SYSTEMS AND METHODS FOR DATA ACCESS AND DELETION IN DISTRIBUTED SERVICE SYSTEMS

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Amendment The Request for Continued Examination (RCE) filled on 09/23/2025 has been accepted and considered in this office action. Claims 1, 14 and 20 have been amended. No claims have been cancelled. No new claims have been added. Response to Arguments Applicant’s argument with respect to claims 1-20 as amended have been considered but are moot because of the discovery of new reference Faitelson (US 20200302081 A1) and being used in the current rejection under new grounds of rejection necessitated by amendment. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 8, 9, 13, 14 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Faitelson (US 20200302081 A1) in view of Bluhm (US 7941431 B2). Regarding Claim 1, Faitelson teaches: receiving, by the first computing system, a request from a user system to access user data stored at the distributed service provider system, the request comprising a user identifier associated with the user data; (Faitelson, para 46, 47, discloses that a request may be made by user using online form for user's PDIs maintained in the computerized system, and the users, and the identifying information such as name, Social security number, phone number, address, date of birth may be entered.); generating, by the distributed service provider system, a plurality of service system request messages that each request a service system of the plurality of service systems to determine whether the service system stores the user data, each of the plurality of service system request messages comprising the user identifier (Faitelson, para 75 discloses PDI management application sends instructions to plurality of computerized devices to perform searches for user's PDIs in the data elements stored in the plurality of storage devices. It is inherent to send the instructions PDI generates those instructions.); transmitting, by the distributed service provider system, a service system request message to each of the plurality of service systems (Faitelson, para 75 discloses PDI management application 80 may instruct the plurality of computerized devices 20 to search for the user's PDI (personal digital identifiers) in data elements respectively stored in the plurality of storage devices.); searching, by each of the plurality of service systems, a data store that is respectively managed by said each of the plurality of service systems, for the user data associated with the user identifier (Faitelson, para 75 discloses PDI management application 80 may instruct the plurality of computerized devices 20 to search for the user's PDI (personal digital identifiers) in data elements respectively stored in the plurality of storage devices.); the data within the data stores of the plurality of service systems comprising annotations associated with sensitivity of the data and of users to which the data belongs (Faitelson, para 56 discloses data element 70, which may include PDIs of the user; Each data element 70_m may include data 72, metadata 74 (e.g., specifies in part, a location and/or permissions of data element 70_m), and/or a classification 76 (e.g., secret, important, or private); para 93) and the plurality of service systems searches the respective data store to determine whether said each of the plurality of service systems has the user data stored within the respective data store (Faitelson, para 75 discloses that each computerized device performs a search of its respective storage to locate user PDIs); receiving, by the distributed service provider system, a response message from each of the plurality of service systems, indicating whether said each of the plurality of service system has the user data stored within the respective data store (Faitelson, para 100 discloses receiving personal digital identifiers for identifying a user by a processor from the plurality of processors respectively in a computerized device from the plurality of computerized devices.) generating, by the first computing system of the distributed service provider system, a link for rendering at the user system a graphical user interface that provides information corresponding to the user data stored at the distributed service provider system (Faitelson, Fig. 6, discloses GUI 82 and personal digital footprint (PDF) 350 presented to the user as output; para 73, Faitelson discloses emailing links to the digital form to the user.); and transmitting, by the first computing system of the distributed service provider system to the user system, the link (Faitelson, para 73, discloses emailing links to the digital form to the user.); Faitelson does not explicitly teach, However Bluhm teaches: Wherein the plurality of service system each uses a common library of function to search the respective data store based on annotations (Bluhm, Fig.2, discloses multiple resource applications 15 pass respective user inquiry messages to a set of shared systems/tools; Fig. 3, Bluhm discloses a shared search component used with one or more database/data collections 30a, 30b, and metadata files 50a, 50b); It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Faitelson by incorporating the shared system services and common search infrastructure of Bluhm. One would be motivated to make this combination to provide a reusable and centralized set of search function across the plurality of service systems, thereby ensuring consistent search behavior, reducing redundant implementation, improving scalability, and decreasing development and maintenance costs. Regarding Claim 8, Faitelson/Bluhm teaches the method of claim 1: Faitelson teaches: the plurality of service system request messages are generated ((Faitelson, para 75 discloses PDI management application sends instructions to plurality of computerized devices to perform searches for user's PDIs in the data elements stored in the plurality of storage devices. It is inherent to send the instructions PDI generates those instructions); the service system request message is transmitted to each of the plurality of service (Faitelson, para 75 discloses PDI management application 80 may instruct the plurality of computerized devices 20 to search for the user's PDI (personal digital identifiers) in data elements respectively stored in the plurality of storage devices.); the response message is received from each of the plurality of service systems by a second computing system of the distributed service provider system (Faitelson, para 100 discloses receiving personal digital identifiers for identifying a user by a processor from the plurality of processors respectively in a computerized device from the plurality of computerized devices.) Regarding Claim 9, Faitelson/Bluhm teach the method of claim 8: Faitelson teaches: the first computing system provides a front-end user interface to the user system (Faitelson, para 5, 58, discloses a GUI module that provides a user-facing interface.) wherein the second computing system provides an interface between the first computing system and the plurality of service systems (Faitelson, para 75, discloses that the application communicates with an instructs a plurality of computerized devices to perform search for user’s PDIs stored in plurality of storage devices. This implies the application servers as an interface between the GUI and the plurality of devices.) Regarding Claim 13, Faitelson/Bluhm teach the method of claim 1: Faitelson teaches: data managed within the data stores of the plurality of service systems is annotated with information indicative of users to which the data belongs, (Faitelson, para 56 discloses data element 70, which may include PDIs of the user; Each data element 70_m may include data 72, metadata 74 (e.g., specifies in part, a location and/or permissions of data element 70_m), and/or a classification 