US20180262514A1 - Methods and systems for user opt-in to data privacy agreements - Google Patents

Methods and systems for user opt-in to data privacy agreements Download PDF

Info

Publication number
US20180262514A1
US20180262514A1 US15/587,748 US201715587748A US2018262514A1 US 20180262514 A1 US20180262514 A1 US 20180262514A1 US 201715587748 A US201715587748 A US 201715587748A US 2018262514 A1 US2018262514 A1 US 2018262514A1
Authority
US
United States
Prior art keywords
user
application
personal information
information
offer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US15/587,748
Other versions
US10075451B1 (en
Inventor
Nicholas HALL
Steven Eakin
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Veripath Inc
Original Assignee
Veripath Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Family has litigation
First worldwide family litigation filed litigation Critical https://patents.darts-ip.com/?family=63406537&utm_source=google_patent&utm_medium=platform_link&utm_campaign=public_patent_search&patent=US20180262514(A1) "Global patent litigation dataset” by Darts-ip is licensed under a Creative Commons Attribution 4.0 International License.
Application filed by Veripath Inc filed Critical Veripath Inc
Priority to US15/587,748 priority Critical patent/US10075451B1/en
Assigned to VENPATH, INC. reassignment VENPATH, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: EAKIN, STEVEN, HALL, NICHOLAS
Priority to CA3055124A priority patent/CA3055124C/en
Priority to PCT/US2018/021476 priority patent/WO2018165380A1/en
Priority to EP18763515.6A priority patent/EP3593512A4/en
Priority to AU2018230973A priority patent/AU2018230973B2/en
Priority to US16/111,126 priority patent/US10476884B2/en
Assigned to VERIPATH, INC. reassignment VERIPATH, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: VENPATH, INC.
Publication of US10075451B1 publication Critical patent/US10075451B1/en
Application granted granted Critical
Publication of US20180262514A1 publication Critical patent/US20180262514A1/en
Priority to US16/680,062 priority patent/US11350280B2/en
Priority to AU2021236515A priority patent/AU2021236515A1/en
Assigned to VERIPATH, INC. reassignment VERIPATH, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: EAKIN, STEVEN, HALL, NICHOLAS
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/20Services signaling; Auxiliary data signalling, i.e. transmitting data via a non-traffic channel
    • H04W4/23Services signaling; Auxiliary data signalling, i.e. transmitting data via a non-traffic channel for mobile advertising
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/084Access security using delegated authorisation, e.g. open authorisation [OAuth] protocol
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/37Managing security policies for mobile devices or for controlling mobile applications

