USER CONSENT SERVICE UTILIZING MOBILE DEVICE IDENTIFIERS

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Amendment The amendment filed 13 November 2025 have been entered. Applicant amended claims 21, 24, 32, and 35. Applicant canceled claims 23 and 34 and previously cancelled claims 1-20, 25-26, and 36-37. Accordingly, claims 21-22, 24, 27-33, 35, and 38-40 remain pending. Response to Arguments Regarding the 35 USC 103 Rejection: Applicant’s arguments, filed 13 November 2025, with respect to 35 USC 103 rejection have been fully considered and are persuasive. The 35 USC 103 rejection of 16 May 2025 has been withdrawn. Regarding the 35 USC 101 Rejection: Applicant's arguments filed 13 November 2025 have been fully considered but they are not persuasive. Applicant’s remarks 1: Applicant respectfully submits that the amended claims do not recite a mental process or any other judicial exception at Step 2A, Prong One of the Alice test. That is, and as described in greater detail below, the Applicant's amended claims are directed to a system that enables the secure sharing of user-associated data in a multi-party computing environment (e.g., by a mobile network operator with a service provider). In particular, and as described in greater detail below, the Applicant's amended claims describe a system capable of maintaining, selecting, and updating consent records associated with users and enabling the multi-party data sharing, which are actions that a human mind could not reasonably perform. Moreover, Applicant respectfully submits that the pending amended claims do not recite a mental process or any other category of abstract idea, as described at MPEP 2106.04(a)(2). For instance, unlike the examples of mental processes, Applicant's claimed technology relates to specific computer-implemented methods and related systems for identifying, manipulating, and storing consent records which enable sharing of data between a mobile network operator and service providers. For example, the amended claim 21 describes a computer-implemented method for operating a system that includes a plurality of consent records, where each record is associated with a user, a mobile network operator associated with the user, and a plurality of consent data that are each associated with a service provider and a consent status. That is, each user- associated consent record can apply to different mobile network operators (depending, e.g., on the mobile network operator with which each user is subscribed) and different service providers (depending, e.g., on the different service providers that provide services to each user). Further, the system can receive consent updates from many different service providers, each of which may characterize the consents given by a user with respect to a service provider. The system then updates the respective consent records based on these consent updates by determining if any existing consent data of the respective consent records is associated with the service provider. Examiner’s remarks: The elements that were determined to be an abstract idea which can be performed in the human mind using pencil and paper were “the consent status enabling”, “selecting a consent record”, “determining whether any of the plurality of consent data is associated with a service provider identifier…”, “updating the selected consent record….”, “when it is determined...”. These elements could practically be performed in the human mind using pencil and paper. Except for the recitation of generic computer components and being computer implemented, nothing in the claims preclude the steps from being performed in the human mind using pencil and paper. The generic computer components amounts to no more than mere instructions to apply the exception. Implementing an abstract idea on a generic computer does not integrate the abstract idea into a practical application or add significantly more. It was determine that the claims fail to provide additional limitations that amounts to more than the abstract idea. To overcome the 35 USC 101 rejection, it is recommended for Applicant to amend the claims such that there are additional elements that amounts to more than the abstract idea. For example, limitations directed to a result such as how the claims provides an improvement to account security (as disclosed in Applicant’s specification, paragraph 3), provided there is sufficient support in the Applicant’s specification. Applicant remarks 2: Further, amended claim 21 further describes the manner in which the maintained consent records enable the sharing of user-associated data between different parties. Specifically, amended claim 21 describes user data that is maintained at computing systems of mobile network operators. The mobile network operators can share this user data with service providers. The consent records, maintained at a computing system, each identify a user, a mobile network operator associated with the user, and service providers. Each of the consent records contains consent data, and each consent data identifies a service provider and a consent status. Each consent status describes the consent given by a user to enable the mobile network operators to share the user data with the service provider. This can allow, for example, mobile network operators to validate that the user has consented to sharing user data by accessing the consent record that contains