US20040148290A1 - Method, system and program product for private data access or use based on related public data - Google Patents

Method, system and program product for private data access or use based on related public data Download PDF

Info

Publication number
US20040148290A1
US20040148290A1 US10/757,205 US75720504A US2004148290A1 US 20040148290 A1 US20040148290 A1 US 20040148290A1 US 75720504 A US75720504 A US 75720504A US 2004148290 A1 US2004148290 A1 US 2004148290A1
Authority
US
United States
Prior art keywords
data record
private data
private
public
record
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US10/757,205
Inventor
Ann Merenda
Hilon Potter
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Priority to US10/757,205 priority Critical patent/US20040148290A1/en
Publication of US20040148290A1 publication Critical patent/US20040148290A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/958Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking

Definitions

  • the present invention in relates in general to the field of data processing, and in particular to a method, system and program product for allowing the viewer of a public data set to access related records in a private data set based upon a link which may be selectively provided to the viewer to authorize such access.
  • Access in alternative embodiments of the invention, may entail the ability to generally read entries in the private data set, or access may be provided in such a manner that the viewer may use the data only in strictly defined ways which may preclude discerning any specific entries in the private data set for a given public record.
  • Specific applications may include the creation of a customized access restricted Web site based upon the private data or a targeted customized marketing deliverable such as advertising via e-mail or conventional mail based thereupon.
  • Another desirable feature of such a system would be the ability to enable a merchant to target an unidentified consumer via access to such public data, and to provide a “blind” access to private data enabling the merchant to perform target marketing to the unknown consumer based upon public data and the “blind” private data access.
  • the system should provide access to the private database for performing data mining operations or other types of analysis which do not expose the individual records therein and accordingly raise no privacy concerns. At the present such a system does not exist, and its absence has created a difficult commercial landscape for on-line merchants.
  • data entered by a consumer into a Web form is separated into related records in a public and private data set.
  • the public records would be available without restriction for read access by a population of merchants.
  • the private records would be available only per the indication of the consumer to the merchant in the population.
  • the records may, in an embodiment, be logically linked by the inclusion of a common key value into each of these records to indicate, for example, that these records emanated from a common source.
  • the consumer may be prompted to indicate whether they wish to provide merchants with access to their private data. This may, in a preferred embodiment, take the form of a box on the Web form which may be checked to indicate that the consumer wishes to be contacted. The consumer may be offered and opportunity to choose among the population of merchant the select merchant to whom they wish their private data to be provided.
  • the merchants may be provided with a pass code, which may in a preferred implementation, be the key value linking the public and private data records in their respective data sets.
  • a pass code which may in a preferred implementation, be the key value linking the public and private data records in their respective data sets.
  • the pass code the merchants are provided with the ability to view the particular consumers private data record in the private data set.
  • the various logically linked records in public and private tables for that consumer may be collected and assembled into an output Web page.
  • the Web page is provided at a uniform resource locator (URL) which has been coded with the common key value linking the related records or with another pass code.
  • URL uniform resource locator
  • the merchant for whom access has been indicated is provided either via e-mail or otherwise, with a hyperlink to the coded URL thereby enabling the selected merchant to access both the public and private data.
  • read access is not provided to the private data record, however, an application with access to the private data allows the merchant to make use of the data without being able to read the data. In this manner the consumer need not decide whether or not to allow some or all of the merchants to view their private data, however all of the merchants are given the advantage of the ability to use the private data without compromising the privacy of the consumer.
  • the merchants are afforded unrestricted read access to the data records in the public data set and are provided with the ability to data mine or statistically process the whole of the private data set while being restricted from reading any of the individual data records therein.
  • the merchants are provided with read access to the data records in the public data set, and based on such read access may make a request of an application which has access to the related private data records in the private data sets.
  • the application permits the merchants to use data in the related private records to target, customize and transmit marketing materials to the consumer audience based on their public data and using but not revealing their private data. In this manner the consumer population is benefited by a system which respects their privacy interests and the merchant population is permitted to make use of the large and growing pool of data available about their potential customers.
  • FIG. 1 illustrates a set of data elements parsed into private and public data sets
  • FIG. 2 depicts the separation of public and private data into their respective data sets and a consumer designated access for specified members of the viewing population to the private data set;
  • FIG. 3 illustrates an alternative embodiment wherein the combined public and private data is provided to a merchant in the form of a customized Web page using a specific key inserted into the uniform resource locator (URL) for the Web page;
  • URL uniform resource locator
  • FIG. 4 illustrates a flow diagram detailing the steps involved in practicing the embodiments of the inventions described via reference to FIG. 2 and FIG. 3;
  • FIG. 5 depicts an embodiment wherein unrestricted access is permitted to a public data set and wherein access is denied to individual records and of a private data set, but wherein access to statistical information regarding the records in the private data set is permitted;
  • FIG. 6 illustrates an embodiment of the invention wherein an application with access to the private data set allows a merchant to have blind access to the private data wherein the data may be used, but not read, by the merchant;
  • FIG. 7 depicts an example of marketing material that is constructed to be tailored by insertion of public and private data and customized by the values in the private data set and transmitted to a consumer at an e-mail address from the private data set;
  • FIG. 8 presents a flow diagram illustrating the steps involved in implementing the system of FIGS. 6 and 7.
  • information such as the state and town in which a person resides may be itself be deemed not sensitive but when combined with the person's occupation and alma mater, it may become a simple task to narrow the field down to a single person, and as such the combination of that data may be deemed sensitive.
  • the mechanics by which the various data elements are parsed into sensitive and public data sets is not critical, however the notion that such separation, at various levels of sophistication and granularity can, and does occur, is essential to the practice of the invention.
  • FIG. 1 illustrates such a distribution of data which may emanate from a customer input source such as common gateway interface (CGI) fields on a Web page 100 into public 101 and private 102 data sets.
  • CGI common gateway interface
  • the source of such data may come from any number of sources, including without limitation, surveys, transactional data, etc. and is not limited to customer interactions over the World Wide Web.
  • separation of data elements may be accomplished using known techniques to any desired level of granularity, resulting potentially in multiple public and private data sets and in the combination of individually public data sets 103 , 104 into a combined private data set 105 .
  • the public 101 and private 102 data sets are, in a preferred embodiment, relational databases such as DB2 (DB2 is a registered trademark of IBM Corporation).
  • the present invention is directed toward providing the level of control 108 required in keeping the public and private data separate, and allowing access to the private data either at the explicit direction of the consumer 109 (the individual that is the subject of the public and private data) or in such a manner as to protect the privacy concerns of the consumer.
  • a consumer 201 upon entering information to a Web page 202 , is given an option 203 to designate that they wish to be contacted regarding the particular Web transaction.
  • the Web page is in the form of a questionnaire soliciting information regarding the make up of the information technology infrastructure of the consumer's business.
  • the consumer is asked to enter information 204 regarding the hardware platforms and software systems he/she is running as well as storage solutions and communication technologies comprising the consumers business.
  • the particular hardware, software and storage solution responses made by the consumer will be stored as a single record 213 in a public data set 205 .
  • the public data set does not impose any access restrictions to its viewing audience 206 .
  • Other items of information such as the name, location, phone, e-mail, revenue, number of employees, may for our purposes, be designated as a single record 214 of private data elements 207 and as such will be stored separately in a private data set 208 which imposes certain restrictions on access by the viewing audience 206 .
  • the single record 213 in the public data set 205 is related logically 215 to the single record 214 in the private data set 206 .
  • the link authorizing a viewer of a record in the public data set 205 to related data in the private data set 206 makes use of this logical relation between the records stored in the table to ensure that the public data and private data for which access is provided correlate to one another.
  • the logical link between a record in the public and the private data sets is a randomly generated numeric key 215 , in a manner known to those skilled in the art of a random design.
  • the consumer's contact information which may for example include any or all of the following: name, address, phone, and e-mail, has been stored in the private data set 208 , and linked by the logically related records 213 , 214 will become accessible to those members of the viewing audience 206 designated by the consumer as a potentially desired marketing contact 210 .
  • the consumer may be presented with a menu 211 of potential solution providers, which may be segmented based upon the types of solutions which the customer is interested in learning more about. As such, the customer may be provided with a list of, for example, hardware only or hardware and software vendors. This level of control allows the customer to selectively provide his/her contact information to a subset of the viewing audience 206 with whom the customer wishes to interact, without opening up the otherwise private data to the entire viewing audience 206 for uncontrolled public access.
  • the merchants may be provided with a the value of the key XXXXX identifying the records 213 , 214 with which access to the designated contact information may be enabled. It is useful to note that the present invention contemplates that provision of access to the data elements in the private data set may be made on an element-by-element basis, that is to say, that the merchant may be provided with access to certain select pieces of private data within the single data record 214 , such as the contact information (name, address, phone number, e-mail) but not to other sensitive data such as revenue, credit card etc..
  • the combined information including the contact information from the private data set and the technical data from the public data set may be provided to the merchant by way of a customized Web page using a uniform resource locator (URL) that includes the command required for accessing the restricted data set.
  • URL uniform resource locator
  • a web form may generate a number of data sets 301 a - d including demographics 301 a, server data 301 b, user data 301 c, and cost data 301 d. Any of these data sets may be designated as including private data, and the remaining data sets include public data.
