2020000788 (P.T.A.B. Jul. 27, 2021)

David Mohler et al.

Patent Trials and Appeals BoardJul 27, 2021

2020000788 (P.T.A.B. Jul. 27, 2021)

UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 11/955,170 12/12/2007 David S. Mohler 4366-551 5185 48500 7590 07/27/2021 SHERIDAN ROSS P.C. 1560 BROADWAY, SUITE 1200 DENVER, CO 80202 EXAMINER DEBNATH, SUMAN ART UNIT PAPER NUMBER 2495 NOTIFICATION DATE DELIVERY MODE 07/27/2021 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): cjacquet@sheridanross.com edocket@sheridanross.com pair_Avaya@firsttofile.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________ Ex parte DAVID S. MOHLER and JASON H. VICK ____________ Appeal 2020-000788 Application 11/955,170 Technology Center 2400 ____________ Before ELENI MANTIS MERCADER, ADAM J. PYONIN, and GARTH D. BAER, Administrative Patent Judges. BAER, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE Appellant1 appeals under 35 U.S.C. § 134(a) from the Examiner’s final rejection of claims 1–8, 11–14, 16–19, and 25–30, which are all pending claims. Appeal Br. 2. We have jurisdiction under 35 U.S.C. § 6(b). We AFFIRM IN PART. 1 We use “Appellant” to refer to “applicant” as defined in 37 C.F.R. § 1.42. Appellant identifies Avaya Inc. as the real party in interest. Appeal Br. 2. Appeal 2020-000788 Application 11/955,170 2 BACKGROUND A. The Invention Appellant’s invention is directed to “associating a sensitive information identifier with information identified as sensitive” in conjunction with processing electronic mail. Spec. 4:19–20. Claims 1, 11, and 26 are independent; claim 1 is reproduced below: 1. A method of managing information comprising: associating, by a processor, a sensitive information identifier with information identified as sensitive, wherein the sensitive information identifier is associated with an email received by a user; tracking actions, by the processor, relative to the sensitive information, wherein tracking the actions comprises appending a new sensitive information identifier to an email forwarded by the user that was forwarded based on the received email; and performing, by the processor in response to tracking the actions, an action to protect the sensitive information from unauthorized access based on the sensitive information identifier, wherein the action performed is to delete or sanitize the email and the forwarded email. Appeal Br. 17 (Claims App.). B. The Rejections on Appeal The Examiner rejects claims 1, 11, and 26 under 35 U.S.C. § 103(a) as unpatentable over Brown (US 2007/0033283 A1; Feb. 8, 2007) and LeVasseur (US 2007/0113101 A1; May 17, 2007). Final Act. 6. The Examiner rejects claims 2, 3, 6, 7, 12, 13, 16, 17, 19, and 27 under 35 U.S.C. § 103(a) as unpatentable over Brown, LeVasseur, and Zasman (US 7,693,877 B1; Apr. 6, 2010). Final Act. 9. Appeal 2020-000788 Application 11/955,170 3 The Examiner rejects claims 4, 5, and 14 under 35 U.S.C. § 103(a) as unpatentable over Brown, LeVasseur, Zasman, and Elgressy (US 2006/0265446 A1; Nov. 23, 2006). Final Act. 12. The Examiner rejects claims 8, 18, 25, 28, and 30 under 35 U.S.C. § 103(a) as unpatentable over Brown, LeVasseur, Zasman, and Chiasson (US 2007/0192604 A1; Aug. 16, 2007). Final Act. 13. The Examiner rejects claim 29 under 35 U.S.C. § 103(a) as unpatentable over Brown, LeVasseur, Zasman, and Kinder (US 2008/0301770 A1; Dec. 4, 2008). Final Act. 15. ANALYSIS We have reviewed the Examiner’s rejections in light of Appellant’s arguments. Arguments Appellant could have made but chose not to make are waived. See 37 C.F.R. § 41.37(c)(1)(iv) (2018). Except where noted, we adopt the Examiner’s findings and conclusions as our own, and add the following primarily for emphasis. A. Obviousness Rejection of Claim 1 Appellant argues in the Appeal Brief that “LeVasseur does not teach that the Message ID can be used to determine if the email itself contains sensitive information or not” (Appeal Br. 8 (citing LeVasseur ¶¶ 168–169)), and that “LeVasseur is silent on deleting email threads, let alone what steps/identifiers are used to delete an email thread.” Appeal Br. 10 (citing LeVasseur ¶¶ 75, 78, Figs. 36, 38). In the Reply Brief, Appellant contends that Brown lacks “any teaching or reasonab[le] suggestion of appending a sensitive information identifier, new or otherwise, to an email” (Reply Br. 3 Appeal 2020-000788 Application 11/955,170 4 (citing Brown ¶¶ 81, 85, 95)) and that “[w]hat Brown teaches is the scanning of information that may contain sensitive information, whether it be a particular string or ‘other types of sensitive information.’” Reply Br. 4 (citing Brown ¶ 81). We are not persuaded by Appellant’s arguments. The Examiner finds, and we agree, that “Brown teaches tracking actions for email relative to sensitive information and in response to tracking the actions, performs action[s] to quarantined (i.e. sanitized) the sensitive information.” Ans. 6 (citing Brown ¶¶ 81, 85, 95). The Examiner further finds, and we agree, that LeVasseur’s “Message ID” is equivalent to Applicant’s “information identifier” which is an identifier of an email that was forwarded (e.g., see, [LeVasseur ¶ 168]; herein [the] forwarded email has a message id and messages that are forwarded contains the message id and also the parent message id in order to group the original email and the forwarded or replied emails in a thread). Ans. 6. Appellant attacks Brown and LeVasseur individually, and thus fails to address the Examiner’s findings. See In re Merck & Co., Inc., 800 F.2d 1091, 1097 (Fed. Cir. 1986) (“Non-obviousness cannot be established by attacking references individually where the rejection is based upon the teachings of a combination of references.”). Further, Appellant’s argument that in LeVasseur, “deleting a message threat is not what is claimed” (Reply Br. 