the consent status information. If the consent status indicates that the user has consented to the sharing of the user data to the service provider, then the mobile network operator is enabled to share the user data with the service provider. Thus, the computing system that contains, manipulates, and identifies the consent records facilitates the operation of a complex network of interconnected services, parties, and computing systems that enable the sharing of data between independent and distinct parties. The Applicant submits that the maintenance and update of such consent records cannot be practically performed by the human mind. The consent records store many distinct consent data that enable sharing of user data, maintained by different mobile network operators, on behalf of many users, and sent to separate service providers. These consent records are updated in response to consent updates regarding many users, such that the system may track user consents on an ongoing basis. The enablement of sharing data between such distinct entities utilizing systems and resources that are maintained by many different actors, as effected by the maintenance and update of the consent records described in claim 21, is outside of the scope of what can be practically performed by the human mind. Examiner’s remarks: The limitation “maintaining consent records…” was determined to be an additional element of storage of data. Storage of data is insignificant extra-solution activity and activity that is well-understood and conventional. Thus, the additional element of maintaining consent record do not integrate the abstract idea into a practical application. The limitations of “sharing of data…by the mobile network operator” was determined to be an additional element of transmitting and receiving data. Transmitting and receiving data is insignificant extra-solution activity and activity that is well-understood and conventional. Thus, the additional element do not integrate the abstract idea into a practical application. To overcome the 35 USC 101 rejection, it is recommended for Applicant to amend the claims such that there are additional elements that amounts to more than the abstract idea. For example, limitations directed to how the claims provides an improvement to account security (as disclosed in Applicant’s specification, paragraph 3), provided there is sufficient support in the Applicant’s specification. Applicant remarks 3: Amended claim 21 reflects this improvement by describing a computer-implemented method for specific actions regarding the maintenance and updating of consent records, each of which contains a user identifier, a mobile network identifier, and a plurality of consent data, which can enable the sharing of data by the mobile network operator, identified in the record, with a service provider. In particular, amended claim 21 recites maintaining such a "plurality of consent records" containing consent statuses that each "enable[e] sharing of data by the mobile network operator with a service provider" associated with the consent status," thus reflecting such an improvement. Furthermore, the structure of the described consent records is novel, and thus the claimed solution pertaining to updating such records is also novel and is a tangible improvement in the field of consent management systems. These improvements address the technical issues associated with the sharing of user data by mobile network operators. See MPEP 2106.05(a)(I) and Amdocs (Israel), Ltd. v. Openet Telecom, Inc., 841 F.3d 1288, 1300-01, 120 USPQ2d 1527, 1536-37 (Fed. Cir. 2016) (directed to a distributed network architecture that reduces network congestion while generating networking accounting data records). Thus, amended claim 21 is eligible under Step 2A(2) of the Alice/Mayo inquiry because the claim integrates its abstract idea into a practical application by providing specific improvements to computer technology in the field of digital privacy and consent management systems. Examiner’s remarks: This is not persuasive. The limitation “maintaining consent records…” was determined to be an additional element of storage of data. Storage of data is insignificant extra-solution activity and activity that is well-understood and conventional. Thus, the additional element of maintaining consent record do not integrate the abstract idea into a practical application. The limitations of “sharing of data…by the mobile network operator” was determined to be an additional element of transmitting and receiving data. Transmitting and receiving data is insignificant extra-solution activity and activity that is well-understood and conventional. Thus, the additional element do not integrate the abstract idea into a practical application. Updating records is also part of the abstract idea, wherein the structure of the record further narrows the consent records. Applicant has failed to provide sufficient support as to how updating records cannot be performed in the human mind using pencil and paper. To potential overcome the 101 rejection, it is requested to amend the claims such that there are additional elements that amounts to more than the abstract idea. For example, limitations directed to how the claims provides an improvement to account security (as disclosed in Applicant’s specification, paragraph 3), provided there is sufficient support in the Applicant’s