Threat modeling and analysis
US-9602529-B2 · Mar 21, 2017 · US
Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US9729583B1 · US · B1
| Field | Value |
|---|---|
| Publication number | US-9729583-B1 |
| Application number | US-201615254901-A |
| Country | US |
| Kind code | B1 |
| Filing date | Sep 1, 2016 |
| Priority date | Jun 10, 2016 |
| Publication date | Aug 8, 2017 |
| Grant date | Aug 8, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Data processing systems and methods, according to various embodiments, perform privacy assessments and monitor new versions of computer code for updated features and conditions that relate to compliance with privacy standards. The systems and methods may obtain a copy of computer code (e.g., a software application or a website) that collects and/or uses personal data, and then automatically analyzes the computer code to identify one or more privacy-related attributes that may impact privacy assessment standards. In various embodiments, the system is adapted to monitor one or more locations (e.g., an online software application marketplace, and/or a specified website) to determine whether the application or website has changed. The system may, after analyzing the computer code, display the privacy-related attributes, collect information regarding the attributes, and automatically notify one or more designated individuals (e.g., privacy office representatives) regarding the attributes and information collected.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer system for electronically performing one or more privacy assessments of computer code, the computer system comprising: at least one processor; and memory; wherein the computer system is configured for: displaying an instruction for a particular user to provide a location of the computer code; electronically obtaining the computer code based on the location provided by the particular user; automatically electronically analyzing the computer code to determine one or more privacy-related attributes of the computer code, each of the privacy-related attributes indicating one or more types of personal information that the computer code collects or accesses; and in response to determining that the computer code has a particular one of the one or more privacy-related attributes: (A) executing the steps of: (i) electronically displaying one or more prompts to a first individual requesting that the first individual input information regarding the particular privacy-related attribute; (ii) receiving input information from the first individual regarding the particular privacy-related attribute; and (iii) communicating the information regarding the particular privacy-related attribute to one or more second individuals for use in conducting a privacy assessment of the computer code; (B) changing an indicator associated with the code to indicate that, before the code is launched, the particular attribute should be reviewed by one or more designated individuals; and (C) changing an indicator associated with the code to indicate that, before the code is launched, the code should be modified to not include the particular attribute. 2. The computer system of claim 1 , wherein a particular one of the one or more privacy-related related attributes is that the computer code collects information regarding the location of users of the computer code. 3. The computer system of claim 1 , wherein a particular one of the one or more privacy-related related attributes is that the computer code collects information regarding the web browsing habits of users of the computer code. 4. The computer system of claim 1 , wherein the particular user and the first individual are the same person. 5. The computer system of claim 4 , wherein the first individual is a software developer and the one or more second individuals is a privacy officer. 6. The computer system of claim 1 , wherein the computer code is code associated with a website, and the location is a URL of the website. 7. The computer system of claim 1 , wherein the computer code is a software application and the location indicates where the software application is stored in computer memory. 8. The computer system of claim 1 , wherein at least one of the one or more prompts asks the first individual the reason for including at least one of the one or more privacy-related attributes of the code. 9. The computer system of claim 1 , wherein at least one of the one or more prompts asks whether at least one of the one or more privacy-related attributes of the code could be omitted. 10. A computer-implemented data processing method for electronically performing one or more privacy assessments of computer code, the method comprising: displaying, on a graphical user interface, an instruction for a particular individual to provide the location of computer code; electronically obtaining the computer code based on the location provided by the particular individual; automatically electronically analyzing the computer code to determine whether the computer code has any one of a specified plurality of privacy-related attributes; and in response to determining that the computer code has a particular one of the plurality of privacy-related attributes: (A) executing the steps of: (i) electronically displaying one or more prompts to a user requesting that the user input information regarding the particular privacy-related attribute; (ii) receiving input information from the user regarding the particular privacy-related attribute; and (iii) communicating the input information to a second user for use in a privacy assessment of the computer code; (B) changing an indicator associated with the code to indicate that, before the code is launched, the attribute should be reviewed by one or more designated individuals; and (C) changing an indicator associated with the code to indicate that, before the code is launched, the code should be modified to not include the attribute. 11. The computer-implemented data processing method of claim 10 , further comprising, in response to determining that the computer code does not have any one of the specified plurality of privacy-related attributes, communicating this fact to a user for use in the context of a privacy assessment of the computer code. 12. The computer-implemented data processing method of claim 10 , wherein at least one of the specified plurality of privacy-related attributes is that the computer code collects sensitive personal information from users of the computer code. 13. The computer-implemented data processing method of claim 10 , wherein at least one of the specified plurality of privacy-related attributes is that the computer code collects information regarding the web browsing habits of users of the computer code. 14. The computer-implemented data processing method of claim 10 , wherein the particular user and the first individual are the same person. 15. The computer-implemented data processing method of claim 10 , wherein the first individual is a software developer and the one or more second individuals is a privacy officer. 16. The computer-implemented data processing method of claim 10 , wherein the computer code is code associated with a website, and the location is a URL of the website. 17. The computer-implemented data processing method of claim 10 , wherein the computer code is a software application and the location indicates where the software application is stored in computer memory. 18. The computer-implemented data processing method of claim 10 , wherein at least one of the one or more prompts asks the first individual the reason for including at least one of the one or more privacy-related attributes of the code. 19. The computer-implemented data processing method of claim 10 , wherein at least one of the one or more prompts asks whether at least one of the one or more privacy-related attributes of the code could be omitted.
Assignees
Inventors
Classifications
- H04L63/20Primary
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling · CPC title
for providing a confidential data exchange among entities communicating through data packet networks · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9729583B1 cover?
- Data processing systems and methods, according to various embodiments, perform privacy assessments and monitor new versions of computer code for updated features and conditions that relate to compliance with privacy standards. The systems and methods may obtain a copy of computer code (e.g., a software application or a website) that collects and/or uses personal data, and then automatically ana…
- Who is the assignee on this patent?
- Onetrust Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/20. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Aug 08 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 9 related publications on this page (citations in our corpus or others sharing the same primary CPC).