WO2003042773A2 - Personal data repository - Google Patents

Personal data repository Download PDF

Info

Publication number
WO2003042773A2
WO2003042773A2 PCT/IB2002/004756 IB0204756W WO03042773A2 WO 2003042773 A2 WO2003042773 A2 WO 2003042773A2 IB 0204756 W IB0204756 W IB 0204756W WO 03042773 A2 WO03042773 A2 WO 03042773A2
Authority
WO
WIPO (PCT)
Prior art keywords
user
party
personal data
agreement
information
Prior art date
Application number
PCT/IB2002/004756
Other languages
French (fr)
Other versions
WO2003042773A3 (en
Inventor
Margareta G. Bjorksten
Mitri Abou-Rizk
Original Assignee
Nokia, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia, Inc. filed Critical Nokia, Inc.
Priority to GB0410120A priority Critical patent/GB2398414A/en
Priority to DE10297409T priority patent/DE10297409T5/en
Priority to AU2002348990A priority patent/AU2002348990A1/en
Publication of WO2003042773A2 publication Critical patent/WO2003042773A2/en
Publication of WO2003042773A3 publication Critical patent/WO2003042773A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Definitions

  • aspects of the invention pertain to a personal data repository.
  • aspects of the invention relate to a method and apparatus for a user to control access to and usage of his or her personal information in a personal data repository.
  • aspects of the invention pertain to a method and apparatus for a user to control access of and usage to the user's personal information according to a contract between the user and the party requesting access to the personal information.
  • Other aspects of the invention pertain to hiding information pertaining to the user's identity.
  • a method and apparatus are provided for controlling access to, use of and distribution of stored personal data of a user.
  • a user indicates which portions of personal data of the user stored in a personal data repository are releasable to a second party.
  • the second party may be a merchant, or one who sells a service or merchandise, or the second party may be another user, or a group of users.
  • the user and the second party reach an agreement regarding access and use, by the second party, of any portions of the personal data in the personal data repository.
  • the portions of the stored personal data in the personal data repository are released to the second party according to the agreement.
  • the agreement includes what items within the personal data repository may be accessed and how the items may be used by the merchant. Only those items which, according to the agreement, can be accessed and used by the merchant are released to the merchant.
  • a method and apparatus are provided for selectively sending vendor information.
  • One or more trusted parties may be selected at the time of purchase of the user device or during an online registration process.
  • the user may select the trusted party based on, for example, the trusted party's reputation, privacy policy, or reliability of the trusted party's systems, etc.
  • a user may negotiate with a second party that, in exchange for the user allowing the second party to send him information, such as vendor information, the user will be rewarded, i.e, the user will receive compensation, discounts, prizes or points toward discounts or prizes.
  • a trusted party device receives a request to send vendor information.
  • the user device is selected to receive the vendor information.
  • the vendor information is sent to the selected user device.
  • a method and apparatus are provided for controlling receipt of vendor information.
  • a user device receives, from a second party device, a request for at least some personal data of the user.
  • An attempt is made to reach an agreement with the second party, via the second party device, regarding use by the second party of any of the personal data of the user.
  • Information is sent to the user device only if the agreement is reached.
  • a device such as a second party device
  • the second party device may be a music store server and the menu may contain, for example, a list of CDs by the user's favorite recording artists.
  • the second party device may be another user device, a group of user devices or a merchant device.
  • FIG. 10 Other aspects of the invention include a machine readable medium having recorded thereon instructions for a processor in a device to perform methods as described above.
  • the medium may be, but is not limited, to a Read Only Memory (ROM), Random Access Memory (RAM), a floppy disk, a hard disk or an optical disk.
  • Figure 1 shows an embodiment of the invention in which a user device can communicate with an application server or a trusted party device via a network, such as the Internet, or via a wireless connection;
  • Figure 2 illustrates an example of the personal data repository having a master profile and one or more service profiles
  • FIG. 3 is a functional block diagram illustrating an embodiment of a trusted party device
  • Figures 4A and 4B are functional block diagrams illustrating embodiments of a user device
  • FIG. 5 is a functional block diagram of another embodiment of a trusted party device
  • Figure 6 is a functional block diagram of a embodiment of a trusted party device
  • Figure 7 is a message sequence diagram illustrating an example of communications between a user device and a second party device through a trusted party device
  • Figure 8 is a message sequence diagram illustrating an example of communications between a user device and a second party device without a trusted party device
  • Figure 9 is a message sequence diagram showing an example in which a store server pushes advertising information to a user device via a trusted party device;
  • Figure 10 is a message sequence diagram showing an example in which a store server device pushes advertising information directly to a user device;
  • Figure 11 is a message sequencing diagram illustrating the anonymizing feature of an embodiment of the trusted party device
  • Figure 12 is a message sequencing diagram showing an example of messages exchanged in an embodiment of the invention.
  • Figures 13A and 13B are flowcharts illustrating processing within an agreement facilitator of an embodiment of a user device or a trusted party device;
  • Figures 14A and 14B are flowcharts illustrating processing within an embodiment of a rules enforcer of a user device or a trusted party device;
  • Figure 15 is a flowchart illustrating processing within an embodiment of an automatic information collector of a user device or a trusted party device;
  • Figure 16 is a flowchart illustrating processing within an embodiment of a data editor of a user device or a trusted party device
  • Figure 17 is a flowchart illustrating processing within an embodiment of a history recorder of a user device or a trusted party device.
  • Figure 18 is an example of an agreement between a user and a second party.
  • FIG. 1 shows an exemplary embodiment 100 of the invention.
  • user device 102 may communicate with a trusted party device, such as trusted party device 106 or trusted party device 108, to create, change or delete personal data about the user.
  • User device 102 may also indicate which portions of the data may be released and to whom as well as a time period during which the data may be released.
  • User device 102 may also communicate directly with a second party device such as application server 110, application server 112, user device 114 or a group of user devices.
  • a user device, such as user device 114 may access a second party device via a wireless network 116.
  • User device 114 may also access the trusted party device 106 or the trusted party device 108 via a wireless network 116.
  • the user device may be, for example, a mobile subscriber unit, such as a wireless mobile phone, a personal computer, or a Personal Digital Assistant (PDA), all having therein a processor connected to a machine- readable medium, such as, for example, a computer memory, such as a Read Only Memory (ROM), a Random Access Memory (RAM), or a SIM card via a bus, and a means to connect with a computer network, either via, for example, a modem, DSL, cable, wireless modem, or any other well known means of connecting to a network.
  • the ROM may include instructions for the processor as well as static data or constants.
  • the RAM may also include instructions for the processor, static (constants) data and dynamic (variables) data.
  • the user device may also include other machine-readable media , such as floppy or hard disk drives and associated disks.
  • the application server and trusted party device may also include a processor, ROM, RAM, or other storage devices, firmware and/or software, as well as a means to connect to a computer network, as described above.
  • embodiments of the invention provide a user with a way to control the dissemination of personal data of the user to second parties.
  • the personal data is stored in a personal data repository which may include a master profile that contains the user's personal information and a service profile that pertains to a particular second party or to a type of second party.
  • the user may create the master profile and service profile, or as explained below, the master profile and the service profile may be created automatically.
  • the master and service profiles may reside in storage on a user's device, in a distributed manner in storage on one or more trusted party devices, or in a distributed manner in storage on one or more trusted party devices and the user device. The user can decide where the master and service profiles are to be stored and may indicate his preferences when registering for service with a trusted party.
  • FIG. 2 shows an exemplary embodiment of a personal data repository 200.
  • the personal data repository includes the personal data of a user.
  • the personal data of the user may be contained in a master profile 202 and in one or more service profiles.
  • the master profile may include generic information or specific information about the user or owner of the profile depending upon the kind of information the user is willing to share.
  • the master profile may include such items as name, address, credentials, for example, race, eye color or hair color, contacts, shopping interests, credit card information, e-mail address, location information, etc.
  • Service profiles include information that the user wants to share with one or more other parties.
  • a service profile may contain information that a user wants to share with only one party, such as a bank.
  • Other service profiles which may include a user's music interests, or may contain information that the user wants to share with several other parties, for example, a music shop or the user's friends. The user defines what can be shared, with whom, when and according to what kind of contract. Service profiles are based on this information.
  • Service profiles 204, 206, 210 and 212 contain information related to a specific service.
  • Service profile 208 pertains to a generic music profile.
  • Service providers may only access service profiles that pertain to them.
  • service profile 204 pertains to Amazon.com and contains information such as a username and password for logging onto the Amazon.com web site, credit card information, a reference or link to a field, such as an address in the master profile, access history showing the last time that the Amazon.com site was accessed, shopping interests, which may refer to shopping interests stored in the master profile, and a copy of a contract or a reference to a contract which describes an agreement between the user and a second party, for example, Amazon.com, the contract describing the conditions under which the second party can access, use and distribute portions of the information in the personal data repository.
  • the service profile may also include other types of information, such as an expiration date, indicating when authorization for the second party to access, use and distribute portions of the personal data is no longer granted and an interest profile showing interests such as music or other types of interest such as banking and mortgages.
  • the service profile may also include such information as browsing habits, for example, types of sites visited, which can be included within the service profile or a link to the browsing habits can be included in the service profile linking the service profile to browsing habits stored in the master profile. It should be noted that the service profile and the master profile may be stored completely in storage on the user device, on the trusted party device, or partly on the user device and partly on one or more connected trusted party devices in a distributed manner.
  • Second parties may be prevented from accessing information in profiles not intended for their use, by the use of well-known public/private encryption techniques, as well as authentication techniques, such as the use of a password. Merchants may also be verified by using digital certificates.
  • FIG. 3 is a functional block diagram of an exemplary embodiment of a trusted party device 300.
  • the trusted party device may include a data editor 302, network interface 303, storage 304, an agreement facilitator 306, a rules enforcer 308, a history recorder 310, and an automatic information collector 312.
  • the data editor 302 provides an editing function and allows a user communicating with the trusted party device, via a user device, to enter a new master profile, edit the master profile, indicate which portions of the master profile may be accessed and by whom, enter the times during which the portions of the master profile may be accessed, change portions of the master profile and delete portions of the master profile.
  • a service profile can be created automatically based on access and contract rules defined by the user, the user may use the data editor 302 to create a service profile, make changes to the service profile, delete portions of the service profile, indicate which portions of the service profile may be accessed by a second party associated with the profile and enter a name of the second party.
  • the profiles may reside either on the user device or on the trusted party device.
  • the user when a user purchases a user device from an online store, the user may create the profiles using, for example, an online form.
  • the user may also specify where portions of the profiles are to be stored, for example, the user device or one or more trusted devices.
  • the information that is entered may be referenced at a later time, such that basic information need not be retyped.
  • the storage 304 may include, for example, RAM, a hard disk or a floppy disk, to be used to store portions of the personal data repository.
  • Agreement facilitator 306 is provided to aid in negotiating an agreement or contract between a user and a second party regarding the use of personal information of the user that is stored in the personal data repository.
  • a copy of the contract or a link to the copy of the contract may be stored in a service profile.
  • Rules enforcer 308 enforces the rules corresponding to the agreement between the user and the second party, such that the second party can only access those portions of the personal data of the user which the user has agreed to make available to the second party for a time period, if any, agreed upon between the user and the second party.
  • Network interface 303 provides connectivity with a network and may be connected to a network via cable, DSL connection, modem, wireless modem, bluetooth technology or any other well known means for connecting to a network.
  • An embodiment of the trusted party device may include a history recorder 310 which will track the actions of the user, via the user device, and store a history of the actions in a portion of storage associated with the user's master profile.
  • the history recorder may include a level selector, whereby a user, via the user device, may select a level of the actions to be recorded.
  • the level of recording may be set to record any activity by the user on any web site, or only purchases by the user, which the history recorder can determine by detecting when credit card information is requested, or the level of recording may be set to record only browsing activity at a particular type of web site such as online book stores.
  • An automatic information collector 312 may be included in an embodiment of the trusted party device to capture personal information about the user and automatically create or add to the master profile or a service profile.
  • Figure 4A is an exemplary embodiment of a user device 400 for communicating with a trusted party device wherein the trusted party device or a plurality of trusted party devices have storage for storing the user's master profile and service profiles.
  • Information inputter/outputter 402 may include a display 401 and an input device, such as keys 403 or a keyboard, or a speech recognition device (not shown).
  • the information inputter/outputter 401 communicates with data editor 302 of the trusted device via a network interface 404.
  • the network interface 404 may be connected to a network via cable, DSL connection, modem, wireless modem, bluetooth technology or any other well known means for connecting to a network.
  • the information inputter/outputter receives input via the input device and sends the information to the data editor 302 via the network interface 404.
  • Responses from the trusted party device are received by the user device via the network interface 404 and are displayed to the user via the display 401 of the inputter/outputter.
  • Figure 4B illustrates another exemplary embodiment of a user device 405.
  • the user device 405 may include a data editor 412, storage 414, an agreement facilitator 416, a rules enforcer 418, a history recorder 420, and an automatic information collector 422.
  • Network interface 406 provides connectivity with a network and may be connected to a network via cable, DSL connection, modem, wireless modem, bluetooth technology or any other well known means for connecting to a network.
  • Figure 4B contains the same functional elements as the trusted party device shown in Figure 3. The functional elements work as they do in the trusted party device and therefore, will not be discussed again here.
  • FIG. 5 illustrates an exemplary embodiment of a trusted party device with an anonymizer feature.
  • the trusted party device 500 includes an anonymizer 502, a transmitter 504 and a receiver 506.
  • the anonymizer may be included in the user device.
  • Anonymizer 502 strips out any information, which can be used to identify the user, from messages received from the user device before sending the messages to a second party device, thereby allowing the user to remain anonymous.
  • the anonymizer strips out information such as, IP address of the user device, routing information, and user identifying information.
  • Transmitter 504 transmits messages to the user device or to the second party device.
