Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsSAP SE › 18772470
Last updated: April 19, 2026
Application No. 18/772,470

PROXY AND VETO SERVICES IN DATA PRIVACY INTEGRATION SCENARIOS

Non-Final OA §DP
Filed
Jul 15, 2024
Examiner
BOUTAH, ALINA A
Art Unit
2458
Tech Center
2400 — Computer Networks
Assignee
SAP SE
OA Round
1 (Non-Final)
90%
Grant Probability
Favorable
1-2
OA Rounds
2y 9m
To Grant
99%
With Interview

Interview Optional

+9.3% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 830 resolved cases, 2023–2026

Examiner Intelligence

BOUTAH, ALINA A View full profile →
Grants 90% — above average
90%
Career Allow Rate
745 granted / 830 resolved
+31.8% vs TC avg
Moderate +9% lift
Without
With
+9.3%
Interview Lift
resolved cases with interview
Typical timeline
2y 9m
Avg Prosecution
20 currently pending
Career history
850
Total Applications
across all art units

Statute-Specific Performance

§101
14.9%
-25.1% vs TC avg
§103
35.8%
-4.2% vs TC avg
§102
19.4%
-20.6% vs TC avg
§112
16.4%
-23.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 830 resolved cases

Office Action

§DP
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement The IDS filed July 15, 2024 has been considered. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13. The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer. Claims 1-6, 9-14, and 17-19 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-7, 13-16, and 20 of U.S. Patent No. 12,067,139. See claim correspondence below. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims have substantial overlapping subject matter. Independent claims in the present application differ from the patent in that they further recite at least one vote provided by at least one rule service to determine a consensus vote for the master data object for the data privacy request. Before the effective filing date of the invention, one of ordinary skill in the art would have been motivated to determine a consensus vote for the master data object in order to improve data privacy management across various applications. Present Application U.S. Patent No. 12,067,139 1. A computer-implemented method comprising: receiving, by at least one rule service and from a data privacy integration service in a multiple-application landscape, a data privacy request for a vote regarding a master data object, wherein the data privacy request is also received from the data privacy integration service by multiple other applications in the multiple-application landscape; determining, by at least one rule service, a respective vote for the rule service regarding the master data object, based on evaluation by the rule service of at least one preconfigured rule configured in the rule service for a type of the master data object; and providing, by each rule service that determined a respective vote, to the data privacy integration service, the respective vote determined by the rule service, wherein the data privacy integration service uses votes provided by other applications and at least one vote provided by at least one rule service to determine a consensus vote for the master data object for the data privacy request, wherein vote providers comprise responders of the data privacy request. 2. The computer-implemented method of claim 1, wherein: the data privacy integration service comprises an integrated end-of-purpose protocol handler; the data privacy request for the vote regarding the master data object queries a respective responder as to whether the respective responder can block the master data object; and the integrated end-of-purpose protocol handler determines the consensus vote by determining whether any vote provided by a responder indicates the responder is unable to block the master data object. 3. The computer-implemented method of claim 1, wherein: the data privacy integration service comprises an aligned purpose disassociation protocol handler; the data privacy request for the vote regarding the master data object queries a respective responder as to whether the respective responder can disassociate a purpose from the master data object; and the aligned purpose disassociation protocol handler determines the consensus vote by determining whether any vote provided by a responder indicates the responder is unable to disassociate the purpose from the master data object. 4. The computer-implemented method of claim 1, wherein the rule service evaluates a rule that specifies that a default vote should be provided by the rule service if the rule service does not otherwise determine a vote within a predetermined time period. 5. The computer-implemented method of claim 4, wherein the rule service forwards the data privacy request to an administrator and provides the default vote if the administrator does not provide a vote within the predetermined time period. 6. The computer-implemented method of claim 5, wherein information from the data privacy request is presented to the administrator in a user interface of an administrative application. 7. The computer-implemented method of claim 6, wherein the administrator provides the vote in the user interface of the administrative application and the administrative application provides the vote to the rule service. 8. The computer-implemented method of claim 4, wherein the rule service forwards the data privacy request to a different system and provides the default vote if the different system does not provide a vote within the predetermined time period. 9. The computer-implemented method of claim 8, wherein the different system is external to and not connected to the data privacy integration service and the rule service connects to the different system on behalf of the data privacy integration service. 10. The computer-implemented method of claim 8, wherein the rule service: receives a data privacy response to the data privacy request from the different system; and translates the data privacy response received from the different system from a first format used by the different system to a second format used by the data privacy integration service. 11. The computer-implemented method of claim 4, wherein the default vote is determined based on a mode of the rule service, wherein in a first mode, the rule service determines a default no vote and in a second mode the rule service determines a default yes vote. 12. A computer-implemented system comprising: one or more computers; and a computer-readable medium coupled to the one or more computers having instructions stored thereon which, when executed by the one or more computers, cause the one or more computers to perform operations comprising: receiving, by at least one rule service and from a data privacy integration service in a multiple-application landscape, a data privacy request for a vote regarding a master data object, wherein the data privacy request is also received from the data privacy integration service by multiple other applications in the multiple-application landscape; determining, by at least one rule service, a respective vote for the rule service regarding the master data object, based on evaluation by the rule service of at least one preconfigured rule configured in the rule service for a type of the master data object; and providing, by each rule service that determined a respective vote, to the data privacy integration service, the respective vote determined by the rule service, wherein the data privacy integration service uses votes provided by other applications and at least one vote provided by at least one rule service to determine a consensus vote for the master data object for the data privacy request, wherein vote providers comprise responders of the data privacy request. 