Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This communication is a non-final action in response to application filed on 05/03/2019. Claims 1-45 are pending.

Information Disclosure Statement
The IDS filed on 05/03/2019 has been considered.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-45 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
The term “strategic asset” in independent claims 1, 16, 45 is an subjective term which renders the claim indefinite. The term “strategic asset” is not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention. Here, beyond the claim language merely describe these strategic asset including a protected element and service record, no description or example is given to what it means by something being “strategic”. Furthermore, the spec doesn’t use the terms “strategic” or “asset”. As a result, whether something is considered strategic is determined by subjective standard of each person where two people may have a different opinion regarding whether an asset is strategic. Examiner recommend using another term to describe this data that comprises protected data element and service record. For example, terms such as “customer information” may be considered.
The dependent claims do not fix the above identified issue and are rejected based on dependency.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 16-45 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 16-22, 24, 2-6, 25-26, 14, 11-13, 27, 7-10, 28-30 of U.S. Patent No. 10326742 (‘742) Although the claims at issue are not identical, they are not patentably distinct from each other.
Claims 16-44 are summarized below in table.
This app Claim 16
‘742’s Claim 1
Feature missing from ‘588
A cryptographically enforced data exchange for enabling an exchange of customer strategic assets between one or more publishers and one or more third parties while preserving customer privacy, the system comprising:
A cryptographically enforced data exchange for enabling an exchange of customer travel records between a plurality of travel providers while preserving customer privacy, the system comprising:
Intended use for the exchange. No patentable distinction.
a communication component configured to receive customer strategic assets from each of the publishers; 
a communication component configured to receive customer travel data from each of a plurality of publishers, wherein each publisher is a travel provider;
Travel data versus strategic assets. However, travel data are strategic assets for the publisher. Therefore, ‘742 still anticipates claim 16
the communication component further configured to communicate a portion of the customer strategic assets to one or more of a plurality of third parties, wherein each third party has requested to receive strategic assets from other publishers for customers known to said third party;
the communication component further configured to communicate a portion of the customer travel data to one or more of a plurality of subscribers, wherein each subscriber has requested to receive travel records from other publishers for customers known to said subscriber;
Third parties versus subscribers. However, similarly, subscribers are third parties as well and therefore ‘742 still anticipates claim 16.
wherein the customer strategic assets include one or more protected data elements identifying a customer and one or more service records associated with such customer; wherein the protected data elements include customer protected data elements and publisher protected data elements;
wherein the customer travel data includes one or more protected data elements identifying a customer and one or more travel records associated with a travel itinerary for such customer; wherein the protected data elements include customer protected data elements and travel provider protected data elements;
Service record versus travel itinerary. See above for analysis.
a normalization component configured to tokenize the protected data elements into a plurality of tokens;
a normalization component configured to … tokenize the protected data elements into a plurality of tokens;
none
a cryptographic component configured to hash each customer protected data element using a system hash key, and hash each publisher protected data element using a publisher hash key selected based on which publisher created the publisher protected data element;
a cryptographic component configured to … hash each customer protected data element using a system hash key, and hash each travel provider protected data element using a provider hash key selected based on which travel provider created the travel provider protected data element;
None other  than differences already identified above.
wherein a publisher hash key is provided for each publisher; 
wherein a provider hash key is provided for each travel provider;
Publisher versus travel provider. Travel provider is a publisher so ‘742 anticipates claim 16.
a storage component being a cryptographically enforced data store configured to receive and store the hashed protected data elements and the service records;
a storage component being a cryptographically enforced data store configured to receive and store the tokenized, hashed protected data elements and the travel records;
None other than difference already discussed above.
a matching component configured to, in response to receiving customer strategic assets, determine a customer match by comparing the hashed protected data elements to previously received hashed protected data elements to match a customer with a previously identified customer;
a matching component configured to, in response to receiving customer travel data, determine a customer match by comparing the tokenized, hashed protected data elements to previously received tokenized, hashed protected data elements to match a customer with a previously identified customer;
None other than difference already discussed above.
wherein the communication component is further configured to, in response to determining a customer match, communicate at least a portion of the service record received from a publisher for the customer to the third party without disclosing any of the protected data elements between the publisher and the third party thereby preserving customer privacy.
wherein the communication component is further configured to, in response to determining a customer match, communicate at least a portion of the travel record received from a publisher for the customer to the subscriber without disclosing any of the protected data elements between the publisher and the subscriber thereby preserving customer privacy.