  • Each time a new customer enters web form data a record is created in the respective DB2 tables 302 a - d associated with the segmented data 301 a - d. It may be further observed that related records stored in tables 302 a - d are assigned a common value in the “key” field.
  • the key value 123456789876 is assigned to the records for John Doe.
  • Table 302 a holds demographic information including John Doe's name, address etc..
  • Table 302 b indicates the number of each type of server John Doe has in his enterprise (50 Server A, 35 Server B, . . . ), and is linked to related records in other tables by the inclusion of the key value 123456789876 in the key field.
  • table 302 c includes a record indicating the number of users for each server type indicated in table 302 b and linked by the key value 123456789876 to the records in tables 302 a, b and d.
  • table 302 d includes information regarding the cost of each of the server types for John Doe, linked to the related records in the other tables 302 a - c by the inclusion of the key value 123456789876.
  • the related records in these tables may be aggregated through a tool 303 which, in response to a designation by the consumer who has entered the data (John Doe in our example) will aggregate the related records in the various tables 302 a - d into an output web page 304 which will present an analysis of the data that will entice the customer to request that he be contacted by a merchant.
  • the consumers information will be made accessible to a merchant with whom the designated contact is designated, for example, by way of an e-mail 305 provided to the merchant and including a hyperlink to the key-coded URL. Via the key-coded URL the merchant may access the query page 306 including the combined related records for John Doe joined by the logical relationship of the key value 123456789876.
  • the Web access to this combined table data may be accomplished by use of the IBM Net.Data software product.
  • the merchant may use that data to market their solutions to the consumer 201 . Since access to this private data was initiated by actions taken by the consumer 201 , the subsequent contacts from the merchants will be anticipated by the consumer and will not be considered by the consumer as encroaching on his/her privacy interests.
  • a flow diagram 400 provided in FIG. 4 illustrates the steps undertaken in practicing the foregoing embodiments.
  • a consumer enters data into a web form.
  • the entered data is separated and inserted as data records in public and private data sets which records are linked by a common key value assigned thereto and which may be stored in the tables as part of the record.
  • decision point 403 it is determined whether the consumer has indicated (via an entry on the web form or otherwise) a desire to be contacted by a merchant (or for that matter more specifically a willingness to permit a view of their private data). If the consumer has indicated a desire to have their private data remain private, the “no” path is traversed an the process is ended 404 .
  • step 405 - 406 the “yes” path is traversed and the process continues either in accordance with the embodiment described in FIG. 2 (steps 405 - 406 ) or FIG. 3 (steps 407 - 410 ).
  • the remaining steps in accordance with the embodiment for FIG. 2 are as follows:
  • the consumer may optionally select 405 particular merchants from the population of merchants with access to the public data set 205 .
  • the consumer may merely indicate that they wish their data to be accessible or restricted on a global basis as well.
  • the selected merchants are provided with a key which enables them to access the private information 406 .
  • the key may be the logical link between the data in the public and private data sets.
  • the process is then ended 411 .
  • step 408 the various tables of data 302 a - d which may contain private or public information are aggregated into a query result web page having a URL which is coded with an identifier which in a preferred embodiment is the key value 123456789876 used to logically relate the records in the various tables 302 a - d.
  • step 409 those vendors for whom access has been indicated by the consumer in step 407 are provided with an e-mail including a hyperlink to the key-coded URL through which the merchant may access 410 the results of the combined consumer data.
  • the process is then ended 411 .
  • the foregoing embodiments possesses numerous advantageous features.
  • the separation of data into public and private data sets creates a volume of public data which is generally usable by the viewing public 206 .
  • This data has value by itself for marketing purposes, as it can be used for data mining to spot trends, in IT purchasing etc.
  • the selective access 203 to the private data set 208 provides a merchant with consumer-controlled access to private data which prevents massive unintended access while allowing those selected merchants to benefit from access to the data.
  • FIG. 1039 Further alternative embodiments of the invention provide a mechanism wherein the entire viewing audience of the public data may benefit from access to the private data without exposing the private information to the viewing audience.
  • This type of access would not have as a prerequisite an explicit authorization for the merchant access by the customer. In this model such authorization is not needed since the access itself will entail constraints preventing the merchant from perceiving the data elements in the private data set 208 . That is, in general, this type of access would entail a restricted form of access to the private data set which would allow any merchant to use the information stored therein without enabling the merchant to perceive any individual data entries.
  • FIG. 5 A very simplistic alternative embodiment that addresses such concerns is illustrated in FIG. 5.
  • the a viewer 501 of the public data set 502 is granted a restricted access to the private data set 503 wherein the ability to read the contents of individual data records 404 is inhibited 505 , however the ability to statistically evaluate or data mine the entire private data set is enabled 506 .
  • a viewer of the public data set 502 may benefit from the access to the private data set 503 without revealing any of the discrete private data elements stored within the data records 504 therein.
  • a viewer 601 of a public data set 602 can identify various records 603 as belonging to the same consumer by virtue of an identifier field 604 , which includes a unique value for each consumer, but which in no way reveals the identity of the consumer.
  • public records 1 , 3 and 4 all show the consumer ID as 21123. This indicates that the same consumer is associated with these public data records, however it does not reveal any of the consumer's private data entries which are retained in data records 605 stored in the private data set 606 .
  • this consumer ID identifying but not revealing the consumer.
  • Revealing the consumer would entail providing read access to the data records 605 for that consumer in the private data set 606 to the merchant 601 .
  • the premise of the present embodiment is to use the identifier 604 to permit a merchant to make use of the private data entries 605 for the consumer without providing the merchant with the ability to read those entries, we shall refer to this as “blind access” to the private data, hence the merchant secures the benefits of accessing the private data for the consumer without revealing the consumer to the merchant.
  • a merchant 601 may locate a particular piece or pieces of data regarding a consumer 21123 which incent the merchant to want to have blind access to the private data. For example, by analyzing the entries in the public data set 602 , a merchant 601 selling tennis lessons may notice that a particular consumer 21123 has recently purchased a new tennis racquet (record 1 ), tennis balls (record 3 ) and tennis shorts (record 4 ). Based on the foregoing records the merchant 601 may determine that consumer 21123 is an ideal candidate for his tennis lessons.
  • the merchant 601 has a marketing deliverable which he would like to automatically customize and e-mail to consumer 21123 , assuming that the consumer resides within the same state as at least one of one the merchant's various tennis centers (NY, NJ or CT.).
  • a separate application 607 with access to the private data set 606 serves as an interface for messages generated by the merchants 601 which may include certain data elements from the public data set 602 .
  • the application 607 enables the so-called blind access to the data in the private data set 606 .
  • the merchant would send a soft copy document such as the one illustrated in FIG. 7.
  • the document 700 would include variables 701 representing the data elements to be inserted from the private data set 606 and may be pre-populated with data 602 from the related records (records 1 , 3 and 4 belonging to identifier 21123 ) public data set 602 .
  • the merchant 601 may impose a condition 608 on the execution of application 607 so as to limit the execution of the application to those private data records which satisfy the condition.
  • the merchant 601 has forwarded the document 700 to the application 607 , and has instructed that the name 609 of the owner of the record having the identifier 21123 be inserted into the document, as well as his address 610 , and that the document be forwarded to the owner's e-mail address 611 , however, the merchant only desires that such actions be performed where the owner's state of residence ( 610 a ) is equal to NY, NJ or CT, the states in which his tennis centers are located.
  • certain portions of the document 700 may be conditioned on the values of the data in the private table 606 .
  • the selection between the title Mr. or Ms. May be conditioned on the value of the gender field 612 for the record 21123 .
  • the data 609 , 610 from the private data set 606 is inserted into the designated positions in document 600 and the document is forwarded by the application 607 to the owner's e-mail address 611 . It is important to note at this point that at no time throughout this process has the merchant 601 had the ability to read any of the data in the private data set 606 . Notwithstanding this restriction however, the merchant 601 was able to identify, via access to purchase data in a public data set 602 , public purchase records belonging to a consumer 21123 who, based on these purchases, may be interested in receiving targeted marketing 700 from the merchant 601 .
  • the merchant is permitted to create a a targeted marketing document 700 utilizing public data 602 and through the use of an application 507 , is provided with the means to have appropriate private data 609 , 610 inserted into the document to further refine the marketing material to the consumer without being given the ability to read the private data.
  • the insertion of the private data and subsequent transmission of the document to the consumer 21123 may be conditioned on the satisfaction of conditions based on the private data which are imposed by the merchant and evaluated by the application.
  • the merchant may create a targeted marketing deliverable tailored specifically to an individual consumer and send it to that individual consumer using but not ever seeing the consumer's private data. This satisfies the merchant's desire to make use of the consumers purchasing data to better focus his marketing, while respecting the privacy interests of the consumer.
  • the flow diagram 800 in FIG. 8 illustrates the steps undertaken in performing the embodiment of the invention as described in FIGS. 6 and 7.
  • step 801 data from a consumer is parsed into related records in public and private tables.
  • step 802 the merchant examines public data to identify records whose owner has interests aligned with the merchant's offerings.
  • step 803 the merchant may utilize the data from the public table to tailor a marketing deliverable to the owner of the identified record in the public table from step 802 .
  • step 804 the merchant makes a request of an application which has access to the data in the private table to access the private table, and specifically the record in the private table related to the identified public record from step 802 , here the merchant may optionally impose conditions on the accessing of the private table by the application. If the merchant imposes conditions they are analyzed at decision point 805 if they are not met the process is ended 806 , if they are met the application is instructed to use the private table data for the related record to complete the marketing material, and to send the material to the owner of the identified public and private data records 807 . Finally, the process is ended at step 808 .
  • the present invention can be included in an article of manufacture (e.g., one or more computer program products) having, for instance, computer usable media.
  • the media has embodied therein, for instance, computer readable program code means for providing and facilitating the capabilities of the present invention.
  • the article of manufacture can be included as a part of a computer system or sold separately.
  • At least one program storage device readable by a machine tangibly embodying at least one program of instructions executable by the machine to perform the capabilities of the present invention can be provided.

