DETAILED ACTION
In response to the communication filed on 01/12/2026, responded in following:
On this Office Action, claims 1-7 and 14-20, consisting of independent claims 1 and 14.
Claims 1-7 and 14-20 are pending.
Claims 1-7 and 14-20 are rejected under the 35 USC § 103.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s arguments, with respect to claim rejections under 35 USC § 101, have been fully considered and are persuasive. The rejection has been withdrawn.
Applicant’s arguments, with respect to the claim rejections under 35 USC § 103, have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground of rejection is presented in this Office Action. For a comprehensive understanding of rejection, please refer to the 35 U.S.C. § 102 and 103 section below. This is Non-Final Office Action.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1-4 and 14-17 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Plötzeneder et al. (US 20230328041 A1, hereinafter “Plötzeneder”).
Regarding claim 1, Plötzeneder discloses a system, comprising:
a memory having, stored therein, computer program code; and one or more processing units operatively coupled to the memory and configured to execute instructions in the computer program code that cause the one or more processing units to (Plötzeneder: [0176] the present disclosure may be embodied as a computer-readable storage medium (or multiple computer readable media) (e.g., a computer memory):
obtain a first cleartext dataset comprising a first plurality of datum (Plötzeneder: [0083] obtaining a first request 110, the first request 110 including first data indicating actions that happened at a client device 1 and second data that is associated with the first data and that is based on personally identifiable information (“first cleartext dataset comprising a first plurality of datum”, See more details in para.[0091] regarding PII) associated with the client device 1; quarantining at least the second data, wherein the quarantining at least includes storing at least the second data in a data storage 102);
generate a first synthetic dataset based, at least in part, on the first cleartext dataset, wherein the first synthetic dataset comprises a second plurality of datum (Plötzeneder: [0083] retrieving data from the data storage 102, wherein the retrieved data is based on the stored second data; and generating a third request 130 to be transmitted to a server 1000 external to the one or more first computers, wherein the third request 130 includes the first data and synthetic data (“first synthetic dataset”, See more details in para.[0086]) associated with the first data, wherein the synthetic data is based on the retrieved data and was synthesized based on the personally identifiable information. The second data may be or include the personally identifiable information or may be the synthetic data that was synthesized based on the personally identifiable information);
apply at least one pseudonymization technique to at least one datum in the first synthetic dataset to generate a first enhanced synthetic dataset (Plötzeneder: [0089] As illustrated by FIG. 6 , the synthesis of synthetic data is performed by the synthesizer 10 after the second data is stored in data storage 102 and after the second data is retrieved from data storage 102 (as retrieved data that is based on the second data), as shown by FIG. 5; [0102] the third request 130 is a further tracking request generated with obfuscated, reduced, generalized, hashed or otherwise (pseudo-)anonymized versions of the personally identifiable information of the first request 110 (“apply at least one pseudonymization technique to at least one datum”) for evaluating the actions by the user at the client device 1. The additional preferred means to provide improved data synthesis at the synthesizer 10 further enhance data security of the PII by contributing to full anonymization); and
perform at least one analysis operation on the first enhanced synthetic dataset (Plötzeneder: [0084] The external server 1000 may be configured to host the third party analytics tool software for analyzing actions that happened at the client device 1).
Regarding claim 2, Plötzeneder teaches all elements of the current invention as stated above. Plötzeneder discloses the system of claim 1, wherein the instructions in the computer program code further cause the one or more processing units to:
transmit the first enhanced synthetic dataset to a third-party (Plötzeneder: [0084] The external server 1000 may be configured to host the third party analytics tool software for analyzing actions that happened at the client device 1).
Regarding claim 3, Plötzeneder teaches all elements of the current invention as stated above. Plötzeneder discloses the system of claim 1, wherein the instructions that cause the one or more processing units to apply at least one pseudonymization technique to at least one datum in the first synthetic dataset further comprise instructions that cause the one or more processing units to:
pseudonymize at least one field name in the first synthetic dataset (Plötzeneder: [0005] The PII can, for example, include a session identifier associated with a user of a client device a portion of an IP address of the client device, a user-agent of a browser used by a user at the client device, a contact address associated with a user of the client device, a name associated with a user of the client device, a browser version and/or other identifiers (example of “one field name in the first synthetic dataset”); [0102] the third request 130 is a further tracking request generated with obfuscated, reduced, generalized, hashed or otherwise (pseudo-)anonymized versions of the personally identifiable information of the first request 110 (“apply at least one pseudonymization technique to at least one datum”) for evaluating the actions by the user at the client device 1).
Regarding claim 4, Plötzeneder teaches all elements of the current invention as stated above. Plötzeneder discloses the system of claim 1, wherein the instructions that cause the one or more processing units to apply at least one pseudonymization technique to at least one datum in the first synthetic dataset further comprise instructions that cause the one or more processing units to:
perform a generalization operation on at least one field in the first synthetic dataset (Plötzeneder: [0102] That is, the third request 130 is a further tracking request generated with obfuscated, reduced, generalized (“generalization operation”), hashed or otherwise (pseudo-)anonymized versions of the personally identifiable information of the first request 110 for evaluating the actions by the user at the client device 1).
Regarding independent claim 14, it is a method claim that corresponds to claim 1. Therefore, the claim is rejected for at least the same reasons as the system of claim 1.
Regarding claim 15, it is a method claim that corresponds to claim 2. Therefore, the claim is rejected for at least the same reasons as the system of claim 2.
Regarding claim 16, it is a method claim that corresponds to claim 3. Therefore, the claim is rejected for at least the same reasons as the system of claim 3.