  • Receiver 506 receives messages from the user device or the merchant device.
  • FIG. 6 shows another embodiment of the trusted party device including the anonymizer function and the functions previously described regarding the description of the trusted party device of Figure 3. Because these functions were previously described, they will not be described again here.
  • a user with a user device attempts to establish communication with a second party device through a trusted party device.
  • the trusted party device anonymizes the user by performing actions such as, for example, hiding routing information, hiding user identity information and disabling cookies before sending any communications to the store.
  • the trusted party device forwards the message to the second party device in order to establish communication.
  • the second party device having received the request to establish communication, sends a request for a service profile to the trusted party device.
  • the trusted party device using the rules enforcer to examine the current rules regarding release of personal information to the particular second party, determines whether the second party associated with the second party devicehas permission to receive information in the service profile. If there is no pending agreement with the second party, the rules enforcer denies access to the personal information until an agreement is reached. If the second party does not yet have permission, the agreement facilitator is used to request that the second party agree to a contract with the user regarding handling of the information in the service profile. After a contract is agreed to, the second party device returns an indication of agreement to the trusted party device and stores a copy of the contract in, for example, the master profile with a reference to the contract being stored in the service profile.
  • Figure 18 provides an example of one type of agreement.
  • the exemplary agreement is between a user and a merchant; however, an agreement could be between a user and a second party, such as a merchant, another user, or a group of users.
  • a vendor agree that the user will receive a 10% discount on all merchandise purchased from the vendor during the term of the agreement, thirty days.
  • the vendor will have access to the user's personal information regarding the user's shopping habits, location, and email address.
  • the vendor agrees to use the information provided by the user only for purposes of providing information to the user regarding products that coincide with the user's interests and shopping habits.
  • the vendor agrees not to share the information with other parties.
  • the term of the exemplary agreement is thirty days.
  • other types of agreements are also possible, some examples include, but are not limited to rewarding the user with points toward a discount or free gift or providing a monetary award in exchange for access to the user's personal information.
  • An agreement may also include whether a second party is permitted to keep a history of actions taken by the user with respect to the second party. Further the agreement may require that, if the second party shares the personal information regarding the user, that the second parry inform the user regarding which parties received the shared information and any compensation the second party received for sharing the information.
  • the trusted party device may request and receive, at 716 and 718, the service profile, if the service profile resides on the user device. Otherwise, the trusted party device can retrieve the service profile from its own storage, or may retrieve portions from its own storage and from storage of other connected trusted party devices and return the requested service profile information, at 720 to the second party device.
  • the trusted party device may inform the user that the second party device accessed the service profile.
  • the second party device may construct a personalized service, content or menu based on the information within the service profile. For example, if the second party is a music store, the service profile may include the user's music preferences and the personalized menu may include music selections based on the user's music preferences.
  • the personalized service, content or menu is sent to the trusted party device, which, at 726, forwards the personalized service, content or menu to the user device.
  • the user's service profile may be updated.
  • the service profile may be updated at the trusted party device or among a plurality of trusted party devices, depending on where the profile is stored. Otherwise, the service profile may be updated in storage on the user's device if the profile is stored on the user's device.
  • Figure 8 demonstrates another exemplary use of an embodiment of the invention.
  • a user attempts to establish communication with a second party device.
  • the second party device requests a service profile.
  • a rules enforcer determines whether the second party device has permission to receive service profile information. If the second party device does not have permission to receive the information, then the agreement facilitator within the user device requests that the second party associated with the second party device agree to a contract with the user regarding handling and use of the user's personal information within the service profile.
  • a flowchart of the processing performed by an exemplary embodiment of the agreement facilitator is shown in Figures 13A and 13B and will be described later.
  • an agreement is reached and an indication of the agreement is sent to the user device.
  • the agreement may be reached by the second party viewing the contract on a display and indicating approval by selecting, for example, with a pointing device, such as a mouse, a control indicating agreement.
  • the agreement may also be reached by, for example, a second party module accepting certain standard agreements pre- approved by the vendor.
  • the second party module may be implemented in software.
  • the user device may retrieve the service profile information from its own storage, from the storage of a trusted party device or may retrieve the information from more than one trusted party device, if the information is distributed among the trusted devices, as shown in 812 through 818.
  • the user device having retrieved the service profile information, sends the service profile to the second party device.
  • the second party device builds a personalized service, content or menu based on the information within the service profile, and at 824, sends the personalized service, content or menu to the user device.
  • the personalized service, content or menu is displayed at the user device.
  • the user's service profile and/or master profile may be updated. If the profiles are not stored locally on the user device's storage, then update messages are sent to one or more trusted party devices informing them to update the master and/or service profiles accordingly.
  • Figure 9 provides an example of an advertisement being pushed to a user device via a trusted party device from a store server in an exemplary embodiment of the invention.
  • the advertisement may instead be any type of information, not necessarily an advertisement, and the store server may instead be any second party device.
  • a user at a user device, creates a service profile for push messages. Some time later, at 904, the store server sends a request to send an advertisement to a trusted party device.
  • the trusted party device or server reviews the service profile information and selects customers willing to receive this type of advertisement, based on information in the service profile, such as a flag indicating that the user will accept certain types of information.
  • the advertisement is then sent to users, via their associated user devices, based on the service profile information.
  • the master and/or the service profile information are updated.
  • the service profile may be updated to show that the merchant associated with the store server sent an advertisement to the user device. If this information is not stored locally in storage at the trusted party device, then update profile information is sent to the user device or trusted party devices responsible for storing profile information.
  • Figure 10 shows an example of a direct push to a user device from a second party device in an exemplary embodiment of the invention.
  • the second party device is a store server or merchant device, but may be any type of second party device, such as a store server, another user device, or a group of user devices.
  • the user device creates a service profile for push messages in the personal data repository.
  • the profile may be created automatically via an automatic information collector in the user device or manually via a data editor in the user device.
  • the store server or merchant device requests a service profile from the user device.
  • the agreement facilitator sends a request for an agreement to the store server so that an agreement can be reached between the user and the second party regarding use of the profile information.
  • the store server sends an indication that agreement has been reached or has not been reached.
  • the store server forwards an advertisement or other information to the user device.
  • Figure 11 illustrates the anonymizing feature in an exemplary embodiment of the invention.
  • Figure 11 illustrates the anonymizing feature being used with a browser; however, the anonymizing feature does not require a browser and will work with any messages being passed from a user device to a merchant device through a trusted party device.
  • a user browsing on a user device sends a request to view a second party's web site.
  • the request is received by a trusted party device, which strips out any identifying information, such as routing information (e.g., IP addresses) or anything that may identify the user and also may disable cookies.
  • the trusted party device may replace the user's IP address with one of its assigned IP addresses in the request.
  • a browsing request stripped of identifying information is then sent to a second party device.
  • the second party device sends a browsing response to the trusted party device.
  • the trusted party device maps the IP address in the message to a user device and sends the browsing response to the user device.
  • Figure 12 shows another exemplary series of interactions that can occur between a user device, a trusted party device and a second party device, such as, for example, a store's web server.
  • the user device requests access to a second party's web site, such as www.b.com in order to purchase an item.
  • a service profile for this second party has already been created.
  • the request to the second party's web site passes through the trusted party device, which anonymizes messages from the user device to the second party device.
  • the request for access to the second party's web site is passed from the trusted party device to the second party device.
  • the second party device sends a request to complete a form to the trusted party device.
  • the trusted party device via its server and agent, retrieves data from the service profile in order to complete the form, at 1208.
  • the trusted party device informs the user device that the personal data repository has been accessed.
  • the trusted party device completes the form and at 1214 through 1216, sends the form to the second party device.
  • the second party device sends a request to complete a second form to the trusted party device.
  • the trusted party device updates the service profile indicating that the profile has been accessed by the second party's device.
  • the trusted party device retrieves the data needed to complete the second form.
  • a message is sent to the user device by the trusted party device informing the user that the personal data repository has been accessed.
  • the rules enforcer of the trusted party device determines that the requested information has not yet been authorized by the user and informs a trusted party server of the trusted party device, at 1228.
  • the trusted party device sends a request to the user, via the user device, asking for permission to retrieve the data from the personal data repository.
  • the user grants permission to retrieve the data and sends an indication to the trusted party device.
  • the existing contract is updated to reflect that the to be supplied data may be accessed by the second parry device.
  • the completed form is sent from the trusted party device to the second party device.
  • the service profile is updated.
  • the updates may include, but are not limited to, for example, a password change for a second party to access the profile, a list of web pages visited, new interests, or shopping intentions.
  • Figure 13 illustrates the processing performed in an exemplary embodiment of the agreement facilitator.
  • the agreement facilitator may be included within the trusted party device or within the user device.
  • contract types are sent to the user's display on the user device.
  • the contracts may be located at a "neutral contract/agreement provider" device or at the trusted party device.
  • the contract types may be, but are not limited to, for example, a one-time use contract (for one-time use of user information, a 30 day contract (for a 30 day use of user information), and an unlimited time period contract (for a time period with no specific ending date).
  • a copy of the desired contract may be retrieved from the the trusted party device or from the "neutral contract/agreement provider" device via the trusted party device and is sent to the display of the user device.
  • a check is performed to determine whether the user selected a contract and if so, then at PI 310, a copy of the contract is sent to the second party device. Otherwise, at P1308, a check is performed to determine whether the user wishes to view another contract. If the user does wish to view another contract, then PI 302 will again be performed.
  • the "neutral contract/agreement provider” may receive compensation, such as a small sum, every time the contract is used.
  • Figure 14 is a flowchart which explains an embodiment of the rules enforcer, which may be included either within the user device or within the trusted party device.
  • a check is made to determine whether the number of accesses has been exceeded. If the number of accesses has not been exceeded then P1414 is performed to grant access to the merchant device. If the number of accesses is dete ⁇ nined to be exceeded, then at P1410, a flag is set indicating that future access should be denied and at PI 412, access is denied.
  • FIG. 15 is a flowchart of an embodiment of the automatic information collector which may reside on the user device or in the trusted party device.
  • the types of information that the automatic information collector may store include information regarding all items a user has purchased, all the websites the user has visited, the locations that the user has most frequently visited and chat discussions with friends.
  • the information from the requests and responses is stored into a master profile and may be stored in a service profile.
  • Figure 16 is a flowchart illustrating the processing in an embodiment of the data editor which may reside in the user device or the trusted party device.
  • the data editor receives an editor request for either a master profile or a service profile.
  • the request is checked to determine if it is for the master profile. If the check is for the master profile, then, at PI 04, the master profile will be edited. Otherwise, at PI 606, the service profile will be edited.
  • Figure 17 illustrates the processing of an exemplary embodiment of a history recorder, which can reside either in the user device or the trusted party device.
  • an action by the user is detected.
  • the action may include sites visited by a user while browsing, purchases made by the user via the user device, or all actions occurring while browsing a particular web site or a set of web sites, such as, for example, music stores or book stores.
  • a check can be made to determine whether the user set a recording level for recording the history of actions.
  • the level may have various settings such as, for example, recording a history of all actions, recording a history of purchases only, or recording a history of all actions occurring at one or more particular web sites. If the action is not included in the selected level of recording, then the action will not be recorded in the history. Otherwise, at PI 706, the action is recorded in the history as part of the master profile or may be recorded as part of a particular service profile.
  • a user may configure his or her user device to cause portions of the user's personal data to be stored at specific trusted party devices.
  • a trusted party may act as an information broker for the user by negotiating, on the user's behalf, use of the user's personal information by the second party in return for compensation for the user.
  • the compensation may be monetary or may include discounts for the user if the user purchases a service or merchandise from the second party.
  • Embodiments of the invention may include hardware, software and/or firmware.
  • Software or firmware embodiments may include processor instructions residing in machine-readable media, such as computer memory, for example, Random Access Memory (RAM) or Read Only Memory (ROM), as well as CD-ROM, floppy disk, or hard disk associated with the user device or one or more of the trusted party devices.
  • RAM Random Access Memory
  • ROM Read Only Memory
  • CD-ROM Compact Disc
  • floppy disk Compact Disk Read Only Memory

Abstract

A method and apparatus are provided for controlling access to stored personal data of a user. A user indicates which portions of personal data of the user stored in a personal data repository are releasable to a second party. The user and the second party reach an agreement regarding use, by the second party, of any portions of the personal data in the personal data repository. The portions of the stored personal data in the personal data repository are released to the second party according to the agreement. The agreement includes what items within the personal data repository can be used by the second party. Only those items which, according to the agreement, can be used by the second party are released to the second party. In another embodiment of the invention, a method and apparatus are provided for selectively sending information. A trusted party device receives a request to send information. A user device is selected to receive the vendor information based on a willingness to receive the vendor information indicated within the stored personal data about the user. The vendor information is sent to the selected user device. Other aspects of the invention include a machine readable medium including instructions for a processor in a device to perform the methods described above.

