Prosecution Insights
Last updated: July 17, 2026
Application No. 18/975,137

SECURE AND AUTONOMOUS DATA ENCRYPTION AND SELECTIVE DE-IDENTIFICATION

Non-Final OA §102§103
Filed
Dec 10, 2024
Priority
Feb 12, 2024 — provisional 63/552,239
Examiner
NIGH, JAMES D
Art Unit
2400
Tech Center
2400 — Computer Networks
Assignee
UnitedHealth Group Incorporated
OA Round
2 (Non-Final)
59%
Grant Probability
Moderate
2-3
OA Rounds
2y 7m
Est. Remaining
89%
With Interview

Examiner Intelligence

Grants 59% of resolved cases
59%
Career Allowance Rate
503 granted / 856 resolved
+0.8% vs TC avg
Strong +31% interview lift
Without
With
+30.6%
Interview Lift
resolved cases with interview
Typical timeline
4y 3m
Avg Prosecution
24 currently pending
Career history
880
Total Applications
across all art units

Statute-Specific Performance

§101
4.7%
-35.3% vs TC avg
§103
76.7%
+36.7% vs TC avg
§102
13.4%
-26.6% vs TC avg
§112
3.4%
-36.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 856 resolved cases

Office Action

§102 §103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Priority Applicant’s claim for the benefit of U.S. provisional patent application 63/552,239 filed February 12, 2024 under 35 U.S.C. 119(e) is acknowledged. Applicant’s claim for the benefit of a prior-filed application under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged. Applicant has not complied with one or more conditions for receiving the benefit of an earlier filing date under 35 U.S.C. 119(e) as follows: The later-filed application must be an application for a patent for an invention which is also disclosed in the prior application (the parent or original nonprovisional application or provisional application). The disclosure of the invention in the parent application and in the later-filed application must be sufficient to comply with the requirements of 35 U.S.C. 112(a) or the first paragraph of pre-AIA 35 U.S.C. 112, except for the best mode requirement. See Transco Products, Inc. v. Performance Contracting, Inc., 38 F.3d 551, 32 USPQ2d 1077 (Fed. Cir. 1994). The disclosure of the prior-filed application, Application No. 63/552,239, fails to provide adequate support or enablement in the manner provided by 35 U.S.C. 112(a) or pre-AIA 35 U.S.C. 112, first paragraph for one or more claims of this application. Claims 4 and 12 are directed towards multiple streams of a parallel pipeline and the generation of subsets of protected element predictions for subsets of sets of data elements by different types of streams. Neither the specification nor the drawings or Appendix A of Application 63/552,239 fairly teach or suggest the parallel pipeline or the generation of subsets of protected element predictions as this subject matter was clearly added in Figures 4 through 6 of the instant application and the associated paragraphs 0048 through 0104. Therefore priority will only be extended to the filing date of December 10, 2024 of the instant application. Claims 5 and 13 recite that the encryption algorithm is based on the privacy type of the protected data element. Neither the specification nor the drawings or Appendix A of Application 63/552,239 fairly teach or suggest that the encryption algorithm is based on the privacy type of the protected data element as this subject matter was clearly added in Figures 4 and 6 of the instant application and the associated paragraphs 0063-0064 and 0097. Therefore priority will only be extended to the filing date of December 10, 2024 of the instant application. Claims 6 and 14 each recite particular operations of determining a subset of protected data elements from the plurality of protected data elements that correspond to the privacy type of the protected data element, concatenating each protected data element of the subset of protected data elements to generate a concatenated term subset, wherein each protected data element is separated by a delimiting character and generating the encrypted element representation by encrypting the concatenated term subset. Neither the specification nor the drawings or Appendix A of Application 63/552,239 fairly teach or suggest that the determining of subsets, concatenating the elements into a concatenated term subset and generating the encrypted element representation by encrypting the concatenated term subset as this subject matter was clearly added in Figures 4 and 6 of the instant application and the associated paragraphs 0063-0064 and 0073-0074. Therefore priority will only be extended to the filing date of December 10, 2024 of the instant application. None of the remaining claims are fairly supported by the provisional application. Therefore priority on all claims will only be extended to the filing date of December 10, 2024 of the instant application. Information Disclosure Statement The information disclosure statement (IDS) was submitted on March 24, 2025. Reference 1 of the non-patent literature documents citing International Search Report and Written Opinion for Patent Cooperation Treaty Application No. PCT/US2024/046676 has not been placed in the file wrapper by Examiner because that application it