Prosecution Insights
Last updated: July 17, 2026
Application No. 17/844,250

SYSTEMS, METHODS, AND STORAGE MEDIA FOR VERIFYING DATA

Non-Final OA §102§103§112
Filed
Jun 20, 2022
Examiner
DWIVEDI, MAHESH H
Art Unit
2168
Tech Center
2100 — Computer Architecture & Software
Assignee
Data Sentinel AI Inc.
OA Round
3 (Non-Final)
69%
Grant Probability
Favorable
3-4
OA Rounds
0m
Est. Remaining
74%
With Interview

Examiner Intelligence

Grants 69% — above average
69%
Career Allowance Rate
527 granted / 759 resolved
+14.4% vs TC avg
Minimal +4% lift
Without
With
+4.3%
Interview Lift
resolved cases with interview
Typical timeline
3y 7m
Avg Prosecution
29 currently pending
Career history
781
Total Applications
across all art units

Statute-Specific Performance

§101
6.1%
-33.9% vs TC avg
§103
75.7%
+35.7% vs TC avg
§102
11.0%
-29.0% vs TC avg
§112
4.5%
-35.5% vs TC avg
Black line = Tech Center average estimate • Based on career data from 759 resolved cases

Office Action

§102 §103 §112
DETAILED ACTION 1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Continued Examination Under 37 CFR 1.114 2. A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 01/29/2026 has been entered. Response to Amendment 3. Receipt of Applicant’s Amendment filed on 01/29/2026 is acknowledged. The amendment includes the cancellation of claims 1-19 and 21 and the addition of claims 22-40. Specification 4. The disclosure is objected to because it contains an embedded hyperlink (See Paragraphs 71 and 123) and/or other form of browser-executable code. Applicant is required to delete the embedded hyperlink and/or other form of browser-executable code; references to websites should be limited to the top-level domain name without any prefix such as http:// or other browser-executable code. See MPEP § 608.01. Claim Objections 5. Claim 33 is objected to because of the following informalities: The phrase “notifying a third party of a difference between a new data values and the at least one allowable data value” is grammatically incoherent and should be replaced with “notifying a third party of a difference between a new data value and the at least one allowable data value”. Appropriate correction is required. Claim 36 is objected to because of the following informalities: There should be a comma between the terms “claim 24” and “wherein”. Appropriate correction is required. Claim 36 is objected to because of the following informalities: There should be a colon instead of a comma after the phrase “the one or more computing device features are associated with one or more of”. Appropriate correction is required. Claim Rejections - 35 USC § 112 6. The rejections raised in the Office Action mailed on 09/03/2025 have been rendered moot by applicant’s amendment (the cancellation of claims 1-19 and 21) received on 01/29/2025. 7. The following is a quotation of the first paragraph of 35 U.S.C. 112(a): (a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention. 8. The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112: The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention. 9. Claim 23 is rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Specifically, there is no support whatsoever in the instant specification for the newly added limitation directed towards “analyze the request to obtain at least one new allowable data value corresponding to the new data values”. For the purposes of examining the instant application, there examiner interprets the aforementioned as simply the obtaining of at least one allowable data value. 10. The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. 11. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. 12. Claim 22 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Specifically, it is unclear as to whether the claimed the claimed “computing device” in the limitation “one or more hardware processors configured by machine-readable instructions to: monitor a digital touchpoint executing on a computing device” refers to the earlier claimed “computing device” in the preamble of “A system configured for verifying data generated in a computing device”. For the purposes of examining the instant application, the examiner interprets the latter claimed “computing device” as referring to the earlier claimed “computing device”. Dependent claim 23 is rejected for incorporating the deficiencies of independent claim 22. Claim 24 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Specifically, it is unclear as to whether the claimed “at least one allowable data value” in the limitation “determining whether the data values include at least one allowable data value by comparing the data values to the at least one allowable data value” refers to the earlier claimed “at least one allowable data value” in the earlier limitation of “obtaining at least one allowable data value associated with the at least one event”. Dependent claims 25-39 are rejected for incorporating the deficiencies of independent claim 24. Claim 24 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Specifically, it is unclear as to whether the claimed “at least one allowable data value” in the limitation “determining whether the data values include at least one allowable data value by comparing the data values to the at least one allowable data value” refers to the earlier claimed “at least one allowable data value” in the earlier limitation of “obtaining at least one allowable data value associated with the at least one event” or earlier in the limitation “determining whether the data values include at least one allowable data value by comparing the data values to the at least one allowable data value”. Dependent claims 25-39 are rejected for incorporating the deficiencies of independent claim 24. Claim Rejections - 35 USC § 102 13. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 14. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. 15. Claims 22-29 and 35-40 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Wang et al. (U.S. PGPUB 2022/0414255). 16. Regarding claim 22, Wang teaches a system comprising: A) one or more hardware processors configured by machine-readable instructions to: monitor a digital touchpoint executing on a computing device (Paragraphs 3, 28-29, and 72); B) wherein the digital touchpoint is configured to interact with a user of the computing device and to generate one or more events in response to an interaction between the digital touchpoint and the user (Paragraphs 28-29 and 72); C) generate one or more data values in response to generating the one or more events (Paragraphs 28-29 and 36); D) apply one or more validation rules to the one or more data values (Paragraphs 28-29, 36, and 78); and E) verify whether the one or more data values comprises at least one allowable data value in response to applying the one or more validation rules (Paragraphs 28-29, 36, and 78). The examiner notes that Wang teaches “one or more hardware processors configured by machine-readable instructions to: monitor a digital touchpoint executing on a computing device” as “Another aspect includes a transitory computer-readable medium comprising instructions which, when executed by one or more processors, cause the processors to carry out the methods disclosed herein” (Paragraph 3), “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), and “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72). The examiner further notes that requests (i.e. events) from a user in an executing web browser (i.e. an example of the claimed digital touchpoint) are “monitored” for subsequent verification via user consent data. The examiner further notes that Wang teaches “wherein the digital touchpoint is configured to interact with a user of the computing device and to generate one or more events in response to an interaction between the digital touchpoint and the user” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), and “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72). The examiner further notes that requests (i.e. events) from a user are “generated” when that user interacts with an application/web browser (such as a user selecting a link or manually entering a web address). The examiner further notes that Wang teaches “generate one or more data values in response to generating the one or more events” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36). The examiner further notes that browsing history (i.e. the claimed one or more values in the broadest reasonable interpretation) is “generated” each time a user interacts with a web browser. The examiner further notes that Wang teaches “apply one or more validation rules to the one or more data values” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36), and “a user may consent to location data being sent to a particular digital component distribution system, but not web browsing history. In this example, the device platform can determine whether the request includes location data or web browsing history data. If the request includes web browsing history data, the device platform can remove the web browsing history data from the request. The device platform can include, in the request data that will be transmitted from the client device, the location data consented to be the user” (Paragraph 78). The examiner further notes that the example removal of browsing history (i.e. the claimed one or more values in the broadest reasonable interpretation) is “generated” teaches the claimed application of one or more validation rules. The examiner further notes that Wang teaches “verify whether the one or more data values comprises at least one allowable data value in response to applying the one or more validation rules” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36), and “a user may consent to location data being sent to a particular digital component distribution system, but not web browsing history. In this example, the device platform can determine whether the request includes location data or web browsing history data. If the request includes web browsing history data, the device platform can remove the web browsing history data from the request. The device platform can include, in the request data that will be transmitted from the client device, the location data consented to be the user” (Paragraph 78). The examiner further notes that the example removal of browsing history (i.e. the claimed one or more values in the broadest reasonable interpretation) is “generated” teaches the claimed verification. Regarding claim 23, Wang further teaches a system comprising: A) wherein the digital touchpoint is configured to generate a request for new data comprising new data values in response to the one or more events (Paragraphs 59-60); and B) wherein the system is further configured by machine-readable instructions to: capture the new data values (Paragraphs 59-60); C) analyze the request to obtain at least one new allowable data value corresponding to the new data values (Paragraphs 36 and 59-60); and D) validate the new data values