SYSTEM AND METHOD FOR AN ANONYMOUS EXCHANGE OF PRIVATE DATA

US 20140108258A1
Filed: 10/14/2013
Published: 04/17/2014
Est. Priority Date: 12/02/2005
Status: Abandoned Application

First Claim

Patent Images

1. (canceled)

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Facilitating the purchase and sale of private data between anonymous entities based on the use of encryption and a centralized on-line entity to exchange the private data in a secure environment. The seeker of private data, such as consumer information, transmits an encrypted query to the centralized exchange entity. The query submission includes legal representations stating the legally permissible purpose for seeking the information. The centralized exchange entity compares the encrypted query to an encrypted data index collected from at least one data provider, to determine if the query matches any private data held by a data provider. The comparison is conducted within a secure, search component to ensure the privacy of all data and all parties to the transaction. The exchange entity facilitates the anonymous exchange between the data purchaser and the data provider. A payment invoice can be generated and electronically presented by maintainer. The payment may be electronically debited from the designated account of a data purchaser and remitted to a data provider. In addition, a portion of such funds may be retained by the centralized exchange entity.

40 Citations

23 Claims

1. (canceled)

2. A method comprising:
- registering, by a computer, a data provider with an exchange server configured to facilitate an exchange of private data between the data provider and a data buyer, wherein the data provider maintains the private data;
  
  responsive to registering the data provider with the exchange server, receiving, by the computer, specifications for generating an index of the private data, the index comprising a metadata associated with the private data;
  
  generating, by the computer, the index of the private data for sale based on the received specifications;
  
  encrypting, by the computer, the index with an encryption key of the exchange server;
  
  transmitting, by the computer, the encrypted index to the exchange server for generation of a searchable index for the data buyer based on the encrypted index;
  
  receiving, by the computer, a request for the private data maintained by the data provider and an identifier associated with the private data requested by the data buyer, the request for the private data is received in response to receiving, at the exchange server, a query for the private data from the data buyer and determining that the private data is maintained by the data provider based on searching the searchable index;
  
  retrieving, by the computer, the private data based on the identifier;
  
  encrypting, by the computer, the private data with the encryption key of the exchange server;
  
  transmitting, by the computer, the encrypted private data to the exchange server for arranging the exchange of the private data with the data buyer; and
  
  receiving, by the computer, a payment associated with the exchange of the private data with the data buyer by the exchange server.
- View Dependent Claims (3, 4, 5, 6, 7)
- - 3. The method of claim 2, wherein registering the data provider with the exchange server further comprises:
    - receiving, by the computer, a request for registration with an exchange server;
      
      transmitting, by the computer, registration metrics for verification at the exchange server in response to receiving the request for registration; and
      
      responsive to verification of the registration data at the exchange server, receiving, by the computer, an approval of the registration with the exchange server.
  - 4. The method of claim 2, further comprising labeling, by the computer, each data record of the index of the private data with an identifier associated with the data provider.
  - 5. The method of claim 2, further comprising receiving, by the computer, a verification that the data buyer has executed a legal representation that ensures a legally permissible use of the private data by the data buyer.
  - 6. The method of claim 2, wherein the private data comprises at least one of an address, a telephone number, and a social security number.
  - 7. The method of claim 2, wherein the private data comprises law enforcement information regarding an individual, the law enforcement information comprising at least one of a driver'"'"'s license number of the individual and information regarding a criminal history of the individual.

8. A method comprising:
- registering, by a computer, a data buyer with an exchange server configured to facilitate an exchange of private data between a data provider and the data buyer;
  
  responsive to registration, generating, by the computer, a query that identifies the data buyer and defines a purchase request for the private data;
  
  transmitting, by the computer, the query and a legal representation that the data buyer will use the private data requested in the query in accordance with permissible uses stated in the legal representation;
  
  transmitting, by the computer, a decryption key of the data buyer to the exchange server for decrypting a searchable index associated with the data buyer and searching the decrypted searchable index for the requested private data in a secure environment;
  
  responsive to finding a match for the requested private data at the exchange server, receiving, by the computer, a response to the query comprising an identifier of the private data that is assigned by the exchange server to preserve an anonymity of the data provider that maintains the private data;
  
  transmitting, by the computer, a request to purchase the private data, the request comprising the exchange server assigned identifier of the private data;
  
  receiving, by the computer, a payment request for arranging the exchange of the requested private data from the data provider to the data buyer;
  
  providing, by the computer, the requested payment for receiving the requested private data;
  
  responsive to providing the payment, receiving, by the computer, the requested private data that is encrypted with the encryption key of the data buyer.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein the private data requested comprises at least one of an address, a telephone number, and a social security number.
  - 10. The method of claim 8, wherein the private data requested comprises law enforcement information regarding an individual, the law enforcement information comprising at least one of a driver'"'"'s license number of the individual and information regarding a criminal history of the individual.
  - 11. The method of claim 8, wherein the registering further comprises:
    - receiving a registration form for entering registration metrics;
      
      transmitting the registration metrics for validation; and
      
      registering the data buyers based on an outcome of the validation.
  - 12. The method of claim 11, wherein the registration form comprises the legal representation provided by the data buyer.
  - 13. The method of claim 8, wherein the data buyer is a collection agency.
  - 14. The method of claim 8, wherein the query comprises an encrypted query.