None other than difference already discussed above.
Claim 17
‘742’s claim 16
Difference/Note
wherein the communication component is further configured to receive subscription requests to receive service data for one or more customers from a plurality of third parties, wherein each third party is a publisher providing customer strategic assets for at least a portion of the one or more customers.
wherein the communication component is further configured to receive subscription requests to receive travel data for one or more customers from a plurality of subscribers, wherein each subscriber is a publisher providing customer travel data for at least a portion of the one or more customers.
None other than discussed above.
Claim 18
‘742’s claim 17
Note
wherein each third party is a publisher providing customer strategic assets for at least a portion of the one or more customers; and wherein a subscription request is inferred in response to a publisher providing customer strategic assets.
wherein each subscriber is a publisher providing customer travel data for at least a portion of the one or more customers; and wherein a subscription request is inferred in response to a publisher providing customer travel data.
None other than discussed above.
Claim 19
‘742’s claim 18
Note
wherein the one or more protected data elements and the one or more service records for a customer are received at substantially the same time from a publisher.
wherein the one or more protected data elements and the one or more travel records for a customer are received at substantially the same time from a publisher.
None other than discussed above.
Claim 20
‘742’s claim 19
Note
wherein the one or more protected data elements and the one or more service records for a customer are received at different times and subsequently associated.
wherein the one or more protected data elements and the one or more travel records for a customer are received at different times and subsequently associated.
None other than discussed above.
Claim 21
‘742’s claim 20
Note
wherein the one or more protected data elements comprise personally identifiable information of a customer.
wherein the one or more protected data elements comprise personally identifiable information of a customer.
none
Claim 22
‘742’s claim 21
Note
wherein the publisher protected data elements comprise a customer identifier assigned by a publisher.
wherein travel provider protected data elements comprise a customer identification assigned by a travel provider.
None other than discussed above.
Claim 23
‘742’s claim 22
Note
wherein the normalization component is configured to tokenize the protected data elements in response to receipt of the protected data elements by the communication component.
wherein the normalization component is further configured to tokenize the protected data elements upon receipt of the protected data elements by the communication component.
None other than word choice (in response to versus upon).
Claim 26
‘742’s claim 24
Note
wherein the publisher protected data element is received from a publisher other than the publisher that created the publisher protected data element.
wherein the travel provider protected data element is received from a publisher other than the travel provider that created the travel provider protected data element.
None.
Claim 27
‘742’s claim 2
Note
wherein the cryptographic component is configured to hash the protected data elements by communicating the protected data elements to an encryption service that hashes each protected data element using one of the system hash key or the publisher hash keys, and returns the hashed protected data elements.
wherein the cryptographic component is further configured to hash the protected data elements by communicating the protected data elements to an encryption service that hashes each protected data element using one of the system hash key or the provider hash keys, and returns the hashed protected data elements.
None other than differences already discussed.
Claim 28
‘742’s claim 3
Note
wherein the encryption service further comprises a key management system, and is further configured to retrieve an encrypted publisher hash key from the key management system, decrypt the encrypted publisher hash key using a system key encrypting key maintained by the key management system of the encryption service, and hash the publisher protected data element using the decrypted publisher hash key.
wherein the encryption service further comprises a key management system, and is further configured to retrieve an encrypted provider hash key from the key management system, decrypt the encrypted provider hash key using a system key encrypting key maintained by the key management system of the encryption service, hash the travel provider protected data element using the decrypted provider hash key.
None other than differences already discussed.
Claim 29
‘742’s claim 4
Note
wherein the key management system stores the system hash key and each publisher hash key in an encrypted data store.
wherein the key management system stores the system hash key and each provider hash key in an encrypted data store.
None other than differences already discussed.
Claim 30
‘742’s claim 5
Note
wherein the system hash key and the publisher hash keys are not communicated to the system by the encryption service.
wherein the system hash key and the provider hash keys are not communicated to the system by the encryption service.
None other than differences already discussed.
Claim 31
‘742’s claim 6
Note
wherein the encryption service is hosted on a different server than the cryptographic component of the system.
wherein the encryption service is hosted on a different server than the cryptographic component of the system.
none
Claim 32
‘742’s claim 25
Note
wherein the cryptographic component is further configured to encrypt at least a portion of a service record using a publisher data encryption key provided for the publisher that provided the service record; and to decrypt at least a portion of the service record using the publisher data encryption key prior to said service record being communicated to a third party.
wherein the cryptographic component is further configured to encrypt at least a portion of a travel record using a provider data encryption key provided for the publisher that provided the travel record; and to decrypt at least a portion of the travel record using the provider data encryption key prior to said travel record being communicated to a subscriber.