by comparing the new data values to the at least one new allowable data value (Paragraphs 36 and 59-60). The examiner notes that Wang teaches “wherein the digital touchpoint is configured to generate a request for new data comprising new data values in response to the one or more events” as “the client device 110 can request digital components from the digital component distribution system 150. Prior to an application (e.g., a web browser or native application) presenting a digital component, the application can ensure that the user has consented to the digital component being presented. A digital component can include data, e.g., metadata, that specifies the provider (e.g., the digital component distribution system 150, the digital component partner 157, and/or the digital component provider 160) and whether the digital component is a personalized digital component that is selected and/or customized based on the user's data (e.g., based on a user profile generated for the user)” (Paragraph 59) and “Prior to rendering a digital component, the application (e.g., a web browser or native application) can query the consent management module 114 whether the provider has proper user consent to show personalized content to the user. For example, the application can provide, to the consent management module 114, the digital component or metadata fetched previously that specifies the provider and whether the digital component is personalized with the query. The consent management module 114 can determine, based on the current user consent settings and the received digital component or metadata, whether the user has consented to the digital component being presented. The consent management module 114 can then respond to the application with data specifying that the digital component can be presented or not presented. The application can then either present the digital component or block the digital component based on the response from the consent management module 114” (Paragraph 60). The examiner further notes that a client device can request digital components (i.e. new data values). The examiner further notes that Wang teaches “wherein the system is further configured by machine-readable instructions to: capture the new data values” as “the client device 110 can request digital components from the digital component distribution system 150. Prior to an application (e.g., a web browser or native application) presenting a digital component, the application can ensure that the user has consented to the digital component being presented. A digital component can include data, e.g., metadata, that specifies the provider (e.g., the digital component distribution system 150, the digital component partner 157, and/or the digital component provider 160) and whether the digital component is a personalized digital component that is selected and/or customized based on the user's data (e.g., based on a user profile generated for the user)” (Paragraph 59) and “Prior to rendering a digital component, the application (e.g., a web browser or native application) can query the consent management module 114 whether the provider has proper user consent to show personalized content to the user. For example, the application can provide, to the consent management module 114, the digital component or metadata fetched previously that specifies the provider and whether the digital component is personalized with the query. The consent management module 114 can determine, based on the current user consent settings and the received digital component or metadata, whether the user has consented to the digital component being presented. The consent management module 114 can then respond to the application with data specifying that the digital component can be presented or not presented. The application can then either present the digital component or block the digital component based on the response from the consent management module 114” (Paragraph 60). The examiner further notes that the obtained digital component and/metadata teaches the claimed capturing in the broadest reasonable interpretation. The examiner further notes that Wang teaches “analyze the request to obtain at least one new allowable data value corresponding to the new data values” as “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36) and “the client device 110 can request digital components from the digital component distribution system 150. Prior to an application (e.g., a web browser or native application) presenting a digital component, the application can ensure that the user has consented to the digital component being presented. A digital component can include data, e.g., metadata, that specifies the provider (e.g., the digital component distribution system 150, the digital component partner 157, and/or the digital component provider 160) and whether the digital component is a personalized digital component that is selected and/or customized based on the user's data (e.g., based on a user profile generated for the user)” (Paragraph 59) and “Prior to rendering a digital component, the application (e.g., a web browser or native application) can query the consent management module 114 whether the provider has proper user consent to show personalized content to the user. For example, the application can provide, to the consent management module 114, the digital component or metadata fetched previously that specifies the provider and whether the digital component is personalized with the query. The consent management module 114 can determine, based on the current user consent settings and the received digital component or metadata, whether the user has consented to the digital component being presented. The consent management module 114 can then respond to the application with data specifying that the digital component can be presented or not presented. The application can then either present the digital component or block the digital component based on the response from the consent management module 114” (Paragraph 60). The examiner further notes that as explained above, there is no support whatsoever for the new limitation directed towards the analysis of the defined request to obtain the new allowable data value, and as a result, the aforementioned is simply interpreted in the broadest reasonable interpretation as simply the obtaining of at least one allowable data value. The examiner further notes that consent settings (i.e. at least one allowable data value) are “obtained” via an analysis to perform validation. The examiner further notes that Wang teaches “validate the new data values by comparing the new data values to the at least one new allowable data value” as “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36) and “the client device 110 can request digital components from the digital component distribution system 150. Prior to an application (e.g., a web browser or native application) presenting a digital component, the application can ensure that the user has consented to the digital component being presented. A digital component can include data, e.g., metadata, that specifies the provider (e.g., the digital component distribution system 150, the digital component partner 157, and/or the digital component provider 160) and whether the digital component is a personalized digital component that is selected and/or customized based on the user's data (e.g., based on a user profile generated for the user)” (Paragraph 59) and “Prior to rendering a digital component, the application (e.g., a web browser or native application) can query the consent management module 114 whether the provider has proper user consent to show personalized content to the user. For example, the application can provide, to the consent management module 114, the digital component or metadata fetched previously that specifies the provider and whether the digital component is personalized with the query. The consent management module 114 can determine, based on the current user consent settings and the received digital component or metadata, whether the user has consented to the digital component being presented. The consent management module 114 can then respond to the application with data specifying that the digital component can be presented or not presented. The application can then either present the digital component or block the digital component based on the response from the consent management module 114” (Paragraph 60). The examiner further notes that validation is performed against the new data via obtained at least one allowable data value via the use of consent settings. Regarding claim 24, Wang teaches a method comprising: A) monitoring a digital touchpoint executing on a computing device for at least one event generated in response to a user interacting with the digital touchpoint (Paragraphs 28-29 and 72); B) identifying the at least one event generated by the user interacting with the digital touchpoint (Paragraphs 28-29 and 72); C) capturing data associated with the at least one event (Paragraphs 28-29, 36, and 72); D) wherein the data comprises data values (Paragraphs 28-29, 36, and 72); E) obtaining at least one allowable data value associated with the at least one event (Paragraphs 28-29, 36, 72, and 78); and F) determining whether the data values include at least one allowable data value by comparing the data values to the at least one allowable data value (Paragraphs 28-29, 36, 72, and 78). The examiner notes that Wang teaches “monitoring a digital touchpoint executing on a computing device for at least one event generated in response to a user interacting with the digital touchpoint” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), and “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72). The examiner further notes that requests (i.e. events) from a user in an executing web browser (i.e. an example of the claimed digital touchpoint) are “monitored” for subsequent verification via user consent data. The examiner further notes that Wang teaches “identifying the at least one event generated by the user interacting with the digital touchpoint” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), and “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72). The examiner further notes that requests (i.e. events) from a user are “identified” when that user interacts with an application/web browser (such as a user selecting a link or manually entering a web address). The examiner further notes that Wang teaches “capturing data associated with the at least one event” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36), and “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72). The examiner further notes that requests (i.e. events) from a user are “identified” when that user interacts with an application/web browser (such as a user selecting a link or manually entering a web address). Such requests (i.e. events) include captured user data that is “associated” with the events. The examiner further