76 (e.g., secret, important, or private); para 93) wherein the plurality of service systems search the data within the data stores (Faitelson, para 75 discloses that each computerized device performs a search of its respective storage to locate user PDIs); Faitelson does not explicitly teach, However Bluhm teaches: Wherein the plurality of service system each uses a common library of function to search the respective data store based on annotations (Bluhm, Fig.2, discloses multiple resource applications 15 pass respective user inquiry messages to a set of shared systems/tools; Fig. 3, Bluhm discloses a shared search component used with one or more database/data collections 30a, 30b, and metadata files 50a, 50b); It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Faitelson by incorporating the shared system services and common search infrastructure of Bluhm. One would be motivated to make this combination to provide a reusable and centralized set of search function across the plurality of service systems, thereby ensuring consistent search behavior, reducing redundant implementation, improving scalability, and decreasing development and maintenance costs. Regarding Claim 14, Faitelson teaches: receiving, by the first computing system, a request from a user system to access user data stored at the distributed service provider system, the request comprising a user identifier associated with the user data; (Faitelson, para 46, 47, discloses that a request may be made by user using online form for user's PDIs maintained in the computerized system, and the users, and the identifying information such as name, Social security number, phone number, address, date of birth may be entered.); generating, by the distributed service provider system, a plurality of service system request messages that each request a service system of the plurality of service systems to determine whether the service system stores the user data, each of the plurality of service system request messages comprising the user identifier (Faitelson, para 75 discloses PDI management application sends instructions to plurality of computerized devices to perform searches for user's PDIs in the data elements stored in the plurality of storage devices. It is inherent to send the instructions PDI generates those instructions.); transmitting, by the distributed service provider system, a service system request message to each of the plurality of service systems (Faitelson, para 75 discloses PDI management application 80 may instruct the plurality of computerized devices 20 to search for the user's PDI (personal digital identifiers) in data elements respectively stored in the plurality of storage devices.); searching, by each of the plurality of service systems, a data store that is respectively managed by said each of the plurality of service systems, for the user data associated with the user identifier (Faitelson, para 75 discloses PDI management application 80 may instruct the plurality of computerized devices 20 to search for the user's PDI (personal digital identifiers) in data elements respectively stored in the plurality of storage devices.); the data within the data stores of the plurality of service systems comprising annotations associated with sensitivity of the data and of users to which the data belongs (Faitelson, para 56 discloses data element 70, which may include PDIs of the user; Each data element 70_m may include data 72, metadata 74 (e.g., specifies in part, a location and/or permissions of data element 70_m), and/or a classification 76 (e.g., secret, important, or private); para 93) and the plurality of service systems searches the respective data store to determine whether said each of the plurality of service systems has the user data stored within the respective data store (Faitelson, para 75 discloses that each computerized device performs a search of its respective storage to locate user PDIs); receiving, by the distributed service provider system, a response message from each of the plurality of service systems, indicating whether said each of the plurality of service system has the user data stored within the respective data store (Faitelson, para 100 discloses receiving personal digital identifiers for identifying a user by a processor from the plurality of processors respectively in a computerized device from the plurality of computerized devices.) generating, by the first computing system of the distributed service provider system, a link for rendering at the user system a graphical user interface that provides information corresponding to the user data stored at the distributed service provider system (Faitelson, Fig. 6, discloses GUI 82 and personal digital footprint (PDF) 350 presented to the user as output; para 73, Faitelson discloses emailing links to the digital form to the user.); and transmitting, by the first computing system of the distributed service provider system to the user system, the link (Faitelson, para 73, discloses emailing links to the digital form to the user.); Faitelson does not explicitly teach, However Bluhm teaches: Wherein the plurality of service system each uses a common library of function to search the respective data store based on annotations (Bluhm, Fig.2, discloses multiple resource applications 15 pass respective user inquiry messages to a set of shared systems/tools; Fig. 3, Bluhm discloses a shared search component used with one or more database/data collections 30a, 30b, and metadata files 50a, 50b); It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Faitelson by incorporating the shared system services and common search infrastructure of Bluhm. One would be motivated to make this combination to provide a reusable and centralized set of search function across the plurality of service systems, thereby ensuring consistent search behavior, reducing redundant implementation, improving scalability, and decreasing development and maintenance costs. Regarding Claim 20, Barday teaches: receive, by the first computing system, a request from a user system to access user data stored at the distributed service provider system, the request comprising a user identifier associated with the user data; (Faitelson, para 46, 47, discloses that a request may be made by user using online form for user's PDIs maintained in the computerized system, and the users, and the identifying information such as name, Social security number, phone number, address, date of birth may be entered.); generate a plurality of service system request messages that each request a service system of the plurality of service systems to determine whether the service system stores the user data, each of the plurality of service system request messages comprising the user identifier (Faitelson, para 75 discloses PDI management application sends instructions to plurality of computerized devices to perform searches for user's PDIs in the data elements stored in the plurality of storage devices. It is inherent to send the instructions PDI generates those instructions.); transmit service system request message to each of the plurality of service systems (Faitelson, para 75 discloses PDI management application 80 may instruct the plurality of computerized devices 20 to search for the user's PDI (personal digital identifiers) in data elements respectively stored in the plurality of storage devices.); searching, by each of the plurality of service systems, a data store that is respectively managed by said each of the plurality of service systems, for the user data associated with the user identifier (Faitelson, para 75 discloses PDI management application 80 may instruct the plurality of computerized devices 20 to search for the user's PDI (personal digital identifiers) in data elements respectively stored in the plurality of storage devices.); the data within the data stores of the plurality of service systems