appears that the wrong international application was inadvertently added to the collection of filed documents as PCT/US2024/046676 claims a device receiving a sky view indicative of an observable area of sky, receiving global navigation satellite system (GNSS) data from a plurality of satellites observed over a predetermined time period, mapping the GNSS data on data associated to the sky view and generating measured blockage data based on data associated to the mapped GNSS data, wherein the measured blockage data is indicative of an area of sky devoid of observed satellites. This subject matter does not appear to have any relevance to the instant application which is why Examiner suspects that the subject matter of PCT/US2024/046676 may have inadvertently been filed with the instant application. Examiner believes that the intent was to file the international search report and written opinion from international application no. PCT/US2024/059506 which also claims priority to the same provisional application (63/552,539) to which the instant application claims. Therefore Examiner is including as pertinent art not cited the international search report and written opinion from application no. PCT/US2024/059506. Claim Interpretation Claim 5 recites “…wherein the encryption algorithm is based on the privacy type of the protected data element”. Claim 13 contains a similar recitation. During Examination a question arose with regard to whether claims 5 and 13 provided sufficient written description support. The written disclosure does not explicitly describe any means for basing any particular encryption algorithm based on the privacy type of the protected data element. MPEP § 2161.01 recites that “…original claims may lack written description when the claims define the invention in functional language specifying a desired result but the specification does not sufficiently describe how the function is performed or the result is achieved. For software, this can occur when the algorithm or steps/procedure for performing the computer function are not explained at all or are not explained in sufficient detail (simply restating the function recited in the claim is not necessarily sufficient). In other words, the algorithm or steps/procedure taken to perform the function must be described with sufficient detail so that one of ordinary skill in the art would understand how the inventor intended the function to be performed.” Paragraph 0063 of the written disclosure merely recites that “…the encryption algorithm 408 may be based on the privacy type of the protected data element 406. For example, a subset of the plurality of protected data elements 406 may be determined that correspond to the privacy type of the protected data element 406.” Similar recitations are present in paragraphs 0097, 0134 and 0142. These recitations merely repeat the language of the claim but lack any particular mechanism for actually establishing how the inventor selects or bases a particular encryption algorithm for any particular privacy type. However the written description does state the following with regard to how a private key one or more private keys may be assigned to an entity and even may be divided into a subset of secret keys as explained in paragraphs 0069 and 0070: [0069] In some examples, an encryption algorithm 408 may leverage a set of private and/or public keys to encrypt protected data elements 406 of different privacy types. The protected data elements 406 may be encrypted with different private and/or public keys to prevent one private key from decrypting all encrypted element representation 410 associated with a tagged data object 420. In this manner, one or more private keys may be assigned to an entity, based on an entity’s priority level, to allow segmented access to one or more protected data elements 406 of different privacy types within a tagged data object 420. [0070]In some examples, an encryption algorithm 408 may leverage a multiple lock approach in which a private key is divided into a subset of secret keys. For example, instead of a single private key, the private key may be split into multiple parts, such that a private key “AAAA1111” may be split into a first “AAAA” secret key and a second “1111” secret key in a two-part split (any number of splits could be used to increase security at the expense of time). Each secret key may be stored in different locations and/or may require separate authentication by users having different privileges to access the respective keys, such that an entity with access to a first secret key may not have access to the second secret key and vice versa. For example, user(s) provisioned a role with permission to access the first secret key may be denied provision of a role with permission to access the second key. When an encryption algorithm 408 is applied, each of the entities with access to the secret keys that make up the private key may send the keys to the encryption algorithm 408, which encrypts or decrypts a protected data element 406 using a private key generated by concatenating a combination of the received