None other than differences already discussed.
Claim 33
‘742’s claim 26
Note
wherein the storage component comprises a database.
wherein the storage component comprises a database.
none
Claim 34
‘742’s claim 14
Note
wherein the storage component comprises a database.
	wherein the storage component comprises durable storage.
None

Claim 35
‘742’s claim 11
Note
wherein the matching component is further configured to perform an exact match on each element of the protected data elements and determine a confidence level of a customer match based on at least a number of matching elements.
wherein the matching component is further configured to perform an exact match on each element of the tokenized, hashed protected data elements and determine a confidence level of a customer match based on at least a number of matching elements.
No new difference
Claim 36
‘742’s claim 12
Note
wherein the matching component is further configured to determine the confidence level based on element discounting and element match/unmatch weights.
wherein the matching component is further configured to determine the confidence level based on element discounting and element match/unmatch weights.
No new difference
Claim 37
‘742’s claim 13
Note
wherein the matching component is further configured to determine a customer match based on the confidence level of a customer match exceeding a selected threshold.
wherein the matching component is further configured to determine a customer match based on the confidence level of a customer match exceeding a selected threshold.
No new differneces.
Claim 38
‘742’s claim 27
Note
wherein the matching component is configured to determine a service match based on a comparison of at least one of service characteristic associated with at least a pair of service records; and wherein the communication component is further configured to, in response to determining a customer match and a service match, communicate at least a portion of the service record received from a publisher for the customer to the third party without disclosing any of the protected data elements between the publisher and the third party.
wherein the matching component is configured to determine a trip match based on a comparison of at least one of a time, a date, and a location associated with at least a pair of travel records; and wherein the communication component is further configured to, in response to determining a customer match and a trip match, communicate at least a portion of the travel record received from a publisher for the customer to the subscriber without disclosing any of the protected data elements between the publisher and the subscribe
Characteristics versus time/date/location. Noting that ‘742 is narrower and therefore anticipates current claim.
Claim 39
‘742’s claim 7
Note
an attribution component configured to attribute each protected data element with each publisher that provided such protected data element.
an attribution component configured to attribute each protected data element with each publisher that provided such protected data element.
No new differences.
Claim 40
‘742’s claim 8
Note
wherein the attribution component is further configured to attribute the protected data element to each of two or more publishers in response to receiving the protected data element from each of the two or more publishers.
wherein the attribution component is further configured to attribute the protected data element to each of the two or more publishers in response to receiving the protected data element from each of the two or more publishers.
No new differences.
Claim 41
‘742’s claim 9
Note
wherein the attribution component is configured to attribute a protected data element to one or more publishers by appending a publisher identifier for each of the one or more publishers to the protected data element.
wherein the attribution component is configured to attribute a protected data element to one or more publishers by appending a publisher identification for each of the one or more publishers to the protected data element.
No new differences.
Claim 42
‘742’s claim 10
Note
wherein, in response to receiving a request from a publisher to delete customer strategic assets provided by said publisher, the attribution component is further configured to disassociate said publisher from each element of the customer service data stored in the storage component, and delete each element of customer service data no longer associated with any publisher, and the cryptographic component is configured to invalidate the publisher hash key and the publisher data encryption key associated with said publisher.
wherein, in response to receiving a request from a publisher to delete customer travel data provided by said publisher, the attribution component is further configured to disassociate said publisher from each element of the customer travel data stored in the storage component, and delete each element of customer travel data no longer associated with any publisher, and the cryptographic component is configured to invalidate the provider hash key and the provider data encryption key associated with said publisher.
No new difference
Claim 43
‘742’s claim 28
Note
wherein the communication component is further configured to receive a request from a customer to delete said customer from the system, the request including one or more protected data elements, and in response to receiving said request: the normalization component is configured to tokenize the protected data elements into a plurality of tokens, the cryptographic component is configured to hash each customer protected data element using the system hash key, and hash each publisher protected data element using a publisher hash key selected based on which publisher created the publisher protected data element, the matching component is configured to determine a customer match by comparing the tokenized, hashed protected data elements provided by said customer to previously received tokenized, hashed protected data elements to identify the customer within the system, and in response to determining a customer match, the storage component is configured to delete the protected data elements corresponding to said customer in response to said customer's request.
wherein the communication component is further configured to receive a request from a customer to delete said customer from the system, the request including one or more protected data elements, and in response to receiving said request:
the normalization component is configured to tokenize the protected data elements into a plurality of tokens,
the cryptographic component is configured to hash each customer protected data element using the system hash key, and hash each travel provider protected data element using a provider hash key selected based on which travel provider created the travel provider protected data element,
the matching component is configured to determine a customer match by comparing the tokenized, hashed protected data elements provided by said customer to previously received tokenized, hashed protected data elements to identify the customer within the system, and
in response to determining a customer match, the storage component is configured to delete the protected data elements corresponding to said customer in response to said customer's request.
