TECHNOLOGIES FOR PRIVACY SEARCH AND REMEDIATION

§101 §102

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claim 1-16 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. In summary, Claim 1 recites a computing device comprising “a user interface manager”, “a privacy search engine”, “a privacy extraction engine”, and “a multimodal privacy analysis engine”. However, 0035 of the specification indicates “The various components of the environment 200 may be embodied as hardware, firmware, software, or a combination thereof.” Accordingly, the recited computing device is computer software per se and is not a process, machine, manufacture, or a composition of matter as defined in 35 USC 101. Claims 2-16 fail to resolve the deficiencies of claim 1 and are therefore also rejected. Claim Rejections - 35 USC § 102 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. Claim(s) 1-4, 6-10, 13-18, and 20 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by U.S. Patent Application Publication 20210042408 by Van Dyke et. al. (hereafter Van Dyke). Claim 1: Van Dyke discloses: “a user interface manager to receive seed data for a privacy search, the seed data comprising general data relevant to an individual, wherein the general data comprises a name, a company, a city of residence, or an email address;” [See 0077-0090, 0095-0098, fig. 1-3. Accordingly, a user interface manager to receive seed data (0077, consumer may also provide consumer profile information) for a privacy search (0089, search for breach information related to one or more breach events), the seed data comprising general data relevant to an individual (0077, consumer profile information; 0068, information for a subscriber-consumer can include identifying information for identifying the subscriber-consumer including for example, the subscriber-consumer's name, address, e-mail address, phone, other social media contact information (Twitter®, Instagram®, etc.)), wherein the general data comprises a name (0068, name), a company (0068, twitter, Instagram, etc.), a city of residence (0068, address), or an email address (0068, email address;)] “a privacy search engine to search a plurality of internet sites based on the seed data to identify a plurality of privacy relevant search results, wherein each privacy relevant search result is associated with an internet source and an internet resource;”[fig. 1-3, 0077, 0089, 0095. Accordingly, a privacy search engine to search (fig. 2, 113) a plurality of internet sites (fig. 1, 40, 11, 87, 89, 22; 0062) based on the seed data (0077, provide consumer profile information; fig. 2 provide information at 107, search is done at 113 based on 107) to identify a plurality of privacy relevant search results (0089, breach events; 0089 breach information related to one or more breach events of interest to the consumer), wherein each privacy relevant search result (0089, listing the breach events)is associated (fig. 1)with an internet source (0062, information source from which a breach event can be reported; fig. 1 40, 11, 87, 89) and an internet resource (0089, breach intelligence network and/or bc data structure 22)] “a privacy extraction engine to extract a plurality of privacy relevant entities from the plurality of privacy relevant search results, wherein each entity of the privacy relevant entities comprises a multimodal asset; and” [fig. 8-17 and 0091-0092. a privacy extraction engine to extract a plurality of privacy relevant entities (0091, breach information) from the plurality of privacy relevant search results (fig. 8 70), wherein each entity (fig. 9, types of breach information in fig. 9 such as breach risk score) of the privacy relevant entities (0091, breach information)comprises a multimodal asset (figs. 9, breach risk score is text/image; ); and] “a multimodal privacy analysis engine to refinethe plurality of privacy relevant entities to generate an individual privacy profile, wherein the individual privacy profile identifies privacy relevant entities and associated privacy relevant search results, and wherein the individual privacy profile is associated with the individual;” [a multimodal privacy analysis engine to refine the plurality of privacy relevant entities (fig. 17, organization, breach date, exposed credentials, exposure, breach score ) to generate an individual privacy profile (fig. 17, 57), wherein the individual privacy profile (fig. 17 57) identifies privacy relevant entities (fig. 17, such as breach score; 0091, breach information)and associated privacy relevant search results (fig. 17, 70; breach events), and wherein the individual privacy profile is associated with the individual (fig. 17, 57, my breach clarity history)] “wherein the user interface manager is further to present the individual privacy profile to a user.”[ wherein the user interface manager is further to present the individual privacy profile to a user (fig. 17)] Claim 2: Van Dyke discloses: “The computing device of claim 1, wherein to search the plurality of internet sites comprises to rank the plurality of privacy relevant search results according to privacy relevance.”[ wherein to search the plurality of internet sites (fig. 1, 11, 89, 40, 87, 22 are sites that are used for information search) comprises to rank (fig. 9, risk level; each breach event has a risk level assigned) the plurality of privacy relevant search results (fig. 8, breach events)according to privacy relevance (0111, consumer risk; 0111,indicator of the consumer risk associated with the breach event)] Claim 3: Van Dyke discloses: “The computing device of claim 1, wherein to extract the plurality of privacy relevant entities comprises to detect personally identifiable information from the plurality of privacy relevant search results.”[ wherein to extract the plurality of privacy relevant entities (0091, breach information comprises to detect (0010, consumer profile information is matched) personally identifiable information (0077, consumer profile information which can include personally identifying information) from the plurality of privacy relevant search results (0010, breach event; 0010 consumer profile information is matched to a respective breach event of the plurality of breach events)] Claim 4: Van Dyke discloses: “The computing device of claim 1, wherein to extract the plurality of privacy relevant entities comprises to perform object detection for privacy sensitive content from the plurality of privacy relevant search results.”