notes that Wang teaches “wherein the data comprises data values” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36), and “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72). The examiner further notes that requests (i.e. events) from a user are “identified” when that user interacts with an application/web browser (such as a user selecting a link or manually entering a web address). Such requests (i.e. events) include captured user data that includes specific “data values” (such as web browsing history, location data, etc). The examiner further notes that Wang teaches “obtaining at least one allowable data value associated with the at least one event” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36), “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72), and “In a particular example, a user may consent to location data being sent to a particular digital component distribution system, but not web browsing history. In this example, the device platform can determine whether the request includes location data or web browsing history data. If the request includes web browsing history data, the device platform can remove the web browsing history data from the request. The device platform can include, in the request data that will be transmitted from the client device, the location data consented to be the user” (Paragraph 78). The examiner further notes that stored user consent settings include “allowable” data values that are associated with events (such as if a user consents to location data). The examiner further notes that Wang teaches “determining whether the data values include at least one allowable data value by comparing the data values to the at least one allowable data value” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36), “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72), and “In a particular example, a user may consent to location data being sent to a particular digital component distribution system, but not web browsing history. In this example, the device platform can determine whether the request includes location data or web browsing history data. If the request includes web browsing history data, the device platform can remove the web browsing history data from the request. The device platform can include, in the request data that will be transmitted from the client device, the location data consented to be the user” (Paragraph 78). The examiner further notes that stored user consent settings include “allowable” data values that are associated with events (such as if a user consents to location data/web browsing history) that are compared to data values associated with an event (See example of browsing history being removed while location data is kept). Regarding claim 25, Wang further teaches a method comprising: A) wherein: determining whether the data values include at least one allowable data value comprises: running a script on the computing device (Paragraph 34); B) wherein, the script applies validation rules to the data values (Paragraphs 77-78); and C) the validation rules comprise rules developed from one of processing data associated with the at least one event and manually provided (Paragraphs 36-37). The examiner notes that Wang teaches “wherein: determining whether the data values include at least one allowable data value comprises: running a script on the computing device” as “A client device 110 can also include a consent management module 114 that enables a user of the client device 110 to manage user consent settings that define whether and/or how the user's data is collected and used. The consent management module 114 can be implemented as a plug-in to the device platform 113, e.g., as a plug-in to the operating system of the client device 110. A plug-in is a software component that provides additional features to an application. In some implementations, the consent management module 114 can be implemented as a plug-in to a web browser or native application” (Paragraph 34). The examiner further notes that an executing device platform 113 and/or plug-in consent management module 114 teaches the claimed running of a script (which is undefined in the claims) in the broadest reasonable interpretation. The examiner further notes that Wang teaches “wherein, the script applies validation rules to the data values” as “Request data is generated according to the current user consent settings (408). The device platform can use the user consent settings to identify portions of the user data that can be included in the request, if any, and portions of the user data that cannot be included in the request, if any. For example, the device platform can evaluate the user consent settings to determine if there are settings for the recipient of the request. If so, the device platform can use those user consent settings to identify the portions of user data that can be included in the request. If not, the consent management module can use the general user consent settings to identify the portions of user data that can be included in the request” (Paragraph 77) and “In a particular example, a user may consent to location data being sent to a particular digital component distribution system, but not web browsing history. In this example, the device platform can determine whether the request includes location data or web browsing history data. If the request includes web browsing history data, the device platform can remove the web browsing history data from the request. The device platform can include, in the request data that will be transmitted from the client device, the location data consented to be the user” (Paragraph 78). The examiner further notes that an executing device platform 113 and/or plug-in consent management module 114 (i.e. examples of the undefined claimed script in the broadest reasonable interpretation) can apply user-defined consent settings (i.e. validation rules). The examiner further notes that Wang teaches “the validation rules comprise rules developed from one of processing data associated with the at least one event and manually provided” as “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36) and “The consent management module 114 can provide one or more consent management user interfaces 116 that enable the user to specify user consent settings. For example, a user interface can present, for each setting, a check box control that allows the user to consent to the setting or decline the setting. In a particular example, a setting may be to enable any user data to be transmitted from the client device 110. In this example, the user can select the check box for the setting (e.g., checked) or not select the check box (e.g., unchecked) to decline the setting” (Paragraph 37). The examiner further notes consent settings (i.e. validation rules) can be manually set by a user. Regarding claim 26, Wang further teaches a method comprising: A) wherein determining whether the data values include at least one allowable data value comprises determining whether the data values comprise personally identifiable information (Paragraphs 28-29, 36, 72, 78, and 81). The examiner notes that Wang teaches “wherein determining whether the data values include at least one allowable data value comprises determining whether the data values comprise personally identifiable information” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36), “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72), “In a particular example, a user may consent to location data being sent to a particular digital component distribution system, but not web browsing history. In this example, the device platform can determine whether the request includes location data or web browsing history data. If the request includes web browsing history data, the device platform can remove the web browsing history data from the request. The device platform can include, in the request data that will be transmitted from the client device, the location data consented to be the user” (Paragraph 78), and “a user may be provided with controls allowing the user to make an election as to both if and when systems, programs, or features described herein may enable collection of user information (e.g., information about a user's social network, social actions, or activities, profession, a user's preferences, or a user's current location), and if the user is sent personalized content or communications from a server. In addition, certain data may be treated in one or more ways before it is stored or used, so that personally identifiable information is removed. For example, a user's identity may be treated so that no personally identifiable information can be determined for the user, or a user's geographic location may be generalized where location information is obtained (such as to a city, ZIP code, or state level), so that a particular location of a user cannot be determined” (Paragraph 81). The examiner further notes that stored user consent settings include “allowable” data values that are associated with events (such as location information (i.e. personally identifiable information)). Regarding claim 27, Wang further teaches a method comprising: A) wherein the at least one event is generated in response to at least one of: selecting a feature on the digital touchpoint; moving information on a display to enable the display of new information; entering information onto the digital touchpoint; providing user consent related to collected information; generating a network request; generating a network request response; interacting with a document object model; loading a domain onto the digital touchpoint; and launching a feature on the digital touchpoint (Paragraphs 28-29 and 72). The examiner notes that Wang teaches “wherein the at least one event is generated in response to at least one of: selecting a feature on the digital touchpoint; moving information on a display to enable the display of new information; entering information onto the digital touchpoint; providing user consent related to collected information; generating a network request; generating a network request response; interacting with a document object model; loading a domain onto the digital touchpoint; and launching a feature on the digital touchpoint” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), and “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72). The examiner further notes that requests (i.e. events) from a user are “identified” when that user interacts with an application/web browser (such as a user manually entering a web address (i.e. entering information onto a web browser (i.e. digital touchpoint))). Regarding claim 28, Wang further teaches a method comprising: A) wherein the at least one allowable data value is based on at least one of: location of the computing device; and identification of the user of the digital touchpoint (Paragraphs 28-29, 36, 72, and 78). The examiner notes that Wang teaches “wherein the at least one allowable data value is based on