Online Privacy Management

US 20130276136A1
Filed: 03/15/2013
Published: 10/17/2013
Est. Priority Date: 12/30/2010
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable medium of a privacy management system server storing computer-executable instructions that, when executed by a processor of a remote computing device, cause the remote computing device to:

access a Document Object Model (DOM) of a webpage, wherein the DOM is configured to include a first node that is configured to send analytics data to a third party device using a uniform resource locator stored in the first node and a second node that is configured to store private information;

in response to accessing the DOM, obtain the second node and create, in a memory, a wrapper object instead of the second node by calling a generic wrapper object function configured to create a wrapper object for at least two different node types;

configure the wrapper object to match the second node by setting values of the wrapper object according to values of the second node;

determine whether the wrapper object is to be configured to block the private information from being captured by the first node;

provide a getter function to the wrapper object, when it is determined that the wrapper object is to be configured to block the private information from being captured by the first node, the getter function being configured to analyze the private information before returning the private information; and

replace the second node with the wrapper object in the DOM.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A privacy management system (PMS) is disclosed for a Chief Privacy Officer (CPO) or other user to use in monitoring and/or controlling in realtime the flow of data (e.g., outflow) about the user and his/her online experience. The PMS may employ pattern recognition software to evaluate analytics data and potentially block private information from being sent within the analytics data. The PMS may provide a dashboard displaying a whitelist and/or blacklist indicating what destinations/sources are blocked or allowed as well as private information settings indicating what types of private information should be blocked. The PMS includes browser-client scripting code and may also include a PMS-certified verification icon and/or lock and unlock icons for display on webpages being monitored/controlled in realtime by the PMS.

71 Citations

View as Search Results

27 Claims

1. A non-transitory computer-readable medium of a privacy management system server storing computer-executable instructions that, when executed by a processor of a remote computing device, cause the remote computing device to:
- access a Document Object Model (DOM) of a webpage, wherein the DOM is configured to include a first node that is configured to send analytics data to a third party device using a uniform resource locator stored in the first node and a second node that is configured to store private information;
  
  in response to accessing the DOM, obtain the second node and create, in a memory, a wrapper object instead of the second node by calling a generic wrapper object function configured to create a wrapper object for at least two different node types;
  
  configure the wrapper object to match the second node by setting values of the wrapper object according to values of the second node;
  
  determine whether the wrapper object is to be configured to block the private information from being captured by the first node;
  
  provide a getter function to the wrapper object, when it is determined that the wrapper object is to be configured to block the private information from being captured by the first node, the getter function being configured to analyze the private information before returning the private information; and
  
  replace the second node with the wrapper object in the DOM.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The non-transitory computer-readable medium of claim 1, further storing computer-executable instructions that, when executed by the processor, cause the remote computing device to:
    - determine whether a call to the getter function is made to collect analytics data.
  - 3. The non-transitory computer-readable medium of claim 2, further storing computer-executable instructions that, when executed by the processor, cause the remote computing device to:
    - return the private information of the wrapper object to a node that called the getter function, after determining that the call to the getter function is not made to collect analytics data.
  - 4. The non-transitory computer-readable medium of claim 2, further storing computer-executable instructions that, when executed by the processor, cause the remote computing device to:
    - evaluate the private information of the wrapper object, after determining that the call to the getter function is made to collect analytics data.
  - 5. The non-transitory computer-readable medium of claim 2, further storing computer-executable instructions that, when executed by the processor, cause the remote computing device to:
    - evaluate the private information of the wrapper object, when the call to the getter function is made by the first node.
  - 6. The non-transitory computer-readable medium of claim 2, wherein determining whether a call to the getter function is made to collect analytics data comprises evaluating a stack trace.
  - 7. The non-transitory computer-readable medium of claim 2, wherein determining whether a call to the getter function is made to collect analytics data comprises evaluating a uniform resource locator of a node that called the getter function.
  - 8. The non-transitory computer-readable medium of claim 1, further storing computer-executable instructions that, when executed by the processor, cause the remote computing device to:
    - extract the private information from the wrapper object by observing properties of the wrapper object, when a call to the getter function is made; and
      
      evaluate the private information using pattern recognition processes.
  - 9. The non-transitory computer-readable medium of claim 1, further storing computer-executable instructions that, when executed by the processor, cause the remote computing device to:
    - extract the private information from the wrapper object by calling methods on the wrapper object, when a call to the getter function is made; and
      
      evaluate the private information using pattern recognition processes.
  - 10. The non-transitory computer-readable medium of claim 1, further storing computer-executable instructions that, when executed by the processor, cause the remote computing device to:
    - modify the private information extracted from the wrapper object so that the private information is no longer private; and
      
      return the modified private information to the first node.
  - 11. The non-transitory computer-readable medium of claim 1, further storing computer-executable instructions that, when executed by the processor, cause the remote computing device to:
    - report at least one of the private information of the wrapper object and the uniform resource locator stored in the first node to a database in response to a call to the getter function by the first node.
  - 12. The non-transitory computer-readable medium of claim 1, wherein the second node is replaced with the wrapper object before the second node is accessed by other nodes of the DOM.
  - 13. The non-transitory computer-readable medium of claim 1, further storing computer-executable instructions that, when executed by the processor, cause the remote computing device to:
    - generate a graphical user interface configured to permit a user to designate whether the getter function of the wrapper object is configured to analyze the private information before returning the private information.

