Private Data Sharing System

IP Verse

Patent No. US11637802 (titled "Private Data Sharing System") was filed by Brian Moffat Private Data Llc on Sep 23, 2021.

’802 is related to the field of secure data sharing systems , particularly those designed to protect user privacy in online social networks and other data sharing platforms. Traditional data sharing systems often allow the hosting service to access and exploit user data, raising privacy concerns. The patent addresses the need for a system where users have greater control over who can access their information.

The underlying idea behind ’802 is to ensure that user data is stored and transmitted in an encrypted form such that only the user and their designated contacts can decrypt and view it. This is achieved by having the encryption and decryption keys reside solely with the users and their contacts, preventing the hosting service from accessing the unencrypted data. The system facilitates the secure exchange of decryption keys between users, ensuring that only authorized parties can access the information.

The claims of ’802 focus on a method for data exchange involving a third-party server and multiple personal computing devices. The method involves creating an original data file, generating encryption and decryption keys, encrypting the data file, encrypting the decryption key separately for each recipient using their unique encryption keys, transmitting all encrypted components to the third-party server, and then forwarding the appropriate encrypted components to each recipient. The key aspect is that the third-party server never has access to the original data file or the decryption key .

In practice, the invention allows a user to create a document, photo, or video and share it with specific individuals without the risk of the hosting service or unauthorized parties accessing the content. The user's device encrypts the data and the decryption key is separately encrypted for each recipient. This ensures that even if the third-party server is compromised, the data remains secure because the server lacks the necessary keys to decrypt it. The recipients then use their own private keys to unlock the decryption key and access the original data.

This approach differs significantly from prior solutions where the hosting service often holds the decryption keys or has the ability to access user data. By distributing the decryption keys solely to the intended recipients, ’802 provides a higher level of privacy and security . This makes it more difficult for the hosting service to exploit user data or for hackers to gain unauthorized access, as they would need to compromise each individual user's device to obtain the necessary decryption keys.

How does this patent fit in bigger picture?

Technical landscape at the time

In the early 2010s when ’802 was filed, at a time when online social networks were becoming increasingly popular, systems commonly relied on centralized servers for data storage and transmission. At a time when X was typically implemented using Y, security and privacy concerns were growing, and hardware or software constraints made B non-trivial, especially regarding user control over data encryption and decryption.

Novelty and Inventive Step

The examiner approved the application because the allowable claims (156-161) are patentable over the prior art. The prior art of record fails to teach or render obvious the limitations recited in each of independent claim 156 and its associated dependent claims.

Claims

This patent contains 6 claims, with claim 1 being independent. Independent claim 1 is directed to a method for data exchange between personal computing devices using a third-party server for storage and transmission, with encryption and decryption modules on each device. The dependent claims elaborate on aspects of the method described in claim 1, such as key generation and disabling decryption keys.

Key Claim Terms New

Definitions of key terms used in the patent claims.

Term (Source)	Support for Specification	Interpretation
Encrypted original data file (Claim 1)	“In this new type of DSS, a user's information is stored and transmitted (with only a few exceptions) in an obfuscated (e.g. an encrypted) form. And, the only means (e.g. decryption key) with which the encrypted data can be de-obfuscated (e.g. decrypted), and thus viewed, is always in the sole possession of the user and the user's contacts.”	The original data file after it has been encrypted using the file encryption key.
Encryption/decryption module (Claim 1)	“One embodiment of the private DSS architecture taught herein has two primary components: (1) a client program or set of programs which operate on each user's computing device, and (2) a set of computers, servers, and/or programs which constitute the “server” of the DSS.”	A module on each personal computing device that generates encryption and decryption keys and performs encryption and decryption of data files.
File decryption key (Claim 1)	“When the context in which a key is referred to involves data obfuscation and/or encryption, it will be referred to as an “encryption” key. However, then the context in which a key is referred to involves data de-obfuscation and/or decryption, then it will be referred to as a “decryption” key.”	A key associated with the original data file, used to decrypt the encrypted original data file.
File encryption key (Claim 1)	“In an embodiment, the portion of the private DSS which operates locally, on a user's computing device, will henceforth be referred to as the “DSS client.” Following a successful system log in (achieved through the submission of a valid username and password) the DSS client is responsible for receiving from a user that user's primary encryption key (or passphrase).”	A key used to encrypt the original data file, generated by the encryption/decryption module.
Third party data sharing server (Claim 1)	“In an embodiment, the “DSS server” is that set of computers, servers, and/or programs which form the server of the DSS. In an embodiment, the DSS server is responsible for validating the login usernames and passwords of users. It is responsible for processing the encrypted user data, e.g. storage, transmission, etc. It is responsible for exchanging encrypted user decryption keys between users when those users elect to become contacts and share data.”	A server that receives, stores, and transmits data between personal computing devices, but does not have access to the original data file or the key to decrypt it.