secret keys in an order that may be separately specified at the time the secret keys are generated from the private key. The encryption algorithm 408, for example, may merge the multi-split secret keys to restore the full single private key, then apply the private key to encrypt or decrypt the protected data element 406. In some examples, decryption may require successful authentication by each user associated with one of the secret keys before the secret keys are transmitted and merged. By doing so, multiple different access roles may be enforced to both encrypt and decrypt a protected data element 406 within a tagged data object 420. Therefore for purposes of claim interpretation there is a supportable interpretation in which the “encryption algorithm” of claims 5 and 13 encompasses the both the listed algorithms as recited in paragraph 0067 (“An encryption algorithm 408 may include one or more encryption techniques, such as symmetric key algorithms (e.g., Advanced Encryption Standard (AES)), asymmetric key algorithms (e.g., Rivest–Shamir–Adleman (RSA)), and/or the like. By way of example, the encryption algorithm 408 may include a symmetric encryption technique (e.g., AES-128, AES-256) that applies a cryptographically-generated key (e.g., using a key derivation function (KDF)) to encrypt and/or subsequently decrypt a protected data element 406 (and/or concatenated term subset) upon authentication (e.g., using hash-based message authentication code (HMAC)).”) in combination with the nature of the private keys used to implement the “encryption technique” as explained in paragraphs 0069 and 0070 as shown above. Therefore for prior art purposes the prior art can encompass what Applicant is calling an “encryption technique” or alternatively the selection of one or more encryption keys used in the encryption technique where the encryption technique in conjunction with the assigned private keys contextually forms what Applicant is referring to as the “encryption algorithm”. However with regard to written description support as Examiner does not see where a particular “encryption technique” as it is recited in Applicant’s written disclosure is fairly disclosed as being based on a privacy type and therefore support must be held as being limited to the subject matter as explained in paragraphs 0069 and 0070. During Examination a question arose with regard to whether claims 6 and 14 provided sufficient written description support. Claims 6 and 14 are similar in scope and therefore claim 6 is reproduced below as representative as to the nature of the claims: 6. The computer-implemented method of claim 1, wherein the protected data element is one of a plurality of protected data elements within the input data object and generating the encrypted element representation of the protected data element comprises: determining a subset of protected data elements from the plurality of protected data elements that correspond to the privacy type of the protected data element; concatenating each protected data element of the subset of protected data elements to generate a concatenated term subset, wherein each protected data element is separated by a delimiting character; and generating the encrypted element representation by encrypting the concatenated term subset. Also for reference claim 1 is reproduced below: 1.A computer-implemented method comprising: determining, by one or more processors and a model pipeline, a protected data element from an input data object based on privacy criteria; generating, by the one or more processors, a tagged data object from the input data object by replacing the protected data element with an anonymized privacy tag that identifies a privacy type of the protected data element; generating, by the one or more processors and using an encryption algorithm, an encrypted element representation of the protected data element; inserting, by the one or more processors, the encrypted element representation to a portion of the tagged data object; and storing, by the one or more processors, the tagged data object. The written disclosure does not provide an explicit definition for the term “tagged data object”. Rather the term is described in a manner that explains the properties of a tagged data object. Paragraph 0010 recites that: …Once encrypted, the protected data elements may be replaced within the input data object with anonymized term representations to securely store a resulting tagged data object that preserves the textual coherency of the input data object without exposing sensitive information of the input data object to a digital environment. This, in turn, enables the use of the tagged data object, in place of the input data object, for post processing tasks, such as data analysis and machine learning training, that may benefit from the non-sensitive information of the input data object… Moreover, the anonymized term representations may be linked to encrypted element representations that store encrypted versions of the protected data elements, such that the anonymized term representations may be used to selectively repopulate