DETAILED ACTION
This office action is in response to the application filed on 01/20/2026. Claim(s) 1-17 and 19 is/are pending and are examined. Claim 18 is cancelled.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 01/20/2026 has been entered.
Response to Arguments
Applicant's arguments filed on 01/20/2026 have been fully considered but they are not persuasive for the following reasons:
Applicant’s Argument:
As discussed during the interview, Michiels is directed to a fundamentally different problem than the claimed invention. Michiels describes a forensic method for verifying whether a suspect model is a copy of an original model by testing the suspect model with artificially constructed inputs and extracting bits from the model's outputs to verify a fingerprint. Critically, Michiels does not perform any binary classification on query samples received from users during normal operation of a neural network.
In contrast, the claims recite that the first test analyzes output generated by the neural network to make a binary determination of whether a query sample is a member of the subset. This binary classification operates on the neural network's output (e.g., via softmax, uncertainty quantification, or similar techniques) to distinguish problem domain samples from non-problem domain samples as queries are received.
Michiels simply does not teach or suggest this functionality. Michiels' fingerprint verification extracts predetermined bits from model outputs when testing with artificial inputs-it does not analyze model outputs to perform binary classification of incoming user queries. The "testing" in Michiels is a one-time verification process, not an ongoing classification of user queries to detect cloning attacks. Therefore, Michiels fails to teach or suggest the amended first test limitation. (Applicant’s response filed on 07/22/2025, page 8-9).
Examiner’s Response:
The Examiner respectfully disagrees. The claimed limitation, “the corresponding query sample to make a binary determination of whether the corresponding query sample is a member of the subset”, is a repetition of the previous limitation and does not appear to further limit the claimed limitation. Making a binary determination about the output of the model based on the corresponding input is functionally the same as determining whether or not that input is apart of a subset or not. There are only two binary options, if it is determined that it is apart of the subset (1) or if it is determined to not be apart of the subset (0). As such Michiels clearly teaches the claimed limitation in the cited portion ¶ 4, “selecting a set of extra input values, wherein the set of extra input values does not intersect with a set of training labeled input values for the machine learning model; selecting a first set of artificially encoded output label values corresponding to each of the extra input values…wherein the first set of artificially encoded output values are selected to indicate the fingerprint of a first machine learning model.” And Michiels ¶ 38-39, “the inclusion of a fingerprint in a ML model; and the identification of a fingerprint in a ML model based on its input/output behavior of the ML model while using the ML model.” ¶ 46-49, “For each i, check whether for all v E T.sub.i,in when v is input to M produces label.sub.i(v) as the output. All i that satisfy this property are added to the set C of candidate fingerprints for being included in M. The fingerprint of M is included in the derived set C.” As Michiels is taking theses input values, i.e., queries, and is running them through the model. If they satisfy the model they are added to a set of approved inputs or they dissatisfy the model they are not included. They are either apart of the subset or not, i.e., a binary determination. As such the cited art teaches the claimed limitation.
Applicant’s Argument:
As discussed during the interview, Applicant submits that one of ordinary skill in the art would not have been motivated to combine Michiels and Vesh in the manner suggested by the Office Action.
Michiels and Vesh are directed to fundamentally different problems occurring at different processing stages. Michiels operates after a cloning attack has been completed-it is a forensic tool for identifying whether a suspect model is a copy of an original model. Vesh, on the other hand, operates during model deployment to detect ongoing cloning attacks in real-time by monitoring disagreements.
One of ordinary skill in the art would not take Vesh's attack detection approach and apply it to Michiels' post-attack forensic verification system. In Michiels, the model owner already suspects copying has occurred and possesses or has access to a suspect model to test there is no need for real-time monitoring of user queries. Conversely, one would not modify Vesh to incorporate Michiels' fingerprinting approach because Vesh protects the legitimate model owner's own model during deployment. In other words, the model owner knows their own model is legitimate and has no reason to fingerprint-test it.
The combination would require fundamentally re-purposing one or both references in a way that defeats their respective objectives. This strongly suggests the combination is improper.
(Applicant’s response filed on 01/20/2026, page 10).
Examiner’s Response:
The Examiner respectfully disagrees. The concepts taught in Michiels and Vesh while different make sense to combine for the protection of an ML model for a cloning attack even if the respective arts go about, it at different stages of the investigative process. It would be beneficial for Michiels to be able to perform its process in real time before an attack has finished to minimize potential damage done to the system and limit the ability of the attacker to steal information. For Vesh a fingerprint creates authentication security, a backup for if there is something missed by the detection system. Another form of being able to verify that the system is authentic and has not been tampered with. As such it would have been obvious to one with ordinary skill the art, prior to the applicant's earliest effective filing date, to combine the teachings of Michiels with Vesh, to modify the embedding of a fingerprint into a ML model with the real time fault tolerance, correction, and attack detection method of Vesh. The motivation to do so, Vesh ¶ 52, prevent or lessen the effectiveness of malicious attacks performed using model cloning techniques or based on the input of images that lie outside of the domain of the machine-learning models.
