DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on June 08 2022 has been entered.
 
Response to Arguments
Applicant’s arguments with respect to claim(s) 1-3, 5-16, and 18-22 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Objections
Claim 3 is objected to because of the following informalities:  in claim 3, line 2,  “one or geographic constraints” should be “one or more geographic constraints”.  Appropriate correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1-3, 5-6, 8-11, 16, and 18-21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Park et al US 20190095644 (hereinafter Park) in view of Aoki US 20200301646 (hereinafter Aoki).

As to claim 1, Park teaches a method for managing data privacy of personal identifiable information of a plurality of end users of a particular building management system by an administrator (abstract discloses operating building and managing private building information; paragraph 233 discloses the super users, who are the administrators, see Table 2, have access to the private information), wherein the administrator differs from the plurality of end users (paragraph 71 discloses distinct users such as super user, administrator, building technician, building tenant, building employee), and wherein the particular building management system includes a particular set of building system components(paragraphs 69 and 117 disclose the building management system includes building entities such as IOT devices/subsystems components and paragraph 170 provide example of entity type such as a thermostat), the method comprising: 
determining a plurality of types of personal identifiable information (PII) that will be collected by the particular building management system for one or more of the plurality of end users (paragraphs 69-70 disclose the building system may collect and store PII of users and have a corresponding entity database for the building entities, wherein the building entities include building subsystems and IoT devices, sensors, controllers etc.,) based at least in part on the particular building system components that are included in the particular building management system(paragraphs 69-70 disclose the building system may collect and store PII of users and have a corresponding entity database for the building entities, wherein the building entities include building subsystems and IoT devices, sensors, controllers etc., that are part of the building management system);  
the plurality of types of personal identifiable information (PII) that will be collected by the particular building management system for one or more of the plurality of end users of the particular building management system (paragraphs 69 and 235 disclose the plurality of types of PII of the users that is to be collected include social security number, telephone number, address, email address, username,  password, facial image data, date of birth, and driver license number); and
 a plurality of data privacy settings for each of the plurality of types of PII (paragraph 181 discloses plurality of types of privacy settings such as registering the PII, editing the PII, deleting the PII, and/or updating the PII. The entity type can also be can be the user PII) , wherein the plurality of data privacy settings define one or more end user rights that are associated with each of one or more of the plurality of types of PII and are each exercisable by the end user(paragraphs 74 and 181 describe the privacy setting rights of the user that is associated with their information), wherein the one or more end user rights include one or more of a right to be forgotten(paragraph 181 discloses entity which can be user PII  can be deleted which is the right to be forgotten; paragraph 74 discloses user can adjust the information that can be accessed on a specific platform for a particular entity, the user can adjust/update the access of  information) , a right to data portability( paragraph 181 discloses user can adjust/update his/her access of information across different devices, and this is the right to data portability), a right to object(Park: paragraph 74 discloses user can adjust the information that can be accessed on a specific platform for a particular entity, the user can adjust/update the access of  information and thus have a right to object) and a right to rectification(paragraph 74 discloses the user can adjust/update the access information which is the right to data rectification; paragraph 181 discloses an entity which can be user PII, can be edited, deleted and/or updated); 
setting one or more constraints in the particular building management system by the administrator, for each of the plurality of types of PII, (paragraph 192 discloses the management service manages  the relationships/constraints between the building subsystem and the various entities, which can include user data, paragraph 297 describes the database manager provides access controls/set restraints of the user entity/PII with the building subsystems’; paragraph 338 also disclose access constraints based on the PII of face and fingerprint), the one or more constraints for each of the 2plurality of types of PII based at least in part on one or more of the corresponding plurality of data privacy settings (paragraphs 192 and 297 describe that a setting/access constraint that corresponds to different entities, which can include different PII, may also include a set of entitlements for the building subsystem, which may allow the building subsystem and/or user to perform certain actions within the building); 
