DATA CLEANROOM COLLABORATIONS CONTROL AND MEMBERSHIP RESTRICTIONS

§102 §103 §DP

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Election/Restrictions Claims 11-17 and 19-20 are withdrawn from further consideration pursuant to 37 CFR 1.142(b), as being drawn to a nonelected invention, there being no allowable generic or linking claim. Applicant timely traversed the restriction (election) requirement in the reply filed on January 26, 2026. In the Reply, Applicant argues at pages 7-9 that all of the claims should be examined because each of the independent claims are essentially identical, save for the fact that the independent claims separately cover the subject matter of a method, a system, and a computer readable medium. The Examiner respectfully disagrees with this argument. An applicant could present the following two independent claims: Claim 1. An apparatus for transporting at least one passenger, the apparatus comprising a vehicle, the vehicle comprising four wheels with each wheel hosting a tire, an engine controlled in part by a microprocessor, and a body configured to seat the at least one passenger, wherein the vehicle is engaged to transport the at least one passenger. Claim 3. A method for transporting a person with a vehicle, wherein the vehicle comprises four wheels with each wheel hosting a tire, an engine controlled in part by a microprocessor, and a body configured to seat at least one passenger, the method comprising: engaging the vehicle to transport the at least one passenger. Based upon the apparatus and method claims, the Applicant presents the following dependent claims: Claim 2. The apparatus of claim 1, wherein the tire comprises organic compounds A, B, and C. Claim 4. The method of claim 3, wherein the microprocessor comprises a secure area to store private and public encryption keys. In the above scenario, Applicant would maintain that because the independent claims are essentially identical, the dependent claims must also be examined. In this example, clearly the dependent claims are distinct, as well as independent, inventions. Under such circumstances, restriction is proper. Although the basis for restriction in the instant case is not as obvious as the example above (i.e., independent inventions are certainly not at issue here), the Examiner maintains that the subject matter of dependent claims 2-9, 11-17, and 19-20 represent distinct patentable subject matter. A restriction is not proper if the two groups of claims are obvious variations of each other (i.e., a double patenting rejection between child and parent applications is never proper after an applicant files a divisional (child) application). While the Examiner maintains that a restriction is proper, Applicant’s belief that a restriction is improper in the instant case amounts to an admission that dependent claims 2-9, 11-17, and 19-20 are obvious variations of each other. This admission is hereby made of record. Claim Rejections - 35 USC § 102 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. The following conventions apply to the mapping of the prior art to the claims: Italicized text – claim language. Parenthetical plain text – Examiner’s citation and explanation. Citation without an explanation – an explanation has been previously provided for the respective limitation(s). Quotation marks – language quoted from a prior art reference. Underlining – language quoted from a claim. Brackets – material altered from either a prior art reference or a claim, which includes the Examiner’s explanation that relates a claim limitation to the quoted material of a reference. Braces – a limitation taught by another reference, but the limitation is presented with the mapping of the instant reference for context. Numbered superscript – a first phrase to be moved upwards to the primary reference analysis. Lettered superscript – a second phrase to be moved after the movement of the first phrase from which it was lifted, or more succinctly, move numbered material first, lettered material last. A. Claims 1-2, 5, 10, and 18 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Blum et al. (US 11,567,943, “Blum”). Regarding Claim 1 Blum discloses A computer system (abstract, Fig. 1) comprising: at least one hardware processor; and one or more computer-storage media containing instructions that, when executed by the at least one hardware processor, cause the computer system to perform operations (Fig. 12, Col. 17:59-18:12, “… and a processor 1214 that may execute the instructions 1216.”; and “The memory 1230 may include a main memory 1232, a static memory 1234, and a storage unit 1236, all accessible to the processors 1210 such as via the bus 1202. The main memory 1232, the static memory 1234, and the storage unit 1236 comprising a machine [computer] storage medium 1238 may store the instructions 1216 embodying any one or more of the methodologies or functions described herein.”) comprising: receiving a first query directed towards a shared dataset (Col. 2:27-50, “As discussed, it can be difficult to share data [set] securely and efficiently between data stores of different entities. To this end, a dynamic restriction data clean room system [to implement a shared dataset] can be implemented to restrict data that is provided through a data clean room based on a database statement (e.g., query) being in an approved statements table”; and Col. 2:51-3:22, “In some example embodiments, the restriction engine implements row access policy (RAP) based restrictions to the source data in response to a clean room [first] query being received and validated via stored procedure.”), the first query including one or more functions (Fig. 4, Col. 11:57-12:11, “To