Preserving individual information privacy by providing anonymized customer data
First Claim
1. A method of preserving individual information privacy for each of a plurality of customers while providing aggregated information about the plurality of customers, the method comprising:
- storing static customer data and dynamic customer data of the plurality of customers in one or more dynamically encrypted databases that restrict access by any personnel to directly retrieve static customer data and dynamic customer data of one of the plurality of customers, the dynamic customer data including navigational operations and characteristics of the navigational operations performed by each of the plurality of customers via interaction with one or more websites where at least some static customer data is aggregated; and
restricting shared access to the static customer data and the dynamic customer data to a set of approved privacy-preserving queries, including a privacy-preserving aggregation query that uses one or more parameters to indicate a characteristic of interest for which aggregation of the static customer data and the dynamic customer data is requested, the privacy-preserving aggregation query configured to retrieve aggregated customer data related to the characteristic of interest, the aggregated customer data not including any personally identifiable information of any particular one of the plurality of customers.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of preserving individual information privacy for each of a plurality of customers while providing aggregated information about the plurality of customers includes storing static customer data and dynamic customer data of the plurality of customers in a protected database. The method includes restricting shared access to the static customer data and the dynamic customer data to a set of approved privacy-preserving queries. The privacy preserving queries include a privacy-preserving aggregation query that uses one or more parameters to indicate a characteristic of interest for which aggregation of the static customer data and the dynamic customer data is requested. The privacy-preserving aggregation query may be configured to retrieve aggregated customer data related to the characteristic of interest. The aggregated customer data may be returned in response to the privacy-preserving aggregation query not including any personally identifiable information of any particular one of the plurality of customers.
-
Citations
20 Claims
-
1. A method of preserving individual information privacy for each of a plurality of customers while providing aggregated information about the plurality of customers, the method comprising:
-
storing static customer data and dynamic customer data of the plurality of customers in one or more dynamically encrypted databases that restrict access by any personnel to directly retrieve static customer data and dynamic customer data of one of the plurality of customers, the dynamic customer data including navigational operations and characteristics of the navigational operations performed by each of the plurality of customers via interaction with one or more websites where at least some static customer data is aggregated; and restricting shared access to the static customer data and the dynamic customer data to a set of approved privacy-preserving queries, including a privacy-preserving aggregation query that uses one or more parameters to indicate a characteristic of interest for which aggregation of the static customer data and the dynamic customer data is requested, the privacy-preserving aggregation query configured to retrieve aggregated customer data related to the characteristic of interest, the aggregated customer data not including any personally identifiable information of any particular one of the plurality of customers. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of preserving individual information privacy for each of a plurality of customers while providing an anonymous customer persona corresponding to the plurality of customers, the method comprising:
-
storing static customer data and dynamic customer data of the plurality of customers in one or more dynamically encrypted databases that restrict access by any personnel to directly retrieve static customer data and dynamic customer data of one of the plurality of customers, the dynamic customer data including navigational operations and characteristics of the navigational operations performed by each of the plurality of customers via interaction with one or more websites where at least some static customer data is aggregated; restricting shared access to the static customer data and the dynamic customer data to a set of approved privacy-preserving queries, including a privacy-preserving, anonymous-persona query that uses a parameter to indicate a primary characteristic of interest, the privacy-preserving, anonymous-persona query configured to inject noise into returned customer data; performing statistical analysis on results returned from the privacy-preserving, anonymous-persona query to determine statistically significant correlations between the primary characteristic of interest and one or more secondary characteristics; and generating an anonymous customer persona including the primary characteristic of interest and the one or more statistically significant secondary characteristics. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method of preserving individual information privacy for each of a plurality of customers while providing an anonymous customer persona corresponding to the plurality of customers, the method comprising:
-
storing static customer data and dynamic customer data of the plurality of customers in one or more dynamically encrypted databases that restrict access by any personnel to directly retrieve static customer data and dynamic customer data of one of the plurality of customers, the dynamic customer data including navigational operations and characteristics of the navigational operations performed by each of the plurality of customers via interaction with one or more websites where at least some static customer data is aggregated; restricting shared access to the static customer data and the dynamic customer data to a set of approved privacy-preserving queries, including a privacy-preserving, anonymous-persona query configured to inject noise into returned customer data; generating an anonymous customer persona having one or more characteristics of interest based on analyzed results returned from the privacy-preserving, anonymous-persona query, the anonymous customer persona not including any personally identifiable information of any particular one of the plurality of customers.
-
Specification