Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsAnonomatic, Inc. › 17978614
Last updated: April 19, 2026
Application No. 17/978,614

PERMISSION BASED DATA MASKING

Final Rejection §102
Filed
Nov 01, 2022
Examiner
CHOUDHURY, RAQIUL A
Art Unit
2444
Tech Center
2400 — Computer Networks
Assignee
Anonomatic, Inc.
OA Round
2 (Final)
86%
Grant Probability
Favorable
3-4
OA Rounds
2y 3m
To Grant
93%
With Interview

Interview Optional

+6.1% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 244 resolved cases, 2023–2026

Examiner Intelligence

CHOUDHURY, RAQIUL A View full profile →
Grants 86% — above average
86%
Career Allow Rate
211 granted / 244 resolved
+28.5% vs TC avg
Moderate +6% lift
Without
With
+6.1%
Interview Lift
resolved cases with interview
Typical timeline
2y 3m
Avg Prosecution
22 currently pending
Career history
266
Total Applications
across all art units

Statute-Specific Performance

§101
8.8%
-31.2% vs TC avg
§103
52.4%
+12.4% vs TC avg
§102
15.9%
-24.1% vs TC avg
§112
17.8%
-22.2% vs TC avg
Black line = Tech Center average estimate • Based on career data from 244 resolved cases