No new difference.
Claim 44
‘742’s claim 29
Note
wherein the communications component is further configured to receive permissions from the one or more publishers regarding the elements of the customer strategic assets that are permitted to be shared with third parties, and is further configured to selectively communicate the elements of the customer strategic assets to third parties based on the permissions.
wherein the communications component is further configured to receive permissions from the plurality of publishers regarding the elements of customer travel records that are permitted to be shared with subscribers, and is further configured to selectively communicate elements of customer travel records to subscribers based on the permissions.
No new differnece

Claim 45 can be similarly mapped to claim 30 of ‘742 as noted above.
Claims 1-15 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 16-22, 24, 2-6, 25-26, 14, 11-13, 27, 7-10, 28-30 of U.S. Patent No. 10326742 (‘742) in view of Oberhauser (US 20170222814)
Claims 1-6, 9-15 can be similarly mapped to claims 1, 20-21, 23, 2, 5, 23, 11-12, 13, 7-9 except for being a method. Oberhauser teaches using a computer to perform a method (0026, 0047). Therefore, it would have been obvious for one ordinary skilled in the art before the effective filing date of the present invention to apply Oberhauser’s using computer to implement a method with ‘742’s claims 1, 20-21, 23, 2, 5, 23, 11-12, 13, 7-9 for the purpose of putting the computerized system of ‘742 to work. 

Allowable Subject Matter
Claims 1-45 are allowed if the 112(b) and double patenting rejection are overcome
The following is a statement of reasons for the indication of allowable subject matter:
Claims 1, 16, 45 includes the following limitations:
Receiving … customer strategic assets comprise one or more protected data elements identifying a customer and one or more service records associated with such customer;
normalizing … comprises dividing the received protected data elements into a plurality of tokens, each token comprising one data element, wherein the protected data elements comprise customer protected data elements and publisher protected data elements
encrypting … customer protected data elements using a system hash key; 
encrypting … publisher protected data elements using a publisher hash key …;
determining a customer match by comparing the hashed customer protected data elements … to match the customer with a previously identified customer; and 
in response to determining the customer match, communicating at least a portion of the service record for the customer to a third party without disclosing any of the protected customer data elements, thereby preserving customer privacy
Best Prior art Oberhauser (US 20170222814) discloses setting up rules to authenticate user’s credential (e.g., via DMV’s database) and provide the result of authentication to a third party (e.g., a bar). See 0026, 0047. The sharing of information can be based on rules and the in response to positive verification, validation of proper age is communicated to third party without revealing customer’s personal information. The communicated age validation in Oberhauser, however, is not part of a information received in the first place and therefore does not read on the claimed service record.
Arora (US 20180157999) discloses using blockchain to store bid information for travel itinerary and based on winning bid, travel itinerary is booked (Fig. 3, 0036, 0025). While travel itinerary received is part of initial offered information in the blockchain, it does not match the received customer data with previously received tokenized data. 
Baig (US 20170201498) teaches matching tokenized customer identification information from one organization with customer table of another organization (0050-0060). However, the matched member result is not used to trigger transmission of a service record.
Broumand (US 20120036019) teaches matching PII of a received hashed e-mail address with a stored record, and in response to a positive match, advertisers with qualifying offer can be flagged and ad is served to customer (0093, 0096, Fig. 13-14). This matching of hashed e-mail address, however, does not trigger sending service record to a third party. Instead, the qualified ad (equivalent to a service record) is provided to the user device. 
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GEORGE CHEN whose telephone number is (571)270-5499. The examiner can normally be reached Monday-Friday, 8:30 AM -5:00 PM Eastern.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Resha H Desai can be reached on 571-270-7792. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

GEORGE CHEN
Primary Examiner
Art Unit 3628



/GEORGE CHEN/Primary Examiner, Art Unit 3628