Description

PERSONAL DATA REPOSITORY
FIELD OF THE INVENTION
[01] Aspects of the invention pertain to a personal data repository. In particular, aspects of the invention relate to a method and apparatus for a user to control access to and usage of his or her personal information in a personal data repository. Other aspects of the invention pertain to a method and apparatus for a user to control access of and usage to the user's personal information according to a contract between the user and the party requesting access to the personal information. Other aspects of the invention pertain to hiding information pertaining to the user's identity.
BACKGROUND OF THE INVENTION
[02] As companies realized that access to personal data is a powerful tool to improve service and product offerings, on-line collections of personal data have been increasing rapidly. The ability to better match consumers' needs and desires makes a company more efficient and reduces advertising costs while increasing customer loyalty. On the other hand, consumers are willing to provide personal information in order to receive better or less expensive services; however, because misuse of personal data is increasing, consumers' attitudes are changing.
[03] Users currently have little or no control over profiles containing data relating to them and have limited means to express their requirements related to the use of personal information about them. For example, information about a user, including the user's email address may be sold or distributed without consulting with the user, thereby making the user more susceptible to receiving junk email. Thus, the user has no control over what information he or she receives. Further, it is often very difficult for the user to correct false information about the user in third party profiles. [04] Because consumers require personalized services, but are hesitant to reveal personal information, except to those parties they trust, a means of providing improved privacy of personal information is needed.
BRIEF SUMMARY OF THE INVENTION
[05] The above problems are solved by providing a user with control over who receives personal information pertaining to the user by providing the user with control over how profile information about the user may be collected, accessed, used and distributed by others.
[06] A method and apparatus are provided for controlling access to, use of and distribution of stored personal data of a user. In an embodiment of the invention, a user indicates which portions of personal data of the user stored in a personal data repository are releasable to a second party. The second party may be a merchant, or one who sells a service or merchandise, or the second party may be another user, or a group of users. The user and the second party reach an agreement regarding access and use, by the second party, of any portions of the personal data in the personal data repository. The portions of the stored personal data in the personal data repository are released to the second party according to the agreement. The agreement includes what items within the personal data repository may be accessed and how the items may be used by the merchant. Only those items which, according to the agreement, can be accessed and used by the merchant are released to the merchant.
[07] In another embodiment of the invention, a method and apparatus are provided for selectively sending vendor information. One or more trusted parties may be selected at the time of purchase of the user device or during an online registration process. The user may select the trusted party based on, for example, the trusted party's reputation, privacy policy, or reliability of the trusted party's systems, etc. In this embodiment, a user may negotiate with a second party that, in exchange for the user allowing the second party to send him information, such as vendor information, the user will be rewarded, i.e, the user will receive compensation, discounts, prizes or points toward discounts or prizes. In this embodiment, a trusted party device receives a request to send vendor information. When a user device has indicated a willingness to receive the vendor information based on a willingness to receive the vendor information indicated within the stored personal data about the user, the user device is selected to receive the vendor information. The vendor information is sent to the selected user device.
[08] In a third embodiment of the invention, a method and apparatus are provided for controlling receipt of vendor information. A user device receives, from a second party device, a request for at least some personal data of the user. An attempt is made to reach an agreement with the second party, via the second party device, regarding use by the second party of any of the personal data of the user. Information is sent to the user device only if the agreement is reached.
[09] In anotiher embodiment of the invention a device, such as a second party device, may be allowed to access personal information regarding a particular interest of the user and may then build a personalized service, content or menu to be forwarded to a user's device. For example, in one embodiment, the second party device may be a music store server and the menu may contain, for example, a list of CDs by the user's favorite recording artists. In other embodiments of the invention, the second party device may be another user device, a group of user devices or a merchant device.
[10] Other aspects of the invention include a machine readable medium having recorded thereon instructions for a processor in a device to perform methods as described above. The medium may be, but is not limited, to a Read Only Memory (ROM), Random Access Memory (RAM), a floppy disk, a hard disk or an optical disk.
BRIEF DESCRIPTION OF THE DRAWINGS
[11] A more complete understanding of the present invention and the advantages thereof may be acquired by referring to the following description in consideration of the accompanying drawings, in which like reference numbers indicate like features and wherein:
[12] Figure 1 shows an embodiment of the invention in which a user device can communicate with an application server or a trusted party device via a network, such as the Internet, or via a wireless connection;
[13] Figure 2 illustrates an example of the personal data repository having a master profile and one or more service profiles;
[14] Figure 3 is a functional block diagram illustrating an embodiment of a trusted party device;
[15] Figures 4A and 4B are functional block diagrams illustrating embodiments of a user device;
[16] Figure 5 is a functional block diagram of another embodiment of a trusted party device;
[17] Figure 6 is a functional block diagram of a embodiment of a trusted party device;
[18] Figure 7 is a message sequence diagram illustrating an example of communications between a user device and a second party device through a trusted party device;
[19] Figure 8 is a message sequence diagram illustrating an example of communications between a user device and a second party device without a trusted party device;
[20] Figure 9 is a message sequence diagram showing an example in which a store server pushes advertising information to a user device via a trusted party device; [21] Figure 10 is a message sequence diagram showing an example in which a store server device pushes advertising information directly to a user device;
[22] Figure 11 is a message sequencing diagram illustrating the anonymizing feature of an embodiment of the trusted party device;
[23] Figure 12 is a message sequencing diagram showing an example of messages exchanged in an embodiment of the invention;
[24] Figures 13A and 13B are flowcharts illustrating processing within an agreement facilitator of an embodiment of a user device or a trusted party device;
[25] Figures 14A and 14B are flowcharts illustrating processing within an embodiment of a rules enforcer of a user device or a trusted party device;
[26] Figure 15 is a flowchart illustrating processing within an embodiment of an automatic information collector of a user device or a trusted party device;
[27] Figure 16 is a flowchart illustrating processing within an embodiment of a data editor of a user device or a trusted party device;
[28] Figure 17 is a flowchart illustrating processing within an embodiment of a history recorder of a user device or a trusted party device; and
[29] Figure 18 is an example of an agreement between a user and a second party.
DETAILED DESCRIPTION OF THE INVENTION
[30] Figure 1 shows an exemplary embodiment 100 of the invention. In this embodiment, user device 102 may communicate with a trusted party device, such as trusted party device 106 or trusted party device 108, to create, change or delete personal data about the user. User device 102 may also indicate which portions of the data may be released and to whom as well as a time period during which the data may be released. User device 102 may also communicate directly with a second party device such as application server 110, application server 112, user device 114 or a group of user devices. A user device, such as user device 114 may access a second party device via a wireless network 116. User device 114 may also access the trusted party device 106 or the trusted party device 108 via a wireless network 116.
[31] In an embodiment of the invention, the user device may be, for example, a mobile subscriber unit, such as a wireless mobile phone, a personal computer, or a Personal Digital Assistant (PDA), all having therein a processor connected to a machine- readable medium, such as, for example, a computer memory, such as a Read Only Memory (ROM), a Random Access Memory (RAM), or a SIM card via a bus, and a means to connect with a computer network, either via, for example, a modem, DSL, cable, wireless modem, or any other well known means of connecting to a network. The ROM may include instructions for the processor as well as static data or constants. The RAM may also include instructions for the processor, static (constants) data and dynamic (variables) data. The user device may also include other machine-readable media , such as floppy or hard disk drives and associated disks.
[32] The application server and trusted party device may also include a processor, ROM, RAM, or other storage devices, firmware and/or software, as well as a means to connect to a computer network, as described above.
[33] As explained in more detail below, embodiments of the invention provide a user with a way to control the dissemination of personal data of the user to second parties. The personal data is stored in a personal data repository which may include a master profile that contains the user's personal information and a service profile that pertains to a particular second party or to a type of second party. The user may create the master profile and service profile, or as explained below, the master profile and the service profile may be created automatically. The master and service profiles may reside in storage on a user's device, in a distributed manner in storage on one or more trusted party devices, or in a distributed manner in storage on one or more trusted party devices and the user device. The user can decide where the master and service profiles are to be stored and may indicate his preferences when registering for service with a trusted party.
[34] Figure 2 shows an exemplary embodiment of a personal data repository 200. The personal data repository includes the personal data of a user. In an embodiment of the invention, the personal data of the user may be contained in a master profile 202 and in one or more service profiles. The master profile may include generic information or specific information about the user or owner of the profile depending upon the kind of information the user is willing to share. The master profile may include such items as name, address, credentials, for example, race, eye color or hair color, contacts, shopping interests, credit card information, e-mail address, location information, etc.
[35] Service profiles include information that the user wants to share with one or more other parties. For example, a service profile may contain information that a user wants to share with only one party, such as a bank. Other service profiles, which may include a user's music interests, or may contain information that the user wants to share with several other parties, for example, a music shop or the user's friends. The user defines what can be shared, with whom, when and according to what kind of contract. Service profiles are based on this information.
[36] An example of service profiles is shown in Figure 2. Service profiles 204, 206, 210 and 212 contain information related to a specific service. Service profile 208 pertains to a generic music profile. Service providers may only access service profiles that pertain to them. For example, service profile 204 pertains to Amazon.com and contains information such as a username and password for logging onto the Amazon.com web site, credit card information, a reference or link to a field, such as an address in the master profile, access history showing the last time that the Amazon.com site was accessed, shopping interests, which may refer to shopping interests stored in the master profile, and a copy of a contract or a reference to a contract which describes an agreement between the user and a second party, for example, Amazon.com, the contract describing the conditions under which the second party can access, use and distribute portions of the information in the personal data repository. The service profile may also include other types of information, such as an expiration date, indicating when authorization for the second party to access, use and distribute portions of the personal data is no longer granted and an interest profile showing interests such as music or other types of interest such as banking and mortgages. The service profile may also include such information as browsing habits, for example, types of sites visited, which can be included within the service profile or a link to the browsing habits can be included in the service profile linking the service profile to browsing habits stored in the master profile. It should be noted that the service profile and the master profile may be stored completely in storage on the user device, on the trusted party device, or partly on the user device and partly on one or more connected trusted party devices in a distributed manner.
[37] Second parties may be prevented from accessing information in profiles not intended for their use, by the use of well-known public/private encryption techniques, as well as authentication techniques, such as the use of a password. Merchants may also be verified by using digital certificates.
[38] Figure 3 is a functional block diagram of an exemplary embodiment of a trusted party device 300. The trusted party device may include a data editor 302, network interface 303, storage 304, an agreement facilitator 306, a rules enforcer 308, a history recorder 310, and an automatic information collector 312.
[39] The data editor 302 provides an editing function and allows a user communicating with the trusted party device, via a user device, to enter a new master profile, edit the master profile, indicate which portions of the master profile may be accessed and by whom, enter the times during which the portions of the master profile may be accessed, change portions of the master profile and delete portions of the master profile. Although a service profile can be created automatically based on access and contract rules defined by the user, the user may use the data editor 302 to create a service profile, make changes to the service profile, delete portions of the service profile, indicate which portions of the service profile may be accessed by a second party associated with the profile and enter a name of the second party. The profiles may reside either on the user device or on the trusted party device. In an embodiment of the invention, when a user purchases a user device from an online store, the user may create the profiles using, for example, an online form. The user may also specify where portions of the profiles are to be stored, for example, the user device or one or more trusted devices. The information that is entered may be referenced at a later time, such that basic information need not be retyped.
[40] The storage 304, as described previously may include, for example, RAM, a hard disk or a floppy disk, to be used to store portions of the personal data repository.
[41] Agreement facilitator 306 is provided to aid in negotiating an agreement or contract between a user and a second party regarding the use of personal information of the user that is stored in the personal data repository. A copy of the contract or a link to the copy of the contract may be stored in a service profile.
[42] Rules enforcer 308 enforces the rules corresponding to the agreement between the user and the second party, such that the second party can only access those portions of the personal data of the user which the user has agreed to make available to the second party for a time period, if any, agreed upon between the user and the second party.
[43] Network interface 303 provides connectivity with a network and may be connected to a network via cable, DSL connection, modem, wireless modem, bluetooth technology or any other well known means for connecting to a network.
[44] An embodiment of the trusted party device may include a history recorder 310 which will track the actions of the user, via the user device, and store a history of the actions in a portion of storage associated with the user's master profile. The history recorder may include a level selector, whereby a user, via the user device, may select a level of the actions to be recorded. For example, the level of recording may be set to record any activity by the user on any web site, or only purchases by the user, which the history recorder can determine by detecting when credit card information is requested, or the level of recording may be set to record only browsing activity at a particular type of web site such as online book stores.
[45] An automatic information collector 312 may be included in an embodiment of the trusted party device to capture personal information about the user and automatically create or add to the master profile or a service profile.
[46] Figure 4A is an exemplary embodiment of a user device 400 for communicating with a trusted party device wherein the trusted party device or a plurality of trusted party devices have storage for storing the user's master profile and service profiles.
[47] Information inputter/outputter 402 may include a display 401 and an input device, such as keys 403 or a keyboard, or a speech recognition device (not shown). The information inputter/outputter 401 communicates with data editor 302 of the trusted device via a network interface 404. The network interface 404 may be connected to a network via cable, DSL connection, modem, wireless modem, bluetooth technology or any other well known means for connecting to a network. The information inputter/outputter receives input via the input device and sends the information to the data editor 302 via the network interface 404. Responses from the trusted party device are received by the user device via the network interface 404 and are displayed to the user via the display 401 of the inputter/outputter.
[48] Figure 4B illustrates another exemplary embodiment of a user device 405. The user device 405 may include a data editor 412, storage 414, an agreement facilitator 416, a rules enforcer 418, a history recorder 420, and an automatic information collector 422. Network interface 406 provides connectivity with a network and may be connected to a network via cable, DSL connection, modem, wireless modem, bluetooth technology or any other well known means for connecting to a network. Figure 4B contains the same functional elements as the trusted party device shown in Figure 3. The functional elements work as they do in the trusted party device and therefore, will not be discussed again here.
[49] Figure 5 illustrates an exemplary embodiment of a trusted party device with an anonymizer feature. The trusted party device 500 includes an anonymizer 502, a transmitter 504 and a receiver 506. Alternatively, the anonymizer may be included in the user device.
[50] Anonymizer 502 strips out any information, which can be used to identify the user, from messages received from the user device before sending the messages to a second party device, thereby allowing the user to remain anonymous. For example, the anonymizer strips out information such as, IP address of the user device, routing information, and user identifying information.
[51] Transmitter 504 transmits messages to the user device or to the second party device.
[52] Receiver 506 receives messages from the user device or the merchant device.
[53] Figure 6 shows another embodiment of the trusted party device including the anonymizer function and the functions previously described regarding the description of the trusted party device of Figure 3. Because these functions were previously described, they will not be described again here.