Definitions

  • the application generally relates to managing privacy of personal information on computer systems, and more particularly, in one aspect, to systems and methods for allowing users to opt-in to data sharing arrangement as part of data privacy agreements.
  • Such information is gathered in at least two ways.
  • the user may be prompted to input or otherwise provide the information, such as by typing his home address into a form, or by logging into an online banking program by providing her bank account information.
  • information about her activities or status may be collected automatically by the application.
  • a navigation application may determine and store the user's current or previous locations, and may identify patterns in the user's movements, such as by concluding that a location to which the user travels each weekday morning is his place of employment. Vast amounts of such information may be collected as the user moves through the digital world, including purchasing (and even browsing) history on ecommerce sites, social media activities and relationships, favorite websites, dining habits, and the like.
  • a “Privacy-as-a-Process” (PaaS) arrangement allows a component of an application (e.g., a mobile app), in conjunction with other components of a distributed system, to determine what information is to be collected from a user, how that information will be used, and what permissions are required from that user for that user.
  • a disclosure matrix is generated and populated clearly explaining to the user in an organized, concise manner what information is to be collected, and how it will be used.
  • the user is given the option to receive additional details and explanation as to the information to be collected and the uses to which it will be put.
  • the user can then provide or withhold informed consent for those uses.
  • the user may be allowed to selectively provide consent for different uses of different types of information.
  • the user may be presented with certain offers in exchange for the user's consent to a proposed use of certain personal information.
  • the offers may be in the forms of credit or money, or may relate to features of the application itself.
  • a user may be offered premium access to certain features of a mobile app that are not accessible to other classes of users, such as “basic” members.
  • the user would consent to certain uses of the user's information (including, but not limited, sale of the information to third parties).
  • the user may decline the offer, choose to disallow such use of the information and either use the basic features of the app or obtain premium access another way (such as by paying a monthly subscription for it).
  • Multiple tiers of offers may be presented to the user, with the user receiving access to better features in exchange for agreeing to share more information, and/or allow more or different uses of that information.
  • a user of an online music streaming app may be presented with the opportunity to obtain 5 credits (redeemable in the app for access to a premium service) in exchange for allowing the user's location to be shared with third parties, and may presented with the opportunity to obtain 10 credits in exchange for allowing the user's location and listening habits to be shared.
  • a method for controlling access to a user's personal information includes obtaining personal information about a user of an application; determining a required permission from the user for at least one proposed use of the personal information; presenting, to the user, a first offer to provide access to at least one enhanced function of the application in exchange for the required permission; and responsive to the user providing the required permission, providing the user with access to the at least one enhanced function of the application.
  • the at least one enhanced function of the application is functionality not available to at least one other group of users of the application.
  • the at least one enhanced function of the application is a reduced number of commercial advertisements presented to the user in the application.
  • the method includes presenting, to the user, a second offer to provide access to a second function of the application in exchange for a payment from the user; and responsive to the user making the payment, providing the user with access to the second function of the application.
  • the personal information includes at least one of user location, user name, user address, user background information, user age, user gender, user household income, user family or marital status, and user transactional history.
  • the at least one proposed use of the personal information includes at least one of analytics, market research, market segmentation, and disclosure to third parties.
  • the method includes determining a value for the required permission from the user for at least one proposed use of the personal information; and generating the first offer based, at least in part, on the value for the required permission.
  • the value is determined with reference to at least one of the type of the personal information and demographic information for the user.
  • the method includes determining a second required permission from the user for a second at least one proposed use of the personal information; presenting, to the user, a second offer to provide access to a second at least one enhanced function of the application in exchange for the second required permission; and responsive to the user providing the second required permission, providing the user with access to the second at least one enhanced function of the application.
  • determining the required permission from the user for the at least one proposed use of the personal information is performed with reference to at least one of a current location of the user, a previous location of the user, and a residential location of the user.
  • the application is a mobile application installed on a mobile device.
  • a method for controlling access to a user's personal information includes obtaining personal information about a user of an application; determining a required permission from the user for at least one proposed use of the personal information; presenting, to the user, a plurality of offers to provide access to at least one function of the application, at least one first offer of the plurality of offers conditioned on the user providing the required permission; and responsive to the user accepting one of the plurality of offers, providing the user with access to the at least one function of the application.
  • the method includes presenting, to the user, at least one second offer to provide access to the at least one function of the application in exchange for a payment from the user; and responsive to the user making the payment, providing the user with access to the at least one function of the application.
  • a system for controlling access to personal information includes an application component executed by a software application and configured to identify at least one piece of personal information proposed to be collected by the software application and at least one proposed use of the personal information, the at least one piece of personal information relating to a user of the software application; a permission component configured to identify a necessary permission to be obtained from the user for the at least one proposed use of the personal information; and a privacy display component configured to display to the user the at least one item of personal information about the user proposed to be collected by the application and the at least one proposed use of the personal information, and to receive from the user an indication relating to the necessary permission.
  • the permission component is configured to identify the necessary permission to be obtained from the user based on at least one of a current location of the user, a previous location of the user, and a residential location of the user.
  • the privacy display component is configured to display the at least one item of personal information about the user proposed to be collected by the application in a display matrix, the at least one item of personal information being visually related to the at least one proposed use of the personal information.
  • the display matrix is presented to the user on a website.
  • the display matrix is presented to the user in the application.
  • the application component is configured to identify the at least one piece of personal information to be collected by the software application and the at least one proposed use of the personal information based on a privacy policy of the software application.
  • the permission component comprises an offer database including a plurality of offers to be presented to the user, the offer being an offer of a benefit in exchange for the user providing the necessary permission.
  • the indication from the user is a gesture in the user interface.
  • a method for controlling access to a user's personal information includes identifying at least one piece of personal information proposed to be collected by a software application, the at least one piece of personal information relating to a user of the software application; identifying at least one proposed use of the personal information; determining a necessary permission to be obtained from the user for the at least one proposed use of the personal information; displaying to the user the at least one item of personal information about the user proposed to be collected by the software application and the at least one proposed use of the personal information; and receiving from the user an indication relating to the necessary permission.
  • a method for controlling access to a user's personal information includes obtaining, from an application executing on a device of a user of the application, personal information about the user of an application; determining a required permission from the user for at least one proposed use of the personal information; presenting, to the user, a first offer to provide access to at least one enhanced function of the application in exchange for the required permission; and responsive to the user providing the required permission, providing the user with access to the at least one enhanced function of the application.
  • the method includes determining a value for the required permission from the user for at least one proposed use of the personal information; and generating the first offer based, at least in part, on the value for the required permission.
  • the value is determined with reference to at least one of the type of the personal information and demographic information for the user.
  • the at least one enhanced function of the application is functionality not available to at least one other group of users of the application.
  • the at least one enhanced function of the application is a reduced number of commercial advertisements presented to the user in the application.
  • the method includes presenting to the user, simultaneously with the first offer, a second offer to provide access to the at least one enhanced function of the application in exchange for a payment from the user; and, responsive to the user making the payment, providing the user with access to the at least one enhanced function of the application.
  • the method includes presenting, to the user, a second offer to provide access to a second function of the application in exchange for a payment from the user; and responsive to the user making the payment, providing the user with access to the second function of the application.
  • the personal information includes at least one of user location, user name, user address, user background information, user age, user gender, user household income, user family or marital status, and user transactional history.
  • the at least one proposed use of the personal information includes at least one of analytics, market research, market segmentation, and disclosure to third parties.
  • the method includes determining a second required permission from the user for a second at least one proposed use of the personal information; presenting, to the user, a second offer to provide access to a second at least one enhanced function of the application in exchange for the second required permission; and responsive to the user providing the second required permission, providing the user with access to the second at least one enhanced function of the application.
  • determining the required permission from the user for the at least one proposed use of the personal information is performed with reference to at least one of a current location of the user, a previous location of the user, and a residential location of the user.
  • the application is a mobile application installed on a mobile device.
  • the method includes displaying at least one item of personal information about the user proposed to be collected by the application in a display matrix, the at least one item of personal information being visually related to the at least one proposed use of the personal information.
  • the display matrix is presented to the user on one of a website and the application.
  • the method includes identifying at least one piece of personal information to be collected by the application and the at least one proposed use of the personal information based on a privacy policy of the application.
  • the method includes receiving, from user, an indication regarding required permission via a user interface of the device.
  • the indication from the user is a gesture in the user interface.
  • FIG. 1 is a block diagram of a computer system for controlling access to personal information according to some embodiments
  • FIG. 2 is a block diagram of an application component of a computer system for controlling access to personal information according to some embodiments
  • FIG. 3 is a block diagram of a permission component of a computer system for controlling access to personal information according to some embodiments
  • FIG. 4 is an exemplary user interface according to some embodiments.
  • FIG. 5 is a flow diagram of one example process for controlling access to a user's information according to some embodiments
  • FIG. 6 is an exemplary user interface according to some embodiments.
  • FIG. 7 is a block diagram of one example of a computer system on which aspects and embodiments of this disclosure may be implemented.
  • references to “or” may be construed as inclusive so that any terms described using “or” may indicate any of a single, more than one, and all of the described terms. Any references to front and back, left and right, top and bottom, upper and lower, and vertical and horizontal are intended for convenience of description, not to limit the present systems and methods or their components to any one positional or spatial orientation.
  • FIG. 1 is a block diagram of a system 100 configured to perform methods of soliciting user opt-in to data privacy agreements.
  • the system 100 includes an application component 110 configured to execute on a user device 102 , such as the user's mobile device, laptop computer, or other computing device 102 .
  • the application component 110 is configured to identify one or more pieces of personal information to be collected by the application, as well as one or more intended uses of that personal information.
  • a permission component 120 which is configured to identify a necessary permission to be obtained from the user for the at least one proposed use of the information.
  • the permission component 120 may preferably be a separate component (e.g., a server) operated by a sysadmin of the system 100 , or may instead be a part of the application component 110 .
  • the permission component 120 may identify the necessary permission to be obtained with reference to one or more sources, such as the laws or regulations of the jurisdiction in which the user is located, by a policy set by the sysadmin of the system 100 or by the offeror of the application in which the application component 110 is located, or otherwise.
  • the permission component 120 may determine that a particular user must opt-in (i.e., consent) to a particular use of a particular piece of information (e.g., providing the user's zip code and email address to a third-party) before such a use can be made, but need not provide consent about another use of such information (e.g., market research by the offeror of the app itself).
  • a particular user must opt-in (i.e., consent) to a particular use of a particular piece of information (e.g., providing the user's zip code and email address to a third-party) before such a use can be made, but need not provide consent about another use of such information (e.g., market research by the offeror of the app itself).
  • the permission component 120 populates the privacy display component 130 with information about the type of personal information collected and the proposed use of the personal information so that the user can review and/or opt-in to the proposed uses as necessary.
  • the permission component 120 may be provided on a website, and the application component 110 and/or the application itself may provide a link to the website or otherwise direct the user to the information, such as in a browser of the user device 102 .
  • the user's personal information and proposed uses thereof may be presented in a disclosure matrix, with the user being provided the opportunity in the disclosure matrix to opt-in or opt-out of the proposed use as necessary.
  • Personal information refers to information about the user device 102 and/or any users associated with the user device 102 .
  • Personal information may include, but is not limited to, personally-identifiable information (PII) that can potentially identify an individual.
  • PII personally-identifiable information
  • Such personal information may include, for example, the user's name, age, address, phone number, email address, online user ID/handle, date of birth, account number, bank card number, frequent flyer number, and social security number (SSN) or other government-issued identification number.
  • Other personal information may include a user's password; transaction history; a log of online activity, such as websites browsed, search engine activity, ecommerce items viewed, social media interactions, streaming music or video activity; and identifiers of friends or relations.
  • the personal information may further include demographic information about the user, including age group, race/ethnicity, country of citizenship or origin, occupation, income bracket, political affiliations, religious affiliations, hobbies, or interests.
  • the personal information may further include identifiers of the user device 102 , such as the IP address, MAC address, operating system version, or other information.
  • the personal information may be intended or desired to be used in a variety of ways, either by entities associated with the application (e.g., the application creator or offeror) or by third-parties to whom the personal information may be sold, leased, or exchanged for, either in its entirety or in modified form, such as in anonymized or partially-anonymized form.
  • the personal information may be segmented and/or aggregated with other personal information and used for a variety of ends, including analytics, market research, market segmentation, and media targeting. Arrangements for providing the personal information to third parties should also be considered “uses” unto themselves for purposes of this disclosure.
  • FIG. 2 shows an application component 110 according to some embodiments.
  • the application component 110 includes an executable component 210 , a data store 220 , and a network interface 240 .
  • the executable component 210 executes one or more instructions to identify the type of personal information to be collected, and the proposed use of the information.
  • the executable component 210 may be implemented as a Software Development Kit (SDK) within the application, the SDK collecting data from the application to determine what personal information is to be collected and what use is proposed for the personal information.
  • SDK Software Development Kit
  • the executable component 210 may be called by the application executable itself, or may be actively provided the personal information types and uses.
  • the executable component 210 may also actively obtain the personal information types and uses by interacting with the application via an Application Programming Interface (API), or by library interposition, network interposition, or other techniques.
  • API Application Programming Interface
  • the executable component 210 may interact with the application via the application interface 230 .
  • the data store 220 may store the personal information types and uses, or identifiers thereof, as well as any relevant user information, including but not limited to a user identifier, the user's age, location, citizenship, privacy preferences, and the like.
  • the data store 220 may store such information in association with one or more users for which those types and uses are relevant.
  • the data store 220 may also store metadata about the opt-in process itself, such as what disclosures were presented to the user, the time/date when the user opted in, etc. Such metadata may be used to filter what data is used in certain ways. For example, some third parties may wish to obtain only data collected under certain conditions, or meeting certain levels of compliance with jurisdictional requirements.
  • the personal information types and uses may be provided to other components of the system 200 (e.g., the permission component 120 ) by the application component 110 via the network interface 240 .
  • the application component 110 may communicate with other components of the system 200 using a network interface provided by the application, or by the user device 102 generally. In such embodiments, the network interface 240 may not be included in the application component 110 .
  • FIG. 3 shows a permission component 120 according to some embodiments.
  • the permission component 120 includes a network interface 350 configured to receive, from the application component 110 , information about the personal information types and uses, as well as user information.
  • the permission component 120 further includes a processor 310 configured to determine what permissions are necessary for the personal information types and proposed uses identified by the application component 110 .
  • the processor 310 makes such a determination with reference to a rules database 320 .
  • the rules database 320 may include a set of rules regarding what level of opt-in, if any, is required, for certain uses of certain types of personal information. By applying one or more rules from the rules database 320 to the personal information types and uses received from the application component 110 , the permission component 120 can determine what permission is presently required from the user of the application.
