Monitoring and managing user privacy levels

US 9,692,777 B2
Filed: 10/20/2014
Issued: 06/27/2017
Est. Priority Date: 03/12/2012
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

at least one processor;

at least one memory comprising computer-readable instructions stored thereon that when executed by at least one processor, perform operations via a computerized privacy monitoring module, with the operations comprising;

receiving data intended for disclosure by a user of a device to an entity;

determining, prior to the data being disclosed to the entity, that the data intended for disclosure has not been previously disclosed to the entity;

providing a notification to the device that the data has not previously been disclosed to the entity; and

initiating a private browsing mode for the device based on the data intended for disclosure.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various embodiments pertain to techniques for measuring a user'"'"'s privacy level as a user interacts with various web services. In various embodiments, entities with which the user interacts are detected and sensitive information shared by the user is logged to determine what a given entity knows about the user. In some embodiments, sensitive information that is shared by a user can be processed using a predictive algorithm to ascertain a user'"'"'s level of privacy. When a user'"'"'s identity is predicted by the algorithm, a user can be alerted to the loss of anonymity. In various embodiments, user-defined areas of anonymity can be used to measure a user'"'"'s definition of privacy. In some embodiments, alerts can also be provided to the user when a new, previously undisclosed, piece of information is shared by the user.

Citations

37 Claims

1. A system comprising:
- at least one processor;
  
  at least one memory comprising computer-readable instructions stored thereon that when executed by at least one processor, perform operations via a computerized privacy monitoring module, with the operations comprising;
  
  receiving data intended for disclosure by a user of a device to an entity;
  
  determining, prior to the data being disclosed to the entity, that the data intended for disclosure has not been previously disclosed to the entity;
  
  providing a notification to the device that the data has not previously been disclosed to the entity; and
  
  initiating a private browsing mode for the device based on the data intended for disclosure.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The system of claim 1, wherein the operations further comprise determining that the data intended for disclosure has not been previously disclosed to the entity based on a comparison of the data intended for disclosure with data previously disclosed to the entity.
  - 3. The system of claim 1, wherein the operations further comprise determining whether an identity of the user can be determined by the entity from the data intended for disclosure, and wherein the notification indicates that the identity of the user can be determined by the entity if the data intended for disclosure is disclosed to the entity.
  - 4. The system of claim 3, wherein the operations further comprise determining that the identity of the user can be determined by the entity based on the data intended for disclosure and data previously disclosed to the entity.
  - 5. The system of claim 3, wherein the operations further comprise determining whether the identity of the user can be determined by the entity by:
    - entering at least a portion of the data intended for disclosure into an algorithm; and
      
      determining that the identity of the user can be determined by the entity if the identity of the user is determined by the algorithm.
  - 6. The system of claim 1, wherein the operations comprise the notification causing the device to request that the user confirm disclosure of the data intended for disclosure to the entity.
  - 7. The system of claim 6, wherein the operations comprise disclosing, via the device, the data to the entity responsive to receiving a confirmation to disclose the data to the entity.
  - 8. The system of claim 1, wherein the providing of the notification comprises causing the device to display a prompt that includes an option to determine information that the entity could learn about the user if the data intended for disclosure is disclosed to the entity.
  - 9. The system of claim 8, wherein responsive to selection of the option, the operations further comprise:
    - determining information that the entity could learn about the user if the data intended for disclosure is disclosed to the entity; and
      
      providing the information to the device, with the providing of the information to the device enabling the device to display the information that the entity could learn about the user if the data intended for disclosure is disclosed to the entity.
  - 10. The system of claim 1, wherein the operations further comprise determining whether an identity of the user can be determined by the entity from the data intended for disclosure by:
    - entering at least a portion of the data intended for disclosure into an algorithm for finding data in a data index; and
      
      determining, based on the data index, that the identity of the user can be determined by the entity from the data intended for disclosure.
  - 11. The system of claim 10, wherein the determining that the identity of the user can be determined by the entity is performed responsive to:
    - a name of the user being returned as a top result in the data index;
      
      the name of the user being returned on a first page of results in the data index;
      
      identifying information unique to the user being returned as a top result in the data index;
      
      oridentifying information unique to the user being returned on a first page of results in the data index.
  - 12. The system of claim 11, wherein the determining that the identity of the user can be determined by the entity is performed responsive to a name of the user being returned as a top result in the data index.
  - 13. The system of claim 11, wherein the determining that the identity of the user can be determined by the entity is performed responsive to the name of the user being returned on a first page of results in the data index.
  - 14. The system of claim 11, wherein the determining that the identity of the user can be determined by the entity is performed responsive to identifying information unique to the user being returned as a top result in the data index.
  - 15. The system of claim 11, wherein the determining that the identity of the user can be determined by the entity is performed responsive to identifying information unique to the user being returned on a first page of results in the data index.
  - 16. The system of claim 1, wherein the privacy monitoring module is implemented at the device.
  - 17. The system of claim 1, wherein the privacy monitoring module is implemented remote from the device, and wherein the operations comprise the privacy monitoring module receiving the data intended for disclosure from the device over a communication network.
  - 18. The system of claim 1, wherein the data intended for disclosure comprises one or more of:
    - data to be transmitted as part of a user query;
      
      data input into a web page;
      
      data extracted from HTML, script, or other code of a web page;
      
      data regarding a called web page;
      
      data regarding an IP address from which a request for a web page was transmitted;
      
      user login credential information;
      
      information regarding the user'"'"'s previous request for a web page;
      
      ordata regarding time spent viewing a web page.

