14568684 (P.T.A.B. Mar. 6, 2018)

Ex Parte Hay et al

Patent Trial and Appeal BoardMar 6, 2018

14568684 (P.T.A.B. Mar. 6, 2018)

United States Patent and Trademark Office UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O.Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 14/568,684 12/12/2014 Roee Hay IL920140073US1 4962 89553 7590 Law Office of Anthony England IBM SVL 3112 Windsor Road Suite A Austin, TX 78703 EXAMINER SHEPPERD, ERIC W ART UNIT PAPER NUMBER 2492 NOTIFICATION DATE DELIVERY MODE 03/08/2018 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): a@aengland.com s @ aengland. com anthony@maze-england.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte ROEE HAY and OMER TRIPP Appeal 2017-009324 Application 14/568,6841 Technology Center 2400 Before BRUCE R. WINSOR, BETH Z. SHAW, and NABEEL U. KHAN, Administrative Patent Judges. KHAN, Administrative Patent Judge. DECISION ON APPEAL Appellants appeal under 35 U.S.C. § 134(a) from the Final Rejection of claims 1-20. We have jurisdiction under 35 U.S.C. § 6(b). We affirm. 1 Appellants identify International Business Machines Corporation as the real party in interest. App. Br. 2. Appeal 2017-009324 Application 14/568,684 BACKGROUND The Invention According to Appellants, the invention relates to [techniques for determining privacy granularity in a data flow are described herein. The techniques may include identifying a data flow source statement within a computer program and identifying a feature read at the source statement. The feature includes private data of a private data category. The techniques include identifying a sink of the data flow and determining a value associated with the feature flowing into the sink. The value indicates a degree of granularity of the private data flowing into the sink. Abstract. Exemplary independent claim 1 is reproduced below. 1. A method for releasing limited private data, comprising: identifying a source statement within a computer program, wherein the source statement is for a data flow and is configured for reading a feature from a source; identifying the feature of the source statement, wherein the feature comprises private data of a private data category; identifying a sink statement of the data flow, wherein the sink statement is configured for flowing at least a portion of the feature into a sink; determining a value associated with the at least a portion of the feature for flowing into the sink, wherein the value indicates a degree of granularity of the private data of the at least a portion of the feature for flowing into the sink in comparison to the private data of the feature identified at the source; and releasing the at least a portion of the feature for flowing into the sink responsive to whether the degree of granularity exceeds a predetermined threshold level. 2 Appeal 2017-009324 Application 14/568,684 References and Rejections 1. Claims 1, 5, 8, 12, 15, and 18 stand rejected under 35 U.S.C. § 103 as unpatentable over Homyack et al., These Aren’t the Droids You ’re Looking For, 2014, and Granstrom (US 2015/0019578 Al, published Jan. 15,2015). Final Act. 3-6. 2. Claims 2—4, 9-11, 16, and 17 stand rejected under 35 U.S.C. § 103 as unpatentable over Homyack, Granstrom, and Bassett (US 9,292,695 Bl, issued Mar. 22, 2016). Final Act. 6-8. 3. Claims 6, 13, and 19 stand rejected under 35 U.S.C. § 103 as unpatentable over Homyack, Granstrom, and Fink (US 2012/0216177 Al, published Aug. 23, 2012). Final Act. 8-9. 4. Claims 7, 14, and 20 stand rejected under 35 U.S.C. § 103 as unpatentable over Homyack, Granstrom, and Christodorescu et al (US 9,158,604 Bl, issued Oct. 13, 2015). Final Act. 9-10. DISCUSSION Claims 1—7 The Examiner finds Homyack discloses a “method for releasing limited private data” (Final Act. 4 (citing Homyack Abstract, §§ 1, 2.1, 2.2, 2.4) but that it does not teach or suggest determining a degree of granularity and releasing the private data responsive to whether the degree of granularity exceeds a threshold (Final Act. 4-5). To overcome these deficiencies, the Examiner relies on Granstrom, which discloses calculating a derivation factor for determining whether one media content is derived from another, as teaching or suggesting the claimed degree of granularity. Final Act. 5 (citing Granstrom 24, 37, 46). The Examiner combines Granstrom’s derivation factor for determining the similarity between two pieces of media 3 Appeal 2017-009324 Application 14/568,684 content, with Homyack’s system for blocking the release of private and personal data, such that the combination blocks private information if the degree of derivation (degree of granularity) exceeds a threshold