  • the rules database 320 may include different rules for a single type of use based on one or more aspects of the user's information, characteristics of the user, including the user's location, citizenship, age, privacy preferences, and the like. For example, providing location information to a third-party may be the type of use for an adult user for which no permission is required, but for which opt-in must be sought for juvenile users (e.g., less than 18 years of age).
  • the rules database 320 may encode the privacy rules of one or more jurisdictions, and may be applied as part of a hierarchy or decision tree. For example, if it is determined that the user is located in the European Union, a different branch of process flow for applying rules from the rules database 320 may be applied.
  • the user's information, the personal information types and uses, the necessary permissions (determined, for example, with reference to rules database 320 ), and other information may be stored in a data warehouse 340 .
  • the rules applied by the rules database 320 may not be legally or contractually mandated rules, but rather may be policies, guidelines, best practices, or privacy preferences set by the user, the application offeror, or the sysadmin of system 200 .
  • the user may set certain privacy preferences that require the user's opt-in for certain uses of personal information where such opt-in would not otherwise be required or sought.
  • the permission component 120 includes an offer database 330 .
  • the offer database 330 may include on or more offers of compensation in exchange for the user's opt-in to certain uses of information. Such compensation may include benefits relating to the application itself, including credits for additional features, services, or benefits, or enhanced or “premium” subscription levels.
  • the processor 310 may identify necessary opt-ins for particular uses of information for a particular user, and may locate in the offer database 330 one or more offers relevant or responsive to the user agreeing to opt-in.
  • the permission component 120 also includes a network interface 350 configured to communicate with the privacy display component 130 .
  • the permission component 120 causes the privacy display component 130 to generate a display for the user showing the personal information types and uses the application proposes to make with the information.
  • the privacy display component 130 may also provide the user the opportunity to provide the necessary opt-ins or receive more information about the proposed uses.
  • the privacy display component 130 is configured to display the personal information use and opt-in information in a “disclosure matrix.”
  • the disclosure matrix may summarize or otherwise reflect the official privacy policy set by the maker of the app, and may be a traditional legal document in the form of an agreement or waiver.
  • the terms of the privacy policy may be summarized by a human being to create the disclosure matrix, or the disclosure matrix may be generated from the privacy policy by an automated computer process configured to parse the privacy policy.
  • important terms or elements of the privacy policy may be flagged by a human to facilitate such an automatic process.
  • the disclosure matrix itself either alone or in conjunction with other documents, may serve as the legally operative privacy policy.
  • FIG. 4 shows an exemplary disclosure matrix 400 according to some embodiments.
  • the disclosure matrix 400 includes a general region 410 , a disclosure region 420 , and a resource region 430 .
  • the general region 410 includes metadata or other information about the disclosure matrix 400 itself or an underlying privacy policy. For example the dates on which the disclosure matrix 400 was created and most recently updated may be indicated in text boxes 412 and 414 , respectively.
  • An identifier of the app such as the app name or identifier of the app's creator, and the name of the operative document (e.g., “consumer privacy policy”) are indicated in text box 416 .
  • the disclosure region 420 includes columns 422 - 428 that disclose what information is being collected, describes the information at some level of detail, how the information will be used, and whether third parties will receive the information.
  • columns 422 and 424 disclose the general categories and specific types of personal information to be collected by the app. Such categories may include basic data about the user or their device on which the app is operating; location data derived from the device or other information gleaned about the user's location; behavioral data describing the user's activities within or related to the app; and transactional data describing the user's purchasing activities within or related to the app.
  • Column 426 identifies one or more proposed uses to be made of the personal information collected by the app and described in the corresponding location in columns 422 , 424 . Such uses may include analytics (e.g., metrics detailing how users interact with the app), marketing segmentation, or market research.
  • Column 428 identifies whether the uses contemplated in column 426 include disclosing the information to any third parties. In the illustrated embodiment, the disclosure matrix 400 simply indicates whether or not information will be disclosed to any third parties. In other embodiments, the identity of the third parties may be provided. The user may be given the opportunity to select or block one or more third parties from receiving the information.
  • Resource region 430 provides the user with access to additional detail regarding the personal information and its intended uses. For example, links may be provided to definitions for the types of information and proposed uses identified in columns 424 and 426 . By clicking and/or hovering over the links, definitions and additional detail may be provided. In some embodiments, the resource region 430 is not separate from the disclosure region 420 . For example, in column 426 , the word “Analytics” may appear as a hyperlink; clicking or hovering over it may cause the definition of “Analytics” to appear.
  • the application component 110 is configured to receive the user's opt-in directly in the application itself.
  • the disclosure matrix 400 may also include one or more user interface elements (not shown), including buttons, text boxes, radio buttons, or pull-down menus, allowing the user to interact with the disclosure matrix 400 by opting-in (or not) to a particular use of a particular type of information.
  • the disclosure matrix 400 may include an “Agree” button the user can click to agree to the proposed uses of the personal information set out in the disclosure region 420 .
  • each row of personal information in the disclosure region 420 may be associated with such an element, so that the user may opt-in (or not) to each individual use.
  • the application component 110 , the permission component 120 , and the privacy display component 130 are arranged in a distributed manner.
  • the application component 110 executes on the user device 102 (e.g., a smartphone); the permission component 120 executes on a server or other system remote from the application component 110 ; and the privacy display component 130 presents information (e.g., as a website) on a system remote from the application component 110 .
  • the privacy display component 130 may reside on the same system as the permission component 120 , or may reside remotely from both the application component 110 and the permission component 120 .
  • Such a distributed arrangement offers an improvement over known systems.
  • the system allows for an entity operating the application component 110 to display the privacy policy information in a standardized format that can be changed by the entity or the user.
  • a permission component 120 remote from the application component 110 allows for permission rules and requirements to be updated (due to changed user preferences, changes in the law, or otherwise) without requiring changes to the application component 110 running on the user device 102 .
  • Such updates to an application typically interrupt use of the application, and require the user to agree to the updates.
  • a user who declines to install such an update may have his/her personal information collected under an out-of-date permission scheme, thereby making the collection out of compliance.
  • the use of the current system avoids such problems by allowing for updates to be made to the rules executed by the permission component 120 without disruption to the user.
  • the user may be presented with one or more offers relating to the app in exchange for opting-in to certain uses of the user's personal information by the app or third-parties.
  • the user may be offered, at no monetary cost, access to a premium subscription or enhanced functionality of the app that would otherwise cost money.
  • the user may be required to opt-in to a particular use of the user's personal information.
  • the user may also be presented with another offer to pay money for the same premium benefits, or may be offered a lesser benefit in exchange for a different kind of use of the user's personal information, such as analytics analysis by the app provider instead of the information being provided to a third party.
  • FIG. 5 illustrates a method 500 for controlling access to a user's personal information according to some embodiments.
  • step 510 method 500 begins.
  • personal information about a user of an application is obtained.
  • a proposed use for the information is also determined.
  • the personal information may include the user's name and address, and the application may propose to use the information by selling it to a third party.
  • the application may actively provide the information to a system component (e.g., the executable component 210 discussed above), or the personal information may be obtained by a process interacting with the application via an Application Programming Interface (API), or by library interposition, network interposition, or other techniques.
  • API Application Programming Interface
  • a required permission from the user is determined for at least one proposed use of the personal information.
  • a database may be referenced to determine whether the user's consent is required for a propose use of a particular type of personal information.
  • Different rules may be provided for a single type of use based on one or more aspects of the user's information or characteristics of the user, including the user's location, citizenship, age, privacy preferences, and the like.
  • the privacy rules of one or more jurisdictions may be stored and applied as part of a hierarchy or decision tree. For example, one set of rules may be applied for a user in a particular jurisdiction, and a different set of rules may be applied for a second user in a second jurisdiction.
  • the permissions required may not be legally or contractually mandated, but rather may be policies, guidelines, best practices, or privacy preferences set by the user, the application offeror, or a system administrator.
  • a first offer is presented to the user to provide access to at least one enhanced function of the application in exchange for the required permission.
  • the user may be presented with one or more offers relating to the app in exchange for opting-in to certain uses of the user's personal information by the app or third-parties.
  • the offer may include, for example, access to a premium or enhanced feature of the app.
  • certain features of the app may be “unlocked” or otherwise made available. Such features may otherwise only be available in exchange for monetary payment by the user, or may be unavailable altogether apart from opting-in to the offer.
  • the offer may be for a premium subscription level, or may be an offer for any level of subscription that would otherwise require a one-time or recurring payment.
  • the offer may be for a number of “credits” or other currency for use in or in connection with the app.
  • a user of a music download app in which songs must otherwise be purchased using a credit card or other traditional payment method, may be offered credits that may be redeemed to obtain songs.
  • the offer may be for monetary compensation or the equivalent (e.g., a debit card or gift card).
  • a user may be offered a benefit for a limited amount of time (e.g., a month-long premium subscription), or may be offered a benefit for unlimited use of the information.
  • the offer may include a term giving the user the opportunity to opt-out of the offer at certain times, possibly losing the benefit and withdrawing consent to the use of the information.
  • One or more offers may be presented to the user sequentially or simultaneously.
  • the offers may relate to each other in some aspect, such as by offering different benefits in exchange for the same use of certain personal information, or, conversely, by offering the same benefit in exchange for using different pieces of personal information.
  • offers may be selected for presentation to the user based on the user's personal information or other information or characteristics of the user. For example, the personal information of a user in a certain demographic (e.g., a particular age range, household or personal income range, geographic location, etc.) may be of particular interest to marketers. To entice that desirable user to agree to allow such third parties to use the user's personal information, the user may be presented with a more valuable offer than other users. For example, the desirable user may be offered 20 credits in exchange for a particular use of the user's information, whereas other users of lesser interest may be offered only 15 credits.
  • Offers may also be presented to users based on the user's known offer preferences, either with respect to the current app or other settings. For example, if a user has repeatedly accepted, from among a number of offers, an offer for a month's worth of a premium subscription in exchange for allowing the use of the user's in-app behavior, that user may be initially presented with a similar offer at the next opportunity.
  • the user's past preferences with offers may determine, at least in part, the terms of a current offer. For example, if a user has consistently agreed to certain uses of certain personal information in exchange for premium access, the user may be offered the same premium access in exchange for additional uses of the personal information, or uses of additional or different personal information. In this incremental manner, the true value of the user's opt-in can be estimated.
  • an offer market may be established or referred to, with the potential offers to be presented to users adjusted periodically based on interest and/or acceptance of the offer by users. For example, if an offer of 20 credits in exchange for use of a user's personal information is accepted by a very high percentage of users, that may indicate that the offer is higher than necessary. In that case, the number of credits offered may be reduced, or the amount of information to be used, or the types of uses, may be increased or otherwise changed.
  • two or more offers may be presented simultaneously via a user interface, for example, on the user's mobile device.
  • FIG. 6 shows a screenshot of an exemplary user interface 600 according to some embodiments.
  • the first offer 610 offers the user access to a “basic version” of the app in exchange for allowing use of the user's location and gender.
  • the second offer 620 offers the user access to a “premium version” of the app in exchange for allowing use of the user's location, gender, age, and income.
  • the user may select the first offer 610 or second offer 620 by interacting with user interface elements, such as the buttons 612 , 622 , respectively, or clicking the offers themselves.
  • the offers may be swipeable, or otherwise interacted with to indicate whether the user is interested in the offer. For example, the user may “swipe away” the first offer, causing another offer to be displayed in its place. Information about what offers the user is interested in may be used to iteratively refine the selection of offers for the user.
  • the user is provided with access to the at least one enhanced function of the application responsive to the user providing the required permission.
  • the user may be automatically granted the access immediately, or may be provided with a promo or authorization code that can be entered within the app to access the enhanced functionality.
  • method 500 ends.
  • FIG. 7 is a block diagram of a distributed computer system 700 , in which various aspects and functions discussed above may be practiced.
  • the distributed computer system 700 may include one or more computer systems.
  • the distributed computer system 700 includes three computer systems 702 , 704 and 706 .
  • the computer systems 702 , 704 and 706 are interconnected by, and may exchange data through, a communication network 708 .
  • the network 708 may include any communication network through which computer systems may exchange data.
  • the computer systems 702 , 704 , and 706 and the network 708 may use various methods, protocols and standards including, among others, token ring, Ethernet, Wireless Ethernet, Bluetooth, radio signaling, infra-red signaling, TCP/IP, UDP, HTTP, FTP, SNMP, SMS, MMS, SS7, JSON, XML, REST, SOAP, CORBA HOP, RMI, DCOM and Web Services.
  • the functions and operations discussed for producing a three-dimensional synthetic viewpoint can be executed on computer systems 702 , 704 and 706 individually and/or in combination.
  • the computer systems 702 , 704 , and 706 support, for example, participation in a collaborative network.
  • a single computer system e.g., 702
  • the computer systems 702 , 704 and 706 may include personal computing devices such as cellular telephones, smart phones, tablets, “fablets,” etc., and may also include desktop computers, laptop computers, etc.
  • computer system 702 is a personal computing device specially configured to execute the processes and/or operations discussed above.
  • the computer system 702 includes at least one processor 710 (e.g., a single core or a multi-core processor), a memory 712 , a bus 714 , input/output interfaces (e.g., 716 ) and storage 718 .
  • the processor 710 which may include one or more microprocessors or other types of controllers, can perform a series of instructions that manipulate data.
  • the processor 710 is connected to other system components, including a memory 712 , by an interconnection element (e.g., the bus 714 ).
  • the memory 712 and/or storage 718 may be used for storing programs and data during operation of the computer system 702 .
  • the memory 712 may be a relatively high performance, volatile, random access memory such as a dynamic random access memory (DRAM) or static memory (SRAM).
  • the memory 712 may include any device for storing data, such as a disk drive or other non-volatile storage device, such as flash memory, solid state, or phase-change memory (PCM).
  • the functions and operations discussed with respect to generating and/or rendering synthetic three-dimensional views can be embodied in an application that is executed on the computer system 702 from the memory 712 and/or the storage 718 .
  • the application can be made available through an “app store” for download and/or purchase.
  • computer system 702 can be specially configured to execute the functions associated with producing synthetic three-dimensional views.
  • Computer system 702 also includes one or more interfaces 716 such as input devices (e.g., camera for capturing images), output devices and combination input/output devices.
  • the interfaces 716 may receive input, provide output, or both.
  • the storage 718 may include a computer-readable and computer-writeable nonvolatile storage medium in which instructions are stored that define a program to be executed by the processor.
  • the storage system 718 also may include information that is recorded, on or in, the medium, and this information may be processed by the application.
  • a medium that can be used with various embodiments may include, for example, optical disk, magnetic disk or flash memory, SSD, among others. Further, aspects and embodiments are not to a particular memory system or storage system.
  • the computer system 702 may include an operating system that manages at least a portion of the hardware components (e.g., input/output devices, touch screens, cameras, etc.) included in computer system 702 .
  • One or more processors or controllers, such as processor 710 may execute an operating system which may be, among others, a Windows-based operating system (e.g., Windows NT, ME, XP, Vista, 7, 8, or RT) available from the Microsoft Corporation, an operating system available from Apple Computer (e.g., MAC OS, including System X), one of many Linux-based operating system distributions (for example, the Enterprise Linux operating system available from Red Hat Inc.), a Solaris operating system available from Oracle Corporation, or a UNIX operating systems available from various sources. Many other operating systems may be used, including operating systems designed for personal computing devices (e.g., iOS, Android, etc.) and embodiments are not limited to any particular operating system.
  • Windows-based operating system e.g., Windows NT, ME, XP, Vista, 7,
  • the processor and operating system together define a computing platform on which applications (e.g., “apps” available from an “app store”) may be executed.
  • applications e.g., “apps” available from an “app store”
  • various functions for generating and manipulating images may be implemented in a non-programmed environment (for example, documents created in HTML, XML or other format that, when viewed in a window of a browser program, render aspects of a graphical-user interface or perform other functions).
  • various embodiments in accord with aspects of the present invention may be implemented as programmed or non-programmed components, or any combination thereof.
  • Various embodiments may be implemented in part as MATLAB functions, scripts, and/or batch jobs.
  • the invention is not limited to a specific programming language and any suitable programming language could also be used.
  • computer system 702 is shown by way of example as one type of computer system upon which various functions for producing three-dimensional synthetic views may be practiced, aspects and embodiments are not limited to being implemented on the computer system shown in FIG. 7 . Various aspects and functions may be practiced on one or more computers or similar devices having different architectures or components than that shown in FIG. 7 .

