Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsTwilio Inc. › 18818192
Last updated: April 19, 2026
Application No. 18/818,192

METHOD AND SYSTEM FOR APPLYING DATA RETENTION POLICIES IN A COMPUTING PLATFORM

Non-Final OA §101§102§103§DP
Filed
Aug 28, 2024
Examiner
MCNALLY, MICHAEL S
Art Unit
2432
Tech Center
2400 — Computer Networks
Assignee
Twilio Inc.
OA Round
1 (Non-Final)
90%
Grant Probability
Favorable
1-2
OA Rounds
2y 8m
To Grant
98%
With Interview

Interview Optional

+8.7% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 1060 resolved cases, 2023–2026

Examiner Intelligence

MCNALLY, MICHAEL S View full profile →
Grants 90% — above average
90%
Career Allow Rate
950 granted / 1060 resolved
+31.6% vs TC avg
Moderate +9% lift
Without
With
+8.7%
Interview Lift
resolved cases with interview
Typical timeline
2y 8m
Avg Prosecution
17 currently pending
Career history
1077
Total Applications
across all art units

Statute-Specific Performance

§101
11.2%
-28.8% vs TC avg
§103
36.8%
-3.2% vs TC avg
§102
22.5%
-17.5% vs TC avg
§112
13.7%
-26.3% vs TC avg
Black line = Tech Center average estimate • Based on career data from 1060 resolved cases

Office Action

§101 §102 §103 §DP
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Priority Applicant’s claim for the benefit of a prior-filed application under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged. Information Disclosure Statement The information disclosure statements (IDS) submitted on 28 August 2024, 9 December 2024 and # March 2025 have been considered by the examiner. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-4, 6-12, 14, 16 and 18-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim(s) recite processing, by one or more processors, event data that corresponds to an account; and redacting, by the one or more processors, at least one field within the event data based on a redaction policy that corresponds to the account and indicates an action that redacts information, the redacting of the at least one field within the event data including initiation of the action indicated by the redaction policy in claims 1, 8 and 16. The above limitations are a process under its broadest reasonable interpretation, that covers performance of the limitations in the mind or on paper but for the recitation of generic computer components (“one or more processors” of claims 1 and 9, “computer readable media” of claim 9 and “machine readable media” or claim 16). For example, “processing event data that corresponds to an account” is encompassed by the act of mentally reviewing data corresponding to an account and “redacting at least one field within the event data based on a redaction policy that corresponds to the account and indicates an action that redacts information, the redacting of the at least one field within the event data including initiation of the action indicated by the redaction policy” is encompassed by mentally or excluding the redacted data or crossing the data out on paper. Any user can look at data and decide to perform redactions to that data according to redaction rules. Accordingly, claims 1, 9 and 16 fall within the “Mental Proceses” grouping of abstract idea. This judicial exception is not integrated into a practical application because claims 1, 9 and 16 recite only those elements and additional generic computing components. The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional generic computing components are recited at a high level of generality and only serve to replicate the action of the human mind. Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception, nor do the claims provide an inventive concept. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements of using “one or more processors,” “one or more memories,” “non-transitory machine-readable storage media” amount to no more than mere instructions to apply the exception using generic computer components. Mere instructions to apply an exception using generic computer components cannot provide an inventive concept. As well, under the 2019 PEG, a conclusion that additional elements are insignificant extra-solution activities in Step 2A, prong two should be re-evaluated in Step 2B. Here, the receiving and providing steps were considered to be respective pre-insignificant and post-insignificant extra-solution activities in prong two of Step 2A, and thus are re-evaluated in Step 2B to determine if they are more than what is well-understood, routine, conventional activity in the field. The instant Specification does not provide any indication that the “one or more processors,” “one or more memories,” “one or more non-transitory machine-readable storage media” are anything other than generic, off-the-shelf computer components and the Symantec, TLI, and OIP Techs. court decisions cited in MPEP 2106.05(d)(II) indicate that mere collection or receipt of data over a network is a well-understood, routine, and conventional function when it is claimed in a merely generic manner (as it is here). Accordingly, a conclusion that the receiving and providing steps are well-understood, routine, conventional activities is supported under Berkheimer Option 2. For these reasons, there is no inventive concept in the claims, and thus the claims are not patent eligible. With respect to claims 2-4, 6-8, 10-12, 14-15 and 18-20, each recite additional limitations that either describe processing the event data (Claims 2 and 10), access in or receiving the redaction policy (claims 3-4, and 11-12), or specific ways of securing the remaining data 6-8, 14, and 18-20) that could be performed mentally or by a person using pencil and paper Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. Claims 1-7 and 9-14 and 16-19 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by U.S. Patent Application Publication No. 2009/0164878 by Cottrille. As to claims 1, 9 and 16, Cotrille discloses a method (Claim 1)/system comprising: one or more processors (Cotrille: Page 2, Sec 19); and one or more computer-readable media storing instructions that, when executed by the one or more processors, cause the system to perform operations (Cotrille: Page 2, Sec 15) (Claim 9; /non-transitory machine-readable medium (Cotrille: Page 2, Sec 15) (Claim 16) comprising: processing, by one or more processors, event data that corresponds to an account (Cotrille: Fig 2 – 230; Page 2, Sec 21 and Pages 3-4, Sec 32; processing data for potential redaction, data disclosed as being financial and related to a transaction, which would correspond to event data for an account); and redacting, by the one or more processors, at least one field within the event data based on a redaction policy that corresponds to the account and indicates an action that redacts information, the redacting of the at least one field within the event data including initiation of the action indicated by the redaction policy (Cotrille: Fig 2; Page 3, Sec 25 – Page 4; Sec 34; data in document is redacted according to redaction rules). As to claims 2 and 10, Cotrille further discloses wherein: the processing of the event data includes generating the event data based on usage of a computing system by the corresponding account (Cotrille: Page 2, Sec 21; computing system used for financial transactions by the user account). As to claims 3 and 11, Cotrille further discloses further comprising: accessing the retention policy from a configuration file that corresponds to the account (Cotrille: Fig 1- 120; Page 3, Sec 23, policy engine). As to claims 4 and 12, Cotrille further discloses further comprising: receiving the retention policy from a computing system used to generate the event data (Cotrille: Fig 1- 120; Page 3, Sec 23, policy engine). As to claims 5, 13 and 17, Cotrille further discloses further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and limiting access granted to a computing system for the sensitive information in the remaining portion of the event data (Cotrille: Fig 4: Page 4, Sec 40; authorization module secures access to remaining portion of data). As to claims 6, 14 and 18, Cotrille further discloses further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and redacting the sensitive information in the remaining portion of the event data (Cotrille: Fig 4: Page 4, Sec 40; authorization module secures access to remaining portion of data). As to claims 7 and 19, Cotrille further discloses further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and deleting the sensitive information from the remaining portion of the event data (Cotrille: Fig 4: Page 4, Sec 40; authorization module secures access to remaining portion of data). Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 8, 15 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Patent Application Publication No. 2009/0164878 by Cottrille in view of U.S. Patent Application Publication No. 2011/0202744 by Kratsch. As to claims 8, 15 and 20, Cotrille discloses all recited elements of claims 1, 13 and 16 from which claims 8, 15 and 20 depend. Cotrille further discloses further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information (Cotrille: Fig 4: Page 4, Sec 40; authorization module secures access to remaining portion of data). Cotrille does not expressly disclose encrypting the sensitive information in the remaining portion of the event data. Kratsch discloses encrypting the sensitive information in the remaining portion of the event data (Kratsch: Page 5, Sec 56; remaining sensitive data encrypted after redaction process). Cotrille and Kratsch are analogous art because they are from the common area of data protection. It would have been obvious, at or before the effective filing date of the instant application, to use the encryption of Kratsch in the system of Cotrille. The rationale would have been to provide protection for necessary unredacted data (Kratsch: Page 5, Sec 56). Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13. The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer. Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 12,292,857. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the ‘857 Patent represent an obvious variation of the claims of the instant application and anticipate the subject matter of the instant claims. As to claim 1, the ‘857 Patent discloses a method comprising (Claim 1: A method comprising): processing, by one or more processors, event data that corresponds to an account (Claim 1: processing, by one or more processors of a multitenant computing platform, event data that corresponds to an account among multiple accounts within the multitenant computing platform, each account among the multiple accounts having a corresponding retention policy that is applicable to only that account within the multitenant computing platform, the processed event data being retainable in a data log of the multitenant computing platform); and redacting, by the one or more processors, at least one field within the event data based on a redaction policy that corresponds to the account and indicates an action that redacts information, the redacting of the at least one field within the event data including initiation of the action indicated by the redaction policy (Claim 1: preventing, by the one or more processors of the multitenant computing platform, retention of a portion of the event data within the data log of the multitenant computing platform based on a retention policy that corresponds to only the account within the multitenant computing platform and indicates that the portion of the event data is not to be retained). As to claim 2, the ‘857 Patent discloses the method of claim 1, wherein: the processing of the event data includes generating the event data based on usage of a computing system by the corresponding account (Claim 2: The method of claim 1, wherein: the processing of the event data includes generating the event data based on usage of a computing system by the corresponding account). As to claim 3, the ‘857 Patent discloses the method of claim 1, further comprising: accessing the redaction policy from a configuration file that corresponds to the account (Claim 3: The method of claim 1, further comprising: accessing the retention policy from a configuration file that corresponds to the account). As to claim 4, the ‘857 Patent discloses the method of claim 1, further comprising: receiving the redaction policy from a computing system used to generate the event data (Claim 4: The method of claim 1, further comprising: receiving the retention policy from a computing system used to generate the event data.). As to claim 5, the ‘857 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and limiting access granted to a computing system for the sensitive information in the remaining portion of the event data (Claim 5: The method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and limiting access granted to a computing system for the sensitive information in the remaining portion of the event data). As to claim 6, the ‘857 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and preventing retention of the sensitive information in the remaining portion of the event data (Claim 6: The method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and redacting the sensitive information in the remaining portion of the event data). As to claim 7, the ‘857 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and deleting the sensitive information from the remaining portion of the event data (Claim 7: The method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and deleting the sensitive information from the remaining portion of the event data). As to claim 8, the ‘857 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and encrypting the sensitive information in the remaining portion of the event data (Claim 8: The method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and encrypting the sensitive information in the remaining portion of the event data). Claims 9-15 recite a system commensurate in scope to the method recited in claims 1-8 and are rejected under a substantially similar rationale in view of claims 1-20. Claims 16-20 recite a computer readable medium commensurate in scope to the method recited in claims 1-8 and are rejected under a substantially similar rationale in view of claims 1-20. Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 12,292,856. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the ‘856 Patent represent an obvious variation of the claims of the instant application and anticipate the subject matter of the instant claims. As to claim 1, the ‘856 Patent discloses a method comprising (Claim 1: A method comprising): processing, by one or more processors, event data that corresponds to an account (Claim 1: processing, by one or more processors of a multitenant computing platform, event data that corresponds to an account among multiple accounts within the multitenant computing platform, each account among the multiple accounts having a corresponding deletion policy that is applicable to only that account within the multitenant computing platform, the processed event data being retainable in a data log of the multitenant computing platform); and redacting, by the one or more processors, at least one field within the event data based on a redaction policy that corresponds to the account and indicates an action that redacts information, the redacting of the at least one field within the event data including initiation of the action indicated by the redaction policy (Claim 1: deleting, by the one or more processors of the multitenant computing platform, at least one field of the event data within the data log of the multitenant computing platform based on a deletion policy that corresponds to only the account within the multitenant computing platform and indicates an action that deletes information, the deleting of the at least one field of the event data including initiation of the action indicated by the deletion policy that is applicable to only the corresponding account within the multitenant computing platform). As to claim 2, the ‘856 Patent discloses the method of claim 1, wherein: the processing of the event data includes generating the event data based on usage of a computing system by the corresponding account (Claim 2: The method of claim 1, wherein: the processing of the event data includes generating the event data based on usage of a computing system by the corresponding account.). As to claim 3, the ‘856 Patent discloses the method of claim 1, further comprising: accessing the redaction policy from a configuration file that corresponds to the account(Claim 3: The method of claim 1, further comprising: accessing the deletion policy from a configuration file that corresponds to the account). As to claim 4, the ‘856 Patent discloses the method of claim 1, further comprising: receiving the redaction policy from a computing system used to generate the event data (Claim 4: The method of claim 1, further comprising: receiving the deletion policy from a computing system used to generate the event data). As to claim 5, the ‘856 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and limiting access granted to a computing system for the sensitive information in the remaining portion of the event data (Claim 5: The method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and limiting access granted to a computing system for the sensitive information in the remaining portion of the event data.). As to claim 6, the ‘856 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and preventing retention of the sensitive information in the remaining portion of the event data (Claim 6: The method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and redacting the sensitive information in the remaining portion of the event data). As to claim 7, the ‘856 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and deleting the sensitive information from the remaining portion of the event data (Claim 7: The method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and deleting the sensitive information from the remaining portion of the event data). As to claim 8, the ‘856 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and encrypting the sensitive information in the remaining portion of the event data(Claim 8: The method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and encrypting the sensitive information in the remaining portion of the event data). Claims 9-15 recite a system commensurate in scope to the method recited in claims 1-8 and are rejected under a substantially similar rationale in view of claims 1-20. Claims 16-20 recite a computer readable medium commensurate in scope to the method recited in claims 1-8 and are rejected under a substantially similar rationale in view of claims 1-20. Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 12,292,855. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the ‘855 Patent represent an obvious variation of the claims of the instant application and anticipate the subject matter of the instant claims. As to claim 1, the ‘855 Patent discloses a method comprising (claim 1: A method comprising): processing, by one or more processors, event data that corresponds to an account (Claim 1: processing, by one or more processors of a multitenant computing platform, event data that corresponds to an account among multiple accounts within the multitenant computing platform, each account among the multiple accounts having a corresponding privacy policy that is applicable to only that account within the multitenant computing platform, the processed event data being retainable in a data log of the multitenant computing platform); and redacting, by the one or more processors, at least one field within the event data based on a redaction policy that corresponds to the account and indicates an action that redacts information, the redacting of the at least one field within the event data including initiation of the action indicated by the redaction policy (Claim 1: securing, by the one or more processors, at least a portion of the event data within the data log of the multitenant computing platform based on a privacy policy that corresponds to only the account within the multitenant computing platform and indicates an action that secures information, the securing of at least the portion of the event data including initiation of the action indicated by the privacy policy that is applicable to only the corresponding account within the multitenant computing platform). As to claim 2, the ‘855 Patent discloses the method of claim 1, wherein: the processing of the event data includes generating the event data based on usage of a computing system by the corresponding account (Claim 2: The method of claim 1, wherein: the processing of the event data includes generating the event data based on usage of a computing system by the corresponding account). As to claim 3, the ‘855 Patent discloses the method of claim 1, further comprising: accessing the redaction policy from a configuration file that corresponds to the account (Claim 3: The method of claim 1, further comprising: accessing the privacy policy from a configuration file that corresponds to the account). As to claim 4, the ‘855 Patent discloses the method of claim 1, further comprising: receiving the redaction policy from a computing system used to generate the event data (Claim 4: The method of claim 1, further comprising: receiving the privacy policy from a computing system used to generate the event data.). As to claim 5, the ‘855 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and limiting access granted to a computing system for the sensitive information in the remaining portion of the event data (Claim 5: The method of claim 1, wherein: the securing of at least the portion of the event data includes: determining that the event data includes sensitive information; and limiting access granted to a computing system for the sensitive information in the event data). As to claim 6, the ‘855 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and