at least one of: location of the computing device; and identification of the user of the digital touchpoint” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36), “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72), and “In a particular example, a user may consent to location data being sent to a particular digital component distribution system, but not web browsing history. In this example, the device platform can determine whether the request includes location data or web browsing history data. If the request includes web browsing history data, the device platform can remove the web browsing history data from the request. The device platform can include, in the request data that will be transmitted from the client device, the location data consented to be the user” (Paragraph 78). The examiner further notes that stored user consent settings include “allowable” data values that are associated with events (such as location information). Regarding claim 29, Wang further teaches a method comprising: A) wherein at least one feature of the at least one event comprises at least one of: one or more URL components, wherein the one or more URL components comprise at least one of a server-side URL, protocol, a domain, a port, a path name, a query string, a hash fragment, and a data payload; performance information about page load on the digital touchpoint; network request load times; network request data, wherein the network request data comprises at least one of a protocol, a domain, a port, a path name, a query string, a hash fragment, and a data payload; cookie information; JavaScript/JSON variables on the digital touchpoint; one or more values associated with a document object model on the digital touchpoint; one or more event element attributes, wherein the one or more event element attributes comprises at least one of an HTML ID, a class name, XPath, and a text value; a current state of consent values; a size and total number of network requests on a page of the digital touchpoint; at least one of deployment of a technology type directly on the digital touchpoint; a mobile application screen; and a digital touchpoint storage capability (Paragraphs 28-29, 36, and 72). The examiner notes that Wang teaches “wherein at least one feature of the at least one event comprises at least one of: one or more URL components, wherein the one or more URL components comprise at least one of a server-side URL, protocol, a domain, a port, a path name, a query string, a hash fragment, and a data payload; performance information about page load on the digital touchpoint; network request load times; network request data, wherein the network request data comprises at least one of a protocol, a domain, a port, a path name, a query string, a hash fragment, and a data payload; cookie information; JavaScript/JSON variables on the digital touchpoint; one or more values associated with a document object model on the digital touchpoint; one or more event element attributes, wherein the one or more event element attributes comprises at least one of an HTML ID, a class name, XPath, and a text value; a current state of consent values; a size and total number of network requests on a page of the digital touchpoint; at least one of deployment of a technology type directly on the digital touchpoint; a mobile application screen; and a digital touchpoint storage capability” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36), and “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72). The examiner further notes that stored user consent information (i.e. a current state of consent values) is a feature that is “associated” of an event of a user requesting a web page from a browser. Regarding claim 35, Wang further teaches a method comprising: A) wherein the at least one event comprises a request for data (Paragraph 45); B) wherein capturing the data comprises capturing data associated with the request using a script (Paragraphs 34 and 45); C) sending the captured data to a data collection system to update the at least one allowable data value used by a root controller (Paragraph 45). The examiner notes that Wang teaches “wherein the at least one event comprises a request for data” as “The consent management module 114 can, e.g., periodically, send queries 171 to the consent management provider system 170 for updates to the standard settings, logic used to implement the consent management module 114, and/or updates to a recommendation engine 115 (described below). In response, the consent management provider system 170 can provide updates 173 requested by the queries 171. In this way, the consent management module 114 on each client device 110 can be updated, in response to changes in user privacy laws, regulations, or best practices” (Paragraph 45). The examiner further notes that requests (i.e. events) for updates to consent settings teaches the claimed request in the broadest reasonable interpretation. The examiner further notes that Wang teaches “wherein capturing the data comprises capturing data associated with the request using a script” as “A client device 110 can also include a consent management module 114 that enables a user of the client device 110 to manage user consent settings that define whether and/or how the user's data is collected and used. The consent management module 114 can be implemented as a plug-in to the device platform 113, e.g., as a plug-in to the operating system of the client device 110. A plug-in is a software component that provides additional features to an application. In some implementations, the consent management module 114 can be implemented as a plug-in to a web browser or native application” (Paragraph 34) and “The consent management module 114 can, e.g., periodically, send queries 171 to the consent management provider system 170 for updates to the standard settings, logic used to implement the consent management module 114, and/or updates to a recommendation engine 115 (described below). In response, the consent management provider system 170 can provide updates 173 requested by the queries 171. In this way, the consent management module 114 on each client device 110 can be updated, in response to changes in user privacy laws, regulations, or best practices” (Paragraph 45). The examiner further notes that requests (i.e. events) from a user are can include captured updated consent data is “associated” with the request via the use of an executing device platform 113 and/or plug-in consent management module 114 (i.e. a script (which is undefined in the claims) in the broadest reasonable interpretation). The examiner further notes that Wang teaches “sending the captured data to a data collection system to update the at least one allowable data value used by a root controller” as “The consent management module 114 can, e.g., periodically, send queries 171 to the consent management provider system 170 for updates to the standard settings, logic used to implement the consent management module 114, and/or updates to a recommendation engine 115 (described below). In response, the consent management provider system 170 can provide updates 173 requested by the queries 171. In this way, the consent management module 114 on each client device 110 can be updated, in response to changes in user privacy laws, regulations, or best practices” (Paragraph 45). The examiner further notes that “captured” updates to consent settings (i.e. updates to an allowable data value) are sent back to a consent management module 114 for subsequent use. Regarding claim 36, Wang further teaches a method comprising: A) wherein: the at least one allowable data value comprises at least one data value that enables one or more computing device features (Paragraphs 36, 39, and 44); and B) the one or more computing device features are associated with one or more of, a website accessed by the computing device, and a mobile application accessed by the computing device (Paragraphs 28-29, 36, 44, and 72). The examiner notes that Wang teaches “wherein: the at least one allowable data value comprises at least one data value that enables one or more computing device features” as “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36), “The consent management module 114 can enable the user to specify user consent settings that define what data is transmitted from the client device 110, how that data can be used (e.g., to customize content of a web page or application, to select digital components, in encrypted or non-encrypted forms, over secure channels only), to what recipients the data can be sent, whether and for how long the user data can be stored, and/or other appropriate consents to the use of user data. The consent management module 114 can enable the user to specify settings for all recipients, e.g., overall settings, or per recipient. In this way, users have fine-tuned control over how their data is collected and used” (Paragraph 39), and “The consent management module 114 can also include standard settings, e.g., that are based on laws, regulations, or best practices that define whether user data can be collected and/or how the user data can be used. These standard settings can include whether the device platform 113 should send user data or requests to a recipient (e.g., a particular network domain), whether requests to a recipient should contain any user identifiers, whether a recipient could provide personalized content to the user, and/or other appropriate settings” (Paragraph 44). The examiner further notes that user consent (i.e. allowable data) regarding various types of data such as location information, browsing history, etc. “enables” computing device features (which are undefined in the claim). The examiner further notes that Wang teaches “the one or more computing device features are associated with one or more of, a website accessed by the computing device, and a mobile application accessed by the computing device” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36), “The consent management module 114 can also include standard settings, e.g., that are based on laws, regulations, or best practices that define whether user data can be collected and/or how the user data can be used. These standard settings can include whether the device platform 113 should send user data or requests to a recipient (e.g., a particular network domain), whether requests to a recipient should contain any user identifiers, whether a recipient could provide personalized content to the user, and/or other appropriate settings” (Paragraph 44), and “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72). The examiner further notes that user consent (i.e. allowable data) regarding various types of data such as location information, browsing history, etc. “enables” computing device features that are “associated” with recipients (such as websites). Regarding claim 37, Wang further teaches a method comprising: A) transmitting new data values from the computing device (Paragraphs 59 and 