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Medical Informatics (AREA)
  • Business, Economics & Management (AREA)
  • Marketing (AREA)
  • Computing Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

A method for controlling access to a user's personal information includes obtaining, from an application executing on a device of a user of the application, personal information about the user of an application; determining a required permission from the user for at least one proposed use of the personal information; presenting, to the user, a first offer to provide access to at least one enhanced function of the application in exchange for the required permission; and responsive to the user providing the required permission, providing the user with access to the at least one enhanced function of the application.

Description

    CROSS REFERENCE TO RELATED APPLICATIONS
  • This application claims priority under 35 U.S.C. § 119(e) to U.S. Provisional Application Ser. No. 62/468,502, titled “METHODS AND SYSTEMS FOR USER OPT-IN TO DATA PRIVACY AGREEMENTS,” filed Mar. 8, 2017, which is incorporated herein by reference in its entirety.
  • BACKGROUND Technical Field
  • The application generally relates to managing privacy of personal information on computer systems, and more particularly, in one aspect, to systems and methods for allowing users to opt-in to data sharing arrangement as part of data privacy agreements.
  • Background
  • Online services, as well as the mobile device apps that can be used to access those services, are ubiquitous, allowing users to socialize, bank, shop, navigate, and more. The convenience these services offer—including the personalized features and intuitive capabilities based on users' preferences and past activities—make them nearly indispensable for many. Yet there is a tradeoff for such convenience: such services and applications must gather volumes of information about the user in order to be useful to the user.
  • Such information is gathered in at least two ways. First, the user may be prompted to input or otherwise provide the information, such as by typing his home address into a form, or by logging into an online banking program by providing her bank account information. Second, as the user interacts with the application and/or online, information about her activities or status may be collected automatically by the application. For example, a navigation application may determine and store the user's current or previous locations, and may identify patterns in the user's movements, such as by concluding that a location to which the user travels each weekday morning is his place of employment. Vast amounts of such information may be collected as the user moves through the digital world, including purchasing (and even browsing) history on ecommerce sites, social media activities and relationships, favorite websites, dining habits, and the like.
  • Because of the sensitivity of this personal information, many states and countries have enacted strict requirements for presenting users with a privacy policy detailing how the information will be used, and require that the user consent to the policy before collecting the information. Due to those requirements, users of applications that collect personal information are essentially presented with an ultimatum at the outset: either agree that the information may be collected and used by the application without compensation to the user (beyond the use of the application), or be denied access. Yet how can a user consent to something that is not adequately explained? Users often have no idea how their data is being used, because application privacy policies can be difficult to locate and impenetrable to read, often stuffed with legalese and dumped on a website. They are rarely read and even less frequently updated; ignored and promptly forgotten by user and application administrator alike.
  • Further compounding the problem, different jurisdictions require consent for different information and different uses for that information. For example, the forthcoming European Online Data privacy law in the European Union imposes strict requirements on obtaining consent, using and sharing information, and destroying the information upon request (the “right to be forgotten”). Other jurisdictions are more lax. Thus, an identical application offered to two different users in different locations may be required to obtain different types of consent, or risk alienating or annoying some users by applying the strictest requirements to all users, asking for consent beyond what is necessary for that user.
  • Once collected, some personal data may be legally resold to third parties, including marketers, researchers, and the like, who may in turn use the information for their own uses. Such purchasers must trust the assurances of the collector of the personal information (e.g., the application providers) that the data is “clean”—i.e., that it was collected in accordance with the necessary consent and other requirements. If that trust turns out to be misplaced, however, the purchaser may be liable: data resellers often require indemnification from purchasers in the event the data was illegally collected or used along the way.
  • SUMMARY
  • This disclosure addresses the drawbacks of current data collection/privacy schemes by providing an improved, more transparent opt-in process. A “Privacy-as-a-Process” (PaaS) arrangement allows a component of an application (e.g., a mobile app), in conjunction with other components of a distributed system, to determine what information is to be collected from a user, how that information will be used, and what permissions are required from that user for that user. A disclosure matrix is generated and populated clearly explaining to the user in an organized, concise manner what information is to be collected, and how it will be used. The user is given the option to receive additional details and explanation as to the information to be collected and the uses to which it will be put. The user can then provide or withhold informed consent for those uses. In some embodiments, the user may be allowed to selectively provide consent for different uses of different types of information.
  • In some embodiments, the user may be presented with certain offers in exchange for the user's consent to a proposed use of certain personal information. The offers may be in the forms of credit or money, or may relate to features of the application itself. For example, a user may be offered premium access to certain features of a mobile app that are not accessible to other classes of users, such as “basic” members. To accept the offer, the user would consent to certain uses of the user's information (including, but not limited, sale of the information to third parties). Alternatively, the user may decline the offer, choose to disallow such use of the information and either use the basic features of the app or obtain premium access another way (such as by paying a monthly subscription for it). Multiple tiers of offers may be presented to the user, with the user receiving access to better features in exchange for agreeing to share more information, and/or allow more or different uses of that information. For example, a user of an online music streaming app may be presented with the opportunity to obtain 5 credits (redeemable in the app for access to a premium service) in exchange for allowing the user's location to be shared with third parties, and may presented with the opportunity to obtain 10 credits in exchange for allowing the user's location and listening habits to be shared.
  • According to one aspect, a method for controlling access to a user's personal information is provided. The method includes obtaining personal information about a user of an application; determining a required permission from the user for at least one proposed use of the personal information; presenting, to the user, a first offer to provide access to at least one enhanced function of the application in exchange for the required permission; and responsive to the user providing the required permission, providing the user with access to the at least one enhanced function of the application.
  • According to one embodiment, the at least one enhanced function of the application is functionality not available to at least one other group of users of the application. According to another embodiment, the at least one enhanced function of the application is a reduced number of commercial advertisements presented to the user in the application. According to another embodiment, the method includes presenting, to the user, a second offer to provide access to a second function of the application in exchange for a payment from the user; and responsive to the user making the payment, providing the user with access to the second function of the application.
  • According to yet another embodiment, the personal information includes at least one of user location, user name, user address, user background information, user age, user gender, user household income, user family or marital status, and user transactional history. According to another one embodiment, the at least one proposed use of the personal information includes at least one of analytics, market research, market segmentation, and disclosure to third parties.
  • According to another embodiment, the method includes determining a value for the required permission from the user for at least one proposed use of the personal information; and generating the first offer based, at least in part, on the value for the required permission. According to a further embodiment, the value is determined with reference to at least one of the type of the personal information and demographic information for the user. According to one embodiment, the method includes determining a second required permission from the user for a second at least one proposed use of the personal information; presenting, to the user, a second offer to provide access to a second at least one enhanced function of the application in exchange for the second required permission; and responsive to the user providing the second required permission, providing the user with access to the second at least one enhanced function of the application.
  • According to one embodiment, determining the required permission from the user for the at least one proposed use of the personal information is performed with reference to at least one of a current location of the user, a previous location of the user, and a residential location of the user. According to another embodiment, the application is a mobile application installed on a mobile device.
  • According to another aspect, a method for controlling access to a user's personal information is provided. The method includes obtaining personal information about a user of an application; determining a required permission from the user for at least one proposed use of the personal information; presenting, to the user, a plurality of offers to provide access to at least one function of the application, at least one first offer of the plurality of offers conditioned on the user providing the required permission; and responsive to the user accepting one of the plurality of offers, providing the user with access to the at least one function of the application.
  • According to one embodiment, the method includes presenting, to the user, at least one second offer to provide access to the at least one function of the application in exchange for a payment from the user; and responsive to the user making the payment, providing the user with access to the at least one function of the application.
  • According to another aspect, a system for controlling access to personal information is provided. The system includes an application component executed by a software application and configured to identify at least one piece of personal information proposed to be collected by the software application and at least one proposed use of the personal information, the at least one piece of personal information relating to a user of the software application; a permission component configured to identify a necessary permission to be obtained from the user for the at least one proposed use of the personal information; and a privacy display component configured to display to the user the at least one item of personal information about the user proposed to be collected by the application and the at least one proposed use of the personal information, and to receive from the user an indication relating to the necessary permission.
  • According to one embodiment, the permission component is configured to identify the necessary permission to be obtained from the user based on at least one of a current location of the user, a previous location of the user, and a residential location of the user. According to another embodiment, the privacy display component is configured to display the at least one item of personal information about the user proposed to be collected by the application in a display matrix, the at least one item of personal information being visually related to the at least one proposed use of the personal information. According to a further embodiment, the display matrix is presented to the user on a website. According to a further embodiment, the display matrix is presented to the user in the application.
  • According to another embodiment, the application component is configured to identify the at least one piece of personal information to be collected by the software application and the at least one proposed use of the personal information based on a privacy policy of the software application. According to yet another embodiment, the permission component comprises an offer database including a plurality of offers to be presented to the user, the offer being an offer of a benefit in exchange for the user providing the necessary permission. According to still another embodiment, the indication from the user is a gesture in the user interface.
  • According to another aspect, a method for controlling access to a user's personal information is provided. The method includes identifying at least one piece of personal information proposed to be collected by a software application, the at least one piece of personal information relating to a user of the software application; identifying at least one proposed use of the personal information; determining a necessary permission to be obtained from the user for the at least one proposed use of the personal information; displaying to the user the at least one item of personal information about the user proposed to be collected by the software application and the at least one proposed use of the personal information; and receiving from the user an indication relating to the necessary permission.
  • According to yet another aspect, a method for controlling access to a user's personal information is provided. The method includes obtaining, from an application executing on a device of a user of the application, personal information about the user of an application; determining a required permission from the user for at least one proposed use of the personal information; presenting, to the user, a first offer to provide access to at least one enhanced function of the application in exchange for the required permission; and responsive to the user providing the required permission, providing the user with access to the at least one enhanced function of the application.
  • According to one embodiment, the method includes determining a value for the required permission from the user for at least one proposed use of the personal information; and generating the first offer based, at least in part, on the value for the required permission. According to a further embodiment, the value is determined with reference to at least one of the type of the personal information and demographic information for the user.
  • According to another embodiment, the at least one enhanced function of the application is functionality not available to at least one other group of users of the application. According to yet another embodiment, the at least one enhanced function of the application is a reduced number of commercial advertisements presented to the user in the application. According to still another embodiment, the method includes presenting to the user, simultaneously with the first offer, a second offer to provide access to the at least one enhanced function of the application in exchange for a payment from the user; and, responsive to the user making the payment, providing the user with access to the at least one enhanced function of the application.
  • According to another embodiment, the method includes presenting, to the user, a second offer to provide access to a second function of the application in exchange for a payment from the user; and responsive to the user making the payment, providing the user with access to the second function of the application. According to yet another embodiment, the personal information includes at least one of user location, user name, user address, user background information, user age, user gender, user household income, user family or marital status, and user transactional history. According to still another embodiment, the at least one proposed use of the personal information includes at least one of analytics, market research, market segmentation, and disclosure to third parties.
  • According to yet another embodiment, the method includes determining a second required permission from the user for a second at least one proposed use of the personal information; presenting, to the user, a second offer to provide access to a second at least one enhanced function of the application in exchange for the second required permission; and responsive to the user providing the second required permission, providing the user with access to the second at least one enhanced function of the application. According to another embodiment, determining the required permission from the user for the at least one proposed use of the personal information is performed with reference to at least one of a current location of the user, a previous location of the user, and a residential location of the user.
  • According to another embodiment, the application is a mobile application installed on a mobile device. According to yet another embodiment, the method includes displaying at least one item of personal information about the user proposed to be collected by the application in a display matrix, the at least one item of personal information being visually related to the at least one proposed use of the personal information. According to a further embodiment, the display matrix is presented to the user on one of a website and the application.
  • According to another embodiment, the method includes identifying at least one piece of personal information to be collected by the application and the at least one proposed use of the personal information based on a privacy policy of the application.
  • According to another embodiment, the method includes receiving, from user, an indication regarding required permission via a user interface of the device. According to yet a further embodiment, the indication from the user is a gesture in the user interface.
  • Still other aspects, embodiments, and advantages of these exemplary aspects and embodiments are discussed in detail below. Embodiments disclosed herein may be combined with other embodiments in any manner consistent with at least one of the principles disclosed herein, and references to “an embodiment,” “some embodiments,” “an alternate embodiment,” “various embodiments,” “one embodiment,” or the like are not necessarily mutually exclusive and are intended to indicate that a particular feature, structure, or characteristic described may be included in at least one embodiment. The appearances of such terms herein are not necessarily all referring to the same embodiment.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • Various aspects of at least one embodiment are discussed below with reference to the accompanying figures, which are not intended to be drawn to scale. The figures are included to provide illustration and a further understanding of the various aspects and embodiments, and are incorporated in and constitute a part of this specification, but are not intended as a definition of the limits of the invention. In the figures, each identical or nearly identical component that is illustrated in various figures is represented by a like numeral. For purposes of clarity, not every component may be labeled in every figure. In the figures:
  • FIG. 1 is a block diagram of a computer system for controlling access to personal information according to some embodiments;
  • FIG. 2 is a block diagram of an application component of a computer system for controlling access to personal information according to some embodiments;
  • FIG. 3 is a block diagram of a permission component of a computer system for controlling access to personal information according to some embodiments;
  • FIG. 4 is an exemplary user interface according to some embodiments;
  • FIG. 5 is a flow diagram of one example process for controlling access to a user's information according to some embodiments;
  • FIG. 6 is an exemplary user interface according to some embodiments; and
  • FIG. 7 is a block diagram of one example of a computer system on which aspects and embodiments of this disclosure may be implemented.
  • DETAILED DESCRIPTION
  • It is to be appreciated that embodiments of the methods and apparatuses discussed herein are not limited in application to the details of construction and the arrangement of components set forth in the following description or illustrated in the accompanying drawings. The methods and apparatuses are capable of implementation in other embodiments and of being practiced or of being carried out in various ways. Examples of specific implementations are provided herein for illustrative purposes only and are not intended to be limiting. Also, the phraseology and terminology used herein is for the purpose of description and should not be regarded as limiting. The use herein of “including,” “comprising,” “having,” “containing,” “involving,” and variations thereof is meant to encompass the items listed thereafter and equivalents thereof as well as additional items. References to “or” may be construed as inclusive so that any terms described using “or” may indicate any of a single, more than one, and all of the described terms. Any references to front and back, left and right, top and bottom, upper and lower, and vertical and horizontal are intended for convenience of description, not to limit the present systems and methods or their components to any one positional or spatial orientation.
  • FIG. 1 is a block diagram of a system 100 configured to perform methods of soliciting user opt-in to data privacy agreements. The system 100 includes an application component 110 configured to execute on a user device 102, such as the user's mobile device, laptop computer, or other computing device 102. The application component 110 is configured to identify one or more pieces of personal information to be collected by the application, as well as one or more intended uses of that personal information.
  • Information about the personal information to be collected and the intended uses is provided to a permission component 120, which is configured to identify a necessary permission to be obtained from the user for the at least one proposed use of the information. The permission component 120 may preferably be a separate component (e.g., a server) operated by a sysadmin of the system 100, or may instead be a part of the application component 110. The permission component 120 may identify the necessary permission to be obtained with reference to one or more sources, such as the laws or regulations of the jurisdiction in which the user is located, by a policy set by the sysadmin of the system 100 or by the offeror of the application in which the application component 110 is located, or otherwise. For example, the permission component 120 may determine that a particular user must opt-in (i.e., consent) to a particular use of a particular piece of information (e.g., providing the user's zip code and email address to a third-party) before such a use can be made, but need not provide consent about another use of such information (e.g., market research by the offeror of the app itself).
  • The permission component 120 populates the privacy display component 130 with information about the type of personal information collected and the proposed use of the personal information so that the user can review and/or opt-in to the proposed uses as necessary. In a preferred embodiment, the permission component 120 may be provided on a website, and the application component 110 and/or the application itself may provide a link to the website or otherwise direct the user to the information, such as in a browser of the user device 102. In a preferred embodiment, the user's personal information and proposed uses thereof may be presented in a disclosure matrix, with the user being provided the opportunity in the disclosure matrix to opt-in or opt-out of the proposed use as necessary.
  • As used herein the term “personal information” refers to information about the user device 102 and/or any users associated with the user device 102. “Personal information” may include, but is not limited to, personally-identifiable information (PII) that can potentially identify an individual. Such personal information may include, for example, the user's name, age, address, phone number, email address, online user ID/handle, date of birth, account number, bank card number, frequent flyer number, and social security number (SSN) or other government-issued identification number. Other personal information may include a user's password; transaction history; a log of online activity, such as websites browsed, search engine activity, ecommerce items viewed, social media interactions, streaming music or video activity; and identifiers of friends or relations. The personal information may further include demographic information about the user, including age group, race/ethnicity, country of citizenship or origin, occupation, income bracket, political affiliations, religious affiliations, hobbies, or interests. The personal information may further include identifiers of the user device 102, such as the IP address, MAC address, operating system version, or other information.
  • The personal information may be intended or desired to be used in a variety of ways, either by entities associated with the application (e.g., the application creator or offeror) or by third-parties to whom the personal information may be sold, leased, or exchanged for, either in its entirety or in modified form, such as in anonymized or partially-anonymized form. The personal information may be segmented and/or aggregated with other personal information and used for a variety of ends, including analytics, market research, market segmentation, and media targeting. Arrangements for providing the personal information to third parties should also be considered “uses” unto themselves for purposes of this disclosure.