operating the particular building management system in accordance with the set constraints(paragraph 192 discloses the setting that corresponds to the building subsystem entities include PII data, may also indicate a set of entitlements for the building subsystem, which may allow the building subsystem and/or user to perform certain actions within the building such as operating/controlling/monitoring the entities, see also paragraph 338), 
[receiving] a request from a particular end user of the particular building management system to exercise one or more of their end user rights associated with one or more types of PII, resulting in one or more exercised end user rights (paragraph 74 discloses if the user wishes to adjust the information that can be accessed on a specific platform for a particular entity, the user can adjust/update the access information, therefore, the end user right is exercised), wherein the one or more end user rights include one or more of a right to be forgotten(paragraph 181 discloses entity which can be user PII  can be deleted which is the right to be forgotten; paragraph 74 discloses user can adjust the information that can be accessed on a specific platform for a particular entity, the user can adjust/update the access of  information) , a right to data portability( paragraph 181 discloses user can adjust/update his/her access of information across different devices, and this is the right to data portability), a right to object (Park: paragraph 74 discloses user can adjust the information that can be accessed on a specific platform for a particular entity, the user can adjust/update the access of  information and thus have a right to object) and a right to rectification(paragraph 74 discloses the user can adjust/update the access information which is the right to data rectification; paragraph 181 discloses an entity which can be user PII, can be edited, deleted and/or updated); and 
in response, the particular building management system exercising the one or more exercised end user right associated with the one or more types of PII (paragraph 74 describe the system executes the end user information adjustment/access settings across the platform; paragraph 192 also discloses the building management system, building subsystem, and a user have/exercise a set of entitlements based on the relationship between various entities/PII and the building subsystem; this allows the user to perform certain actions within the building such as controlling, configuring, monitoring).
Park does not teach presenting a data privacy survey to the administrator via a user interface of a data processing system, the data privacy survey identifying: the plurality of types of personal identifiable information (PII) that will be collected by the particular building management system for one or more of the plurality of end users; receiving via the data privacy survey a setting change to at least one of the plurality of data privacy settings for at least one of the plurality of types of PII; accepting a request from a particular end user of the particular building management system to exercise one or more of their end user rights associated with one or more types of PII, resulting in one or more exercised end user rights.
Aoki teaches presenting a data privacy survey to the administrator via a user interface of a data processing system (paragraphs 142-143 disclose a display control unit is presented to an administrator that displays the personal data definition settings, and this personal data definition setting is the privacy survey, see also Figure 40 which shows the privacy survey display screen), 
the data privacy survey identifying: the plurality of types of personal identifiable information (PII) that will be collected for one or more of the plurality of end users (Figure 40 shows the personal data definition settings for a plurality of types of PII such as address, telephone number, etc.,); 
receiving via the data privacy survey a setting change to at least one of the plurality of data privacy settings for at least one of the plurality of types of PII (Figure 40 shows that the setting change involves deletion of the PII; paragraph 303 discloses the system can receive data privacy setting change such as add or delete); 
accepting a request from a particular end user to exercise one or more of their end user rights associated with one or more types of PII, resulting in one or more exercised end user rights(paragraph 208 disclose the acceptance unit accepts a request for deleting of personal information by an individual user, thus the user is exercising his/her rights ), wherein the one or more exercised end user right include one or more of a right to be forgotten (paragraph 208 disclose the acceptance unit accepts a request for deleting personal information, this the user right of the right to be forgotten).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Park’s method for managing data privacy of personal information with Aoki’s data privacy survey to allow for personal data definitions to be updated in a convenient manner (paragraph 142 of Aoki).

