SYSTEMS AND METHODS FOR MANAGING TOKENS AND FILTERING DATA TO CONTROL DATA ACCESS

Detailed Action This is a Final Office action in response to communications received on 8/11/2025. Claims 1-2, 6, 10-11, 15 and 19 were amended. Claims 1-20 are pending and are examined. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant’s amendments, filed 8/11/2025 to claim(s) 10 correcting the claim to remove duplicate semicolons is sufficient to overcome the objection to the aforementioned claim. Accordingly, the objection to claim(s) 10 as filed in 2 of the Non-Final Office action filed 4/10/2025 is withdrawn. Applicant’s arguments regarding the rejection under 35 U.S.C. 102 of the claims under Hockey have been considered, but are moot because the new ground of rejection necessitated from amending the independent claims 1, 11. The instant rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically argued in the Applicant's response. Applicant’s arguments regarding the rejection under 35 U.S.C. 103 of the claims under Hockey and Barday have been considered, and are found unpersuasive. Applicant argues on page(s) 11 of the Remarks, filed 8/11/2025, the cited prior art fail to teach or suggest “determining that the second data provider is associated with a higher priority level than the first data provider; and based on the determining, allocating more network resources for processing requests over the second network as compared to processing requests over the first network” because “Barday does not disclose that the "condition" is based on an identity of a data provider associated with a request” and “merely changing an order in a queue for processing a particular data subject access, as disclosed in Barday, does not establish that more network resources are allocated in general for processing requests from a specific data provider”. However, Examiner respectfully disagrees. Barday additionally teaches, in paragraph [0075] that “the system may be configured to prioritize more demanding requests (e.g., requests that may require more effort and/or computing resources to process), for example, to ensure that the requests can be fulfilled within legally defined deadlines or timelines”, which would necessarily include the allocation of more processing resources to mean deadlines for certain tasks as part of prioritization. Additionally, claim 8 merely recites that the second data provider need be associated with a higher priority level. Requests necessarily have provenance from an associated requestor, thus prioritization of a request is sufficient for association. Consequently, the rejection of the claims under 35 U.S.C. 103 is presented as below. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-6, 10-15 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Hockey (US 20210081947 A1), further in view of Cheng (US 20240020365 A1). Regarding claim 1, Hockey teaches the limitations of claim 1 substantially as follows: A computer-implemented method, comprising: generating, at an intermediary entity, a first data recipient token for a data recipient for accessing data from a first data provider; (Hockey; Para(s). [0163]: Account information can be accessed and then an electronic record of related account information (e.g., account information, transaction information) and a token can be generated. The electronic record and token can serve as an account link (i.e. generating, at an intermediary entity, a first data recipient token for a data recipient)) associating a first network resource with the first data provider, wherein: (Hockey; Para(s). [0163]: Account information can be accessed and then an electronic record of related account information (e.g., account information, transaction information) and a token can be generated. The electronic record and token can serve as an account link (i.e. associating a first network resource with the first data provider)) the first network resource is used by the data recipient to request first data from the first data provider; and (Hockey; Para(s). [0163]: Account information can be accessed (i.e. the first network resource is used by the data recipient to request data from the first data provider) and then an electronic record of related account information (e.g., account information, transaction information) and a token can be generated. The electronic record and token can serve as an account link) generating, at the intermediary entity, a second data recipient token for the data recipient for accessing data from a second data provider; and (Hockey; Para(s). [0124]: receiving a request supplying the public token from the application server and responding with the access token (e.g., exchanging a public token with the access token generally happens after the application client communicates the public token to an application server) (i.e. generating, at the intermediary entity, a second data recipient token for the data recipient)) associating a second network resource with the second data provider, wherein: (Hockey; Para(s). [0124]: The application server may then use the access token to signal to the account-linking service permission to access the user account of the account service (i.e. associating a second network resource with the second data provider)) the second network resource is used by the data recipient to request second data from the second data provider; and (Hockey; Para(s). [0124]: The application server may then use the access token to signal to the account-linking service permission to access the user account of the account service (i.e. used by the data recipient to request data from the second data provider)) Hockey does not teach the limitations of claim 1 as follows: the first