Method and apparatus for managing and enforcing user privacy

US 7,340,438 B2
Filed: 05/21/2001
Issued: 03/04/2008
Est. Priority Date: 05/21/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method of managing user privacy of a user operating a user device in a network environment, comprising:

communicating with a party via the user device across the network environment;

determining a context for interaction between the user via the user device and the party;

filtering user data to be provided to the party based on the determined context; and

transmitting the filtered user data to the party,wherein the context is automatically determined based upon an environment of the user device and the transmitting transmits the filtered user data from the user device to the party,wherein the context is determined based on information received from one or more sensors, and the one or more sensors are selected from the group consisting of positioning sensor, touch sensor, audio sensor, compass sensor, ambient light sensor, ambient temperature sensor or three-axis acceleration sensor.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method manages and enforces user privacy of user data in a network environment in various manners. The system and method can determine a context for interaction with a party, filter user data to be provided to the party based on the determined context, and transmit the filtered user data to the party. The system and method can further determine an anonymity level at which interaction with the party is to be conducted, and interact with the party at the determined anonymity level. Additionally, to enforce user privacy, a privacy enforcement system can be employed at the receiving party and a trusted supervising authority can be utilized to supervise the access of user data received by the receiving party as well as to provide third party certification.

292 Citations

31 Claims

1. A method of managing user privacy of a user operating a user device in a network environment, comprising:
- communicating with a party via the user device across the network environment;
  
  determining a context for interaction between the user via the user device and the party;
  
  filtering user data to be provided to the party based on the determined context; and
  
  transmitting the filtered user data to the party,wherein the context is automatically determined based upon an environment of the user device and the transmitting transmits the filtered user data from the user device to the party,wherein the context is determined based on information received from one or more sensors, and the one or more sensors are selected from the group consisting of positioning sensor, touch sensor, audio sensor, compass sensor, ambient light sensor, ambient temperature sensor or three-axis acceleration sensor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 2. The method according to claim 1, wherein the user data comprises personal assets of the user.
  - 3. The method according to claim 1, wherein the user device is a wireless device.
  - 4. The method according to claim 1, wherein the context is determined based on a pattern of prior actions by the user.
  - 5. The method according to claim 4, wherein the pattern comprises one of transactional history, habit, predisposition and profile of the user.
  - 6. The method according to claim 1, wherein the context is based on information provided by the party.
  - 7. The method according to claim 6, wherein the information provided by the party includes one of a service category, a service description, a requested viewpoint and an identity of the party.
  - 8. The method according to claim 1, wherein the context is determined based on information provided by a context beacon in a vicinity of the user.
  - 9. The method according to claim 1, wherein the context is determined based on an agreement between the user and the party.
  - 10. The method according to claim 9, wherein the agreement defines a subset of user data to be provided to the party.
  - 11. The method according to claim 9, further comprising:
    - maintaining context definitions comprising standard context definitions and customized context definitions, the customized context definitions defining one or more privacy level agreements between the user and one or more parties,wherein the determining a context operation further includes;
      
      determining whether a privacy level agreement exists between the user and the party, anddetermining a context from the context definitions based on whether a privacy level agreement exists.
  - 12. The method according to claim 1, wherein the filtering of user data further comprises predefining contexts which are associated with one or more predefined subsets of the user data.
  - 13. The method according to claim 1, further comprising:
    - determining an anonymity level at which interaction with the party is to be conducted; and
      
      interacting with the party at the determined anonymity level.
  - 14. The method according to claim 13, wherein the anonymity level is selected from one of Anonymous, Pseudonymous, Anonymous transaction and Authenticated.
  - 15. The method according to claim 1, further comprising:
    - authenticating whether the party is under supervision by a trusted supervising authority, the supervising authority supervising enforcement of access rights to user data received by the party; and
      
      providing user information to the party if the party is authenticated as being one under the supervision of the supervising authority.
  - 16. The method according to claim 15, wherein the authenticating comprises:
    - receiving a privacy enforcement certificate associated with the supervising authority from the party; and
      