preventing retention of the sensitive information in the remaining portion of the event data (Claim 6: The method of claim 1, wherein: the securing of at least the portion of the event data includes: determining that the event data includes sensitive information; and redacting the sensitive information in the event data). As to claim 7, the ‘855 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and deleting the sensitive information from the remaining portion of the event data (Claim 7: The method of claim 1, wherein: the securing of at least the portion of the event data includes: determining that the event data includes sensitive information; and deleting the sensitive information from the event data). As to claim 8, the ‘855 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and encrypting the sensitive information in the remaining portion of the event data (Claim 8: The method of claim 1, wherein: the securing of at least the portion of the event data includes: determining that the event data includes sensitive information; and encrypting the sensitive information in the event data). Claims 9-15 recite a system commensurate in scope to the method recited in claims 1-8 and are rejected under a substantially similar rationale in view of claims 1-20. Claims 16-20 recite a computer readable medium commensurate in scope to the method recited in claims 1-8 and are rejected under a substantially similar rationale in view of claims 1-20. Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 11,768,802. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the ‘802 Patent represent an obvious variation of the claims of the instant application and anticipate the subject matter of the instant claims. As to claim 1, the ‘802 Patent discloses a method comprising (Claim 1: A method comprising): processing, by one or more processors, event data that corresponds to an account (Claim 1: accessing, by one or more processors, account data generated based on usage of a computing system by a corresponding account); and redacting, by the one or more processors, at least one field within the event data based on a redaction policy that corresponds to the account and indicates an action that redacts information, the redacting of the at least one field within the event data including initiation of the action indicated by the redaction policy (Claim 1: and securing, by the one or more processors, at least a portion of the account data based on a data privacy policy that corresponds to the account and defines an action to secure sensitive information, the securing of at least the portion of the account data including performance of the action defined by the data privacy policy). As to claim 2, the ‘802 Patent discloses the method of claim 1, wherein: the processing of the event data includes generating the event data based on usage of a computing system by the corresponding account (Claim 2: The method of claim 1, wherein: the accessing of the account data includes generating the account data on behalf of the corresponding account based on the usage of the computing system by the corresponding account). As to claim 3, the ‘802 Patent discloses the method of claim 1, further comprising: accessing the privacy policy from a configuration file that corresponds to the account (Claim 3 The method of claim 1, further comprising: accessing the data privacy policy from a configuration file that corresponds to the account). As to claim 4, the ‘802 Patent discloses the method of claim 1, further comprising: receiving the privacy policy from a computing system used to generate the event data (Claim 4: The method of claim 1, further comprising: receiving the data privacy policy from the computing system on whose usage generation of the account data is based). As to claim 5, the ‘802 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account (Claim 1: and securing, by the one or more processors, at least a portion of the account data), the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and limiting access granted to a computing system for the sensitive information in the remaining portion of the event data (Claim 5: The method of claim 1, wherein: the securing of at least the portion of the account data includes: determining that the account data includes sensitive information; and limiting a level of access granted to the computing system for the sensitive information included in the account data). As to claim 6, the ‘802 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account (Claim 1: and securing, by the one or more processors, at least a portion of the account data), the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and redacting the sensitive information in the remaining portion of the event data (Claim 6: The method of claim 1, wherein: the securing of at least the portion of the account data includes: determining that the account data includes sensitive information; and redacting the sensitive information included in the account data). As to claim 7, the ‘802 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account (Claim 1: and securing, by the one or more processors, at least a portion of the account data), the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and deleting the sensitive information from the remaining portion of the event data (Claim 7: The method of claim 1, wherein the securing of at least the portion of the account data includes: determining that the account data includes sensitive information; and deleting the sensitive information included in the account data.). As to claim 8, the ‘802 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account (Claim 1: and securing, by the one or more processors, at least a portion of the account data), the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and encrypting the sensitive information in the remaining portion of the event data (Claim 8: The method of claim 1, wherein: the securing of at least the portion of the account data includes: determining that the account data includes sensitive information; and encrypting the sensitive information included in the account data). Claims 9-15 recite a system commensurate in scope to the method recited in claims 1-8 and are rejected under a substantially similar rationale in view of claims 1-20. Claims 16-20 recite a computer readable medium commensurate in scope to the method recited in claims 1-8 and are rejected under a substantially similar rationale in view of claims 1-20. Claims 1-7 and 9-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 11,755,530. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the ‘530 Patent represent an obvious variation of the claims of the instant application and anticipate the subject matter of the instant claims. As to claim 1, the ‘530 Patent discloses a method comprising (Claim 1: A method comprising): accessing, by one or more processors, event data that corresponds to an account (Claim 1: accessing, by one or more processors, account data generated based on usage of a computing system by a corresponding account); and redacting, by the one or more processors, at least one field within the event data based on a redaction policy that corresponds to the account and indicates an action that redacts information, the redacting of the at least one field within the event data including initiation of the action indicated by the redaction policy (Claim 1: moderating, by the one or more processors, the account data based on a data policy that corresponds to the account and defines an action to secure sensitive information, the moderating of the account data including performance of the action defined by the data policy, the moderated account data being accessible by the computing platform). As to claim 2, the ‘530 Patent discloses the method of claim 1, wherein: the processing of the event data includes generating the event data based on usage of a computing system by the corresponding account (Claim 2: The method of claim 1, wherein: the accessing of the account data includes generating the account data on behalf of the corresponding account based on the usage of the computing system by the corresponding account). As to claim 3, the ‘530 Patent discloses the method of claim 1, further comprising accessing the privacy policy from a configuration file that corresponds to the account (Claim 3: The method of claim 1, further comprising: accessing the data privacy policy from a configuration file that corresponds to the account). As to claim 4, the ‘530 Patent discloses the method of claim 1, further comprising: receiving the privacy policy from a computing system used to generate the event data (Claim 4: The method of claim 1, further comprising: receiving the data privacy policy from the computing system on whose usage generation of the account data is based). As to claim 5, the ‘530 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account (Claim 1: moderating, by the one or more processors, the account data based on a data policy that corresponds to the account and defines an action to secure sensitive information), the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and limiting access granted to a computing system for the sensitive information in the remaining portion of the event data. (Claim 5: The method of claim 1, wherein: the securing of at least the portion of the account data includes: determining that the account data includes sensitive information; and limiting a level of access granted to the computing system for the sensitive information included in the account data). As to claim 6, the ‘530 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account (Claim 1: moderating, by the one or more processors, the account data based on a data policy that corresponds to the account and defines an action to secure sensitive information), the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and redacting the sensitive information in the remaining portion of the event data (Claim 6: The method of claim 1, wherein: the securing of at least the portion of the account data includes: determining that the account data includes sensitive information; and redacting the sensitive information included in the account data). As to claim 7, the ‘530 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account (Claim 1: moderating, by the one or more processors, the account data based on a data policy that corresponds to the account and defines an action to secure sensitive information), the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and deleting the sensitive information from the remaining portion of the event data (Claim 7: The method of claim 1, wherein the securing of at least the portion of the account data includes: determining that the account data includes sensitive information; and deleting the sensitive information included in the account data). Claims 9-15 recite a system commensurate in scope to the method recited in claims 1-7 and are rejected under a substantially similar rationale in view of claims 1-20. Claims 16-20 recite a computer readable medium commensurate in scope to the method recited in claims 1-5 and are rejected under a substantially similar rationale in view of claims 1-20. Claims 1-2, 5-10, 13-17 and 20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 11,341,092. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the ‘092 Patent represent an obvious variation of the claims of the instant application and anticipate the subject matter of the instant claims. As to claim 1, the ‘092 Patent discloses a method comprising (Claim 1: A method comprising): accessing, by one or more processors, event data that corresponds to an account; (Claim 1: generating, by a communication platform, communication data based on at least one communication session associated with an account of the communication platform); and redacting, by the one or more processors, at least one field within the event data based on a redaction policy that corresponds to the account and indicates an action that redacts information, the redacting of the at least one field within the event data including initiation of the action indicated by the redaction policy (Claim 1: and moderating the communication data according to a data policy associated with the account, the data policy defining actions for securing sensitive information, wherein moderating the communication data yields operational information that is accessible by the communication platform during performance of system operations). As to claim 2, the ‘092 Patent discloses the method of claim 1, wherein: the processing of the event data includes generating the event data based on usage of a computing system by the corresponding account (Claim 1: generating, by a communication platform, communication data based on at least one communication session associated with an account of the communication platform). As to claim 5, the ‘092 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and limiting access granted to a computing system for the sensitive information in the remaining portion of the event data (Claim 2: The method of claim 1, wherein moderating the communication data comprises: identifying a first portion of the communication data determined to include sensitive information; and securing the first portion of the communication data resulting in a limited level of access being granted to the communication platform for accessing the sensitive information in the communication data). As to claim 6, the ‘092 Patent the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account (Claim 2: The method of claim 1, wherein moderating the communication data comprises: identifying a first portion of the communication data determined to include sensitive information; and securing the first portion of the communication data resulting in a limited level of access being granted to the communication platform for accessing the sensitive information in the communication data), the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and redacting the sensitive information in the remaining portion of the event data (Claim 3: The method of claim 2, wherein securing the first portion of the communication data comprises redacting the first portion of the communication data). As to claim 7, the ‘092 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account (Claim 2: The method of claim 1, wherein moderating the communication data comprises: identifying a first portion of the communication data determined to include sensitive information; and securing the first portion of the communication data resulting in a limited level of access being granted to the communication platform for accessing the sensitive information