network resource is used by the intermediary entity to: receive the request for the first data from the data recipient; obtain the requested first data from the first data provider; filter the requested first data to obtain filtered first data; and provide the filtered first data to the data recipient; the second network resource is used by the intermediary entity to: receive the request for the second data from the data recipient; obtain the requested second data from the second data provider; filter the requested second data to obtain filtered second data; and provide the filtered second data to the data recipient. However, in the same field of endeavor, Maldaner discloses the limitations of claim 1 as follows: the first network resource is used by the intermediary entity to: receive the request for the first data from the data recipient; obtain the requested first data from the first data provider; filter the requested first data to obtain filtered first data; and provide the filtered first data to the data recipient; (Cheng; [0102]: the system may determine accessible content of the account based on the first access token. To do so, the system may filter available content based on the content that is accessible based on the privileges (i.e., filter the requested first data to obtain filtered first data; and provide the filtered first data to the data recipient)) the second network resource is used by the intermediary entity to: receive the request for the second data from the data recipient; obtain the requested second data from the second data provider; filter the requested second data to obtain filtered second data; and provide the filtered second data to the data recipient. (Cheng; [0102]: the system may determine accessible content of the account based on the first access token. To do so, the system may filter available content based on the content that is accessible based on the privileges (i.e., filter the requested second data to obtain filtered second data; and provide the filtered second data to the data recipient)) Cheng is combinable with Hockey because all are from the same field of endeavor of providing user access to information. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Hockey to incorporate policy based filtered data as in Cheng in order to improve the security of the system by providing a means by which information may be withheld or filtered based on the accessing user. Regarding claim 2, Hockey and Cheng teaches the limitations of claim 1. Hockey and Cheng teaches the limitations of claim 2 as follows: The method of claim 1, wherein: the first network resource corresponds to a first instance of executable software code for performing the receiving, the obtaining, the filtering, and the providing in relation to the first data; the second network resource corresponds to a second instance of executable software code for performing the receiving, the obtaining, the filtering, and the providing in relation to the second data; and (Hockey; Para(s). [0162]-[0163]: permitting access in a first application context (i.e. a first instance of executable software code) permitting access to the account link, functions to allow access to an account link upon successful verification of eligibility. More specifically, access is granted to the second application context. In this way, the second application can make use of the account link of the account-linking serviced (i.e. a second instance of executable software code)) the first instance and second instance of executable software code are independent from each other. (Hockey; Para(s). [0162]-[0163]: permitting access in a first application context permitting access to the account link, functions to allow access to an account link upon successful verification of eligibility. More specifically, access is granted to the second application context. In this way, the second application can make use of the account link of the account-linking serviced (i.e. the first instance and second instance of executable software code are independent from each other)) Regarding claim 3, Hockey and Cheng teaches the limitations of claim 1. Hockey and Cheng teaches the limitations of claim 3 as follows: The method of claim 1, further comprising: embedding within the first data recipient token information indicating the first network resource; and embedding within the second data recipient token information indicating the second network resource. (Hockey; Para(s). [0291]: based on the information received from the user computing device, the external user account system generates an electronic record. The electronic record is generated by the external user account system as described in further detail below, however, the electronic record may include one or more of: a unique record name, account credentials, an identifier associated with the user, an identifier associated with the external user-facing system/application (e.g., the client ID), user account information, or one or more permissions) (i.e. token information indicating the first/second network resource)) Regarding claim 4, Hockey and Cheng teaches the limitations of claim 3. Hockey and Cheng teaches the limitations of claim 4 as follows: The method of claim 3, wherein the embedded information within the first data recipient token and the embedded information within the second data recipient token are both unencrypted. (Hockey; Para(s). [0368]: In some implementations, the unique record name and/or the token (e.g., the unique record identifier) comprised an encrypted hash of one or more items of data of the electronic record (i.e. In some implementations, this token man and associated identifiers are not encrypted)) Regarding