specification. Applicant remarks 4: As previously discussed, amended claim 21 is not directed to an abstract idea under Step 2A(1), and, even if it was directed to an abstract idea, the claim is eligible under Step 2A(2) of the Alice/Mayo inquiry because the abstract idea is integrated into a practical application. Thus, there should be no need to consider whether there is "significantly more" under Step 2B of Alice/Mayo. However, even if the abstract idea is not integrated into a practical application, the elements of amended claim 21 – individually and as an ordered combination - amount to "significantly more" than the judicial exception. … Amended claim 21 is "significantly more" because it recites specific, meaningful, and unconventional limitations that confine the claims to the particular, useful application of updating the consent status records of a database with a particular novel format of consent record. More specifically, amended claim 21 is tailored to the specific problem of facilitating the sharing of user data maintained by mobile network operators with third- party service providers. It is confined to a specific approach (e.g., cataloging user consent records that are associated with a user, a mobile network operator, and a plurality of service providers with associated consent statuses, such that the record enables the sharing of the associated user data, by a mobile network operator, with different service providers). The Supreme Court in Alice has described the policy rationale behind abstract idea exclusions under § 101 as one of preemption. Specifically, the Alice analysis asks whether the claims, if upheld, would preempt use of the approach in all fields and effectively grant a monopoly over the abstract idea. (Alice, slip op. 5-6.) In the present case, no such preemption concern exists, as the issuance of the claims clearly would not grant a monopoly over the alleged abstract idea(s) of "the consent status enabling," "selecting a consent record," "determining whether any of the plurality of consent data is associated with a service provider identifier of the consent update," and "updating the selected consent record" as framed by the Examiner. There are many other ways to maintain, select, and update consent records that enable the sharing of data and which do not involve the specific approach and limitations recited in amended claim 21. Accordingly, amended claim 21 is eligible under Step 2B of the Alice/Mayo inquiry because its limitations amount to "significantly more" than the judicial exception. Examiner’s remarks: This is not persuasive. Please see examiner’s remarks above. To overcome the 35 USC 101 rejection, it is recommended for Applicant to amend the claims such that there are additional elements that amounts to more than the abstract idea. For example, limitations directed to how the claims provides an improvement to account security (as disclosed in Applicant’s specification, paragraph 3), provided there is sufficient support in the Applicant’s specification. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 21-22, 24, 27—33,35, and 39-40 are rejected under 35 U.S.C. 101 because the claimed invention is directed to the abstract idea of a mental process without significantly more. The independent claim(s) recite(s) “the consent status enabling” (determination of enablement is done in the mind) ;“selecting, from the plurality of consent records, a consent record based on the user identifier of the consent record and the user identifier of the consent update”; “determining whether any of the plurality of consent data, of the selected consent record, is associated with the service provider identifier of the consent update”, “updating the selected consent record…”, “when it is determined that one of the consent data…updating the consent data based on the consent update”, “when it is determined that none of the consent data…generating a new consent data associated with the selected consent record…”. The limitations above pertaining to the method for maintaining consent records for a plurality of users are directed to steps that under its broadest reasonable interpretation covers performance of the limitations being an abstract idea directed to a mental process. The steps can be manually performed by a human using pencil and paper. Therefore, nothing in the claimed elements preclude the steps from being practically performed manually by a human via a mental process using pencil and paper. If a claim under its broadest reasonable interpretation covers performance in the mind, or by a human using pencil and paper, then it falls within the mental processing grouping of abstract ideas. Accordingly, claims 21 and 32 recite an abstract idea. This judicial exception is not integrated into a practical application. Claims 21 and 32 recite several additional elements which are “maintaining, at a computing system, a plurality of consent records, wherein each consent record comprises a user identifier associated with a mobile device of a user, a mobile network operator identifier associated with a mobile network operator with which the user is subscribed, and a plurality of consent data, wherein each consent data comprises a service provider identifier and a consent status”; “sharing of data…associated with the user, maintained by the mobile network operator …”; “receiving a consent update, the consent update comprising a user