19. A computer-implemented method comprising:
- receiving data intended for disclosure by a user of a device to an entity;
  
  determining, prior to the data being disclosed to the entity, that the data intended for disclosure has not been previously disclosed to the entity;
  
  providing a notification to the device that the data has not previously been disclosed to the entity; and
  
  initiating a private browsing mode for the device based on the data intended for disclosure.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 20. The method of claim 19, further comprising determining that the data intended for disclosure has not been previously disclosed to the entity based on a comparison of the data intended for disclosure with data previously disclosed to the entity.
  - 21. The method of claim 19, further comprising determining whether an identity of the user can be determined by the entity from the data intended for disclosure, and wherein the notification indicates that the identity of the user can be determined by the entity if the data intended for disclosure is disclosed to the entity.
  - 22. The method of claim 21, further comprising determining that the identity of the user can be determined by the entity based on the data intended for disclosure and data previously disclosed to the entity.
  - 23. The method of claim 21, further comprising determining whether the identity of the user can be determined by the entity by:
    - entering at least a portion of the data intended for disclosure into an algorithm; and
      
      determining that the identity of the user can be determined by the entity if the identity of the user is determined by the algorithm.
  - 24. The method of claim 19, further comprising the notification causing the device to request that the user confirm disclosure of the data intended for disclosure to the entity.
  - 25. The method of claim 24, comprising disclosing, via the device the data to the entity responsive to receiving a confirmation to disclose the data to the entity.
  - 26. The method of claim 19, wherein the providing of the notification comprises causing the device to display a prompt that includes an option to determine information that the entity could learn about the user if the data intended for disclosure is disclosed to the entity.
  - 27. The method of claim 26, wherein responsive to selection of the option, the method further comprises:
    - determining information that the entity could learn about the user if the data intended for disclosure is disclosed to the entity; and
      
      providing the information to the device, with the providing of the information to the device enabling the device to display the information that the entity could learn about the user if the data intended for disclosure is disclosed to the entity.
  - 28. The method of claim 19, wherein the method further comprises determining whether an identity of the user can be determined by the entity from the data intended for disclosure by:
    - entering at least a portion of the data intended for disclosure into an algorithm for finding data in a data index; and
      
      determining, based on the data index, that the identity of the user can be determined by the entity from the data intended for disclosure.
  - 29. The method of claim 28, wherein the determining that the identity of the user can be determined by the entity is performed responsive to:
    - a name of the user being returned as a top result in the data index;
      
      the name of the user being returned on a first page of results in the data index;
      
      identifying information unique to the user being returned as a top result in the data index;
      
      oridentifying information unique to the user being returned on a first page of results in the data index.
  - 30. The method of claim 29, wherein the determining that the identity of the user can be determined by the entity is performed responsive to a name of the user being returned as a top result in the data index.
  - 31. The method of claim 29, wherein the determining that the identity of the user can be determined by the entity is performed responsive to the name of the user being returned on a first page of results in the data index.
  - 32. The method of claim 29, wherein the determining that the identity of the user can be determined by the entity is performed responsive to identifying information unique to the user being returned as a top result in the data index.
  - 33. The method of claim 29, wherein the determining that the identity of the user can be determined by the entity is performed responsive to identifying information unique to the user being returned on a first page of results in the data index.
  - 34. The method of claim 19, wherein the method is performed via a privacy monitoring module that is implemented at the device.
  - 35. The method of claim 19, wherein the method is performed via a privacy monitoring module that is implemented remote from the device, and wherein the method comprises the privacy monitoring module receiving the data intended for disclosure from the device over a communication network.
  - 36. The method of claim 19, wherein the data intended for disclosure comprises one or more of:
    - data to be transmitted as part of a user query;
      
      data input into a web page;
      
      data extracted from HTML, script, or other code of a web page;
      
      data regarding a called web page;
      
      data regarding an IP address from which a request for a web page was transmitted;
      
      user login credential information;
      
      information regarding the user'"'"'s previous request for a web page;
      
      ordata regarding time spent viewing a web page.

37. One or more computer-readable memory having computer-executable instructions embodied thereon that, when executed by at least one processor, cause at least one processor to perform acts comprising:
- receiving data intended for disclosure by a user of a device to an entity;
  
  determining, prior to the data being disclosed to the entity, that the data intended for disclosure has not been previously disclosed to the entity;
  
  providing a notification to the device that the data has not previously been disclosed to the entity; and
  
  initiating a private browsing mode for the device based on the data intended for disclosure.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Li, Ying, Gjonej, Gerard
Primary Examiner(s)
CERVETTI, DAVID GARCIA

Application Number

US14/518,955
Publication Number

US 20150143531A1
Time in Patent Office

981 Days
Field of Search

726 1, 726 3, 726 13, 726 9, 726 14, 726 23, 726 26
US Class Current
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G06F 21/6254   by anonymising data, e.g. d...

G06F 21/6263   during internet communicati...

H04L 63/1408   by monitoring network traff...

H04L 63/1433   Vulnerability analysis

H04L 67/02   based on web technology, e....

H04L 67/535   Tracking the activity of th...

Monitoring and managing user privacy levels

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

37 Claims

Specification

Solutions

Use Cases

Quick Links

Monitoring and managing user privacy levels

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

37 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links