in the communication data), the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and deleting the sensitive information from the remaining portion of the event data. (Claim 4: The method of claim 2, wherein securing the first portion of the communication data comprises deleting the first portion of the communication data.). As to claim 8, the ‘092 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account (Claim 2: The method of claim 1, wherein moderating the communication data comprises: identifying a first portion of the communication data determined to include sensitive information; and securing the first portion of the communication data resulting in a limited level of access being granted to the communication platform for accessing the sensitive information in the communication data), the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information (Claim 2: The method of claim 1, wherein moderating the communication data comprises: identifying a first portion of the communication data determined to include sensitive information); and encrypting the sensitive information in the remaining portion of the event data (Claim 7: and receiving the operational information from the remote computing system, the operational information having been encrypted by the remote computing system.). Claims 9-10 and 13-15 recite a system commensurate in scope to the method recited in claims 1-2 and 5-7 and are rejected under a substantially similar rationale in view of claims 8-14. Claims 16-17 and 20 recite a computer readable medium commensurate in scope to the method recited in claims 1-2 and 5 and are rejected under a substantially similar rationale in view of claims 15-20. Claims 1-2, 5, 9-10, 13, 16-17 and 20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 10,747,717. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the ‘717 Patent represent an obvious variation of the claims of the instant application and anticipate the subject matter of the instant claims. As to claim 1, the ‘717 Patent discloses a method comprising (Claim 1: A method comprising): accessing, by one or more processors, event data that corresponds to an account (Claim 1: generating, by a communication platform, communication session data based on a communication session associated with a first account of the communication platform) ; and redacting, by the one or more processors, at least one field within the event data based on a redaction policy that corresponds to the account and indicates an action that redacts information, the redacting of the at least one field within the event data including initiation of the action indicated by the redaction policy (Claim 1: securing at least a first portion of the communication session data determined to include sensitive information according to a first data retention policy set for the first account of the communication platform, the securing resulting in a limited level of access being granted to the communication platform for accessing the sensitive information; and generating operational information from the communication session data of the first platform account, the operational information being accessible during performance of system operations). As to claim 2, the ‘717 Patent discloses the method of claim 1, wherein: the processing of the event data includes generating the event data based on usage of a computing system by the corresponding account (Claim 1: generating, by a communication platform, communication session data based on a communication session associated with a first account of the communication platform). As to claim 5, the ‘717 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and limiting access granted to a computing system for the sensitive information in the remaining portion of the event data. (Claim 1: securing at least a first portion of the communication session data determined to include sensitive information according to a first data retention policy set for the first account of the communication platform, the securing resulting in a limited level of access being granted to the communication platform for accessing the sensitive information; and generating operational information from the communication session data of the first platform account, the operational information being accessible during performance of system operations). Claims 9-10 and 13 recite a system commensurate in scope to the method recited in claims 1-2 and 5-7 and are rejected under a substantially similar rationale in view of claims 8-14. Claims 16-17 and 20 recite a computer readable medium commensurate in scope to the method recited in claims 1-2 and 5 and are rejected under a substantially similar rationale in view of claims 15-20. Claims 1, 5, 9, 13, 16 and 20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 10,229,126. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the ‘126 Patent represent an obvious variation of the claims of the instant application and anticipate the subject matter of the instant claims. As to claim 1, the ‘126 Patent discloses a method comprising (Claim 1: A method comprising): accessing, by one or more processors, event data that corresponds to an account (Claim 1: a communication system generating original communication session data of a communication session of a first platform account); and redacting, by the one or more processors, at least one field within the event data based on a redaction policy that corresponds to the account and indicates an action that redacts information, the redacting of the at least one field within the event data including initiation of the action indicated by the redaction policy (Claim 1: a data manager system securing sensitive information of the original communication session data from access by the communication system, according to a data retention policy set for the first platform account; and the data manager system providing operational information from the generated original communication session data of the first platform account, the operational information being accessible by a platform operations system during performance of system operations by the platform operations system). As to claim 5, the ‘126 Patent the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and limiting access granted to a computing system for the sensitive information in the remaining portion of the event data. (Claim 1: a data manager system securing sensitive information of the original communication session data from access by the communication system, according to a data retention policy set for the first platform account; and the data manager system providing operational information from the generated original communication session data of the first platform account, the operational information being accessible by a platform operations system during performance of system operations by the platform operations system). Claims 9 and 13 recite a system commensurate in scope to the method recited in claims 1 and 5 and are rejected under a substantially similar rationale in view of claims 13-20. Claims 16 and 20 recite a computer readable medium commensurate in scope to the method recited in claims 1 and 5 and are rejected under a substantially similar rationale in view of claims 1-20. Claims 1-2, 5-10, 13-17 and 20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 9,858,279. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the ‘279 Patent represent an obvious variation of the claims of the instant application and anticipate the subject matter of the instant claims. As to claim 1, the ‘279 Patent discloses a method comprising (Claim 1: A method comprising): accessing, by one or more processors, event data that corresponds to an account (Claim 1: a computing system generating original image data for a first platform account); and redacting, by the one or more processors, at least one field within the event data based on a redaction policy that corresponds to the account and indicates an action that redacts information, the redacting of the at least one field within the event data including initiation of the action indicated by the redaction policy (Claim 1: a data manager system securing sensitive information of the original image data from access by the computing system, according to a data retention policy set for the first platform account; the data manager system providing operational information from the generated original image data of the first platform account, the operational information being accessible by a platform operations system during performance of system operations by the platform operations system). As to claim 2, the ‘279 Patent discloses the method of claim 1, wherein the processing of the event data includes generating the event data based on usage of a computing system by the corresponding account (Claim 1: a computing system generating original image data for a first platform account). As to claim 5, the ‘279 Patent the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and limiting access granted to a computing system for the sensitive information in the remaining portion of the event data. (Claim 2: The method of claim 1, wherein the data retention policy defines actions to secure the sensitive information, and wherein securing sensitive information comprises performing the actions defined by the data retention policy, and wherein actions include at least one of data redaction, data censoring, data classifying, data bucketing, data aggregating, data encryption, and partial deletion). As to claim 6, the ‘279 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and redacting the sensitive information in the remaining portion of the event data (Claim 2: The method of claim 1, wherein the data retention policy defines actions to secure the sensitive information, and wherein securing sensitive information comprises performing the actions defined by the data retention policy, and wherein actions include at least one of data redaction, data censoring, data classifying, data bucketing, data aggregating, data encryption, and partial deletion). As to claim 7, the ‘279 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and deleting the sensitive information from the remaining portion of the event data. (Claim 2: The method of claim 1, wherein the data retention policy defines actions to secure the sensitive information, and wherein securing sensitive information comprises performing the actions defined by the data retention policy, and wherein actions include at least one of data redaction, data censoring, data classifying, data bucketing, data aggregating, data encryption, and partial deletion). As to claim 8, the ‘279 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and encrypting the sensitive information in the remaining portion of the event data (Claim 2: The method of claim 1, wherein the data retention policy defines actions to secure the sensitive information, and wherein securing sensitive information comprises performing the actions defined by the data retention policy, and wherein actions include at least one of data redaction, data censoring, data classifying, data bucketing, data aggregating, data encryption, and partial deletion). Claims 9, 10 and 13-15 recite a system commensurate in scope to the method recited in claims 1, 2 and 5-7 and are rejected under a substantially similar rationale in view of claims 1-20. Claims 16, 17 and 20 recite a computer readable medium commensurate in scope to the method recited in claims 1 and 5 and are rejected under a substantially similar rationale in view of claims 1-20. Claims 1-2, 5-10, 13-17 and 20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 9,588,974. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the ‘974 Patent represent an obvious variation of the claims of the instant application and anticipate the subject matter of the instant claims. As to claim 1, the ‘974 Patent discloses a method comprising (Claim 1: A method, comprising): accessing, by one or more processors, event data that corresponds to an account (Claim 1: securing sensitive information of original data from access by a computing platform system that generates the original data, the original data being generated by the platform system through operation of the platform system on behalf of a platform account of the platform system); and redacting, by the one or more processors, at least one field within the event data based on a redaction policy that corresponds to the account and indicates an action that redacts information, the redacting of the at least one field within the event data including initiation of the action indicated by the redaction policy (Claim 1: the data manager system securing the sensitive information according to a data retention policy set for the platform account, and providing operational information from the generated data, the operational information being accessible by the computing platform system during performance of system operations). As to claim 2, the ‘974 Patent discloses the method of claim 1, wherein: the processing of the event data includes generating the event data based on usage of a computing system by the corresponding account (Claim 1: securing sensitive information of original data from access by a computing platform system that generates the original data, the original data being generated by the platform system through operation of the platform system on behalf of a platform account of the platform system). As to claim 5, the ‘974 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and limiting access granted to a computing system for the sensitive information in the remaining portion of the event data. (Claim 3: The method of claim 2, wherein the data retention policy defines actions to secure the sensitive information, and wherein securing sensitive information comprises performing the actions defined by the data retention policy). As to claim 6, the ‘974 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and redacting the sensitive information in the remaining portion of the event data. (Claim 5: The method of claim 2, wherein actions include at least one of data redaction, data censoring, data classifying, data bucketing, data aggregating, data encryption, and partial deletion). As to claim 7, the ‘974 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and deleting the sensitive information from the remaining portion of the event data. (Claim 5: The method of claim 2, wherein actions include at least one of data redaction, data censoring, data classifying, data bucketing, data aggregating, data encryption, and partial deletion). As to claim 8, the ‘974 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and encrypting the sensitive information in the remaining portion of the event data (Claim 5: The method of claim 2, wherein actions include at least one of data redaction, data censoring, data classifying, data bucketing, data aggregating, data encryption, and partial deletion). Claims 9, 10 and 13-15 recite a system commensurate in scope to the method recited in claims 1, 2 and 5-7 and are rejected under a substantially similar rationale in view of claims 11-20. Claims 16, 17 and 20 recite a computer readable medium commensurate in scope to the method recited in claims 1 and 5 and are rejected under a substantially similar rationale in view of claims 1-20. Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 9,251,371. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the ‘371 Patent represent an obvious variation of the claims of the instant application and anticipate the subject matter of the instant claims. As to claim 1, the ‘371 Patent discloses a method comprising (Claim 1: A method, comprising): accessing, by one or more processors, event data that corresponds to an account (Claim 1: generating data through operation of the computing platform system on behalf of the account); and redacting, by the one or more processors, at least one field within the event data based on a redaction policy that corresponds to the account and indicates an action that redacts information, the redacting of the at least one field within the event data including initiation of the action indicated by the redaction policy (Claim 1: moderating the generated data of the account according to the data retention policy of the account; and storing the moderated data, wherein the computing platform system moderates the generated data by: securing sensitive information of the generated data from access by the computing platform system, and providing operational information from the generated data, the operational information being accessible by the computing platform system during performance of system operations). As to claim 2, the ‘371 Patent discloses the method of claim 1, wherein: the processing of the event data includes generating the event data based on usage of a computing system by the corresponding account (Claim 1: generating data through operation of the computing platform system on behalf of the account). As to claim 3, the ‘371 Patent discloses the method of claim 1, further comprising: accessing the privacy policy from a configuration file that corresponds to the account (Claim 15: The method of claim 2, wherein the computing platform system receives the data retention policy via at least one of: a data retention policy API (Application Program Interface); an administrator control panel user interface provided by the computing platform system; a configuration file provided by an external account holder system; and directives during operation of the computing platform system). As to claim 4, the ‘371 Patent discloses the method of claim 1, further comprising: receiving the privacy policy from a computing system used to generate the event data (Claim 1: setting a data retention policy of an account at the computing platform system). As to claim 5, the ‘371 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information ; (Claim 2: securing sensitive information of the generated data from access by the computing platform system, and providing operational information from the generated data, the operational information being accessible by the computing platform system during performance of system operations); and limiting access granted to a computing system for the sensitive information in the remaining portion of the event data (Claim 3: The method of claim 2, wherein the data retention policy defines actions performed by the computing platform system on the data to secure the sensitive information prior to storing the data in a data warehouse of the computing platform system, and wherein moderating data comprises performing the actions defined by the data retention policy). As to claim 6, the ‘371 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and redacting the sensitive information in the remaining portion of the event data (Claim 5: The method of claim 3, wherein actions include at least one of data redaction, data censoring, data classifying, data bucketing, data aggregating, data encryption, and partial deletion). As to claim 7, the ‘371 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and deleting the sensitive information from the remaining portion of the event data (Claim 5: The method of claim 3, wherein actions include at least one of data redaction, data censoring, data classifying, data bucketing, data aggregating, data encryption, and partial deletion). As to claim 8, the ‘279 Patent discloses the method of claim 1, further comprising: securing a remaining portion of the event data based on a privacy policy that corresponds to the account, the securing of the remaining portion of the event data including: determining that the remaining portion of the event data includes sensitive information; and encrypting the sensitive information in the remaining portion of the event data. (Claim 5: The method of claim 3, wherein actions include at least one of data redaction, data censoring, data classifying, data bucketing, data aggregating, data encryption, and partial deletion). Claims 9-15 recite a system commensurate in scope to the method recited in claims 1-7 and are rejected under a substantially similar rationale in view of claims 1-20. Claims 16-20 recite a computer readable medium commensurate in scope to the method recited in claims 1-5 and are rejected under a substantially similar rationale in view of claims 1-20. Prior Art The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. U.S. Patent Application Publication No. 2013/0272523 by McCorkindale et al. discloses field level encryption of redacted data U.S. Patent Application Publication No. 2015/0066866 by Yara et al. discloses selective data management of sensitive data Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL S MCNALLY whose telephone number is (571)270-1599. The examiner can normally be reached Monday-Friday, 8:30 AM - 5:00 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L Nickerson can be reached on (469)295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. MICHAEL S. MCNALLY Primary Examiner Art Unit 2432 /Michael S McNally/Primary Examiner, Art Unit 2432
Read full office action

Prosecution Timeline

Aug 28, 2024
Application Filed
Dec 05, 2025
Non-Final Rejection — §101, §102, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/602,162
Patent 12597369
CRYPTO RECOVERY SEED PHRASE STORAGE DEVICE
2y 5m to grant Granted Apr 07, 2026
18/446,689
Patent 12579243
PROVIDING DYNAMIC AUTHENTICATION AND AUTHORIZATION AN ON ELECTRONIC DEVICE
2y 5m to grant Granted Mar 17, 2026
18/166,488
Patent 12572676
AUTHENTICATED DOCUMENT STORAGE VAULT
2y 5m to grant Granted Mar 10, 2026
18/410,406
Patent 12561422
SYSTEM FOR AUTHENTICATING DATA
2y 5m to grant Granted Feb 24, 2026
18/578,261
Patent 12563401
Hash Function and Lawful Interception
2y 5m to grant Granted Feb 24, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
90%
Grant Probability
98%
With Interview (+8.7%)
2y 8m
Median Time to Grant
Low
PTA Risk
Based on 1060 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month