Abstract

Records in a public data set are related by a logical link to records in a private data set. The public data set may be generally read whereas the private table has restricted access. Authorization to view private data records is provided by keys or coded Web URLs. In one embodiment, an application accesses the data on behalf of the viewer and undertakes the use requested of the data without revealing the contents of the record to the viewer.

Description

    CROSS-REFERENCE TO RELATED APPLICATION
  • The invention disclosed in this application is a divisional of application Ser. No. 10/390,956 “SENDING ADVERTISEMENTS TO CUSTOMERS IDENTIFIED BY A NON-VIEWABLE DATABASE” filed Mar. 18, 2003 which is a divisional of application Ser. No. 09/563,639 filed May 2, 2000 now abandoned. The disclosure of the forgoing application is incorporated herein by reference.[0001]
    • TECHNICAL FIELD
  • The present invention in relates in general to the field of data processing, and in particular to a method, system and program product for allowing the viewer of a public data set to access related records in a private data set based upon a link which may be selectively provided to the viewer to authorize such access. Access, in alternative embodiments of the invention, may entail the ability to generally read entries in the private data set, or access may be provided in such a manner that the viewer may use the data only in strictly defined ways which may preclude discerning any specific entries in the private data set for a given public record. Specific applications may include the creation of a customized access restricted Web site based upon the private data or a targeted customized marketing deliverable such as advertising via e-mail or conventional mail based thereupon. [0002]
    • BACKGROUND OF THE INVENTION
  • The incredible growth of the Internet has provided ready access to a wealth of information. The World Wide Web is an ever-expanding repository of information spanning any and all conceivable topics limited only by the imagination of the information content provider. The overwhelming benefits attendant to this ubiquity, however, are counterbalanced to some extent by the inevitable loss of privacy associated with accessing a global computer network. [0003]
  • As the Internet evolves into the dominant commercial medium, merchants seeking to leverage data about Internet user's to better focus their marketing efforts must do so in a manner that respects the privacy interests of their intended customer. Such interests have been the focal point of messages from leaders in government and in the high technology industry. The common theme being that in order to assure the unimpeded commercial growth of the Internet, it is vital that the protection of individual privacy interests is accorded paramount importance. In fact, many leading technology companies refuse do business on-line with firms that do not have a satisfactorily articulated policy on privacy concerns. Industry-backed organizations such as Trust-E help businesses and consumers ensure that they are dealing with companies that have placed the proper importance on on-line privacy rights. Moreover, recent public outcries over intrusive Internet advertising practices are cautionary tales for overzealous Internet marketers. [0004]
  • From the foregoing it can be seen that solutions which provide a means for merchants to make use of customer data while still protecting the privacy interests of individual user's engender considerable interest from the participants in the Internet economy. Owing to the heterogeneous nature of the machines and devices connected to the Internet, simplicity in implementation is a necessary ingredient if any such solution is to be viable. Moreover, the solution should provide the requisite flexibility to allow an Internet user to proactively indicate their desire to selectively provide their private data to selected merchants while their public data (i.e., data which does not reasonably compromise the privacy concerns of the user) is provided to the general audience of merchants on the Internet. Another desirable feature of such a system would be the ability to enable a merchant to target an unidentified consumer via access to such public data, and to provide a “blind” access to private data enabling the merchant to perform target marketing to the unknown consumer based upon public data and the “blind” private data access. Finally, the system should provide access to the private database for performing data mining operations or other types of analysis which do not expose the individual records therein and accordingly raise no privacy concerns. At the present such a system does not exist, and its absence has created a difficult commercial landscape for on-line merchants. [0005]
    • SUMMARY OF THE INVENTION
  • The foregoing shortcomings of the prior art are overcome and further advantageous features are provided by the present invention wherein is taught a method, system and program product for enabling a requester with read access to public data to read and/or make use of related private data. [0006]
  • In an embodiment of the invention, data entered by a consumer into a Web form is separated into related records in a public and private data set. The public records would be available without restriction for read access by a population of merchants. The private records would be available only per the indication of the consumer to the merchant in the population. The records may, in an embodiment, be logically linked by the inclusion of a common key value into each of these records to indicate, for example, that these records emanated from a common source. [0007]
  • Upon entering the data the consumer may be prompted to indicate whether they wish to provide merchants with access to their private data. This may, in a preferred embodiment, take the form of a box on the Web form which may be checked to indicate that the consumer wishes to be contacted. The consumer may be offered and opportunity to choose among the population of merchant the select merchant to whom they wish their private data to be provided. [0008]
  • Once selected, in accordance with an embodiment of the invention, the merchants may be provided with a pass code, which may in a preferred implementation, be the key value linking the public and private data records in their respective data sets. With the pass code the merchants are provided with the ability to view the particular consumers private data record in the private data set. [0009]
  • In another embodiment of the invention upon designation by the consumer, the various logically linked records in public and private tables for that consumer may be collected and assembled into an output Web page. The Web page is provided at a uniform resource locator (URL) which has been coded with the common key value linking the related records or with another pass code. The merchant for whom access has been indicated is provided either via e-mail or otherwise, with a hyperlink to the coded URL thereby enabling the selected merchant to access both the public and private data. [0010]
  • In yet another set of embodiments, read access is not provided to the private data record, however, an application with access to the private data allows the merchant to make use of the data without being able to read the data. In this manner the consumer need not decide whether or not to allow some or all of the merchants to view their private data, however all of the merchants are given the advantage of the ability to use the private data without compromising the privacy of the consumer. [0011]
  • In an exemplary embodiment the merchants are afforded unrestricted read access to the data records in the public data set and are provided with the ability to data mine or statistically process the whole of the private data set while being restricted from reading any of the individual data records therein. [0012]
  • In another embodiment the merchants are provided with read access to the data records in the public data set, and based on such read access may make a request of an application which has access to the related private data records in the private data sets. The application permits the merchants to use data in the related private records to target, customize and transmit marketing materials to the consumer audience based on their public data and using but not revealing their private data. In this manner the consumer population is benefited by a system which respects their privacy interests and the merchant population is permitted to make use of the large and growing pool of data available about their potential customers.[0013]
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • The subject matter which is regarded as the invention is particularly pointed out and distinctly claimed in the claims at the conclusion of the specification. The foregoing and other objects, features, and advantages of the invention are apparent from the following detailed description taken in conjunction with the accompanying drawings in which: [0014]
  • FIG. 1 illustrates a set of data elements parsed into private and public data sets; [0015]
  • FIG. 2 depicts the separation of public and private data into their respective data sets and a consumer designated access for specified members of the viewing population to the private data set; [0016]
  • FIG. 3 illustrates an alternative embodiment wherein the combined public and private data is provided to a merchant in the form of a customized Web page using a specific key inserted into the uniform resource locator (URL) for the Web page; [0017]
  • FIG.[0018] 4 illustrates a flow diagram detailing the steps involved in practicing the embodiments of the inventions described via reference to FIG. 2 and FIG. 3;
  • FIG. 5 depicts an embodiment wherein unrestricted access is permitted to a public data set and wherein access is denied to individual records and of a private data set, but wherein access to statistical information regarding the records in the private data set is permitted; [0019]
  • FIG. 6 illustrates an embodiment of the invention wherein an application with access to the private data set allows a merchant to have blind access to the private data wherein the data may be used, but not read, by the merchant; [0020]
  • FIG. 7 depicts an example of marketing material that is constructed to be tailored by insertion of public and private data and customized by the values in the private data set and transmitted to a consumer at an e-mail address from the private data set; and [0021]
  • FIG. 8 presents a flow diagram illustrating the steps involved in implementing the system of FIGS. 6 and 7.[0022]
    • BEST MODE FOR CARRYING OUT THE INVENTION
  • Fundamental to the implementation of the present invention is the notion that a set of data may be parsed into private and non-private elements. At the most simplistic level this might entail, for example, identifying input fields on a Web page as requiring sensitive data input such as an address, credit card or social security number, versus non-sensitive information such as the name of the item being purchased, the date, time etc.. At a more sophisticated level this notion might entail the combination of otherwise non-sensitive data elements into a combined sensitive data construct. For example, information such as the state and town in which a person resides may be itself be deemed not sensitive but when combined with the person's occupation and alma mater, it may become a simple task to narrow the field down to a single person, and as such the combination of that data may be deemed sensitive. For purposes of the present invention the mechanics by which the various data elements are parsed into sensitive and public data sets is not critical, however the notion that such separation, at various levels of sophistication and granularity can, and does occur, is essential to the practice of the invention. [0023]