14. An apparatus, comprising:
- at least one processor configured to transmit, over a network to a remote computing device, scripting code written in a programming language that lacks functionality to override certain functions; and
  
  memory storing the scripting code that, when executed by the remote computing device, causes the remote computing device to;
  
  access an object model of a page, wherein the object model is configured to include a first node that is configured to send analytics data to a third party device separate from the apparatus and the remote computing device, and a second node that is configured to store data;
  
  in response to accessing the object model, obtain the second node and create, in a memory, a wrapper object instead of the second node;
  
  configure the wrapper object to replicate the second node by setting data of the wrapper object according to the data of the second node;
  
  provide a getter function to the wrapper object, the getter function being configured to analyze the data before returning the data to a requesting node; and
  
  replace the second node with the wrapper object in the object model.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
- - 15. The apparatus of claim 14, wherein the getter function is configured to:
    - extract the data from the wrapper object by performing at least one of;
      
      observing properties of the wrapper object, when a call to the getter function is made; and
      
      calling methods on the wrapper object, when a call to the getter function is made;
      
      evaluate the data using pattern recognition processes; and
      
      determine whether the data includes private information based on the evaluation.
  - 16. The apparatus of claim 15, wherein the getter function is further configured to:
    - modify the data when determining that the data includes private information.
  - 17. The apparatus of claim 14, wherein the memory further stores computer-executable instructions that, when executed by the at least one processor, cause the apparatus to:
    - present a graphical user interface configured to generate rules for authorizing or blocking access to data of the page.
  - 18. The apparatus of claim 14, wherein the memory further stores additional scripting code that, when executed by a second remote computing device associated with an owner of the page, cause the second remote computing device to:
    - present a graphical user interface configured to generate rules for authorizing or blocking access to data of the page.
  - 19. The apparatus of claim 14, wherein the scripting code, when executed by the remote computing device, further causes the remote computing device to:
    - present an icon on the page; and
      
      present a graphical user interface over the page when the icon is selected, the graphical user interface configured to generate rules for authorizing or blocking access to data of the page.
  - 20. The apparatus of claim 14, wherein the scripting code, when executed by the remote computing device, further causes the remote computing device to:
    - present an icon on the page in association with the wrapper object; and
      
      modify the getter function of the wrapper object when the icon is selected.
  - 21. The apparatus of claim 20,wherein the icon is one of a lock icon and an unlock icon,wherein, when the icon is a lock icon, the getter function of the wrapper object is configured to modify the data before returning it or to refrain from returning the data, andwherein, when the icon is an unlock icon, the getter function of the wrapper object is configured to return the data without modifying the data.

22. A non-transitory computer-readable medium of a privacy management system server storing computer-executable instructions that, when executed by a processor of a remote computing device, provide:
- a means for accessing an object model of a page, wherein the object model comprises a plurality of nodes configured to store data;
  
  a means for obtaining one of the nodes among the plurality of nodes of the object model and creating a wrapper object instead of the obtained node;
  
  a means for configuring the wrapper object to replicate the obtained node by setting data of the wrapper object according to data of the obtained node;
  
  a means for providing a getter function to the wrapper object, the getter function being configured to analyze the data before returning the data to a requesting node; and
  
  a means for replacing the second node with the wrapper object in the object model.
- View Dependent Claims (23, 24, 25, 26, 27)
- - 23. The non-transitory computer-readable medium of claim 22, further storing computer-executable instructions that, when executed by the processor, cause the remote computing device to provide:
    - a means for extracting the data from the wrapper object by observing properties of the wrapper object, when a call to the getter function is made; and
      
      a means for executing pattern recognition processes on the extracted data.
  - 24. The non-transitory computer-readable medium of claim 22, further storing computer-executable instructions that, when executed by the processor, cause the remote computing device to provide:
    - a means for extracting the data from the wrapper object by calling methods on the wrapper object, when a call to the getter function is made; and
      
      a means for executing pattern recognition processes on the extracted data.
  - 25. The non-transitory computer-readable medium of claim 22, further storing computer-executable instructions that, when executed by the processor, cause the remote computing device to provide:
    - a means for modifying the data of the wrapper object so that the data does not include private information; and
      
      a means for returning the modified data to a requesting node.
  - 26. The non-transitory computer-readable medium of claim 22, further storing computer-executable instructions that, when executed by the processor, cause the remote computing device to provide:
    - a means for reporting at least one of the data of the wrapper object and a uniform resource locator, stored in a node requesting the data of the wrapper object, to a database.
  - 27. The non-transitory computer-readable medium of claim 22, further storing computer-executable instructions that, when executed by the processor, cause the remote computing device to provide:
    - a means for generating a graphical user interface configured to permit a user to designate private information that the getter function of the wrapper object is to block.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CHEQ AI Technologies (2018) Ltd. (Cheq Technologies Ltd.)
Original Assignee
Ensighten, Inc. (Cheq Technologies Ltd.)
Inventors
Goodwin, Joshua C., Manion, Joshua R.

Granted Patent

US 9,003,552 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/27
CPC Class Codes

G06F 21/62   Protecting access to data v...

G06F 21/6245   Protecting personal data, e...

G06Q 30/02   Marketing; Price estimation...

H04L 63/0428   wherein the data content is...

H04L 63/101   Access control lists [ACL]

H04L 63/102   Entity profiles

H04L 63/168   above the transport layer

H04L 63/20   for managing network securi...

H04L 67/535   Tracking the activity of th...

Online Privacy Management

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

71 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Online Privacy Management

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

71 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links