2. Applicant's arguments with respect to amended claim(s) 1, 17, and 19 have been fully considered but are moot in view of the new ground(s) of rejection.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claim 1-17 and 19 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. The claims recite “in response to the corresponding query sample” which is unclear. In response to should be followed by a condition, action, or trigger which the limitation does not. Thus, Examiner is unable to ascertain the scope of the claim, and a rejection under 112(b) is proper. Examiner suggests adding a condition, action, or trigger after, in response to, to clarify the limitation.
The dependent claims included in the statement of rejection but not specifically addressed in the body of the rejection have inherited the deficiencies of their parent claim and have not resolved the deficiencies. Therefore, they are rejected based on the same rationale as applied to their parent claims above.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-4, 10, 12-17, and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Michiels (US 2020/0034663 A1), hereinafter Michiels in view of VESHCHIKOV (US 2021/0019663 A1), hereinafter Vesh in further view of SPYRIDOPOULOS (US 2022/0156368 A1), hereinafter Spyr.
Regarding Claim(s) 1, 17, and 19 Michiels teaches:
A method of protecting an implementation of a neural network against a cloning attack, (Michiels ¶ 37 and ¶ 69-74 teaches, non-volatile machine-readable media that can run code along with a computer processor. As a line of defense against such cloning attacks, the embodiments described herein describe a method for fingerprinting a machine learning model, such that the adversary may be identified based on the functional behavior of the machine learning model.) the neural network configured to generate a result based on an input sample from a predetermined domain of possible samples, the neural network trained to provide functionality corresponding to a subset of the domain, wherein the method comprises: (Michiels ¶ 4 teaches, selecting a set of extra input values, wherein the set of extra input values does not intersect with a set of training labeled input values for the machine learning model; selecting a first set of artificially encoded output label values corresponding to each of the extra input values in the set of extra input values, wherein the first set of artificially encoded output label values are selected to indicate the fingerprint of a first machine learning model; and training the machine learning model using a combination of the extra input values with associated first set of artificially encoded output values and the set of training labeled input values to produce the first learning model with the fingerprint. (i.e., domain of possible samples, the fingerprint inputs being a subset.))
receiving, from a user, a plurality of queries having a corresponding query sample from the domain and, for each query, performing a first test to determine whether or not the corresponding query sample is a member of the subset; (Michiels ¶ 38-39 teaches, the inclusion of a fingerprint in a ML model; and the identification of a fingerprint in a ML model based on its input/output behavior of the ML model while using the ML model. ¶ 46-49, For each i, check whether for all v E T.sub.i,in when v is input to M produces label.sub.i(v) as the output. All i that satisfy this property are added to the set C of candidate fingerprints for being included in M. The fingerprint of M is included in the derived set C.) wherein performing the first test comprises analyzing an output generated by the neural network in response to the corresponding query sample to make a binary determination of whether the corresponding query sample is a member of the subset (Michiels ¶ 38-39 teaches, the inclusion of a fingerprint in a ML model; and the identification of a fingerprint in a ML model based on its input/output behavior of the ML model while using the ML model. ¶ 46-49, For each i, check whether for all v E T.sub.i,in when v is input to M produces label.sub.i(v) as the output. All i that satisfy this property are added to the set C of candidate fingerprints for being included in M. The fingerprint of M is included in the derived set C.)
Michiels does not appear to explicitly teach but in related art:
performing a second test to identify whether the user is performing a cloning attack against the neural network, wherein the second test identifies that the user is performing a cloning attack against the neural network if a number of queries from the plurality of queries for which the corresponding query sample is […] not be a member of the subset exceeds a first threshold value; and (Vesh ¶ 62 teaches, By monitoring the history of disagreements, a sudden increase in disagreement rate (i.e., threshold) may provide a basis for detecting that a strong indicator for the model being under cloning attack.)
in response to the second test identifying that the user is performing a cloning attack against the neural network, performing one or more countermeasures for the cloning attack. (Vesh ¶ 78 teaches, this may help to determine if an attack (e.g., cloning or adversarial examples) is being performed on the machine-learning models of the system. A user of the system may decide to automatically limit queries or deny access under these circumstances.)