  • FIG. 1 illustrates such a distribution of data which may emanate from a customer input source such as common gateway interface (CGI) fields on a [0024] Web page 100 into public 101 and private 102 data sets. It is of course understood that the source of such data may come from any number of sources, including without limitation, surveys, transactional data, etc. and is not limited to customer interactions over the World Wide Web. As previously noted, such separation of data elements may be accomplished using known techniques to any desired level of granularity, resulting potentially in multiple public and private data sets and in the combination of individually public data sets 103, 104 into a combined private data set 105. The public 101 and private 102 data sets are, in a preferred embodiment, relational databases such as DB2 (DB2 is a registered trademark of IBM Corporation).
  • As a result of the distribution of data elements among various public and private data sets, it is desirable to establish a level of control over access to the public and private data stored therein. For purposes of the present invention it will suffice to assume that a public data set is available, without restriction, to the entire population of Internet users, or, as will more likely be the case, to a select subset of [0025] merchants 107 who subscribe to a marketing service that accumulates such data. With the public data elements, however, as opposed to data elements in the private data sets, there are no discrete access restrictions in place which would prevent a general member of the potential population from viewing the data from undertaking such access. The present invention is directed toward providing the level of control 108 required in keeping the public and private data separate, and allowing access to the private data either at the explicit direction of the consumer 109 (the individual that is the subject of the public and private data) or in such a manner as to protect the privacy concerns of the consumer.
  • In a first embodiment of the invention, illustrated in FIG. 2, a [0026] consumer 201, upon entering information to a Web page 202, is given an option 203 to designate that they wish to be contacted regarding the particular Web transaction. As an example we will assume that the Web page is in the form of a questionnaire soliciting information regarding the make up of the information technology infrastructure of the consumer's business. As illustrated in FIG. 2 the consumer is asked to enter information 204 regarding the hardware platforms and software systems he/she is running as well as storage solutions and communication technologies comprising the consumers business. The particular responses to theses technical queries, for purposes of this example, we will designate as being public data. That is to say, the particular hardware, software and storage solution responses made by the consumer will be stored as a single record 213 in a public data set 205. The public data set does not impose any access restrictions to its viewing audience 206. Other items of information, such as the name, location, phone, e-mail, revenue, number of employees, may for our purposes, be designated as a single record 214 of private data elements 207 and as such will be stored separately in a private data set 208 which imposes certain restrictions on access by the viewing audience 206.
  • The [0027] single record 213 in the public data set 205 is related logically 215 to the single record 214 in the private data set 206. The link authorizing a viewer of a record in the public data set 205 to related data in the private data set 206 makes use of this logical relation between the records stored in the table to ensure that the public data and private data for which access is provided correlate to one another. In a preferred embodiment the logical link between a record in the public and the private data sets is a randomly generated numeric key 215, in a manner known to those skilled in the art of a random design.
  • If the [0028] consumer 201 designates a desire to be contacted 203, the consumer's contact information, which may for example include any or all of the following: name, address, phone, and e-mail, has been stored in the private data set 208, and linked by the logically related records 213, 214 will become accessible to those members of the viewing audience 206 designated by the consumer as a potentially desired marketing contact 210. In an embodiment, the consumer may be presented with a menu 211 of potential solution providers, which may be segmented based upon the types of solutions which the customer is interested in learning more about. As such, the customer may be provided with a list of, for example, hardware only or hardware and software vendors. This level of control allows the customer to selectively provide his/her contact information to a subset of the viewing audience 206 with whom the customer wishes to interact, without opening up the otherwise private data to the entire viewing audience 206 for uncontrolled public access.
  • Once the [0029] consumer 201 has selected the set of merchants with whom contact is desired, a number of mechanisms may be employed to provide access to the designated merchants. In a preferred embodiment, the merchants may be provided with a the value of the key XXXXXX identifying the records 213, 214 with which access to the designated contact information may be enabled. It is useful to note that the present invention contemplates that provision of access to the data elements in the private data set may be made on an element-by-element basis, that is to say, that the merchant may be provided with access to certain select pieces of private data within the single data record 214, such as the contact information (name, address, phone number, e-mail) but not to other sensitive data such as revenue, credit card etc..
  • In another embodiment, depicted in FIG. 3, the combined information including the contact information from the private data set and the technical data from the public data set may be provided to the merchant by way of a customized Web page using a uniform resource locator (URL) that includes the command required for accessing the restricted data set. [0030]
  • Turning to FIG. 3 it is seen that a web form may generate a number of data sets [0031] 301 a -d including demographics 301 a, server data 301 b, user data 301 c, and cost data 301 d. Any of these data sets may be designated as including private data, and the remaining data sets include public data. Each time a new customer enters web form data, a record is created in the respective DB2 tables 302 a-d associated with the segmented data 301 a-d. It may be further observed that related records stored in tables 302 a-d are assigned a common value in the “key” field. In the illustration, for example, it can be seen that the key value 123456789876 is assigned to the records for John Doe. Table 302 a holds demographic information including John Doe's name, address etc.. Table 302 b indicates the number of each type of server John Doe has in his enterprise (50 Server A, 35 Server B, . . . ), and is linked to related records in other tables by the inclusion of the key value 123456789876 in the key field. Likewise, table 302 c includes a record indicating the number of users for each server type indicated in table 302 b and linked by the key value 123456789876 to the records in tables 302 a, b and d. Finally, table 302 d includes information regarding the cost of each of the server types for John Doe, linked to the related records in the other tables 302 a-c by the inclusion of the key value 123456789876.
  • The related records in these tables may be aggregated through a [0032] tool 303 which, in response to a designation by the consumer who has entered the data (John Doe in our example) will aggregate the related records in the various tables 302 a-d into an output web page 304 which will present an analysis of the data that will entice the customer to request that he be contacted by a merchant. The consumers information will be made accessible to a merchant with whom the designated contact is designated, for example, by way of an e-mail 305 provided to the merchant and including a hyperlink to the key-coded URL. Via the key-coded URL the merchant may access the query page 306 including the combined related records for John Doe joined by the logical relationship of the key value 123456789876. In a preferred embodiment the Web access to this combined table data may be accomplished by use of the IBM Net.Data software product.
  • Regardless of whether the implementation illustrated in FIG. 2 or FIG. 3 is undertaken, once the merchant has access to the [0033] private data 208 through this process, the merchant may use that data to market their solutions to the consumer 201. Since access to this private data was initiated by actions taken by the consumer 201, the subsequent contacts from the merchants will be anticipated by the consumer and will not be considered by the consumer as encroaching on his/her privacy interests.
  • A flow diagram [0034] 400 provided in FIG. 4 illustrates the steps undertaken in practicing the foregoing embodiments. In step 401 a consumer enters data into a web form. In step 402 the entered data is separated and inserted as data records in public and private data sets which records are linked by a common key value assigned thereto and which may be stored in the tables as part of the record. At decision point 403 it is determined whether the consumer has indicated (via an entry on the web form or otherwise) a desire to be contacted by a merchant (or for that matter more specifically a willingness to permit a view of their private data). If the consumer has indicated a desire to have their private data remain private, the “no” path is traversed an the process is ended 404. Alternatively, if the consumer indicates that their data may be accesses the “yes” path is traversed and the process continues either in accordance with the embodiment described in FIG. 2 (steps 405-406) or FIG. 3 (steps 407-410).
  • The remaining steps in accordance with the embodiment for FIG. 2 are as follows: The consumer may optionally select [0035] 405 particular merchants from the population of merchants with access to the public data set 205. Of course, the consumer may merely indicate that they wish their data to be accessible or restricted on a global basis as well. The selected merchants are provided with a key which enables them to access the private information 406. Optionally, the key may be the logical link between the data in the public and private data sets. The process is then ended 411.
  • The remaining steps in accordance with the embodiment in FIG. 3 are similar: Once again the consumer may optionally select among the population of merchants with access to the public data, certain merchants to whom they wish to grant [0036] private data access 407 or access may be granted globally. Next in step 408 the various tables of data 302 a-d which may contain private or public information are aggregated into a query result web page having a URL which is coded with an identifier which in a preferred embodiment is the key value 123456789876 used to logically relate the records in the various tables 302 a-d. In step 409 those vendors for whom access has been indicated by the consumer in step 407 are provided with an e-mail including a hyperlink to the key-coded URL through which the merchant may access 410 the results of the combined consumer data. The process is then ended 411.
