DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The Response filed 11 February 2026 has been received and considered.
Claims 1-5, 8-10, 12, 16-20, 23, 24, 30-33 are pending.
This Action is Final.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-4, 8-10, 12, 16-19, 23, 24, and 30-33 are rejected under 35 U.S.C. 103 as being unpatentable over Kothari et al. (US 11228566) in view of Keränen et al. (US 20190223010).
As per claims 1, 16, 30, and 32, Kothari et al. teaches a method, networking device (see Figure 1A. numerals 104 and 112), and a client device (see Figure 1A numeral 102) configured to:
on determining that the client device has data to send to a destination node, determine that at least one Privacy Enhancing Technology, PET, function is to be applied to the data (see column 23 lines 22-43 and column 9 line 54 through column 10 line 13 where data fields are determined to be protected based on the strategy and these fields are detected); and
transmit the data to be received by a networking device for application of the at least one PET function to the data, determining the PET function to apply, applying the PET function, and forwarding of the data to the destination node (see column 23 lines 44-59).
While Kothari et al. teaches detection of data that needs to be protected and determining a protection function, there lacks an explicit teaching of including an instruction that is used to apply the function.
However, Keränen et al. teaches the use of an instruction included in transmitted data that is used for protecting privacy (see paragraphs [0087]-[0088]).
At a time before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to include the instruction of Keränen et al. in the Kothari et al. system.
Motivation, as recognized by one of ordinary skill in the art, to do so would have been to allow more flexibility in the system by allowing the client to explicitly include which function is to be applied.
As per claims 2, 17, and 31, the modified Kothari et al. and Keränen et al. system discloses the instruction further comprises an identification of a user of the client device (see Kothari et al. column 23 lines 22-43 where the user is selecting the strategy and therefore must be identified for the system to use the proper strategy).
As per claims 3, 12, 18, and 33, the modified Kothari et al. and Keränen et al. system discloses the instruction further comprises an identification of at least one PET function to be applied to the data, and wherein applying a PET function to the data in accordance with the instruction comprises applying the identified PET function using a security protocol (see Kothari et al. column 9 line 59 through column 10 line 13 and Keränen et al. paragraphs [0082]-[0088]).
As per claims 4 and 19, the modified Kothari et al. and Keränen et al. system discloses the instruction comprises a Privacy Network Token, PNT (see Keränen et al. paragraph [0088] where the token included is considered a PNT).
As per claim 8, the modified Kothari et al. and Keränen et al. system discloses receiving from a management node configuration information for the instruction (see Kothari et al. column 23 lines 22-43 and column 9 line 54 through column 10 line 13 where the user device sends the appropriate configuration information for the strategy).
As per claims 9, 10, 23, and 24, the modified Kothari et al. and Keränen et al. system discloses transmitting the data, with an instruction to apply at least one PET function, comprises inserting the instruction into at least one of: a packet header of a packet of the data; or an Internet Protocol, IP, flow label of an IP flow containing the data, wherein transmitting the data, with an instruction to apply at least one PET function, comprises inserting the instruction into a Constrained Application Protocol, CoAP, header field of a packet containing the data (see Keränen et al. paragraphs [0087]-[0088]).
Claims 5 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over the modified Kothari et al. and Keränen et al. system as applied to claims 1 and 16 above, and further in view of Chauhan (US 20200112589).
As per claims 5 and 20, the modified Kothari et al. and Keränen et al. system generally discusses the use of encryption but fails to explicitly disclose the client device encrypts the data for transmission, and wherein the instruction further comprises an identification of an encryption process used by the client device to encrypt the data, and an access token allowing access by a networking device to key material for decrypting the data.
However, Chauhan teaches the use of an identified encryption algorithm to obtain a decryption key used to decrypt data that is to be privacy protected (see paragraphs [0189]-[0192] where the system must obtain access to the key material in order to decrypt that data).
At a time before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to include the encryption and decryption of the data from Chauhan in the modified Kothari et al. and Keränen et al. system.
Motivation, as recognized by one of ordinary skill in the art, to do so would have been to allow for the system to privacy protect data that is transmitted in encrypted form thereby increasing the security of the system.
Response to Arguments
Applicant's arguments filed 11 February 2026 have been fully considered but they are not persuasive. Applicant argues the combination of Kothari and Keränen fails to render the “instruction” obvious because the instruction Keränen is for data that is already protected.
The Examiner respectfully disagrees as the combination of Kothari and Keränen as put forth above renders the use of an instruction to apply a PET function obvious. More specifically, the term “instruction” is not specifically defined in the Specification and at best the “instruction” may be a token or other data that may be part of the data transmission. As such, giving the claim its broadest reasonable interpretation, any information sent as part of the data transmission that triggers a PET function would be considered the claimed “instruction”. As such, the Kothari reference teaches the claimed “instruction” since the anonymization system looks for specific fields and when present initiates an anonymization strategy (see column 23 lines 44-63). In other words, because the data includes a field that triggers the anonymization (i.e. PET), it is considered to have an instruction to apply the PET function since the anonymization will only occur when that field is present in the data. While it has been shown that Kothari teaches the claimed instruction Keränen was added to more explicitly show that it is known and obvious to include an instruction with data that a protection function will be applied. Keränen uses the CaPA header (note that Applicant’s own Specification uses this same header) to identify security. While, the instruction in the header is for data that is already protected, Keränen was not relied upon for what types of data protection is applied, merely that it is obvious to include an instruction identifying a security function to be applied to the data. Therefore the combination of Kothari and Keränen render the claim obvious.
Applicant’s remaining arguments are moot in view of the above response.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: the remaining references put forth on the PTO-892 form are directed towards privacy protection of data with information included with the data to trigger protection of the data.
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL J PYZOCHA whose telephone number is (571)272-3875. The examiner can normally be reached Monday-Thursday 7:30am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hadi Armouche can be reached at (571) 270-3618. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Michael Pyzocha/ Primary Examiner, Art Unit 2409