Privacy management for tracked devices
First Claim
1. A method performed by a user computing device to enable data created on the user computer device (“
- created data”
) to be stored on a remote storage system with protection of user privacy, the method comprising;
receiving, over a network, a conditional data encryption rule that specifies criteria for the user computing device to selectively encrypt the created data with a private key of a user of the device before transmitting the created data to the remote storage system, said criteria including time-based criteria to determine which elements of the created data are to be selectively encrypted based at least in part on whether each element was created during employment work hours of a user, wherein the time-based criteria include an employment work schedule of the user;
storing the conditional data encryption rule in a memory of the user computing device;
during both employment work hours and non-work hours of the user, sending the created data to the remote storage system according to the conditional data encryption rule, wherein sending the created data comprises;
identifying a set of created data to send to the remote storage system;
determining, based at least partly on whether the set of created data was created during employment work hours associated with the user, as determined using the time-based criteria, whether to encrypt the set of created data with the private key;
when a determination is made based at least in part on the time-based criteria to encrypt the set of created data with the private key, encrypting the set of created data with the private key to generate privacy-protected data, and transmitting the privacy-protected data via a network to the remote storage system; and
when a determination is made based at least in part on the time-based criteria not to encrypt the set of created data with the private key, transmitting the set of created data via the network to the remote storage system without first encrypting the set of created data with the private key;
wherein the method is performed under the control of program code executed by the user computing device.
1 Assignment
0 Petitions
Accused Products
Abstract
A system is disclosed that protects private data of users while permitting the monitoring or tracking of electronic devices that are shared for both business and private purposes. The electronic devices may be configured to selectively encrypt location data, and/or other types of data, before such data is transmitted to a monitoring center. For example, data collected or generated on a user device outside of work hours may be encrypted with a private key of the device'"'"'s user prior to transmission to the monitoring center, so that the data is not accessible to the employer. Data collected or generated during work hours may be transmitted without such encryption.
-
Citations
16 Claims
-
1. A method performed by a user computing device to enable data created on the user computer device (“
- created data”
) to be stored on a remote storage system with protection of user privacy, the method comprising;receiving, over a network, a conditional data encryption rule that specifies criteria for the user computing device to selectively encrypt the created data with a private key of a user of the device before transmitting the created data to the remote storage system, said criteria including time-based criteria to determine which elements of the created data are to be selectively encrypted based at least in part on whether each element was created during employment work hours of a user, wherein the time-based criteria include an employment work schedule of the user; storing the conditional data encryption rule in a memory of the user computing device; during both employment work hours and non-work hours of the user, sending the created data to the remote storage system according to the conditional data encryption rule, wherein sending the created data comprises; identifying a set of created data to send to the remote storage system; determining, based at least partly on whether the set of created data was created during employment work hours associated with the user, as determined using the time-based criteria, whether to encrypt the set of created data with the private key; when a determination is made based at least in part on the time-based criteria to encrypt the set of created data with the private key, encrypting the set of created data with the private key to generate privacy-protected data, and transmitting the privacy-protected data via a network to the remote storage system; and when a determination is made based at least in part on the time-based criteria not to encrypt the set of created data with the private key, transmitting the set of created data via the network to the remote storage system without first encrypting the set of created data with the private key; wherein the method is performed under the control of program code executed by the user computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- created data”
-
13. A non-transitory computer readable medium which stores program code that instructs a user computing device to perform a method that comprises:
-
receiving over a network a conditional data encryption rule that specifies criteria for the user computing device to determine whether to encrypt data created on the device with a private key of a user of the device before transmitting said data to a remote storage system, said criteria including time-based criteria to determine which elements of the created data are to be selectively encrypted based at least in part on creation times of the elements and an employment work schedule of the user with an employer; storing the conditional data encryption rule in a memory of the user computing device; during both employment work hours and non-work hours of the user, sending the data to the remote storage system according to the conditional data encryption rule, wherein sending the data comprises; identifying a set of data to send to the remote storage system, said set of data created on the user computing device; determining, based at least partly on a schedule of work hours associated with the employer, as determined using the time-based criteria, whether the set of data is associated with an employment use of the user computing device; when a determination is made based at least in part on the time-based criteria that the set of data is not associated with an employment use of the device, encrypting the set of data with the private key of the user to generate privacy-protected data, and transmitting the privacy-protected data via a network to the remote storage system; and when a determination is made based at least in part on the time-based criteria that the set of data is associated with an employment use of the device, transmitting the set of data via the network to the remote storage system without first encrypting the set of data with the private key. - View Dependent Claims (14, 15, 16)
-
Specification