’s method of controlling exchange of data between applications with Laurila’s method of negotiating such that the user can share private data with the service provides for an appropriate benefit while still protecting his or her privacy to a desired degree (paragraph 3 of Laurila).

As to claim 14, Baker teaches a system for controlling exchange of data (Figures 1 and 5 and abstract disclose system and apparatus for providing programmatic control channel for granting or denying access to user data between applications of servers and client devices), the system comprising: an application (App) BOT (Figure 5- a processing device, reference number 500; paragraph 19 discloses application server, which are App BOT, for managing data and paragraphs 104-106 disclose a processing device that has memory and an operating system that include application program) comprising a memory (Figure 5, memory , reference number 504) and a processor (Figure 5, CPU, reference number 502), the processor being configured for: scanning a context of a user of the application ( Figure 3, step 302, paragraph 54 discloses receive an input stream and for the input stream to be received it has been scanned; paragraph 55 discloses this input stream comprises real-time data received from client devices and the input stream can comprise of records of personal data and consent data) and obtaining current scanned user data entities (Figure 3, step 304, paragraph 54 disclose extracting a user identifier, RCC (real-time regulatory control channel), and record data from the scanned/received data); determining a set of user information entities from the scanned user data entities containing current information about the user and surroundings of the user (Figure 3, step 306, paragraphs 55 and 60-61 disclose retrieve a stored RCC associated with the user identifier data from the input stream/scanned data, and paragraph 55 disclose the data can comprise location of the device or demographic data); labelling each user information entity of the set of user information entities with a user data permission to access the user information entity(Figure 3, step 308 “Compose Final RCC” and paragraph  60 disclose preferences regarding consent to access and process data of specific types of user data is set, the preferences are encoded into the RCC format; paragraphs 62-63 disclose the method of step 308 involves applying any objection or restrictions fields in the RCC, select the consent data having the most restriction on the access/transfer of data); negotiating by: receiving a data access request offer from a mixed reality data (MRD)-BOT(paragraph 43 discloses a data requestor comprising a third-party computing system requesting access to user data, wherein the data requestors comprise programmatic advertising systems which are MRD-BOTs).
Baker does not teach a system for controlling exchange of data between applications; negotiating, in a negotiation phase, by :the data access request offer comprising a request offer for a set of application specific permissions that are requested permissions to access a labelled user information entity; estimating a privacy leak score that represents a user value attributed to the permission to access the labelled user information entity based on the data access request offer; responsive to determining that the privacy leak score is equal to or exceeds a privacy leak score threshold, sending an acceptance of the data access request offer to the MRD BOT and providing access requested by the data access request; and responsive to determining that the privacy leak score is less than the privacy leak score threshold, sending a counteroffer to the offer to the MRD BOT; and a mixed reality data (MRD) BOT comprising a memory and a processor, the processor being configured for: negotiating, in a negotiation phase, by: sending a data request offer to an application (App-) BOT, the data request offer comprising a request for permission to access a labelled user information entity; receiving a counteroffer in response to the data request offer; filtering potential MRD based on data of the counteroffer; determining a personalization score that takes into account incentive values; responsive to determining that the personalization score meets or exceeds a personalization score threshold, sending an acceptance of the counteroffer to the App BOT; and responsive to determining that the personalization score is less than the personalization score threshold, sending a second counteroffer to the App BOT.
Laurila teaches a system for controlling exchange of data between applications(abstract, paragraph13, and Figure 6 disclose system for negotiation of data sharing arrangements between applications on user devices and applications of server providers); negotiating, in a negotiation phase, (abstract and paragraphs 28 and 55 disclose method for negotiation of data sharing arrangements) by :the data access request offer comprising a request offer for a set of application specific permissions that are requested permissions to access a labelled user information entity(abstract and paragraph 28 disclose service provider’s data request for data access of user information made on the privacy services marketplace, which is the application BOT; paragraph 28 also discloses user and service providers enter into negotiations of data, requested based on application specific permissions which the user set via a privacy analysis interface. Paragraph 40 discloses privacy settings of data for various apps, application programs is made); estimating a privacy leak score that represents a user value attributed to the