the tagged data object responsive to successful authentication of authorization credentials of an accessing entity (e.g., user, downstream model). To improve the retrieval accuracy, speed, and reliability of traditional decryption techniques, the encrypted element representations may be stored within the tagged data object to enable the local retrieval and repopulation of the tagged data object. Ultimately, this enables a separable tagged data object that may be accessed, transmitted, and stored across a plurality of different locations without impacting the usability or the security of the text within the tagged data object. Paragraphs 0073 and 0074 further recite: [0073] In some embodiments, a plurality of encrypted element representations 410 respectively corresponding to the plurality of protected data elements 406 extracted from the input data object 402 is inserted to a portion of the tagged data object 420. For example, the portion of the tagged data object 420 may include a termination portion of the tagged data object 420 after the content of the tagged data object 420 concludes. An encrypted element representation 410 may be inserted at a position within a sequence of encrypted element representations 410 respectively corresponding to the plurality of protected data elements 406 based on a location of the protected data element 406 within the input data object 402. For example, each encrypted element representation 410 may be inserted according to the order in which they occur within the tagged data object 420. [0074]For example, a plurality of encrypted element representations 410 may be concatenated within a portion of a tagged data object 420. By way of example, a plurality of encrypted element representations 410 for a plurality of protected data elements 406 extracted from an input data object 402 may be appended at the end (e.g., a terminating portion) of the tagged data object 420. In this manner, encrypted strings for each of the protected data elements 406 within the input data object 402 may be stored, with delimiters identifying a placement of the encrypted strings, with the deidentified text data from the input data object 402. The issue Examiner initially thought might be indicative of a lack of support regarded concerns with how concatenated encrypted elements could be repopulated into the original input data object. Upon review of the written disclosure at paragraph 0064 Examiner’s concerns have been satisfied as paragraph 0064 explicitly explains the mechanism for repopulation of concatenated encrypted elements: [0064]More particularly, one encrypted element representation 410 may be generated for each privacy type. For instance, each protected data element 406 of a particular privacy type may be grouped into a set of protected data elements 406 for the privacy type. As an example, data values, such as “2020-01-01,” “January 1st,” “three days ago,” and/or the like may be grouped into a date privacy type group. In some examples, the set of protected data elements 406 may be grouped by concatenating the terms in a concatenated term subset, in which each protected data element 406 is separated by a delimiter. For example, each date phrase within the input data object 402 may be joined with a tab character (and/or other uncommon characters, such as “||,” etc.) like “2020-01-01<TAB>January 1st<TAB>three days ago” in the order of appearance in the input data object 402. By doing so, encryption speeds may be improved at the cost of less computing resources by selectively applying an encryption algorithm 408 once per privacy type, rather than individually applying the encryption algorithm 408 to each instance of a privacy type (e.g., on a protected element by element basis). Because the concatenation of the encrypted element representations is performed in order of appearance it would be clear to those of ordinary how these could be repopulated within the original input data object as for any given privacy type at the first instance of a particular privacy type the concatenated subset would be decrypted and each element would be restored serially at each location of that particular privacy type of the input data object, allowing the input data to display each protected data element in unencrypted form. Therefore Examiner concludes that claims 6 and 14 are sufficiently supported under the written description requirement. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. Claims 1, 10 and 18 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Taillefer et al. (U.S. Patent Publication 2024/0386122, hereinafter referred to as Taillefer). As per claims 1, 10 and 18 Taillefer discloses determining, by one or more processors and a model pipeline, a protected data element from an input data object based on privacy criteria (0022 “Another advantageous characteristic of a data classification model in some embodiments is support for data classification annotation of individual properties, fields, types, and return values, with a data classification attribute indicating a sensitivity of the annotated item's payload. For example, a property can be marked as [GDPRRES], where “[ ]” indicates annotation and “GDPRRES” represents data classification as GDPR restricted data; GDPR stands for General Data Protection Regulation”, 0089 “For example, a machine learning module or other artificial intelligence mechanism may be trained or otherwise adapted to generate suggestions 908 based on a specified set of data classifications 130. In some embodiments, inputs such as the name of a variable or a class or other data 118 container, the programming language data type 522 of a variable, the syntactic format 524 of a variable as expressed in a lexical analysis token or a regular expression, a classification propagation result, or user feedback from prior suggestions 908, or a combination thereof, serves as input to a machine learning model, a language model, or another artificial intelligence mechanism, which then generates one or more suggestions 908.”) Taillefer discloses generating, by the one or more processors, a tagged data object from the input data object by replacing the protected data element with an anonymized privacy tag that identifies a privacy type of the protected data element (0017 “Redaction technology implicates data classification, in the sense that redaction mechanisms rely on some kind of data classification in order to determine which data to redact. In some scenarios, classifying data (a.k.a. state) includes annotating specific pieces of state, e.g., telemetry data, to enable special treatment as the state travels through a system, e.g., for logging. More generally, data classification can be used to drive redaction, encryption, data retention policy, data residency policy, and more”, 0019 “At the interfaces where classified data passes from one entity to another entity, a taxonomy-agnostic framework would help increase efficiency by reducing or removing a perceived need for the data-receiving entity to replicate or verify data classification computational work which was already done by the data-sending entity.”, 0023 “Another advantageous characteristic of a data classification model in some embodiments is support for encapsulation of any piece of state 118 into a strongly typed data classification wrapper. For example, this may be indicated using a syntax such as GDPRRES<UserAddress>, which represents a computational semantic meaning that includes encapsulation of UserAddress data in a GDPR restricted data wrapper. Such an encapsulation provides strong typing, which helps prevent accidental intermingling of data in different data classifications. Such intermingling is an example of a flaw in data classification propagation.”, 0035 “Some embodiments include a data classification taxonomy definition which has a taxonomy identifier and a set of data classification indicators corresponding to bit positions in a bit vector. This bit vector taxonomy functionality provides the technical benefit of a very efficient transport of state classification within a program or between programs. For instance, some embodiments map data classifications to respective positions in a 32-bit vector, allowing up to thirty-one classifications (end user identification info, customer billing info, organization identification info, etc.) plus a default or catch-all classification, within a mere four bytes of data. Use of a bit vector also has the technical benefit of efficiently supporting combinations of classifications, e.g., an annotation may indicate that particular data is both PII (personal identification information) and PHI (personal health information) by setting the corresponding two bits in a bit vector that annotates the particular data.”) Taillefer discloses generating, by the one or more processors and using an encryption algorithm, an encrypted element representation of the protected data element (0004 “The framework also facilitates flexible implementation of per-taxonomy data protection actions such as deletion, redaction, encryption, anonymization, pseudonymization, hashing, or enrichment, in response to individual or combined data classification indicators.”, 0069 “In some embodiments, the data classification processing routines 216 include a data classification processing routine 216 which upon execution by the processor set performs at least one of the following actions 912 on data that is annotated with an annotation 438, 304 that is mapped 914 to the data classification processing routine: deletion 432, redaction 428, encryption 430, anonymization 434, pseudonymization 436, hashing 424, or enrichment 426.”, 0088 “ In some embodiments, data classification is used to drive automatic encryption of data in transit or at rest. In some scenarios for annotating data in transit, the data classification annotation 438 is chosen based on geographical or jurisdictional information, e.g., to indicate that this data is subject to GDPR or this data is restricted to Europe.”)) Taillefer discloses inserting, by the one or more processors, the encrypted element representation to a portion of the tagged data object (0017 “Redaction technology implicates data classification, in