comprising annotations associated with sensitivity of the data and of users to which the data belongs (Faitelson, para 56 discloses data element 70, which may include PDIs of the user; Each data element 70_m may include data 72, metadata 74 (e.g., specifies in part, a location and/or permissions of data element 70_m), and/or a classification 76 (e.g., secret, important, or private); para 93) and the plurality of service systems searches the respective data store to determine whether said each of the plurality of service systems has the user data stored within the respective data store (Faitelson, para 75 discloses that each computerized device performs a search of its respective storage to locate user PDIs); receive a response message from each of the plurality of service systems, indicating whether said each of the plurality of service system has the user data stored within the respective data store (Faitelson, para 100 discloses receiving personal digital identifiers for identifying a user by a processor from the plurality of processors respectively in a computerized device from the plurality of computerized devices.) generate, by the first computing system of the distributed service provider system, a link for rendering at the user system a graphical user interface that provides information corresponding to the user data stored at the distributed service provider system (Faitelson, Fig. 6, discloses GUI 82 and personal digital footprint (PDF) 350 presented to the user as output; para 73, Faitelson discloses emailing links to the digital form to the user.); and transmit, by the first computing system of the distributed service provider system to the user system, the link (Faitelson, para 73, discloses emailing links to the digital form to the user.); Faitelson does not explicitly teach, However Bluhm teaches: Wherein the plurality of service system each uses a common library of function to search the respective data store based on annotations (Bluhm, Fig.2, discloses multiple resource applications 15 pass respective user inquiry messages to a set of shared systems/tools; Fig. 3, Bluhm discloses a shared search component used with one or more database/data collections 30a, 30b, and metadata files 50a, 50b); It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Faitelson by incorporating the shared system services and common search infrastructure of Bluhm. One would be motivated to make this combination to provide a reusable and centralized set of search function across the plurality of service systems, thereby ensuring consistent search behavior, reducing redundant implementation, improving scalability, and decreasing development and maintenance costs. Claims 6 is rejected under 35 U.S.C. 103 as being unpatentable over Faitelson (US 20200302081 A1) in view of Bluhm (US 7941431 B2) in view of Barday (US20200342137A1). Regarding Claim 6, Faitelson/Bluhm teaches the method of claim 1: Faitelson/Bluhm does not explicitly teach; However, Barday teaches: the link is an ephemeral link (Barday, page 45, para 392, discloses that a data subject access request fulfillment system (which may, for example, be the Data Subject Access Request Processing System 4500 described above) is configured to generate a unique URL (e.g., a unique URL that is permanently or temporarily only configured for use with the particular request)). Both Barday and Faitelson addresses the broader goal of identifying, locating and managing user-related data across distributed computing system in a scalable and efficient manner. It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Faitelson/Bluhm system by incorporating Barday’s technique of generating unique URLs that are temporarily configured for use with a particular request. One would be motivated to make this modification to enhance security, prevent unauthorized or automated access, and ensure controlled access to sensitive user data, especially in context of privacy regulations such as GDPR. Claims 2, 3, 15 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Faitelson (US 20200302081 A1) in view of Bluhm (US 7941431 B2) in view of Todd (US 8837739 B1) in view of Barday (US20200342137A1). Regarding Claim 2, Faitelson/Bluhm teaches the method of claim 1: Faitelson/Bluhm does not explicitly teach; However, Todd teaches: in response to the first computing system of the service provider system receiving selection of the link, presenting a series of security questions to the user system (Todd, Column 5, lines 2-3, discloses that the encrypted message 310 is delivered to the recipient 306, then the new message 310 contains a link which is selected 314 by the recipient 306.); wherein each of the series of security questions comprises a request of the user to complete incomplete user data associated with the user identifier and found within data stores managed by the service systems (Todd, Column 5, lines 3-6, discloses that the user is taken to a webpage 316 where the recipient 306 will have to answer one or more security questions (e.g. last four digits of their office telephone number, birthdate, home address, etc.).); and in response to receipt of completed user data for each of the series of security questions matching the user data associated with the user identifier and found within data stores managed by the service systems, generating the graphical user interface that renders at the user system the information corresponding to the user data stored at the service provider system (Todd, Column 5, lines 7-9, discloses that once the recipient 306 is authenticated, the encrypted e-mail may be displayed to the recipient 306.) Todd does not teach; However, Faitelson teaches: Wherein the service provider system is distributed service provider system (Faitelson, para 50, 52, 75 discloses a plurality if interconnected computerized devices communicating over a network and storing data across plurality of storage devices.) Faitelson and Todd address the broader goal of distributed systems for managing and accessing data in a scalable and efficient and secure manner. It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Faitelson/Bluhm system by incorporating from a link and security questions from Todd system to ensure data integrity and efficient and secure data retrieval from data storage. One would be motivated to make this combination to achieve a robust system, improve network efficiency and efficient data retrieval and secure communication between systems. Regarding Claim 3, Faitelson/Bluhm/Todd collectively teach the method of claim 2: Todd does not explicitly teach; However, Barday teaches: receiving, by the first computing system of the distributed service provider system, a request of the user to delete a first user data rendered within the graphical user interface and stored at the distributed service provider system, the request received in response to user selection of an element associated with the first user data and rendered within the graphical user interface (Barday, page 40, para 344, discloses the system receives the request via a suitable web form… the request may include a request to delete one or more pieces of persona; data stored by the system regarding the requestor; page 9, para 67, Barday further provides Fig. 51 that depicts an exemplary screen and the GUI which may display information associated with the system or enable access to, or interaction with, the system by one or more users (e.g., for the purpose of modifying one or more data retention rules related to one or more pieces of data associated with one or more data subject access requests).); generating, by the first computing system of the distributed service provider system, one or more service system data deletion messages that each request a respective one of the plurality of service systems to delete user data associated with the user identifier from the data store managed by a corresponding