It would have been obvious to one with ordinary skill the art, prior to the applicant's earliest effective filing date, to combine the teachings of Michiels with Vesh, to modify the embedding of a fingerprint into a ML model with the fault tolerance, correction, and attack detection method of Vesh. The motivation to do so, Vesh ¶ 52, prevent or lessen the effectiveness of malicious attacks performed using model cloning techniques or based on the input of images that lie outside of the domain of the machine-learning models.
Michiels in view of Vesh does not appear to explicitly teach but in related art:
determined by the first test to (Spyr ¶ 55 teaches, n which a distributed model comprises the first (input) layer of the first worker device's local model and the second layer of a second worker device's local model, the output of the first (input) layer of the first worker device's local model may be transmitted to the second worker device and input into the second layer thereon. (i.e., a first models output is used for the second models input.))
It would have been obvious to one with ordinary skill the art, prior to the applicant's earliest effective filing date, to combine the teachings of Michiels in view of Vesh with Spyr, to modify the embedding of a fingerprint into a ML model with the fault tolerance, correction, and attack detection method of Vesh with the series of ML model inputs and outputs of Spyr. The motivation to do so, Spyr ¶ 3, to prevent byzantine failures.
Regarding Claim(s) 2 Michiels-Vesh-Spyr teaches:
The method of claim 1, wherein: (Michiels-Vesh-Spyr teaches the parent claim above)
(a) the functionality is based on a property of samples of the predetermined domain, and the corresponding subset is the set of samples from the predetermined domain for which that property satisfies one or more predetermined criteria; or
(b) the functionality is classification of samples of the predetermined domain according to one or more classes, and the corresponding subset is the set of samples from the predetermined domain that belong to one or more of the one or more classes; or
(c) the functionality is object detection, said object detection to detect one or more objects of one or more types within samples of the predetermined domain, and the corresponding subset is the set of samples from the predetermined domain that comprise at least one object of at least one of the one or more types. (Vesh ¶ 50-54 teaches, in the example given, the system is only able to classify an input image as a dog or cat. (i.e., object of predetermined domain) When an image is input that does not include a dog or cat (e.g., a kangaroo), the system 100 may output an “undefined” answer, instead of attempting to guess whether the image includes a dog or cat, either one of which would be an erroneous answer. The embodiments described herein may therefore reduce the number of errors output by the system. The embodiments may also prevent or lessen the effectiveness of malicious attacks performed using model cloning techniques or based on the input of images that lie outside of the domain of the machine-learning models.)
The motive given in Claim 1 is equally applicable to the above claim.
Regarding Claim(s) 3 Michiels-Vesh-Spyr teaches:
The method of claims 1 wherein: (Michiels-Vesh-Spyr teaches the parent claim above.)
(a) performing one or more countermeasures comprises preventing the user from using or accessing the implementation of the neural network; or
(b) performing one or more countermeasures comprises permitting the user to receive modified versions of responses generated by the neural network based on queries received from the user. (Vesh ¶ 78 teaches, this may help to determine if an attack (e.g., cloning or adversarial examples) is being performed on the machine-learning models of the system. A user of the system may decide to automatically limit queries or deny access under these circumstances.)
The motive given in Claim 1 is equally applicable to the above claim.
Regarding Claim(s) 4 Michiels-Vesh-Spyr teaches:
The method of claims 1 (Michiels-Vesh-Spyr teaches the parent claim above)
wherein the second test identifies that the user is not performing a cloning attack against the neural network if the number of queries from the plurality of queries for which the corresponding query sample is determined to not be a member of the subset does not exceed the first threshold value, wherein the method comprises:
in response to identifying that the user is not performing a cloning attack against the neural network, permitting the user to receive responses generated by the neural network based on queries received from the user. (Vesh ¶ 62 teaches, by monitoring the history of disagreements, a sudden increase in disagreement rate (i.e., threshold) may provide a basis for detecting that a strong indicator for the model being under cloning attack. ¶ 78 In these or other embodiments, the system and method may monitor the distribution of outputs over a series of inputs. This may help to determine if an attack (e.g., cloning or adversarial examples) is being performed on the machine-learning models of the system. A user of the system may decide to automatically limit queries or deny access under these circumstances. The system (e.g., the aggregator based on programming instructions stored in the computer-readable medium) may also produce random outputs in response to queries when the system is detected to be under attacker. This type of reaction may fool an attacker and he will continue the attack without knowing that it is failing (already failed).)
The motive given in Claim 1 is equally applicable to the above claim.