As to claim 2, the combination of Park in view of Aoki teaches wherein the one or more constraints comprise one or more of use constraints(Park: paragraph 192 discloses the building entitlement/constraint includes the user access/rights to certain actions/subsystems with in the building such as control, configure, or monitor, etc.), access constraints(Park: paragraph 338 discloses access constraint includes whether a user is able to enter into the building based on PII) and retention constraints (Park: paragraph 192 discloses the building entitlement/ retention constraint includes the user access/rights to certain actions/subsystems with in the building such as control).

As to claim 3, the combination of Park in view Aoki teaches wherein the one or more constraints comprise one or geographic constraints on where at least some of the plurality of types of PII can be geographically processed and/or stored (Park: paragraph 71 discloses access value constraints which can be role defining a certain level of access and role of a user, the access value consists of geographic location; paragraph 338 also discloses PII constraint involves the user access to different buildings, and this involves geographic locations).

As to claim 5, the combination of Park in view Aoki teaches further comprising informing one or more of the plurality of end users of the particular building management system of their end user rights for each of one or more of the plurality of types of PII (Park: paragraphs 74 discloses the user can adjust his/her access information; for the user to be able to adjust/update his/her information, the user was made known of the right).

As to claim 6, the combination of Park in view of Aoki teaches wherein the one or more end user rights include a right to access control(Park: paragraph 74 discloses the user can adjust/control the information that can be accessed; paragraph 192 discloses the building entitlement/constraint include the user to perform certain actions with in the building such as control, configure, or monitor, etc.).

As to claim 8, the combination of Park in view of Aoki teaches wherein the one or more exercised end user rights includes the right to be forgotten(Park: paragraph 74 discloses the user can exercise his/her end user rights by being able to update/adjust the information that can be accessed; paragraph 181 discloses the application can provide an interface to manage such as delete an entity, personal information, see also paragraph 235), and in response, the particular building management system automatically deletes the corresponding end user's data associated with the one or more types of PII (Park: paragraph 181 discloses the system can automatically delete information of the user via an application, this application provides an interface to manage such as delete an entity, personal information, see also paragraph 235).

As to claim 9, the combination of Park in view of Aoki teaches further comprising logging all requests to exercise one or more of the end user rights associated with a type of PII and the corresponding responses to the requests (Park: paragraphs 74-75 disclose the user can adjust access information and the  information/entities are added/linked to the mask template; paragraph 185 discloses records of information attribute are stored/logged).

As to claim 10, the combination of Park in view of Aoki teaches wherein the plurality of data privacy settings for each of one or more of the plurality of types of PII comprise one or more of: a legal requirement setting relating to whether the corresponding type of PII must be retained for legal reasons (Aoki: paragraph 4 describes the system administrator is required by law/legal requirement and regulations to delete or retain personal information held by the management system, see also paragraph 306); and a location setting relating to the geographic location that the corresponding type of PII was collected (Aoki: paragraph 302 and Figure 40, the personal data definition setting has an area/location setting, an area input in which an area for setting personal data can be selected or input).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Park’s method for managing data privacy of personal information with Aoki’s data privacy settings to allow for personal data definition to be updated in a convenient manner (paragraph 142 of Aoki).

As to claim 11, the combination of Park in view of Aoki teaches wherein the plurality of types of PII comprise one or more of: 
user's name(Park: paragraph 235 discloses the private information includes username);
 user's phone number(Park: paragraph 235 discloses the private information includes telephone number); 
user's gender(Park: paragraph 235 discloses the private information includes gender); 
user's nationality(Park: paragraph 235 discloses the private information includes user’s race/country of origin); 
4user's Visa number(Park: paragraph 235 discloses the private information includes credit card number); 
user's Passport number(Park: paragraph 235 discloses the private information includes user’s passport number); 
user's driver's license number(Park: paragraph 235 discloses the private information includes driver license number); 
user's biometric data(Park: paragraph 235 discloses the private information includes genetic information, eye color, retinal data, facial image data, fingerprint data); 
user's photograph(Park: paragraph 235 discloses the private information includes facial image data); user's badge number(Park: paragraph 235 discloses the private information includes work permit information); 
user's government identification number(Park: paragraph 235 discloses the private information includes work permit information); 
user's license plate number (Park: paragraph 235 discloses the private information includes driver license plate number); and 
user's location (Park: paragraph 235 discloses the private information includes work address).