or releases it otherwise. Final Act. 5. Appellants take issue with the fact that Granstrom is directed toward media content, whereas the claims are directed toward personal or private data. Specifically, Appellants argue as follows: In spite of stating in paragraph 24 that “It should be noted that in situations in which the systems discussed herein collect personal information about users . . . ,” Granstrom does not elsewhere discuss personal information or the like. All the more certainly, Granstrom does not discuss releasing personal information or the like for flowing into a sink identified by a sink statement. . . . Correspondingly, Granstrom does not relate a derivation metric to collection or release of personal information or the like. App. Br. 13. We are unpersuaded by Appellants’ arguments. The Examiner does not rely on Granstrom for its teaching of personal information. Instead the Examiner relies on Homyack for tracking of personal information in a data flow. Final Act. 4. The Examiner relies on Granstrom for a more general proposition that its derivation metric measuring the similarity between two pieces of media may be applied to determining similarity of Homyack’s personal information. Final Act. 5. Appellants next argue “Granstrom describes comparing a second media content item of unknown content to a first media content item of known content and generating a metric indicating similarity in content of the two” whereas claim 1 requires measuring information relative to itself. App. Br. 13-15. 4 Appeal 2017-009324 Application 14/568,684 Appellants’ argument does not address the Examiner’s findings as a whole. The Examiner does not rely on Granstrom’s comparison of two different media items in the rejection, rather the Examiner takes Granstrom’s teaching of comparing pieces of data to each other to determine their similarity and combines it with Homyack’s personal information in a data flow. See Final Act. 5. Thus, in the Examiner’s proposed combination, Homyack’s personal information is being compared to itself using Granstrom’s derivation metric. Appellants argue the cited references do not teach or suggest a “source statement... for a data flow [that is] configured for reading a feature from a source.” App. Br. 16-17. Appellants also argue the cited references do not teach or suggest a “sink statement. . . configured for flowing at least a portion of the feature into a sink.” App. Br. 17-18. Specifically, regarding the source statement, Appellants argue as follows: Enck, et al’s teaching, i.e., that an information-flow tracking system analyzed thirty Android applications that required access to the Internet and either user’s location, camera or microphone, does not specifically disclose or suggest “identifying a source statement for a data flow that is configured for reading a feature from a source,” as claimed, any more than does the cited teaching of Egele, Smith and the Wall Street Journal discussed in appellant’s Appeal Brief. That is, merely disclosing that the TaintDroid of Egele, et al. identifies and analyzes applications that required access to the Internet and either user’s location, camera or microphone and that TaintDroid tracks information- flow, merely indicates that the flow tracking of TaintDroid identifies data that an application uses and identifies that the application accesses the Internet and either user’s location, camera or microphone. It does not indicate Egele, et al. or Homyack disclose that TaintDroid identifies a “source statement” for the data flow, where the source statement is “configured for reading a feature from a source.” 5 Appeal 2017-009324 Application 14/568,684 Reply Br. 2. Regarding the sink statement, Appellants contend as follows: The Examiner has failed to cite teaching in the prior art that discloses or suggests, in a way the Examiner specifically explains, a “sink statement” that is “configured for flowing at least a portion of [a] feature,” where the feature is read from “an identified source” and is read “into a sink,” as claimed. Reply Br. 3. We disagree that the cited references do not teach or suggest the claimed source and sink statements. Homyack relates to helping users to protect their private data from exfiltration (i.e. sending private data out of the mobile device). Homyack Abstact. In order to do so, Homyack extends the TaintDroid system to track private data. Homyack § 1,^4. TaintDroid is an information-flow tracking system developed by Enck et al. Homyack § 2.2 (citing Enck et al., TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones, OSDI 2010 (hereinafter “Enck”)). Enck describes the TaintDroid information