60); B) wherein, the at least one allowable data value comprises at least one data value associated with a response to the transmitting the new data values from the computing device (Paragraphs 59 and 60); C) the response comprises a response from a third party (Paragraphs 36, 59, and 60); D) the response comprises response data values (Paragraphs 59 and 60); and E) the method further comprises: receiving the response at the computing device (Paragraphs 59 and 60); and F) verifying whether the response data values comprise at least one of the at least one allowable data value (Paragraphs 59 and 60). The examiner notes that Wang teaches “transmitting new data values from the computing device” as “the client device 110 can request digital components from the digital component distribution system 150. Prior to an application (e.g., a web browser or native application) presenting a digital component, the application can ensure that the user has consented to the digital component being presented. A digital component can include data, e.g., metadata, that specifies the provider (e.g., the digital component distribution system 150, the digital component partner 157, and/or the digital component provider 160) and whether the digital component is a personalized digital component that is selected and/or customized based on the user's data (e.g., based on a user profile generated for the user)” (Paragraph 59) and “Prior to rendering a digital component, the application (e.g., a web browser or native application) can query the consent management module 114 whether the provider has proper user consent to show personalized content to the user. For example, the application can provide, to the consent management module 114, the digital component or metadata fetched previously that specifies the provider and whether the digital component is personalized with the query. The consent management module 114 can determine, based on the current user consent settings and the received digital component or metadata, whether the user has consented to the digital component being presented. The consent management module 114 can then respond to the application with data specifying that the digital component can be presented or not presented. The application can then either present the digital component or block the digital component based on the response from the consent management module 114” (Paragraph 60). The examiner further notes that a request from a client (which entails “new data values” (which are undefined in the claims)) is transmitted from that client. The examiner further notes that Wang teaches “wherein, the at least one allowable data value comprises at least one data value associated with a response to the transmitting the new data values from the computing device” as “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36), “the client device 110 can request digital components from the digital component distribution system 150. Prior to an application (e.g., a web browser or native application) presenting a digital component, the application can ensure that the user has consented to the digital component being presented. A digital component can include data, e.g., metadata, that specifies the provider (e.g., the digital component distribution system 150, the digital component partner 157, and/or the digital component provider 160) and whether the digital component is a personalized digital component that is selected and/or customized based on the user's data (e.g., based on a user profile generated for the user)” (Paragraph 59), and “Prior to rendering a digital component, the application (e.g., a web browser or native application) can query the consent management module 114 whether the provider has proper user consent to show personalized content to the user. For example, the application can provide, to the consent management module 114, the digital component or metadata fetched previously that specifies the provider and whether the digital component is personalized with the query. The consent management module 114 can determine, based on the current user consent settings and the received digital component or metadata, whether the user has consented to the digital component being presented. The consent management module 114 can then respond to the application with data specifying that the digital component can be presented or not presented. The application can then either present the digital component or block the digital component based on the response from the consent management module 114” (Paragraph 60). The examiner further notes that consent data (i.e. allowable data values) is “associated” with the response from the 3rd party distribution system 150. The examiner further notes that Wang teaches “the response comprises a response from a third party” as “the client device 110 can request digital components from the digital component distribution system 150. Prior to an application (e.g., a web browser or native application) presenting a digital component, the application can ensure that the user has consented to the digital component being presented. A digital component can include data, e.g., metadata, that specifies the provider (e.g., the digital component distribution system 150, the digital component partner 157, and/or the digital component provider 160) and whether the digital component is a personalized digital component that is selected and/or customized based on the user's data (e.g., based on a user profile generated for the user)” (Paragraph 59) and “Prior to rendering a digital component, the application (e.g., a web browser or native application) can query the consent management module 114 whether the provider has proper user consent to show personalized content to the user. For example, the application can provide, to the consent management module 114, the digital component or metadata fetched previously that specifies the provider and whether the digital component is personalized with the query. The consent management module 114 can determine, based on the current user consent settings and the received digital component or metadata, whether the user has consented to the digital component being presented. The consent management module 114 can then respond to the application with data specifying that the digital component can be presented or not presented. The application can then either present the digital component or block the digital component based on the response from the consent management module 114” (Paragraph 60). The examiner further notes that the transmitted digital component and/or metadata from a distribution system 150 (i.e. a 3rd party) teaches the claimed response. The examiner further notes that Wang teaches “the response comprises response data values” as “the client device 110 can request digital components from the digital component distribution system 150. Prior to an application (e.g., a web browser or native application) presenting a digital component, the application can ensure that the user has consented to the digital component being presented. A digital component can include data, e.g., metadata, that specifies the provider (e.g., the digital component distribution system 150, the digital component partner 157, and/or the digital component provider 160) and whether the digital component is a personalized digital component that is selected and/or customized based on the user's data (e.g., based on a user profile generated for the user)” (Paragraph 59) and “Prior to rendering a digital component, the application (e.g., a web browser or native application) can query the consent management module 114 whether the provider has proper user consent to show personalized content to the user. For example, the application can provide, to the consent management module 114, the digital component or metadata fetched previously that specifies the provider and whether the digital component is personalized with the query. The consent management module 114 can determine, based on the current user consent settings and the received digital component or metadata, whether the user has consented to the digital component being presented. The consent management module 114 can then respond to the application with data specifying that the digital component can be presented or not presented. The application can then either present the digital component or block the digital component based on the response from the consent management module 114” (Paragraph 60). The examiner further notes that the transmitted digital component and/or metadata from a distribution system 150 (i.e. a 3rd party) includes response data values. The examiner further notes that Wang teaches “the method further comprises: receiving the response at the computing device” as “the client device 110 can request digital components from the digital component distribution system 150. Prior to an application (e.g., a web browser or native application) presenting a digital component, the application can ensure that the user has consented to the digital component being presented. A digital component can include data, e.g., metadata, that specifies the provider (e.g., the digital component distribution system 150, the digital component partner 157, and/or the digital component provider 160) and whether the digital component is a personalized digital component that is selected and/or customized based on the user's data (e.g., based on a user profile generated for the user)” (Paragraph 59) and “Prior to rendering a digital component, the application (e.g., a web browser or native application) can query the consent management module 114 whether the provider has proper user consent to show personalized content to the user. For example, the application can provide, to the consent management module 114, the digital component or metadata fetched previously that specifies the provider and whether the digital component is personalized with the query. The consent management module 114 can determine, based on the current user consent settings and the received digital component or metadata, whether the user has consented to the digital component being presented. The consent management module 114 can then respond to the application with data specifying that the digital component can be presented or not presented. The application can then either present the digital component or block the digital component based on the response from the consent management module 114” (Paragraph 60). The examiner further notes that the transmitted digital component and/or metadata from a distribution system 150 (i.e. a 3rd party) is received from a computing device. The examiner further notes that Wang teaches “verifying whether the response data values comprise at least one of the at least one allowable data value” as “the client device 110 can request digital components from the digital component distribution system 150. Prior to an application (e.g., a web browser or native application) presenting a digital component, the