As to claim 16, Park teaches a building management system(abstract discloses operating building and managing private building information), comprising: a memory for storing: 
a plurality of types of personal identifiable information (PII) that will be collected by the building management system for each of at least some of a plurality of end users of the building management system (paragraph 11 discloses the private information is collected/stored by the building system; paragraphs 69-70 disclose the building system may collect and store PII of users and have a corresponding entity database for the building entities, wherein the building entities include building subsystems and IoT devices, sensors, controllers etc., ); and 
a plurality of data privacy settings for each of the plurality of types of PII(paragraph 181 discloses a plurality of privacy settings for PIIs such as the setting of being registered, created, edited, deleted and/or updated); 
5a user interface (paragraph 115 discloses graphical user interface); 
a processor operatively coupled to the memory and the user interface (paragraph 115 discloses computer server with a user interface), the processor configured to: 
identifying: the plurality of types of personal identifiable information (PII) that will be collected by the building management system(paragraphs 69 and 235 disclose the plurality of types of PII which can be collected by the management system includes social security number, telephone number, address, email address, username,  password, facial image data, date of birth, and driver license number); and the plurality of data privacy settings for each of the plurality of types of PII(paragraph 181 discloses a plurality of privacy settings for PIIs such as the setting of being registered, created, edited, deleted and/or updated), wherein the plurality of data privacy settings define one or more end user rights that are associated with each of one or more of the plurality of types of PII and are each exercisable by the end user(paragraphs 74 and 181 describes the privacy setting rights of the user that is associated with their information), wherein the one or more end user rights include one or more of a right to be forgotten(paragraph 181 discloses entity which can be user PII  can be deleted which is the right to be forgotten; paragraph 74 discloses user can adjust the information that can be accessed on a specific platform for a particular entity, the user can adjust/update the access of  information) , a right to data portability( paragraph 181 discloses user can adjust/update his/her access of information across different devices, and this is the right to data portability), a right to object and a right to rectification(paragraph 74 discloses the user can adjust/update the access information which is the right to data rectification; paragraph 181 discloses an entity which can be user PII, can be edited, deleted and/or updated); 
set one or more constraints for each of the plurality of types of PII(paragraph 192 discloses the management service manages  the relationships/constraints between the building subsystem and the various entities, which can include user data, paragraph 297 describes the database manager provides access controls/set restraints of the user entity/PII with the building subsystems’; paragraph 338 also disclose access constraints based on the PII of face and fingerprint), the one or more constraints for each of the plurality of types of PII based at least in part on one or more of the corresponding plurality of data privacy settings (paragraphs 192 and 297 describe that a setting/access constraint that corresponds to different entities, which can include different PII, may also include a set of entitlements for the building subsystem, which may allow the building subsystem and/or user to perform certain actions within the building); 
operating the building management system in accordance with the set constraints (paragraph 192 discloses the setting that corresponds to the building subsystem entities include PII data, may also indicate a set of entitlements for the building subsystem, which may allow the building subsystem and/or user to perform certain actions within the building such as operating/controlling/monitoring the entities, see also paragraph 338), 