permission to access the labelled user information entity based on the data access request offer(abstract discloses the service provider data requests by service providers is compared with the user profile vector/permission rights; paragraphs  47-51 disclose how the privacy score of different types of user data is computed; paragraphs 52-53 disclose a privacy score/metric is obtained by presenting selection of user data types per user permission as a result of service provider data request; the user may make selections to increase or decrease the level of abstraction at which data is shared; the method of the limitation is found in Figure 6, reference number 602 “Compute Privacy Score and Cost”); responsive to determining that the privacy leak score is equal to or exceeds a privacy leak score threshold, sending an acceptance of the data access request offer to the MRD BOT and providing access requested by the data access request (paragraphs 57, 63 and Figure 5 disclose a matchmaking module is executed to find matching entries associated with the user privacy score and the request of the service provider-MRD BOT, wherein the MRD BOT is the advertiser; when there is a match, privacy score from the service provider meets the user privacy score threshold, acceptances between parties are made, thus acceptance of the data request offer is sent and access is provided of the requested user data, see also Figure 6, step 606 “Match User and Service Provider Information, Identify Entry into Data Sharing Arrangement” and step 608 “Collect Data in Accordance with Data Sharing Arrangement”, see also paragraph 70); and responsive to determining that the privacy leak score is less than the privacy leak score threshold, sending a counteroffer to the offer to the MRD BOT(paragraph 70 discloses when the user privacy score association does not match( or meet the threshold) the advertiser-MRD BOT offer, the user can adjust his/her offer/requests/settings and send a counteroffer to the advertiser-MRD BOT in the marketplace, which is the App BOT); and a mixed reality data (MRD) BOT comprising a memory and a processor(Figure 4, reference numbers 412 and 414 depict a processor and memory of a server provider-advertiser which is a mixed reality data BOT), the processor being configured for: negotiating, in a negotiation phase, by: sending a data request offer to an application (App-) BOT, the data request offer comprising a request for permission to access a labelled user information entity(abstract and paragraph 28 disclose service provider’s data request for data access of user information made on the privacy services marketplace, which is the application BOT; paragraph 28 also discloses user and service providers enter into negotiations of data, requested based on application specific permissions which the user set via a privacy analysis interface. Paragraph 40 discloses privacy settings of data for various apps, application programs is made); receiving a counteroffer in response to the data request offer(paragraph 28 also discloses counter offer is made between the users and service providers, also known as the MRD BOT,  these negotiations are in the privacy service marketplace. The server providers offer inducements data request, sharing of data; paragraph 55 discloses both users and service providers negotiate terms for sharing data, presenting profiles to indicate their requirements and offers, see also paragraph 62); filtering potential MRD based on data of the counteroffer(paragraph 62 discloses that filtering potential MRD is made based on the counteroffer bid, wherein a negotiation module choose/filter the highest bid of the MRD  service provider); determining a personalization score that takes into account incentive values(paragraphs 52-53 disclose a privacy score metric is set based on the user adjustments to privacy preferences, in addition, the user is able to adjust score based on what sharing to allow and what incentive/compensation to request or accept in exchange for sharing); responsive to determining that the personalization score meets or exceeds a personalization score threshold, sending an acceptance of the counteroffer to the App BOT(paragraphs 57 and 63 and Figure 5 disclose a matchmaking module is executed to find matching entries associated with the user privacy score and the request of the service provider-MRD BOT, wherein the MRD BOT is the advertiser; when there is a match, privacy score from the service provider meets the user privacy score threshold, acceptances between parties are made, thus acceptance of the data request offer is sent and access is provided of the requested user data, see also Figure 6, step 606 “Match User and Service Provider Information, Identify Entry into Data Sharing Arrangement” and step 608 “Collect Data in Accordance with Data Sharing Arrangement”, see also paragraph 70); and responsive to determining that the personalization score is less than the personalization score threshold, sending a second counteroffer to the App BOT(paragraphs 62 and 70 disclose when the user privacy score association does not match( or meet the threshold) the advertiser-MRD BOT offer, the user can adjust his/her offer/requests/settings and send a counteroffer to the advertiser-MRD BOT in the marketplace, which is the App BOT).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Baker’s system of controlling exchange of data between applications with Laurila’s method of negotiating such that the user can share private data with the service provides for an appropriate benefit while still protecting his or her privacy to a desired degree (paragraph 3 of Laurila).