15. A computer-implemented method for exchanging private data, comprising the steps of:
- building, by the computer, a searchable index for each data buyer of a plurality of data buyers based on at least one index of private data for sale provided by one or more of a plurality of data providers;
  
  for each searchable index of each of the plurality of data buyers, encrypting the searchable index by an encryption key associated with a respective one of the plurality of data buyers;
  
  for each searchable index of each of the plurality of data buyers, labeling each data record of each searchable index with an identifier such that the identity of a data provider of the plurality of data providers associated with the respective data record remains anonymous to the plurality of data buyers;
  
  receiving a query that identifies a data buyer of the plurality of data buyers and defines a purchase request for the private data;
  
  responsive to receiving the query, transmitting, by the computer, the searchable index associated with the data buyer, the decryption key of the data buyer, and the query to another computer configured to determine whether at least one of the data providers maintains the private data requested by the data buyer;
  
  receiving, by the computer, a search result which indicates whether at least one of the data providers maintains the private data requested by the data buyer;
  
  in response to determining that at least one of the data providers maintains the private data requested, arranging an exchange of the private data requested with the data buyer.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer-implemented method of claim 15, wherein the private data requested comprises at least one of an address, a telephone number, and a social security number.
  - 17. The computer-implemented method recited by claim 15, wherein the private data requested comprises law enforcement information regarding an individual, the law enforcement information comprising at least one of a driver'"'"'s license number of the individual and information regarding a criminal history of the individual.
  - 18. The computer-implemented method recited by claim 15, further comprising the step of receiving a legal representation from the data buyer that the data buyer will use the private data requested only in accordance with stated permissible uses.
  - 19. The computer-implemented method recited by claim 15, further comprising:
    - receiving registration form data entered by each of the data providers and the data buyers via an on-line registration form;
      
      validating the registration form data; and
      
      registering the data providers and data buyers based on an outcome of the validating.
  - 20. The computer-implemented method recited by claim 19, wherein the registering comprises:
    - receiving a legal representation from each data provider that the data provider will provide the private data only in accordance stated permissible uses; and
      
      receiving a legal representation from each data buyer that the data buyer will use any received private data only in accordance with stated permissible uses.

21. A computer-implemented method for exchanging private data, comprising the steps of:
- building, by the computer, an encrypted searchable index for each data buyer of a plurality of data buyers based on at least one index of private data for sale provided by one or more of a plurality of data providers,wherein the searchable index for each data buyer is encrypted with an encryption key associated with the respective data buyer;
  
  receiving a query associated with a data buyer of the plurality of data buyers for the private data, the query comprising known parameters associated with the private data;
  
  decrypting the encrypted searchable index associated with the data buyer by a decryption key of the data buyer;
  
  searching, by the computer, the decrypted searchable index to determine that at least one of the data providers maintains the requested private data;
  
  responsive to determining that at least one of the data providers maintains the requested private data, generating another encryption key and another decryption key;
  
  transmitting, by the computer, the other encryption key to the respective data provider that maintains the private data and the other decryption key to the data buyer for direct and anonymous exchange of the private data between the data buyer and the respective data provider by use of an anonymous remailer.
- View Dependent Claims (22, 23)
- - 22. The computer-implemented method recited by claim 21, further comprising:
    - receiving registration form data entered by each of the data providers and the data buyers via an on-line registration form;
      
      validating the registration form data; and
      
      registering the data providers and data buyers based on an outcome of the validating.
  - 23. The computer-implemented method recited by claim 22, wherein the registering comprises:
    - receiving a legal representation from each data provider that the data provider will provide the private data only in accordance stated permissible uses; and
      
      receiving a legal representation from each data buyer that the data buyer will use any received private data only in accordance with stated permissible uses.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Jason S. Williams
Original Assignee
Jason S. Williams
Inventors
Williams, Jason S.

Application Number

US14/053,068
Publication Number

US 20140108258A1
Time in Patent Office

Days
Field of Search
US Class Current

705/51
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06Q 30/02   Marketing; Price estimation...

G06Q 30/0601   Electronic shopping [e-shop...

H04L 2209/42   Anonymization, e.g. involvi...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/04   for providing a confidentia...

H04L 9/30   Public key, i.e. encryption...

SYSTEM AND METHOD FOR AN ANONYMOUS EXCHANGE OF PRIVATE DATA

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

40 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR AN ANONYMOUS EXCHANGE OF PRIVATE DATA

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links