Office Action

§102
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Amendment This office action is written in response to an amendment filed on 2/11/2026. As directed by amendment: Claims 1, 4, and 9-10 were amended. Claims 6 and 11 were cancelled. Claim 14 was newly added. Thus, Claims 1-5, 7-10, and 12-14 are presently pending in this application. Response to Arguments Applicant's arguments filed 2/11/2026 have been fully considered but they are not persuasive. Therefore, the rejection still stands. Argument 1: The text of claim recites (in relevant part) "returning a result in response to the associating wherein the result includes obfuscated information having actual data replaced with false information." Here, Lyer does not disclose the use of false information. Instead Lyer masks personally identifiable information (PII) so the user cannot see the PII. (e.g. Lyer 0001, 0004, Fig. 2, et. al.). Lyer figure 2 illustrates Lyer's disclosure well because it shows physically obfuscated PII. This is in sharp contrast to the text of claim 1 wherein there is no physical masking, but instead false, unmasked information. Examiner’s Response: In response to applicant's argument that the references fail to show certain features of the invention, it is noted that the features upon which applicant relies (i.e., wherein there is no physical masking, but instead false, unmasked information) are not recited in the rejected claim(s). Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). Iyer teaches associating the credential with one or more data fields to determine which fields are masked, and returning a result in response to the associating wherein the result includes obfuscated information having actual data replaced with false information (Fig. 2, element 200, par 22; Fig. 5, element 514, par 53; Fig. 11, elements {1108-1120}, par 68-71). The false information is the masked PII information as shown in Fig. 2. Therefore, Iyer still teaches the limitations of Claim 1. Claim Rejections - 35 USC § 102 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention. (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. Claims 1-5, 7-10, and 12-14 are rejected under 35 U.S.C. 102(a) (2) as being anticipated by Iyer et al (“Iyer”, US 20230077317). Regarding Claim 1, Iyer teaches a data management system including: a processor, said processor coupled to a network (par 25-26); a data store coupled to the processor, said data store including a plurality of personal identifiable information fields (par 25-26; Fig. 2, element 200, par 22; Fig. 5, element 514, par 53; Fig. 11, elements {1108-1120}, par 68-71); a memory device coupled to the processor, said memory device encoded with non-transitory processor-readable instructions directing the processor to perform a method including (par 25-26): receiving a command from a user, said command operative to operate on the personal identifiable information fields, said command including at least one credential associated with the user (Fig. 2, element 200, par 22; Fig. 5, element 514, par 53; Fig. 11, elements {1108-1120}, par 68-71); associating the credential with one or more data fields to determine which fields are masked, and returning a result in response to the associating wherein the result includes obfuscated information having actual data replaced with false information (Fig. 2, element 200, par 22; Fig. 5, element 514, par 53; Fig. 11, elements {1108-1120}, par 68-71; The false information is the masked PII information as shown in Fig. 2.). Regarding Claim 2, Iyer teaches the system of claim 1. Iyer further teaches wherein each data field is associated with a property directing operations on the personal identifiable information (Fig. 2, element 200, par 22; Fig. 5, element 514, par 53; Fig. 11, elements {1108-1120}, par 68-71; The property is the position co-ordinates.). Regarding Claim 3, Iyer teaches the system of claim 1. Iyer further teaches wherein the credential is a user identifier (Fig. 2, element 200, par 22; Fig. 5, element 514, par 53; Fig. 11, elements {1108-1120}, par 68-71; The user identifier is the credential of the recipient having the highest level of access control. The recipient is trusted and therefore identified by the user’s credential.). Regarding Claim 4, Iyer teaches a data management system including: a processor, said processor coupled to a network (par 25-26); a data store coupled to the processor, said data store including a plurality of personal identifiable information fields (par 25-26; Fig. 2, element 200, par 22; Fig. 5, element 514, par 53; Fig. 11, elements {1108-1120}, par 68-71); a memory device coupled to the processor, said memory device encoded with non-transitory processor-readable instructions directing the processor to perform a method including (par 25-26); receiving a command from a user, said command operative to operate on personal identifiable information, said command including at least one credential associated with the user (par 25-26; Fig. 2, element 200, par 22; Fig. 5, element 514, par 53; Fig. 11, elements {1108-1120}, par 68-71); associating the credential with one or more data fields containing personal identifiable information, and returning a result in response to the associating, said result including false information in at least one of the one or more data fields (par 25-26; Fig. 2, element 200, par 22; Fig. 5, element 514, par 53; Fig. 11, elements {1108-1120}, par 68-71; The false information is the masked PII information as shown in Fig. 2.). Regarding Claim 5, Iyer teaches the system of claim 4. Iyer further teaches wherein the association determines whether PII is masked or unmasked (par 25-26; Fig. 2, element 200, par 22; Fig. 5, element 514, par 53; Fig. 11, elements {1108-1120}, par 68-71). Regarding Claim 7, Claim 7 is rejected with the same reasoning as Claim 2. Regarding Claim 8, Claim 8 is rejected with the same reasoning as Claim 3. Regarding Claim 9, Iyer teaches one or more processor readable memory devices encoded with non-transitory processor instructions directing a processor to perform a method including: receiving a command from a user, said command operative to operate on personal identifiable information, said command including at least one credential associated with the user (par 25-26; Fig. 2, element 200, par 22; Fig. 5, element 514, par 53; Fig. 11, elements {1108-1120}, par 