[54] Figure 7 helps to explain an exemplary use of an embodiment of the invention.
[55] At 702, a user with a user device attempts to establish communication with a second party device through a trusted party device. At 704, the trusted party device anonymizes the user by performing actions such as, for example, hiding routing information, hiding user identity information and disabling cookies before sending any communications to the store. [56] At 706, the trusted party device forwards the message to the second party device in order to establish communication.
[57] At 708, the second party device, having received the request to establish communication, sends a request for a service profile to the trusted party device.
[58] At 710, the trusted party device, using the rules enforcer to examine the current rules regarding release of personal information to the particular second party, determines whether the second party associated with the second party devicehas permission to receive information in the service profile. If there is no pending agreement with the second party, the rules enforcer denies access to the personal information until an agreement is reached. If the second party does not yet have permission, the agreement facilitator is used to request that the second party agree to a contract with the user regarding handling of the information in the service profile. After a contract is agreed to, the second party device returns an indication of agreement to the trusted party device and stores a copy of the contract in, for example, the master profile with a reference to the contract being stored in the service profile.
[59] Figure 18 provides an example of one type of agreement. The exemplary agreement is between a user and a merchant; however, an agreement could be between a user and a second party, such as a merchant, another user, or a group of users. In the exemplary agreement the user and the merchant, a vendor, agree that the user will receive a 10% discount on all merchandise purchased from the vendor during the term of the agreement, thirty days. In return, the vendor will have access to the user's personal information regarding the user's shopping habits, location, and email address. The vendor agrees to use the information provided by the user only for purposes of providing information to the user regarding products that coincide with the user's interests and shopping habits. The vendor agrees not to share the information with other parties. The term of the exemplary agreement is thirty days. Of course other types of agreements are also possible, some examples include, but are not limited to rewarding the user with points toward a discount or free gift or providing a monetary award in exchange for access to the user's personal information.
[60] An agreement may also include whether a second party is permitted to keep a history of actions taken by the user with respect to the second party. Further the agreement may require that, if the second party shares the personal information regarding the user, that the second parry inform the user regarding which parties received the shared information and any compensation the second party received for sharing the information.
[61] At this point, the trusted party device may request and receive, at 716 and 718, the service profile, if the service profile resides on the user device. Otherwise, the trusted party device can retrieve the service profile from its own storage, or may retrieve portions from its own storage and from storage of other connected trusted party devices and return the requested service profile information, at 720 to the second party device.
[62] Optionally, at 721, the trusted party device may inform the user that the second party device accessed the service profile.
[63] At 722, the second party device may construct a personalized service, content or menu based on the information within the service profile. For example, if the second party is a music store, the service profile may include the user's music preferences and the personalized menu may include music selections based on the user's music preferences. At 724, the personalized service, content or menu is sent to the trusted party device, which, at 726, forwards the personalized service, content or menu to the user device.
[64] At 730, the user's service profile may be updated. The service profile may be updated at the trusted party device or among a plurality of trusted party devices, depending on where the profile is stored. Otherwise, the service profile may be updated in storage on the user's device if the profile is stored on the user's device.
[65] Figure 8 demonstrates another exemplary use of an embodiment of the invention.
[66] At 802, a user attempts to establish communication with a second party device. At 804, the second party device requests a service profile.
[67] At 806, a rules enforcer determines whether the second party device has permission to receive service profile information. If the second party device does not have permission to receive the information, then the agreement facilitator within the user device requests that the second party associated with the second party device agree to a contract with the user regarding handling and use of the user's personal information within the service profile. A flowchart of the processing performed by an exemplary embodiment of the agreement facilitator is shown in Figures 13A and 13B and will be described later.
[68] At 810, an agreement is reached and an indication of the agreement is sent to the user device. The agreement may be reached by the second party viewing the contract on a display and indicating approval by selecting, for example, with a pointing device, such as a mouse, a control indicating agreement. The agreement may also be reached by, for example, a second party module accepting certain standard agreements pre- approved by the vendor. The second party module may be implemented in software. After an agreement is reached, the user device may retrieve the service profile information from its own storage, from the storage of a trusted party device or may retrieve the information from more than one trusted party device, if the information is distributed among the trusted devices, as shown in 812 through 818.
[69] At 820, the user device, having retrieved the service profile information, sends the service profile to the second party device. At 822, the second party device builds a personalized service, content or menu based on the information within the service profile, and at 824, sends the personalized service, content or menu to the user device.
[70] At 824, the personalized service, content or menu is displayed at the user device.
[71] At 826, the user's service profile and/or master profile may be updated. If the profiles are not stored locally on the user device's storage, then update messages are sent to one or more trusted party devices informing them to update the master and/or service profiles accordingly.
[72] Figure 9 provides an example of an advertisement being pushed to a user device via a trusted party device from a store server in an exemplary embodiment of the invention. Of course, the advertisement may instead be any type of information, not necessarily an advertisement, and the store server may instead be any second party device.
[73] At 902, a user, at a user device, creates a service profile for push messages. Some time later, at 904, the store server sends a request to send an advertisement to a trusted party device.
[74] At 906, the trusted party device or server reviews the service profile information and selects customers willing to receive this type of advertisement, based on information in the service profile, such as a flag indicating that the user will accept certain types of information.
[75] At 908, the advertisement is then sent to users, via their associated user devices, based on the service profile information.
[76] At 910, the master and/or the service profile information are updated. For example, the service profile may be updated to show that the merchant associated with the store server sent an advertisement to the user device. If this information is not stored locally in storage at the trusted party device, then update profile information is sent to the user device or trusted party devices responsible for storing profile information. [77] Figure 10 shows an example of a direct push to a user device from a second party device in an exemplary embodiment of the invention. In the example shown in Figure 10, the second party device is a store server or merchant device, but may be any type of second party device, such as a store server, another user device, or a group of user devices.
[78] At 1000, the user device creates a service profile for push messages in the personal data repository. The profile may be created automatically via an automatic information collector in the user device or manually via a data editor in the user device.
[79] Some time later, at 1002, the store server or merchant device requests a service profile from the user device.
[80] At 1004, the agreement facilitator sends a request for an agreement to the store server so that an agreement can be reached between the user and the second party regarding use of the profile information.
[81] At 1006, the store server sends an indication that agreement has been reached or has not been reached.
[82] At 1008, if an agreement has been reached, the store server forwards an advertisement or other information to the user device.
[83] Figure 11 illustrates the anonymizing feature in an exemplary embodiment of the invention. Figure 11 illustrates the anonymizing feature being used with a browser; however, the anonymizing feature does not require a browser and will work with any messages being passed from a user device to a merchant device through a trusted party device.
[84] At 1102, a user browsing on a user device sends a request to view a second party's web site. The request is received by a trusted party device, which strips out any identifying information, such as routing information (e.g., IP addresses) or anything that may identify the user and also may disable cookies. The trusted party device may replace the user's IP address with one of its assigned IP addresses in the request. A browsing request stripped of identifying information is then sent to a second party device.
[85] At 1106, the second party device sends a browsing response to the trusted party device. The trusted party device, at 1108, maps the IP address in the message to a user device and sends the browsing response to the user device.
[86] Figure 12 shows another exemplary series of interactions that can occur between a user device, a trusted party device and a second party device, such as, for example, a store's web server.
[87] At 1202, the user device requests access to a second party's web site, such as www.b.com in order to purchase an item. A service profile for this second party has already been created. The request to the second party's web site passes through the trusted party device, which anonymizes messages from the user device to the second party device.
[88] At 1204, the request for access to the second party's web site is passed from the trusted party device to the second party device.
[89] At 1206, the second party device sends a request to complete a form to the trusted party device. The trusted party device, via its server and agent, retrieves data from the service profile in order to complete the form, at 1208.
[90] At 1210, the trusted party device informs the user device that the personal data repository has been accessed.
[91] At 1212, the trusted party device completes the form and at 1214 through 1216, sends the form to the second party device. [92] At 1218, the second party device sends a request to complete a second form to the trusted party device. There is no significance to having a request for completion of a second form. This is only an example of how an embodiment of the invention functions when completion of a second form, requiring additional user personal information, is requested.
[93] At 1220, the trusted party device updates the service profile indicating that the profile has been accessed by the second party's device.
[94] At 1222, the trusted party device retrieves the data needed to complete the second form.
[95] At 1224, a message is sent to the user device by the trusted party device informing the user that the personal data repository has been accessed.
[96] At 1226, the rules enforcer of the trusted party device determines that the requested information has not yet been authorized by the user and informs a trusted party server of the trusted party device, at 1228.
[97] At 1230, the trusted party device sends a request to the user, via the user device, asking for permission to retrieve the data from the personal data repository. At 1232, the user grants permission to retrieve the data and sends an indication to the trusted party device. The existing contract is updated to reflect that the to be supplied data may be accessed by the second parry device. At 1234, the completed form is sent from the trusted party device to the second party device.
[98] At 1236, the service profile is updated. The updates may include, but are not limited to, for example, a password change for a second party to access the profile, a list of web pages visited, new interests, or shopping intentions.
[99] Figure 13 illustrates the processing performed in an exemplary embodiment of the agreement facilitator. As describer earlier, the agreement facilitator may be included within the trusted party device or within the user device.
[100] At PI 300, a brief description of contract types is sent to the user's display on the user device. The contracts may be located at a "neutral contract/agreement provider" device or at the trusted party device. The contract types may be, but are not limited to, for example, a one-time use contract (for one-time use of user information, a 30 day contract (for a 30 day use of user information), and an unlimited time period contract (for a time period with no specific ending date).
[101] After the user indicates a desired contract type, at PI 302 the user's selection is received.
[102] At P1304, a copy of the desired contract may be retrieved from the the trusted party device or from the "neutral contract/agreement provider" device via the trusted party device and is sent to the display of the user device.
[103] At PI 306 a check is performed to determine whether the user selected a contract and if so, then at PI 310, a copy of the contract is sent to the second party device. Otherwise, at P1308, a check is performed to determine whether the user wishes to view another contract. If the user does wish to view another contract, then PI 302 will again be performed.
[104] After sending a copy of the contract to the second party device, at PI 310, a response is received from the second party at P1312.
[105] At P1314, the user, via the display on the user's device, is informed of the second party's acceptance or non-acceptance of the contract.
[106] At P1316, a determination is made as to whether the second party accepted the contract. If the contract was accepted, then the rules corresponding to the contract terms are updated.
[107] If the accepted contract was provided by the "neutral contract/agreement provider", then the "neutral contract/agreement provider" may receive compensation, such as a small sum, every time the contract is used.
[108] Figure 14 is a flowchart which explains an embodiment of the rules enforcer, which may be included either within the user device or within the trusted party device.
[109] At P1400, a check is made to determine whether the merchant was granted access to the requested information.
[110] At P1402, a check is made to determine whether a date range applies to the granted access. If a date range does not apply, then processing proceeds to P1406. Otherwise processing proceeds to PI 404.
[Ill] At PI 404, a check is made to determine whether the current date is within the date range. If not, processing proceeds to P1410, otherwise processing proceeds to P1406.
[112] At P1406, a check is made to determine whether the number of accesses by the merchant is limited. If not, then access is granted at PI 414, otherwise, processing proceeds to PI 408.
[113] At P1408, a check is made to determine whether the number of accesses has been exceeded. If the number of accesses has not been exceeded then P1414 is performed to grant access to the merchant device. If the number of accesses is deteπnined to be exceeded, then at P1410, a flag is set indicating that future access should be denied and at PI 412, access is denied.
[114] If at P1408, the number of accesses is determined not to be exceeded, then P1414 is performed to grant access. [115] Figure 15 is a flowchart of an embodiment of the automatic information collector which may reside on the user device or in the trusted party device. Among the types of information that the automatic information collector may store include information regarding all items a user has purchased, all the websites the user has visited, the locations that the user has most frequently visited and chat discussions with friends.
[116] At P1502, the user's requests and responses to requests for information from websites are monitored. Such responses may include personal information, such as may reside in the master profile or service profile.
[117] At PI 504, the information from the requests and responses is stored into a master profile and may be stored in a service profile.
[118] Figure 16 is a flowchart illustrating the processing in an embodiment of the data editor which may reside in the user device or the trusted party device.
[119] At PI 00, the data editor receives an editor request for either a master profile or a service profile.
[120] At PI 602, the request is checked to determine if it is for the master profile. If the check is for the master profile, then, at PI 04, the master profile will be edited. Otherwise, at PI 606, the service profile will be edited.
[121] At P1608, a determination is made as to whether a record in the selected profile will be added, deleted or changed. If information will be added, then a new entry in the selected profile is created from the information received from the user by the data editor. If the request is a deletion request, then at PI 612, a selected entry in the selected profile will be deleted. If the request is a change, then at P1614 the selected information in the selected profile will be changed with new information.
[122] Figure 17 illustrates the processing of an exemplary embodiment of a history recorder, which can reside either in the user device or the trusted party device. [123] At P1702, an action by the user is detected. The action may include sites visited by a user while browsing, purchases made by the user via the user device, or all actions occurring while browsing a particular web site or a set of web sites, such as, for example, music stores or book stores.
[124] Optionally, at PI 704, a check can be made to determine whether the user set a recording level for recording the history of actions. The level may have various settings such as, for example, recording a history of all actions, recording a history of purchases only, or recording a history of all actions occurring at one or more particular web sites. If the action is not included in the selected level of recording, then the action will not be recorded in the history. Otherwise, at PI 706, the action is recorded in the history as part of the master profile or may be recorded as part of a particular service profile.
[125] In another embodiment of the invention, a user may configure his or her user device to cause portions of the user's personal data to be stored at specific trusted party devices.
[126] In yet another embodiment of the invention, a trusted party may act as an information broker for the user by negotiating, on the user's behalf, use of the user's personal information by the second party in return for compensation for the user. The compensation may be monetary or may include discounts for the user if the user purchases a service or merchandise from the second party.
[127] Embodiments of the invention may include hardware, software and/or firmware. Software or firmware embodiments may include processor instructions residing in machine-readable media, such as computer memory, for example, Random Access Memory (RAM) or Read Only Memory (ROM), as well as CD-ROM, floppy disk, or hard disk associated with the user device or one or more of the trusted party devices. While the invention has been described with reference to certain illustrated embodiments, The words which have been used herein are words of description, rather than words of limitation. Changes may be made within the purview of the appended claims without departing from the scope and spirit of the invention and its aspects. Although the invention has been described with reference to particular structures, acts and materials, the invention is not to be limited to the particulars disclosed, but rather extends to all equivalent structures, acts and materials, such as are in the scope of the appended claims.

