DETAILED ACTION
This communication is in respond to applicant’s response to restriction requirement filed on 08/29/2022. Applicant has elected Group I, claims 29-40 without traverse.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs /guidance/eTD-info-I.jsp.

Claims 29-34 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-6 of U.S. Patent No. 10,614,250 in view of US PG-PUB No. 2019/0166153 A1 to Steele (hereinafter Steele); Claims 35 and 37-40 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-6 of U.S. Patent No. 10,614,250 in view of US PG-PUB No. 2013/0333048 A1 to Coggeshall et al. (hereinafter Coggeshall); Claim 36 is rejected on the ground of non-statutory double patenting as being unpatentable over claim 1 of US Patent No. 10,614,250 in view of Steele and Coggeshall.
With respect to the claims 29-40 of the instant application, please refer to the following table, which illustrates the obvious and anticipatory relationship of the claim limitations at issue:
Instant application
US Pat. No. 10,614,250
29. A computer-implemented method for responding to a possible misappropriation of data on the Internet, the method comprising executing on a processor instructions including: 

searching the Internet for the potentially misappropriated data; 
for Internet sites found to contain the potentially misappropriated data: scraping the potentially misappropriated data from the sites; and gathering supplemental data related to the potentially misappropriated data; and

based, at least in part, on the scraped data and supplemental data, taking remedial action.
1. A computer-implemented method for detecting misappropriation of personal data on the Internet, comprising executing on a processor instructions including: 
....
scraping data from the Internet, said data comprising misappropriated personal data; ....
(Steele par 0003, 0006-0007, 0010; see rationale below)

...


transmitting information associated with the one or more matches in a report indicating a possible theft of personal data.
30.  The computer-implemented method of claim 29 wherein searching the Internet comprises searching sites on the surface web, on the deep web, and on the dark web.
Steele, par 0006. “The system leverages existing data to give users a vulnerability assessment or rating based on external dark web data (SSN, email, birth date, and other personal data on the Internet), credit card misappropriation trends (from financial institution systems), and the like. The system could also leverage/source existing external privacy services such as dark web search (using email addresses or the like), or other similar services to aggregate the appropriate external data in real time.”
31. The computer-implemented method of claim 29 wherein supplemental data are selected from the group consisting of: site metadata, Markup Language data, Secure Socket Layer data, a Domain Name System record, a site address, WHOIS data, and site data analytics.
Steele, par 0053, “...the assessments and/or the determination of the security threats may result in the implementation of security controls....monitoring of the electronic communications for confidential information of the user; monitoring and controlling write privileges to external drives; the devices within the business include anti-virus technology; access to data requires multifactor authentication; password requirements are instituted; encryption access is split to require multiple people in order to access such information; monitoring of security log information occurs; and/or the like”, par 0068, “These mitigation actions may be limiting the user of one or more credit cards, limiting purchases at one or more locations or merchants, limiting dissemination of user data to one or more third party sources, or the like”
32.  The computer-implemented method of claim 29 wherein taking remedial action comprises taking an action selected from the group consisting of: transmitting a report including at least some of the scraped and supplemental data, requesting a takedown, resetting a credential, blocking account access, monitoring a financial account, and locking a financial account.
Claim 1.... transmitting information associated with the one or more matches in a report indicating a possible theft of personal data.
Claim 4. The computer-implemented method of claim 1, wherein the instructions further comprise causing a takedown service to be initiated in response to the one or matches in the report.
33. The computer-implemented method of claim 29 further comprising: receiving from a user the potentially misappropriated data.
Claim 1.... receiving from a user, an electronic communication containing a first search term comprising personal data of a data type;
34. The computer-implemented method of claim 33 wherein the potentially misappropriated data are received in a cryptographically hashed form.
Claim 1... determining the data type of the first search term based on one or more patterns; cryptographically hashing the first search term;
35. A computer-implemented method for responding to a possible misappropriation of data on the Internet, the method comprising executing on a processor instructions including: 

first searching the Internet for the potentially misappropriated data; 
if the potentially misappropriated data are found: 


creating a variation of the potentially misappropriated data; and second searching the Internet for the variation of the potentially misappropriated data; and 






based, at least in part, on results of the first and second searchings, taking remedial action.
1. A computer-implemented method for detecting misappropriation of personal data on the Internet, comprising executing on a processor instructions including: 
....
scraping data from the Internet, said data comprising misappropriated personal data; determining via pattern recognition, one or more subsets of data from the data scraped from the Internet matching the data type of the first search term; 
(Coggeshall, par 0010, “The generated identity manipulation score is also based on magnitude and type of variations of the identity information pertaining to the individual, wherein the magnitude and type of variations of the identity information pertaining to the individual are identified by the identity resolution and manipulation detection computer” See rationale below)
...
transmitting information associated with the one or more matches in a report indicating a possible theft of personal data.
36. The computer-implemented method of claim 35 wherein first and second searchings of the Internet comprise searching portions of the surface web, of the deep web, and of the dark web.
Steele, par 0006. “The system leverages existing data to give users a vulnerability assessment or rating based on external dark web data (SSN, email, birth date, and other personal data on the Internet), credit card misappropriation trends (from financial institution systems), and the like. The system could also leverage/source existing external privacy services such as dark web search (using email addresses or the like), or other similar services to aggregate the appropriate external data in real time.”
37. The computer-implemented method of claim 36 wherein taking remedial action comprises transmitting a report and wherein the report comprises an impact evaluation based, at least in part, on whether the potentially misappropriated data were found on the surface web, on the deep web, or on the dark web.
Claim 1.... transmitting information associated with the one or more matches in a report indicating a possible theft of personal data.
6. The computer-implemented method of claim 1, wherein a potential impact level may be determined based on the report, the potential impact level being determined based on a weighted sum of factors, including the web address location of detection on the Internet and presence of other matches on the location of detection.
38. The computer-implemented method of claim 35 wherein creating a variation of the potentially misappropriated data comprises an element selected from the group consisting of: applying a fuzzy algorithm to the possibly misappropriated data and transforming the potentially misappropriated data in accordance with a known variation of a data pattern associated with the potentially misappropriated data.
Coggeshall, par 0070, identity manipulation score based on “custom-built fuzzy matching and weighted voting rules that are designed to focus on deliberate and improper PII variations while being robust to likely typos”
39. The computer-implemented method of claim 35 further comprising: receiving from a user the potentially misappropriated data; wherein the potentially misappropriated data are received in a cryptographically hashed form; and wherein creating a variation of the potentially misappropriated data comprises receiving a hashed variation of the possibly misappropriated data from the user.
Claim 1...
receiving from a user, an electronic communication containing a first search term comprising personal data of a data type; determining the data type of the first search term based on one or more patterns; cryptographically hashing the first search term; scraping data from the Internet, said data comprising misappropriated personal data;...
40. The computer-implemented method of claim 35 wherein taking remedial action comprises transmitting a report including information based on results of the second searching of the Internet.
Claim 1....
transmitting information associated with the one or more matches in a report indicating a possible theft of personal data.

	
Regarding claim 29, the ‘250 does not explicitly recite gathering supplemental data related to the potentially misappropriated data and based at least in part on the supplemental data, taking remedial action, however, in an analogous art in identify misappropriation of data, Steele disclosed gathering supplemental data related to the potentially misappropriated data (Steele, par 0007, “identifying external data for the user, wherein the external data comprises security threat data for the user from an external data source, and wherein the external data is received from an external data source system”, and par 0006, “The system leverages existing data to give users a vulnerability assessment or rating based on external dark web data (SSN, email, birth date, and other personal data on the Internet), credit card misappropriation trends (from financial institution systems), and the like. The system could also leverage/source existing external privacy services such as dark web search (using email addresses or the like), or other similar services to aggregate the appropriate external data in real time.”, and “identifying internal data for the user, wherein the internal data comprises security threat data for the user from an internal data source”, further par 10, “In some embodiments, the internal data comprises: internal product data, wherein the product data is associated with products of the user; and incident data related to the user, wherein the incident data comprises resource account management incidents associated with the user”); and based, at least in part, on the scraped and supplemental data, taking remedial action (Steele, par 0007-0008, “...determining the user specific vulnerability assessment comprising information security threats for the user based on the external data and the internal data; ....determining mitigation actions based on the one or more security threats, wherein the mitigation actions comprises steps for user action to positively adjust the vulnerability level for the user comprising security controls for implementation by user to mitigate the one or more security threats”); it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the system of the ‘250 patent to incorporate the determining of remedial action based on the collection of external data and internal/supplemental data as disclosed by Steele, in order to determine information security threats posed to users as suggested by Steele (Steele, par 0003). The same rationale applies to claims 30, 31 and 36.
Regarding claim 35, the ‘250 patent does not explicitly recite creating a variation of the potentially misappropriated data; and second searching the Internet for the variation of the potentially misappropriated data; in an analogous art in network data security management, Coggeshall disclosed generating and searching variation of identification data in determining identity fraud (Coggeshall, par 0010, “The generated identity manipulation score is also based on magnitude and type of variations of the identity information pertaining to the individual, wherein the magnitude and type of variations of the identity information pertaining to the individual are identified by the identity resolution and manipulation detection computer”); it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the system of the ‘250 to incorporate the identifying identity manipulation based on variations of identity information as disclosed by Coggeshall, because variations of identification information are common fraudulent use of identification information as suggested by Coggeshall (Coggeshall, par 0005, “a fraudster using slight variations of his Social Security number, and in doing so he will frequently inadvertently use someone else's Social security number.”), therefore, searching variations of misappropriated data would further identify potential fraudster based on variations of identification information. The same rationale applies to claim 38.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 29-40 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claim 29 recites the limitation "the potentially misappropriated data" in line 4.  There is insufficient antecedent basis for this limitation in the claim.
Claim 35 recites the limitation "the potentially misappropriated data" in line 4.  There is insufficient antecedent basis for this limitation in the claim. 
The dependent claims included in the statement of rejection but not specifically addressed in the body of the rejection have inherited the deficiencies of their parent claim and have not resolved the deficiencies. Therefore, they are rejected based on the same rationale as applied to their parent claims above.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 29-30, and 32 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by US PG-PUB No. 2019/0166153 A1 to Steele (hereinafter Steele).
As per claim 29, Steele disclosed a computer-implemented method for responding to a possible misappropriation of data on the Internet (Steele, Abstract, and par 0006-0008, vulnerability assessment based on external dark web data and determining mitigation actions), the method comprising executing on a processor instructions including: 
searching the Internet for the potentially misappropriated data (Steele, par 0007, “identifying external data for the user, wherein the external data comprises security threat data for the user from an external data source, and wherein the external data is received from an external data source system”, and par 0006, “The system leverages existing data to give users a vulnerability assessment or rating based on external dark web data (SSN, email, birth date, and other personal data on the Internet), credit card misappropriation trends (from financial institution systems), and the like. The system could also leverage/source existing external privacy services such as dark web search (using email addresses or the like), or other similar services to aggregate the appropriate external data in real time.”); 
for Internet sites found to contain the potentially misappropriated data: scraping the potentially misappropriated data from the sites; and gathering supplemental data related to the potentially misappropriated data (Steele, par 0007, “identifying external data for the user, wherein the external data comprises security threat data for the user from an external data source, and wherein the external data is received from an external data source system”, and par 0006, “The system leverages existing data to give users a vulnerability assessment or rating based on external dark web data (SSN, email, birth date, and other personal data on the Internet), credit card misappropriation trends (from financial institution systems), and the like. The system could also leverage/source existing external privacy services such as dark web search (using email addresses or the like), or other similar services to aggregate the appropriate external data in real time.”, and “identifying internal data for the user, wherein the internal data comprises security threat data for the user from an internal data source”, further par 10, “In some embodiments, the internal data comprises: internal product data, wherein the product data is associated with products of the user; and incident data related to the user, wherein the incident data comprises resource account management incidents associated with the user”); and 
based, at least in part, on the scraped and supplemental data, taking remedial action (Steele, par 0007-0008, “...determining the user specific vulnerability assessment comprising information security threats for the user based on the external data and the internal data; ....determining mitigation actions based on the one or more security threats, wherein the mitigation actions comprises steps for user action to positively adjust the vulnerability level for the user comprising security controls for implementation by user to mitigate the one or more security threats”).

As per claim 30, Steele disclosed the computer-implemented method of claim 29 wherein searching the Internet comprises searching sites on the surface web, on the deep web, and on the dark web (Steele, par 0006, “The system leverages existing data to give users a vulnerability assessment or rating based on external dark web data (SSN, email, birth date, and other personal data on the Internet), credit card misappropriation trends (from financial institution systems), and the like. The system could also leverage/source existing external privacy services such as dark web search (using email addresses or the like), or other similar services to aggregate the appropriate external data in real time.”).

As per claim 32, Steele disclosed the computer-implemented method of claim 29 wherein taking remedial action comprises taking an action selected from the group consisting of: transmitting a report including at least some of the scraped and supplemental data, requesting a takedown, resetting a credential, blocking account access, monitoring a financial account, and locking a financial account (Steele, par 0053, “...the assessments and/or the determination of the security threats may result in the implementation of security controls....monitoring of the electronic communications for confidential information of the user; monitoring and controlling write privileges to external drives; the devices within the business include anti-virus technology; access to data requires multifactor authentication; password requirements are instituted; encryption access is split to require multiple people in order to access such information; monitoring of security log information occurs; and/or the like”, par 0068, “These mitigation actions may be limiting the user of one or more credit cards, limiting purchases at one or more locations or merchants, limiting dissemination of user data to one or more third party sources, or the like”).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claim 31 is rejected under 35 U.S.C. 103 as being unpatentable over Steele as applied to claim 29 above, and further in view of US PG-PUB No. 2017/0078321 A1 to Maylor et al. (hereinafter Maylor).
As per claim 31, Steele disclosed the computer-implemented method of claim 29; Steele does not explicitly disclose supplemental data are selected from the group consisting of: site metadata, Markup Language data, Secure Socket Layer data, a Domain Name System record, a site address, WHOIS data, and site data analytics; however, in an analogous art in network data security management, Maylor disclosed utilizing site meta data and site address  (Maylor, par 0087, “any form of identity for a web page instead of or in addition to a domain name. A web page identity may include for example, without limitation, a domain name for the associated web site, a complete URLs for the web page, an IP address for the web site, or information associated with or derived from a certificate associated with the web site” are used in determining potential threats); it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the system of Steele to incorporate the use of site metadata for determining potential threats as disclosed by Maylor, in order to determine whether access is authorized based on blacklist or whitelist as suggested by Maylor (Maylor, par 0087).

Claim  33 is rejected under 35 U.S.C. 103 as being unpatentable over Steele as applied to claim 29 above, and further in view of US-PGPUB No.  20150215325 A1 to Ogawa (hereinafter Ogawa).
As per claim 33, Steele disclosed the computer-implemented method of claim 29; Steele does not explicitly disclose receiving from a user the potentially misappropriated data, however, in an analogous art in network data security management, Ogawa disclosed receiving from a user the potentially misappropriated data (Ogawa, Abstract, “obtaining a request for data; obtaining a characteristic associated with the request for data”, also Fig. 5, ref. 502, and par 0072-0074, inputs to search form such as search terms as an example of characteristics); it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the system of Steele to incorporate the receiving from a user the potentially misappropriated data as disclosed by Ogawa, such implementation would ensure continuous active data security as suggested by Ogawa (Ogawa, par 0072).

