Method and apparatus for enforcing data privacy

US 10,318,759 B2
Filed: 03/06/2017
Issued: 06/11/2019
Est. Priority Date: 02/28/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a privacy platform, an alert that one or more applications has initiated a request for a sharing of local data stored at a device, wherein the privacy platform is independent of the one or more applications, and wherein the local data includes sensor data collected by one or more sensors of the device;

in response to the alert and prior to the sharing of the local data by the one or more applications, determining one or more privacy profile objects specifying one or more privacy policies for with respect to the sharing of the local data, wherein the one or more privacy profile objects are independent of the one or more applications and are created by a trusted external organization, the one or more privacy profile objects being configured for the user to selectively grant the sharing of the local data by the one or more applications, and wherein the trusted external organization is independent from one or more service providers associated with the one or more applications;

initiating an enforcement of the one or more privacy policies by applying at least one transformation of the local data to generate transformed local data that satisfies the one or more privacy policies, wherein the enforcement of the one or more privacy policies further comprises generating a prompt requesting an approval from a user of the device for granting the sharing of the local data by the one or more applications; and

fulfilling the request for the sharing of the local data by granting the one or more applications a sharing right for the transformed local data in place of the local data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An approach for maintaining user privacy information is described. A privacy management platform determines a request, from one or more applications, for access to local data associated with a device. The platform then determines and processes one or more privacy profile objects associated with the local data to determine one or more privacy policies associated with the local data, the device, or a combination thereof. Enforcement of the one or more privacy policies is then caused for granting access to the local data.

28 Citations

View as Search Results

20 Claims

1. A method comprising:
- receiving, at a privacy platform, an alert that one or more applications has initiated a request for a sharing of local data stored at a device, wherein the privacy platform is independent of the one or more applications, and wherein the local data includes sensor data collected by one or more sensors of the device;
  
  in response to the alert and prior to the sharing of the local data by the one or more applications, determining one or more privacy profile objects specifying one or more privacy policies for with respect to the sharing of the local data, wherein the one or more privacy profile objects are independent of the one or more applications and are created by a trusted external organization, the one or more privacy profile objects being configured for the user to selectively grant the sharing of the local data by the one or more applications, and wherein the trusted external organization is independent from one or more service providers associated with the one or more applications;
  
  initiating an enforcement of the one or more privacy policies by applying at least one transformation of the local data to generate transformed local data that satisfies the one or more privacy policies, wherein the enforcement of the one or more privacy policies further comprises generating a prompt requesting an approval from a user of the device for granting the sharing of the local data by the one or more applications; and
  
  fulfilling the request for the sharing of the local data by granting the one or more applications a sharing right for the transformed local data in place of the local data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the enforcement of the one or more privacy policies further comprises presenting an indicator representative of the one or more privacy profile objects in a user interface of the device.
  - 3. The method of claim 1, wherein the enforcement of the one or more privacy policies further comprises denying the sharing of the local data by the one or more applications.
  - 4. The method of claim 1, further comprising:
    - processing the one or more privacy profile objects to determine one or more resources related to the enforcement of the one or more privacy policies.
  - 5. The method of claim 1, wherein the at least one transformation includes transforming the local data from a first level of data granularity to a second level of data granularity of the transformed local data.
  - 6. The method of claim 5, wherein the first level of data granularity and the second level of data granularity are previously stored in at least one source of the local data.
  - 7. The method of claim 1, wherein the at least one transformation of the local data includes decreasing level of accuracy of the local data, replacing partial of the local data with some other data, or/and adjusting granularity level of the local data.
  - 8. The method of claim 1, wherein the privacy policy objects are remotely programmable.