service system, wherein service system data deletion messages are transmitted to a subset of the plurality of service systems that store the first user data requested to be deleted (Barday, page 41, para 356, discloses in response to determining the location of the data (e.g., which may be on multiple computing systems), automatically facilitate the deletion of the data subject's personal data from the system (e.g., by automatically assigning a plurality of tasks to delete data across multiple computer systems to effectively delete the data subject's personal data from the system or systems).); transmitting the service system data deletion messages to each service system of the subset of the plurality of service systems causing each service system of the subset of the plurality of service systems to delete the first user data (Barday, page 41, para 356, discloses in response to determining the location of the data (e.g., which may be on multiple computing systems), automatically facilitate the deletion of the data subject's personal data from the system (e.g., by automatically assigning a plurality of tasks to delete data across multiple computer systems to effectively delete the data subject's personal data from the system or systems).); and updating the graphical user interface to indicate the first user data has been deleted from the distributed service provider system (Barday, Fig. 17 and 20; provides remove and delete tab in the GUI.) Barday, Bluhm, Faitelson and Todd address the broader goal of distributed systems for managing and accessing data in a scalable and efficient and secure manner. It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Faitelson/Bluhm/Todd system by incorporating data deletion technique from Barday system to ensure data integrity and efficient data retrieval from data storage. One would be motivated to make this combination to achieve a robust system, improve network efficiency and efficient and secure data retrieval. Regarding Claim 15, Faitelson/Bluhm collectively teaches the medium of claim 14: Faitelson/Bluhm does not explicitly teach: in response to the first computing system of the distributed service provider system receiving selection of the link, presenting a series of security questions to the user system, wherein each of the series of security questions comprises a request of the user to complete incomplete user data associated with the user identifier and found within each data store managed respectively by one of the plurality of service systems; and in response to receipt of completed user data for each of the series of security questions matching the user data associated with the user identifier and found within each data store managed respectively by one of the plurality of service systems, generating the graphical user interface that renders at the user system the information corresponding to the user data stored at the service provider system; However, Todd teaches: in response to the first computing system of the service provider system receiving selection of the link, presenting a series of security questions to the user system (Todd, Column 5, lines 2-3, discloses that the encrypted message 310 is delivered to the recipient 306, then the new message 310 contains a link which is selected 314 by the recipient 306.); wherein each of the series of security questions comprises a request of the user to complete incomplete user data associated with the user identifier and found within each data store managed respectively by one of the plurality of service systems (Todd, Column 5, lines 3-6, discloses that the user is taken to a webpage 316 where the recipient 306 will have to answer one or more security questions (e.g. last four digits of their office telephone number, birthdate, home address, etc.).); and in response to receipt of completed user data for each of the series of security questions matching the user data associated with the user identifier and found within each data store managed respectively by one of the plurality of service systems, generating the graphical user interface that renders at the user system the information corresponding to the user data stored at the service provider system (Todd, Column 5, lines 7-9, discloses that Once the recipient 306 is authenticated, the encrypted e-mail may be displayed to the recipient 306.) Todd does not teach; However, Faitelson teaches: Wherein the service provider system is distributed service provider system (Faitelson, para 50, 52, 75 discloses a plurality if interconnected computerized devices communicating over a network and storing data across plurality of storage devices.) Faitelson and Todd address the broader goal of distributed systems for managing and accessing data in a scalable and efficient and secure manner. It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Faitelson/Bluhm system by incorporating from a link and security questions from Todd system to ensure data integrity and efficient and secure data retrieval from data storage. One would be motivated to make this combination to achieve a robust system, improve network efficiency and efficient data retrieval and secure communication between systems. Regarding Claim 16, Faitelson/Bluhm/Todd collectively teach the medium of claim 15: Todd does not explicitly teach: receiving, by the first computing system of the distributed service provider system, a request of the user to delete a first user data rendered within the graphical user interface and stored at the distributed service provider system, the request received in response to user selection of an element associated with the first user data and rendered within the graphical user interface; generating, by the first computing system of the distributed service provider system, one or more service system data deletion messages that each request a respective one of the plurality of service systems to delete user data associated with the user identifier from the data store managed by a corresponding service system, wherein service system data deletion messages are transmitted to a subset of the plurality of service systems that store the first user data requested to be deleted; transmitting the service system data deletion messages to each service system of the subset of the plurality of service systems causing each service system of the subset of the plurality of service systems to delete the first user data; and updating the graphical user interface to indicate the first user data has been deleted from the distributed service provider system. However, Barday teaches: receiving, by the first computing system of the distributed service provider system, a request of the user to delete a first user data rendered within the graphical user interface and stored at the distributed service provider system, the request received in response to user selection of an element associated with the first user data and rendered within the graphical user interface (Barday, page 40, para 344, discloses the system receives the request via a suitable web form… the request may include a request to delete one or more pieces of persona; data stored by the system regarding the requestor; page 9, para 67, Barday further provides Fig. 51 that depicts an exemplary screen and the GUI which may display information associated with the system or enable access to, or interaction with, the system by one or more users (e.g., for the purpose of modifying one or more data retention rules related to one or more pieces of data associated with one or more data subject access requests).); generating, by the first computing system of the distributed service provider system, one or more service system data deletion messages that each request a respective one of the plurality of service systems to delete user data associated with the user identifier from the data store managed by a corresponding service system, wherein