Data processing: database and file management or data structures – Database design – Data structure types
Reexamination Certificate
1998-10-02
2001-06-26
Alam, Hosain T. (Department: 2172)
Data processing: database and file management or data structures
Database design
Data structure types
C707S793000, C707S793000, C707S793000, C707S793000, C713S152000
Reexamination Certificate
active
06253203
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to systems and methods of data warehousing and analysis, and in particular to a system and method for enforcing privacy constraints on a database management system.
2. Description of the Related Art
Database management systems are used to collect, store, disseminate, and analyze data. These large-scale integrated database management systems provide an efficient, consistent, and secure data warehousing capability for storing, retrieving, and analyzing vast amounts of data. This ability to collect, analyze, and manage massive amounts of information has become a virtual necessity in business today.
The information stored by these data warehouses can come from a variety of sources. One important data warehousing application involves the collection and analysis of information collected in the course of commercial transactions between businesses and consumers. For example, when an individual uses a credit card to purchase an item at a retail store, the identity of the customer, the item purchased, the purchase amount and other related information are collected. Traditionally, this information is used by the retailer to determine if the transaction should be completed, and to control product inventory. Such data can also be used to determine temporal and geographical purchasing trends.
Similar uses of personal data occur in other industries. For example, in banking, the buying patterns of consumers can be divined by analyzing their credit card transaction profile or their checking/savings account activity, and consumers with certain profiles can be identified as potential customers for new services, such as mortgages or individual retirement accounts. Further, in the telecommunications industry, consumer telephone calling patterns can be analyzed from call-detail records, and individuals with certain profiles can be identified for selling additional services, such as a second phone line or call waiting.
Additionally, data warehouse owners typically purchase data from third parties, to enrich transactional data. This enrichment process adds demographic data such as household membership, income, employer, and other personal data.
The data collected during such transactions is also useful in other applications. For example, information regarding a particular transaction can be correlated to personal information about the consumer (age, occupation, residential area, income, etc.) to generate statistical information. In some cases, this personal information can be broadly classified into two groups: information that reveals the identity of the consumer, and information that does not. Information that does not reveal the identity of the consumer is useful because it can be used to generate information about the purchasing proclivities of consumers with similar personal characteristics. Personal information that reveals the identity of the consumer can be used for a more focused and personalized marketing approach in which the purchasing habits of each individual consumer are analyzed to identify candidates for additional or tailored marketing.
Another example of an increase in the collection of personal data is evidenced by the recent proliferation of “membership” or “loyalty” cards. These cards provide the consumer with reduced prices for certain products, but each time the consumer uses the card with the purchase, information about the consumer's buying habits is collected. The same information can be obtained in an on-line environment, or purchases with smart cards, telephone cards, and debit or credit cards.
Unfortunately, while the collection and analysis of such data can be of great public benefit, it can also be the subject of considerable abuse. In the case of loyalty programs, the potential for such abuse can prevent many otherwise cooperative consumers from signing up for membership awards or other programs. It can also discourage the use of emerging technology, such as cash cards, and foster continuation of more conservative payment methods such as cash and checks. In fact, public concern over privacy is believed to be a factor holding back the anticipated explosive growth in web commerce.
For all of these reasons, as well as regulatory constrains, when personal information is stored in data warehouses, it is incumbent on those that control this data to protect the data from such abuse. As more and more data is collected in this, the computer age, the rights of individuals regarding the use of data pertaining to them have become of greater importance. What is needed is a system and method which provides all the advantages of a complete data warehousing system, while addressing the privacy concerns of the consumer.
SUMMARY OF THE INVENTION
To address the requirements described above, the present invention discloses a method, apparatus, article of manufacture, and a memory structure for storing and retrieving data in a database implementing privacy control.
The apparatus comprises a data storage device, storing a database table comprising a plurality of data columns an at least one data control column for storing data control information reflecting consumer privacy parameters, wherein the database table comprises an identity segment for storing identity information and a personal information segment for storing personal information, and a processor, operatively coupled to the data storage device, the processor implementing a dataview suite for presenting data retrieved from the database table in accordance with the data control information.
The method comprises the steps of extending a database table comprising a plurality of data columns to include at least one data control column for storing data control information reflecting at least one consumer privacy parameter, string identity information about the consumer in an identity segment of the database table and personal information about the consumer in a personal information segment of the database table, receiving a data request from a requesting entity having data privileges, and providing the data to the requesting entity via a dataview selected in accordance with the requesting entity's data privileges, the dataview masking the data in accordance with the consumer privacy parameter. The program storage device comprises a medium for storing instructions performing the method steps outlined above.
One embodiment of the present invention also utilizes a privacy metadata system that administers and records all data, users, and usage of data that is registered as containing privacy elements. This metadata service provides for locating, consolidating, managing, and navigating warehouse metadata. It also allows for setting aside an area from which all system aspects of privacy are registered, administered, and logged in an auditable format.
REFERENCES:
patent: 5319777 (1994-06-01), Perez
patent: 5809483 (1998-09-01), Broka et al.
patent: 5855008 (1998-12-01), Goldhaber et al.
patent: 6085191 (2000-07-01), Fisher et al.
patent: 6141658 (2000-10-01), Mehr et al.
patent: 6195657 (2001-02-01), Rucker et al.
President William J. Clinton, Vice President Albert Gore Jr., “A Framework For Global Electronic Commerce,” Jul. 1997, at http://www.iitf.nist.gov/eleccomm/ecomm.htm, pp. 1-22.
Markoff, John, “U.S. and Europe Clash Over Internet Consumer Privacy,” Jul. 1, 1998 at http://search.nytimes.com/search/daily/b . . . astweb?getdoc+site+site+35855+0+wAAA+P, pp. 1-3.
“OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data,” Oct. 1, 1997 at http://www.oecd.org/dsti/sti/it/secur/prod/PRIV-EN.HTM, pp. 1-23.
“FTC Releases Report on Consumer' Online Privacy”, Report to Congress on Privacy Online, Jun. 4, 1998, at http://www.ftc.gov/opa/9806/privacy2.htm, pp. 1-4.
“High Tech Industry Leaders Announce Self-Regulatory Plan to Ensure Online Privacy,” Online Privacy Alliance Letter to President William J. Clinton, Jun. 3, 1998 (8 pages).
“Privacy and the National Information Infrastructu
O'Flaherty Kenneth W.
Ozden Renda K.
Ramsey David A.
Stellwagen, Jr. Richard G.
Veldhuisen Adriaan W.
Alam Hosain T.
Gates & Cooper
NCR Corporation
LandOfFree
Privacy-enhanced database does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Privacy-enhanced database, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Privacy-enhanced database will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2540091