this end, the two database accounts store ‘SELECT COUNT’ [as a function] in the approve query requests table. In this way, a counting [first] query that selects and joins the source data can proceed, but a ‘SELECT *’ query that requests and potentially returns all user data cannot proceed…”); accessing a first set of data from the shared dataset to perform the one or more functions (Fig. 4, Col. 11:57-12:11, “To this end, the two database accounts store ‘SELECT COUNT’ in the approve query requests table. In this way, a counting query that selects and joins [to access] the source data [including a first set of data within the created shared dataset] can proceed [to perform the function], but a ‘SELECT *’ query that requests and potentially returns all user data cannot proceed…”), the first set of data including data accessed from a first row of the shared dataset (Col. 10:48-61, “The row access policy engine provides row-level security to data of the network-based database system 102 through the use of row access policies to determine which rows [of data accessed within the shared dataset that includes a first row] to return in the query result.”; and Col. 11:57-12:11, “To this end, the two database accounts store ‘SELECT COUNT’ in the approve query requests table. In this way, a counting query that selects and joins [to access] the source data [including a first set of data within the created shared dataset], but a ‘SELECT *’ query that requests and potentially returns all user data cannot proceed…”); determining, based on a context of the first query, that a row access policy is to be enforced in relation to the first query (Col. 10:48-11:6, “The row access policy engine provides [enforces] row-level security to data of the network-based database system 102 through the use of row access policies to determine which rows to return in the query result [and thus in relation to the first query].”; and “The policy data can further limit an object's owner (e.g., the role with the OWNERSHIP privilege [and associated query context] on the object, such as a table or view) who normally has full access [via the query context] to the underlying data.”), the determining that the row access policy is to be enforced is based on determining that a row access policy is attached to a first row of the shared dataset, the row access policy restricting use of data values stored in the first row (Fig. 9, Col. 15:5-29, “At operation 855, each party creates a row access policy that will be applied [attached] to the [rows of the] source table(s) shared to each other party for clean room request processing. The row access policy will check the current statement( ) function against values stored in the APPROVED_STATEMENTS table.", and "At operation 860, each party will generate their AVAILABLE_VALUES table, which acts as a data dictionary for other parties to understand which columns and values [upon a determination] they can use in query requests. FIG. 9 shows an example of available values data 900 (e.g., schema, allowed columns, metadata specifying [enforcing] prohibited [restricted] rows [and a first row of the shared dataset as illustrated] or cell values).”); and generating an output to the first query based on an execution of the one or more functions, the output to the first query not including data values stored in the first row based on determining that the row access policy is to be enforced in relation to the first query (Col. 11:7-28, “Based on the evaluation of the [row access] policy, the restriction engine generates the [first] query output, such as source data to be shared from a first database account to a second database account, where the [first] query output only contains rows based on the policy definition evaluating to TRUE [with the data values stored in first row being FALSE and the row access policy thereby enforced].”). Regarding Claim 2 Blum discloses the computer system of Claim 1, and Blum further discloses further comprising generating the shared dataset (Col. 10:48-61) in a data cleanroom between at least a first data provider and a second data provider (Col. 6:38-62, “A data clean room system 230 is configured to share data between two or more parties (e.g., different database accounts of different organizations or users) in a dynamically restricted data clean room.”), wherein the first query is generated by the second data provider (Fig. 4, Col. 29-57, “Continuing with reference to FIG. 4, the contents of the approved statements table is agreed upon or otherwise generated by the first database account 405 and second database account 450. For example, the users managing the first database account 405 and second [data provider] database account 450 agree upon query language [for the first query generated by the second data provided to operate on the dataset of the first data provider (and vice versa)] that is acceptable to both and include the query language in the approved statements table, and the agreed upon language is stored in the approved statements table 410 on the first database account 405 and also stored in the approved statements table 455 in the second database account 450.”), wherein the first query requests access to an external dataset that is external to the data cleanroom (Figs. 1 & 2, Col. 6:38-62, “For example, the virtual warehouse manager 220 may generate query plans for executing received queries. A data clean room system 230 [located within the “computer service manager 108”, with the “data storage devices 120” possessing the datasets that have external datasets that are external to the data clean cleanroom] is configured to share data between two or more parties (e.g., different database