Regarding claim 17, it is a method claim that corresponds to claim 4. Therefore, the claim is rejected for at least the same reasons as the system of claim 4.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 5 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Plötzeneder et al. (US 20230328041 A1, hereinafter “Plötzeneder”) in view of Jalal et al. (US 20230259654 A1, hereinafter “Jalal”).
Regarding claim 5, Plötzeneder teaches all elements of the current invention as stated above. However, Plötzeneder disclose the “Generalized data” in paragraph [0040].
Jalal, in a same field of endeavor, further teaches the system of claim 1, wherein the instructions that cause the one or more processing units to apply at least one pseudonymization technique to at least one datum in the first synthetic dataset further comprise instructions that cause the one or more processing units to:
apply at least one pseudonymization technique to fewer than all of the second plurality of datum in the first synthetic dataset (Jalal: [0076] The one or more operations for anonymization include data masking, pseudonymization, generalization, data swapping, data perturbation, synthetic data, or any combination thereof. Generalization is a technique to remove a portion of the data or replaces some part of the data with a common value. For example, generalization may be used to remove or replace segments of all social security or medical insurance numbers with the same sequence of numbers (“pseudonymization technique is applied fewer times,” because common value has been considered by the generalization)).
Before the effective filing date of the claimed invention, it would have been obvious for one of ordinary skill in the art to have modified the quarantine server disclosed by Plötzeneder with the teachings of Jalal to apply at least one pseudonymization technique to fewer than all of the second plurality of datum in the first synthetic dataset. One of ordinary skill in the art would have been motivated to make this modification because generalization produce models that can make reliable predictions in real-world scenarios because reducing the number of pseudonymized fields, lies in striking a balance between data utility and privacy protection.
Regarding claim 18, it is a method claim that corresponds to claim 5. Therefore, the claim is rejected for at least the same reasons as the system of claim 5.
Claims 6 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Plötzeneder et al. (US 20230328041 A1, hereinafter “Plötzeneder”) in view of Kannan et al. (US 20220343151 A1, hereinafter “Kannan”).
Regarding claim 6, Plötzeneder teaches all elements of the current invention as stated above. However, Plötzeneder does not disclose, Kannan, in a same field of endeavor, discloses the system of claim 1, wherein the instructions in the computer program code further cause the one or more processing units to:
train a machine learning (ML) model with the first enhanced synthetic dataset (Kannan: [0082] The de-identification techniques may include at least one of: one or more anonymization techniques and one or more pseudonymization techniques. The techniques depicted in FIG. 4 may further include training a deep neural network using one or more training labeled samples to identify at least a portion of the de-identification techniques; [0127] synthetic training data can be generated to improve machine learning models (such as, for example, models for entity resolution and link prediction)).
Before the effective filing date of the claimed invention, it would have been obvious for one of ordinary skill in the art to have modified the quarantine server disclosed by Plötzeneder with the teachings of Kannan to train a machine learning (ML) model with the first enhanced synthetic dataset. One of ordinary skill in the art would have been motivated to make this modification because high-quality synthetic data contains no personally identifiable information (PII), it eliminates the risk of sensitive data breaches during the training process.
Regarding claim 19, it is a method claim that corresponds to claim 6. Therefore, the claim is rejected for at least the same reasons as the system of claim 6.
Claims 7 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Plötzeneder et al. (US 20230328041 A1, hereinafter “Plötzeneder”) in view of Kannan et al. (US 20220343151 A1, hereinafter “Kannan”), and further in view of Yan (US 20200401716 A1, hereinafter “Yan”).
Regarding claim 7, the combination of Plötzeneder and Kannan teaches all elements of the current invention as stated above. However, the combination does not disclose, Yan, in a same field of endeavor, discloses the system of claim 6, wherein the instructions in the computer program code further cause the one or more processing units to:
use the trained ML model to restore the first enhanced synthetic dataset to a cleartext dataset (Kwon: [0027] unsupervised training of the autoencoder may involve iteratively processing a training corpus of natural language texts. For each natural language text of the corpus, the values of z (the encoded representation of the natural language text) and X′ (the restored original natural language text) may be computed, and the difference between those values ∥X−X′∥ may be determined).
Before the effective filing date of the claimed invention, it would have been obvious for one of ordinary skill in the art to have modified the quarantine server disclosed by Plötzeneder with the teachings of Yan to use the trained ML model to restore the first enhanced synthetic dataset to a cleartext dataset. One of ordinary skill in the art would have been motivated to make this modification because it allows to adjust differential privacy noise levels to find the "sweet spot" where data is safe but still restores to a high-utility state.
Regarding claim 20, it is a method claim that corresponds to claim 7. Therefore, the claim is rejected for at least the same reasons as the system of claim 7.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Goodsitt et al. (US 20230289665 A1): [0050] At procedure 315, dataset generator 220 can be configured to generate an initial synthetic dataset (e.g., which can include sensitive and non-sensitive data) using a class-specific model. For example, dataset generator 220 can generate a synthetic social security number using a synthetic data model trained to generate social security numbers. This class-specific synthetic data model can be trained to generate synthetic portions similar to those appearing in the actual data. For example, as social security numbers include an area number indicating geographic information, and a group number indicating date-dependent information, the range of social security numbers present in an actual dataset can depend on the geographic origin and purpose of that dataset. A dataset of social security numbers for elementary school children in a particular school district may exhibit different characteristics than a dataset of social security numbers for employees of a national corporation. The social security-specific synthetic data model can generate the synthetic portion “03-74-3285.”
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANDREW SUH whose telephone number is (571)270-5524. The examiner can normally be reached 9:00 AM- 5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached at (571) 272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ANDREW SUH/Examiner, Art Unit 2493