Claims

I/We Claim:
1. A method for controlling access, use and distribution of personal data of a user stored in a personal data repository, the method comprising the steps of: allowing a user to indicate which portions of the personal data stored in the personal data repository are releasable to a second party; reaching an agreement, between the user and the second party, regarding use, by the second party, of any portions of the personal data in the personal data repository; and releasing any of the portions of the stored personal data in the personal data repository to the second party according to the agreement, wherein the agreement includes what items within the personal data repository can be used by the second party, and only ones of the items which, according to the agreement, can be used by the second party are released to the second party.
2. The method of claim 1, wherein the personal data about the user is collected automatically.
3. The method of claim 1, wherein the step of reaching the agreement comprises choosing an agreement provided by an independent agreement provider, wherein the independent agreement provider receives compensation based on use of the provided agreement.
4. The method of claim 1, wherein the personal data about the user is entered by the user.
5. The method of claim 1, further comprising the step of storing the personal data about the user on a device operated by the user.
6. The method of claim 1, further comprising the step of storing the personal data about the user on a trusted party device.
7. The method of claim 1, further comprising the step of storing the personal data about the user in a distributed manner among a plurality of trusted party devices.
8. The method of claim 1, further comprising the step of allowing the user to perform at least one of adding, deleting or changing the personal data about the user.
9. The method of claim 1 , further comprising the step of defining a service profile within the personal data repository, wherein the service profile includes portions of the personal data of the user and information regarding conditions under which items within the service profile can be used by the second party.
10. The method of claim 9, wherein the service profile includes information regarding a date and a time that any of the stored information about the user was released to the second party and to whom the stored information was released..
11. The method of claim 9, wherein the service profile includes information pertaining to a description of the agreement between the user and the second party.
12. The method of claim 1, further comprising the step of acting, by a trusted party, as an agent of the user to negotiate use, by the second party, of any of the personal data of the user in return for compensation to the user for the use of any of the personal data.
13. The method of claim 1, further comprising the steps of recording a history of actions, by the user using a user device, as part of the personal data of the user.
14. The method of claim 13, further comprising defining, by the user, of a level of a type of the actions to be recorded.
15. The method of claim 1, further comprising the steps of: receiving, at a trusted party device connected to a computer network, a first request from a device operated by a user; forming a second request from the first request, the second request being stripped of information that can associate the user with the second request; sending, from the trusted party device, the second request over a computer network to a second party device; receiving, at the trusted party device, response information in response to the sending of the second request; forming a response based on the response information; and sending the response to the device operated by the user.
16. A method for selectively sending information, comprising the steps of: receiving, by a trusted party device, a request to send information; selecting a user device to receive the information based on a willingness to receive the mformation indicated within the stored personal data about the user when at least one user device has indicated the willingness to receive the information; and sending the vendor information to the selected user device when the selected user device exists.
17. A method of controlling receipt of information, comprising the steps of: receiving, by a user device from a second party device, a request for at least some of the personal data of the user; attempting to reach an agreement with a second party, via the second party device, regarding use by the second party of any of the personal data of the user; and sending information to the user device only if the agreement is reached.
18. A system for providing personal data of a user with access rights being controlled by the user, the system comprising: a user device; a trusted party device, the user device being arranged to communicate with the trusted party device; at least one data storage device including the personal data of the user; a rules enforcer included in the trusted party device to enforce rules by which the personal data of the user can be accessed by a second party device, the rules having been agreed to by the user and a second party associated with the second party device, wherein: the at least one data storage device is associated with at least one of the user device and the trusted party device.
19. The system of claim 18, further comprising a plurality of trusted party devices, each of the trusted party devices being configured to communicate with at least one other of the plurality of trusted party devices, wherein: the at least one storage device is included in at least some of the plurality of trusted party devices and the personal data of the user is distributed among the at least one storage device of at least some of the plurality of trusted party devices.
20. The system of claim 18, wherein the trasted party device further comprises an agreement facilitator to facilitate an agreement between the user and the trusted party.
21. The system of claim 18, wherein the user device further comprises an agreement facilitator to facilitate an agreement between the user and the trasted party.
22. The system of claim 18, wherein the at least one data storage device has recorded therein a service profile within a personal data repository, wherein the service profile includes portions of the personal data of the user and information regarding conditions under which items within the service profile can be used by the second party.
23. The system of claim 18, wherein the trusted party device further comprises a history recorder to record a history of actions performed by the user device.
24. The system of claim 23, wherein the history recorder includes a level selector by which the user, via the user device, can select one of a plurality of levels of a type of the actions to be recorded.
25. A system for providing personal data of a user with access rights being controlled by the user, the system comprising a user device; a second party device, the user device being arranged to communicate with the second party device; a data storage, associated with the user device, including the personal data of the user; and a rules enforcer included in the user device to enforce rules by which portions of the personal data of the user can be accessed by the second party device, the rules having been agreed to by the user and a second party associated with the second party device, the rules including what items of the personal data are releasable to the second party and how the items of the personal data can be used by the second party.
26. The system of claim 2,5, further comprising a service profile stored within the data storage, the service profile including portions of the personal data of the user and information pertaining to an agreement describing how any of the stored information about the user can be used by the second party.
27. The system of claim 25, wherein the user device further comprises a history recorder to record a history of actions performed by the user device.
28. The system of claim 27, wherein the history recorder includes a level selector to select one of a plurality of levels of a type of the actions to be recorded.
29. A device for providing personal data of a user with access rights being controlled by the user, the device comprising: a data storage device having recorded therein at least some of the personal data of the user; an agreement facilitator to facilitate an agreement between the user and a second party; and a rules enforcer to enforce rules by which items of the personal data of the user can be accessed by a second party device, the rules having been agreed to by the user and a second party associated with the second party device, the rules enforcer allowing access to only ones of the items, which according to the agreement, can be used by the second party.
30. The device of claim 29, wherein the data storage device has recorded therein a service profile within a personal data repository, the service profile including portions of the personal data of the user and information regarding conditions under which items of the stored personal data of the user can be released to the second party.
31. The device of claim 30, wherein the service profile is arranged to include information regarding a date and a time that any of the stored personal information of the user is released to the second party.
32. The device of claim 30, wherein the service profile is arranged to include information pertaining to a contract that describes how any of the stored personal data of the user can be used by the second party.
33. The device of claim 29 further comprising a history recorder to record a history of actions performed by the user.
34. The device of claim 33, wherein the history recorder includes a level selector by which the user can select one of a plurality of levels of a type of the actions to be recorded.
35. A mobile device for providing personal data of a user with access rights being controlled by the user, the mobile device comprising: a rules enforcer to enforce the rules by which the personal data of the user can be accessed by a second party device, the rules having been agreed to by the user and a second party associated with the second party device; a data storage device having recorded therein at least some of the personal data of the user; an agreement facilitator to facilitate an agreement between the user and the second party, wherein: the data storage device is arranged to have recorded therein a service profile including portions of the personal data of the user and information regarding conditions under which items within the service profile can be used by the second party.
36. A machine-readable medium having recorded thereon instructions for a processor in a device to perform the steps of: receiving an indication regarding which portions of personal data of a user stored in a personal data repository are releasable to a second party; reaching an agreement, between the user and the second party, regarding use, by the second party, of any portions of the personal data in the personal data repository; and releasing any of the portions of the stored personal data in the personal data repository to the second party according to the agreement, wherein the agreement includes what items within the personal data repository can be used by the second party, and only ones of the items which, according to the agreement, can be used by the second party are released to the second party.
37. The machine-readable medium of claim 36, further comprising instructions for storing of the personal data about the user in a distributed manner, the personal data being distributed and stored among a plurality of devices arranged to communicate with one another.
38. The machine-readable medium of claim 36, further comprising instructions for allowing the user to perform at least one of adding, deleting or changing the personal data about the user.
39. The machine-readable medium of claim 36, further comprising instructions for allowing a defining of a service profile within a personal data repository, the service profile including portions of the personal data of the user and information regarding conditions under which items of the stored personal data of the user can be released to the second party.
40. The machine-readable medium of claim 39, wherein the service profile includes information pertaining to the agreement between the user and a second party.
41. The machine-readable medium of claim 36, further comprising instructions for recording a history of actions by the user as part of the personal data of the user.
42. The machine-readable medium of claim 41, further comprising instructions for defining, by the user, a level of a type of the actions to be recorded.
43. A machine-readable medium having recorded thereon instructions for a processor in a device to perform the steps of: receiving, by a trusted party device, a request to send information; selecting a user device to receive the information based on a willingness to receive the information indicated within stored personal data about the user when at least one user device has indicated the willingness to receive the information; and sending the vendor information to the selected user device when the selected user device exists.
44. A machine-readable medium having recorded thereon instructions for a processor in a device to perform the steps of: receiving, by a user device from a second party device, a request for at least some of the personal data of the user; attempting to reach an agreement with a second party, via the second party device, regarding use by the second party of any of the personal data of the user; and sending vendor information to the user device only if the agreement is reached.
45. A mobile device for providing personal data of a user with access rights being controlled by the user, the mobile device comprising: a rules enforcer to enforce the rules by which the personal data of the user can be accessed by a second party device, the rules having been agreed to by the user and a second party associated with the second party device; a data storage device having recorded therein at least some of the personal data of the user; an agreement facilitator to facilitate an agreement between the user and the second party; and a history recorder to record a history of actions by the user via the user device, the history recorder including a level selector to select a level of the actions to be recorded, wherein: the data storage device is arranged to have recorded therein at least a portion of a service profile including information regarding what portions of the stored personal data of the user can be released to the second party and conditions under which the portions of the service profile can be released to the second party.
PCT/IB2002/004756 2001-11-16 2002-11-14 Personal data repository WO2003042773A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
GB0410120A GB2398414A (en) 2001-11-16 2002-11-14 Personal data repository
DE10297409T DE10297409T5 (en) 2001-11-16 2002-11-14 Personal data depot
AU2002348990A AU2002348990A1 (en) 2001-11-16 2002-11-14 Personal data repository