[ wherein to extract the plurality of privacy relevant entities (0091, breach information) comprises to perform object detection for privacy sensitive content(0062, information elements breached in the breach event; 0062, unauthorized personal information and/or credentials) from the plurality of privacy relevant search results (0062, breach event)] Claim 6: Van Dyke discloses: “The computing device of claim 4, wherein to perform object detection comprises to: detect a high-value asset in a privacy relevant search result; detect drug or alcohol content in a privacy relevant search result; or detect sex or nudity content in a privacy relevant search result.”[ perform object detection comprises to: detect a high-value asset (0062, unauthorized personal information and/or credentials for sale) in a privacy relevant search result (0062, breach event); detect luxury travel (0068, consumer’s geographic location, income demographic) in a privacy relevant search result (0068, breach event; 0068, subscriber-consumer’s profile is associated in the data structure 22 at least with each breach event); detect drug or alcohol content (0068, protected health information)in a privacy relevant search result (0068, breach event); or detect sex or nudity content (0068, gender) in a privacy relevant search result (0068, breach event)] Claim 7: Van Dyke discloses: “The computing device of claim 1, wherein to extract the plurality of privacy relevant entities comprises to extract a child's name or age in a privacy relevant search result.[ wherein to extract the plurality of privacy relevant entities (0091, breach information) comprises to extract a child's name (fig. 36, name with other pii; child’s name is name with other pii;) or age (0068 age) in a privacy relevant search result (0068, breach event)] Claim 8: Van Dyke discloses: “The computing device of claim 1, wherein to extract the plurality of privacy relevant entities comprises to identify a social media account associated with the individual in a privacy relevant search result.”[ wherein to extract the plurality of privacy relevant entities (0091, breach information) comprises to identify a social media account (0068, other social media contact information) associated with the individual in a privacy relevant search result (0068, breach event)] Claim 9: Van Dyke discloses: “The computing device of claim 1, wherein to extract the plurality of privacy relevant entities comprises to identify a controversial conversation in a privacy relevant search result.”[ wherein to extract the plurality of privacy relevant entities (0091, breach information) comprises to identify a controversial conversation (0068, password security messages used by the subscriber-consumer) in a privacy relevant search result (0068, breach event)] Claim 10: Van Dyke discloses: “The computing device of claim 1, wherein to extract the plurality of privacy relevant entities comprises to extract a banking challenge question or a banking challenge answer in a privacy relevant search result.”[ wherein to extract the plurality of privacy relevant entities (fig. 30, breach information such as breach clarity score, risk 72, mitigation actions 116; search and extraction is done by consumer user or instituation user) comprises to extract a banking challenge question or a banking challenge answer (fig. 30 at 68, challenge/secret q&A; 0104 ) in a privacy relevant search result (fig. 30 element 70)] Claim 13: Van Dyke discloses: “The computing device of claim 1, wherein to refine the plurality of privacy relevant entities to generate the individual privacy profile comprises to disambiguate the plurality of privacy relevant entities.”[ wherein to refine the plurality of privacy relevant entities (0092, additional information; going from fig. 9/10 to fig. 13/14) to generate the individual privacy profile (fig. 17 57) comprises to disambiguate (0092, additional information as compared with the BC freemium breach information display ) the plurality of privacy relevant entities (0092, breach information)] Claim 14: Van Dyke discloses:The computing device of claim 1, further comprising a privacy remediation engine to: “identify the internet source associated with a privacy relevant search result of the plurality of privacy relevant search results in response to presentation of the individual privacy profile to the user; select a microbot from a plurality of predefined microbots based on the internet source; and”[ identify the internet source (fig. 13/14, Equifax) associated with a privacy relevant search result (fig. 8, 70b) of the plurality of privacy relevant search results (fig. 8, 70a-e ) in response to presentation of the individual privacy profile to the user (0092, view the consumer/customer’s breach history profile 57 by activiating interface element 35); select a microbot from a plurality of predefined microbots (0093, migitgation actions have been completed, and/or activated the recommended mitigation actions) based on the internet source (fig. 13/14, Equifax)] “execute a remediation operation defined by the microbot.”[ execute a remediation operation (0093, activate the recommended mitigation action) defined by the microbot (fig. 14, 116, mitigation actions)] Claim 15: Van Dyke discloses:”The computing device of claim 14, wherein to execute the remediation operation comprises to execute predetermined interaction logic of the microbot.”[ wherein to execute the remediation operation (0093, activate the recommended mitigation action) comprises to execute predetermined interaction logic of the microbot (fig. 15, two-step authentication, lock/unlock debit card, turn on suspicious activity alerts)] Claim 16: Van Dyke discloses:”The computing device of claim 14, wherein to execute the remediation operation comprises to process a response received from the internet source with a trained model of the microbot.”[ wherein to execute the remediation operation (0093, activate the recommended mitigation action) comprises to process a response received from the internet source (fig. 14, breach information of breach event from equifax) with a trained model (fig. 15) of the microbot (0093, mitigation action)] Claims 17-18 and 20: Claims 17-18 and 20 recite similar limitations as that of claims 1, 4, and 14 except that claims 17-18 and 20 are directed to a method instead of a system. The limitations of claims 17-18 and 10 are rejected under similar rationale as that of claims 1, 4, and 14. Allowable Subject Matter Claim 19 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Contact Information Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL PHAM whose telephone number is (571)272-3924. The examiner can normally be reached M-F 11-730pm Eastern. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kavita Stanley can be reached at 571-272-8352. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MICHAEL PHAM/Primary Examiner, Art Unit 2153