  • FIG. 2 shows an application component 110 according to some embodiments. The application component 110 includes an executable component 210, a data store 220, and a network interface 240. The executable component 210 executes one or more instructions to identify the type of personal information to be collected, and the proposed use of the information. In some embodiments, the executable component 210 may be implemented as a Software Development Kit (SDK) within the application, the SDK collecting data from the application to determine what personal information is to be collected and what use is proposed for the personal information. The executable component 210 may be called by the application executable itself, or may be actively provided the personal information types and uses. The executable component 210 may also actively obtain the personal information types and uses by interacting with the application via an Application Programming Interface (API), or by library interposition, network interposition, or other techniques. The executable component 210 may interact with the application via the application interface 230.
  • The data store 220 may store the personal information types and uses, or identifiers thereof, as well as any relevant user information, including but not limited to a user identifier, the user's age, location, citizenship, privacy preferences, and the like. The data store 220 may store such information in association with one or more users for which those types and uses are relevant. The data store 220 may also store metadata about the opt-in process itself, such as what disclosures were presented to the user, the time/date when the user opted in, etc. Such metadata may be used to filter what data is used in certain ways. For example, some third parties may wish to obtain only data collected under certain conditions, or meeting certain levels of compliance with jurisdictional requirements. The personal information types and uses may be provided to other components of the system 200 (e.g., the permission component 120) by the application component 110 via the network interface 240. In some embodiments, the application component 110 may communicate with other components of the system 200 using a network interface provided by the application, or by the user device 102 generally. In such embodiments, the network interface 240 may not be included in the application component 110.
  • FIG. 3 shows a permission component 120 according to some embodiments. The permission component 120 includes a network interface 350 configured to receive, from the application component 110, information about the personal information types and uses, as well as user information. The permission component 120 further includes a processor 310 configured to determine what permissions are necessary for the personal information types and proposed uses identified by the application component 110. The processor 310 makes such a determination with reference to a rules database 320. The rules database 320 may include a set of rules regarding what level of opt-in, if any, is required, for certain uses of certain types of personal information. By applying one or more rules from the rules database 320 to the personal information types and uses received from the application component 110, the permission component 120 can determine what permission is presently required from the user of the application.
  • The rules database 320 may include different rules for a single type of use based on one or more aspects of the user's information, characteristics of the user, including the user's location, citizenship, age, privacy preferences, and the like. For example, providing location information to a third-party may be the type of use for an adult user for which no permission is required, but for which opt-in must be sought for juvenile users (e.g., less than 18 years of age). The rules database 320 may encode the privacy rules of one or more jurisdictions, and may be applied as part of a hierarchy or decision tree. For example, if it is determined that the user is located in the European Union, a different branch of process flow for applying rules from the rules database 320 may be applied. The user's information, the personal information types and uses, the necessary permissions (determined, for example, with reference to rules database 320), and other information may be stored in a data warehouse 340.
  • It will be appreciated that the rules applied by the rules database 320 may not be legally or contractually mandated rules, but rather may be policies, guidelines, best practices, or privacy preferences set by the user, the application offeror, or the sysadmin of system 200. In one example, the user may set certain privacy preferences that require the user's opt-in for certain uses of personal information where such opt-in would not otherwise be required or sought.
  • In some embodiments, the permission component 120 includes an offer database 330. As discussed in more detail below, the offer database 330 may include on or more offers of compensation in exchange for the user's opt-in to certain uses of information. Such compensation may include benefits relating to the application itself, including credits for additional features, services, or benefits, or enhanced or “premium” subscription levels. The processor 310 may identify necessary opt-ins for particular uses of information for a particular user, and may locate in the offer database 330 one or more offers relevant or responsive to the user agreeing to opt-in.
  • The permission component 120 also includes a network interface 350 configured to communicate with the privacy display component 130. Referring again to FIG. 1, the permission component 120 causes the privacy display component 130 to generate a display for the user showing the personal information types and uses the application proposes to make with the information. The privacy display component 130 may also provide the user the opportunity to provide the necessary opt-ins or receive more information about the proposed uses. In some embodiments, the privacy display component 130 is configured to display the personal information use and opt-in information in a “disclosure matrix.”
  • In some embodiments, the disclosure matrix may summarize or otherwise reflect the official privacy policy set by the maker of the app, and may be a traditional legal document in the form of an agreement or waiver. The terms of the privacy policy may be summarized by a human being to create the disclosure matrix, or the disclosure matrix may be generated from the privacy policy by an automated computer process configured to parse the privacy policy. In some embodiments, important terms or elements of the privacy policy may be flagged by a human to facilitate such an automatic process. In still other embodiments, the disclosure matrix itself, either alone or in conjunction with other documents, may serve as the legally operative privacy policy.
  • FIG. 4 shows an exemplary disclosure matrix 400 according to some embodiments. The disclosure matrix 400 includes a general region 410, a disclosure region 420, and a resource region 430. The general region 410 includes metadata or other information about the disclosure matrix 400 itself or an underlying privacy policy. For example the dates on which the disclosure matrix 400 was created and most recently updated may be indicated in text boxes 412 and 414, respectively. An identifier of the app, such as the app name or identifier of the app's creator, and the name of the operative document (e.g., “consumer privacy policy”) are indicated in text box 416.
  • The disclosure region 420 includes columns 422-428 that disclose what information is being collected, describes the information at some level of detail, how the information will be used, and whether third parties will receive the information. In particular, columns 422 and 424 disclose the general categories and specific types of personal information to be collected by the app. Such categories may include basic data about the user or their device on which the app is operating; location data derived from the device or other information gleaned about the user's location; behavioral data describing the user's activities within or related to the app; and transactional data describing the user's purchasing activities within or related to the app.
  • Column 426 identifies one or more proposed uses to be made of the personal information collected by the app and described in the corresponding location in columns 422, 424. Such uses may include analytics (e.g., metrics detailing how users interact with the app), marketing segmentation, or market research. Column 428 identifies whether the uses contemplated in column 426 include disclosing the information to any third parties. In the illustrated embodiment, the disclosure matrix 400 simply indicates whether or not information will be disclosed to any third parties. In other embodiments, the identity of the third parties may be provided. The user may be given the opportunity to select or block one or more third parties from receiving the information.
  • Resource region 430 provides the user with access to additional detail regarding the personal information and its intended uses. For example, links may be provided to definitions for the types of information and proposed uses identified in columns 424 and 426. By clicking and/or hovering over the links, definitions and additional detail may be provided. In some embodiments, the resource region 430 is not separate from the disclosure region 420. For example, in column 426, the word “Analytics” may appear as a hyperlink; clicking or hovering over it may cause the definition of “Analytics” to appear.
  • In some embodiments, the application component 110 is configured to receive the user's opt-in directly in the application itself. In other embodiments, the disclosure matrix 400 may also include one or more user interface elements (not shown), including buttons, text boxes, radio buttons, or pull-down menus, allowing the user to interact with the disclosure matrix 400 by opting-in (or not) to a particular use of a particular type of information. For example, the disclosure matrix 400 may include an “Agree” button the user can click to agree to the proposed uses of the personal information set out in the disclosure region 420. In another example, each row of personal information in the disclosure region 420 may be associated with such an element, so that the user may opt-in (or not) to each individual use.
  • In some embodiments, as described above, the application component 110, the permission component 120, and the privacy display component 130 are arranged in a distributed manner. In one example, the application component 110 executes on the user device 102 (e.g., a smartphone); the permission component 120 executes on a server or other system remote from the application component 110; and the privacy display component 130 presents information (e.g., as a website) on a system remote from the application component 110. The privacy display component 130 may reside on the same system as the permission component 120, or may reside remotely from both the application component 110 and the permission component 120.
  • Such a distributed arrangement offers an improvement over known systems. For example, by hosting the privacy display component 130 remotely from the application component 110, the system allows for an entity operating the application component 110 to display the privacy policy information in a standardized format that can be changed by the entity or the user.
  • As another example, the use of a permission component 120 remote from the application component 110 allows for permission rules and requirements to be updated (due to changed user preferences, changes in the law, or otherwise) without requiring changes to the application component 110 running on the user device 102. Such updates to an application typically interrupt use of the application, and require the user to agree to the updates. A user who declines to install such an update may have his/her personal information collected under an out-of-date permission scheme, thereby making the collection out of compliance. The use of the current system avoids such problems by allowing for updates to be made to the rules executed by the permission component 120 without disruption to the user.
  • According to another aspect, the user may be presented with one or more offers relating to the app in exchange for opting-in to certain uses of the user's personal information by the app or third-parties. For example, the user may be offered, at no monetary cost, access to a premium subscription or enhanced functionality of the app that would otherwise cost money. In exchange for accepting this benefit, the user may be required to opt-in to a particular use of the user's personal information. To continue the example, the user may also be presented with another offer to pay money for the same premium benefits, or may be offered a lesser benefit in exchange for a different kind of use of the user's personal information, such as analytics analysis by the app provider instead of the information being provided to a third party.
  • FIG. 5 illustrates a method 500 for controlling access to a user's personal information according to some embodiments.
  • At step 510, method 500 begins.
  • At step 520, personal information about a user of an application is obtained. In some embodiments, a proposed use for the information is also determined. For example, the personal information may include the user's name and address, and the application may propose to use the information by selling it to a third party. The application may actively provide the information to a system component (e.g., the executable component 210 discussed above), or the personal information may be obtained by a process interacting with the application via an Application Programming Interface (API), or by library interposition, network interposition, or other techniques.
  • At step 530, a required permission from the user is determined for at least one proposed use of the personal information. A database may be referenced to determine whether the user's consent is required for a propose use of a particular type of personal information. Different rules may be provided for a single type of use based on one or more aspects of the user's information or characteristics of the user, including the user's location, citizenship, age, privacy preferences, and the like. The privacy rules of one or more jurisdictions may be stored and applied as part of a hierarchy or decision tree. For example, one set of rules may be applied for a user in a particular jurisdiction, and a different set of rules may be applied for a second user in a second jurisdiction. The permissions required may not be legally or contractually mandated, but rather may be policies, guidelines, best practices, or privacy preferences set by the user, the application offeror, or a system administrator.
  • At step 540, a first offer is presented to the user to provide access to at least one enhanced function of the application in exchange for the required permission. For example, the user may be presented with one or more offers relating to the app in exchange for opting-in to certain uses of the user's personal information by the app or third-parties. In one example, the offer may include, for example, access to a premium or enhanced feature of the app. For example, certain features of the app may be “unlocked” or otherwise made available. Such features may otherwise only be available in exchange for monetary payment by the user, or may be unavailable altogether apart from opting-in to the offer. In another example, the offer may be for a premium subscription level, or may be an offer for any level of subscription that would otherwise require a one-time or recurring payment. In still another example, the offer may be for a number of “credits” or other currency for use in or in connection with the app. For example, a user of a music download app, in which songs must otherwise be purchased using a credit card or other traditional payment method, may be offered credits that may be redeemed to obtain songs. In still another example, the offer may be for monetary compensation or the equivalent (e.g., a debit card or gift card).
  • Various terms for controlling the use of the information may be offered. For example, a user may be offered a benefit for a limited amount of time (e.g., a month-long premium subscription), or may be offered a benefit for unlimited use of the information. In some embodiments, the offer may include a term giving the user the opportunity to opt-out of the offer at certain times, possibly losing the benefit and withdrawing consent to the use of the information.
  • One or more offers may be presented to the user sequentially or simultaneously. In some embodiments, the offers may relate to each other in some aspect, such as by offering different benefits in exchange for the same use of certain personal information, or, conversely, by offering the same benefit in exchange for using different pieces of personal information. In some embodiments, offers may be selected for presentation to the user based on the user's personal information or other information or characteristics of the user. For example, the personal information of a user in a certain demographic (e.g., a particular age range, household or personal income range, geographic location, etc.) may be of particular interest to marketers. To entice that desirable user to agree to allow such third parties to use the user's personal information, the user may be presented with a more valuable offer than other users. For example, the desirable user may be offered 20 credits in exchange for a particular use of the user's information, whereas other users of lesser interest may be offered only 15 credits.
  • Offers may also be presented to users based on the user's known offer preferences, either with respect to the current app or other settings. For example, if a user has repeatedly accepted, from among a number of offers, an offer for a month's worth of a premium subscription in exchange for allowing the use of the user's in-app behavior, that user may be initially presented with a similar offer at the next opportunity. In some embodiments, the user's past preferences with offers may determine, at least in part, the terms of a current offer. For example, if a user has consistently agreed to certain uses of certain personal information in exchange for premium access, the user may be offered the same premium access in exchange for additional uses of the personal information, or uses of additional or different personal information. In this incremental manner, the true value of the user's opt-in can be estimated.
  • In some embodiments, an offer market may be established or referred to, with the potential offers to be presented to users adjusted periodically based on interest and/or acceptance of the offer by users. For example, if an offer of 20 credits in exchange for use of a user's personal information is accepted by a very high percentage of users, that may indicate that the offer is higher than necessary. In that case, the number of credits offered may be reduced, or the amount of information to be used, or the types of uses, may be increased or otherwise changed.
  • In some embodiments, two or more offers may be presented simultaneously via a user interface, for example, on the user's mobile device. FIG. 6 shows a screenshot of an exemplary user interface 600 according to some embodiments. In this view, the user is presented with two offers 610 and 620. The first offer 610 offers the user access to a “basic version” of the app in exchange for allowing use of the user's location and gender. The second offer 620 offers the user access to a “premium version” of the app in exchange for allowing use of the user's location, gender, age, and income. The user may select the first offer 610 or second offer 620 by interacting with user interface elements, such as the buttons 612, 622, respectively, or clicking the offers themselves. In some embodiments, the offers may be swipeable, or otherwise interacted with to indicate whether the user is interested in the offer. For example, the user may “swipe away” the first offer, causing another offer to be displayed in its place. Information about what offers the user is interested in may be used to iteratively refine the selection of offers for the user.
  • Returning again to FIG. 5, at step 550, the user is provided with access to the at least one enhanced function of the application responsive to the user providing the required permission. The user may be automatically granted the access immediately, or may be provided with a promo or authorization code that can be entered within the app to access the enhanced functionality. At step 560, method 500 ends.
  • FIG. 7 is a block diagram of a distributed computer system 700, in which various aspects and functions discussed above may be practiced. The distributed computer system 700 may include one or more computer systems. For example, as illustrated, the distributed computer system 700 includes three computer systems 702, 704 and 706. As shown, the computer systems 702, 704 and 706 are interconnected by, and may exchange data through, a communication network 708. The network 708 may include any communication network through which computer systems may exchange data. To exchange data via the network 708, the computer systems 702, 704, and 706 and the network 708 may use various methods, protocols and standards including, among others, token ring, Ethernet, Wireless Ethernet, Bluetooth, radio signaling, infra-red signaling, TCP/IP, UDP, HTTP, FTP, SNMP, SMS, MMS, SS7, JSON, XML, REST, SOAP, CORBA HOP, RMI, DCOM and Web Services.
  • According to some embodiments, the functions and operations discussed for producing a three-dimensional synthetic viewpoint can be executed on computer systems 702, 704 and 706 individually and/or in combination. For example, the computer systems 702, 704, and 706 support, for example, participation in a collaborative network. In one alternative, a single computer system (e.g., 702) can generate the three-dimensional synthetic viewpoint. The computer systems 702, 704 and 706 may include personal computing devices such as cellular telephones, smart phones, tablets, “fablets,” etc., and may also include desktop computers, laptop computers, etc.
  • Various aspects and functions in accord with embodiments discussed herein may be implemented as specialized hardware or software executing in one or more computer systems including the computer systems shown in FIGS. 1-3. In one embodiment, computer system 702 is a personal computing device specially configured to execute the processes and/or operations discussed above. As depicted, the computer system 702 includes at least one processor 710 (e.g., a single core or a multi-core processor), a memory 712, a bus 714, input/output interfaces (e.g., 716) and storage 718. The processor 710, which may include one or more microprocessors or other types of controllers, can perform a series of instructions that manipulate data. As shown, the processor 710 is connected to other system components, including a memory 712, by an interconnection element (e.g., the bus 714).
  • The memory 712 and/or storage 718 may be used for storing programs and data during operation of the computer system 702. For example, the memory 712 may be a relatively high performance, volatile, random access memory such as a dynamic random access memory (DRAM) or static memory (SRAM). In addition, the memory 712 may include any device for storing data, such as a disk drive or other non-volatile storage device, such as flash memory, solid state, or phase-change memory (PCM). In further embodiments, the functions and operations discussed with respect to generating and/or rendering synthetic three-dimensional views can be embodied in an application that is executed on the computer system 702 from the memory 712 and/or the storage 718. For example, the application can be made available through an “app store” for download and/or purchase. Once installed or made available for execution, computer system 702 can be specially configured to execute the functions associated with producing synthetic three-dimensional views.
  • Computer system 702 also includes one or more interfaces 716 such as input devices (e.g., camera for capturing images), output devices and combination input/output devices. The interfaces 716 may receive input, provide output, or both. The storage 718 may include a computer-readable and computer-writeable nonvolatile storage medium in which instructions are stored that define a program to be executed by the processor. The storage system 718 also may include information that is recorded, on or in, the medium, and this information may be processed by the application. A medium that can be used with various embodiments may include, for example, optical disk, magnetic disk or flash memory, SSD, among others. Further, aspects and embodiments are not to a particular memory system or storage system.
  • In some embodiments, the computer system 702 may include an operating system that manages at least a portion of the hardware components (e.g., input/output devices, touch screens, cameras, etc.) included in computer system 702. One or more processors or controllers, such as processor 710, may execute an operating system which may be, among others, a Windows-based operating system (e.g., Windows NT, ME, XP, Vista, 7, 8, or RT) available from the Microsoft Corporation, an operating system available from Apple Computer (e.g., MAC OS, including System X), one of many Linux-based operating system distributions (for example, the Enterprise Linux operating system available from Red Hat Inc.), a Solaris operating system available from Oracle Corporation, or a UNIX operating systems available from various sources. Many other operating systems may be used, including operating systems designed for personal computing devices (e.g., iOS, Android, etc.) and embodiments are not limited to any particular operating system.
  • The processor and operating system together define a computing platform on which applications (e.g., “apps” available from an “app store”) may be executed. Additionally, various functions for generating and manipulating images may be implemented in a non-programmed environment (for example, documents created in HTML, XML or other format that, when viewed in a window of a browser program, render aspects of a graphical-user interface or perform other functions). Further, various embodiments in accord with aspects of the present invention may be implemented as programmed or non-programmed components, or any combination thereof. Various embodiments may be implemented in part as MATLAB functions, scripts, and/or batch jobs. Thus, the invention is not limited to a specific programming language and any suitable programming language could also be used.
  • Although the computer system 702 is shown by way of example as one type of computer system upon which various functions for producing three-dimensional synthetic views may be practiced, aspects and embodiments are not limited to being implemented on the computer system shown in FIG. 7. Various aspects and functions may be practiced on one or more computers or similar devices having different architectures or components than that shown in FIG. 7.
  • Having described above several aspects of at least one embodiment, it is to be appreciated various alterations, modifications, and improvements will readily occur to those skilled in the art. Such alterations, modifications, and improvements are intended to be part of this disclosure and are intended to be within the scope of the invention. Accordingly, the foregoing description and drawings are by way of example only, and the scope of the invention should be determined from proper construction of the appended claims, and their equivalents.