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/988,002 2001-11-16
US09/988,002 US20030097451A1 (en) 2001-11-16 2001-11-16 Personal data repository

Publications (2)

Publication Number Publication Date
WO2003042773A2 true WO2003042773A2 (en) 2003-05-22
WO2003042773A3 WO2003042773A3 (en) 2004-06-10

Family

ID=25533768

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2002/004756 WO2003042773A2 (en) 2001-11-16 2002-11-14 Personal data repository

Country Status (5)

Country Link
US (1) US20030097451A1 (en)
AU (1) AU2002348990A1 (en)
DE (1) DE10297409T5 (en)
GB (1) GB2398414A (en)
WO (1) WO2003042773A2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2560585A (en) * 2017-03-17 2018-09-19 Digi Me Ltd Data processing apparatus and methods
US20210166246A1 (en) * 2017-09-20 2021-06-03 James Fournier Internet data usage control system

Families Citing this family (241)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001082246A2 (en) * 2000-04-24 2001-11-01 Visa International Service Association Online payer authentication service
US8209246B2 (en) * 2001-03-20 2012-06-26 Goldman, Sachs & Co. Proprietary risk management clearinghouse
US7899722B1 (en) * 2001-03-20 2011-03-01 Goldman Sachs & Co. Correspondent bank registry
US7080403B2 (en) * 2001-11-19 2006-07-18 Daimlerchrysler Corporation Method and system for person data authentication and management
US7912971B1 (en) 2002-02-27 2011-03-22 Microsoft Corporation System and method for user-centric authorization to access user-specific information
US7076558B1 (en) * 2002-02-27 2006-07-11 Microsoft Corporation User-centric consent management system and method
SG115453A1 (en) * 2002-02-27 2005-10-28 Oneempower Pte Ltd Activity management method
US7707120B2 (en) 2002-04-17 2010-04-27 Visa International Service Association Mobile account authentication service
US7937430B1 (en) 2002-07-31 2011-05-03 At&T Intellectual Property I, L.P. System and method for collecting and transmitting data in a computer network
BR0314158A (en) 2002-09-10 2005-07-12 Visa Int Service Ass Method and system for authentication and data provisioning
WO2004055632A2 (en) * 2002-12-13 2004-07-01 Wholesecurity, Inc. Method, system, and computer program product for security within a global computer network
US7334013B1 (en) 2002-12-20 2008-02-19 Microsoft Corporation Shared services management
US8255978B2 (en) * 2003-03-11 2012-08-28 Innovatrend, Inc. Verified personal information database
US8145710B2 (en) * 2003-06-18 2012-03-27 Symantec Corporation System and method for filtering spam messages utilizing URL filtering module
US7269853B1 (en) 2003-07-23 2007-09-11 Microsoft Corporation Privacy policy change notification
US7590705B2 (en) 2004-02-23 2009-09-15 Microsoft Corporation Profile and consent accrual
US8762283B2 (en) * 2004-05-03 2014-06-24 Visa International Service Association Multiple party benefit from an online authentication service
US7941490B1 (en) 2004-05-11 2011-05-10 Symantec Corporation Method and apparatus for detecting spam in email messages and email attachments
US7739337B1 (en) 2005-06-20 2010-06-15 Symantec Corporation Method and apparatus for grouping spam email messages
US8010609B2 (en) * 2005-06-20 2011-08-30 Symantec Corporation Method and apparatus for maintaining reputation lists of IP addresses to detect email spam
US8311888B2 (en) 2005-09-14 2012-11-13 Jumptap, Inc. Revenue models associated with syndication of a behavioral profile using a monetization platform
US7912458B2 (en) 2005-09-14 2011-03-22 Jumptap, Inc. Interaction analysis and prioritization of mobile content
US9076175B2 (en) 2005-09-14 2015-07-07 Millennial Media, Inc. Mobile comparison shopping
US9058406B2 (en) 2005-09-14 2015-06-16 Millennial Media, Inc. Management of multiple advertising inventories using a monetization platform
US7676394B2 (en) 2005-09-14 2010-03-09 Jumptap, Inc. Dynamic bidding and expected value
US7660581B2 (en) 2005-09-14 2010-02-09 Jumptap, Inc. Managing sponsored content based on usage history
US9471925B2 (en) 2005-09-14 2016-10-18 Millennial Media Llc Increasing mobile interactivity
US9201979B2 (en) * 2005-09-14 2015-12-01 Millennial Media, Inc. Syndication of a behavioral profile associated with an availability condition using a monetization platform
US8131271B2 (en) 2005-11-05 2012-03-06 Jumptap, Inc. Categorization of a mobile user profile based on browse behavior
US8209344B2 (en) 2005-09-14 2012-06-26 Jumptap, Inc. Embedding sponsored content in mobile applications
US8364521B2 (en) 2005-09-14 2013-01-29 Jumptap, Inc. Rendering targeted advertisement on mobile communication facilities
US8688671B2 (en) 2005-09-14 2014-04-01 Millennial Media Managing sponsored content based on geographic region
US7752209B2 (en) 2005-09-14 2010-07-06 Jumptap, Inc. Presenting sponsored content on a mobile communication facility
US10592930B2 (en) 2005-09-14 2020-03-17 Millenial Media, LLC Syndication of a behavioral profile using a monetization platform
US8989718B2 (en) 2005-09-14 2015-03-24 Millennial Media, Inc. Idle screen advertising
US8156128B2 (en) 2005-09-14 2012-04-10 Jumptap, Inc. Contextual mobile content placement on a mobile communication facility
US8364540B2 (en) 2005-09-14 2013-01-29 Jumptap, Inc. Contextual targeting of content using a monetization platform
US8660891B2 (en) 2005-11-01 2014-02-25 Millennial Media Interactive mobile advertisement banners
US20110313853A1 (en) 2005-09-14 2011-12-22 Jorey Ramer System for targeting advertising content to a plurality of mobile communication facilities
US8812526B2 (en) 2005-09-14 2014-08-19 Millennial Media, Inc. Mobile content cross-inventory yield optimization
US9703892B2 (en) 2005-09-14 2017-07-11 Millennial Media Llc Predictive text completion for a mobile communication facility
US8615719B2 (en) 2005-09-14 2013-12-24 Jumptap, Inc. Managing sponsored content for delivery to mobile communication facilities
US8805339B2 (en) 2005-09-14 2014-08-12 Millennial Media, Inc. Categorization of a mobile user profile based on browse and viewing behavior
US10911894B2 (en) 2005-09-14 2021-02-02 Verizon Media Inc. Use of dynamic content generation parameters based on previous performance of those parameters
US8290810B2 (en) 2005-09-14 2012-10-16 Jumptap, Inc. Realtime surveying within mobile sponsored content
US8819659B2 (en) 2005-09-14 2014-08-26 Millennial Media, Inc. Mobile search service instant activation
US8238888B2 (en) 2006-09-13 2012-08-07 Jumptap, Inc. Methods and systems for mobile coupon placement
US8302030B2 (en) 2005-09-14 2012-10-30 Jumptap, Inc. Management of multiple advertising inventories using a monetization platform
US8027879B2 (en) 2005-11-05 2011-09-27 Jumptap, Inc. Exclusivity bidding for mobile sponsored content
US7702318B2 (en) 2005-09-14 2010-04-20 Jumptap, Inc. Presentation of sponsored content based on mobile transaction event
US8503995B2 (en) 2005-09-14 2013-08-06 Jumptap, Inc. Mobile dynamic advertisement creation and placement
US10038756B2 (en) 2005-09-14 2018-07-31 Millenial Media LLC Managing sponsored content based on device characteristics
US8103545B2 (en) 2005-09-14 2012-01-24 Jumptap, Inc. Managing payment for sponsored content presented to mobile communication facilities
US8195133B2 (en) 2005-09-14 2012-06-05 Jumptap, Inc. Mobile dynamic advertisement creation and placement
US8433297B2 (en) 2005-11-05 2013-04-30 Jumptag, Inc. System for targeting advertising content to a plurality of mobile communication facilities
US7577665B2 (en) * 2005-09-14 2009-08-18 Jumptap, Inc. User characteristic influenced search results
US7769764B2 (en) 2005-09-14 2010-08-03 Jumptap, Inc. Mobile advertisement syndication
US8832100B2 (en) 2005-09-14 2014-09-09 Millennial Media, Inc. User transaction history influenced search results
US8666376B2 (en) 2005-09-14 2014-03-04 Millennial Media Location based mobile shopping affinity program
US8229914B2 (en) 2005-09-14 2012-07-24 Jumptap, Inc. Mobile content spidering and compatibility determination
US8175585B2 (en) 2005-11-05 2012-05-08 Jumptap, Inc. System for targeting advertising content to a plurality of mobile communication facilities
US8433726B2 (en) * 2006-09-01 2013-04-30 At&T Mobility Ii Llc Personal profile data repository
US8117648B2 (en) 2008-02-08 2012-02-14 Intersections, Inc. Secure information storage and delivery system and method
US8213912B2 (en) * 2009-06-03 2012-07-03 Sandisk Il Ltd. Mobile system for providing personalized information
US20110105084A1 (en) * 2009-10-30 2011-05-05 Openwave Systems, Inc. Back-channeled packeted data
JP2011107557A (en) * 2009-11-20 2011-06-02 Fuji Xerox Co Ltd Image forming apparatus
US20120084349A1 (en) * 2009-12-30 2012-04-05 Wei-Yeh Lee User interface for user management and control of unsolicited server operations
US20120078727A1 (en) * 2009-12-30 2012-03-29 Wei-Yeh Lee Facilitation of user management of unsolicited server operations via modification thereof
US20120084348A1 (en) * 2009-12-30 2012-04-05 Wei-Yeh Lee Facilitation of user management of unsolicited server operations
US20120084151A1 (en) * 2009-12-30 2012-04-05 Kozak Frank J Facilitation of user management of unsolicited server operations and extensions thereto
US8521778B2 (en) * 2010-05-28 2013-08-27 Adobe Systems Incorporated Systems and methods for permissions-based profile repository service
US8892680B2 (en) 2011-01-25 2014-11-18 Openwave Mobility, Inc. System and method for caching content elements with dynamic URLs
US9716744B2 (en) * 2011-10-27 2017-07-25 Microsoft Technology Licensing, Llc Remote access from mobile devices
US20130211876A1 (en) * 2011-12-20 2013-08-15 Craig Perler System and method for collection, aggregation, analysis, reporting, and monetization of personal data generated across heterogeneous systems and devices
US10223508B2 (en) * 2012-03-30 2019-03-05 Sony Corporation Consumer rights locker
US8825022B2 (en) * 2012-09-14 2014-09-02 International Business Machines Corporation Information sharing for third party applications in cellular telecommunication infrastructures
US20140136237A1 (en) * 2012-11-13 2014-05-15 Nicholas G. Anderson Healthcare data management system
US20150118672A1 (en) * 2013-10-24 2015-04-30 Google Inc. System and method for learning management
US20150262244A1 (en) * 2014-03-11 2015-09-17 Cellco Partnership D/B/A Verizon Wireless Customizable user preference information for user devices
US10181051B2 (en) 2016-06-10 2019-01-15 OneTrust, LLC Data processing systems for generating and populating a data inventory for processing data access requests
US9729583B1 (en) 2016-06-10 2017-08-08 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US10643245B2 (en) * 2016-07-15 2020-05-05 NXT-ID, Inc. Preference-driven advertising systems and methods
US10154103B2 (en) 2015-09-23 2018-12-11 At&T Intellectual Property I, L.P. System and method for exchanging a history of user activity information
US10423996B2 (en) 2016-04-01 2019-09-24 OneTrust, LLC Data processing systems and communication systems and methods for the efficient generation of privacy risk assessments
US11004125B2 (en) 2016-04-01 2021-05-11 OneTrust, LLC Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design
US11244367B2 (en) 2016-04-01 2022-02-08 OneTrust, LLC Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design
US20220164840A1 (en) 2016-04-01 2022-05-26 OneTrust, LLC Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design
US10706447B2 (en) 2016-04-01 2020-07-07 OneTrust, LLC Data processing systems and communication systems and methods for the efficient generation of privacy risk assessments
US10873606B2 (en) 2016-06-10 2020-12-22 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11227247B2 (en) 2016-06-10 2022-01-18 OneTrust, LLC Data processing systems and methods for bundled privacy policies
US11461500B2 (en) 2016-06-10 2022-10-04 OneTrust, LLC Data processing systems for cookie compliance testing with website scanning and related methods
US10282559B2 (en) 2016-06-10 2019-05-07 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US11403377B2 (en) 2016-06-10 2022-08-02 OneTrust, LLC Privacy management systems and methods
US10706174B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems for prioritizing data subject access requests for fulfillment and related methods
US11520928B2 (en) 2016-06-10 2022-12-06 OneTrust, LLC Data processing systems for generating personal data receipts and related methods
US10437412B2 (en) 2016-06-10 2019-10-08 OneTrust, LLC Consent receipt management systems and related methods
US10496846B1 (en) 2016-06-10 2019-12-03 OneTrust, LLC Data processing and communications systems and methods for the efficient implementation of privacy by design
US11675929B2 (en) 2016-06-10 2023-06-13 OneTrust, LLC Data processing consent sharing systems and related methods
US11228620B2 (en) 2016-06-10 2022-01-18 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11210420B2 (en) 2016-06-10 2021-12-28 OneTrust, LLC Data subject access request processing systems and related methods
US10997315B2 (en) * 2016-06-10 2021-05-04 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10510031B2 (en) 2016-06-10 2019-12-17 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US11074367B2 (en) 2016-06-10 2021-07-27 OneTrust, LLC Data processing systems for identity validation for consumer rights requests and related methods
US11222142B2 (en) 2016-06-10 2022-01-11 OneTrust, LLC Data processing systems for validating authorization for personal data collection, storage, and processing
US10642870B2 (en) 2016-06-10 2020-05-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US11392720B2 (en) 2016-06-10 2022-07-19 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US10452866B2 (en) 2016-06-10 2019-10-22 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11586700B2 (en) 2016-06-10 2023-02-21 OneTrust, LLC Data processing systems and methods for automatically blocking the use of tracking tools
US11295316B2 (en) 2016-06-10 2022-04-05 OneTrust, LLC Data processing systems for identity validation for consumer rights requests and related methods
US10706176B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data-processing consent refresh, re-prompt, and recapture systems and related methods
US10284604B2 (en) 2016-06-10 2019-05-07 OneTrust, LLC Data processing and scanning systems for generating and populating a data inventory
US11146566B2 (en) 2016-06-10 2021-10-12 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10509894B2 (en) 2016-06-10 2019-12-17 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11134086B2 (en) 2016-06-10 2021-09-28 OneTrust, LLC Consent conversion optimization systems and related methods
US10318761B2 (en) 2016-06-10 2019-06-11 OneTrust, LLC Data processing systems and methods for auditing data request compliance
US10909488B2 (en) 2016-06-10 2021-02-02 OneTrust, LLC Data processing systems for assessing readiness for responding to privacy-related incidents
US10762236B2 (en) 2016-06-10 2020-09-01 OneTrust, LLC Data processing user interface monitoring systems and related methods
US11416589B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11200341B2 (en) 2016-06-10 2021-12-14 OneTrust, LLC Consent receipt management systems and related methods
