Prosecution Insights
Last updated: July 17, 2026
Application No. 18/924,396

DATA PROCESSING CONSENT SHARING SYSTEMS AND RELATED METHODS

Non-Final OA §103
Filed
Oct 23, 2024
Priority
Jun 10, 2016 — provisional 62/348,695 +25 more
Examiner
ZAIDI, SYED A
Art Unit
2432
Tech Center
2400 — Computer Networks
Assignee
OneTrust LLC
OA Round
1 (Non-Final)
82%
Grant Probability
Favorable
1-2
OA Rounds
11m
Est. Remaining
94%
With Interview

Examiner Intelligence

Grants 82% — above average
82%
Career Allowance Rate
636 granted / 778 resolved
+23.7% vs TC avg
Moderate +13% lift
Without
With
+12.8%
Interview Lift
resolved cases with interview
Typical timeline
2y 8m
Avg Prosecution
26 currently pending
Career history
818
Total Applications
across all art units

Statute-Specific Performance

§101
6.6%
-33.4% vs TC avg
§103
74.7%
+34.7% vs TC avg
§102
7.5%
-32.5% vs TC avg
§112
5.9%
-34.1% vs TC avg
Black line = Tech Center average estimate • Based on career data from 778 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION This is a reply to the application filed on 10/23/2024, in which, claims 1-20 are pending. Claims 1, 8, and 15 are independent. When making claim amendments, the applicant is encouraged to consider the references in their entireties, including those portions that have not been cited by the examiner and their equivalents as they may most broadly and appropriately apply to any particular anticipated claim amendments. Information Disclosure Statement The information disclosure statement (IDS) submitted is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Drawings The drawings filed on 10/23/2024 are accepted. Specification The disclosure filed on 10/23/2024 is accepted. Double Patenting 1. A rejection based on double patenting of the "same invention" type finds its support in the language of 35 U.S.C. 101 which states that "whoever invents or discovers any new and useful process ... may obtain a patent therefor ..." (Emphasis added). Thus, the term "same invention," in this context, means an invention drawn to identical subject matter. See Miller v. Eagle Mfg. Co., 151 U.S. 186 (1894); In re Ockert, 245 F.2d 467, 114 USPQ 330 (CCPA 1957); and In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970). 2. The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b). Claims 1, 8, and 15 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-2 of US 11675929 B2. Although the conflicting claims are not identical, they are not patentably distinct from each other because all the limitations recited in the independent claims 1, 8, and 15 of the present application and are broader than limitations recited in independent claims 1-2 of US 11675929 B2. Claims 1, 8, and 15 are rejected on the ground of non-statutory obviousness-type double patenting as being unpatentable over claims 1, 8, 15 of US 12158975 B2. Although the conflicting claims are not identical, they are not patentably distinct from each other because all the limitations recited in the independent claims 1, 8, and 15 of the present application and are broader than limitations recited in independent claims 1, 8, 15 of US 12158975 B2. Claims 2-7, 9-14, and 16-20 of the present application are not patentably distinct from respective claims 1-20 of US 12158975 B2 because the claims recite substantially the same features. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claim(s) 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over US 20170076272 A1 (hereinafter ‘Zhou’) in view of US 20150121462 A1 (hereinafter ‘Courage’) in view of US 20100131595 A1 (hereinafter ‘Sugasaki’). As regards claim 1, Zhou (US 20170076272 A1) discloses: A method comprising: managing consent notice information as part of a consent receipt to enable a user to provide consent a single time for a native application installed on a computing device and iteratively access the consent receipt in order to continue consented-to data processing in the native application without re-prompting the user by: (Zhou: ¶68, claim 9, i.e., the user provides consent initially to the app after which the user is not prompted to provide consent again for further transactions conducted by the app) However, Zhou does not but in analogous art, Courage (US 20150121462 A1) teaches: receiving, by computing hardware of the computing device via the native application, the consent receipt comprising data subject consent data for a data subject; (Courage: Abstract, Figs. 1-2, 5-6, ¶15: “…getting user consent to provide access to an application to the user's network-based account. The application can be running outside a web browser on a computing device having a web OS and a computing device runtime that is a browser process. The method includes providing an identity application programming interface (API) on the computing device to the application to communicate with an identity provider, the identity API being configured to exchange a user login token with the identity provider in return for session cookies for a web-based user consent UI session. The method further includes providing an identity component application coupled to the identity provider through the identity API and configured to serve the user consent UI on the computing device” Note: WebView implements embedded browser for native applications using system software provided APIs/libraries. See e.g., US 20130254139 A1, ¶85) storing, by the computing hardware, the consent receipt comprising the data subject consent data in a storage location; (Courage: Figs. 3-5, ¶44-¶47, ¶55-¶57, i.e., the generating/extraction i.e., translating, of the token from the consent data wherein the token is stored in memory. Note: translating, per Applicant’s disclosure ¶00615, is a cookie/token from the consent data) receiving, by the computing hardware via the native application, a request to provide web content, wherein the web content requires consent from the data subject; (Courage: Figs. 3-5, ¶44-¶47, ¶54-¶57, i.e., providing the token for accessing resources using a webview container) Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to modify Zhou to include providing consent token by an application for accessing content on the web as taught by Courage with the motivation to Zhou et al combination with Sugasaki (US 20100131595 A1) teaches: executing, by the computing hardware via a software