13. The computer-implemented system of claim 12, wherein: the data privacy integration service comprises an integrated end-of-purpose protocol handler; the data privacy request for the vote regarding the master data object queries a respective responder as to whether the respective responder can block the master data object; and the integrated end-of-purpose protocol handler determines the consensus vote by determining whether any vote provided by a responder indicates the responder is unable to block the master data object. 14. The computer-implemented system of claim 12, wherein: the data privacy integration service comprises an aligned purpose disassociation protocol handler; the data privacy request for the vote regarding the master data object queries a respective responder as to whether the respective responder can disassociate a purpose from the master data object; and the aligned purpose disassociation protocol handler determines the consensus vote by determining whether any vote provided by a responder indicates the responder is unable to disassociate the purpose from the master data object. 15. The computer-implemented system of claim 12, wherein the rule service evaluates a rule that specifies that a default vote should be provided by the rule service if the rule service does not otherwise determine a vote within a predetermined time period. 16. The computer-implemented system of claim 15, wherein the rule service forwards the data privacy request to an administrator and provides the default vote if the administrator does not provide a vote within the predetermined time period. 17. A non-transitory, computer-readable medium coupled to one or more processors and having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations, the operations comprising: receiving, by at least one rule service and from a data privacy integration service in a multiple-application landscape, a data privacy request for a vote regarding a master data object, wherein the data privacy request is also received from the data privacy integration service by multiple other applications in the multiple-application landscape; determining, by at least one rule service, a respective vote for the rule service regarding the master data object, based on evaluation by the rule service of at least one preconfigured rule configured in the rule service for a type of the master data object; and providing, by each rule service that determined a respective vote, to the data privacy integration service, the respective vote determined by the rule service, wherein the data privacy integration service uses votes provided by other applications and at least one vote provided by at least one rule service to determine a consensus vote for the master data object for the data privacy request, wherein vote providers comprise responders of the data privacy request. 18. The computer-readable medium of claim 17, wherein: the data privacy integration service comprises an integrated end-of-purpose protocol handler; the data privacy request for the vote regarding the master data object queries a respective responder as to whether the respective responder can block the master data object; and the integrated end-of-purpose protocol handler determines the consensus vote by determining whether any vote provided by a responder indicates the responder is unable to block the master data object. 19. The computer-readable medium of claim 17, wherein: the data privacy integration service comprises an aligned purpose disassociation protocol handler; the data privacy request for the vote regarding the master data object queries a respective responder as to whether the respective responder can disassociate a purpose from the master data object; and the aligned purpose disassociation protocol handler determines the consensus vote by determining whether any vote provided by a responder indicates the responder is unable to disassociate the purpose from the master data object. 20. The computer-readable medium of claim 17, wherein the rule service evaluates a rule that specifies that a default vote should be provided by the rule service if the rule service does not otherwise determine a vote within a predetermined time period. 1. A computer-implemented method comprising: receiving, at a proxy service and from a data privacy integration service in a multiple-application landscape, a data privacy request, wherein the data privacy request is also received from the data privacy integration service by multiple other applications in the multiple-application landscape; forwarding, by the proxy service, the data privacy request as a forwarded data privacy request to a second application that is different from the proxy service and the multiple other applications; receiving, by the proxy service, from the second application and in response to the forwarded data privacy request, a first data privacy response; and forwarding, by the proxy service and to the data privacy integration service, a second data privacy response that is based on the first data privacy response, wherein the data privacy integration service uses at least the second data privacy response received from the proxy service to perform a central action for the data privacy request. 2. The computer-implemented method of claim 1, wherein the data privacy request comprises a request for a vote regarding a master data object. 3. The computer-implemented method of claim 2, wherein the second application is a rule service that automatically determines a vote for the data privacy request based on at least one configured rule. 4. The computer-implemented method of claim 2, wherein: the data privacy integration service comprises an integrated end-of-purpose protocol handler; the request for the vote regarding the master data object queries a respective application as to whether the respective application can block the master data object; and the integrated end-of-purpose protocol handler performs the central action by determining, based on at least the second data privacy response, whether any application in the multiple-application landscape is unable to block the master data object. 5. The computer-implemented method of claim 4, wherein: the data privacy integration service comprises an aligned purpose disassociation protocol handler; the request for the vote regarding the master data object queries a respective application as to whether the respective application can disassociate a purpose from the master data object; and the aligned purpose disassociation protocol handler performs the central action by determining, based on at least the second data privacy response, whether any application in the multiple-application landscape is unable to disassociate the purpose from the master data object. 6. The computer-implemented method of claim 5, wherein the proxy service comprises a veto service and the method further comprises determining, by the veto service, that the second application has not provided a response to the forwarded data privacy request within a predetermined time period; and in response to determining that the second application has not provided the response to the forwarded data privacy request within the predetermined time period: determining, by the veto service, a default vote for the data privacy request; and providing, by the veto service, the default vote to the data privacy integration service. 13. The computer-implemented method of claim 12, wherein information from the forwarded data privacy request is presented to the administrator in a user interface of the administrative application. 15. The computer-implemented method of claim 1, wherein the second application is external to and not connected to the data privacy integration service and the proxy service connects to the second application on behalf of the data privacy integration service. 