      verifying the authenticity of the privacy enforcement certificate.
  - 17. The method according to claim 1, wherein rights management rules defining access rights by the party are associated with the filtered user data provided to the party.
  - 18. The method according to claim 17, wherein the rights management rules are attached with the filtered user data provided to the party.
  - 19. The method according to claim 17, wherein the rights management rules define access limitations selected from the group consisting of a number of accesses, a time duration or expiration, a particular party and a particular use.
  - 20. The method according to claim 17, wherein the rights management rules define when the filtered user data is to be deleted.
  - 21. The method according to claim 20, wherein the filtered user data provided to the party is to be deleted upon one of a predetermined number of accesses, a predetermined time duration, detection of impermissible use, detection of a violation of rights management rules and de-certification of the party as privacy enforcement certified.
  - 22. The method according to claim 1, further comprising maintaining a log of user data provided to the party.
  - 23. The method according to claim 1, wherein user data has rights management rules associated therewith defining access rights to user data and a supervising authority supervises enforcement of the rights management rules over user data received by the party.
  - 24. The method according to claim 1, wherein the transmitting transmits the filtered user data to the party during interaction between the user via the user device and the party.
  - 25. The method according to claim 1, wherein the context is automatically determined from a plurality of predefined contexts based upon an environment of the user device.

26. A computer-readable medium encoded with processing instructions for implementing a method of managing user privacy of a user operating a user device in a network environment, performed by a computer, the method comprising:
- communicating with a party via the user device across the network environment;
  
  determining a context for interaction between the user via the user device and the party;
  
  filtering user data to be provided to the party based on the determined context; and
  
  transmitting the filtered user data to the party,wherein the context is automatically determined based upon an environment of the user device and the transmitting transmits the filtered user data from the user device to the party,wherein the context is determined based on information received from one or more sensors, and the one or more sensors are selected from the group consisting of positioning sensor, touch sensor, audio sensor, compass sensor, ambient light sensor, ambient temperature sensor or three-axis acceleration sensor.
- View Dependent Claims (27)
- - 27. The computer-readable medium encoded with processing instructions for implementing a method of managing user privacy of a user operating a user device in a network environment, performed by a computer, according to claim 26, wherein the transmitting transmits the filtered user data to the party during interaction between the user via the user device and the party.

28. A method of managing user privacy of a user operating a user device in a network environment, comprising:
- maintaining context definitions comprising standard context definitions and customized context definitions, the customized context definitions defining one or more privacy level agreements between the user and one or more parties;
  
  communicating with a party via the user device across the network environment;
  
  determining whether a privacy level agreement exists between the user and the party;
  
  determining a context from the context definitions based on whether a privacy level agreement exists;
  
  filtering user data to be provided to the part based on the determined context; and
  
  transmitting the filtered user data to the party,wherein the context is determined based on information received from one or more sensors, and the one or more sensors are selected from the group consisting of positioning sensor, touch sensor, audio sensor, compass sensor, ambient light sensor, ambient temperature sensor or three-axis acceleration sensor.
- View Dependent Claims (29, 30)
- - 29. The method according to claim 28, wherein the determining a context operation selects a context from the maintained customized context definitions if a privacy level agreement exists between the user and the party.
  - 30. The method according to claim 28, wherein the determining a context operation selects a context from the maintained standard context definitions if a privacy level agreement exists between the user and the party.

31. A communications device of a user, comprising:
- a communications interface for communicating with a party across a network environment;
  
  a memory; and
  
  a processor that executes instructions stored in the memory for;
  
  determining a context for interaction with the party, the context being automatically determined based upon an environment of the communications device;
  
  filtering user data to be provided to the party based on the determined context; and
  
  transmitting the filtered user data to the party,wherein the context is determined based on information received from one or more sensors, and the one or more sensors are selected from the group consisting of positioning sensor, touch sensor, audio sensor, compass sensor, ambient light sensor, ambient temperature sensor or three-axis acceleration sensor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Nordman, Ian, Alamäki, Tero, Gripenberg, Casper, Gyorbíró, Norbert, Tarkiainen, Mikko, Vänskä, Marko
Primary Examiner(s)
Worjloh; Jalatee

Application Number

US09/860,605
Publication Number

US 20020174073A1
Time in Patent Office

2,479 Days
Field of Search

705 50- 80, 726/30
US Class Current

705/64
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06F 21/6254   by anonymising data, e.g. d...

G06Q 20/382   insuring higher security of...

G06Q 20/383   Anonymous user system

H04L 63/0407   wherein the identity of one...

Method and apparatus for managing and enforcing user privacy

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

292 Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for managing and enforcing user privacy

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

292 Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links