claim 5, Hockey and Cheng teaches the limitations of claim 1. Hockey and Cheng teaches the limitations of claim 5 as follows: The method of claim 1, wherein the data recipient is not permitted to modify the first data recipient token or the second data recipient token. (Hockey; Para(s). [0368]: In some implementations, the unique record name and/or the token (e.g., the unique record identifier) comprised an encrypted hash of one or more items of data of the electronic record (i.e. the data recipient is not permitted to modify the first data recipient token or the second data recipient token)) Regarding claim 6, Hockey and Cheng teaches the limitations of claim 1. Hockey and Cheng teaches the limitations of claim 6 as follows: The method of claim 1, wherein the method further comprises: generating a third data recipient token for the data recipient; and associating a third network resource with a third data provider, wherein the third network resource is used by the data recipient to request third data from the third data provider. (Hockey; Para(s). [0162]-[0163]: permitting access in a first application context permitting access to the account link, functions to allow access to an account link upon successful verification of eligibility. More specifically, access is granted to the second application context. In this way, the second application can make use of the account link of the account-linking serviced (i.e. associating a third network resource with a third data provider, wherein the third network resource is used by the data recipient to request data from the third data provider)) Regarding claim 10, Hockey teaches the limitations of claim 10 substantially as follows: A computer-implemented system, comprising: communication circuitry; and processing circuitry coupled to the communication circuitry and configured to: (Hockey; Para(s). [0059]: computing devices with one or more computer readable mediums (e.g., non-transitory computer-readable mediums) storing instructions that, when executed by one or more computer processors, cause computing device to perform or coordinate operations related to the methods described herein) generate, at an intermediary entity, a first data recipient token for a data recipient for accessing data from a first data provider; (Hockey; Para(s). [0163]: Account information can be accessed and then an electronic record of related account information (e.g., account information, transaction information) and a token can be generated. The electronic record and token can serve as an account link (i.e. generating, at an intermediary entity, a first data recipient token for a data recipient)) associate a first network resource with the data recipient, (Hockey; Para(s). [0163]: Account information can be accessed and then an electronic record of related account information (e.g., account information, transaction information) and a token can be generated. The electronic record and token can serve as an account link (i.e. associating a first network resource with the first data provider)) wherein; the first network resource is used by the data recipient to request first data from the first data provider; and (Hockey; Para(s). [0163]: Account information can be accessed (i.e. the first network resource is used by the data recipient to request data from the first data provider) and then an electronic record of related account information (e.g., account information, transaction information) and a token can be generated. The electronic record and token can serve as an account link) generate, at the intermediary entity, a second data recipient token for the data recipient for accessing data from a second data provider; and (Hockey; Para(s). [0124]: receiving a request supplying the public token from the application server and responding with the access token (e.g., exchanging a public token with the access token generally happens after the application client communicates the public token to an application server) (i.e. generating, at the intermediary entity, a second data recipient token for the data recipient)) associate a second network resource with the data recipient, (Hockey; Para(s). [0124]: The application server may then use the access token to signal to the account-linking service permission to access the user account of the account service (i.e. associating a second network resource with the second data provider)) wherein the second network resource is used by the data recipient to request second data from the second data provider; and (Hockey; Para(s). [0124]: The application server may then use the access token to signal to the account-linking service permission to access the user account of the account service (i.e. used by the data recipient to request data from the second data provider)) Hockey does not teach the limitations of claim 10 as follows: the first network resource is used by the intermediary entity to: receive the request for the first data from the data recipient: obtain the requested first data from the first data provider; filter the requested first data to obtain filtered first data; and provide the filtered first data to the data recipient; the second network resource is used by the intermediary entity to: receive the request for the second data from the data recipient; obtain the requested second data from the second data provider; filter the requested second data to obtain filtered second data; and provide the filtered second data to the data recipient. However, in the same field of endeavor, Maldaner discloses the limitations of claim 10 as follows: the first network resource is used by the intermediary entity to: receive the request for the first data from the data