  • As will be appreciated, the foregoing embodiments possesses numerous advantageous features. The separation of data into public and private data sets creates a volume of public data which is generally usable by the viewing public [0037] 206. This data has value by itself for marketing purposes, as it can be used for data mining to spot trends, in IT purchasing etc. Moreover, the selective access 203 to the private data set 208 provides a merchant with consumer-controlled access to private data which prevents massive unintended access while allowing those selected merchants to benefit from access to the data.
  • While the previously described embodiment of the invention does address certain privacy concerns it also severely limits the use of the data designated as private. In particular, since the prior implementations enable the selected merchants to view the consumer's private data, it is to be expected that the set of selected merchants would be relatively small. Accordingly, the implementation does not equally benefit the entire community of merchants. [0038]
  • Further alternative embodiments of the invention provide a mechanism wherein the entire viewing audience of the public data may benefit from access to the private data without exposing the private information to the viewing audience. This type of access would not have as a prerequisite an explicit authorization for the merchant access by the customer. In this model such authorization is not needed since the access itself will entail constraints preventing the merchant from perceiving the data elements in the [0039] private data set 208. That is, in general, this type of access would entail a restricted form of access to the private data set which would allow any merchant to use the information stored therein without enabling the merchant to perceive any individual data entries.
  • A very simplistic alternative embodiment that addresses such concerns is illustrated in FIG. 5. In FIG. 5 the a [0040] viewer 501 of the public data set 502 is granted a restricted access to the private data set 503 wherein the ability to read the contents of individual data records 404 is inhibited 505, however the ability to statistically evaluate or data mine the entire private data set is enabled 506. In this manner, a viewer of the public data set 502 may benefit from the access to the private data set 503 without revealing any of the discrete private data elements stored within the data records 504 therein.
  • Another interesting embodiment that permits limited access to the data entries in the private data set while preventing the merchant from reading the individual data entries therein is described via reference to FIG. 6. A [0041] viewer 601 of a public data set 602 can identify various records 603 as belonging to the same consumer by virtue of an identifier field 604, which includes a unique value for each consumer, but which in no way reveals the identity of the consumer. For example, public records 1, 3 and 4 all show the consumer ID as 21123. This indicates that the same consumer is associated with these public data records, however it does not reveal any of the consumer's private data entries which are retained in data records 605 stored in the private data set 606. For purposes of consistency we shall refer to this consumer ID as identifying but not revealing the consumer. Revealing the consumer, according to the invention, would entail providing read access to the data records 605 for that consumer in the private data set 606 to the merchant 601. The premise of the present embodiment is to use the identifier 604 to permit a merchant to make use of the private data entries 605 for the consumer without providing the merchant with the ability to read those entries, we shall refer to this as “blind access” to the private data, hence the merchant secures the benefits of accessing the private data for the consumer without revealing the consumer to the merchant.
  • Upon analyzing the public data set [0042] 602 a merchant 601 may locate a particular piece or pieces of data regarding a consumer 21123 which incent the merchant to want to have blind access to the private data. For example, by analyzing the entries in the public data set 602, a merchant 601 selling tennis lessons may notice that a particular consumer 21123 has recently purchased a new tennis racquet (record 1), tennis balls (record 3) and tennis shorts (record 4). Based on the foregoing records the merchant 601 may determine that consumer 21123 is an ideal candidate for his tennis lessons. In our example, we will assume that the merchant 601 has a marketing deliverable which he would like to automatically customize and e-mail to consumer 21123, assuming that the consumer resides within the same state as at least one of one the merchant's various tennis centers (NY, NJ or CT.).
  • A [0043] separate application 607 with access to the private data set 606 serves as an interface for messages generated by the merchants 601 which may include certain data elements from the public data set 602. The application 607 enables the so-called blind access to the data in the private data set 606.
  • In our example the merchant would send a soft copy document such as the one illustrated in FIG. 7. The [0044] document 700 would include variables 701 representing the data elements to be inserted from the private data set 606 and may be pre-populated with data 602 from the related records ( records 1, 3 and 4 belonging to identifier 21123) public data set 602.
  • In a preferred embodiment the [0045] merchant 601 may impose a condition 608 on the execution of application 607 so as to limit the execution of the application to those private data records which satisfy the condition. In our example the merchant 601 has forwarded the document 700 to the application 607, and has instructed that the name 609 of the owner of the record having the identifier 21123 be inserted into the document, as well as his address 610, and that the document be forwarded to the owner's e-mail address 611, however, the merchant only desires that such actions be performed where the owner's state of residence (610 a) is equal to NY, NJ or CT, the states in which his tennis centers are located. Moreover, certain portions of the document 700 may be conditioned on the values of the data in the private table 606. For example, in the greeting the selection between the title Mr. or Ms. May be conditioned on the value of the gender field 612 for the record 21123.
  • If the conditions are met, the [0046] data 609, 610 from the private data set 606 is inserted into the designated positions in document 600 and the document is forwarded by the application 607 to the owner's e-mail address 611. It is important to note at this point that at no time throughout this process has the merchant 601 had the ability to read any of the data in the private data set 606. Notwithstanding this restriction however, the merchant 601 was able to identify, via access to purchase data in a public data set 602, public purchase records belonging to a consumer 21123 who, based on these purchases, may be interested in receiving targeted marketing 700 from the merchant 601. With nothing more than this public data, the merchant is permitted to create a a targeted marketing document 700 utilizing public data 602 and through the use of an application 507, is provided with the means to have appropriate private data 609, 610 inserted into the document to further refine the marketing material to the consumer without being given the ability to read the private data. Furthermore, the insertion of the private data and subsequent transmission of the document to the consumer 21123 may be conditioned on the satisfaction of conditions based on the private data which are imposed by the merchant and evaluated by the application. Accordingly, the merchant may create a targeted marketing deliverable tailored specifically to an individual consumer and send it to that individual consumer using but not ever seeing the consumer's private data. This satisfies the merchant's desire to make use of the consumers purchasing data to better focus his marketing, while respecting the privacy interests of the consumer.
  • The flow diagram [0047] 800 in FIG. 8 illustrates the steps undertaken in performing the embodiment of the invention as described in FIGS. 6 and 7. Starting at step 801 data from a consumer is parsed into related records in public and private tables. Next, in step 802 the merchant examines public data to identify records whose owner has interests aligned with the merchant's offerings. Next, in step 803 the merchant may utilize the data from the public table to tailor a marketing deliverable to the owner of the identified record in the public table from step 802. In step 804 the merchant makes a request of an application which has access to the data in the private table to access the private table, and specifically the record in the private table related to the identified public record from step 802, here the merchant may optionally impose conditions on the accessing of the private table by the application. If the merchant imposes conditions they are analyzed at decision point 805 if they are not met the process is ended 806, if they are met the application is instructed to use the private table data for the related record to complete the marketing material, and to send the material to the owner of the identified public and private data records 807. Finally, the process is ended at step 808.
  • It is understood that while the foregoing embodiment has been directed at the creation and transmitting of marketing materials other implementation which make use of the related records between a public and private table and an application which enables “blind access” to allow an entity to make use of the private records without revealing such private data to the entity would be considered to fall within the scope of the present invention. Moreover, while the foregoing invention has been described by reference to several preferred embodiments it is to be understood that various alterations, improvements and modifications may be made by those skilled in the art without departing from the spirit of the invention. These are considered to be within the scope of the present invention as defined by the following claims. [0048]
  • The present invention can be included in an article of manufacture (e.g., one or more computer program products) having, for instance, computer usable media. The media has embodied therein, for instance, computer readable program code means for providing and facilitating the capabilities of the present invention. The article of manufacture can be included as a part of a computer system or sold separately. [0049]
  • Additionally, at least one program storage device readable by a machine, tangibly embodying at least one program of instructions executable by the machine to perform the capabilities of the present invention can be provided. [0050]
  • The flow diagrams depicted herein are just examples. There may be many variations to these diagrams or the steps (or operations) described therein without departing from the spirit of the invention. For instance, the steps may be performed in a differing order, or steps may be added, deleted or modified. All of these variations are considered a part of the claimed invention. [0051]
  • Although preferred embodiments have been depicted and described in detail herein, it will be apparent to those skilled in the relevant art that various modifications, additions, substitutions and the like can be made without departing from the spirit of the invention and these are therefore considered to be within the scope of the invention as defined in the following claims: [0052]