the sense that redaction mechanisms rely on some kind of data classification in order to determine which data to redact. In some scenarios, classifying data (a.k.a. state) includes annotating specific pieces of state, e.g., telemetry data, to enable special treatment as the state travels through a system, e.g., for logging. More generally, data classification can be used to drive redaction, encryption, data retention policy, data residency policy, and more”, 0019 “At the interfaces where classified data passes from one entity to another entity, a taxonomy-agnostic framework would help increase efficiency by reducing or removing a perceived need for the data-receiving entity to replicate or verify data classification computational work which was already done by the data-sending entity.”, 0023 “Another advantageous characteristic of a data classification model in some embodiments is support for encapsulation of any piece of state 118 into a strongly typed data classification wrapper. For example, this may be indicated using a syntax such as GDPRRES<UserAddress>, which represents a computational semantic meaning that includes encapsulation of UserAddress data in a GDPR restricted data wrapper. Such an encapsulation provides strong typing, which helps prevent accidental intermingling of data in different data classifications. Such intermingling is an example of a flaw in data classification propagation.”, 0069 “In some embodiments, the data classification processing routines 216 include a data classification processing routine 216 which upon execution by the processor set performs at least one of the following actions 912 on data that is annotated with an annotation 438, 304 that is mapped 914 to the data classification processing routine: deletion 432, redaction 428, encryption 430, anonymization 434, pseudonymization 436, hashing 424, or enrichment 426.”) Taillefer discloses storing, by the one or more processors, the tagged data object (0034 “For instance, a telemetry collection device may receive telemetry data, classify any not-yet-classified telemetry data and annotate it accordingly, and then forward the classified and annotated data to a logging device”, 0070 “In some embodiments, encryption 430 stores data in a form that is difficult for unauthorized persons to read and understand.”, 0080 “FIGS. 1 to 6 illustrate system 202 architectures with implicit or explicit data protection actions, e.g., checking access permissions, monitoring activity and checking for unusual activity, installing or modifying data protection policies, installing or modifying a framework 212, or otherwise processing data 118, alerting, and archiving, in which the data 118 includes, e.g., sensitive data 508, data classification indicators 304, source code 124, hashes, routines 216, and taxonomy names 402, among other examples disclosed herein.”) As per claim 10 Taillefer discloses one or more processors (0043 “Each computer system 102 includes at least one processor 110. The computer system 102, like other suitable systems, also includes one or more computer-readable storage media 112, also referred to as computer-readable storage devices 112.”) As per claims 10 and 18 Taillefer discloses at least one memory (or non-transitory computer-readable storage media) storing processor-executable instructions that, when executed by the one or more processors, cause the one or more processors to perform operations (0043 “Each computer system 102 includes at least one processor 110. The computer system 102, like other suitable systems, also includes one or more computer-readable storage media 112, also referred to as computer-readable storage devices 112.”, 0095 “Some embodiments include a configured computer-readable storage medium 112. Some examples of storage medium 112 include disks (magnetic, optical, or otherwise), RAM, EEPROMS or other ROMs, and other configurable memory, including in particular computer-readable storage media (which are not mere propagated signals). In some embodiments, the storage medium which is configured is in particular a removable storage medium 114 such as a CD, DVD, or flash memory.”) Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 2 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Taillefer as applied to claim 1 and 18 above, and further in view of McGloin et al. (U.S. Patent Publication 2012/0005720, hereinafter referred to as McGloin). As per claims 2 and 19 Taillefer does not explicitly disclose wherein the encrypted element representation comprises an encrypted string generated from the protected data element and a privacy type delimiter associated with the privacy type of the protected data element. McGloin teaches wherein the encrypted element representation comprises an encrypted string generated from the protected data element and a privacy type delimiter associated with the privacy type of the protected data element (0027 “For example, one jurisdiction may enact a privacy rule that prohibits transmittal of individuals unique government identification numbers (e.g., social security numbers, etc.) while another jurisdiction