[receiving] a request from a particular end user of the building management system to exercise one or more of their end user rights associated with one or more types of PII, resulting in one or more exercised end user rights (paragraph 74 discloses if the user wishes to adjust the information that can be accessed on a specific platform for a particular entity, the user can adjust/update the access information, therefore, the end user right is exercised), wherein the one or more end user rights include one or more of a right to be forgotten(paragraph 181 discloses entity which can be user PII  can be deleted which is the right to be forgotten; paragraph 74 discloses user can adjust the information that can be accessed on a specific platform for a particular entity, the user can adjust/update the access of  information) , a right to data portability( paragraph 181 discloses user can adjust/update his/her access of information across different devices, and this is the right to data portability), a right to object(Park: paragraph 74 discloses user can adjust the information that can be accessed on a specific platform for a particular entity, the user can adjust/update the access of  information and thus have a right to object) and a right to rectification(paragraph 74 discloses the user can adjust/update the access information which is the right to data rectification; paragraph 181 discloses an entity which can be user PII, can be edited, deleted and/or updated); and 
in response, the building management system exercising the one or more exercised end user right associated with the one or more types of PII (paragraph 74 describe the system executes the end user information adjustment/access settings across the platform; paragraph 192 also discloses the building management system, building subsystem, and a user have/exercise a set of entitlements based on the relationship between various entities/PII and the building subsystem; this allows the user to perform certain actions within the building such as controlling, configuring, monitoring).
Park does not teach present[ing] a data privacy survey via the user interface to an administrator, the data privacy survey identifying: the plurality of types of personal identifiable information (PII) that will be collected by the building management system; and the plurality of data privacy settings for each of the plurality of types of PII; receive via the data privacy survey a setting change to at least one of the plurality of data privacy settings for at least one of the plurality of types of PII; accepting a request from a particular end user of the building management system to exercise one or more of their end user rights associated with one or more types of PII, resulting in one or more exercised end user rights.
Aoki teaches present[ing] a data privacy survey via the user interface to an administrator (paragraphs 142-143 disclose a display control unit is presented to an administrator that displays the personal data definition settings, and this personal data definition setting is the privacy survey, see also Figure 40 which shows the privacy survey display screen),
the data privacy survey identifying: the plurality of types of personal identifiable information (PII) that will be collected (Figure 40 shows the personal data definition settings for a plurality of types of PII such as address, telephone number, etc.,);  the plurality of data privacy settings for each of the plurality of types of PII(Figure 40 shows that the setting change involves deletion of the PII; paragraph 303 disclose the system can receive data privacy setting change such as add or delete); 
receive via the data privacy survey a setting change to at least one of the plurality of data privacy settings for at least one of the plurality of types of PII (Figure 40 shows that the setting change involves deletion of the PII; paragraph 303 discloses the system can receive data privacy setting change such as add or delete); 
accepting a request from a particular end user to exercise one or more of their end user rights associated with one or more types of PII, resulting in one or more exercised end user rights (paragraph 208 disclose the acceptance unit accepts a request for deleting of personal information by an individual user, thus the user is exercising his/her rights ), wherein the one or more end user rights include one or more of a right to be forgotten(paragraph 181 discloses entity which can be user PII  can be deleted which is the right to be forgotten; paragraph 74 discloses user can adjust the information that can be accessed on a specific platform for a particular entity, the user can adjust/update the access of  information) , a right to data portability( paragraph 181 discloses user can adjust/update his/her access of information across different devices, and this is the right to data portability), a right to object and a right to rectification(paragraph 74 discloses the user can adjust/update the access information which is the right to data rectification; paragraph 181 discloses an entity which can be user PII, can be edited, deleted and/or updated).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Park’s method for managing data privacy of personal information with Aoki’s data privacy survey to allow for personal data definitions to be updated in a convenient manner (paragraph 142 of Aoki).