recipient: obtain the requested first data from the first data provider; filter the requested first data to obtain filtered first data; and provide the filtered first data to the data recipient; (Cheng; [0102]: the system may determine accessible content of the account based on the first access token. To do so, the system may filter available content based on the content that is accessible based on the privileges (i.e., filter the requested first data to obtain filtered first data; and provide the filtered first data to the data recipient)) the second network resource is used by the intermediary entity to: receive the request for the second data from the data recipient; obtain the requested second data from the second data provider; filter the requested second data to obtain filtered second data; and provide the filtered second data to the data recipient. (Cheng; [0102]: the system may determine accessible content of the account based on the first access token. To do so, the system may filter available content based on the content that is accessible based on the privileges (i.e., filter the requested second data to obtain filtered second data; and provide the filtered second data to the data recipient)) Cheng is combinable with Hockey because all are from the same field of endeavor of providing user access to information. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Hockey to incorporate policy based filtered data as in Cheng in order to improve the security of the system by providing a means by which information may be withheld or filtered based on the accessing user. Regarding claim 11, Hockey and Cheng teaches the limitations of claim 10. Hockey and Cheng teaches the limitations of claim 11 as follows: The system of claim 10, wherein: the first network resource corresponds to a first instance of executable software code for performing the receiving, the obtaining, the filtering, and the providing in relation to the first data; the second network resource corresponds to a second instance of executable software code for performing the receiving, the obtaining, the filtering, and the providing in relation to the second data; and (Hockey; Para(s). [0162]-[0163]: permitting access in a first application context (i.e. a first instance of executable software code) permitting access to the account link, functions to allow access to an account link upon successful verification of eligibility. More specifically, access is granted to the second application context. In this way, the second application can make use of the account link of the account-linking serviced (i.e. a second instance of executable software code)) the first instance and second instance of executable software code are independent from each other. (Hockey; Para(s). [0162]-[0163]: permitting access in a first application context permitting access to the account link, functions to allow access to an account link upon successful verification of eligibility. More specifically, access is granted to the second application context. In this way, the second application can make use of the account link of the account-linking serviced (i.e. the first instance and second instance of executable software code are independent from each other)) Regarding claim 12, Hockey and Cheng teaches the limitations of claim 10. Hockey and Cheng teaches the limitations of claim 12 as follows: The system of claim 10, further comprising: embedding within the first data recipient token information indicating the first network resource; and embedding within the second data recipient token information indicating the second network resource. (Hockey; Para(s). [0291]: based on the information received from the user computing device, the external user account system generates an electronic record. The electronic record is generated by the external user account system as described in further detail below, however, the electronic record may include one or more of: a unique record name, account credentials, an identifier associated with the user, an identifier associated with the external user-facing system/application (e.g., the client ID), user account information, or one or more permissions) (i.e. token information indicating the first/second network resource)) Regarding claim 13, Hockey and Cheng teaches the limitations of claim 12. Hockey and Cheng teaches the limitations of claim 13 as follows: The system of claim 12, wherein the embedded information within the first data recipient token and the embedded information within the second data recipient token are both unencrypted. (Hockey; Para(s). [0368]: In some implementations, the unique record name and/or the token (e.g., the unique record identifier) comprised an encrypted hash of one or more items of data of the electronic record (i.e. In some implementations, this token man and associated identifiers are not encrypted)) Regarding claim 14, Hockey and Cheng teaches the limitations of claim 10. Hockey and Cheng teaches the limitations of claim 14 as follows: The system of claim 10, wherein the data recipient is not permitted to modify the first data recipient token or the second data recipient token. (Hockey; Para(s). [0368]: In some implementations, the unique record name and/or the token (e.g., the unique record identifier) comprised an encrypted hash of one or more items of data of the electronic record (i.e. the data recipient is not permitted to modify the first data recipient token or the second data recipient token)) Regarding claim 15, Hockey and Cheng teaches the limitations of claim 10. Hockey and Cheng teaches the limitations of claim 15 as follows: The system of claim 10, wherein the processing circuitry is further configured to: generate a third data recipient token for the data recipient; and associate a third network resource with a third data provider, wherein the third network resource is used by the data recipient to request third data from the third data provider. (Hockey; Para(s). [0162]-[0163]: permitting access in a first application context permitting access to the account link, functions to allow access to an account link upon successful verification of eligibility. More specifically, access is granted to the second application context. In this way, the second application can make use of the account link of the account-linking serviced (i.e. associating a third network resource with a third data provider, wherein the third network resource is used by the data recipient to request data from the third data provider)) Regarding claim 19, Hockey teaches the limitations of claim 19 substantially as follows: A non-transitory computer-readable medium having non-transitory computer-readable instructions encoded thereon that, when executed by a processor, cause the processor to: (Hockey; Para(s). [0059]: computing devices with one or more computer readable mediums (e.g., non-transitory computer-readable mediums) storing instructions that, when executed by one or more computer processors, cause computing device to perform or coordinate operations related to the methods described herein) generate, at an intermediary entity, a first data recipient token for a data recipient for accessing data from a first data provider; (Hockey; Para(s). [0163]: Account information can be accessed and then an electronic record of related account information (e.g., account information, transaction information) and a token can be generated. The electronic record and token can serve as an account link (i.e. generating, at an intermediary entity, a first data recipient token for a data recipient)) associate a first network resource with the first data provider, (Hockey; Para(s). [0163]: Account information can be accessed and then an electronic record of related account information (e.g., account information, transaction information) and a token can be generated. The electronic record and token can serve as an account link (i.e. associating a first network resource with the first data provider)) wherein the first network resource is used by the data recipient to request first data from the first data provider; and (Hockey; Para(s). [0163]: Account information can be accessed (i.e. the first network resource is used by the data recipient to request data from the first data provider) and then an electronic record of related account information (e.g., account information, transaction information) and a token can be generated. The electronic record and token can serve as an account link) generate, at the intermediary entity, a second data recipient token for the data recipient for accessing data from a second data provider; and (Hockey; Para(s). [0124]: receiving a request supplying the public token from the application server and responding with the access token (e.g., exchanging a public token with the access token generally happens after the application client communicates the public token to an application server) (i.e. generating, at the intermediary entity, a second data recipient token for the data recipient)) associate a second network resource with the data recipient, (Hockey; Para(s). [0124]: The application server may then use the access token to signal to the account-linking service permission to access the user account of the account service (i.e. associating a second network resource with the second data provider)) wherein the second network resource is used by the data recipient to request second data from the second data provider; and (Hockey; Para(s). [0124]: The application server may then use the access token to signal to the account-linking service permission to access the user account of the account service (i.e. used by the data recipient to request data from the second data provider)) Hockey does not teach the limitations of claim 19 as follows: the first network resource is used by the intermediary entity to: receive the request for the first data from the data recipient; obtain the requested first data from the first data provider; filter the requested first data to obtain filtered first data; and provide the filtered first data to the data recipient; the second network resource is used by the intermediary entity to: receive the request for the second data from the data recipient; obtain the requested second data from the second data provider; filter the requested second data to obtain filtered second data; and provide the filtered second data to the data recipient. However, in the same field of endeavor, Maldaner discloses the limitations of claim 19 as follows: the first network resource is used by the intermediary entity to: receive the request for the first data from the data recipient; obtain the requested first data from the first data provider; filter the requested first data to obtain filtered first data; and provide the filtered first data to the data recipient; (Cheng; [0102]: the system may determine accessible content of the account based on the first access token. To do so, the system may filter available content based on the content that is accessible based on the privileges (i.e., filter the requested first data to obtain filtered first data; and provide the filtered first data to the data recipient)) the second network resource is used by the intermediary entity to: receive the request for the second data from the data recipient; obtain the requested second data from the second data provider; filter the requested second data to obtain filtered second data; and provide the filtered second data to the data recipient. (Cheng; [0102]: the system may determine accessible content of the account based on the first access token. To do so, the system may filter available content based on the content that is accessible based on the privileges (i.e., filter the requested second data to obtain filtered second data; and provide the filtered second data to the data recipient)) Cheng is combinable with Hockey because all are from the same field of endeavor of providing user access to information. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Hockey to incorporate policy based filtered data as in Cheng in order to improve the security of the system by providing a means by which information may be withheld or filtered based on the accessing user. Regarding claim 20, Hockey and Cheng teaches the limitations of claim 10. Hockey and Cheng teaches the limitations of claim 20 as follows: The non-transitory computer-readable medium of claim 19, wherein execution of the instructions further causes the processor to: embed within the first data recipient token information indicating the first network resource; and embed within the second data recipient token information indicating the second network resource. (Hockey; Para(s). [0291]: based on the information received from the user computing device, the external user account system generates an electronic record. The electronic record is generated by the external user account system as described in further detail below, however, the electronic record may include one or more of: a unique record name, account credentials, an identifier associated with the user, an identifier associated with the external user-facing system/application (e.g., the client ID), user account information, or one or more permissions) (i.e. token information indicating the first/second network resource)) Claims 7 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Hockey (US 20210081947 A1), further in view of Cheng (US 20240020365 A1), as applied to independent claims, further in view of Maldaner (US 20160261575 A1). Regarding claim 7, Hockey and Cheng teaches the limitations of claim 1. Hockey and Cheng does not teach the limitations of claim 7 as follows: The method of claim 1, further comprising: generating a first log associated with requests received at the first network resource from one or more data recipients; and generating a second log associated with requests received at the second network resource from one or more data recipients. However, in the same field of endeavor, Maldaner discloses the limitations of claim 7 as follows: The method of claim 1, further comprising: generating a first log associated with requests received at the first network resource from one or more data recipients; and generating a second log associated with requests received at the second network resource from one or more data recipients. (Maldaner; Para(s). [0030]: the Request Operation may be a multi-domain user activity reporting request, such as a request for log data or the like describing a specified user's file-related activities performed in multiple authentication domains (e.g. in both Authentication Domain A and Authentication Domain B (i.e. a first/second log associated with requests received at the first/second network resource from one or more data recipients)) Maldaner is combinable with Hockey and Cheng because all are from the same field of endeavor of tracking user request activity. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Hockey and Cheng to incorporate maintaining a log of client request activity as in Maldaner in order to improve the system by providing a means by which request activity may be logged and analyzed or audited. Regarding claim 16, Hockey and Cheng teaches the limitations of claim 10. Hockey and Cheng does not teach the limitations of claim 16 as follows: The system of claim 10, wherein the processing circuitry is further configured to: generate a first log associated with requests received at the first network resource from one or more data recipients; and generate a second log associated with requests received at the second network resource from one or more data recipients. However, in the same field of endeavor, Maldaner discloses the limitations of claim 16 as follows: The system of claim 10, wherein the processing circuitry is further configured to: generate a first log associated with requests received at the first network resource from one or more data recipients; and generate a second log associated with requests received at the second network resource from one or more data recipients. (Maldaner; Para(s). [0030]: the Request Operation may be a multi-domain user activity reporting request, such as a request for log data or the like describing a specified user's file-related activities performed in multiple authentication domains (e.g. in both Authentication Domain A and Authentication Domain B (i.e. a first/second log associated with requests received at the first/second network resource from one or more data recipients)) Maldaner is combinable with Hockey and Cheng because all are from the same field of endeavor of tracking user request activity. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Hockey and Cheng to incorporate maintaining a log of client request activity as in Maldaner in order to improve the system by providing a means by which request activity may be logged and analyzed or audited. Claims 8-9 and 17-18 are rejected under 35 U.S.C. 103 as being unpatentable over Hockey (US 20210081947 A1), further in view of Cheng (US 20240020365 A1), as applied to independent claims, further in view of Barday (US 20220318817 A1). Regarding claim 8, Hockey and Cheng teaches the limitations of claim 1. Hockey and Cheng teaches the limitations of claim 8 as follows: The method of claim 1, wherein the first network resource is for a first network, and the second network resource is for a second network, the method further comprising: (Hockey; Para(s). [0049]: applications may be operable and accessible through a network connected client application such as a web browser or the like. For example, the system may be used across multiple web applications offered by different websites (i.e. the first network resource is for a first network, and the second network resource is for a second network)) Hockey and Cheng does not teach the limitations of claim 8 as follows: determining that the second data provider is associated with a higher priority level than the first data provider; and based on the determining, allocating more network resources for processing requests over the second network as compared to processing requests over the first network. However, in the same field of endeavor, Barday discloses the limitations of claim 8 as follows: determining that the second data provider is associated with a higher priority level than the first data provider; and (Barday; Para(s). [0005]: applying an initial prioritization level to the data subject access request, wherein the initial prioritization level identifies where in an order of a plurality of data subject access requests found in a fulfillment data subject access request queue that the data subject access request is to be fulfilled (i.e. determining that the second data provider is associated with a higher priority level than the first data provider)) based on the determining, allocating more network resources for processing requests over the second network as compared to processing requests over the first network. (Barday; Para(s). [0005]: updated order of the plurality of data subject access requests found in the fulfillment data subject access request queue based on the adjusted prioritization level (i.e. allocating more network resources for processing requests)) Barday is combinable with Hockey and Cheng because all are from the same field of endeavor of managing access requests. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Hockey and Cheng to incorporate prioritization of requests as in Barday in order to improve the functionality of the system by providing a means by which incoming requests are handled based on explicit priority or resource use. Regarding claim 9, Hockey and Cheng teaches the limitations of claim 1. Hockey and Cheng teaches the limitations of claim 9 as follows: The method of claim 1, wherein the first network resource is for a first network, and the second network resource is for a second network, the method further comprising: (Hockey; Para(s). [0049]: applications may be operable and accessible through a network connected client application such as a web browser or the like. For example, the system may be used across multiple web applications offered by different websites (i.e. the first network resource is for a first network, and the second network resource is for a second network)) Hockey and Cheng does not teach the limitations of claim 9 as follows: determining that the second data provider has higher computationally intensive requirements per request than the first data provider; and based on the determining, allocating more network resources for processing requests over the second network as compared to processing requests over the first network. However, in the same field of endeavor, Barday discloses the limitations of claim 9 as follows: determining that the second data provider has higher computationally intensive requirements per request than the first data provider; and (Barday; Para(s). [0005]: applying an initial prioritization level to the data subject access request, wherein the initial prioritization level identifies where in an order of a plurality of data subject access requests found in a fulfillment data subject access request queue that the data subject access request is to be fulfilled, for instance, the condition affects at least one of an amount of computing resources or an amount of time needed for processing the data for fulfilling the data subject access request (i.e. determining that the second data provider has higher computationally intensive requirements per request than the first data provider)) based on the determining, allocating more network resources for processing requests over the second network as compared to processing requests over the first network. (Barday; Para(s). [0005]: updated order of the plurality of data subject access requests found in the fulfillment data subject access request queue based on the adjusted prioritization level (i.e. allocating more network resources for processing requests)) Barday is combinable with Hockey and Cheng because all are from the same field of endeavor of managing access requests. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Hockey and Cheng to incorporate prioritization of requests as in Barday in order to improve the functionality of the system by providing a means by which incoming requests are handled based on explicit priority or resource use. Regarding claim 17, Hockey and Cheng teaches the limitations of claim 10. Hockey and Cheng teaches the limitations of claim 17 as follows: The system of claim 10, wherein the first network resource is for a first network, and the second network resource is for a second network, and the processing circuitry is further configured to: (Hockey; Para(s). [0049]: applications may be operable and accessible through a network connected client application such as a web browser or the like. For example, the system may be used across multiple web applications offered by different websites (i.e. the first network resource is for a first network, and the second network resource is for a second network)) Hockey and Cheng does not teach the limitations of claim 17 as follows: determine that the second data recipient is associated with a higher priority level than the data recipient; and based on the determining, allocate more network resources for processing requests over the second network as compared to processing requests over the first network. However, in the same field of endeavor, Barday discloses the limitations of claim 17 as follows: determine that the second data recipient is associated with a higher priority level than the data recipient; and (Barday; Para(s). [0005]: applying an initial prioritization level to the data subject access request, wherein the initial prioritization level identifies where in an order of a plurality of data subject access requests found in a fulfillment data subject access request queue that the data subject access request is to be fulfilled (i.e. determining that the second data provider is associated with a higher priority level than the first data provider)) based on the determining, allocate more network resources for processing requests over the second network as compared to processing requests over the first network. (Barday; Para(s). [0005]: updated order of the plurality of data subject access requests found in the fulfillment data subject access request queue based on the adjusted prioritization level (i.e. allocating more network resources for processing requests)) Barday is combinable with Hockey and Cheng because all are from the same field of endeavor of managing access requests. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Hockey and Cheng to incorporate prioritization of requests as in Barday in order to improve the functionality of the system by providing a means by which incoming requests are handled based on explicit priority or resource use. Regarding claim 18, Hockey and Cheng teaches the limitations of claim 10. Hockey and Cheng teaches the limitations of claim 18 as follows: The system of claim 10, wherein the first network resource is for a first network, and the second network resource is for a second network, and the processing circuitry is further configured to: (Hockey; Para(s). [0049]: applications may be operable and accessible through a network connected client application such as a web browser or the like. For example, the system may be used across multiple web applications offered by different websites (i.e. the first network resource is for a first network, and the second network resource is for a second network)) Hockey and Cheng does not teach the limitations of claim 18 as follows: determine that the second data provider has higher computationally intensive requirements per request than the first data provider; and based on the determining, allocate more network resources for processing requests over the second network as compared to processing requests over the first network. However, in the same field of endeavor, Barday discloses the limitations of claim 18 as follows: determine that the second data provider has higher computationally intensive requirements per request than the first data provider; and (Barday; Para(s). [0005]: applying an initial prioritization level to the data subject access request, wherein the initial prioritization level identifies where in an order of a plurality of data subject access requests found in a fulfillment data subject access request queue that the data subject access request is to be fulfilled, for instance, the condition affects at least one of an amount of computing resources or an amount of time needed for processing the data for fulfilling the data subject access request (i.e. determining that the second data provider has higher computationally intensive requirements per request than the first data provider)) based on the determining, allocate more network resources for processing requests over the second network as compared to processing requests over the first network. (Barday; Para(s). [0005]: updated order of the plurality of data subject access requests found in the fulfillment data subject access request queue based on the adjusted prioritization level (i.e. allocating more network resources for processing requests)) Barday is combinable with Hockey and Cheng because all are from the same field of endeavor of managing access requests. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Hockey and Cheng to incorporate prioritization of requests as in Barday in order to improve the functionality of the system by providing a means by which incoming requests are handled based on explicit priority or resource use. Prior Art Considered But Not Relied Upon Ezra (US 20240054240 A1) which teaches assisting users in gaining and granting authorization roles by automating some or all of the processes. Ford (US 20150310188 A1) which teaches managing digital rights management (DRM) protected content sharing in a networked secure collaborative computer data exchange environment. Conclusion For the above-stated reasons, claims 1-20 are rejected. Applicant’s amendment necessitated the new ground(s) of rejection presented in this Office action. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to BLAKE ISAAC NARRAMORE whose telephone number is (303)297-4357. The examiner can normally be reached on Monday - Friday 0700-1700 MT. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on (571) 272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or