Method and apparatus for enforcing data privacy
First Claim
Patent Images
1. A method comprising:
- receiving, at a privacy platform, an alert that one or more applications has initiated a request for a sharing of local data stored at a device, wherein the privacy platform is independent of the one or more applications, and wherein the local data includes sensor data collected by one or more sensors of the device;
in response to the alert and prior to the sharing of the local data by the one or more applications, determining one or more privacy profile objects specifying one or more privacy policies for with respect to the sharing of the local data, wherein the one or more privacy profile objects are independent of the one or more applications and are created by a trusted external organization, the one or more privacy profile objects being configured for the user to selectively grant the sharing of the local data by the one or more applications, and wherein the trusted external organization is independent from one or more service providers associated with the one or more applications;
initiating an enforcement of the one or more privacy policies by applying at least one transformation of the local data to generate transformed local data that satisfies the one or more privacy policies, wherein the enforcement of the one or more privacy policies further comprises generating a prompt requesting an approval from a user of the device for granting the sharing of the local data by the one or more applications; and
fulfilling the request for the sharing of the local data by granting the one or more applications a sharing right for the transformed local data in place of the local data.
2 Assignments
0 Petitions
Accused Products
Abstract
An approach for maintaining user privacy information is described. A privacy management platform determines a request, from one or more applications, for access to local data associated with a device. The platform then determines and processes one or more privacy profile objects associated with the local data to determine one or more privacy policies associated with the local data, the device, or a combination thereof. Enforcement of the one or more privacy policies is then caused for granting access to the local data.
28 Citations
20 Claims
-
1. A method comprising:
-
receiving, at a privacy platform, an alert that one or more applications has initiated a request for a sharing of local data stored at a device, wherein the privacy platform is independent of the one or more applications, and wherein the local data includes sensor data collected by one or more sensors of the device; in response to the alert and prior to the sharing of the local data by the one or more applications, determining one or more privacy profile objects specifying one or more privacy policies for with respect to the sharing of the local data, wherein the one or more privacy profile objects are independent of the one or more applications and are created by a trusted external organization, the one or more privacy profile objects being configured for the user to selectively grant the sharing of the local data by the one or more applications, and wherein the trusted external organization is independent from one or more service providers associated with the one or more applications; initiating an enforcement of the one or more privacy policies by applying at least one transformation of the local data to generate transformed local data that satisfies the one or more privacy policies, wherein the enforcement of the one or more privacy policies further comprises generating a prompt requesting an approval from a user of the device for granting the sharing of the local data by the one or more applications; and fulfilling the request for the sharing of the local data by granting the one or more applications a sharing right for the transformed local data in place of the local data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An apparatus comprising:
-
at least one processor; and at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following, receive, at a privacy platform, an alert that one or more applications has initiated a request for a sharing of local data stored at a device, wherein the privacy platform is independent of the one or more applications, and wherein the local data includes sensor data collected by one or more sensors of the device; in response to the alert and prior to the sharing of the local data by the one or more applications, determine one or more privacy profile objects specifying one or more privacy policies for with respect to the sharing of the local data, wherein the one or more privacy profile objects are independent of the one or more applications and are created by a trusted external organization, the one or more privacy profile objects being configured for the user to selectively grant the sharing of the local data by the one or more applications, and wherein the trusted external organization is independent from one or more service providers associated with the one or more applications; initiate an enforcement of the one or more privacy policies by applying at least one transformation of the local data to generate transformed local data that satisfies the one or more privacy policies, wherein the enforcement of the one or more privacy policies further comprises generating a prompt requesting an approval from a user of the device for granting the sharing of the local data by the one or more applications; and fulfill the request for the sharing of the local data by granting the one or more applications a sharing right for the transformed local data in place of the local data. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable storage medium carrying one or more sequences of one or more instructions which, when executed by one or more processors, cause an apparatus to perform:
-
receiving, at a privacy platform, an alert that one or more applications has initiated a request for a sharing of local data stored at a device, wherein the privacy platform is independent of the one or more applications, and wherein the local data includes sensor data collected by one or more sensors of the device; in response to the alert and prior to the sharing of the local data by the one or more applications, determining one or more privacy profile objects specifying one or more privacy policies for with respect to the sharing of the local data, wherein the one or more privacy profile objects are independent of the one or more applications and are created by a trusted external organization, the one or more privacy profile objects being configured for the user to selectively grant the sharing of the local data by the one or more applications, and wherein the trusted external organization is independent from one or more service providers associated with the one or more applications; initiating an enforcement of the one or more privacy policies by applying at least one transformation of the local data to generate transformed local data that satisfies the one or more privacy policies, wherein the enforcement of the one or more privacy policies further comprises generating a prompt requesting an approval from a user of the device for granting the sharing of the local data by the one or more applications; and fulfilling the request for the sharing of the local data by granting the one or more applications a sharing right for the transformed local data in place of the local data. - View Dependent Claims (18, 19, 20)
-
Specification