68-71); associating the credential with one or more data fields containing personal identifiable information, and returning a result in response to the associating, said result including false information in at least one of the one or more data fields. (par 25-26; Fig. 2, element 200, par 22; Fig. 5, element 514, par 53; Fig. 11, elements {1108-1120}, par 68-71; The false information is the masked PII information as shown in Fig. 2.). Regarding Claim 10, Iyer teaches the devices of claim 9. Iyer further teaches wherein the association determines whether PII is masked or unmasked, wherein masked data is false information (par 25-26; Fig. 2, element 200, par 22; Fig. 5, element 514, par 53; Fig. 11, elements {1108-1120}, par 68-71; The false information is the masked PII information as shown in Fig. 2.). Regarding Claim 12, Claim 12 is rejected with the same reasoning as Claim 2. Regarding Claim 13, Claim 13 is rejected with the same reasoning as Claim 3. Regarding Claim 14, Iyer teaches the system of claim 1. Iyer further teaches wherein the false information is in the masked fields (par 25-26; Fig. 2, element 200, par 22; Fig. 5, element 514, par 53; Fig. 11, elements {1108-1120}, par 68-71; The false information is the masked PII information as shown in Fig. 2.). Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: Adler et al (US 20030014654), Abstract - The present invention is a system and method for handling personally identifiable information, using a rules model. The invention involves defining a limited number of privacy-related actions regarding personally identifiable information; constructing a rule for each circumstance in which one of said privacy-related actions may be taken or must be taken; allowing for the input of dynamic contextual information to precisely specify the condition for evaluation of a rule; creating a programming object containing at least one of said rules; associating the programming object with personally identifiable information; processing a request; and providing an output. The invention does not merely give a "yes-or-no answer. The invention has the advantage of being able to specify additional actions that must be taken. The invention may use a computer system and network. One aspect of the present invention is a method for handling personally identifiable information. Another aspect of the present invention is a system for executing the method of the present invention. A third aspect of the present invention is as a set of instructions on a computer-usable medium, or resident in a computer system, for executing the method of the present invention. Netke et al (US 20220164474), Abstract - An approach for real time, round trip pseudonymization (a.k.a. anonymization or tokenization) of data on the fly, in real time, enabling remote secure processing of sensitive data such as by a cloud service. Sensitive data remains on premises with the client at all times. A user may thus run extensive queries that return sensitive data without noticing that such data was pseudonymized in transit. Apsingekar et al (US 20220207123), Abstract - When personally identifiable information (PII) is to be stored or updated, a system first seeks consent from the user for the PII store or update. If the user grants consent, then the system stores the PII in the user's personal device or updates the PII stored in the user's personal device. The system then retrieves that PII and generates a token representing that PII. Even if the token were taken by a malicious user, it would not be possible for the malicious user to determine the user's actual PIT from the token. In this manner, the security of the PII is improved over conventional systems. Zabar et al (US 20210176054), Abstract - A method of storing personally identifiable information includes allowing a subject to register with an application, generating private and public encryption keys, requesting and receiving a digital identity from a registrar, validating the personally identifiable information using the digital identity, and storing an encrypted version of the personally identifiable information in a data repository controlled by a subject of the personally identifiable information. Pae et al (US 20060085443), Abstract - One embodiment of the present invention provides a system that controls access to personally identifiable information (PII) in a database system. During operation, the system receives a request from an application to perform a function which involves accessing information in the database system. In response to the request, the system identifies a purpose that the application has in making request to perform the function. Next, the system uses the purpose to identify a set of attributes in the database system, which are associated with the purpose. The system then determines if any of the identified attributes contain PII. If so, the system enforces access controls while accessing the identified attributes containing PII. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to RAQIUL AMIN CHOUDHURY whose telephone number is (571)272-2482. The examiner can normally be reached Monday-Friday 7:30 AM - 5:30 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John Follansbee can be reached at 571-272-3964. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /RAQIUL A CHOUDHURY/Examiner, Art Unit 2444
Read full office action

Prosecution Timeline

Nov 01, 2022
Application Filed
Dec 03, 2025
Non-Final Rejection — §102
Feb 11, 2026
Response Filed
Mar 11, 2026
Final Rejection — §102 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/072,034
Patent 12602450
Learning from mistakes to improve detection rates of Machine Learning (ML) models
2y 5m to grant Granted Apr 14, 2026
18/642,552
Patent 12596811
Threat Intelligence Systems
2y 5m to grant Granted Apr 07, 2026
18/368,776
Patent 12591711
LINEAGE CERTIFICATION FOR DIGITAL ASSETS
2y 5m to grant Granted Mar 31, 2026
18/391,185
Patent 12585752
PROTECTION OF AN ELECTRONIC DEVICE
2y 5m to grant Granted Mar 24, 2026
18/649,660
Patent 12580988
SYSTEMS AND METHODS FOR RECOMMENDING INTERACTIVE SESSIONS BASED ON SOCIAL INCLUSIVITY
2y 5m to grant Granted Mar 17, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
86%
Grant Probability
93%
With Interview (+6.1%)
2y 3m
Median Time to Grant
Moderate
PTA Risk
Based on 244 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month