Claims (45)

What is claimed is:
1. A method for accessing data records in a private data set having restricted access, the records in the private data set being accessible only by authorized users, the method comprising the steps of:
separating a data record into a public data record stored in a public data set and a private data record stored in a private data set;
creating a logical link logically relating the public data record with the private data record;
receiving a request from a user to perform a predefined operation, the request comprising information from the public data record, the user not authorized to access the private data set;
finding the private data record using the information from the public data record received from the user in combination with the logical link; and
performing the predefined operation using the private data record.
2. The method according to claim 1 wherein the logical link comprises a key value stored in the public data record and the private data record.
3. The method according to claim 1 wherein the information from the public data record received from the user comprises a key value stored in the private data record.
4. The method according to claim 1 wherein the predefined operation comprises blind analysis of data in a plurality of private data records.
5. The method according to claim 4 comprising the further step of forwarding the results of the blind analysis to the user.
6. The method according to claim 1 wherein performing the predefined operation comprises the further steps of:
using information from the private data record as a network address; and
transmitting a message to the network address.
7. The method according to claim 6 wherein the message comprises email.
8. The method according to claim 6 wherein the message comprises message information from any one of the private data record or the public data record.
9. The method according to claim 6 wherein the message comprises marketing material.
10. The method according to claim 1 wherein the performing the predefined operation step is performed only when a required condition is satisfied.
11. The method according to claim 10 wherein the required condition is based upon information in the private record.
12. The method according to claim 1 wherein the private data record comprises data regarding any one of a link ID, a key, a consumer or an enterprise.
13. The method according to claim 1 wherein the public data record comprises data regarding any one of a link ID, a key, a consumer or a product.
14. The method according to claim 1 wherein the performing the predefined operation step comprises the further step of retrieving data from any one of the private data record or the public data record.
15. The method according to claim 14 comprising the further step of forwarding the retrieved data to the user.
16. A system for accessing data records in a private data set having restricted access, the records in the private data set being accessible only by authorized users, the system comprising:
a separator separating a data record into a public data record stored in a public data set and a private data record stored in a private data set;
a logical link creator for logically relating a public data record element with the private data record;
a receiver receiving a request from a user to perform a predefined operation, the request comprising information from the public data record, the user not authorized to access the private data set;
a record finder finding the private data record using the information from the public data record received from the user in combination with the logical link; and
an application performing the predefined operation using the private data record.
17. The system according to claim 16 wherein the logical link comprises a key value stored in the public data record and the private data record.
18. The system according to claim 16 wherein the information from the public data record received from the user comprises a key value stored in the private data record.
19. The system according to claim 16 wherein the predefined operation comprises blind analysis of data in a plurality of private data records.
20. The system according to claim 19 further comprising a transmitter forwarding the results of the blind analysis to the user.
21. The system according to claim 16 wherein the application further comprises:
an addresser using information from the private data record as a network address; and
a sender transmitting a message to the network address.
22. The system according to claim 21 wherein the message comprises email.
23. The system according to claim 21 wherein the message comprises message information from any one of the private data record or the public data record.
24. The system according to claim 21 wherein the message comprises marketing material.
25. The system according to claim 16 wherein the application performs the predefined operation only when a required condition is satisfied.
26. The system according to claim 25 wherein the required condition is based upon information in the private record.
27. The system according to claim 16 wherein the private data record comprises data regarding any one of a link ID, a key, a consumer or an enterprise.
28. The system according to claim 16 wherein the public data record comprises data regarding any one of a link ID, a key, a consumer or a product.
29. The system according to claim 16 wherein the predefined operation comprises retrieving data from any one of the private data record or the public data record.
30. The system according to claim 29 further comprising a forwarder forwarding the retrieved data to the user.
31. A computer program product for accessing data records in a private data set having restricted access, the records in the private data set being accessible only by authorized users, the computer program product comprising a computer readable medium having computer readable program code therein, the computer program product comprising:
computer readable program code for separating a data record into a public data record stored in a public data set and a private data record stored in a private data set;
computer readable program code for creating a logical link logically relating a public data record element with the private data record;
computer readable program code for receiving a request from a user to perform a predefined operation, the request comprising information from the public data record, the user not authorized to access the private data set;
computer readable program code for finding the private data record using the information from the public data record received from the user in combination with the logical link; and
computer readable program code for performing the predefined operation using the private data record.
32. The computer program product according to claim 31 wherein the logical link comprises a key value stored in the public data record and the private data record.
33. The computer program product according to claim 31 wherein the information from the public data record received from the user comprises a key value stored in the private data record.
34. The computer program product according to claim 31 wherein the predefined operation comprises blind analysis of data in a plurality of private data records.
35. The computer program product according to claim 34 further comprising computer readable program code for forwarding the results of the blind analysis to the user.
36. The computer program product according to claim 31 wherein computer readable program code for performing the predefined operation further comprises:
computer readable program code for using information from the private data record as a network address; and
computer readable program code for transmitting a message to the network address.
37. The computer program product according to claim 36 wherein the message comprises email.
38. The computer program product according to claim 36 wherein the message comprises message information from any one of the private data record or the public data record.
39. The computer program product according to claim 36 wherein the message comprises marketing material.
40. The computer program product according to claim 31 wherein the performing the predefined operation step is performed only when a required condition is satisfied.
41. The computer program product according to claim 40 wherein the required condition is based upon information in the private record.
42. The computer program product according to claim 31 wherein the private data record comprises data regarding any one of a link ID, a key, a consumer or an enterprise.
43. The computer program product according to claim 31 wherein the public data record comprises data regarding any one of a link ID, a key, a consumer or a product.
44. The computer program product according to claim 31 wherein the predefined operation step comprises retrieving data from any one of the private data record or the public data record.
45. The computer program product according to claim 44 further comprising a computer readable program code for forwarding the retrieved data to the user.
US10/757,205 2000-05-02 2004-01-14 Method, system and program product for private data access or use based on related public data Abandoned US20040148290A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US10/757,205 US20040148290A1 (en) 2000-05-02 2004-01-14 Method, system and program product for private data access or use based on related public data

