Prosecution Insights
Last updated: July 17, 2026
Application No. 19/079,277

PROTECTING CONTENTS AND ACCOUNTS USING SCAN OPERATION

Non-Final OA §103
Filed
Mar 13, 2025
Priority
Jul 12, 2017 — provisional 62/531,471 +4 more
Examiner
TSANG, HENRY
Art Unit
Tech Center
Assignee
Material Security Inc.
OA Round
1 (Non-Final)
80%
Grant Probability
Favorable
1-2
OA Rounds
1y 1m
Est. Remaining
97%
With Interview

Examiner Intelligence

Grants 80% — above average
80%
Career Allowance Rate
370 granted / 465 resolved
+19.6% vs TC avg
Strong +17% interview lift
Without
With
+17.2%
Interview Lift
resolved cases with interview
Typical timeline
2y 5m
Avg Prosecution
15 currently pending
Career history
483
Total Applications
across all art units

Statute-Specific Performance

§101
4.4%
-35.6% vs TC avg
§103
81.5%
+41.5% vs TC avg
§102
1.8%
-38.2% vs TC avg
§112
8.4%
-31.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 465 resolved cases

Office Action

§103
DETAILED ACTION The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement The information disclosure statement (IDS) submitted by applicant dated 06/04/2026 has been considered by the examiner. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13. The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer. Claims 1-4, 8-11 and 15-18 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-3, 5, 10-13, 15 and 20 of USPN 11,102,247 (Appl. No: 16/034199). Although the claims at issue are not identical, they are not patentably distinct from each other. (see Claim-Comparison Table below for independent claim 1 of the instant application against Claim 11 of 11,102,247). Claim Application#19/079277 Claim USPN # 11,102,247 1 perform, by a secure content system, a scan of a plurality of electronic messages; for each electronic message of a subset of the plurality of electronic messages found to have sensitive data as a result of the scan, generate, by the secure content system,a replacement electronic message not including at least the sensitive data; replace each electronic message of the subset with its respective replacement electronic message; receive a request from a user to access given sensitive data within an original copy of the given replacement electronic message; determine that a security function is satisfied; and responsive to determining that the security function is satisfied, enable the user to access the sensitive data. 11 receiving, by a secure content system, an original email from a sender to a recipient; scanning, by the secure content system, contents of the original email; evaluating, by the secure content system, the contents of the original email based on a plurality of security rules, each of the plurality of security rules identifying sensitive data within the contents of the original email; generating, by the secure content system, a replacement email including a security link and not including at least the sensitive data from the contents of the original email, the security link providing a requester access to the sensitive data providing that a security function is satisfied, the security function selected from a plurality of candidate security functions based on a level of sensitivity of the original email as determined from the identified sensitive data; sending, by the secure content system, the replacement email including the security link to an electronic mailbox of the recipient, while maintaining the original email in a secure location separate from the electronic mailbox of the recipient; receiving, from the recipient interacting with the security link within the replacement email, a request to access the sensitive data, the request being related to the security link; determining whether the security function is satisfied by the request; and responsive to determining that the security function is satisfied, sending, by the secure content system, the original email to the electronic mailbox of the recipient. Claims 2-4, 8-11 and 15-18 of the instant application is equivalent in scope with claims 1-3, 5, 10-13, 15 and 20 of USPN 11,102,247. Claims 1-20 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-6, 8-10 and 12-16 of USPN 11,799,913 (Appl. No: 17/378554). Although the claims at issue are not identical, they are not patentably distinct from each other. They both involve identifying sensitive data in a message, generating a replacement message without the sensitive data, receiving a request for the sensitive data, determining that a security function is satisfied, and providing the requested sensitive data. Claims 1-20 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-20 of USPN 12,278,844 (Appl. No: 18/461920). Although the claims at issue are not identical, they are not patentably distinct from each other. They both involve identifying sensitive data in a message, generating a replacement message without the sensitive data, receiving a request for the sensitive data, determining that a security function is satisfied, and providing the requested sensitive data. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-2, 8-9 and 15-16 are rejected under 35 U.S.C. 103 as being unpatentable over Everton USPN 9,559,997, in view of Gates et al. US 2012/0240238 (hereinafter Gates). As per claim 1, Everton teaches a non-transitory computer-readable medium comprising memory with instructions encoded thereon, the instructions, when executed by one or more processors, caused to perform operations, the instructions comprising instructions to: perform, by a secure content system, a scan of a plurality of electronic messages (Everton Fig. 1, col 4 lines 1-55, col 8 lines 40-47, processing emails); for each electronic message of a subset of the plurality of electronic messages found to have sensitive data as a result of the scan, generate, by the secure content system, a replacement electronic message not including at least the sensitive data (Everton col 10 line 60 – col 11 line 20, col 12 lines 13-20, replace sensitive data with a link to generate a replacement email); replace each electronic message of the subset with its respective replacement electronic message (Everton col 10 line 60 – col 11 line 20, col 12 lines 13-20, replace sensitive data with a link to generate a replacement email); receive a request from a user to access given sensitive data of the given replacement electronic message (Everton col 11 lines 5-10, col 11 lines 45-65, col 13 lines 40-65, user clicks link); determine that a security function is satisfied (Everton col 11 lines 5-10, col 11 lines 45-65, col 13 lines 40-65, user clicks link. Authenticate user to access content associated with link); and responsive to determining that the security function is satisfied, enable the user to access the sensitive data (Everton col 11 lines 5-10, col 11 lines 45-65, col 13 lines 40-65, user clicks link. Authenticate user and send the associated sensitive data to the user). Everton does not explicitly disclose access given sensitive data within an original copy of a given replacement electronic message. Gates teaches access given sensitive data within an original copy of a given replacement electronic message (Gates paragraph [0026], [0034], [0066]-[0067], [0093]-[0094], [0100]-[0101], user clicks link to request unredacted version (e.g. original copy) of the data). Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Everton of generating a replacement message without sensitive data, requesting the sensitive data, and providing the sensitive data with the teachings of Gates to include generating a replacement message without sensitive data, storing the original copy of the message, requesting the sensitive data, and providing the original copy of the message with the sensitive data because the results would have been predictable and resulted in storing the original copy of the message that includes the sensitive data and providing the original copy when requested. As per claim 2, Everton in view of Gates teaches the non-transitory computer-readable medium of claim 1, wherein contents of the original copy of the given replacement electronic message include textual components, and wherein the instructions to perform the scan comprise instructions to perform a text matching operation on the textual components (Everton col 12 lines 14-21, determine sensitive text to replace; Gates paragraph [0066], text matching to determine sensitive data). As per claims 8-9 and 15-16, the claims claim a method and a system essentially corresponding to the non-transitory computer-readable medium claims 1-2 above, and they are rejected, at least for the same reasons. Claims 3, 10 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Everton in view of Gates, and further in view of Lerman et al. US 2015/0082391 (hereinafter Lerman). As per claim 3, Everton in view of Gates teaches the non-transitory computer-readable medium of claim 1, the instructions further comprising instructions to, enabling the user to access the sensitive data (Everton col 11 lines 5-10, col 11 lines 45-65, col 13 lines 40-65, user clicks link. Authenticate user and send the associated sensitive data to the user; Gates paragraph [0066], [0100]-[0101], recipient receives unredacted version of the data item.). Everton in view of Gates does not explicitly disclose after sending, deleting a copy of sensitive data from a secure location. Lerman teaches after sending, deleting a copy of sensitive data from a secure location (Lerman paragraph [0039], send data to recipient and delete sensitive data from the server). Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Everton in view of Gates of requesting the sensitive data and providing the sensitive data with the teachings of Lerman to include deleting the sensitive data after providing it to the recipient in order to prevent subsequent retrieval of the sensitive data. As per claims 10 and 17, the claims claim a method and a system essentially corresponding to the non-transitory computer-readable medium claim 3 above, and they are rejected, at least for the same reasons. Claims 4, 11 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Everton in view of Gates, and further in view of Black et al. US 2006/0075228 (hereinafter Black). As per claim 4, Everton in view of Gates teaches the non-transitory computer-readable medium of claim 1, wherein the instructions to perform the scan further comprise instructions to: scan the contents of the given electronic message to determine whether one or more of a plurality of security rules associated with one or more security categories are satisfied (Everton col 12 lines 14-21, determine sensitive text to replace; Gates paragraph [0066], text matching to determine sensitive data). Everton in view of Gates does not explicitly disclose select one or more security categories based on contents of a given electronic message of plurality of electronic messages. Black teaches select one or more security categories based on contents of a given electronic message of plurality of electronic messages (Black paragraph [0079], [0109], [0127]-[0147], [0197]-[0198], select rules/dictionaries/etc. based on the electronic message to determine sensitive data). Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Everton in view of Gates of determining sensitive data to replace with the teachings of Black to include selecting a plurality of security rules/dictionaries specific to a message in order to provide specific criteria to recognize sensitive data to prevent any overinclusion or underinclusion. As per claims 11 and 18, the claims claim a method and a system essentially corresponding to the non-transitory computer-readable medium claim 4 above, and they are rejected, at least for the same reasons. Claims 5, 12 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Everton in view of Gates, and further in view of Lirov et al. USPN 6,785,810 (hereinafter Lirov). As per claim 5, Everton in view of Gates teaches the non-transitory computer-readable medium of claim 1, the security function being satisfied (Everton col 11 lines 5-10, col 11 lines 45-65, col 13 lines 40-65, user clicks link. Authenticate user to access content associated with link; Gates paragraph [0096]-[0097]). Everton in view of Gates does not explicitly disclose wherein sensitive data is searchable by user. Lirov teaches wherein sensitive data is searchable by user (Lirov col 8 line 65 – col 9 line 10, col 9 lines 25-30, searching sensitive data). Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Everton in view of Gates of identifying sensitive data and storing the original message including the sensitive data with the teachings of Lirov to include searching for sensitive data in order to provide secure querying of sensitive data stored in the server. Everton in view of Gates and Lirov does not explicitly disclose sensitive data is searchable by the user prior to the security function being satisfied. It would have been obvious to try to search for sensitive data before successfully performing the security function. There are only two options of when to search for the sensitive data, before successfully performing the security function or after successfully performing the security function, and the result will be the same, the user searches for the sensitive data. As per claims 12 and 19, the claims claim a method and a system essentially corresponding to the non-transitory computer-readable medium claim 5 above, and they are rejected, at least for the same reasons. Claims 6, 13 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Everton in view of Gates, and further in view of Han et al. US 2014/0366158 (hereinafter Han). As per claim 6, Everton in view of Gates teaches the non-transitory computer-readable medium of claim 1, wherein the scan yields a determination of given sensitive data for a given original electronic message (Everton col 12 lines 14-21, determine sensitive text to replace; Gates paragraph [0066], text matching to determine sensitive data). Everton in view of Gates does not explicitly disclose determine sensitive data based on a sender having marked at least a portion of given original electronic message sensitive. Han teaches determine sensitive data based on a sender having marked at least a portion of given original electronic message sensitive (Han paragraph [0070], [0075], [0078], [0081], sender marks data as sensitive). Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Everton in view of Gates of determining sensitive data to replace with the teachings of Han to include a sender marking data as sensitive in order to provide the sender the ability to mark data as sensitive and allow the sender to indicate authorized recipients of the sensitive data. As per claims 13 and 20, the claims claim a method and a system essentially corresponding to the non-transitory computer-readable medium claim 6 above, and they are rejected, at least for the same reasons. Claims 7 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Everton in view of Gates, and further in view of Brisebois et al. US 2017/0331777 (hereinafter Brisebois). As per claim 7, Everton in view of Gates teaches the non-transitory computer-readable medium of claim 1. Everton in view of Gates does not explicitly disclose instructions further comprising instructions to remove, from an electronic repository of user, original copy responsive to determining that a threshold amount of time has elapsed from a time at which the original copy was sent to the electronic repository of the user. Brisebois teaches further comprising instructions to remove, from an electronic repository of user, original copy responsive to determining that a threshold amount of time has elapsed from a time at which the original copy was sent to the electronic repository of the user (Brisebois paragraph [0024], [0035], [0038], [0040], [0049], delete message from recipient storage responsive to a particular time period has elapsed since the message was sent). Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Everton in view of Gates of providing the requested original copy of the message including the sensitive data with the teachings of Brisebois to include deleting received data after a threshold amount of time has elapsed in order to enhance the security of the sensitive data and to prevent potential data loss of the sensitive data. As per claim 14, the claim claims a method essentially corresponding to the non-transitory computer-readable medium claim 7 above, and is rejected, at least for the same reasons. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to HENRY TSANG whose telephone number is (571)270-7959. The examiner can normally be reached M-F 9am - 5pm EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached at (571) 272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /HENRY TSANG/ Primary Examiner, Art Unit 2495
Read full office action

Prosecution Timeline

Mar 13, 2025
Application Filed
Jul 07, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12671583
SECURE FILE SHARING METHOD AND SYSTEM
4y 5m to grant Granted Jun 30, 2026
Patent 12671584
GENERATING DEEP-LINKED STOCHASTIC IMAGES
2y 7m to grant Granted Jun 30, 2026
Patent 12652527
Protection of Non-Access Stratum Communication in a Wireless Communication Network
2y 3m to grant Granted Jun 09, 2026
Patent 12652165
MULTI-PARTY COMPUTATION SYSTEM
2y 3m to grant Granted Jun 09, 2026
Patent 12647404
Coordination and management of keys and instructions for multiple encryption
2y 8m to grant Granted Jun 02, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
80%
Grant Probability
97%
With Interview (+17.2%)
2y 5m (~1y 1m remaining)
Median Time to Grant
Low
PTA Risk
Based on 465 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month