Litigation Cases New

US Latest litigation cases involving this patent.

Case Number	Filing Date	Title
2:25-cv-00316	Mar 28, 2025	Brian Moffat Private Data LLC v. Tresorit AG

Patent Family

File Wrapper

The dossier documents provide a comprehensive record of the patent's prosecution history - including filings, correspondence, and decisions made by patent offices - and are crucial for understanding the patent's legal journey and any challenges it may have faced during examination.

Date
Description

Get instant alerts for new documents

Apr 27, 2023
Miscellaneous Communication to Applicant - No Action Count
Apr 25, 2023
Digitally signed official patent eGrant document
Apr 5, 2023
Issue Notification
Mar 14, 2023
Issue Fee Payment (PTO-85B)
Mar 14, 2023
Fee Worksheet (SB06)
Mar 14, 2023
Electronic Filing System Acknowledgment Receipt
Dec 20, 2022
Notice of Allowance and Fees Due (PTOL-85)
Dec 20, 2022
List of references cited by examiner
Dec 20, 2022
Search information including classification, databases and other search related notes
Dec 20, 2022
Issue Information including classification, examiner, name, claim, renumbering, etc.
Dec 20, 2022
Examiner's search strategy and results
Dec 20, 2022
Bibliographic Data Sheet
Oct 21, 2022
Amendment/Request for Reconsideration-After Non-Final Rejection
Oct 21, 2022
Claims
Oct 21, 2022
Applicant Arguments/Remarks Made in an Amendment
Oct 21, 2022
Electronic Filing System Acknowledgment Receipt
Oct 21, 2022
Terminal Disclaimer-Filed (Electronic)
Oct 21, 2022
Fee Worksheet (SB06)
Oct 21, 2022
Terminal Disclaimer-Electronic-Approved
Oct 21, 2022
Electronic Filing System Acknowledgment Receipt
Oct 21, 2022
Fee Worksheet (SB06)
Oct 5, 2022
Non-Final Rejection
Oct 5, 2022
List of references cited by examiner
Oct 5, 2022
Search information including classification, databases and other search related notes
Oct 5, 2022
Index of Claims
Oct 5, 2022
Examiner's search strategy and results
Jan 20, 2022
Notice of Publication
Oct 12, 2021
Fee Worksheet (SB06)
Oct 12, 2021
Filing Receipt
Oct 6, 2021
Applicant Response to Pre-Exam Formalities Notice
Oct 6, 2021
Fee Worksheet (SB06)
Oct 6, 2021
Electronic Filing System Acknowledgment Receipt
Oct 6, 2021
Filing Receipt
Oct 6, 2021
Fee Worksheet (SB06)
Oct 6, 2021
Notice to File Missing Parts
Sep 24, 2021
Power of Attorney
Sep 24, 2021
Fee Worksheet (SB06)
Sep 24, 2021
Electronic Filing System Acknowledgment Receipt
Sep 24, 2021
Application Data Sheet
Sep 24, 2021
Preliminary Amendment
Sep 24, 2021
Specification
Sep 24, 2021
Claims
Sep 24, 2021
Applicant Arguments/Remarks Made in an Amendment
Sep 24, 2021
Specification
Sep 24, 2021
Claims
Sep 24, 2021
Abstract
Sep 24, 2021
Drawings-only black and white line drawings
Sep 24, 2021
Oath or Declaration filed

US11637802

BRIAN MOFFAT PRIVATE DATA LLC

Application Number: US17483683
Filing Date: Sep 23, 2021
Status: Granted
Expiry Date: Oct 7, 2031
External Links: Slate, USPTO, Google Patents