tracking as follows: We use dynamic taint analysis [57, 44, 8, 61, 39] (also called “taint tracking”) to monitor privacy sensitive information on smartphones. Sensitive information is first identified at a taint source, where a taint marking indicating the information type is assigned. Dynamic taint analysis tracks how labeled data impacts other data in a way that might leak the original sensitive information. This tracking is often performed at the instmction level. Finally, the impacted data is identified before it leaves the system at a taint sink (usually the network interface). Enck §2^3. We agree with the Examiner that one skilled in the art would understand Homyack’s TaintDroid information-flow tracking system, as evidenced by Enck, teaches tracking private information (i.e. a feature) in a data flow at the instmction level starting at a taint source and flowing to a taint sink. Ans. 8 (citing Enck §2^3). Thus, we agree with the Examiner 6 Appeal 2017-009324 Application 14/568,684 that Homyack’s information-flow tracking system, as evidenced by Enck, teaches or suggests a source statement for data flow configured for reading a feature from a source, and a sink statement configured for flowing at least a portion of the feature into a sink. Appellants argue “the references do not teach or suggest releasing private data responsive to any metric. All the more certainly, the references do not teach or suggest releasing/not releasing responsive to a metric that measures the particular portion of a feature of private data to be released in comparison to its ‘feature identified at the source,’ i.e., a feature known to the be the source of the particular portion of the feature of private data to be released.” App. Br. 18. Appellants’ argument is unpersuasive. The Examiner finds Granstrom teaches determining whether a derivation metric (i.e. similarity metric) exceeds a threshold and if so, performing certain actions. Ans. 11. The Examiner further finds, Homyack teaches blocking private information from leaving the mobile device. Ans. 11. Combining Granstrom and Homyack, the Examiner finds that the two teach blocking private information responsive to Granstrom’s derivation metric exceeding a threshold (and thus, releasing information if the threshold is not exceeded). We agree with the Examiner’s finding and thus, find no error in the Examiner’s conclusion that Granstrom and Homyack teach or suggest releasing private data responsive to a metric. Accordingly, we sustain the Examiner’s rejection of claim 1, and of claims 2-7, which were argued together with claim 1. See App. Br. 19. 7 Appeal 2017-009324 Application 14/568,684 Claims 8—20 Appellants argue claims 8 through 20 are all the more certainly allowable because independent claims 8 and 15 all the more certainly distinguish the claims from a mere user selection to deny permission for collecting the user’s personal information, which is cited in Granstrom, paragraph 24, in the final Office action. That is, while claim 1 particularly points out that the releasing is responsive to the degree of granularity, etc., which distinguishes the claim from the cited art, claims 8 and 15 even more particularly point out that the releasing is performed by a computer system responsive to the degree of granularity, etc. and also more particularly points out that the computer system determines the “value associated with the at least a portion of the feature for flowing into the sink, wherein the value indicates a degree of granularity of the private data of the at least a portion of the feature in comparison to the private data of the feature identified at the source ...” App. Br. 19. Essentially, Appellants rely on the same arguments made for claim 1, but contend that these arguments are even more persuasive with respective claims 8 and 15 because these claims make explicit that the releasing of the private data is performed by a computer system responsive to the degree of granularity. We disagree with Appellants’ argument for largely the same reasons as discussed with respect to claim 1. The Examiner relies on Homyack for releasing or blocking private information, not Granstrom. Thus, even though Granstrom describes that the user, rather than a computer system, controls how personal information is treated (Granstrom 24), Homyack describes that the system blocks personal information (Homyack Abstract). Accordingly, we sustain the Examiner’s rejection of claims 8-20. 8 Appeal 2017-009324 Application 14/568,684 DECISION The Examiner’s rejection of claims 1-20 is affirmed. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a). See 37 C.F.R. § 41.50(f). AFFIRMED 9