accounts of different organizations or users) in a dynamically restricted data clean room.”). Regarding Claim 5 Blum discloses the computer system of Claim 2, and Blum further discloses further comprising generating the row access policy and applying the row access policy to the shared dataset in the data cleanroom in response to generating the shared dataset in the data cleanroom (Col. 10:9-21, “In the example of FIG. 4, the dynamic restriction engine 233 implements [generates] a row access policy scheme (e.g., row access policy engine 415, row access policy engine 460) [and applies] on the source datasets of the first and second database accounts (e.g., source data 420, source data 465). In some example embodiments, the row access policy engine is implemented as a database object of the network-based database system 102 that restricts source data of a database account for use sharing [the shared dataset] in the clean room.”). Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. B. Claims 3-4 and 8-9 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Blum, and further in view of Das et al. (US 2021/0279357, “Das”). Regarding Claim 3 Blum discloses the computer system of Claim 2, and Blum further discloses wherein the external dataset is from a third data provider (Col. 11:58-12:12, “In contrast, in the approach of FIG. 4, a third [data provider] database account (not illustrated in FIG. 4) can provide a third-party shared [external] dataset 477 using the data clean room system 230,...”; see also Das ¶ [0072] where each data set for each “client” or “third part[y]” is an external dataset with respect to the digital marketing service), 1 …. Blum doesn’t disclose 1 wherein the third data provider is not a member of the data cleanroom. Das, however, discloses 1 wherein the third data provider is not a member of the {data cleanroom (Blum Col. 6:38-62)} (¶ [0072], “In an example application, a digital marketing services agency may desire to mitigate risk associated with acquiring and storing PII data for its clients [first and second data providers of data sets]. In addition, the digital marketing services agency may desire to share its data sets between clients [first and second data providers] and/or with third parties [as a third data provider who is not a member of the data service] without the risk of (or with reduced risk of) data loss. Smart encryption systems set forth herein, which facilitate the transfer and querying of [shared] data without decryption, can be employed for this purpose.”). Regarding the combination of Blum and Das, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the data architecture system of Blum to arrive at the claimed invention. KSR establishes that a rationale for obviousness is proven by showing a “use of [a] known technique to improve similar devices in the same way.” See MPEP § 2143(I)(C). To substantiate the conclusion of obviousness under this KSR rationale, the Examiner finds pursuant to MPEP § 2143(I)(C): 1) the prior art contained a base system, namely the data architecture system of Blum, upon which the claimed invention can be seen as an “improvement” through the use of a third-party membership feature; 2) the prior art contained a “comparable” system, namely the data system of Das, that has been improved in the same way as the claimed invention through the third-party membership feature; and 3) one of ordinary skill in the art could have applied the known improvement technique of applying the third-party membership feature to the base data architecture system of Blum, and the results would have been predictable to one of ordinary skill in the art. Regarding Claim 4 Blum discloses the computer system of Claim 2, and Blum further discloses wherein the first query (Col. 2:27-50) is…1 Das further discloses 1 …executed external to the data cleanroom to generate the output of the first query with data external to the data cleanroom (¶ [0066], “FIG. 15 is a diagram showing query operations via a smart encryption system [that doesn’t possess a data cleanroom, and thus all query operation are executed external to the data cleanroom to generate the output], according to some embodiments. As shown in FIG. 15, at step ‘1,’ a user submits a [first] query, via a software application, for one or more records to the smart encryption system. At step ‘2,’ the smart encryption system rewrites the query and sends it to the database storing encrypted data (i.e., transmits the rewritten query to a compute device operably coupled to the database, for execution at step ‘3,’ or executes the rewritten query directly against the database at step ‘3’). At step ‘4,’ a response to the rewritten query, containing encrypted results, is returned to the smart encryption system. At step ‘5,’ the encrypted results [output] are translated/decrypted and sent/transmitted back to the requesting software application.”). Regarding the combination of Blum and Das, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the data architecture system of Blum to arrive at the claimed invention. KSR establishes that a rationale for obviousness is proven by showing a “use of [a] known technique to improve similar devices in the same way.” See MPEP § 2143(I)(C). To substantiate the conclusion of obviousness under this KSR rationale, the Examiner finds pursuant to MPEP § 2143(I)(C): 1) the prior art contained a base system, namely the data architecture system of Blum, upon which the claimed invention can be seen as an “improvement” through the use of a cleanroom-query feature; 2) the prior art contained a “comparable” system, namely the data system of Das, that has been improved in the same way as the claimed invention through