Regarding Claim(s) 10 Michiels-Vesh-Spyr teaches:
The method of claims 1 comprising one or both of: (Michiels-Vesh-Spyr teaches the parent limitation above)
(a) performing the first test each time a query is received from the user; and
(b) performing the second test each time a query is received from the user. (Michiels ¶ 38-39 teaches, the inclusion of a fingerprint in a ML model; and the identification of a fingerprint in a ML model based on its input/output behavior of the ML model while using the ML model. ¶ 46-49, For each i, check whether for all v E T.sub.i,in when v is input to M produces label.sub.i(v) as the output. All i that satisfy this property are added to the set C of candidate fingerprints for being included in M. The fingerprint of M is included in the derived set C.)
Regarding Claim(s) 12 Michiels-Vesh-Spyr teaches:
The method of claims 1 (Michiels-Vesh-Spyr teaches the parent limitation above) wherein the method is performed by a system or device that (a) provides the implementation of the neural network or (b) provides access to the implementation of the neural network. (Vesh ¶ 23 teaches, embodiment of a system for processing information using a plurality of machine-learning algorithms.)
The motive given in Claim 1 is equally applicable to the above claim.
Regarding Claim(s) 13 Michiels-Vesh-Spyr teaches:
The method of claims 1 (Michiels-Vesh-Spyr teaches the parent claim above) wherein the user is either (a) one or more human users or (b) one or more computing devices. (Vesh ¶ 28 teaches, the input (or answer) may then be output to a user.)
The motive given in Claim 1 is equally applicable to the above claim.
Regarding Claim(s) 14 Michiels-Vesh-Spyr teaches:
The method of claim 1, (Michiels-Vesh-Spyr teaches the parent claim above) wherein the functionality is classification of samples of the predetermined domain according to one or more classes. (Michiels ¶ 35 teaches, the ML model is trained using data of which the desired output is given. Such training data is called labelled data. The ML model used during deployment includes a model of a certain model class and learned parameters for the model based upon the training process. The model class refers to the approach taken by the ML model. Among most common examples one may find Neural Networks (NN))
Regarding Claim(s) 15 Michiels-Vesh-Spyr teaches:
The method of claim 14, (Michiels-Vesh-Spyr teaches the parent claim above) wherein the domain comprises samples that do not correspond to any of the one or more classes. (Vesh ¶ 53 teaches, in the example given, the system is only able to classify an input image as a dog or cat. When an image is input that does not include a dog or cat (e.g., a kangaroo), the system may output an “undefined” answer)
The motive given in Claim 1 is equally applicable to the above claim.
Regarding Claim(s) 16 Michiels-Vesh-Spyr teaches:
The method of any one of claim 1, (Michiels-Vesh-Spyr teaches the parent claim above) wherein the functionality is object detection, said object detection to detect one or more objects of one or more types within samples of the predetermined domain. (Vesh ¶ 53 teaches, in the example given, the system is only able to classify an input image as a dog or cat. When an image is input that does not include a dog or cat (e.g., a kangaroo), the system may output an “undefined” answer)
The motive given in Claim 1 is equally applicable to the above claim.
Claim(s) 5 and 11 is/are rejected under 35 U.S.C. 103 as being unpatentable over Michiels-Vesh-Spyr as applied to claim 1 above, and further in view of Himajit (WO 2020/259946 A1), Himajit.
Regarding Claim(s) 5 Michiels-Vesh-Spyr teaches:
The method of claims 1 (Michiels-Vesh-Spyr teaches the parent claim above.)
Michiels-Vesh-Spyr does not teach but in related art Himajit teaches:
comprising identifying the first threshold based on the number of queries in the plurality of queries and a target probability of incorrectly identifying that the user is performing a cloning attack against the neural network. (Himajit ¶ 34 teaches, factors used in studying user behavior for profiling the user may include the types of the wrong inputs provided by the user, number of times the user provided the wrong inputs, the time of the day when the user provided the wrong inputs etc. The cumulative information gain of the user is computed using these factors. ¶ 38, In addition the user profile may be used to determine whether the user is habitual attacker or was it one time attack or was it only incidental attack etc. Depending upon the user profile, the steps for unlocking of the system may be determined. If it was first time attacker, the user may be locked out temporarily. If the attacker is habitual attacker then a stricter unlocking steps may be suggested.)
It would have been obvious to one with ordinary skill the art, prior to the applicant's earliest effective filing date, to combine the teachings of Michiels-Vesh-Spyr with Himajit, to modify the embedding of a fingerprint into a ML model with the fault tolerance, correction, and attack detection method of Vesh with the series of ML model inputs and outputs of Spyr with the method to prevent capturing of models of Himajit. The motivation to do so, Himajit ¶ 1, to prevent attacks on the AI based systems, where the attacks are aimed at stealing the models used in the AI which are deployed in target environment.