identifier and a consent status, wherein the consent update is associated with a service provider identifier”; and “computer-implemented …”/ “non-transitory computer-readable medium carrying instructions configured to cause one or more processors to perform operations”. The additional elements of “maintaining consent records in a computer system” and “the consent status maintained at a mobile network operator computing system” are merely storage of data which is insignificant extra-solution activity and activity that is well-understood and conventional. Thus, the additional element do not integrate the abstract idea into a practical application. The second additional element of “…sharing of data…by the mobile network operator …” is merely generalize limitation of transmitting and receiving of data which is insignificant extra-solution activity and activity that is well-understood and conventional. Thus, the additional element do not integrate the abstract idea into a practical application. The third additional element of ““receiving a consent update, the consent update comprising a user identifier and a consent status, wherein the consent update is associated with a service provider identifier” is merely transmitting and receiving data which is insignificant extra-solution activity and activity that is well-understood and convention. In addition, the components of the consent updates further narrow the consent update limitation. Thus, the additional element do not integrate the abstract idea into a practical application. The fourth additional element of “computer-implemented …”/ “non-transitory computer-readable medium carrying instructions configured to cause one or more processors to perform operations” are computer components which entails the steps being computer implemented and are recited at a high level of generality such that the generic computer amounts to no more than mere instructions to apply the exception. Implementing an abstract idea on a generic computer does not integrate the abstract idea into a practical application or add significantly more. Thus, the independent claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception. Accordingly, claims 21 and 32 are not eligible under 35 USC 101. The limitations recited in claims 22 and 33, under the broadest reasonable interpretation, further narrow the consent record that is recited in the independent claims. Claims 22 and 33 do not provide additional elements that integrate the abstract idea into a practical application. Thus claims 22 and 33 are not eligible under 35 USC 101. The limitations recited in claims 24 and 35, under the broadest reasonable interpretation, provide further limitations of selecting and updating the consent data, wherein these steps can further be performed mentally in the human mind and with the aid of pencil and paper. Thus, claims 24 and 35 do not provide additional elements that integrate the abstract idea into a practical application. Thus claims 24 and 35 are not eligible under 35 USC 101. The limitations recited in claim 27 and 38, under the broadest reasonable interpretation, provide further limitations of updating the consent data, wherein these steps can further be performed mentally in the human mind and with the aid of pencil and paper. Thus, claims 27 and 38 do not provide additional elements that integrate the abstract idea into a practical application. Thus claims 27 and 38 are not eligible under 35 USC 101. The limitations recited in claim 28 and 39, under the broadest reasonable interpretation, provide narrow limitations of consent update. Thus, claims 28 and 39 do not provide additional elements that integrate the abstract idea into a practical application. Thus claims 28 and 39 are not eligible under 35 USC 101. The limitations recited in claim 29 and 40, under the broadest reasonable interpretation, provide narrow limitations of the selected consent data. Thus, claims 29 and 40 do not provide additional elements that integrate the abstract idea into a practical application. Thus claim 29 and 40 are not eligible under 35 USC 101. The limitations recited in claim 30, under the broadest reasonable interpretation, involves the transmission of data which is well known insignificant extra solution activity that is well-understood and conventional. Thus, claim 30 does not provide additional elements that integrate the abstract idea into a practical application. Thus claim 30 is not eligible under 35 USC 101. The limitations recited in claim 31, under the broadest reasonable interpretation, involves the transmission of data which is well known insignificant extra solution activity that is well-understood and conventional. In addition, the approval and denying a request for user data is a step that can further be performed mentally in the human mind and with the aid of pencil and paper. Thus, claim 31 does not provide additional elements that integrate the abstract idea into a practical application. Thus claim 31 is not eligible under 35 USC 101. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to FELICIA FARROW whose telephone number is (571)272-1856. The examiner can normally be reached M - F 7:30am-4:00pm (EST). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Lagor can be reached at (571)270-5143. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /F.F/Examiner, Art Unit 2437 /ALI S ABYANEH/Primary Examiner, Art Unit 2437