service system data deletion messages are transmitted to a subset of the plurality of service systems that store the first user data requested to be deleted (Barday, page 41, para 356, discloses in response to determining the location of the data (e.g., which may be on multiple computing systems), automatically facilitate the deletion of the data subject's personal data from the system (e.g., by automatically assigning a plurality of tasks to delete data across multiple computer systems to effectively delete the data subject's personal data from the system or systems).); transmitting the service system data deletion messages to each service system of the subset of the plurality of service systems causing each service system of the subset of the plurality of service systems to delete the first user data (Barday, page 41, para 356, discloses in response to determining the location of the data (e.g., which may be on multiple computing systems), automatically facilitate the deletion of the data subject's personal data from the system (e.g., by automatically assigning a plurality of tasks to delete data across multiple computer systems to effectively delete the data subject's personal data from the system or systems).); and updating the graphical user interface to indicate the first user data has been deleted from the distributed service provider system (Barday, Fig. 17 and 20; provides remove and delete tab in the GUI.) Barday, Faitelson and Todd address the broader goal of distributed systems for managing and accessing data in a scalable and efficient and secure manner. It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Faitelson/Bluhm/Todd system by incorporating data deletion technique from Barday system to ensure data integrity and efficient data retrieval from data storage. One would be motivated to make this combination to achieve a robust system, improve network efficiency and efficient and secure data retrieval. Claims 4 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Faitelson in view of Bluhm in view of Todd in view of Barday further in view of Hyun (KR20080085110 A) further in view of Metzger (US8527773B1) Regarding Claim 4, Barday, Faitelson, Bluhm and Todd collectively teach the method of claim 2: Barday, Faitelson, Bluhm and Todd do not explicitly teach: receiving a notification from the user system that the information corresponding to the user data stored at the distributed service provider system is incomplete; receiving a second user data purported to be stored by the distributed service provider system; when the second user data matches data stored within one or more of the plurality of service systems, annotating user data stored within each of the one or more of the plurality of service systems with the user identifier; and updating the information rendered by the graphical user interface to indicate the second user data is stored by the system. However, Hyun teaches: receiving a notification from the user system that the information corresponding to the user data stored at the distributed service provider system is incomplete (Hyun, page 134, lines 9428-9432; provides if a user unique identification code corresponding to the decrypted fingerprint information is not confirmed, the biometric information management server (5600) can notify the server (or the card company server (5500)) of the absence of the corresponding unique identification code (5732)); receiving a second user data purported to be stored by the distributed service provider system (Hyun, page 134, line 9432; provides that the user unique identification information is received at the company server); when the second user data matches data stored within one or more of the plurality of service systems, annotating user data stored within each of the one or more of the plurality of service systems with the user identifier (Hyun, page 134, lines 9428-9432; provides that the card company server (5500) verifies the user information corresponding to the card information, and performs user authentication by comparing the verified user information with the user unique identification information (5736)); Hyun does not explicitly teach: updating the information rendered by the graphical user interface to indicate the second user data is stored by the distributed service provider system. However, Metzger teaches: updating the information rendered by the graphical user interface to indicate the second user data is stored by the system (Metzger, Fig. 7; provides a graphical web interface storing the information); Metzger does not explicitly teach: Wherein the service provider system is distributed service provider system. However, Faitelson teaches: Wherein the service provider system is distributed service provider system (Faitelson, para 50, 52, 75 discloses a plurality if interconnected computerized devices communicating over a network and storing data across plurality of storage devices.) Barday, Faitelson, Todd, Hyun and Metzger address the broader goal of distributed systems for managing and accessing data in a scalable and efficient and secure manner. It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Barday/Faitelson/Todd/Bluhm system by incorporating notifying and supplying information to the system from Hyun/Metzger system to ensure data integrity and efficient data retrieval from data storage. One would be motivated to make this combination to achieve a robust system, improve network efficiency and efficient and secure data retrieval. Regarding Claim 17, Barday, Faitelson, Bluhm and Todd collectively teach the medium of claim 15: Barday, Faitelson, Bluhm and Todd do not explicitly teach: receiving a notification from the user system that the information corresponding to the user data stored at the distributed service provider system is incomplete; receiving a second user data purported to be stored by the distributed service provider system; when the second user data matches data stored within one or more of the plurality of service systems, annotating user data stored within each of the one or more of the plurality of service systems with the user identifier; and updating the information rendered by the graphical user interface to indicate the second user data is stored by the system. However, Hyun teaches: receiving a notification from the user system that the information corresponding to the user data stored at the distributed service provider system is incomplete (Hyun, page 134, lines 9428-9432; provides if a user unique identification code corresponding to the decrypted fingerprint information is not confirmed, the biometric information management server (5600) can notify the server (or the card company server (5500)) of the absence of the corresponding unique identification code (5732)); receiving a second user data purported to be stored by the distributed service provider system (Hyun, page 134, line 9432; provides that the user unique identification information is received at the company server); when the second user data matches data stored within one or more of the plurality of service systems, annotating user data stored within each of the one or more of the plurality of service systems with the user identifier (Hyun, page 134, lines 9428-9432; provides that the card company server (5500) verifies the user information corresponding to the card information, and performs user authentication by comparing the verified user information with the user unique identification information (5736)); Hyun does not explicitly teach: updating the information rendered by the graphical user interface to indicate the second user data is stored by the distributed service provider system. However, Metzger teaches: updating the information rendered by the graphical user interface to indicate the second user data is stored by the system (Metzger, Fig. 7; provides a graphical web interface storing the