Regarding Claim(s) 11 Michiels-Vesh-Spyr-Himajit teaches:
The method of claims 1, (Michiels-Vesh-Spyr-Himajit teaches the parent limitation above)
comprising performing the second test only after a predetermined number of queries have been received from the user. (Himajit ¶ 36 teaches the concept, the cumulative gain extracted by the user exceeds a pre-defined threshold. The unlocking criteria may be a certain event, for example, a fixed number of right inputs.)
The motive given in Claim 5 is equally applicable to the above claim.
Claim(s) 6 is/are rejected under 35 U.S.C. 103 as being unpatentable over Michiels-Vesh-Spyr as applied to claim 1 above, and further in view of Nie (US 2022/0245219 A1), Nie.
Regarding Claim(s) 6 Michiels-Vesh-Spyr teaches:
The method of any one of the preceding claims 1 (Michiels-Vesh-Spyr teaches the parent claim above.)
Michiels-Vesh-Spyr does not appear to explicitly teach but in related art:
wherein performing the first test to determine whether or not the corresponding query sample is a member of the subset comprises performing a comparison of a first likelihood and a second likelihood, the first likelihood based on the query sample and a null hypothesis that the query sample is a member of the subset, the second likelihood based on the query sample and an alternative hypothesis that the query sample is not a member of the subset. (Nie ¶ 17 teaches the concept, The logarithm of the likelihood ratio of the observed samples under null and alternative hypotheses may be used as test statistics)
It would have been obvious to one with ordinary skill the art, prior to the applicant's earliest effective filing date, to combine the teachings of Michiels-Vesh-Spyr with Nie, to modify the embedding of a fingerprint into a ML model with the fault tolerance, correction, and attack detection method of Vesh with the series of ML model inputs and outputs of Spyr with the comparing of samples under different hypothesis of Nie. The motivation to do so, Nie ¶ 4, to control false positive/negative rates.
Claim(s) 8-9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Michiels-Vesh-Spyr-Nie as applied to claim 1 above, and further in view of Duval (US 2014/0283034 A1), Duval.
Regarding Claim(s) 8 Michiels-Vesh-Spyr-Nie teaches:
The method of claim 6, (Michiels-Vesh-Nie teaches the parent limitation above.)
Michiels-Vesh-Nie does not appear to explicitly teach but in related art:
wherein performing the comparison of the first likelihood and the second likelihood comprises comparing a ratio of the first likelihood and the second likelihood to a second threshold value. (Duval ¶ 29 teaches the concept, the computed ratio is compared to a threshold rather than exact number in order to avoid false positive profiling of illegitimately used secure devices.)
It would have been obvious to one with ordinary skill the art, prior to the applicant's earliest effective filing date, to combine the teachings of Michiels-Vesh-Spyr-Nie with Duval, to modify the embedding of a fingerprint into a ML model with the fault tolerance, correction, and attack detection method of Vesh with the series of ML model inputs and outputs of Spyr with the comparing of samples under different hypothesis of Nie with the comparing of a ratio to a threshold of Duval. The motivation to do so, Duval ¶ 28, to identify illegitimate secure devices, countermeasures to prevent against illegitimate uses
Regarding Claim(s) 9 Michiels-Vesh-Spyr-Nie-Duval teaches:
The method of claim 8, wherein: (Michiels-Vesh-Spyr-Nie teaches the parent limitation above.)
(a) the second threshold value is set so that a false positive probability of the first test equals a false negative probability of the test; or
(b) the second threshold value is set so that a false positive probability of the first test is at most a target false positive probability; or
(c) the second threshold value is set so that a false negative probability of the first test is at most a target false negative probability. (Duval ¶ 29 teaches, the computed ratio is compared to a threshold rather than exact number in order to avoid false positive profiling of illegitimately used secure devices.)
The motive given in Claim 8 is equally applicable to the above claim.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 2020/0104754 A1 - METHOD FOR MANAGING A MACHINE LEARNING MODEL
US 2021/0034721 A1 - MACHINE LEARNING MODEL AND METHOD FOR DETERMINING IF THE MACHINE LEARNING MODEL HAS BEEN COPIED
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JACOB BENEDICT KNACKSTEDT whose telephone number is (703)756-5608. The examiner can normally be reached Monday-Friday 8:00 am - 5:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Linglan Edwards can be reached on (571) 270-5440. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/J.B.K./Examiner, Art Unit 2408
/LINGLAN EDWARDS/Supervisory Patent Examiner, Art Unit 2408