16. The computer-implemented method of claim 15, wherein forwarding the second data privacy response comprises translating, by the proxy service, the first data privacy response from a first format used by the second application to a second format used by the data privacy integration service. 7. The computer-implemented method of claim 6, wherein the default vote is determined based on a mode of the veto service, wherein in a first mode, the veto service determines a default no vote and in a second mode the veto service determines a default yes vote. 18. A system comprising: a multiple-application landscape that includes multiple applications; a data privacy integration service; and a proxy service comprising: one or more computers; and a computer-readable medium coupled to the one or more computers having instructions stored thereon which, when executed by the one or more computers, cause the one or more computers to perform operations comprising: receiving, from the data privacy integration service in the multiple-application landscape, a data privacy request, wherein the data privacy request is also received from the data privacy integration service by multiple other applications in the multiple-application landscape; forwarding the data privacy request as a forwarded data privacy request to a second application that is different from the proxy service and the multiple other applications; receiving, from the second application and in response to the forwarded data privacy request, a first data privacy response; and forwarding, to the data privacy integration service, a second data privacy response that is based on the first data privacy response, wherein the data privacy integration service uses at least the second data privacy response received from the proxy service to perform a central action for the data privacy request. 19. The system of claim 18, wherein the data privacy request comprises a request for a vote regarding a master data object. 4. The computer-implemented method of claim 2, wherein: the data privacy integration service comprises an integrated end-of-purpose protocol handler; the request for the vote regarding the master data object queries a respective application as to whether the respective application can block the master data object; and the integrated end-of-purpose protocol handler performs the central action by determining, based on at least the second data privacy response, whether any application in the multiple-application landscape is unable to block the master data object. 5. The computer-implemented method of claim 4, wherein: the data privacy integration service comprises an aligned purpose disassociation protocol handler; the request for the vote regarding the master data object queries a respective application as to whether the respective application can disassociate a purpose from the master data object; and the aligned purpose disassociation protocol handler performs the central action by determining, based on at least the second data privacy response, whether any application in the multiple-application landscape is unable to disassociate the purpose from the master data object. 20. A non-transitory, computer-readable medium coupled to one or more processors and having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations, the operations comprising: receiving, at a proxy service and from a data privacy integration service in a multiple-application landscape, a data privacy request, wherein the data privacy request is also received from the data privacy integration service by multiple other applications in the multiple-application landscape; forwarding, by the proxy service, the data privacy request as a forwarded data privacy request to a second application that is different from the proxy service and the multiple other applications; receiving, by the proxy service, from the second application and in response to the forwarded data privacy request, a first data privacy response; and forwarding, by the proxy service and to the data privacy integration service, a second data privacy response that is based on the first data privacy response, wherein the data privacy integration service uses at least the second data privacy response received from the proxy service to perform a central action for the data privacy request. 4. The computer-implemented method of claim 2, wherein: the data privacy integration service comprises an integrated end-of-purpose protocol handler; the request for the vote regarding the master data object queries a respective application as to whether the respective application can block the master data object; and the integrated end-of-purpose protocol handler performs the central action by determining, based on at least the second data privacy response, whether any application in the multiple-application landscape is unable to block the master data object. 5. The computer-implemented method of claim 4, wherein: the data privacy integration service comprises an aligned purpose disassociation protocol handler; the request for the vote regarding the master data object queries a respective application as to whether the respective application can disassociate a purpose from the master data object; and the aligned purpose disassociation protocol handler performs the central action by determining, based on at least the second data privacy response, whether any application in the multiple-application landscape is unable to disassociate the purpose from the master data object. Potential Allowable Subject Matter Claims 1-20 would be allowed if claims are amended, persuasively argued, or if a terminal disclaimer is filed to overcome the double patenting rejection as set forth above. The following are considered closest prior art of record: Dhayanithi (US 10776254), teaches integration of data privacy service in customer landscapes. Schatz et al. (US 9836366), teaches a vote consensus technique that provides a “third vote” (i.e. a tie-breaking vote) in a cluster of nodes. Gupta (US 20240031373), teaches using voting rights to maintain data privacy. None of the prior art of record, in combination with each other and every limitation in the independent claims, teaches “receiving, by at least one rule service and from a data privacy integration service in a multiple-application landscape, a data privacy request for a vote regarding a master data object, wherein the data privacy request is also received from the data privacy integration service by multiple other applications in the multiple-application landscape; determining, by at least one rule service, a respective vote for the rule service regarding the master data object, based on evaluation by the rule service of at least one preconfigured rule configured in the rule service for a type of the master data object; and providing, by each rule service that determined a respective vote, to the data privacy integration service, the respective vote determined by the rule service, wherein the data privacy integration service uses votes provided by other applications and at least one vote provided by at least one rule service to determine a consensus vote for the master data object for the data privacy request, wherein vote providers comprise responders of the data privacy request.” Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALINA N BOUTAH whose telephone number is (571)272-3908. The examiner can normally be reached M-F 7:00 AM - 3:00 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Umar Cheema can be reached at (571) 270-3037. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. ALINA BOUTAH Primary Examiner Art Unit 2458 /ALINA A BOUTAH/Primary Examiner, Art Unit 2458
Read full office action