US10353673B2 (en) 2016-06-10 2019-07-16 OneTrust, LLC Data processing systems for integration of consumer feedback with data subject access requests and related methods
US10282700B2 (en) 2016-06-10 2019-05-07 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10242228B2 (en) 2016-06-10 2019-03-26 OneTrust, LLC Data processing systems for measuring privacy maturity within an organization
US11100444B2 (en) 2016-06-10 2021-08-24 OneTrust, LLC Data processing systems and methods for providing training in a vendor procurement process
US10503926B2 (en) 2016-06-10 2019-12-10 OneTrust, LLC Consent receipt management systems and related methods
US10726158B2 (en) 2016-06-10 2020-07-28 OneTrust, LLC Consent receipt management and automated process blocking systems and related methods
US10606916B2 (en) 2016-06-10 2020-03-31 OneTrust, LLC Data processing user interface monitoring systems and related methods
US11294939B2 (en) 2016-06-10 2022-04-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US10452864B2 (en) 2016-06-10 2019-10-22 OneTrust, LLC Data processing systems for webform crawling to map processing activities and related methods
US11354435B2 (en) 2016-06-10 2022-06-07 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US10740487B2 (en) 2016-06-10 2020-08-11 OneTrust, LLC Data processing systems and methods for populating and maintaining a centralized database of personal data
US11416109B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Automated data processing systems and methods for automatically processing data subject access requests using a chatbot
US11188615B2 (en) 2016-06-10 2021-11-30 OneTrust, LLC Data processing consent capture systems and related methods
US11438386B2 (en) 2016-06-10 2022-09-06 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11343284B2 (en) 2016-06-10 2022-05-24 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US11151233B2 (en) 2016-06-10 2021-10-19 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10839102B2 (en) 2016-06-10 2020-11-17 OneTrust, LLC Data processing systems for identifying and modifying processes that are subject to data subject access requests
US11188862B2 (en) 2016-06-10 2021-11-30 OneTrust, LLC Privacy management systems and methods
US11087260B2 (en) 2016-06-10 2021-08-10 OneTrust, LLC Data processing systems and methods for customizing privacy training
US11544667B2 (en) 2016-06-10 2023-01-03 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11636171B2 (en) 2016-06-10 2023-04-25 OneTrust, LLC Data processing user interface monitoring systems and related methods
US11336697B2 (en) 2016-06-10 2022-05-17 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10592692B2 (en) 2016-06-10 2020-03-17 OneTrust, LLC Data processing systems for central consent repository and related methods
US10803200B2 (en) 2016-06-10 2020-10-13 OneTrust, LLC Data processing systems for processing and managing data subject access in a distributed environment
US10565397B1 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11144622B2 (en) 2016-06-10 2021-10-12 OneTrust, LLC Privacy management systems and methods
US10878127B2 (en) 2016-06-10 2020-12-29 OneTrust, LLC Data subject access request processing systems and related methods
US11410106B2 (en) 2016-06-10 2022-08-09 OneTrust, LLC Privacy management systems and methods
US11057356B2 (en) 2016-06-10 2021-07-06 OneTrust, LLC Automated data processing systems and methods for automatically processing data subject access requests using a chatbot
US10776518B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Consent receipt management systems and related methods
US11475136B2 (en) 2016-06-10 2022-10-18 OneTrust, LLC Data processing systems for data transfer risk identification and related methods
US11562097B2 (en) 2016-06-10 2023-01-24 OneTrust, LLC Data processing systems for central consent repository and related methods
US11651106B2 (en) 2016-06-10 2023-05-16 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11651104B2 (en) 2016-06-10 2023-05-16 OneTrust, LLC Consent receipt management systems and related methods
US10592648B2 (en) 2016-06-10 2020-03-17 OneTrust, LLC Consent receipt management systems and related methods
US11366909B2 (en) 2016-06-10 2022-06-21 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10776517B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Data processing systems for calculating and communicating cost of fulfilling data subject access requests and related methods
US11222139B2 (en) 2016-06-10 2022-01-11 OneTrust, LLC Data processing systems and methods for automatic discovery and assessment of mobile software development kits
US10235534B2 (en) 2016-06-10 2019-03-19 OneTrust, LLC Data processing systems for prioritizing data subject access requests for fulfillment and related methods
US10565161B2 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for processing data subject access requests
US10783256B2 (en) 2016-06-10 2020-09-22 OneTrust, LLC Data processing systems for data transfer risk identification and related methods
US10949565B2 (en) 2016-06-10 2021-03-16 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10713387B2 (en) 2016-06-10 2020-07-14 OneTrust, LLC Consent conversion optimization systems and related methods
US10169609B1 (en) 2016-06-10 2019-01-01 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10275614B2 (en) 2016-06-10 2019-04-30 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10496803B2 (en) 2016-06-10 2019-12-03 OneTrust, LLC Data processing systems and methods for efficiently assessing the risk of privacy campaigns
US10796260B2 (en) 2016-06-10 2020-10-06 OneTrust, LLC Privacy management systems and methods
US11157600B2 (en) 2016-06-10 2021-10-26 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10885485B2 (en) 2016-06-10 2021-01-05 OneTrust, LLC Privacy management systems and methods
US10798133B2 (en) 2016-06-10 2020-10-06 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11481710B2 (en) 2016-06-10 2022-10-25 OneTrust, LLC Privacy management systems and methods
US11025675B2 (en) 2016-06-10 2021-06-01 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US10614247B2 (en) 2016-06-10 2020-04-07 OneTrust, LLC Data processing systems for automated classification of personal information from documents and related methods
US11238390B2 (en) 2016-06-10 2022-02-01 OneTrust, LLC Privacy management systems and methods
US10586075B2 (en) 2016-06-10 2020-03-10 OneTrust, LLC Data processing systems for orphaned data identification and deletion and related methods
US10846433B2 (en) 2016-06-10 2020-11-24 OneTrust, LLC Data processing consent management systems and related methods
US10909265B2 (en) 2016-06-10 2021-02-02 OneTrust, LLC Application privacy scanning systems and related methods
US11354434B2 (en) 2016-06-10 2022-06-07 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11727141B2 (en) 2016-06-10 2023-08-15 OneTrust, LLC Data processing systems and methods for synching privacy-related user consent across multiple computing devices
US10607028B2 (en) 2016-06-10 2020-03-31 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US11138299B2 (en) 2016-06-10 2021-10-05 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11416590B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10776514B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Data processing systems for the identification and deletion of personal data in computer systems
US10204154B2 (en) 2016-06-10 2019-02-12 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10467432B2 (en) 2016-06-10 2019-11-05 OneTrust, LLC Data processing systems for use in automatically generating, populating, and submitting data subject access requests
US10585968B2 (en) 2016-06-10 2020-03-10 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10706379B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems for automatic preparation for remediation and related methods
US11341447B2 (en) 2016-06-10 2022-05-24 OneTrust, LLC Privacy management systems and methods
US11328092B2 (en) 2016-06-10 2022-05-10 OneTrust, LLC Data processing systems for processing and managing data subject access in a distributed environment
US10440062B2 (en) 2016-06-10 2019-10-08 OneTrust, LLC Consent receipt management systems and related methods
US11418492B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing systems and methods for using a data model to select a target data asset in a data migration
US10416966B2 (en) 2016-06-10 2019-09-17 OneTrust, LLC Data processing systems for identity validation of data subject access requests and related methods
US11038925B2 (en) 2016-06-10 2021-06-15 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10848523B2 (en) 2016-06-10 2020-11-24 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10896394B2 (en) 2016-06-10 2021-01-19 OneTrust, LLC Privacy management systems and methods
US10708305B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Automated data processing systems and methods for automatically processing requests for privacy-related information
US10706131B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems and methods for efficiently assessing the risk of privacy campaigns
US10944725B2 (en) 2016-06-10 2021-03-09 OneTrust, LLC Data processing systems and methods for using a data model to select a target data asset in a data migration
US10572686B2 (en) 2016-06-10 2020-02-25 OneTrust, LLC Consent receipt management systems and related methods
US11138242B2 (en) 2016-06-10 2021-10-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US11023842B2 (en) 2016-06-10 2021-06-01 OneTrust, LLC Data processing systems and methods for bundled privacy policies
US10997318B2 (en) 2016-06-10 2021-05-04 OneTrust, LLC Data processing systems for generating and populating a data inventory for processing data access requests
US10769301B2 (en) 2016-06-10 2020-09-08 OneTrust, LLC Data processing systems for webform crawling to map processing activities and related methods
US10678945B2 (en) 2016-06-10 2020-06-09 OneTrust, LLC Consent receipt management systems and related methods
US10430740B2 (en) 2016-06-10 2019-10-01 One Trust, LLC Data processing systems for calculating and communicating cost of fulfilling data subject access requests and related methods
US10685140B2 (en) 2016-06-10 2020-06-16 OneTrust, LLC Consent receipt management systems and related methods
US11277448B2 (en) 2016-06-10 2022-03-15 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11366786B2 (en) 2016-06-10 2022-06-21 OneTrust, LLC Data processing systems for processing data subject access requests
US11416798B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing systems and methods for providing training in a vendor procurement process
US10949170B2 (en) 2016-06-10 2021-03-16 OneTrust, LLC Data processing systems for integration of consumer feedback with data subject access requests and related methods
US11625502B2 (en) 2016-06-10 2023-04-11 OneTrust, LLC Data processing systems for identifying and modifying processes that are subject to data subject access requests
US11301796B2 (en) 2016-06-10 2022-04-12 OneTrust, LLC Data processing systems and methods for customizing privacy training
US10438017B2 (en) 2016-06-10 2019-10-08 OneTrust, LLC Data processing systems for processing data subject access requests
US10454973B2 (en) 2016-06-10 2019-10-22 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10853501B2 (en) 2016-06-10 2020-12-01 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10565236B1 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10509920B2 (en) 2016-06-10 2019-12-17 OneTrust, LLC Data processing systems for processing data subject access requests
US11222309B2 (en) 2016-06-10 2022-01-11 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10013577B1 (en) 2017-06-16 2018-07-03 OneTrust, LLC Data processing systems for identifying whether cookies contain personally identifying information
US11386171B1 (en) 2017-10-30 2022-07-12 Wells Fargo Bank, N.A. Data collection and filtering for virtual assistants
US10505737B1 (en) * 2018-06-04 2019-12-10 Syniverse Technologies, Llc System and method for blockchain-based consent and campaign management
US11144675B2 (en) 2018-09-07 2021-10-12 OneTrust, LLC Data processing systems and methods for automatically protecting sensitive data within privacy management systems
US10803202B2 (en) 2018-09-07 2020-10-13 OneTrust, LLC Data processing systems for orphaned data identification and deletion and related methods
US11544409B2 (en) 2018-09-07 2023-01-03 OneTrust, LLC Data processing systems and methods for automatically protecting sensitive data within privacy management systems
CN109710593A (en) * 2019-01-03 2019-05-03 江苏东智数据技术股份有限公司 A kind of personal data transaction platform
WO2022011142A1 (en) 2020-07-08 2022-01-13 OneTrust, LLC Systems and methods for targeted data discovery
US11444976B2 (en) 2020-07-28 2022-09-13 OneTrust, LLC Systems and methods for automatically blocking the use of tracking tools
WO2022032072A1 (en) 2020-08-06 2022-02-10 OneTrust, LLC Data processing systems and methods for automatically redacting unstructured data from a data subject access request
WO2022060860A1 (en) 2020-09-15 2022-03-24 OneTrust, LLC Data processing systems and methods for detecting tools for the automatic blocking of consent requests
US20230334158A1 (en) 2020-09-21 2023-10-19 OneTrust, LLC Data processing systems and methods for automatically detecting target data transfers and target data processing
WO2022099023A1 (en) 2020-11-06 2022-05-12 OneTrust, LLC Systems and methods for identifying data processing activities based on data discovery results
US11687528B2 (en) 2021-01-25 2023-06-27 OneTrust, LLC Systems and methods for discovery, classification, and indexing of data in a native computing system
US11442906B2 (en) 2021-02-04 2022-09-13 OneTrust, LLC Managing custom attributes for domain objects defined within microservices
WO2022170254A1 (en) 2021-02-08 2022-08-11 OneTrust, LLC Data processing systems and methods for anonymizing data samples in classification analysis
WO2022173912A1 (en) 2021-02-10 2022-08-18 OneTrust, LLC Systems and methods for mitigating risks of third-party computing system functionality integration into a first-party computing system
US11775348B2 (en) 2021-02-17 2023-10-03 OneTrust, LLC Managing custom workflows for domain objects defined within microservices
WO2022178219A1 (en) 2021-02-18 2022-08-25 OneTrust, LLC Selective redaction of media content
EP4305539A1 (en) 2021-03-08 2024-01-17 OneTrust, LLC Data transfer discovery and analysis systems and related methods
US11562078B2 (en) 2021-04-16 2023-01-24 OneTrust, LLC Assessing and managing computational risk involved with integrating third party computing functionality within a computing system
WO2023013087A1 (en) * 2021-08-04 2023-02-09 パナソニックIpマネジメント株式会社 Information providing method
US11620142B1 (en) 2022-06-03 2023-04-04 OneTrust, LLC Generating and customizing user interfaces for demonstrating functions of interactive user environments
US11899814B1 (en) 2022-08-24 2024-02-13 Arthur Hustad Method and system for providing control over storage of and access to user data