application can ensure that the user has consented to the digital component being presented. A digital component can include data, e.g., metadata, that specifies the provider (e.g., the digital component distribution system 150, the digital component partner 157, and/or the digital component provider 160) and whether the digital component is a personalized digital component that is selected and/or customized based on the user's data (e.g., based on a user profile generated for the user)” (Paragraph 59) and “Prior to rendering a digital component, the application (e.g., a web browser or native application) can query the consent management module 114 whether the provider has proper user consent to show personalized content to the user. For example, the application can provide, to the consent management module 114, the digital component or metadata fetched previously that specifies the provider and whether the digital component is personalized with the query. The consent management module 114 can determine, based on the current user consent settings and the received digital component or metadata, whether the user has consented to the digital component being presented. The consent management module 114 can then respond to the application with data specifying that the digital component can be presented or not presented. The application can then either present the digital component or block the digital component based on the response from the consent management module 114” (Paragraph 60). The examiner further notes that the transmitted digital component and/or metadata from a distribution system 150 (i.e. a 3rd party) is received from a computing device for subsequent verification via the consultation of consent settings. Regarding claim 38, Wang further teaches a method comprising: A) wherein the digital touchpoint is a website (Paragraphs 28-29 and 72). The examiner notes that Wang teaches “wherein the digital touchpoint is a website” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), and “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72). The examiner further notes that website 140 teaches the claimed website. Regarding claim 39, Wang further teaches a method comprising: A) wherein the digital touchpoint is an application (Paragraphs 28-29 and 72). The examiner notes that Wang teaches “wherein the digital touchpoint is an application” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), and “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72). The examiner further notes that an executing web-browser/applications teaches the claimed digital touchpoint. Regarding claim 40, Wang teaches a non-transient computer-readable medium comprising: A) instructions being executable by one or more processors on a computing device to perform a method for verifying data, the method comprising: executing a digital asset on the computing device (Paragraphs 3, 28-29, and 72); B) capturing data associated with a plurality of requests from the computing device to a server external to the computing device in response to a user interacting with the digital asset (Paragraphs 28-29 and 36); C) obtaining at least one allowable data value associated with the plurality of requests (Paragraphs 36 and 78); D) interacting with the computing device in one or more events configured to respond to at least one of the plurality of requests (Paragraphs 59-60); E) generating new data values associated with the one or more events (Paragraphs 59-60); and F) verifying whether the new data values comprise at least one allowable data value (Paragraphs 59-60). The examiner notes that Wang teaches “instructions being executable by one or more processors on a computing device to perform a method for verifying data, the method comprising: executing a digital asset on the computing device” as “Another aspect includes a transitory computer-readable medium comprising instructions which, when executed by one or more processors, cause the processors to carry out the methods disclosed herein” (Paragraph 3), “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), and “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72). The examiner further notes that a web browser/mobile applications (i.e. examples of a digital asset) are executed on a device with one or more processors. The examiner further notes that Wang teaches “capturing data associated with a plurality of requests from the computing device to a server external to the computing device in response to a user interacting with the digital asset” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36). The examiner further notes that browsing history (i.e. the claimed one or more values in the broadest reasonable interpretation) is “captured” each time a user interacts with a web browser (i.e. a digital asset). The examiner further notes that Wang teaches “obtaining at least one allowable data value associated with the plurality of requests” as “The consent management module 114 enables the user to specify how user data, such as the user's activity on the client device, web browsing history, native applications downloaded or accessed, demographic information, location information, interests, and/or other personal data, is collected and used. In some implementations, the consent management module 114 enables the user to specify, for all recipients and/or each recipient individually, whether the recipient can store and/or access information on the client device 110, use user data to select digital components, use user data to create one or more user profiles, use user data to select personalized digital components (e.g., using the profile(s)), measure the performance of digital components or other content (e.g., based on whether the user interacts with the digital components or other content), and/or to generate audience insights” (Paragraph 36) and “a user may consent to location data being sent to a particular digital component distribution system, but not web browsing history. In this example, the device platform can determine whether the request includes location data or web browsing history data. If the request includes web browsing history data, the device platform can remove the web browsing history data from the request. The device platform can include, in the request data that will be transmitted from the client device, the location data consented to be the user” (Paragraph 78). The examiner further notes that stored consent settings regarding teaches the claimed “associated” at least one allowable data value. The examiner notes that Wang teaches “interacting with the computing device in one or more events configured to respond to at least one of the plurality of requests” as “the client device 110 can request digital components from the digital component distribution system 150. Prior to an application (e.g., a web browser or native application) presenting a digital component, the application can ensure that the user has consented to the digital component being presented. A digital component can include data, e.g., metadata, that specifies the provider (e.g., the digital component distribution system 150, the digital component partner 157, and/or the digital component provider 160) and whether the digital component is a personalized digital component that is selected and/or customized based on the user's data (e.g., based on a user profile generated for the user)” (Paragraph 59) and “Prior to rendering a digital component, the application (e.g., a web browser or native application) can query the consent management module 114 whether the provider has proper user consent to show personalized content to the user. For example, the application can provide, to the consent management module 114, the digital component or metadata fetched previously that specifies the provider and whether the digital component is personalized with the query. The consent management module 114 can determine, based on the current user consent settings and the received digital component or metadata, whether the user has consented to the digital component being presented. The consent management module 114 can then respond to the application with data specifying that the digital component can be presented or not presented. The application can then either present the digital component or block the digital component based on the response from the consent management module 114” (Paragraph 60). The examiner further notes that an “interaction” between remote system 150 and the client computing device results in a “response” of received new data of a digital component and/or metadata. The examiner further notes that Wang teaches “generating new data values associated with the one or more events” as “the client device 110 can request digital components from the digital component distribution system 150. Prior to an application (e.g., a web browser or native application) presenting a digital component, the application can ensure that the user has consented to the digital component being presented. A digital component can include data, e.g., metadata, that specifies the provider (e.g., the digital component distribution system 150, the digital component partner 157, and/or the digital component provider 160) and whether the digital component is a personalized digital component that is selected and/or customized based on the user's data (e.g., based on a user profile generated for the user)” (Paragraph 59) and “Prior to rendering a digital component, the application (e.g., a web browser or native application) can query the consent management module 114 whether the provider has proper user consent to show personalized content to the user. For example, the application can provide, to the consent management module 114, the digital component or metadata fetched previously that specifies the provider and whether the digital component is personalized with the query. The consent management module 114 can determine, based on the current user consent settings and the received digital component or metadata, whether the user has consented to the digital component being presented. The consent management module 114 can then respond to the application with data specifying that the digital component can be presented or not presented. The application can then either present the digital component or block the digital component based on the response from the consent management module 114” (Paragraph 60). The examiner further notes that an “interaction” between remote system 150 and the client computing device results in a “response” of received new data values of a digital component and/or metadata. The examiner further notes that Wang teaches “verifying whether the new data values comprise at least one allowable data value” as “the client device 110 can request digital components from the digital component distribution system 150. Prior to an application (e.g., a web browser or native application) presenting a digital component, the application can ensure that the user has consented to the digital component being presented. A digital component can include data, e.g., metadata, that specifies the provider (e.g., the digital component distribution system 150, the digital component partner 157, and/or the digital component provider 160) and whether the digital component is a personalized digital component that is selected and/or customized based on the user's data (e.g., based on a user profile generated for the user)” (Paragraph 59) and “Prior to rendering a digital component, the application (e.g., a web browser or native application) can query the consent management module 114 whether the provider has proper user consent to show personalized content to the user. For example, the application can provide, to the consent management module 114, the digital component or metadata fetched previously that specifies the provider and whether the digital component is personalized with the query. The consent management module 114 can determine, based on the current user consent settings and the received digital component or metadata, whether the user has consented to the digital component being presented. The consent management module 114 can then respond to the application with data specifying that the digital component can be presented or not presented. The application can then either present the digital component or block the digital component based on the response from the consent management module 114” (Paragraph 60). The examiner further notes that received new data values of a digital component and/or metadata are verified via the use of consent settings. Claim Rejections - 35 USC § 103 17. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 18. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 19. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. 20. Claims 31-33 are rejected under 35 U.S.C. 103 as being unpatentable over Wang et al. (U.S. PGPUB 2022/0414255) as applied to claims 22-29 and 35-40 above, and further in view of Adams et al. (U.S. PGPUB 2020/0167463). 21. Regarding claim 31, Wang does not explicitly teach a system comprising: A) identifying information related to a difference between the data values and the at least one allowable data value; and B) notifying a third party of the difference between the data values and the at least one allowable data value. Adams, however, teaches “identifying information related to a difference between the data values and the at least one allowable data value” as “A difference between the copied deployed content and the content baseline may then be identified (725). The identification (725) may occur through a verifier or other types of verification framework, such as those discussed above. Identification (725) of a difference may include any difference in the content such as differences in the binary, script, config files, log files, directory listing, etc” (Paragraph 82) and “notifying a third party of the difference between the data values and the at least one allowable data value” as “remediation may include providing a copy of identified errors to a third party. The third party may be a party specialized in certain types of remediation or may include interested users of the content. In this situation, the third party may decide on the type of appropriate remediation and either inform the user of how to proceed or otherwise provide instructions to hardware management system 310” (Paragraph 42), “A difference between the copied deployed content and the content baseline may then be identified (725). The identification (725) may occur through a verifier or other types of verification framework, such as those discussed above. Identification (725) of a difference may include any difference in the content such as differences in the binary, script, config files, log files, directory listing, etc” (Paragraph 82), “If a difference is not identified (725), the copied deployed content may be deleted or saved for further use. If a difference is identified (725) a user, system, third party, etc., may be notified that a difference has been identified (725)” (Paragraph 83), and “the copied deployed content may be provided to a third party for remediation or may otherwise be remediated outside of the hardware management system. Specific remediation steps may depend on the differences that are identified (725). Regardless of the type of remediation that occurs, the actions taken may occur out-of-band, thereby not using computing system resources, not effecting the deployed copy, and allowing the content to be verified to the satisfaction of a user” (Paragraph 84). The examiner further notes that the secondary reference of Adams teaches the concept of notifying a 3rd party of identified “differences”. The combination would result in allowing for the notification to a 3rd party of identified “differences” between the allowable and actual values of Wang. It would have been obvious to one of ordinary skill in the art before the effective filing date of instant invention to combine the teachings of the cited references because teaching Adams’s would have allowed Wang’s to provide a method for using specialized entities when dealing with validation, as noted by Adams (Paragraph 42). Regarding claim 32, Wang does not explicitly teach a system comprising: A) receiving a response from the third party; B) wherein the response identifies the difference as one of, an acceptable data value, and an unacceptable data value. Adams, however, teaches “receiving a response from the third party” as “remediation may include providing a copy of identified errors to a third party. The third party may be a party specialized in certain types of remediation or may include interested users of the content. In this situation, the third party may decide on the type of appropriate remediation and either inform the user of how to proceed or otherwise provide instructions to hardware management system 310” (Paragraph 42), “A difference between the copied deployed content and the content baseline may then be identified (725). The identification (725) may occur through a verifier or other types of verification framework, such as those discussed above. Identification (725) of a difference may include any difference in the content such as differences in the binary, script, config files, log files, directory listing, etc” (Paragraph 82), “If a difference is not identified (725), the copied deployed content may be deleted or saved for further use. If a difference is identified (725) a user, system, third party, etc., may be notified that a difference has been identified (725)” (Paragraph 83), and “the copied deployed content may be provided to a third party for remediation or may otherwise be remediated outside of the hardware management system. Specific remediation steps may depend on the differences that are identified (725). Regardless of the type of remediation that occurs, the actions taken may occur out-of-band, thereby not using computing system resources, not effecting the deployed copy, and allowing the content to be verified to the satisfaction of a user” (Paragraph 84) and “wherein the response identifies the difference as one of, an acceptable data value, and an unacceptable data value” as “remediation may include providing a copy of identified errors to a third party. The third party may be a party specialized in certain types of remediation or may include interested users of the content. In this situation, the third party may decide on the type of appropriate remediation and either inform the user of how to proceed or otherwise provide instructions to hardware management system 310” (Paragraph 42), “A difference between the copied deployed content and the content baseline may then be identified (725). The identification (725) may occur through a verifier or other types of verification framework, such as those discussed above. Identification (725) of a difference may include any difference in the content such as differences in the binary, script, config files, log files, directory listing, etc” (Paragraph 82), “If a difference is not identified (725), the copied deployed content may be deleted or saved for further use. If a difference is identified (725) a user, system, third party, etc., may be notified that a difference has been identified (725)” (Paragraph 83), and “the copied deployed content may be provided to a third party for remediation or may otherwise be remediated outside of the hardware management system. Specific remediation steps may depend on the differences that are identified (725). Regardless of the type of remediation that occurs, the actions taken may occur out-of-band, thereby not using computing system resources, not effecting the deployed copy, and allowing the content to be verified to the satisfaction of a user” (Paragraph 84). The examiner further notes that the secondary reference of Adams teaches the concept of notifying a 3rd party of identified “differences”, who in turn provides remediation responses (which entails a response of an unacceptable value). The combination would result in allowing for the notification (and subsequent response from) to a 3rd party of identified “differences” between the allowable and actual values of Wang. It would have been obvious to one of ordinary skill in the art before the effective filing date of instant invention to combine the teachings of the cited references because teaching Adams’s would have allowed Wang’s to provide a method for using specialized entities when dealing with validation, as noted by Adams (Paragraph 42). Regarding claim 33, Wang further teaches a method comprising: A) wherein: the digital touchpoint is one of a website and an application associated with the computing device (Paragraphs 28-29 and 72). The examiner notes that Wang teaches “wherein the digital touchpoint is an application” as “A client device 110 typically includes applications 112, such as web browsers and/or native applications, that run in the device platform 113 and that facilitate the sending and receiving of data over the network 105. A native application is an application developed for a particular platform or a particular device” (Paragraph 28), “A web browser can request a resource 145 from a web server that hosts a website 140 of a publisher 130, e.g., in response to the user of the client device 110 entering the resource address for the resource 145 in an address bar of the web browser or selecting a link that references the resource address” (Paragraph 29), and “a device platform of a client device can transmit requests on behalf of applications, such as web browser and native applications. The applications can provide the data of the requests to the device platform and data indicating whether the requests include user data. In another example, the device platform can evaluate the data received from the applications and determine that the request will include user data. In another example, the browser or native applications will query the user consent settings prior