Claims (17)

What is claimed is:
1. A method for controlling access to a user's personal information comprising:
providing a software component for inclusion in an application, the software component having an application programming interface (API);
obtaining, from the application executing on a device of a user of the application, personal information about the user of the application, the personal information obtained via the API by the software component executing on the device;
identifying the type of the obtained personal information;
determining, based on at least the type of obtained personal information, a required permission from the user for at least one proposed use of the obtained personal information;
presenting, to the user, a first offer to provide access to at least one enhanced function of the application in exchange for the required permission; and
responsive to the user providing the required permission, providing the user with access to the at least one enhanced function of the application.
2. The method of claim 1, further comprising:
determining a value for the required permission from the user for at least one proposed use of the personal information; and
generating the first offer based, at least in part, on the value for the required permission.
3. The method of claim 2, wherein the value is determined with reference to at least one of the type of the personal information and demographic information for the user.
4. The method of claim 1, wherein the at least one enhanced function of the application is functionality not available to at least one other group of users of the application.
5. The method of claim 1, wherein the at least one enhanced function of the application is a reduced number of commercial advertisements presented to the user in the application.
6. The method of claim 1, further comprising presenting to the user, simultaneously with the first offer, a second offer to provide access to the at least one enhanced function of the application in exchange for a payment from the user; and
responsive to the user making the payment, providing the user with access to the at least one enhanced function of the application.
7. The method of claim 1, further comprising presenting, to the user, a second offer to provide access to a second function of the application in exchange for a payment from the user; and
responsive to the user making the payment, providing the user with access to the second function of the application.
8. The method of claim 1, wherein the personal information includes at least one of user location, user name, user address, user background information, user age, user gender, user household income, user family or marital status, and user transactional history.
9. The method of claim 1, wherein the at least one proposed use of the personal information includes at least one of analytics, market research, market segmentation, and disclosure to third parties.
10. The method of claim 1, further comprising:
determining a second required permission from the user for a second at least one proposed use of the personal information;
presenting, to the user, a second offer to provide access to a second at least one enhanced function of the application in exchange for the second required permission; and
responsive to the user providing the second required permission, providing the user with access to the second at least one enhanced function of the application.
11. The method of claim 1, wherein determining the required permission from the user for the at least one proposed use of the personal information is performed with reference to at least one of a current location of the user, a previous location of the user, and a residential location of the user.
12. The method of claim 1, wherein the application is a mobile application installed on a mobile device.
13. The method of claim 1, further comprising displaying at least one item of personal information about the user proposed to be collected by the application in a display matrix, the at least one item of personal information being visually related to the at least one proposed use of the personal information.
14. The method of claim 13, wherein the display matrix is presented to the user on one of a website and the application.
15. The method of claim 1, further comprising identifying at least one piece of personal information to be collected by the application and the at least one proposed use of the personal information based on a privacy policy of the application.
16. The method of claim 1, further comprising receiving, from user, an indication regarding required permission via a user interface of the device.
17. The method of claim 16, wherein the indication from the user is a gesture in the user interface.
US15/587,748 2017-03-08 2017-05-05 Methods and systems for user opt-in to data privacy agreements Active US10075451B1 (en)

Priority Applications (8)

Application Number Priority Date Filing Date Title
US15/587,748 US10075451B1 (en) 2017-03-08 2017-05-05 Methods and systems for user opt-in to data privacy agreements
CA3055124A CA3055124C (en) 2017-03-08 2018-03-08 Methods and systems for user opt-in to data privacy agreements
AU2018230973A AU2018230973B2 (en) 2017-03-08 2018-03-08 Methods and systems for user opt-in to data privacy agreements
PCT/US2018/021476 WO2018165380A1 (en) 2017-03-08 2018-03-08 Methods and systems for user opt-in to data privacy agreements
EP18763515.6A EP3593512A4 (en) 2017-03-08 2018-03-08 Methods and systems for user opt-in to data privacy agreements
US16/111,126 US10476884B2 (en) 2017-03-08 2018-08-23 Methods and systems for user opt-in to data privacy agreements
US16/680,062 US11350280B2 (en) 2017-03-08 2019-11-11 Methods and systems for user opt-in to data privacy agreements
AU2021236515A AU2021236515A1 (en) 2017-03-08 2021-09-23 Methods and systems for user opt-in to data privacy agreements

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201762468502P 2017-03-08 2017-03-08
US15/587,748 US10075451B1 (en) 2017-03-08 2017-05-05 Methods and systems for user opt-in to data privacy agreements

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US16/111,126 Continuation US10476884B2 (en) 2017-03-08 2018-08-23 Methods and systems for user opt-in to data privacy agreements

Publications (2)

Publication Number Publication Date
US10075451B1 US10075451B1 (en) 2018-09-11
US20180262514A1 true US20180262514A1 (en) 2018-09-13

Family

ID=63406537

Family Applications (3)

Application Number Title Priority Date Filing Date
US15/587,748 Active US10075451B1 (en) 2017-03-08 2017-05-05 Methods and systems for user opt-in to data privacy agreements
US16/111,126 Active US10476884B2 (en) 2017-03-08 2018-08-23 Methods and systems for user opt-in to data privacy agreements
US16/680,062 Active 2037-06-18 US11350280B2 (en) 2017-03-08 2019-11-11 Methods and systems for user opt-in to data privacy agreements

Family Applications After (2)

Application Number Title Priority Date Filing Date
US16/111,126 Active US10476884B2 (en) 2017-03-08 2018-08-23 Methods and systems for user opt-in to data privacy agreements
US16/680,062 Active 2037-06-18 US11350280B2 (en) 2017-03-08 2019-11-11 Methods and systems for user opt-in to data privacy agreements