Prosecution Timeline

Jul 15, 2024
Application Filed
Jan 24, 2026
Non-Final Rejection — §DP (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/106,114
Patent 12568025
AUTOMATIC CONFIGURATION OF IOT DEVICES FOR ONLINE DATA BROKERAGE SERVICES
2y 5m to grant Granted Mar 03, 2026
18/563,196
Patent 12568000
METHOD AND DEVICE FOR PERFORMING FEDERATED LEARNING IN WIRELESS COMMUNICATION SYSTEM
2y 5m to grant Granted Mar 03, 2026
18/039,836
Patent 12563449
MECHANISM FOR OPERATION OF 3GPP TSN VIRTUAL BRIDGE IN A CENTRALIZED NETWORK/DISTRIBUTED USER MODEL IN A 5G SYSTEM
2y 5m to grant Granted Feb 24, 2026
18/578,580
Patent 12562934
METHOD AND APPARATUS FOR BINDING PLURALITY OF ELECTRICAL DEVICES AND COMPUTER-READABLE STORAGE MEDIUM
2y 5m to grant Granted Feb 24, 2026
18/219,347
Patent 12556307
REDUCING TRANSMISSION OF DATA PACKETS IN DATA TRNASMISSION
2y 5m to grant Granted Feb 17, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
90%
Grant Probability
99%
With Interview (+9.3%)
2y 9m
Median Time to Grant
Low
PTA Risk
Based on 830 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month