9. An apparatus comprising:
- at least one processor; and
  
  at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following,receive, at a privacy platform, an alert that one or more applications has initiated a request for a sharing of local data stored at a device, wherein the privacy platform is independent of the one or more applications, and wherein the local data includes sensor data collected by one or more sensors of the device;
  
  in response to the alert and prior to the sharing of the local data by the one or more applications, determine one or more privacy profile objects specifying one or more privacy policies for with respect to the sharing of the local data, wherein the one or more privacy profile objects are independent of the one or more applications and are created by a trusted external organization, the one or more privacy profile objects being configured for the user to selectively grant the sharing of the local data by the one or more applications, and wherein the trusted external organization is independent from one or more service providers associated with the one or more applications;
  
  initiate an enforcement of the one or more privacy policies by applying at least one transformation of the local data to generate transformed local data that satisfies the one or more privacy policies, wherein the enforcement of the one or more privacy policies further comprises generating a prompt requesting an approval from a user of the device for granting the sharing of the local data by the one or more applications; and
  
  fulfill the request for the sharing of the local data by granting the one or more applications a sharing right for the transformed local data in place of the local data.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The apparatus of claim 9, wherein the enforcement of the one or more privacy policies further comprises presenting an indicator representative of the one or more privacy profile objects in a user interface of the device.
  - 11. The apparatus of claim 9, wherein the enforcement of the one or more privacy policies further comprises denying the sharing of the local data by the one or more applications.
  - 12. The apparatus of claim 9, wherein the apparatus is further caused to:
    - process the one or more privacy profile objects to determine one or more resources related to the enforcement of the one or more privacy policies.
  - 13. The apparatus of claim 9, wherein the at least one transformation includes transforming the local data from a first level of data granularity to a second level of data granularity of the transformed local data.
  - 14. The apparatus of claim 13, wherein the first level of data granularity and the second level of data granularity are previously stored in at least one source of the local data.
  - 15. The apparatus of claim 9, wherein the at least one transformation of the local data includes decreasing level of accuracy of the local data, replacing partial of the local data with some other data, or/and adjusting granularity level of the local data.
  - 16. The apparatus of claim 9, wherein the privacy policy objects are remotely programmable.

17. A non-transitory computer-readable storage medium carrying one or more sequences of one or more instructions which, when executed by one or more processors, cause an apparatus to perform:
- receiving, at a privacy platform, an alert that one or more applications has initiated a request for a sharing of local data stored at a device, wherein the privacy platform is independent of the one or more applications, and wherein the local data includes sensor data collected by one or more sensors of the device;
  
  in response to the alert and prior to the sharing of the local data by the one or more applications, determining one or more privacy profile objects specifying one or more privacy policies for with respect to the sharing of the local data, wherein the one or more privacy profile objects are independent of the one or more applications and are created by a trusted external organization, the one or more privacy profile objects being configured for the user to selectively grant the sharing of the local data by the one or more applications, and wherein the trusted external organization is independent from one or more service providers associated with the one or more applications;
  
  initiating an enforcement of the one or more privacy policies by applying at least one transformation of the local data to generate transformed local data that satisfies the one or more privacy policies, wherein the enforcement of the one or more privacy policies further comprises generating a prompt requesting an approval from a user of the device for granting the sharing of the local data by the one or more applications; and
  
  fulfilling the request for the sharing of the local data by granting the one or more applications a sharing right for the transformed local data in place of the local data.
- View Dependent Claims (18, 19, 20)
- - 18. The non-transitory computer-readable storage medium of claim 17, wherein the enforcement of the one or more privacy policies further comprises presenting an indicator representative of the one or more privacy profile objects in a user interface of the device.
  - 19. The non-transitory computer-readable storage medium of claim 17, wherein the enforcement of the one or more privacy policies further comprises denying the sharing of the local data by the one or more applications.
  - 20. The non-transitory computer-readable storage medium of claim 17, wherein the at least one transformation of the local data includes decreasing level of accuracy of the local data, replacing partial of the local data with some other data, or/and adjusting granularity level of the local data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Technologies Oy (Nokia Corporation)
Inventors
Vaha-Sipila, Antti Oskari, Kujala, Henri Tapani, Niva, Mikko Antero, Oliver, Ian Justin
Primary Examiner(s)
Le, Khoi V

Application Number

US15/450,862
Publication Number

US 20170243026A1
Time in Patent Office

827 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 21/6245   Protecting personal data, e...

G06F 21/6281   at program execution time, ...

G06F 2221/2111   Location-sensitive, e.g. ge...

H04L 63/102   Entity profiles

H04L 63/107   wherein the security polici...

H04L 63/20   for managing network securi...

H04W 12/02   Protecting privacy or anony...

Method and apparatus for enforcing data privacy

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

28 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for enforcing data privacy

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links