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020035556A1 (en) * 1999-12-20 2002-03-21 Shah Ajit S. Information exchange engine providing a critical infrastructure layer and methods of use thereof
US20020046163A1 (en) * 2000-10-12 2002-04-18 Alexander Shahidi Method for controlled exchange of secure information using a personal data safe
US20030028427A1 (en) * 2001-08-02 2003-02-06 International Business Machines Corporation User control of electronic personal information while browsing the Web

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010049620A1 (en) * 2000-02-29 2001-12-06 Blasko John P. Privacy-protected targeting system
AU2592701A (en) * 1999-12-23 2001-07-03 My-E-Surveys.Com, Llc System and methods for internet commerce and communication based on customer interaction and preferences
US6571216B1 (en) * 2000-01-14 2003-05-27 International Business Machines Corporation Differential rewards with dynamic user profiling

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020035556A1 (en) * 1999-12-20 2002-03-21 Shah Ajit S. Information exchange engine providing a critical infrastructure layer and methods of use thereof
US20020046163A1 (en) * 2000-10-12 2002-04-18 Alexander Shahidi Method for controlled exchange of secure information using a personal data safe
US20030028427A1 (en) * 2001-08-02 2003-02-06 International Business Machines Corporation User control of electronic personal information while browsing the Web

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
DATABASE UNKNOWN [Online] KONG D.: 'Infomediatries get your consent to sell personal data privacy firms may not be able to keep their promise', XP002968154 Retrieved from DIALOG Database accession no. 10283001 & SAN JOSE MERCURY NEWS 10 October 1999, *
DATABASE UNKNOWN [Online] MARKOFF J.: 'Novell to offer data-privacy technology for internet', XP002968153 Retrieved from DIALOG Database accession no. 07673458 & NEW YORK TIMES 22 March 1999, *
FISHER S.: 'Firm lets users profit from their demographic data' LOS ANGELES BUSINESS JOURNAL, [Online] 03 January 2000, XP002968155 Retrieved from the Internet: <URL:http://www.findarticles.com> [retrieved on 2003-04-08] *
'Where privacy pays' MVALUE, [Online] 15 August 2000, XP002968152 Retrieved from the Internet: <URL:www.mvalue.com/index.jsp> *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2560585A (en) * 2017-03-17 2018-09-19 Digi Me Ltd Data processing apparatus and methods
US20210166246A1 (en) * 2017-09-20 2021-06-03 James Fournier Internet data usage control system
US11727414B2 (en) * 2017-09-20 2023-08-15 Portable Data Corporation Internet data usage control system

Also Published As

Publication number Publication date
US20030097451A1 (en) 2003-05-22
GB2398414A (en) 2004-08-18
DE10297409T5 (en) 2004-12-23
GB0410120D0 (en) 2004-06-09
AU2002348990A1 (en) 2003-05-26
WO2003042773A3 (en) 2004-06-10

Similar Documents

Publication Publication Date Title
US20030097451A1 (en) Personal data repository
US20040117322A1 (en) System, method and computer program product for providing profile information
US6496855B1 (en) Web site registration proxy system
CA2753977C (en) Systems and methods for using verified information cards in a communications network
US7076558B1 (en) User-centric consent management system and method
US7912971B1 (en) System and method for user-centric authorization to access user-specific information
US6421729B1 (en) System and method for controlling transmission of stored information to internet websites
Cranor 'I didn't buy it for myself'privacy and ecommerce personalization
EP1482707B1 (en) An internet interface system
US7107269B2 (en) Methods and apparatus for providing privacy-preserving global customization
US20070088713A1 (en) Method of secure online targeted marketing
US20020049907A1 (en) Permission based data exchange
KR100723540B1 (en) Method for evaluating a profile for risk and/or reward
EP0951158A2 (en) System and method for controlling transmission of stored information to internet websites
US20090106088A1 (en) Method and device for storing and accessing personal information
KR20020049011A (en) Business privacy in the electronic marketplace
US20150170140A1 (en) System and method for supporting analytics and visualization based on transaction, device and wallet data
WO2002033610A1 (en) Personal information protective method, personal information protective system, processing device, portable transmitter/receiver, and program
WO2013066766A1 (en) Enterprise social media management platform with single sign-on
JPH1196229A (en) Method for providing information and its system
JP6680733B2 (en) Generation device, generation method, and generation program
JP6976372B2 (en) Generator, generation method and generation program
JP2002183092A (en) Personalized service providing system
JP2000076189A (en) System and method for controlling transmission of stored information to internet web site
KR20000030758A (en) Information Marketing Business Model and Technical Implementating Methology includes its system which providing information utilizing its unique authentificatiry agent on Internet.

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LU MC NL PT SE SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

ENP Entry into the national phase

Ref document number: 0410120

Country of ref document: GB

Kind code of ref document: A

Free format text: PCT FILING DATE = 20021114

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP