Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present Office Action is responsive to communication receive 9/27/2022. 

Election/Restriction
In response to restriction requirements, Applicant chose Group 1 without traverse. Claims 21-26 are added and are directed to group 1. Therefore, claims 1-14 and 21-26 are pending for examination.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-7, 21-26 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claims 1-7 recite: “receiving a request including a query to evaluate a data risk management capability of a third-party to provide data of a second-party to the third-party”; the limitation is unclear as it recites the risk of a party to provide data to itself. For examination purposes, the limitation will be considered as : “receiving a request including a query to evaluate a data risk management capability of a third-party to provide data of a second-party”. Clarification is kindly requested.





Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.



Claims 8-10 and 12  are rejected under 35 U.S.C. 102 a1 as being anticipated by publication by Harkous et al “Polisis: Automated analysis and presentation of privacy policies using deep learning”, 27th USENIX Security Symposium., 2018, 531-548 hereinafter Harkous. 
Regarding claim 8, Harkous discloses a method, comprising: receiving, at a processor, a request including a query to evaluate a data risk management capability of a third-party (p. 533: on left, first para.: receive query about privacy policy of a company); retrieving, via the processor and based on the received request, third-party data related to the data risk management capability of the third-party from a data source ; parsing, via the processor, the retrieved third-party data to extract information responsive to the query of the request (p.533: on left: obtain policy’ webpage, partition policy into segments; extract privacy classes (class-value pairs) embedded within policy’s segments- p.534, on right: crawl webpages to obtain policies, annotate policy segments according to high-level categories; the webpage is the data source, the policies are the third-party data); performing, via the processor, a data risk assessment of the third-party based on the extracted information responsive to the query (p.534, 4.3- p.535 on left : the risk assessment is the determination of the probability of occurrence of high-level categories of the segments such as and probability of occurrence of the values for each attribute ); and generating, via the processor, a third-party data risk rating evaluating the data risk management capability of the third-party based on the data risk assessment (p.537: automatically assign privacy icons and colors to segments (data risk ratings) based on occurrences of categories and the labelling from the structured queries) without input from a computing device of the third-party about the data risk management capability of the third- party (p.531-532, on right: Our framework: the process uses an automated, machine learning classifier, automatically assigning icons and labels using structured queries).  

Regarding claim 9, Harkous discloses the method of claim 8, wherein the data source is a World Wide Web and retrieving the third-party data includes web-spidering the World Wide Web (p.534, 4.1 crawl metadata of apps to find privacy policies).   

Regarding claim 10, Harkous discloses the method of claim 8, wherein the third-party data includes a publicly available privacy policy statement of the of the third-party related to the data risk management capability of the third-party.  (p.535, Fig. 3: policy categories e.g data retention with stated period (limited, indefinitely, unspecified ...p.533 on right: privacy policies are public, retrieved from the web using URLs). 
Regarding claim 12, Harkous discloses the method of claim 8, wherein the parsing the retrieved third-party data includes performing natural language processing of the retrieved third-party data to identify the information responsive to the query of the request (p.532, 2: determine semantically coherent segments i.e groups of consecutive sentences).


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Harkous, in view of publication by Aastrand et al “EULA - End-User Licence Agreement - Satellite Remote Sensing Data”, EU Joint Research Centre, 2012, 13 pages, hereinafter Aastrand.

Regarding claim 11, Harkous discloses the method of claim 10, but does not teach: wherein the publicly available privacy policy statement includes an end user license agreement (EULA) of the third-party or a legal declaration of the third-party.  
 However, an end user license agreement (EULA) of the third-party is well common on a provider’s data access policy, as attested by Aastrand (p. 4). It would have been obvious to a skilled artisan before the application was filed to include such EULA in the policy statement because it would set the terms and conditions, as well as warranties, particular limitations and liabilities associated with accessing the provider’s content (see Aastrand page 4, first para).

Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Harkous, in view of US 20210216656 to Xuan et al., hereinafter Xuan.
Regarding claim 13, Harkous discloses the method of claim 8, but does not explicitly teach wherein the processor is of a first-party entrusted with data of a second-party, the method further comprising: providing, via the processor, the data of the second-party to the third-party if the third- party data risk rating is no less than a threshold data risk rating indicating a minimal third-party data risk management capability.
In an analogous art, Xuan discloses a destination device to comply with security policies ([0008]). Xuan discloses wherein the processor is of a first-party entrusted with data of a second-party, the method further comprising: providing, via the processor, the data of the second-party to the third-party if the third- party data risk rating is no less than a threshold data risk rating indicating a minimal third-party data risk management capability (Fig. 2, steps 240-250: determine risk score for destination device meets a threshold i.e is no less than a threshold ([0048], send encrypted data to the destination device or server, the encrypted data received from a first device or source device (([0030]).
It would have been obvious to a skilled artisan before the application was field to provide data to the third-party after assessing the third-party’s risk as taught by Xuan because it would ensure a safe sharing of data of a first entity to a third-party without exposing the data to security risk (Xuan [0001]), improving data confidentiality).

Claim 14, are rejected under 35 USC 103 as being unpatentable over Harkous, in view of Xuan and further in view of publication by Curry titled “Key Update and the Complete Story on the Need for Two Key Pairs”, Entrust, 1998., 10 pages, hereinafter Curry.
Regarding claim 14, Harkous in view of Xuan discloses the method of claim 13, wherein the data of the second-party is asymmetrically encrypted (Xuan [0030]: send source ‘s encrypted data to server, the server decrypts with a private key [0036])), but does not explicitly teach a keypair configured to expire within a pre-determined period.  
Using keypair configured with an expiration time is well known in the art as evidenced by Curry who, in an analogous art, teaches updating key public-private key pairs before they expire (p.4-5: under Key Update; p.7 lifeline of public key). Therefore, Curry discloses the limitation. It would have been obvious to a skilled artisan before the application was field to provide data encrypted with a keypair configured to expire within a predetermined period as taught by Curry because it “provides an automated mechanism for restricting the amount of data which may be exposed when a private key is compromised ...  and provides a transparent way to change algorithms and/or key lengths (for example, a user wants to change from RSA to DSA for digital signatures) ... (Curry p.6).


Claims 1-4 and 21-24 are rejected under 35 USC 103 as being unpatentable over Harkous, in view of US 20120331567 to Shelton, hereinafter Shelton.
Regarding claim 1, Harkous discloses 
A system, comprising: a non-transitory memory; and a hardware processor coupled with the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising (p.531-532, on right: Our framework: the process uses an automated, machine learning classifier, automatically assigning icons and labels using structured queries; although a non-transitory memory is not explicitly taught, performing operations as claimed is standard practice and would not necessitate any testing): receiving a request including a query to evaluate a data risk management capability of a third-party to provide data of a second-party to the third-party (p. 533: on left, first para.: receive query about privacy policy of a company); web-crawling, based on the received request, a World Wide Web to retrieve third-party data related to the data risk management capability of the third-party (p.534, 4.1); parsing the retrieved third-party data to extract information responsive to the query of the request (p.533: on left: obtain policy’ webpage, partition policy into segments; extract privacy classes (class-value pairs) embedded within policy’s segments- p.534, 4.2: annotate segments according to high-level categories); performing a data risk assessment of the third-party based on the extracted information responsive to the query (p.534, 4.3- p.535 on left : the risk assessment is the determination of the probability of occurrence of high-level categories of the segments such as and probability of occurrence of the values for each attribute).  
Harkous does not explicitly teach the rest of the claim.
In an analogous art, Shelton discloses a system comprising : a non-transitory memory; and a hardware processor coupled with the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations ([00159]: private access bureau which is a computer or microprocessor-based system) comprising: receiving a request from a data holder seeking guidance on whether to share data with a seeker, the private access bureau determining whether the data sharing is permissible under diverse privacy laws and policies, providing a response to the data holder, which shares or withholds the data in accordance with the response ([0046)]. The data for sharing is healthcare data of an individual (claimed second-party) ([0004]), the seeker constitutes the claimed third -party. Therefore it would have been obvious to a skilled artisan before the application was effectively filed to perform:  providing the data of the second-party to the third-party based on the data risk assessment of the third-party , because it would minimize privacy risks and reduce privacy violation risks , and ensure “privacy protections do not foreclose the numerous benefits to be gained from greater data liquidity, including improved services, cost savings, increased revenue and profits” (Shelton [0015]).

Regarding claim 2, Harkous in view of Shelton discloses the system of claim 1, wherein the third-party data includes a privacy policy statement of the of the third-party available on the World Wide Web related to the data risk management capability of the third-party (Harkous p.535, Fig. 3: policy categories e.g data retention with stated period (limited, indefinitely, unspecified ...p.533 on right: privacy policies are public, retrieved from the web using URLs).  

Regarding claim 3, Harkous in view of Shelton discloses the system of claim 1, wherein the parsing the retrieved third-party data includes performing natural language processing of the retrieved third-party data to identify the information responsive to the query of the request (Harkous p.532, 2: determine semantically coherent segments i.e groups of consecutive sentences).  

Regarding claim 4, Harkous in view of Shelton discloses the system of claim 1, wherein the data risk assessment of the third party is performed by the processor without input from a computing device of the third-party about the data risk management capability of the third-party (Harkous p.531-532, on right: Our framework: the process uses an automated, machine learning classifier, automatically assigning icons and labels using structured queries).  
Regarding claim 21, the claim recites substantially the same content as claim 1 and is rejected by the rationales set forth for claim 1.
Regarding claim 22, the claim recites substantially the same content as claim 2 and is rejected by the rationales set forth for claim 2.
Regarding claim 23, the claim recites substantially the same content as claim 3 and is rejected by the rationales set forth for claim 3.
Regarding claim 24, the claim recites substantially the same content as claim 4 and is rejected by the rationales set forth for claim 4.

Claims 5-6 and 26  rejected under 35 USC 103 as being unpatentable over Harkous and Shelton, in view of Xuan.
Regarding claim 5, Harkous in view of Shelton discloses the system of claim 1, wherein the data risk assessment of the third-party includes a third-party data risk rating evaluating the data risk management capability of the third-party, the operations further comprising: providing the data of the second-party to the third-party if the third-party data risk rating is no less than a threshold data risk rating indicating minimal third-party data risk management capability of the third-party.
In an analogous art, Xuan discloses a destination device to comply with security policies ([0008]). Xuan discloses wherein the processor is of a first-party entrusted with data of a second-party, the method further comprising: providing, via the processor, the data of the second-party to the third-party if the third-party data risk rating is no less than a threshold data risk rating indicating a minimal third-party data risk management capability (Fig. 2, steps 240-250: determine risk score for destination device meets a threshold i.e is no less than a threshold ([0048], send encrypted data to the destination device or server, the encrypted data received from a first device or source device (([0030]).
It would have been obvious to a skilled artisan before the application was field to provide data to the third-party after assessing the third-party’s risk as taught by Xuan because it would ensure a safe sharing of data of a first entity to a third-party without exposing the data to security risk (Xuan [0001]), improving data confidentiality).
Regarding claim 26, the claim recites substantially the same content as claim 5 and is rejected by the rationales set forth for claim 5.

Regarding claim 6, Harkous in view of Shelton discloses the system of claim 1, but does not teach wherein the data of the second-party is encrypted. In an analogous art, Xuan discloses a destination device to comply with security policies ([0008]). Xuan discloses receiving data of a second-party, which is encrypted ([0030]), therefore Xuan discloses the limitation. It would have been obvious to a skilled artisan before the application was effectively filed to encrypt the data to ensure data confidentiality and prevent interception from an attacker.