Claims 34 is rejected under 35 U.S.C. 103 as being unpatentable over Steele in view of Ogawa as applied to claim 33 above, and further in view of US PG-PUB 20160180088 A1 to Zhang et al. (hereinafter Zhang).
As per claim 34, Steele-Ogawa disclosed the computer-implemented method of claim 33; Ogawa disclosed receiving search terms from user but does not explicitly disclose the potentially misappropriated data are received in a cryptographically hashed form; however, in an analogous art in data management and analysis, Zhang disclosed the concept of generating hash for search terms and identify corresponding data in database based on comparison of hash values (Zhang, Fig. 1, and par 0019, 0038, 0039, match strings through hashes instead of literal string matching against whitelist hash string database and blacklist hash string database); it would have been obvious to one of ordinary skill in the art before the effectively filing date of the invention, to modify the system of Ogawa to incorporate the concept of using hash for string search and matching as disclosed by Zhang, such implementation would provide more efficient search function as disclosed by Zhang (Zhang, par 0019).

Claims 35-38 and 40 are rejected under 35 U.S.C. 103 as being unpatentable over Steele, and further in view of US PG-PUB No. 2013/0333048 A1 to Coggeshall et al. (hereinafter Coggeshall).
As per claim 35, Steele disclosed a computer-implemented method for responding to a possible misappropriation of data on the Internet (Steele, Abstract, and par 0006-0008, vulnerability assessment based on external dark web data and determining mitigation actions), the method comprising executing on a processor instructions including: 
first searching the Internet for the potentially misappropriated data (Steele, par 0007, “identifying external data for the user, wherein the external data comprises security threat data for the user from an external data source, and wherein the external data is received from an external data source system”, and par 0006, “The system leverages existing data to give users a vulnerability assessment or rating based on external dark web data (SSN, email, birth date, and other personal data on the Internet), credit card misappropriation trends (from financial institution systems), and the like); 
if the potentially misappropriated data are found: second searching the Internet for the variation of the potentially misappropriated data (Steele, par 0006, “...The system could also leverage/source existing external privacy services such as dark web search (using email addresses or the like), or other similar services to aggregate the appropriate external data in real time.”, and “identifying internal data for the user, wherein the internal data comprises security threat data for the user from an internal data source”, services for aggregating external data and internal data are both examples of second search); and 
based, at least in part, on results of the first and second searchings, taking remedial action (Steele, par 0007-0008, “...determining the user specific vulnerability assessment comprising information security threats for the user based on the external data and the internal data; ....determining mitigation actions based on the one or more security threats, wherein the mitigation actions comprises steps for user action to positively adjust the vulnerability level for the user comprising security controls for implementation by user to mitigate the one or more security threats”); 
Steele does not explicitly disclose creating a variation of the potentially misappropriated data; and second searching for the variation of the potentially misappropriated data, however, in an analogous art in network data security management, Coggeshall disclosed generating and searching variation of identification data in determining identity fraud (Coggeshall, par 0010, “The generated identity manipulation score is also based on magnitude and type of variations of the identity information pertaining to the individual, wherein the magnitude and type of variations of the identity information pertaining to the individual are identified by the identity resolution and manipulation detection computer”); it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the system of Steele to incorporate the identifying identity manipulation based on variations of identity information as disclosed by Coggeshall, because variations of identification information are common fraudulent use of identification information as suggested by Coggeshall (Coggeshall, par 0005, “a fraudster using slight variations of his Social Security number, and in doing so he will frequently inadvertently use someone else's Social security number.”), therefore, searching variations of misappropriated data would further identify potential fraudster based on variations of identification information.