Country Status (5)

Country Link
US (3) US10075451B1 (en)
EP (1) EP3593512A4 (en)
AU (2) AU2018230973B2 (en)
CA (1) CA3055124C (en)
WO (1) WO2018165380A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10606906B1 (en) * 2017-09-01 2020-03-31 Workday, Inc. Summary based privacy security for benchmarking
US10769298B1 (en) 2017-09-01 2020-09-08 Workday, Inc. Security system for benchmark access
US10970417B1 (en) 2017-09-01 2021-04-06 Workday, Inc. Differential privacy security for benchmarking
WO2022072229A1 (en) * 2020-09-30 2022-04-07 Snap Inc. Real-time preview personalization
US11423433B2 (en) * 2020-09-29 2022-08-23 Rakuten Group, Inc. Payment system, method for providing information, and program
WO2022201135A1 (en) * 2021-03-23 2022-09-29 Kahn David Brener System and method for valuing and regulating a data asset backed cryptocurrency

Families Citing this family (172)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10289867B2 (en) 2014-07-27 2019-05-14 OneTrust, LLC Data processing systems for webform crawling to map processing activities and related methods
US9729583B1 (en) 2016-06-10 2017-08-08 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US10181051B2 (en) 2016-06-10 2019-01-15 OneTrust, LLC Data processing systems for generating and populating a data inventory for processing data access requests
US10706447B2 (en) 2016-04-01 2020-07-07 OneTrust, LLC Data processing systems and communication systems and methods for the efficient generation of privacy risk assessments
US20220164840A1 (en) 2016-04-01 2022-05-26 OneTrust, LLC Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design
US11004125B2 (en) 2016-04-01 2021-05-11 OneTrust, LLC Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design
US10423996B2 (en) 2016-04-01 2019-09-24 OneTrust, LLC Data processing systems and communication systems and methods for the efficient generation of privacy risk assessments
US11244367B2 (en) 2016-04-01 2022-02-08 OneTrust, LLC Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design
US11138299B2 (en) 2016-06-10 2021-10-05 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11038925B2 (en) 2016-06-10 2021-06-15 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10909265B2 (en) 2016-06-10 2021-02-02 OneTrust, LLC Application privacy scanning systems and related methods
US11354434B2 (en) 2016-06-10 2022-06-07 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11727141B2 (en) 2016-06-10 2023-08-15 OneTrust, LLC Data processing systems and methods for synching privacy-related user consent across multiple computing devices
US11222142B2 (en) 2016-06-10 2022-01-11 OneTrust, LLC Data processing systems for validating authorization for personal data collection, storage, and processing
US11227247B2 (en) 2016-06-10 2022-01-18 OneTrust, LLC Data processing systems and methods for bundled privacy policies
US10503926B2 (en) 2016-06-10 2019-12-10 OneTrust, LLC Consent receipt management systems and related methods
US11134086B2 (en) 2016-06-10 2021-09-28 OneTrust, LLC Consent conversion optimization systems and related methods
US10706174B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems for prioritizing data subject access requests for fulfillment and related methods
US11200341B2 (en) 2016-06-10 2021-12-14 OneTrust, LLC Consent receipt management systems and related methods
US10454973B2 (en) 2016-06-10 2019-10-22 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10438017B2 (en) 2016-06-10 2019-10-08 OneTrust, LLC Data processing systems for processing data subject access requests
US10235534B2 (en) 2016-06-10 2019-03-19 OneTrust, LLC Data processing systems for prioritizing data subject access requests for fulfillment and related methods
US10642870B2 (en) 2016-06-10 2020-05-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US11222139B2 (en) 2016-06-10 2022-01-11 OneTrust, LLC Data processing systems and methods for automatic discovery and assessment of mobile software development kits
US10769301B2 (en) 2016-06-10 2020-09-08 OneTrust, LLC Data processing systems for webform crawling to map processing activities and related methods
US11438386B2 (en) 2016-06-10 2022-09-06 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10685140B2 (en) 2016-06-10 2020-06-16 OneTrust, LLC Consent receipt management systems and related methods
US10565236B1 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11416798B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing systems and methods for providing training in a vendor procurement process
US11151233B2 (en) 2016-06-10 2021-10-19 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10853501B2 (en) 2016-06-10 2020-12-01 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10726158B2 (en) 2016-06-10 2020-07-28 OneTrust, LLC Consent receipt management and automated process blocking systems and related methods
US10510031B2 (en) 2016-06-10 2019-12-17 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US11087260B2 (en) 2016-06-10 2021-08-10 OneTrust, LLC Data processing systems and methods for customizing privacy training
US11328092B2 (en) 2016-06-10 2022-05-10 OneTrust, LLC Data processing systems for processing and managing data subject access in a distributed environment
US11138242B2 (en) 2016-06-10 2021-10-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US10318761B2 (en) 2016-06-10 2019-06-11 OneTrust, LLC Data processing systems and methods for auditing data request compliance
US11074367B2 (en) 2016-06-10 2021-07-27 OneTrust, LLC Data processing systems for identity validation for consumer rights requests and related methods
US11636171B2 (en) 2016-06-10 2023-04-25 OneTrust, LLC Data processing user interface monitoring systems and related methods
US10776517B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Data processing systems for calculating and communicating cost of fulfilling data subject access requests and related methods
US10997315B2 (en) 2016-06-10 2021-05-04 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10878127B2 (en) 2016-06-10 2020-12-29 OneTrust, LLC Data subject access request processing systems and related methods
US11625502B2 (en) 2016-06-10 2023-04-11 OneTrust, LLC Data processing systems for identifying and modifying processes that are subject to data subject access requests
US11475136B2 (en) 2016-06-10 2022-10-18 OneTrust, LLC Data processing systems for data transfer risk identification and related methods
US10944725B2 (en) 2016-06-10 2021-03-09 OneTrust, LLC Data processing systems and methods for using a data model to select a target data asset in a data migration
US10740487B2 (en) 2016-06-10 2020-08-11 OneTrust, LLC Data processing systems and methods for populating and maintaining a centralized database of personal data
US11366909B2 (en) 2016-06-10 2022-06-21 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10848523B2 (en) 2016-06-10 2020-11-24 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10839102B2 (en) 2016-06-10 2020-11-17 OneTrust, LLC Data processing systems for identifying and modifying processes that are subject to data subject access requests
US11301796B2 (en) 2016-06-10 2022-04-12 OneTrust, LLC Data processing systems and methods for customizing privacy training
US10467432B2 (en) 2016-06-10 2019-11-05 OneTrust, LLC Data processing systems for use in automatically generating, populating, and submitting data subject access requests
US10776518B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Consent receipt management systems and related methods
US10496846B1 (en) 2016-06-10 2019-12-03 OneTrust, LLC Data processing and communications systems and methods for the efficient implementation of privacy by design
US11025675B2 (en) 2016-06-10 2021-06-01 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US12045266B2 (en) 2016-06-10 2024-07-23 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10242228B2 (en) 2016-06-10 2019-03-26 OneTrust, LLC Data processing systems for measuring privacy maturity within an organization
US10846433B2 (en) 2016-06-10 2020-11-24 OneTrust, LLC Data processing consent management systems and related methods
US11228620B2 (en) 2016-06-10 2022-01-18 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11410106B2 (en) 2016-06-10 2022-08-09 OneTrust, LLC Privacy management systems and methods
US10509920B2 (en) 2016-06-10 2019-12-17 OneTrust, LLC Data processing systems for processing data subject access requests
US10353674B2 (en) 2016-06-10 2019-07-16 OneTrust, LLC Data processing and communications systems and methods for the efficient implementation of privacy by design
US10796260B2 (en) 2016-06-10 2020-10-06 OneTrust, LLC Privacy management systems and methods
US10181019B2 (en) 2016-06-10 2019-01-15 OneTrust, LLC Data processing systems and communications systems and methods for integrating privacy compliance systems with software development and agile tools for privacy design
US10289870B2 (en) 2016-06-10 2019-05-14 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10706131B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems and methods for efficiently assessing the risk of privacy campaigns
US11544667B2 (en) 2016-06-10 2023-01-03 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10346638B2 (en) 2016-06-10 2019-07-09 OneTrust, LLC Data processing systems for identifying and modifying processes that are subject to data subject access requests
US10430740B2 (en) 2016-06-10 2019-10-01 One Trust, LLC Data processing systems for calculating and communicating cost of fulfilling data subject access requests and related methods
US10586075B2 (en) 2016-06-10 2020-03-10 OneTrust, LLC Data processing systems for orphaned data identification and deletion and related methods
US10282692B2 (en) 2016-06-10 2019-05-07 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US10607028B2 (en) 2016-06-10 2020-03-31 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US10873606B2 (en) 2016-06-10 2020-12-22 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10437412B2 (en) 2016-06-10 2019-10-08 OneTrust, LLC Consent receipt management systems and related methods
US10585968B2 (en) 2016-06-10 2020-03-10 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10565161B2 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for processing data subject access requests
US10346637B2 (en) 2016-06-10 2019-07-09 OneTrust, LLC Data processing systems for the identification and deletion of personal data in computer systems
US11295316B2 (en) 2016-06-10 2022-04-05 OneTrust, LLC Data processing systems for identity validation for consumer rights requests and related methods
US11562097B2 (en) 2016-06-10 2023-01-24 OneTrust, LLC Data processing systems for central consent repository and related methods
US11057356B2 (en) 2016-06-10 2021-07-06 OneTrust, LLC Automated data processing systems and methods for automatically processing data subject access requests using a chatbot
US10496803B2 (en) 2016-06-10 2019-12-03 OneTrust, LLC Data processing systems and methods for efficiently assessing the risk of privacy campaigns
US11675929B2 (en) 2016-06-10 2023-06-13 OneTrust, LLC Data processing consent sharing systems and related methods
US11144622B2 (en) 2016-06-10 2021-10-12 OneTrust, LLC Privacy management systems and methods
US11416589B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US12118121B2 (en) 2016-06-10 2024-10-15 OneTrust, LLC Data subject access request processing systems and related methods
US11651106B2 (en) 2016-06-10 2023-05-16 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10592692B2 (en) 2016-06-10 2020-03-17 OneTrust, LLC Data processing systems for central consent repository and related methods
US11210420B2 (en) 2016-06-10 2021-12-28 OneTrust, LLC Data subject access request processing systems and related methods
US10949170B2 (en) 2016-06-10 2021-03-16 OneTrust, LLC Data processing systems for integration of consumer feedback with data subject access requests and related methods
US11392720B2 (en) 2016-06-10 2022-07-19 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US10885485B2 (en) 2016-06-10 2021-01-05 OneTrust, LLC Privacy management systems and methods
US10452866B2 (en) 2016-06-10 2019-10-22 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11651104B2 (en) 2016-06-10 2023-05-16 OneTrust, LLC Consent receipt management systems and related methods
US11586700B2 (en) 2016-06-10 2023-02-21 OneTrust, LLC Data processing systems and methods for automatically blocking the use of tracking tools
US10706379B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems for automatic preparation for remediation and related methods
US11294939B2 (en) 2016-06-10 2022-04-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US12052289B2 (en) 2016-06-10 2024-07-30 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10169609B1 (en) 2016-06-10 2019-01-01 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11520928B2 (en) 2016-06-10 2022-12-06 OneTrust, LLC Data processing systems for generating personal data receipts and related methods
US10776514B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Data processing systems for the identification and deletion of personal data in computer systems
US11416109B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Automated data processing systems and methods for automatically processing data subject access requests using a chatbot
US11238390B2 (en) 2016-06-10 2022-02-01 OneTrust, LLC Privacy management systems and methods
US10896394B2 (en) 2016-06-10 2021-01-19 OneTrust, LLC Privacy management systems and methods
US10708305B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Automated data processing systems and methods for automatically processing requests for privacy-related information
US11146566B2 (en) 2016-06-10 2021-10-12 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11481710B2 (en) 2016-06-10 2022-10-25 OneTrust, LLC Privacy management systems and methods
US10289866B2 (en) 2016-06-10 2019-05-14 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10509894B2 (en) 2016-06-10 2019-12-17 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10803200B2 (en) 2016-06-10 2020-10-13 OneTrust, LLC Data processing systems for processing and managing data subject access in a distributed environment
US10762236B2 (en) 2016-06-10 2020-09-01 OneTrust, LLC Data processing user interface monitoring systems and related methods
US10949565B2 (en) 2016-06-10 2021-03-16 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11100444B2 (en) 2016-06-10 2021-08-24 OneTrust, LLC Data processing systems and methods for providing training in a vendor procurement process
US10606916B2 (en) 2016-06-10 2020-03-31 OneTrust, LLC Data processing user interface monitoring systems and related methods
US10440062B2 (en) 2016-06-10 2019-10-08 OneTrust, LLC Consent receipt management systems and related methods
US10592648B2 (en) 2016-06-10 2020-03-17 OneTrust, LLC Consent receipt management systems and related methods
US10783256B2 (en) 2016-06-10 2020-09-22 OneTrust, LLC Data processing systems for data transfer risk identification and related methods
US11366786B2 (en) 2016-06-10 2022-06-21 OneTrust, LLC Data processing systems for processing data subject access requests
US10997318B2 (en) 2016-06-10 2021-05-04 OneTrust, LLC Data processing systems for generating and populating a data inventory for processing data access requests
US11188615B2 (en) 2016-06-10 2021-11-30 OneTrust, LLC Data processing consent capture systems and related methods
US10353673B2 (en) 2016-06-10 2019-07-16 OneTrust, LLC Data processing systems for integration of consumer feedback with data subject access requests and related methods
US10284604B2 (en) 2016-06-10 2019-05-07 OneTrust, LLC Data processing and scanning systems for generating and populating a data inventory
US11403377B2 (en) 2016-06-10 2022-08-02 OneTrust, LLC Privacy management systems and methods
US11336697B2 (en) 2016-06-10 2022-05-17 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11354435B2 (en) 2016-06-10 2022-06-07 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US10706176B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data-processing consent refresh, re-prompt, and recapture systems and related methods
US10798133B2 (en) 2016-06-10 2020-10-06 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10275614B2 (en) 2016-06-10 2019-04-30 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11023842B2 (en) 2016-06-10 2021-06-01 OneTrust, LLC Data processing systems and methods for bundled privacy policies
US10572686B2 (en) 2016-06-10 2020-02-25 OneTrust, LLC Consent receipt management systems and related methods
US10416966B2 (en) 2016-06-10 2019-09-17 OneTrust, LLC Data processing systems for identity validation of data subject access requests and related methods
US10614247B2 (en) 2016-06-10 2020-04-07 OneTrust, LLC Data processing systems for automated classification of personal information from documents and related methods
US11418492B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing systems and methods for using a data model to select a target data asset in a data migration
US11461500B2 (en) 2016-06-10 2022-10-04 OneTrust, LLC Data processing systems for cookie compliance testing with website scanning and related methods
US10713387B2 (en) 2016-06-10 2020-07-14 OneTrust, LLC Consent conversion optimization systems and related methods
US10909488B2 (en) 2016-06-10 2021-02-02 OneTrust, LLC Data processing systems for assessing readiness for responding to privacy-related incidents
US11157600B2 (en) 2016-06-10 2021-10-26 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10678945B2 (en) 2016-06-10 2020-06-09 OneTrust, LLC Consent receipt management systems and related methods
US10565397B1 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11343284B2 (en) 2016-06-10 2022-05-24 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US11416590B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11341447B2 (en) 2016-06-10 2022-05-24 OneTrust, LLC Privacy management systems and methods
US11222309B2 (en) 2016-06-10 2022-01-11 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10204154B2 (en) 2016-06-10 2019-02-12 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10282700B2 (en) 2016-06-10 2019-05-07 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11188862B2 (en) 2016-06-10 2021-11-30 OneTrust, LLC Privacy management systems and methods
US10452864B2 (en) 2016-06-10 2019-10-22 OneTrust, LLC Data processing systems for webform crawling to map processing activities and related methods
US10282559B2 (en) 2016-06-10 2019-05-07 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US11277448B2 (en) 2016-06-10 2022-03-15 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10013577B1 (en) 2017-06-16 2018-07-03 OneTrust, LLC Data processing systems for identifying whether cookies contain personally identifying information
US10824758B2 (en) * 2017-11-27 2020-11-03 Accenture Global Solutions Limited System and method for managing enterprise data
US11144675B2 (en) 2018-09-07 2021-10-12 OneTrust, LLC Data processing systems and methods for automatically protecting sensitive data within privacy management systems
US11544409B2 (en) 2018-09-07 2023-01-03 OneTrust, LLC Data processing systems and methods for automatically protecting sensitive data within privacy management systems
US10803202B2 (en) 2018-09-07 2020-10-13 OneTrust, LLC Data processing systems for orphaned data identification and deletion and related methods
CN109547847B (en) * 2018-11-22 2021-10-22 广州酷狗计算机科技有限公司 Method and device for adding video information and computer readable storage medium
CN110096893B (en) * 2019-04-30 2021-03-26 维沃移动通信有限公司 Object limiting method and terminal equipment
US20200380148A1 (en) * 2019-06-03 2020-12-03 Otonomo Technologies Ltd. Method and system for aggregating users' consent
US11803658B1 (en) * 2019-10-29 2023-10-31 United Services Automobile Association (Usaa) Data access control
US11797528B2 (en) 2020-07-08 2023-10-24 OneTrust, LLC Systems and methods for targeted data discovery
WO2022026564A1 (en) 2020-07-28 2022-02-03 OneTrust, LLC Systems and methods for automatically blocking the use of tracking tools
WO2022032072A1 (en) 2020-08-06 2022-02-10 OneTrust, LLC Data processing systems and methods for automatically redacting unstructured data from a data subject access request
US11436373B2 (en) 2020-09-15 2022-09-06 OneTrust, LLC Data processing systems and methods for detecting tools for the automatic blocking of consent requests
WO2022061270A1 (en) 2020-09-21 2022-03-24 OneTrust, LLC Data processing systems and methods for automatically detecting target data transfers and target data processing
US11397819B2 (en) 2020-11-06 2022-07-26 OneTrust, LLC Systems and methods for identifying data processing activities based on data discovery results
US11687528B2 (en) 2021-01-25 2023-06-27 OneTrust, LLC Systems and methods for discovery, classification, and indexing of data in a native computing system
WO2022170047A1 (en) 2021-02-04 2022-08-11 OneTrust, LLC Managing custom attributes for domain objects defined within microservices
US11494515B2 (en) 2021-02-08 2022-11-08 OneTrust, LLC Data processing systems and methods for anonymizing data samples in classification analysis
US20240098109A1 (en) 2021-02-10 2024-03-21 OneTrust, LLC Systems and methods for mitigating risks of third-party computing system functionality integration into a first-party computing system
WO2022178089A1 (en) 2021-02-17 2022-08-25 OneTrust, LLC Managing custom workflows for domain objects defined within microservices
WO2022178219A1 (en) 2021-02-18 2022-08-25 OneTrust, LLC Selective redaction of media content
US11533315B2 (en) 2021-03-08 2022-12-20 OneTrust, LLC Data transfer discovery and analysis systems and related methods
US11562078B2 (en) 2021-04-16 2023-01-24 OneTrust, LLC Assessing and managing computational risk involved with integrating third party computing functionality within a computing system
US11966497B2 (en) 2021-10-04 2024-04-23 Motorola Solutions, Inc. Data privacy management based on conditional thresholds
US11620142B1 (en) 2022-06-03 2023-04-04 OneTrust, LLC Generating and customizing user interfaces for demonstrating functions of interactive user environments