Claims 2-7 and 15-20 are rejected under 35 U.S.C. 103 as being unpatentable over Baker et al US 20200106750 (hereinafter Baker) in view of Laurila et al US 20130298247 (hereinafter Laurila) in further view of Waghmare et al IN 201721017374 (hereinafter Waghmare).

As to claim 2, the combination of Baker in view of Laurila teach all the limitations recited in claim 1 above. The combination of Baker in view of Laurila further teach  the data access request offer further comprises a set of offered incentives offered by the MRD BOT(Laurila: paragraph 8 discloses  that a match for the advertiser-MRD BOT to access data occurs when  the advertiser and the user’s privacy score association, requested incentive, and offered incentives match according to a specified set of criteria); determining an overall value based on a privacy score of the requested permissions, the set of offered incentives, as well as the current scanned user data entities, and user preferences (Laurila: paragraphs 47-50 and 52-53 disclose a privacy metric based on the privacy score of the scanned user data, user preferences of the user data type,  compensation/incentives ).
The combination of Baker in view of Laurila do not teach wherein: a privacy tree data structure comprises nodes, each of the nodes representing one of the user data permissions and each having a corresponding permission label and a corresponding privacy score; and the method further comprising: creating an application-specific privacy subtree structure comprising a subset of the nodes of the privacy tree based on the privacy tree data structure and sets of application specific permissions; determining an overall value based on a privacy score of the requested permissions in the privacy subtree structure.
Waghmare teaches wherein: a privacy tree data structure  (abstract and paragraphs 5-7 disclose privacy lineage tree) comprises nodes, each of the nodes representing one of the user data permissions and each having a corresponding permission label and a corresponding privacy score (paragraph 6 disclose the privacy tree comprises privacy policy and a plurality of privacy parameters; paragraph 57 discloses the tree has nodes, and each nodes represent privacy levels parameters); and the method further comprising: creating an application-specific privacy subtree structure  (paragraph 57 discloses privacy subtree) comprising a subset of the nodes of the privacy tree based on the privacy tree data structure and sets of application specific permissions (paragraph 57 discloses the system traverses the privacy lineage tree and get to the root of the data subject subtree… the privacy level values for all of the nodes may be enlisted and provided as output data. Therefore, the subtree has nodes based on the privacy lineage tree. Paragraph 58 discloses the system may traverse the field subtree for each data subject and get the latest privacy level by accessing the node) ; determining an overall value based on a privacy score of the requested permissions in the privacy subtree structure (paragraphs 51-57 and 86 disclose privacy level value is obtained based on the privacy policy strength of user preferences and privacy score from the subtree).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Baker’s method of controlling exchange of data between applications in view of Laurila’s method of negotiating with Waghmare’s teaching of a privacy tree to decrease the risk of sharing user data (paragraph 3 of Waghmare).

As to claim 3, the combination of Baker in view of Laurila and Waghmare teach further comprising: responsive to determining that the overall value equals or exceeds an overall value threshold: receiving user approval information related to a user approval of the set of application specific permissions (Waghmare: paragraphs 97-98 disclose the threshold values ranges, when the privacy level value is between 0 to 24 percent, there is no privacy set for the application specific permissions, and approval associated with the user data is made) ; responsive to determining that the overall value is less than the overall value threshold(Waghmare: paragraphs 97 and 105 disclose the threshold values ranges, when the privacy level value is between 75 to 100 percent, there is “strict privacy” set for the application specific permissions): sending the counteroffer to the offer to the MRD BOT(Laurila: paragraph 70 discloses when the user privacy score association does not match the advertiser-MRD BOT offer, the user can adjust his/her offer/request/setting and send a counteroffer to access the advertiser-MRD BOT).
	
	As to claim 4, the combination of Baker in view of Laurila and Waghmare teach further comprising: responsive to the user approval information being positive(Waghmare: paragraph 97 and 101 disclose the user approval information being in the preference setting of always allow), sending the acceptance of the data access request offer to the MRD BOT and providing access requested by the data access request(Laurila: paragraphs 57 and 63 disclose a matchmaking module is run to find matching entries associated with the privacy score and the request of the service provider-MRD BOT, wherein the MRD BOT is the advertiser; when there is a match, acceptances between parties is made, thus acceptance of the data request offer is sent and access is provided of the requested user data, see also Figure 6, step 606 “Match User and Service Provider Information, Identify Entry into Data Sharing Arrangement” and step 608 “Collect Data in Accordance with Data Sharing Arrangement”); and responsive to the user approval information being negative (Waghmare: paragraphs 97 and 105 disclose when the user approval information is negative, or always deny the request; Laurila: paragraph 70 discloses when the user privacy score association does not match the advertiser-MRD BOT offer), sending the counteroffer to the offer to the MRD BOT(Laurila: paragraph 70 discloses when the user privacy score association does not match the advertiser-MRD BOT offer, the user can adjust his/her offer/request/setting and send a counteroffer to access the advertiser-MRD BOT).

	As to claim 5, the combination of Baker in view of Laurila and Waghmare teach further comprising, responsive to the user approval information being positive(Waghmare: paragraphs 97 and 101 disclose the user approval information being in the preference setting of always allow): updating the privacy tree structure and the privacy subtree structure (Waghmare: paragraphs 36, 48 and claim 8 discuss the user data preference is set to allow, and updates is made to the privacy preferences of the privacy tree and subtree).

	As to claim 6, the combination of Baker in view of Laurila and Waghmare teach further comprising, responsive to the determining that the privacy leak score is equal to or exceeds the privacy leak score threshold(Waghmare: paragraph 97 and 101 disclose the occurrence of when user approval information being in the preference setting is within the range setting of always allow; Laurila: paragraphs 49-50 disclose how the privacy score of different types of user data is computed): updating the privacy tree structure and the privacy subtree structure(Waghmare: paragraphs 36, 48, and claim 8 discuss the user data preference is set, and updates is made to the privacy preferences of the privacy tree and subtree).

As to claim 7, the combination of Baker in view of Laurila and Waghmare teach wherein updating the privacy tree structure and the privacy subtree structure comprises: updating the permission label and the corresponding privacy score of at least one privacy tree structure node(Waghmare: paragraphs 36, 48, and claim 8 discuss the user data preference is set/updated and an updates is made to the privacy preferences of the privacy tree and subtree nodes); and updating the permission label and the corresponding privacy score of at least one privacy subtree structure node(Waghmare: paragraphs 48, 113, and claim 8 discuss the user data preference is set/updated and an updates is made to the privacy preferences of the privacy tree and subtree nodes).

As to claim 15, the combination of Baker in view of Laurila teach all the limitations recited in claim 14 above. The combination of Baker in view of Laurila further teach wherein for the App BOT:  the data access request offer further comprises a set of offered incentives offered by the MRD BOT(Laurila: paragraph 8 discloses determining that when a match for the advertiser-MRD BOT to access data occurs when  the advertiser and the user’s privacy score association, requested incentive, and offered incentives match according to a specified set of criteria); the App Bot processor further being configured for: determining an overall value based on a privacy score of the requested permissions, the set of offered incentives, as well as the current scanned user data entities, and user preferences (Laurila: paragraphs 49-50 disclose a privacy metric based on the privacy score of the scanned user data, user preferences of the user data type,  compensation/incentives ); the MRD BOT processor further being configured for: creating a personalization tree structure(Laurila: paragraph 43 discloses user profile vector is maintained as a hierarchical data structure which is a tree structure),  representing a personalization benefit gained from one or more user permissions (Laurila: paragraph 46 discloses a value is assign to personal data based on the impacts to privacy of sharing data, see also paragraph 53). 
The combination of Baker in view of Laurila do not teach wherein: for the App BOT: a privacy tree data structure comprises nodes, each of the nodes representing one of the user data permissions and each having a corresponding permission label and a corresponding privacy score; and the App BOT processor further being configured for: creating an application-specific privacy subtree structure comprising a subset of the nodes of the privacy tree based on the privacy tree data structure and sets of application specific permissions; and determining an overall value based on a privacy score of the requested permissions in the privacy subtree structure; the MRD BOT processor further being configured for: creating a tree structure comprising nodes, each of the nodes representing a personalization benefit gained from one or more user permissions.
Waghmare teaches wherein: for the App BOT: a privacy tree data structure  (abstract and paragraphs 5-7 disclose privacy lineage tree)  comprises nodes, each of the nodes representing one of the user data permissions and each having a corresponding permission label and a corresponding privacy score(paragraph 6 disclose the privacy tree comprises privacy policy and a plurality of privacy parameters; paragraph 57 discloses the tree has nodes, and each nodes represent privacy levels parameters); and the App BOT processor further being configured for: creating an application-specific privacy subtree structure(paragraph 57 discloses privacy subtree) comprising a subset of the nodes of the privacy tree based on the privacy tree data structure and sets of application specific permissions(paragraph 57 discloses the system traverses the privacy lineage tree and get to the root of the data subject subtree… the privacy level values for all of the nodes may be enlisted and provided as output data. Therefore, the subtree has nodes based on the privacy lineage tree. Paragraph 58 disclose the system may traverse the field subtree for each data subject and get the latest privacy level by accessing the node); and determining an overall value based on a privacy score of the requested permissions in the privacy subtree structure(paragraphs 55-56 disclose privacy level value is obtained based on the privacy policy strength of user preferences and privacy score from the subtree); creating a tree structure(abstract and paragraphs 5-7 disclose privacy lineage tree) comprising nodes, each of the nodes representing a personalization benefit gained from one or more user permissions(paragraph 6 disclose the privacy tree comprises privacy policy and a plurality of privacy parameters; paragraph 57 discloses the tree has nodes, and each nodes represent privacy levels parameters, see also paragraph 116 and claims 1-2).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Baker’s system of controlling exchange of data between applications in view of Laurila’s method of negotiating with Waghmare’s teaching of a privacy tree to decrease the risk of sharing user data (paragraph 3 of Waghmare).

As to claim 16, the combination of Baker in view of Laurila and Waghmare teach wherein: the App BOT processor is further configured for: responsive to determining that the overall value equals or exceeds an overall value threshold: receiving user approval information related to a user approval of the set of application specific permissions(Waghmare: paragraphs 97 and 101 disclose the threshold values ranges, when the privacy level value is between 0 to 24 percent, there is no privacy set for the application specific permissions, and approval associated with the user data is made); responsive to determining that the overall value is less than the overall value threshold(Waghmare: paragraphs 97 and 105 disclose the threshold values ranges, when the privacy level value is between 75 to 100 percent, there is strict privacy set for the application specific permissions): sending the counteroffer to the offer to the MRD BOT(Laurila: paragraph 70 discloses when the user privacy score association does not match the advertiser-MRD BOT offer, the user can adjust his/her offer/request/setting and send a counteroffer to access the advertiser-MRD BOT); and the MRD BOT processor is further configured for: P201909143US01Page 35 of 38determining an incentive cost of an incentive from an incentive set that is based on the personalization benefit for a user permission at a particular instant of time and in a particular context(Laurila: paragraph 50 discloses the privacy score may be mapped to a cost, the cost is a function of the user category of data and the permission level for each category of data at a particular instant of time-access to historical data and access to real-time data, paragraph 53 discloses the user is able to evaluate settings by making adjustments and observing the change in the displayed privacy score and privacy cost. The user is then able to determine what sharing to allow and what compensation to request or accept in exchange for sharing, see also paragraph 70 which disclose negotiations of a user incentive cost based on user permission of data with the advertiser’s offered price); and comparing the incentive cost with a permission access gain associated with the permission(Laurila: paragraph 70 which disclose negotiations of a user incentive cost based on user permission of data with the advertiser’s offered price, see also paragraph 55 which discusses the price/cost the advertiser is willing to pay for the data and the incentives provided to the users; matching making is done via the marketplace of the incentive cost with the user permission access cost); and responsive to determining the incentive cost is less than the associated permission access gain, including the incentive in at least one of the data request offer and the second counteroffer(Laurila: paragraphs 57 and 62, wherein paragraph 57 discloses  that if the incentive cost Cu is less than or equal to the associated permission access gain cost Ca for each data permission category, negotiation/bids/counteroffers are made on the data based on the user price/ and data access and the service provider-advertiser’s offer).

As to claim 17, the combination of Baker in view of Laurila and Waghmare teach wherein the App BOT processor is further configured for: responsive to the user approval information being positive(Waghmare: paragraph 97 and 101 disclose the user approval information being in the preference setting of always allow), sending the acceptance of the data access request offer to the MRD BOT and providing access requested by the data access request(Laurila: 57 and 63 disclose a matchmaking module is run to find matching entries associated with the privacy score and the request of the service provider-MRD BOT, wherein the MRD BOT is the advertiser; when there is a match, acceptances between parties is made, thus acceptance of the data request offer is sent and access is provided of the requested user data, see also Figure 6, step 606 “Match User and Service Provider Information, Identify Entry into Data Sharing Arrangement” and step 608 “Collect Data in Accordance with Data Sharing Arrangement”); and responsive to the user approval information being negative(Waghmare: paragraphs 97 and 105 disclose when the user approval information is negative, or always deny the request; Laurila: paragraph 70 discloses when the user privacy score association does not match the advertiser-MRD BOT offer), sending the counteroffer to the offer to the MRD BOT(Laurila: paragraph 70 discloses when the user privacy score association does not match the advertiser-MRD BOT offer, the user can adjust his/her offer/request/setting and send a counteroffer to access the advertiser-MRD BOT).

As to claim 18, the combination of Baker in view of Laurila and Waghmare teach wherein the App BOT processor is further configured for, responsive to the determining that the privacy leak score is equal to or exceeds a privacy leak score threshold(Waghmare: paragraph 97 and 101 disclose the occurrence of when user approval information being in the preference setting is within the range setting of always allow; Laurila: paragraphs 47-51 discloses how the privacy score of different types of user data is computed): updating the privacy tree structure and the privacy subtree structure(Waghmare: paragraphs 48, 113 and claim 8 discuss the user data preference is set, and updates is made to the privacy preferences of the privacy tree and subtree), wherein the updating comprises: updating the permission label and the corresponding privacy score of at least one privacy tree structure node(Waghmare: paragraphs  48, 113, and claim 8 discuss the user data preference is set/updated and an updates is made to the privacy preferences of the privacy tree and subtree nodes); and updating the permission label and the corresponding privacy score of at least one privacy subtree structure node(Waghmare: paragraphs 48, 113, and claim 8 discuss the user data preference is set/updated and an updates is made to the privacy preferences of the privacy tree and subtree nodes).

As to claim 19, the combination of Baker in view of Laurila and Waghmare teach all the limitation recited in claim 14 above. The combination of Baker in view of Laurila and Waghmare teach wherein the MRD BOT processor is further configured for: personalizing MRD to create personalized MRD using a user information entity received from the App BOT(Laurila: paragraph 55 disclose advertiser’s data, wherein advertiser’s data is MRD, that is personalized. The advertiser’s data is associated with user’s abstraction data categories of interest received by the marketplace, which is the App BOT. Paragraph 62 discloses negotiation marketplace that comprise of personalized advertiser’s data. The advertiser’s data includes service provider-advertiser-MRD  inducement database storing inducements offered by advertisers to users in exchange for sharing data); and sending the personalized MRD to the App BOT(Laurila: paragraphs 55, 62, and 70 disclose the advertiser’s data-MRD is sent to the negotiation marketplace, which is the App BOT).

As to claim 20, the combination of Baker in view of Laurila and Waghmare teach all the limitation recited in claim 14 above. The combination of Baker in view of Laurila and Waghmare teach wherein the negotiating is triggered by at least one of a change in the scanned context of the user and a placing or reconfiguring of the MRD(Laurila: paragraphs 62 and 70 disclose the negotiation bids in marketplace is starts by negotiation module controlling the scanned information of the user and the service provider that is shared between users and the advertisers. Since the advertiser information is shared the  advertiser’s information which is the MRD has been placed).

Claim(s) 9-10 are rejected under 35 U.S.C. 103 as being unpatentable over Laurila et al US 20130298247 (hereinafter Laurila) in view of Waghmare et al IN 201721017374 (hereinafter Waghmare).

As to claim 9, Laurila teaches all the limitations recited in claim 8 above. Laurila teaches creating a personalization tree structure (paragraph 43 discloses user profile vector is maintained as a hierarchical data structure which is a tree structure),  representing a personalization benefit gained from one or more user permissions (paragraph 46 disclose a value is assign to personal data based on the impacts to privacy of sharing data, see also paragraphs 53-56). 
Laurila does not teach the tree structure comprising nodes, each of the nodes representing a personalization benefit gained from one or more user permissions.
Waghmare teaches a tree structure(abstract and paragraphs 5-7 disclose privacy lineage tree) comprising nodes, each of the nodes representing a personalization benefit gained from one or more user permissions(paragraph 6 disclose the privacy tree comprises privacy policy and a plurality of privacy parameters; paragraph 57 discloses the tree has nodes, and each nodes represent privacy levels parameters, see also paragraph 116 and claims 1-2).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Laurila’s method of negotiating with Waghmare’s teaching of a privacy tree to decrease the risk of sharing user data (paragraph 3 of Waghmare).

As to claim 10, the combination of Laurila in view of Waghmare teach determining an incentive cost of an incentive from an incentive set that is based on the personalization benefit for a user permission at a particular instant of time and in a particular context (Laurila: paragraph 50 discloses the privacy score may be mapped to a cost, the cost is a function of the user category of data and the permission level for each category of data at a particular instant of time-access to historical data and access to real-time data, paragraph 53 discloses the user is able to evaluate settings by making adjustments and observing the change in the displayed privacy score and privacy cost. The user is then able to determine what sharing to allow and what compensation to request or accept in exchange for sharing, see also paragraph 70 which disclose negotiations of a user incentive cost based on user permission of data with the advertiser’s offered price); and comparing the incentive cost with a permission access gain associated with the user permission (Laurila: paragraph 70 which disclose negotiations of a user incentive cost based on user permission of data with the advertiser’s offered price, see also paragraph 55 which discusses the price/cost the advertiser is willing to pay for the data and the incentives provided to the users; matching making is done via the marketplace of the incentive cost with the user permission access cost); and responsive to determining the incentive cost is less than the associated permission access gain, including the incentive in at least one of the data request offer and the second counteroffer (Laurila: paragraphs 57 and paragraph 70, wherein paragraph 57 discloses  that if the incentive cost Cu is less than or equal to the associated permission access gain cost Ca for each data permission category, negotiation/bids/counteroffers are made on the data based on the user price/ and data access and the service provider-advertiser’s offer).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  Alvarez-Pallete Lopez et al EP 3447671(hereinafter Alvarez-Pallete Lopez).
Alvarez-Pallete Lopez teaches: labelling each user information entity of the set of user information entities with a user data permission to access the user information entity (paragraphs 51 and 54); negotiating, in a negotiation phase by: receiving a data access request offer from a mixed reality data BOT (paragraphs 25 and 47); estimating a privacy leak score that represents a user value attributed to permission to access the labelled user information entity based on the data access request offer (paragraphs 26 and 51) as recited in claim 1 .

Any inquiry concerning this communication or earlier communications from the examiner should be directed to FELICIA FARROW whose telephone number is (571)272-1856. The examiner can normally be reached M - F 7:30--5:30pm (EST).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on (571)272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/F.F/               Examiner, Art Unit 2437          

/KRISTINE L KINCAID/               Supervisory Patent Examiner, Art Unit 2437