may allow transmittal of such identification numbers so long as they are encrypted using an encryption algorithm of a particular strength.”, 0028, “Actions privacy rules engine may take in sending transmitted data to the target location include encrypting certain data elements or redacting portions of data elements”, 0035 “Examples of data representation include encrypted data…string type (ST)”) It would have been obvious to one of ordinary skill in the art at the time of the invention to combine the pluggable data processing of Taillefer with the rules engine of McGloin for the purpose of maintaining compliance with local laws involving the transfer of different types of data (McGloin at 0001). Claims 3, 11 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Taillefer as applied to claim 1, 10 and 18 above, and further in view of Stankiewicz et al. (U.S. Patent 10,503,928, hereinafter referred to as Stankiewicz). As per claims 3, 11 and 20 Taillefer, while disclosing the limitations of claims 1, 10 and 18, does not explicitly disclose wherein the protected data element is one of a plurality of protected data elements within the input data object, the portion of the tagged data object is a terminating portion of the tagged data object, and the encrypted element representation is inserted at a position within a sequence of encrypted element representations respectively corresponding to the plurality of protected data elements based on a location of the protected data element within the input data object. Stankiewicz teaches wherein the protected data element is one of a plurality of protected data elements within the input data object, the portion of the tagged data object is a terminating portion of the tagged data object, and the encrypted element representation is inserted at a position within a sequence of encrypted element representations respectively corresponding to the plurality of protected data elements based on a location of the protected data element within the input data object (2:32-42 “At least some aspects of the present disclosure are directed to systems and methods that encrypt on an n-gram basis that is different from encrypting at a bit level. By tokenizing the n-gram and encrypting at that level, a data obfuscation system can perform data analysis on the tokenized n-grams without having the risk of exposing confidential and/or privacy data. For example, the system can apply machine learning algorithms on the encrypted or tokenized data. In some other cases, a data obfuscation system can tokenize elements in a document and perform data analysis on the tokenized elements.”, Figure 4B as shown below in conjunction with 8:14-27 “In some cases, research to be conducted relies on the underlying structure of a document, for example, parts of speech. The obfuscation table and/or the tokens can include such information. For example, an additional field can be appended onto the end of each token to encode this information, as illustrated in FIG. 4B. In the example described in FIG. 4B, each obfuscated token in the obfuscation table 420B has been appended with a part-of-speech identifier. As an example, the original name (John Doe) has been obfuscated through the data package process, but the structure of the word within the sentence has been maintained by appending the NNP (noun, proper, singular) tag to the end of the obfuscated token. Using the obfuscation table 420B, a second data stream 430B is generated.”) PNG media_image1.png 1350 559 media_image1.png Greyscale It would have been obvious to one of ordinary skill in the art at the time of the invention to combine the pluggable data processing of Taillefer with the obfuscation of data using an obfuscation table of Stankiewicz for the purpose of obfuscating private and/or confidential data while maintaining attributes allowing element or n-gram driven research and analysis of the obfuscated data. (Stankiewicz at 2:9-11) Claims 5 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Taillefer as applied to claim 1 and 10 above, and further in view of Peng et al. (Chinese Patent Publication 117807606 A, hereinafter referred to as Peng). As per claims 5 and 13 Taillefer does not explicitly disclose wherein the encryption algorithm is based on the privacy type of the protected element. Peng teaches wherein the encryption algorithm is based on the privacy type of the protected element (It can be understood that because the encryption effects of different types of preset encryption algorithms are different, in another possible embodiment, corresponding preset encryption algorithms can be set for different types of privacy data; Based on this, after obtaining the privacy data in the data to be displayed, the privacy data can be encrypted by the preset encryption algorithm corresponding to the privacy data type to obtain the encrypted data. In this way, the privacy data of different types can be encrypted more pertinently.”) It would have been obvious to one of ordinary skill in the art at the time of the invention to combine the pluggable data processing of Taillefer with the data