to generating and sending a request” (Paragraph 72). The examiner further notes that an executing web-browser/applications teaches the claimed digital touchpoint. Wang does not explicitly teach: B) further comprising notifying a third party of a difference between a new data values and the at least one allowable data value comprising providing a notification related to one or more of: a percent of total amount of new values comprising the difference, a percent of new values associated with the digital touchpoint comprising the difference, a number of new values across at least one of an entire digital touchpoint and an identified portion of the digital touchpoint comprising the difference, an event type associated with the difference, a network request type associated with the difference, device attributes associated with the difference; one of a time and a time window associated with the difference; the difference comprises at least one of, missing data, malformed data, unanticipated data, and new data, a user location associated with the difference; and a state of one or more of a document object model and a JavaScript associated with the document object model. Adams, however, teaches “further comprising notifying a third party of a difference between a new data values and the at least one allowable data value comprising providing a notification related to one or more of: a percent of total amount of new values comprising the difference, a percent of new values associated with the digital touchpoint comprising the difference, a number of new values across at least one of an entire digital touchpoint and an identified portion of the digital touchpoint comprising the difference, an event type associated with the difference, a network request type associated with the difference, device attributes associated with the difference; one of a time and a time window associated with the difference; the difference comprises at least one of, missing data, malformed data, unanticipated data, and new data, a user location associated with the difference; and a state of one or more of a document object model and a JavaScript associated with the document object model” as “remediation may include providing a copy of identified errors to a third party. The third party may be a party specialized in certain types of remediation or may include interested users of the content. In this situation, the third party may decide on the type of appropriate remediation and either inform the user of how to proceed or otherwise provide instructions to hardware management system 310” (Paragraph 42), “A difference between the copied deployed content and the content baseline may then be identified (725). The identification (725) may occur through a verifier or other types of verification framework, such as those discussed above. Identification (725) of a difference may include any difference in the content such as differences in the binary, script, config files, log files, directory listing, etc” (Paragraph 82), “If a difference is not identified (725), the copied deployed content may be deleted or saved for further use. If a difference is identified (725) a user, system, third party, etc., may be notified that a difference has been identified (725)” (Paragraph 83), and “the copied deployed content may be provided to a third party for remediation or may otherwise be remediated outside of the hardware management system. Specific remediation steps may depend on the differences that are identified (725). Regardless of the type of remediation that occurs, the actions taken may occur out-of-band, thereby not using computing system resources, not effecting the deployed copy, and allowing the content to be verified to the satisfaction of a user” (Paragraph 84). The examiner further notes that the secondary reference of Adams teaches the concept of notifying a 3rd party of identified “differences” (which are “related” to unanticipated data in the broadest reasonable interpretation). The combination would result in allowing for the notification to a 3rd party of identified “differences” between the allowable and actual values of Wang. It would have been obvious to one of ordinary skill in the art before the effective filing date of instant invention to combine the teachings of the cited references because teaching Adams’s would have allowed Wang’s to provide a method for using specialized entities when dealing with validation, as noted by Adams (Paragraph 42). 19. Claim 34 is rejected under 35 U.S.C. 103 as being unpatentable over Wang et al. (U.S. PGPUB 2022/0414255) as applied to claims 22-29 and 35-40 above, and further in view of Ikram et al. (U.S. PGPUB 2020/0394295). 20. Regarding claim 34, Wang does not explicitly teach a method comprising: A) identifying an event type for the at least one event; B) when the data values comprise an acceptable data value, the method further comprises recognizing the event type as an allowable event type; and C) recognizing data values associated with the event type as allowable data values. Ikram, however, teaches “identifying an event type for the at least one event” as “the system extension 100 may register for, or subscribe to, one or more events or event types called within the operating system. For example, the system extension 100 may register with the operating system one or more events such that, when the operating system detects the events being called by an application or process, the operating system transmits (e.g., via Apple's Endpoint Security) an event notification to the system extension 100” (Paragraph 39), “when the data values comprise an acceptable data value, the method further comprises recognizing the event type as an allowable event type” as “the system extension 100 may leverage whitelists and blacklists for determining if a particular event should be allowed to execute. In the present embodiment, the exemplary system extension 100 includes a whitelist 115 and a blacklist 118. As shown in the present embodiment, the whitelist 115 includes event metadata such as “WordProcessor” and “MemoryCleanup.” Accordingly, if the operating system transmits an event notification to the queue 103 that includes this whitelisted metadata, the system extension 100 may instruct the operating system to automatically allow and execute the event without performing any additional safeness processing” (Paragraph 40), and “recognizing data values associated with the event type as allowable data values” as “the system extension 100 may leverage whitelists and blacklists for determining if a particular event should be allowed to execute. In the present embodiment, the exemplary system extension 100 includes a whitelist 115 and a blacklist 118. As shown in the present embodiment, the whitelist 115 includes event metadata such as “WordProcessor” and “MemoryCleanup.” Accordingly, if the operating system transmits an event notification to the queue 103 that includes this whitelisted metadata, the system extension 100 may instruct the operating system to automatically allow and execute the event without performing any additional safeness processing” (Paragraph 40). The examiner further notes that the secondary reference of Ikram teaches the concept of ascertaining event types of an event, recognizing an event type as allowable based on allowable metadata (i.e. data values in the broadest reasonable interpretation) that is recognized. The combination would result in the determination of allowable events via the use of the determined event types for Wang. It would have been obvious to one of ordinary skill in the art before the effective filing date of instant invention to combine the teachings of the cited references because teaching Ikram’s would have allowed Wang’s to provide a method for controlling applications via identified events, as noted by Ikram (Paragraph 3). Allowable Subject Matter 21. Claim 30 would be allowable if rewritten to overcome the rejection(s) under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action and to include all of the limitations of the base claim and any intervening claims. Specifically, although the prior art (See Wang and Lisuk) clearly teaches the validation of data via the consultation of allowable data values, the detailed claim language directed towards the use of all of the defined patterns, relationships between the events, and relationships between the difference data is not found in the prior art, in conjunction with the rest of the limitations of the parent claims. Response to Arguments 22. Applicant’s arguments with respect to claims 22-40 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument (See newly applied references of Wang, Adams, and Ikram). Conclusion 23. The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. U.S. PGPUB 2014/0082482 issued to Seolas et al. on 20 March 2014. The subject matter disclosed therein is pertinent to that of claims 22-40 (e.g., methods to validate data). U.S. PGPUB 2022/0197888 issued to Wang et al. on 23 June 2022. The subject matter disclosed therein is pertinent to that of claims 22-40 (e.g., methods to validate data). Contact Information 24. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Mahesh Dwivedi whose telephone number is (571) 272-2731. The examiner can normally be reached on Monday to Friday 8:20 am – 4:40 pm. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Charles Rones can be reached (571) 272-4085. The fax number for the organization where this application or proceeding is assigned is (571) 273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). Mahesh Dwivedi Primary Examiner Art Unit 2168 April 08, 2026 /MAHESH H DWIVEDI/Primary Examiner, Art Unit 2168
Read full office action

Prosecution Timeline

Show 11 earlier events
Nov 18, 2025
Examiner Interview Summary
Nov 18, 2025
Applicant Interview (Telephonic)
Jan 29, 2026
Request for Continued Examination
Feb 08, 2026
Response after Non-Final Action
Apr 10, 2026
Non-Final Rejection mailed — §102, §103, §112
Jul 08, 2026
Interview Requested
Jul 16, 2026
Examiner Interview Summary
Jul 16, 2026
Applicant Interview (Telephonic)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12675526
METHOD, DEVICE, STORAGE MEDIUM AND PROGRAM PRODUCT FOR MUSIC SCREENING
2y 6m to grant Granted Jul 07, 2026
Patent 12664453
EFFICIENT SCHEDULING OF PAULI-TERMS FOR QUANTUM COMPUTING
2y 11m to grant Granted Jun 23, 2026
Patent 12651022
METHODS AND APPARATUSES FOR PREVENTING SPOILERS IN AUTOCOMPLETED SEARCH QUERIES
2y 1m to grant Granted Jun 09, 2026
Patent 12651166
Music Release Disambiguation using Multi-Modal Neural Networks
1y 4m to grant Granted Jun 09, 2026
Patent 12639257
FILE SYSTEM CONTENT ARCHIVING BASED ON THIRD-PARTY APPLICATION ARCHIVING RULES AND METADATA
1y 9m to grant Granted May 26, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
69%
Grant Probability
74%
With Interview (+4.3%)
3y 7m (~0m remaining)
Median Time to Grant
High
PTA Risk
Based on 759 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month