the cleanroom-query feature; and 3) one of ordinary skill in the art could have applied the known improvement technique of applying the cleanroom-query feature to the base data architecture system of Blum, and the results would have been predictable to one of ordinary skill in the art. Regarding Claim 8 Blum discloses the computer system of Claim 1, and Blum further discloses further comprising executing the first query (Col. 2:27-50) …1 Das further discloses 1 …without an application of the first set of data to the first query (¶ [0066], “FIG. 15 is a diagram showing query operations via a smart encryption system, according to some embodiments. As shown in FIG. 15, at step ‘1,’ a user submits a [first] query, via a software application, for one or more records to the smart encryption system. At step ‘2,’ the smart encryption system rewrites the query and sends it to the database storing encrypted data (i.e., transmits the rewritten query to a compute device operably coupled to the database, for execution at step ‘3,’ or executes the rewritten query directly against the database at step ‘3’) [and without an application of the first set of data to the first query, i.e., Das does not teach an application of the first set of data to the first query, and thus the reasonable inference is that the execution of the first query is without an application of the first set of data]. At step ‘4,’ a response to the rewritten query, containing encrypted results, is returned to the smart encryption system. At step ‘5,’ the encrypted results are translated/decrypted and sent/transmitted back to the requesting software application.”). Regarding the combination of Blum and Das, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the data architecture system of Blum to arrive at the claimed invention. KSR establishes that a rationale for obviousness is proven by showing a “use of [a] known technique to improve similar devices in the same way.” See MPEP § 2143(I)(C). To substantiate the conclusion of obviousness under this KSR rationale, the Examiner finds pursuant to MPEP § 2143(I)(C): 1) the prior art contained a base system, namely the data architecture system of Blum, upon which the claimed invention can be seen as an “improvement” through the use of a set-of-data application feature; 2) the prior art contained a “comparable” system, namely the data system of Das, that has been improved in the same way as the claimed invention through the set-of-data application feature; and 3) one of ordinary skill in the art could have applied the known improvement technique of applying the set-of-data application feature to the base data architecture system of Blum, and the results would have been predictable to one of ordinary skill in the art. Regarding Claim 9 Blum discloses the computer system of Claim 1, and Blum further discloses further comprising executing the first query (Col. 2:27-50) …1 Das further discloses 1 …without an application of the data values stored in the first row to the first query (¶ [0066], “FIG. 15 is a diagram showing query operations via a smart encryption system, according to some embodiments. As shown in FIG. 15, at step ‘1,’ a user submits a [first] query, via a software application, for one or more records to the smart encryption system. At step ‘2,’ the smart encryption system rewrites the query and sends it to the database storing encrypted data (i.e., transmits the rewritten query to a compute device operably coupled to the database, for execution at step ‘3,’ or executes the rewritten query directly against the database at step ‘3’) [and without an application of the data values stored in the first row to the first query, i.e., Das does not teach an application of the data values stored in the first row to the first query, and thus the reasonable inference is that the execution of the first query is without an application of the data values stored in the first row]. At step ‘4,’ a response to the rewritten query, containing encrypted results, is returned to the smart encryption system. At step ‘5,’ the encrypted results are translated/decrypted and sent/transmitted back to the requesting software application.”). Regarding the combination of Blum and Das, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the data architecture system of Blum to arrive at the claimed invention. KSR establishes that a rationale for obviousness is proven by showing a “use of [a] known technique to improve similar devices in the same way.” See MPEP § 2143(I)(C). To substantiate the conclusion of obviousness under this KSR rationale, the Examiner finds pursuant to MPEP § 2143(I)(C): 1) the prior art contained a base system, namely the data architecture system of Blum, upon which the claimed invention can be seen as an “improvement” through the use of a data-row application feature; 2) the prior art contained a “comparable” system, namely the data system of Das, that has been improved in the same way as the claimed invention through the data-row feature; and 3) one of ordinary skill in the art could have applied the known improvement technique of applying the data-row feature to the base data architecture system of Blum, and the results would have been predictable to one of ordinary skill in the art. Allowable Subject Matter Claims 6 and 7 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to D'ARCY WINSTON STRAUB whose telephone number is (303)297-4405. The examiner can normally be reached Monday-Friday 9:00-5:00 Mountain Time. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, WILLIAM KORZUCH can be reached at (571)272-7589. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /D'Arcy Winston Straub/Primary Examiner, Art Unit 2491