information); Metzger does not explicitly teach: Wherein the service provider system is distributed service provider system. However, Faitelson teaches: Wherein the service provider system is distributed service provider system (Faitelson, para 50, 52, 75 discloses a plurality if interconnected computerized devices communicating over a network and storing data across plurality of storage devices.) Barday, Faitelson, Todd, Barday, Bluhm, Hyun and Metzger address the broader goal of distributed systems for managing and accessing data in a scalable and efficient and secure manner. It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Barday/Faitelson/Todd/Bluhm system by incorporating notifying and supplying information to the system from Hyun/Metzger system to ensure data integrity and efficient data retrieval from data storage. One would be motivated to make this combination to achieve a robust system, improve network efficiency and efficient and secure data retrieval. (Hyun, page 42) Claims 5 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Faitelson in view of Bluhm in view of Todd further in view of Barday further in view of Metzger (US8527773B1) Regarding Claim 5, Barday, Faitelson, Bluhm and Todd collectively teach the method of claim 2: Barday, Faitelson, Bluhm and Todd do not explicitly teach: causing each of the plurality of service systems to locate a third user data not associated with the user identifier but associated with a combination of one or more elements of the user data stored at the distributed service provider system and found by the plurality of service systems based on the user identifier; rendering within the graphical user interface an incomplete version of the third user data, wherein a portion of the third user data is redacted to generate the incomplete version of the third user data; receiving a completed third user data entered by the user and purported by to match the third user data; and when the completed third user data matches the third user data, annotating the storage of the third user data with the user identifier; and updating the graphical user interface to indicate the third user data is stored by the system. However, Metzger teaches: causing each of the plurality of service systems to locate a third user data not associated with the user identifier but associated with a combination of one or more elements of the user data stored at the distributed service provider system and found by the plurality of service systems based on the user identifier (Metzger, Column 4, lines 14-19; discloses that the website visitor provides the web application with initial basic recognition data, such as, for example, their name or account number. The application utilizes the initial data in a search of one or more appropriate databases to locate and obtain the confidential data.); rendering within the graphical user interface an incomplete version of the third user data, wherein a portion of the third user data is redacted to generate the incomplete version of the third user data (Metzger, Column 4, lines 1-2; discloses that the server transmits to the client interface and present to the user an incomplete portion of the confidential data relating to the user); receiving a completed third user data entered by the user and purported by to match the third user data (Metzger, Column 4, lines 6-7; discloses that the user provide additional data to complete the incomplete portion of the confidential data.); when the completed third user data matches the third user data, annotating the storage of the third user data with the user identifier (Metzger, Column 4, lines 7-10; discloses that the user is granted access to the confidential data subsequent to determination by the application that the user correctly completed the incomplete portion of the confidential data.); updating the graphical user interface to indicate the third user data is stored by the system (Metzger, Fig. 7; provides a graphical web interface storing the information). Metzger does not explicitly teach; However, Faitelson teaches: Wherein the service provider system is distributed service provider system (Faitelson, para 50, 52, 75 discloses a plurality if interconnected computerized devices communicating over a network and storing data across plurality of storage devices.) Barday, Faitelson, Bluhm, Todd and Metzger address the broader goal of distributed systems for managing and accessing data in a scalable and efficient and secure manner. It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Barday/Faitelson/Todd/Bluhm system by incorporating providing redacted version of user data and storage of the supplied user data including annotation from Metzger system to ensure data integrity and efficient data retrieval from data storage. One would be motivated to make this combination to achieve a robust system, improve network efficiency and efficient and secure data retrieval. Regarding Claim 18, Barday, Faitelson, Bluhm and Todd collectively teach the medium of claim 15: Barday, Faitelson, Bluhm and Todd do not explicitly teach: causing each of the plurality of service systems to locate a third user data not associated with the user identifier but associated with a combination of one or more elements of the user data stored at the distributed service provider system and found by the plurality of service systems based on the user identifier; rendering within the graphical user interface an incomplete version of the third user data, wherein a portion of the third user data is redacted to generate the incomplete version of the third user data; receiving a completed third user data entered by the user and purported by to match the third user data; and when the completed third user data matches the third user data, annotating the storage of the third user data with the user identifier; and updating the graphical user interface to indicate the third user data is stored by the system. However, Metzger teaches: causing each of the plurality of service systems to locate a third user data not associated with the user identifier but associated with a combination of one or more elements of the user data stored at the distributed service provider system and found by the plurality of service systems based on the user identifier (Metzger, Column 4, lines 14-19; discloses that the website visitor provides the web application with initial basic recognition data, such as, for example, their name or account number. The application utilizes the initial data in a search of one or more appropriate databases to locate and obtain the confidential data.); rendering within the graphical user interface an incomplete version of the third user data, wherein a portion of the third user data is redacted to generate the incomplete version of the third user data (Metzger, Column 4, lines 1-2; discloses that the server transmits to the client interface and present to the user an incomplete portion of the confidential data relating to the user); receiving a completed third user data entered by the user and purported by to match the third user data (Metzger, Column 4, lines 6-7; discloses that the user provide additional data to complete the incomplete portion of the confidential data.); when the completed third user data matches the third user data, annotating the storage of the third user data with the user identifier (Metzger, Column 4, lines 7-10; discloses that the user is granted access to the confidential data subsequent to determination by the application that the user correctly completed the incomplete portion of the confidential data.); updating the graphical user interface to indicate the third user data is stored by the system (Metzger, Fig. 7; provides a graphical web interface storing the information). Metzger does not explicitly teach: Wherein the service provider system is distributed service provider system. However, Faitelson teaches: Wherein the service provider system is distributed service provider system (Faitelson, para 50, 52, 75 discloses a plurality if interconnected computerized devices communicating over a network and storing data across plurality of storage devices.) Barday, Faitelson, Todd and Metzger address the broader goal of distributed systems for managing and accessing data in a scalable and efficient and secure manner. It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Barday/Faitelson/Todd system by incorporating providing redacted version of user data and storage of the supplied user data including annotation from Metzger system to ensure data integrity and efficient data retrieval from data storage. One would be motivated to make this combination to achieve a robust system, improve network efficiency and efficient and secure data retrieval. Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Faitelson in view of Bluhm further in view of Barber (US20210334401A1) furthermore in view of Lavine (US11797698B2) Regarding Claim 7, Faitelson/Bluhm teach the method of claim 1, Faitelson teaches: the user identifier comprises an email address or a telephone number (Faitelson, para 46 discloses PDIs may include, for example, the user's name, address, country identity number (e.g., social security number), telephone number, age, date of birth, names of family member, and the like.) Faitelson/Bluhm do not explicitly teach: and wherein in response to receipt, by the first computing system of the provider system, of the user identifier associated with the user data, the method further comprise: transmitting a verification code to the email address or telephone number of the user identifier; receiving the verification code from the user system; and in response to the receipt of the transmitted verification code from the user system, generating a data access and deletion entry in a state table to track user data stored, accessed, and deleted within the provider system. However, Barber teaches: the user identifier comprises an email address or a telephone number, and wherein in response to receipt, by the first computing system of the provider system, of the user identifier associated with the user data, the method further comprise (Barber, page 6, para 0058; discloses that the information 502 that the customer 350 includes in the request for the personal information from the entity may be referred to as an identifier. The number of identifiers required by an entity in a request may vary but at least one identifier needs to be provided. For example, the identifier may be an email address, a customer ID or a telephone number associated with the customer 350) transmitting a verification code to the email address or telephone number of the user identifier (Barber, page 8, para 0069; discloses that in diagram 625, a confirmation email 630 may be generated by the request intake module 520 based on the email address submitted with the online form 605. The confirmation email 630 may include a confirmation link 635 to enable the customer 350 to confirm that the online form 605 was indeed submitted by the customer 350.) Barber does not explicitly teach: receiving the verification code from the user system; and in response to the receipt of the transmitted verification code from the user system, generating a data access and deletion entry in a state table to track user data stored, accessed, and deleted within the provider system. However, Lavine teaches: receiving the verification code from the user system; and in response to the receipt of the transmitted verification code from the user system (Lavine, Column 44, lines 28-30, discloses at block 1418 of the method 1400, a determination may be made as to whether the user has provided a valid verification code.) generating a data access and deletion entry in a state table to track user data stored, accessed, and deleted within the provider system (Lavine, Column 44, lines 40-48, discloses in response to a positive determination at block 1422, the method 1400 may proceed to block 1424, where the transient account may be converted to a full account. Conversion to a full account may include, for example, changing the username on the account to the user's email address; removing user credentials from a transient account table; and updating status of the account in the identity-service as not transient and adding the user's email as an alias.) Barber and Lavine does not explicitly teach: Wherein the provider system is distributed service provider system However, Faitelson teaches: Wherein the service provider system is distributed service provider system (Faitelson, para 50, 52, 75 discloses a plurality if interconnected computerized devices communicating over a network and storing data across plurality of storage devices.) Faitelson, Bluhm, Barber and Lavine address the broader goal of distributed systems for managing and accessing data in a scalable and efficient and secure manner. It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Faitelson/Bluhm system by transmitting and receiving of verification code and keep track of user data from Barber/Lavine system to ensure data integrity, privacy and efficient data retrieval from data storage. One would be motivated to make this combination to achieve a robust system, improve network efficiency, data privacy and efficient and secure data retrieval. Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Faitelson in view of Bluhm further in view of Krishnan (US20230185645A1) Regarding Claim 10, Faitelson/Bluhm teach the method of claim 8, Faitelson/Bluhm do not explicitly teach: the first computing system transmits the request received from the user system to a public application programming interface (API) endpoint of the second computing system, wherein the second computing system transmits the service system request message to a private API endpoint of said each of the plurality of service systems, and wherein a private API endpoint of the second computing system receives the response message from each of the plurality of service systems, and wherein the public API endpoint is accessible via a public communications network, and the private API endpoint of said each of the plurality of service systems and the private API endpoint of the second computing system are accessible within a private communications network. However, Krishnan teaches: the first computing system transmits the request received from the user system to a public application programming interface (API) endpoint of the second computing system (Krishnan, page 1, para 0003, discloses a method involves receiving, at a first application programming interface (API) endpoint of a first computing system positioned before an egress point of a private network in which an application is executing, an API call from the application; sending, by the first computing system, the API call over the internet to a second API endpoint); wherein the second computing system transmits the service system request message to a private API endpoint of said each of the plurality of service systems (Krishnan, page 2, para 0029, discloses API gateways generally operate as reverse proxy servers (such as the API gateway 115 shown in FIG. 1A - described below) that direct incoming Web API calls (i.e., API calls received over the internet) to appropriate backend servers. In some circumstances, such reverse proxy servers may be situated behind the firewalls of private networks.); a private API endpoint of the second computing system receives the response message from each of the plurality of service systems (Krishnan, page 2, para 0031, discloses responses to such API calls may be sent (per the arrow 118) from those service endpoints 112 to the API gateway 110); the public API endpoint is accessible via a public communications network (Krishnan, page 2, para 0030, discloses sending API calls directly to a 3rd party API service 114 (e.g., via the internet 107), the application(s) 106 may instead send API calls to the API gateway 110); and the private API endpoint of said each of the plurality of service systems and the private API endpoint of the second computing system are accessible within a private communications network (Krishnan, page 2, para 0030, discloses the 3rd party API service 114 may sit behind a firewall or other ingress point 111 of a private network managed by the 3rd party service provider, and may employ an API gateway 115 configured to operate as a reverse proxy for one or more API services 117). Barday, Faitelson, Bluhm and Krishnan address the broader goal of distributed systems for managing and accessing data in a scalable and efficient and secure manner. It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Barday/Faitelson/Bluhm system by incorporating API gateway mechanisms and network configurations from Krishnan system to ensure secure and controlled access to services. One would be motivated to make this combination to achieve a robust system, improve network efficiency and efficient data retrieval and secure communication between public and private networks. Claims 11, 12 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Faitelson in view of Bluhm further in view of Barber (US20210334401A1) Regarding Claim 11, Faitelson/Bluhm combinedly teach the method of claim 1, Faitelson teaches: wherein the distributed service provider system comprises the plurality of service systems (Faitelson, para 50 discloses computerized system 10 may include a plurality of computerized devices 20 communicating 25 over a communication network 27. Each of the N computerized devices 20, where N is the number of computerized devices 20 in system 10, may be denoted 20A, 20B, 20C . . . 20N.) Faitelson/Bluhm does not teach; However, Barber teaches: each of the plurality of service system comprises processing resources and storage resources that are independent of the first computing system (Barber, page 5, para 0048; discloses that the email marketing service may collect personal information about the customer 350.. the collected information about the customer 350 may be stored by the email marketing service in the database 310; para 0053, Barber further discloses that the entity server 255 structure its database 270 and may span to how the third-party server 305 structures its database 310); each of the plurality of service system provides a different service of the distributed service provider system (Barber, page 4, para 0046; discloses that the information compliance application 257 may be configured to operate on behalf of an entity associated with the entity server 255 to enable the entity to stay in compliance with privacy laws.; para 0047, Barber further discloses that the email marketing service may send marketing emails on behalf of the furniture business using a list of contacts provided by the furniture business.); Faitelson, Bluhm and Barber address the broader goal of distributed systems for managing and accessing data in a scalable and efficient and secure manner. It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Faitelson/Bluhm system by incorporating plurality of service systems, each providing different service from Barber system to ensure data integrity, privacy and efficient data retrieval from data storage. One would be motivated to make this combination to achieve a robust system, improve network efficiency, data privacy and efficient and secure data retrieval. Regarding Claim 12, Barday and Faitelson combinedly teach the method of claim 1, Barday and Faitelson do not explicitly teach: the distributed service provider system comprises a distributed commerce system. However, Barber teaches: the distributed service provider system comprises a distributed commerce system (Barber, page 4, para 0044; discloses that the entity may be an organization or a business that has legally collected and stored personal information from many consumers.; para 0047, Barber further discloses that the email marketing service may send marketing emails on behalf of the furniture business using a list of contacts provided by the furniture business; page 5, para 0048, Barber further discloses that the website of the furniture business may be hosted by another third-party service, and content of shopping carts of its customers may be stored in a database of this other third-party service). Faitelson, Bluhm and Barber address the broader goal of distributed systems for managing and accessing data in a scalable and efficient and secure manner. It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Faitelson/Bluhm system by incorporating distributed commerce system from Barber system to ensure data integrity, privacy and efficient data retrieval from data storage. One would be motivated to make this combination to achieve a robust system, improve network efficiency, data privacy and efficient and secure data retrieval. Regarding Claim 19, Faitelson/Bluhm combinedly teach the medium of claim 14, Faitelson teaches: wherein the distributed service provider system comprises the plurality of service systems (Faitelson, para 50 discloses computerized system 10 may include a plurality of computerized devices 20 communicating 25 over a communication network 27. Each of the N computerized devices 20, where N is the number of computerized devices 20 in system 10, may be denoted 20A, 20B, 20C . . . 20N.) Barday/Faitelson does not teach; However, Barber teaches: wherein each service system comprises processing resources and storage resources that are independent of the first computing system, and each service system provides a different service of the distributed service provider system. However, Barber teaches: each service system comprises processing resources and storage resources that are independent of the first computing system (Barber, page 5, para 0048; discloses that the email marketing service may collect personal information about the customer 350.. the collected information about the customer 350 may be stored by the email marketing service in the database 310; para 0053, Barber further discloses that the entity server 255 structure its database 270 and may span to how the third-party server 305 structures its database 310); each service system provides a different service of the distributed service provider system (Barber, page 4, para 0046; discloses that the information compliance application 257 may be configured to operate on behalf of an entity associated with the entity server 255 to enable the entity to stay in compliance with privacy laws.; para 0047, Barber further discloses that the email marketing service may send marketing emails on behalf of the furniture business using a list of contacts provided by the furniture business.); Faitelson, Bluhm and Barber address the broader goal of distributed systems for managing and accessing data in a scalable and efficient and secure manner. It would have been obvious to a person having ordinary skill in the art before the effective filing date to have modified the teaching of Faitelson/Bluhm system by incorporating plurality of service systems, each providing different service from Barber system to ensure data integrity, privacy and efficient data retrieval from data storage. One would be motivated to make this combination to achieve a robust system, improve network efficiency, data privacy and efficient and secure data retrieval. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to AMIT KHADKA whose telephone number is (703)756-1440. The examiner can normally be reached Monday - Friday, 8:00 am - 5:00 pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L. Nickerson can be reached at (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /AMIT KHADKA/Examiner, Art Unit 2432 /Jeffrey Nickerson/Supervisory Patent Examiner, Art Unit 2432