development kit associated with the native application, a script to pass the data subject consent data of the consent receipt from the storage location to the computing device; (Courage: Figs. 3-5, ¶28, i..e, the packaged app i.e., sdk, executing a script for the token, ¶44-¶57, i.e., providing the token for accessing resources using a webview container if the consent was previously provided and a token already exists. See also, Sugasaki, ¶37, execution of a script via a SDK) Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to modify Courage to include commonly used technique of executing an SDK implemented script as taught by Sugasaki with the motivation to display content via a web browser interface (Sugasaki, ¶33, ¶37) Zhou et al combination further teaches: determining, by the computing hardware and based on the data subject consent data, that the data subject has provided the consent for the web content; and (Courage: Figs. 3-5, ¶44-¶57, i.e., providing the token for accessing resources using a webview container if the consent was previously provided and a token already exists) responsive to determining that the data subject has provided the consent, displaying, by the computing hardware, the web content. (Courage: Abstract, i.e., displaying the dialogue; Courage: Figs. 3-5, ¶32-¶33, ¶44-¶47, ¶53-¶57, i.e., i.e., the application calls for the token via the webview dialogue wherein the request and response for the token is embedded in the url) Claims 8 and 15 recite substantially the same features recited in claim 1 above, and are therefore rejected based on the aforementioned rationale discussed in the rejection. As regards claim 2, Zhou et al combination teaches the method of Claim 1, wherein displaying, by the computing hardware, the web content comprises displaying the web content via a WebView configured to display the web content within the native application. (Courage: Figs. 3-5, ¶42-¶57, i.e., providing the token for accessing resources using a webview container if the consent was previously provided i.e., without prompting the user, and a token already exists) Claim 16 recites substantially the same features recited in claim 2 above, and is therefore rejected based on the aforementioned rationale discussed in the rejection. As regards claim 3, Zhou et al combination teaches the method of Claim 1, wherein receiving the consent receipt comprising the data subject consent data comprises receiving the data subject consent data from the data subject during an on-boarding process within the native application. (Courage: Abstract, Figs. 1-2, 5-6, ¶15) Claim 10 recites substantially the same features recited in claim 3 above, and is therefore rejected based on the aforementioned rationale discussed in the rejection. As regards claim 4, Zhou et al combination teaches the method of Claim 1, wherein the web content involves use of at least one of a functionality cookie, a performance cookie, a targeting cookie, or a persistent cookie and the consent is required for the us. (Courage: Abstract, Figs. 1-2, 5-6, ¶15) Claims 11 and 17 recite substantially the same features recited in claim 4 above, and are therefore rejected based on the aforementioned rationale discussed in the rejection. As regards claim 5, Zhou et al combination teaches the method of Claim 1, wherein the web content involves at least one of collecting or processing of personal data of the data subject. (Courage: ¶8) Claims 12 and 18 recite substantially the same features recited in claim 5 above, and are therefore rejected based on the aforementioned rationale discussed in the rejection. As regards claim 6, Zhou et al combination teaches the method of Claim 1, wherein the storage location is located on at least one of the computing hardware executing the native application or remote hardware from the computing hardware. (Courage: Figs. 3-5, ¶44-¶57, i.e., the local cache memory or the server for storage) Claims 13 and 19 recite substantially the same features recited in claim 6 above, and are therefore rejected based on the aforementioned rationale discussed in the rejection. As regards claim 7, Zhou et al combination teaches the method of Claim 1, wherein the computing hardware comprises a mobile device and the native application comprises a mobile application. (Courage: Abstract, Figs. 1-2, 5-7, ¶15) Claims 14 and 20 recite substantially the same features recited in claim 7 above, and are therefore rejected based on the aforementioned rationale discussed in the rejection. As regards claim 9, Zhou et al combination teaches the system of Claim 8, wherein the action comprises consented-to data processing in the native application and is performed without prompting the data subject to provide additional consent. (Zhou: ¶68, claim 9. See also, Courage: Figs. 3-5, ¶42-¶57, i.e., providing the token for accessing resources using a webview container if the consent was previously provided i.e., without prompting the user, and a token already exists) Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED A ZAIDI whose telephone number is (571)270-5995. The examiner can normally be reached Monday-Thursday: 5:30AM-5:30PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson can be reached at (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SYED A ZAIDI/Primary Examiner, Art Unit 2432
Read full office action

Prosecution Timeline

Oct 23, 2024
Application Filed
May 22, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12683765
CERTIFICATE-BASED PAIRING OF KEY FOB DEVICE AND CONTROL UNIT
2y 6m to grant Granted Jul 14, 2026
Patent 12682110
IMAGE DISPLAY APPARATUS, IMAGE CAPTURING APPARATUS, CONTROL METHOD, AND STORAGE MEDIUM
1y 9m to grant Granted Jul 14, 2026
Patent 12676855
METHOD AND SYSTEM FOR AUTHENTICATING A USER ON AN IDENTITY-AS-A-SERVICE SERVER
3y 7m to grant Granted Jul 07, 2026
Patent 12671684
SYSTEMS AND METHODS FOR PROACTIVELY UPGRADING LOW QUALITY ACCESS CREDENTIALS
4y 7m to grant Granted Jun 30, 2026
Patent 12671711
SYSTEMS AND METHODS FOR ANALYSIS AND CLASSIFICATION OF DATA SECURITY MEASURES AND DATA INTEGRITY
2y 10m to grant Granted Jun 30, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
82%
Grant Probability
94%
With Interview (+12.8%)
2y 8m (~11m remaining)
Median Time to Grant
Low
PTA Risk
Based on 778 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month