As to claim 18, the combination of Park in view of Aoki teaches wherein the one or more end user rights include a right to access control(Park: paragraph 74 discloses the user can adjust/control the information that can be accessed; paragraph 192 discloses the building entitlement/constraint include the user to perform certain actions with in the building such as control, configure, or monitor, etc.).

As to claim 19, Park teaches a non-transitory computer readable medium storing instructions thereon that when executed cause a processor to (paragraph 341 discloses the methods can be executed on any machine readable media, and the machine readable media carries executable instructions. The media can be accessed by a computer or machine with a processor):
 receive a particular configuration of a building management system(paragraph 191 discloses the management service of the building management system provides configurations settings), the particular configuration identifying particular building system components that are to be included in the building management system (paragraph 191 discloses the management service provides configurations settings, parameter, or object-specific information between entities, which include building entities and cloud building management platform. The building entities are building subsystems and thus are building system components; paragraph 69 discloses the building management system BMS includes building entities such as IOT devices and paragraph 170 provide example of entity type such as a thermostat); 
automatically identify a plurality of types of personal identifiable information (PII) that will be collected by the building management system for one or more of a plurality of end users of the building management system (paragraphs 69-70 disclose the building system may collect and store PII of users and have a corresponding entity database for the building entities, wherein the building entities include building subsystems and IoT devices, sensors, controllers etc.; paragraphs 69-70 also disclose the building system has smart entity personal identifying information masking which involves identifying PII automatically; paragraphs 69 and 235 discloses the plurality of types of PII which includes social security number, telephone number, address, email address, username,  password, facial image data, date of birth, and driver license number; see also paragraph 295) based at least in part on the particular building system components that are to be included in the building management system (paragraphs 69-70 disclose the building system may collect and store PII of users and have a corresponding entity database for the building entities, wherein the building entities include building subsystems and IoT devices, sensors, controllers etc., that are part of the building management system); 
identifying: the plurality of types of personal identifiable information (PII) that will be collected by the building management system for one or more of the plurality of end users of the building management system (paragraphs 69-70 disclose the building system may collect and store PII of users and have a corresponding entity database for the building entities, wherein the building entities include building subsystems and IoT devices, sensors, controllers etc., ) having the particular building system components that are to be included in  the building management system (paragraphs 69-70 disclose the building system may collect and store PII of users and have a corresponding entity database for the building entities, wherein the building entities include building subsystems and IoT devices, sensors, controllers etc., that are part of the building management system); 
and a plurality of data privacy settings for each of the plurality of types of PII (paragraph 181 discloses plurality of types of privacy settings such as registering the PII, editing the PII, deleting the PII, and/or updating the PII. The entity type can also be can be the user PII);  
set one or more constraints for each of the plurality of types of PII (paragraph 192 discloses the management service manages  the relationships/constraints between the building subsystem and the various entities, which can include user data, paragraph 297 describes the database manager provides access controls/set restraints of the user entity/PII with the building subsystems’; paragraph 338 also disclose access constraints based on the PII of face and fingerprint), the one or more constraints for each of the plurality of types of PII based at least in part on the corresponding plurality of data privacy settings (paragraphs 192 and 297 describe that a setting/access constraint that corresponds to different entities, which can include different PII, may also include a set of entitlements for the building subsystem, which may allow the building subsystem and/or user to perform certain actions within the building); and
 operating a building management system in accordance with the set constraints (paragraph 192 discloses the setting that corresponds to the building subsystem entities include PII data, may also indicate a set of entitlements for the building subsystem, which may allow the building subsystem and/or user to perform certain actions within the building such as operating/controlling/monitoring the entities, see also paragraph 338).
Park does not teach present[ing] a data privacy survey to an administrator, the data privacy survey identifying: the plurality of types of personal identifiable information (PII) that will be collected by the building management system for one or more of the plurality of end users of the building management system having the particular building system components that are to be included in  the building management system; receive a setting change via the data privacy survey to at least one of the plurality of data privacy settings for at least one of the plurality of types of PII.
Aoki teaches present[ing] a data privacy survey to an administrator (paragraphs 142-143 disclose a display control unit is presented to an administrator that displays the personal data definition settings, and this personal data definition setting is the privacy survey, see also Figure 40 which shows the privacy survey display screen), the data privacy survey identifying: the plurality of types of personal identifiable information (PII) that will be collected for one or more of the plurality of end users (Figure 40 shows the personal data definition settings for a plurality of types of PII such as address, telephone number, etc.,); 
receive a setting change via the data privacy survey to at least one of the plurality of data privacy settings for at least one of the plurality of types of PII (Figure 40 shows that the setting change involves deletion of the PII; paragraph 303 discloses the system can receive data privacy setting change such as add or delete).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Park’s method for managing data privacy of personal information with Aoki’s data privacy survey to allow for personal data definitions to be updated in a convenient manner (paragraph 142 of Aoki).

As to claim 20, the combination of Park in view of Aoki teaches wherein the plurality of data privacy settings define one or more end user rights that are associated with each of one or more of the plurality of types of PII and are each exercisable by the end user(Park: paragraphs 74 and 181 describes the privacy setting rights of the user that is associated with their information), wherein the one or more end user rights include one or more of a right to be forgotten(Park: paragraph 181 discloses entity which can be user PII  can be deleted which is the right to be forgotten; paragraph 74 discloses user can adjust the information that can be accessed on a specific platform for a particular entity, the user can adjust/update the access of  information) , a right to data portability(Park: paragraph 181 discloses user can adjust/update his/her access of information across different devices, and this is the right to data portability), a right to object (Park: paragraph 74 discloses user can adjust the information that can be accessed on a specific platform for a particular entity, the user can adjust/update the access of  information and thus have a right to object) and a right to rectification(Park: paragraph 74 discloses the user can adjust/update the access information which is the right to data rectification; paragraph 181 discloses an entity which can be user PII, can be edited, deleted and/or updated; Aoki: paragraph 208 discloses the acceptance unit accepts a request for deleting personal information, this the user right of the right to be forgotten).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Park’s method for managing data privacy of personal information with Aoki’s data privacy rights to allow for personal data definitions to be updated in a convenient manner (paragraph 142 of Aoki).

As to claim 21, the combination of Park in view of Aoki teaches further comprising: for a particular PII, determining when consent is required by a corresponding one of the plurality of end users before the particular building management system provides access to and/or changes the particular PII for the corresponding one of the plurality of end users (Park: paragraph 70 discloses a mask template can define/determine certain access values or consent associated with a requesting client device, and determine whether the devices have access to or do not have access to personal information; paragraph 74 discloses that user can adjust the information that can be accessed, and the adjustment is then implemented by the building system for all access requests and the consent level of their personal information that can be accessed/initiated by client devices); and requesting consent from the corresponding one of the plurality of end users for the particular PII (Park: paragraph 73 discloses a large number of different users may be requesting the private information from different locations, with applications, and different roles, and thus paragraph 74 discloses all access requests are initiated, and request for consent of provision of information to a guest user is made).

Claim(s) 7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Park et al US 20190095644 (hereinafter Park) in view of Aoki US 20200301646 (hereinafter Aoki) in further view of Barlow et al AU 2012201786 (hereinafter Barlow).

As to claim 7, the combination of Park in view of Aoki teaches all the limitations recited in claim 1 and further teach data privacy survey(Aoki: paragraphs 142-143 disclose a display control unit is presented to an administrator that displays the personal data definition settings, and this personal data definition setting is the privacy survey, see also Figure 40 which shows the privacy survey display screen). 
The combination of Park  in view of Aoki do not teach sending an email to the administrator with a link to the survey; in response to the administrator activating the link, presenting the survey to the administrator.
Barlow teaches teach  sending an email to the administrator with a link to the survey; in response to the administrator activating the link, presenting the survey to the administrator (page 8, lines 6-8 disclose that users/administrators are emailed with links to a survey).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Park’s method for managing data privacy of personal information in view of Aoki’s data privacy survey with Barlow’s teachings of sending surveys via email to provide a quick and accessible way to access, update, and provide data.

Claim(s) 12-13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Park et al US 20190095644 (hereinafter Park) in view of Aoki US 20200301646 (hereinafter Aoki) in further view of Luria US 20170193249 (hereinafter Luria).

As to claim 12, the combination of Park in view of Aoki teaches all the limitations recited in claim 1 above. The combination of Park in view of Aoki does not teach generating a privacy impact assessment report that documents the plurality of data privacy settings for each of the plurality of types of PII.
Luria teaches generating a privacy impact assessment report that documents the plurality of data privacy settings for each of the plurality of types of PII (paragraph 38 discloses a report in the form of a log or record that documents the data element and their settings).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Park’s method for managing data privacy of personal information in view of Aoki’s data privacy survey with Luria’s report to ensure that privacy and confidential information collected on users/employees are collected, maintain, and disseminated in an authorized manner.

As to claim 13, the combination of Park in view of Aoki teaches all the limitations recited in claim 1 above. The combination of Park in view of Aoki does not each further comprising generating a privacy impact assessment report that documents the one or more constraints.
Luria teaches further comprising generating a privacy impact assessment report that documents the one or more constraints(paragraph 38 discloses a report in the form of a log or record that documents the data element and their constraint settings such as block, delete, modify).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Park’s method for managing data privacy of personal information in view of Aoki’s data privacy survey with Luria’s report to ensure that privacy and confidential information collected on users/employees are collected, maintain, and disseminated in an authorized manner.

Claim(s) 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Park et al US 20190095644 (hereinafter Park) in view of Aoki US 20200301646 (hereinafter Aoki) in further view of Finkelstein et al US 20190342336 (hereinafter Finkelstein).

As to claim 14, the combination of Park in view of Aoki teaches all the limitations recited in claim 1 above. The combination of Park in view of Aoki also teaches sending alerts  with respect to the operation of the particular building management system(Park: paragraph 157 discloses an alert or warning concerning issues/risks to the entity data related to a person, building, equipment, or building sensor is made). 
The combination of Park in view of Aoki does not teach comprising sending an alert to the administrator when a change is made to the system that is not in compliance with the plurality of data privacy settings for each of the plurality of types of PII.
Finkelstein teaches  comprising sending an alert to the administrator when a change is made to the system that is not in compliance with the plurality of data privacy settings for each of the plurality of types of PII (paragraph 37 discloses the system may alert an administrator that regulation change is not in compliance with  privacy policy/settings; paragraph 49 also discloses the administrator is notify if the settings on the system are not consistent with the user’s settings).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Park’s method for managing data privacy of personal information in view of Aoki’s data privacy survey with Finkelstein’s privacy alert to ensure the system is in compliant with privacy laws and to improve the control of personal data (paragraphs 2-3 of Finkelstein). 

Claim(s) 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Park et al US 20190095644 (hereinafter Park) in view of Aoki US 20200301646 (hereinafter Aoki) in further view of Vidhani et al US 20160132696 (hereinafter Vidhani).

As to claim 15, the combination of Park in view of Aoki teaches all the limitations recited in claim 1 above and further teach data privacy survey(Aoki: paragraphs 142-143 disclose a display control unit is presented to an administrator that displays the personal data definition settings, and this personal data definition setting is the privacy survey, see also Figure 40 which shows the privacy survey display screen).
The combination of Park in view of Aoki does not teach wherein the survey is presented via a sequence of two or more screens via the user interface.
Vidhani teaches wherein the survey is presented via a sequence of two or more screens via the user interface (Figures 6A, 7A, and &B show the two or more screen sequence that has privacy data).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Park’s method for managing data privacy of personal information in view of Aoki’s data privacy survey with Vidhani’s display to facilitate managing of data privacy (paragraph 7 of Vidhani).

Claim(s) 22 is/are rejected under 35 U.S.C. 103 as being unpatentable over Park et al US 20190095644 (hereinafter Park) in view of Aoki US 20200301646 (hereinafter Aoki) in further view of Mousavi et al US 20200342080 (hereinafter Mousavi).

As to claim 22, the combination of Park in view of Aoki teaches all the limitations recited in claim 1 above. The combination of Park in view of Aoki does not teach further comprising: determining a data retention period for a particular PII that identifies how long the particularly PII is to be stored by the particular building management system; and deleting the particular PII after the determined data retention period expires.
Mousavi teaches further comprising: determining a data retention period for a particular PII that identifies how long the particularly PII is to be stored by the particular building management system (paragraph 76 discloses the system may be configured to allow user data to be registered to access one or more of building equipment for a specific period of time); and deleting the particular PII after the determined data retention period expires (paragraph 76 discloses that post expiry of the specific period of time, the system deletes the PII, the biometric information of the user).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Park’s method for managing data privacy of personal information in view of Aoki’s data privacy survey in further view of Mousavi’s deletion of PII after certain period of time to further protect users from data breaches and privacy incursions.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FELICIA FARROW whose telephone number is (571)272-1856. The examiner can normally be reached M - F 7:30--5:30pm (EST).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on (571)272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/F.F/              Examiner, Art Unit 2437  

/KRISTINE L KINCAID/               Supervisory Patent Examiner, Art Unit 2437