As per claim 36, Steele-Coggeshall disclosed the computer-implemented method of claim 35 wherein first and second searchings of the Internet comprise searching portions of the surface web, of the deep web, and of the dark web (Steele, par 0006, “The system leverages existing data to give users a vulnerability assessment or rating based on external dark web data (SSN, email, birth date, and other personal data on the Internet), credit card misappropriation trends (from financial institution systems), and the like. The system could also leverage/source existing external privacy services such as dark web search (using email addresses or the like), or other similar services to aggregate the appropriate external data in real time.”).

As per claim 37, Steele-Coggeshall disclosed the computer-implemented method of claim 36 wherein taking remedial action comprises transmitting a report and wherein the report comprises an impact evaluation based, at least in part, on whether the potentially misappropriated data were found on the surface web, on the deep web, or on the dark web (Steele, par 0029-0030, “...the system may combine internal and external vulnerability data and utilize an information threat assessment engine to review and compare user vulnerabilities to other users to identify a relative vulnerability assessment for the user. The system may then generate a user vulnerability level that gives the user a view of vulnerabilities for privacy misappropriation. Based on the external and internal data, the system may also generate mitigation actions such as tools and tips for user to reduce fraud risk based on the user specific internal and external data....the system may present the information security vulnerability level and mitigation actions to user via secure interface.”, par 0006, vulnerability assessment or rating being based on external dark web data and other external privacy services such as dark web search or other similar services; and par 0046, “The external data 110 may include different types of external threat data regarding third-parties or users, such as open source threat data 112....the open source a data may be a summary threat level of third-parties based on the information that the external data source has on the third-parties. The open source data 112 may further be based on a category type of the third-parties (e.g., type of business in which the third-party is involved), such as the products that the third-parties offers and the information to which the third-parties have access.”).

As per claim 38, Steele-Coggeshall disclosed the computer-implemented method of claim 35 wherein creating a variation of the potentially misappropriated data comprises an element selected from the group consisting of: applying a fuzzy algorithm to the possibly misappropriated data and transforming the potentially misappropriated data in accordance with a known variation of a data pattern associated with the potentially misappropriated data (Coggeshall, par 0070, identity manipulation score based on “custom-built fuzzy matching and weighted voting rules that are designed to focus on deliberate and improper PII variations while being robust to likely typos”, the reasons of obviousness have been noted in the rejection of claim 35 above and applicable herein).

As per claim 40, Steele-Coggeshall disclosed the computer-implemented method of claim 35 wherein taking remedial action comprises transmitting a report including information based on results of the second searching of the Internet (Steele, par 0029-0030, “...the system may combine internal and external vulnerability data and utilize an information threat assessment engine to review and compare user vulnerabilities to other users to identify a relative vulnerability assessment for the user. The system may then generate a user vulnerability level that gives the user a view of vulnerabilities for privacy misappropriation. Based on the external and internal data, the system may also generate mitigation actions such as tools and tips for user to reduce fraud risk based on the user specific internal and external data....the system may present the information security vulnerability level and mitigation actions to user via secure interface.”.

Claim 39 is rejected under 35 U.S.C. 103 as being unpatentable over Steele in view of Coggeshall as applied to claim 35 above, and further in view of Zhang.
As per claim 39, Steele-Coggeshall-Zhang disclosed the computer-implemented method of claim 35 further comprising: receiving from a user the potentially misappropriated data; wherein the potentially misappropriated data are received in a cryptographically hashed form; and wherein creating a variation of the potentially misappropriated data comprises receiving a hashed variation of the possibly misappropriated data from the user (Zhang, Fig. 1, and par 0019, 0038, 0039, match strings through hashes instead of literal string matching against whitelist hash string database and blacklist hash string database; the reasons of obviousness have been noted in the rejection of claim 34 above and applicable herein).


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
McCorkendale (US Pat. No. 9,614,826 B1) disclosed a method and system for sensitive data protection. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Linglan Edwards whose telephone number is (571)270-5440.  The examiner can normally be reached on 8:00am - 4:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok B Patel can be reached on 5712723972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/LINGLAN EDWARDS/Primary Examiner, Art Unit 2491