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US56363900A 2000-05-02 2000-05-02
US39095403A 2003-03-17 2003-03-17
US10/757,205 US20040148290A1 (en) 2000-05-02 2004-01-14 Method, system and program product for private data access or use based on related public data

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US39095403A Division 2000-05-02 2003-03-17

Publications (1)

Publication Number Publication Date
US20040148290A1 true US20040148290A1 (en) 2004-07-29

Family

ID=24251323

Family Applications (2)

Application Number Title Priority Date Filing Date
US10/390,956 Active 2025-10-14 US8996508B2 (en) 2000-05-02 2003-03-18 Sending advertisements to customers
US10/757,205 Abandoned US20040148290A1 (en) 2000-05-02 2004-01-14 Method, system and program product for private data access or use based on related public data

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US10/390,956 Active 2025-10-14 US8996508B2 (en) 2000-05-02 2003-03-18 Sending advertisements to customers

Country Status (2)

Country Link
US (2) US8996508B2 (en)
GB (1) GB2366051B (en)

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020111920A1 (en) * 2001-02-09 2002-08-15 International Business Machines Corporation System and method for maintaining customer privacy
US20030225860A1 (en) * 2001-06-04 2003-12-04 Courtemanche Paul R. Life-event server
US20050280502A1 (en) * 2002-09-24 2005-12-22 Bell David A Image recognition
US20080229184A1 (en) * 2007-03-15 2008-09-18 Microsoft Corporation Private sheets in shared spreadsheets
US20090112805A1 (en) * 2007-10-31 2009-04-30 Zachary Adam Garbow Method, system, and computer program product for implementing search query privacy
US20100262837A1 (en) * 2009-04-14 2010-10-14 Haluk Kulin Systems And Methods For Personal Digital Data Ownership And Vaulting
US20120233209A1 (en) * 2011-03-09 2012-09-13 Microsoft Corporation Enterprise search over private and public data
US20140173747A1 (en) * 2012-12-13 2014-06-19 Apple Inc. Disabling access to applications and content in a privacy mode
US20140278764A1 (en) * 2013-03-15 2014-09-18 Commerce Signals, Inc. Methods and systems for a virtual marketplace or exchange for distributed signals including data correlation engines
US8869286B1 (en) * 2012-05-22 2014-10-21 Symantec Corporation Systems and methods for analyzing client-side storage security for internet applications
US20150135327A1 (en) * 2013-11-08 2015-05-14 Symcor Inc. Method of obfuscating relationships between data in database tables
US20200234287A1 (en) * 2011-04-15 2020-07-23 Shift4 Corporation Method and system for utilizing authorization factor pools
US10771247B2 (en) 2013-03-15 2020-09-08 Commerce Signals, Inc. Key pair platform and system to manage federated trust networks in distributed advertising
US10803512B2 (en) 2013-03-15 2020-10-13 Commerce Signals, Inc. Graphical user interface for object discovery and mapping in open systems
US11222346B2 (en) 2013-03-15 2022-01-11 Commerce Signals, Inc. Method and systems for distributed signals for use with advertising
US11538026B2 (en) 2011-04-15 2022-12-27 Shift4 Corporation Method and system for enabling merchants to share tokens
US11822610B2 (en) 2016-06-20 2023-11-21 International Business Machines Corporation System, method, and recording medium for data mining between private and public domains
US11899632B1 (en) * 2017-04-28 2024-02-13 Verato, Inc. System and method for secure linking and matching of data elements across independent data systems
US11907187B1 (en) * 2017-04-28 2024-02-20 Verato, Inc. Methods and systems for facilitating data stewardship tasks

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7200666B1 (en) * 2000-07-07 2007-04-03 International Business Machines Corporation Live connection enhancement for data source interface
US20020091650A1 (en) * 2001-01-09 2002-07-11 Ellis Charles V. Methods of anonymizing private information
CA2574885A1 (en) * 2004-07-23 2006-02-02 Privit, Inc. Privacy compliant consent and data access management system and method
US20070112636A1 (en) * 2005-11-14 2007-05-17 Lucker William G Jr Community Based Marketing System and Method
US11062351B1 (en) * 2007-11-15 2021-07-13 Verizon Media Inc. Systems and methods for allocating electronic advertising opportunities
CN112036952A (en) * 2012-03-31 2020-12-04 环联公司 System and method for targeted internet marketing based on offline, online, and credit-related data
MX2016005550A (en) 2013-10-30 2017-01-05 Trans Union Llc Systems and methods for measuring effectiveness of marketing and advertising campaigns.
CN106255985B (en) 2014-03-11 2019-11-19 环联公司 Digital preliminary hearing orientation marketing system and method
GB2604540B (en) 2016-02-03 2023-01-11 Luther Systems System and method for secure management of digital contracts
US10831509B2 (en) 2017-02-23 2020-11-10 Ab Initio Technology Llc Dynamic execution of parameterized applications for the processing of keyed network data streams
US11947978B2 (en) 2017-02-23 2024-04-02 Ab Initio Technology Llc Dynamic execution of parameterized applications for the processing of keyed network data streams
US11775479B2 (en) 2018-05-24 2023-10-03 Luther Systems Us Incorporated System and method for efficient and secure private similarity detection for large private document repositories
GB2583993B (en) 2018-11-19 2023-08-02 Luther Systems Ltd Immutable ledger with efficient and secure data destruction, system and method
US11132386B2 (en) * 2019-02-15 2021-09-28 International Business Machines Corporation Fast linking of anonymized datasets
US11874827B2 (en) 2020-12-30 2024-01-16 Luther Systems Us Incorporated System and method for automatic, rapid, and auditable updates of digital contracts