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080109376A1 (en) * 2006-10-30 2008-05-08 Maxlinear, Inc. Targeted advertisement in the digital television environment
US20130029768A1 (en) * 2011-07-29 2013-01-31 Matthias Eichstaedt Online contests with social networks

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030167202A1 (en) * 2000-07-21 2003-09-04 Marks Michael B. Methods of payment for internet programming
US20110321167A1 (en) * 2010-06-23 2011-12-29 Google Inc. Ad privacy management
US8931058B2 (en) * 2010-07-01 2015-01-06 Experian Information Solutions, Inc. Systems and methods for permission arbitrated transaction services
US10430608B2 (en) * 2013-06-14 2019-10-01 Salesforce.Com, Inc. Systems and methods of automated compliance with data privacy laws
AU2016249910A1 (en) * 2015-04-11 2017-10-26 Evidon, Inc. Methods, apparatus, and systems for providing notice of digital tracking technologies in mobile apps on mobile devices, and for recording user consent in connection with same
US10127403B2 (en) * 2015-07-30 2018-11-13 Samsung Electronics Co., Ltd. Computing system with privacy control mechanism and method of operation thereof
KR20170045703A (en) * 2015-10-19 2017-04-27 삼성전자주식회사 Electronic apparatus and the controlling method thereof

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080109376A1 (en) * 2006-10-30 2008-05-08 Maxlinear, Inc. Targeted advertisement in the digital television environment
US20130029768A1 (en) * 2011-07-29 2013-01-31 Matthias Eichstaedt Online contests with social networks

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10606906B1 (en) * 2017-09-01 2020-03-31 Workday, Inc. Summary based privacy security for benchmarking
US10769298B1 (en) 2017-09-01 2020-09-08 Workday, Inc. Security system for benchmark access
US10970417B1 (en) 2017-09-01 2021-04-06 Workday, Inc. Differential privacy security for benchmarking
US11403421B2 (en) 2017-09-01 2022-08-02 Workday, Inc. Security system for benchmark access
US11853461B2 (en) 2017-09-01 2023-12-26 Workday, Inc. Differential privacy security for benchmarking
US11423433B2 (en) * 2020-09-29 2022-08-23 Rakuten Group, Inc. Payment system, method for providing information, and program
WO2022072229A1 (en) * 2020-09-30 2022-04-07 Snap Inc. Real-time preview personalization
WO2022201135A1 (en) * 2021-03-23 2022-09-29 Kahn David Brener System and method for valuing and regulating a data asset backed cryptocurrency
US12093928B2 (en) 2021-03-23 2024-09-17 DataCoining LLC System and method for valuing and regulating a data asset backed cryptocurrency

Also Published As

Publication number Publication date
US10476884B2 (en) 2019-11-12
WO2018165380A1 (en) 2018-09-13
US20200084221A1 (en) 2020-03-12
US11350280B2 (en) 2022-05-31
US20180367545A1 (en) 2018-12-20
AU2018230973A1 (en) 2019-10-03
AU2021236515A1 (en) 2021-11-04
EP3593512A4 (en) 2020-12-09
US10075451B1 (en) 2018-09-11
CA3055124C (en) 2022-08-30
AU2018230973B2 (en) 2021-06-24
EP3593512A1 (en) 2020-01-15
CA3055124A1 (en) 2018-09-13

Similar Documents

Publication Publication Date Title
US11350280B2 (en) Methods and systems for user opt-in to data privacy agreements
US11797698B2 (en) Decentralized consent network for decoupling the storage of personally identifiable user data from user profiling data
US20210081226A1 (en) System and method for developing an application
US20210233120A1 (en) Authorization and termination of the binding of social account interactions to a master agnostic identity
US9311647B2 (en) Method and system for providing a widget usable in financial transactions
US20130185131A1 (en) System and method for integrating social and loyalty platforms
US20170193624A1 (en) Personal information certification and management system
US10963853B2 (en) Unified payment interface preference monitoring service capable of integration into merchant sites
WO2008070320A2 (en) Method and system for providing a widget for displaying multimedia content
US20080098290A1 (en) Method and system for providing a widget for displaying multimedia content
US9183002B2 (en) Method and system for providing a widget for displaying multimedia content
WO2013016320A2 (en) Customizable social campaigns
US20210241351A1 (en) Systems and methods for recommending rules for web traffic control
WO2016116599A1 (en) User controlled profiles
US20170004515A1 (en) Techniques for providing a retail poll service
US20220191172A1 (en) Systems and methods for web traffic control
US12093353B2 (en) Systems and methods for user authentication
JP6680733B2 (en) Generation device, generation method, and generation program
US20100218109A1 (en) Webtop and monetization engine, system and method
Mohammadi et al. Pattern-based incorporation of privacy preferences into privacy policies: negotiating the conflicting needs of service providers and end-users
US20180089742A1 (en) Dynamic Website Personalization and Data Sharing
Russell et al. APIs and your privacy
US10922392B2 (en) Systems and methods for generating and managing composite digital identities
US20230319049A1 (en) Method and system for workflow attestation
US20210090109A1 (en) Messaging, Protocols and APIs for Dynamic Inventory Provision by One-Time Codeshares Across Platforms

Legal Events

Date Code Title Description
AS Assignment

Owner name: VENPATH, INC., NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:HALL, NICHOLAS;EAKIN, STEVEN;REEL/FRAME:042412/0091

Effective date: 20170515

STCF Information on status: patent grant

Free format text: PATENTED CASE

AS Assignment

Owner name: VERIPATH, INC., NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:VENPATH, INC.;REEL/FRAME:046813/0798

Effective date: 20180906

AS Assignment

Owner name: VERIPATH, INC., NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:HALL, NICHOLAS;EAKIN, STEVEN;REEL/FRAME:058667/0572

Effective date: 20170515

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YR, SMALL ENTITY (ORIGINAL EVENT CODE: M2551); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY

Year of fee payment: 4