Claims 7 and 25  rejected under 35 USC 103 as being unpatentable over Harkous,  Shelton and Xuan, in view of Curry.
Regarding claim 7, Harkous in view of  Shelton and Xuan discloses the system of claim 6, wherein the data of the second-party is encrypted asymmetrically (Xuan [0030]: send source ‘s encrypted data to server, the server decrypts with a private key [0036])) but does not teach with a keypair configured to expire within a pre-determined period.
Using keypair configured with an expiration time is well known in the art as evidenced by Curry who, in an analogous art, teaches updating key public-private key pairs before they expire (p.4-5: under Key Update; p.7 lifeline of public key). Therefore, Curry discloses the limitation. It would have been obvious to a skilled artisan before the application was field to provide data encrypted with a keypair configured to expire within a predetermined period as taught by Curry because it “provides an automated mechanism for restricting the amount of data which may be exposed when a private key is compromised ...  and provides a transparent way to change algorithms and/or key lengths (for example, a user wants to change from RSA to DSA for digital signatures) ... (Curry p.6).
Regarding claim 25, Harkous in view of  Shelton discloses the non-transitory machine-readable medium of claim 21, but does  not teach wherein the data of the second-party is encrypted asymmetrically with a keypair.
In an analogous art, Xuan discloses a destination device to comply with security policies ([0008]). Xuan discloses sending encrypted data to the destination device or server, the encrypted data received from a first device or source device (([0030]).
It would have been obvious to a skilled artisan before the application was field to provide data to the third-party after assessing the third-party’s risk as taught by Xuan because it would ensure a safe sharing of data of a first entity to a third-party without exposing the data to security risk (Xuan [0001]), improving data confidentiality). 
Harkous in view of Shelton and Xuan discloses the data of the second-party is encrypted asymmetrically (Xuan [0030]: send source ‘s encrypted data to server, the server decrypts with a private key [0036])) but does not teach with a keypair configured to expire within a pre-determined period.
Using keypair configured with an expiration time is well known in the art as evidenced by Curry who, in an analogous art, teaches updating key public-private key pairs before they expire (p.4-5: under Key Update; p.7 lifeline of public key). Therefore, Curry discloses the limitation. It would have been obvious to a skilled artisan before the application was field to provide data encrypted with a keypair configured to expire within a predetermined period as taught by Curry because it “provides an automated mechanism for restricting the amount of data which may be exposed when a private key is compromised ...  and provides a transparent way to change algorithms and/or key lengths (for example, a user wants to change from RSA to DSA for digital signatures) ... (Curry p.6).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Wandall et al. 20200387630 disclose a risk assessment engine, analyzing  personal data, including sensitive data and other privacy data.
Barday 20200020008 disclose a method for retrieving data regarding a plurality of  privacy campaigns, and for using that data to assess a relative risk associated with the data privacy campaign, provide an audit schedule for each campaign, and electronically display campaign information. 
Aminian et al 20200320418 disclose a third-party data management system, including receiving a request to add a third-party data for sharing data; using a classification algorithm trained using a machine learning process, analyze one or more types of  data that will be shared with the third-party to determine a risk of  sharing data with the third-party.

Ukil 20150269391 disclose a  model based on analytical analysis of privacy content, a privacy requirement of the user and a utility requirement of a third-party to which the private data is disclosed, where the model is indicative of optimal private data sharing technique with the third-party.
 Cook 20160164915 discloses assigning privacy policy scores for visited websites (either before or after the user visits the site) and by selectively blocking access to websites that have a privacy policy score  that is below a user-defined threshold.  
Duri et al  7401233 disclose sharing telematics data for a vehicle with service providers including receiving the telematics data for the vehicle, where the telematics data dynamically changes over time, and comparing the telematics data with a privacy policy associated with the vehicle. The privacy policy can specify rules for selectively releasing items of the telematics data to one or more service providers.
Dixon et al 20060253583  disclose receiving an indicator of an attempt by a user to interact with a website and presenting indicia of the website's reputation to the user, the reputation may be at least in part based on information about how an entity associated with the website treats personal information of users of the website; automatically extracting information from EULAs and summarize it for the user.
Walker et al 20210390190  disclose receiving a privacy risk score for a requesting device characterizing a degree of cyber risk for sharing data. Initial privacy settings are received for the user via a GUI in response to the privacy risk score characterizing the user data allowable for sharing. 
Pelta et al 11232256 discloses assessing data share in light of a variety of policies. For example, data that is subject to the policies of the organization or to regulations/laws requires a risk assessment, review and, where appropriate, risk acceptance before it is shared or transmitted to an external entity. The assessment is based on a questionnaire.

Aaron K Massey, Jacob Eisenstein, Annie I Anton, and Peter P Swire “ Automated text mining for requirements analysis of policy documents”. In 2013 21st IEEE International Requirements Engineering Conference (RE), pages 4–13. IEEE disclose automatic, machine learning method that parses segments of policies, also answer questionnaire automatically , to evaluate document policies for compagnies.
Sebastian Zimmeck, Ziqi Wang, Lieyong Zou, Roger Iyengar, Bin Liu, Florian Schaub, Shomir Wilson, Norman Sadeh, Steven M. Bellovin, and Joel Reidenberg “Automated analysis of privacy requirements for mobile apps”, In 2016 AAAI Fall Symposium Series.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CATHERINE B THIAW whose telephone number is (571)270-1138. The examiner can normally be reached Monday-Friday 7am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, CARL G COLIN can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Catherine Thiaw/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        10/28/2022