5) fails to address the Examiner’s findings (see Ans. 6). Further, we find one skilled in the art would recognize a successful information sanitization would require all emails containing the sensitive information originating from the email to be sanitized, otherwise the sensitive information would be available for retransmission and thus ripe for mischief. Appeal 2020-000788 Application 11/955,170 5 Accordingly, we sustain the Examiner’s obviousness rejection of independent claim 1, as well as independent claims 11 and 26 commensurate in scope, as well as dependent claims 2, 4–8, 11, 12, 14, 16–19, 27, and 28 not separately argued. See Appeal Br. 11. B. Obviousness Rejection of Claims 3 and 13 Claim 3 recites “[t]he method of claim 1, further comprising detecting, by the processor, a tamper attempt and performing, by the processor, an accelerated action based on the sensitive information identifier.” Appellant argues “Zasman does not suggest that the deletion is based on any type of security or protection of sensitive information as recited in claim 3.” Appeal Br. 12. We agree. The Examiner finds, and we agree that “Zasman discloses deleting data (i.e. triggering a deletion process) when retention periods expire[] (i.e. an expiration time for data)” and that “deletion was triggered by expiration of retention period; thus the action was accelerated.” Ans. 11– 12 (citing Zasman 4:35–53). However, the Examiner’s findings do not identify any teaching or suggestion in the references regarding the detection of the claimed “tamper attempt.” Accordingly, we are constrained by the record to reverse the Examiner’s obviousness rejection of dependent claim 3, and dependent claim 13 commensurate in scope. C. Obviousness Rejection of Claims 25 and 30 Claim 25 recites “[t]he method of claim 1, wherein the action is to sanitize the sensitive information and further comprises altering, by the Appeal 2020-000788 Application 11/955,170 6 processor, a login or boot process by hiding the sanitization of the sensitive information by providing a dummy login screen or blanking the screen while the sensitive information is sanitized.” Appellant argues that [t]he reason why the system Chiasson does not boot-up is to protect the sensitive information so an unauthorized user cannot access it. The way Chiasson protects data is to prevent access to the data where claim 1 protects the data by sanitizing the data. Appeal Br. 13 (citing Chiasson ¶ 8). We agree. The Examiner adds Chiasson as teaching claim 25’s limitations, finding that because Chiasson teaches that an “authentication key is not verified then the boot-up sequence will be disabled” (Final Act. 13 (citing Chiasson ¶ 8)) and also finding that “Chiasson discloses the step of providing a blank screen by disabling a boot-up sequence (e.g. see, [Chiasson ¶ 8]); when a boot-up sequence is disabled, [the] computer screen would appear blank.” Ans. 12. Here, the Examiner provides no explanation how disabling a boot-up sequence will provide either a blank screen or a dummy login screen while the sensitive information is sanitized, or how the references’ combined teachings accomplish these simultaneous operations. Accordingly, we are constrained by the record to reverse the Examiner’s obviousness rejection of dependent claim 25, and claim 30 based on its dependency from dependent claim 25. D. Obviousness Rejection of Claim 29 Claim 29 recites [t]he method of claim 1, wherein the sensitive information identifier further comprises information about a geographical region, wherein the information about the geographical region allows the sensitive information to be Appeal 2020-000788 Application 11/955,170 7 accessed only when a communication device of the user that contains the sensitive information is operating within the geographical region, and wherein the geographical region is based on a calendar application of the user. Appellant argues that [w]hile [Kinder ¶ 25] does teach that if a “user is on a physical machine located in a public location (e.g., a terminal in the public kiosk), the user may be denied access to some of the VMs 103 in the VM map 184 that contains sensitive information,” [Kinder ¶ 25] does not even mention any kind of calendar of the user. Appeal Br. 14–15. In response, the Examiner finds that a calendar application is included with any computer, and furthermore, Kinder discloses wherein the information about a geographical region allows the sensitive information to be accessed only when a communication device of the user that contains the sensitive information is operating within the geographical region. Ans. 13 (citing Kinder ¶ 13). Even if the Examiner’s finding that “a calendar application is included with any computer” — a finding with no factual support — were true, the Examiner has not provided any reasoning regarding how the combined references teach or suggest the claimed “geographical region is based on a calendar application of the user.” Here, Kinder’s reliance on “public location” does not appear to be tied to any temporal determination. Accordingly, we are constrained by the record to reverse the Examiner’s obviousness rejection of dependent claim 29. CONCLUSION Appeal 2020-000788 Application 11/955,170 8 In summary: No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a). See 37 C.F.R. § 1.136(a)(1)(iv). AFFIRMED IN PART Claim(s) Rejected 35 U.S.C. § Reference(s)/Basis Affirmed Reversed 1, 11, 26 103(a) Brown, LeVasseur 1, 11, 26 2, 3, 6, 7, 12, 13, 16, 17, 19, 27 103(a) Brown, LeVasseur, Zasman 2, 6, 7, 12, 16, 17, 19, 27 3, 13 4, 5, 14 103(a) Brown, LeVasseur, Zasman, Elgressy 4, 5, 14 8, 18, 25, 28, 30 103(a) Brown, LeVasseur, Zasman, Chiasson 8, 18, 28 25, 30 29 103(a) Brown, LeVasseur, Zasman, Kinder 29 Overall Outcome 1, 2, 4–8, 11, 12, 14, 16– 19, 26–28 3, 13, 25, 29, 30