output method of Peng for the purpose of encrypting privacy data of different types more pertinently. Allowable Subject Matter Claims 4, 6-9, 12 and 14-17 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The following is a statement of reasons for the indication of allowable subject matter: Claims 4 and 12 recite a particular combination of streams of a parallel model pipeline where each stream is used to generate element predictions where the streams are characterized as regular expressions, text, conditional random field and a language model and where an aggregate set of element predictions is generated based on all four prediction sets. Taillefer, while teaching the use of learning models does not teach or suggest prediction of elements or the combination of different input streams as is claimed. Sahu et al. (U.S. Patent 12,499,267, hereinafter referred to as Sahu) teaches context prediction and an ensemble of artificial intelligence/machine learning models that include natural language processing but does not teach the combination of models as claimed. The closest non-patent literature Examiner was able to find was Arellano et al. “Privacy Policy and Technology in Biomedical Data Science”, HHS Public Access Author Manuscript, July 2018, 17 pages which discloses data de-identification, data anonymization, security and privacy-preserving predictive modeling at a very high level but does not cure any of the deficiencies of Ho or Sahu. Therefore claims 4 and 12 are held as being allowable over the prior art. Claims 6 and 14 recite a particular combination of determining a subset of protected data elements that correspond a particular privacy type, concatenating those protected data elements and generating the encrypted element representation by encrypting the concatenated subset. Taillefer is the closest prior art and teaches the encryption of a single element but does not teach or suggest gathering all or a portion of the elements that are common by virtue of their privacy type and forming a concatenated subset and then encrypting the concatenated subset. Sahu also does not teach or suggest such a feature. Arellano also does not teach such a feature. No prior art was revealed in Examiner’s search that alone or in combination would correct the deficiencies of Taillefer. Therefore claims 6 and 14 are held as being allowable over the prior art. Claims 7 and 15 each recite a particular operation that relies on the placement of the anonymized privacy tag within the input data itself whereas Taillefer takes the input data object, encrypts the protected data element and constructs a wrapper with a bitwise indication of the nature of the privacy type represented by the data. Taillefer is only concerned with passing the data to a destination as opposed to the claimed invention that is replacing the protected data element within the input data itself that identifies the privacy type and upon receiving a decryption request can replace the anonymized privacy tag with the protected data element. Claims 8, 9, 16 and 17 depend on claims 7 and 15 and provide further detail with regard to how the claimed invention operates. No prior art including Sahu or Arellano fairly taught or suggested such a feature. Therefore claims 7-9 and 15-17 are held as being allowable over the prior art. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. International Search Report for Patent Cooperation Treaty Application No. PCT/US2024/059506 dated February 02, 2025 Written Opinion of the International Search Authority for Patent Cooperation Treaty Application No. PCT/US2024/059506, mail date unknown, addition to file wrapper for the international application on August 18, 2025 Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES D NIGH whose telephone number is (571)270-5486. The examiner can normally be reached 6:00 to 9:45 and 10:30 to 2:45. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached at (571) 270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JAMES D NIGH/Senior Examiner, Art Unit 3699
Read full office action

Prosecution Timeline

Dec 10, 2024
Application Filed
Mar 27, 2026
Non-Final Rejection (signed) — §102, §103
May 05, 2026
Non-Final Rejection (signed) — §102, §103
Jun 18, 2026
Non-Final Rejection mailed — §102, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12671582
TECHNIQUES FOR ALTERNATIVE DATA EXCHANGE MECHANISMS AT TERMINAL DEVICES
1y 9m to grant Granted Jun 30, 2026
Patent 12657579
SYSTEMS AND METHODS FOR PEER-TO-PEER TRANSMISSION OF DIGITAL ASSETS
1y 8m to grant Granted Jun 16, 2026
Patent 12657592
ADMINISTRATIVE PRECOMPILES
1y 6m to grant Granted Jun 16, 2026
Patent 12651261
INTEGRATION PLATFORM USING HUB COMPUTER
1y 9m to grant Granted Jun 09, 2026
Patent 12623136
METHODS, DEVICES, AND SYSTEMS FOR FACILITATING OFFICIALS DURING A SPORTING EVENT
2y 3m to grant Granted May 12, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

2-3
Expected OA Rounds
59%
Grant Probability
89%
With Interview (+30.6%)
4y 3m (~2y 7m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 856 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month