Method and system for implementing privacy notice, consent, and preference with a privacy proxy
First Claim
1. A method for processing data for a privacy policy within a data processing system, the method comprising:
- receiving, at a proxy, a first message from a server to a client; and
in response to a determination at the proxy that the first message initiates collection of personally identifiable information from the client by the server, sending a second message from the proxy to the client, wherein the second message requests consent from a user of the client to a privacy policy that concerns management of the personally identifiable information.
1 Assignment
0 Petitions
Accused Products
Abstract
A method is presented for processing data for a privacy policy concerning management of personally identifiable information. A proxy intercepts a first message from a server to a client and determines that the first message initiates collection of personally identifiable information from a user of the client. The proxy then sends a second message to the client that requests consent from the user to the privacy policy. If the user provides consent within a third message that is received by the proxy from the client, then the proxy sends the intercepted first message to the client. If the user does not provide consent, then the proxy sends a fourth message to the server that fails the collection of personally identifiable information from the client by the server. The proxy may also obtain user preferences for options concerning management of the personally identifiable information by a data processing system.
62 Citations
27 Claims
-
1. A method for processing data for a privacy policy within a data processing system, the method comprising:
-
receiving, at a proxy, a first message from a server to a client; and
in response to a determination at the proxy that the first message initiates collection of personally identifiable information from the client by the server, sending a second message from the proxy to the client, wherein the second message requests consent from a user of the client to a privacy policy that concerns management of the personally identifiable information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An apparatus for processing data for a privacy policy, the apparatus comprising:
-
means for receiving, at a proxy, a first message from a server to a client; and
means for sending, in response to a determination at the proxy that the first message initiates collection of personally identifiable information from the client by the server, a second message from the proxy to the client, wherein the second message requests consent from a user of the client to a privacy policy that concerns management of the personally identifiable information. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product on a computer readable medium for processing data for a privacy policy in a data processing system, the computer program product comprising:
-
means for receiving, at a proxy, a first message from a server to a client; and
means for sending, in response to a determination at the proxy that the first message initiates collection of personally identifiable information from the client by the server, a second message from the proxy to the client, wherein the second message requests consent from a user of the client to a privacy policy that concerns management of the personally identifiable information. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
Specification