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5809503A (en) * 1993-07-08 1998-09-15 Fujitsu Limited Locking mechanism for check in/check out model which maintains data consistency amongst transactions
US6014634A (en) * 1995-12-26 2000-01-11 Supermarkets Online, Inc. System and method for providing shopping aids and incentives to customers through a computer network
US6073138A (en) * 1998-06-11 2000-06-06 Boardwalk A.G. System, method, and computer program product for providing relational patterns between entities
US6078994A (en) * 1997-05-30 2000-06-20 Oracle Corporation System for maintaining a shared cache in a multi-threaded computer environment
US6112209A (en) * 1998-06-17 2000-08-29 Gusack; Mark David Associative database model for electronic-based informational assemblies
US6148342A (en) * 1998-01-27 2000-11-14 Ho; Andrew P. Secure database management system for confidential records using separately encrypted identifier and access request
US6321242B1 (en) * 1998-02-06 2001-11-20 Sun Microsystems, Inc. Re-linking technology for a moving web site
US6324541B1 (en) * 1998-06-11 2001-11-27 Boardwalk Ltd. System, method, and computer program product for providing relational patterns between entities
US6338067B1 (en) * 1998-09-01 2002-01-08 Sector Data, Llc. Product/service hierarchy database for market competition and investment analysis
US6393484B1 (en) * 1999-04-12 2002-05-21 International Business Machines Corp. System and method for controlled access to shared-medium public and semi-public internet protocol (IP) networks
US20020095298A1 (en) * 1999-04-19 2002-07-18 Frogmagic, Inc. Blind Gift Method and System
US6457007B1 (en) * 1993-08-05 2002-09-24 Hitachi, Ltd. Distributed database management system including logical database constituted by a group of physical databases

Family Cites Families (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6553178B2 (en) * 1992-02-07 2003-04-22 Max Abecassis Advertisement subsidized video-on-demand system
SE501128C2 (en) * 1993-11-30 1994-11-21 Anonymity Prot In Sweden Ab Device and method for storing data information
US6625581B1 (en) * 1994-04-22 2003-09-23 Ipf, Inc. Method of and system for enabling the access of consumer product related information and the purchase of consumer products at points of consumer presence on the world wide web (www) at which consumer product information request (cpir) enabling servlet tags are embedded within html-encoded documents
US5918214A (en) * 1996-10-25 1999-06-29 Ipf, Inc. System and method for finding product and service related information on the internet
US5682525A (en) * 1995-01-11 1997-10-28 Civix Corporation System and methods for remotely accessing a selected group of items of interest from a database
US5614927A (en) * 1995-01-13 1997-03-25 Bell Communications Research, Inc. Protecting confidential information in a database for enabling targeted advertising in a communications network
US20030040957A1 (en) * 1995-07-27 2003-02-27 Willam Y. Conwell Advertising employing watermarking
US5937158A (en) 1996-04-19 1999-08-10 Matsushita Electric Industrial Co., Ltd. System and method for connecting portable media with network and computer for use with the system
US5933811A (en) * 1996-08-20 1999-08-03 Paul D. Angles System and method for delivering customized advertisements within interactive communication systems
US7236969B1 (en) * 1999-07-08 2007-06-26 Nortel Networks Limited Associative search engine
GB9712459D0 (en) * 1997-06-14 1997-08-20 Int Computers Ltd Secure database system
US6345293B1 (en) * 1997-07-03 2002-02-05 Microsoft Corporation Personalized information for an end user transmitted over a computer network
US6122658A (en) * 1997-07-03 2000-09-19 Microsoft Corporation Custom localized information in a networked server for display to an end user
US6311185B1 (en) * 1997-10-30 2001-10-30 At&T Corp. Method and apparatus for modifying an information page transmitted in a communications network
US6212545B1 (en) * 1997-10-31 2001-04-03 Fujitsu Limited Distributed searching system and searching apparatus for use in the distributed searching system
US6330610B1 (en) * 1997-12-04 2001-12-11 Eric E. Docter Multi-stage data filtering system employing multiple filtering criteria
US6078892A (en) * 1998-04-09 2000-06-20 International Business Machines Corporation Method for customer lead selection and optimization
US6182050B1 (en) * 1998-05-28 2001-01-30 Acceleration Software International Corporation Advertisements distributed on-line using target criteria screening with method for maintaining end user privacy
US6928413B1 (en) * 1998-09-11 2005-08-09 L.V. Partners, L.P. Method of product promotion
US6253203B1 (en) * 1998-10-02 2001-06-26 Ncr Corporation Privacy-enhanced database
US6298348B1 (en) * 1998-12-03 2001-10-02 Expanse Networks, Inc. Consumer profiling system
US6216129B1 (en) * 1998-12-03 2001-04-10 Expanse Networks, Inc. Advertisement selection system supporting discretionary target market characteristics
WO2000049531A1 (en) * 1999-02-02 2000-08-24 Smithkline Beecham Corporation Apparatus and method for depersonalizing information
US6883000B1 (en) * 1999-02-12 2005-04-19 Robert L. Gropper Business card and contact management system
WO2000060435A2 (en) * 1999-04-07 2000-10-12 Rensselaer Polytechnic Institute System and method for accessing personal information
WO2000077642A1 (en) * 1999-06-12 2000-12-21 Tara Chand Singhal Method and apparatus for facilitating an anonymous information system and anonymous service transactions
IL130972A0 (en) * 1999-07-15 2001-01-28 Hotbar Com Israel Ltd Method for the dynamic improvement of internet browser appearance and connectivity
US6405212B1 (en) * 1999-09-27 2002-06-11 Oracle Corporation Database system event triggers
CA2389443A1 (en) * 1999-10-29 2001-05-17 Terry Knapp System for providing dynamic data informed consent to provide data privacy and security in database systems and in networked communications
US6513052B1 (en) * 1999-12-15 2003-01-28 Imation Corp. Targeted advertising over global computer networks
JP2001250040A (en) * 1999-12-28 2001-09-14 Net Protections Inc System and method for electronic commercial transaction
WO2001075647A2 (en) 2000-03-31 2001-10-11 Telefonaktiebolaget Lm Ericsson (Publ) Method for managing a web shopping database

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5809503A (en) * 1993-07-08 1998-09-15 Fujitsu Limited Locking mechanism for check in/check out model which maintains data consistency amongst transactions
US6457007B1 (en) * 1993-08-05 2002-09-24 Hitachi, Ltd. Distributed database management system including logical database constituted by a group of physical databases
US6014634A (en) * 1995-12-26 2000-01-11 Supermarkets Online, Inc. System and method for providing shopping aids and incentives to customers through a computer network
US6078994A (en) * 1997-05-30 2000-06-20 Oracle Corporation System for maintaining a shared cache in a multi-threaded computer environment
US6148342A (en) * 1998-01-27 2000-11-14 Ho; Andrew P. Secure database management system for confidential records using separately encrypted identifier and access request
US6321242B1 (en) * 1998-02-06 2001-11-20 Sun Microsystems, Inc. Re-linking technology for a moving web site
US6073138A (en) * 1998-06-11 2000-06-06 Boardwalk A.G. System, method, and computer program product for providing relational patterns between entities
US6324541B1 (en) * 1998-06-11 2001-11-27 Boardwalk Ltd. System, method, and computer program product for providing relational patterns between entities
US6112209A (en) * 1998-06-17 2000-08-29 Gusack; Mark David Associative database model for electronic-based informational assemblies
US6338067B1 (en) * 1998-09-01 2002-01-08 Sector Data, Llc. Product/service hierarchy database for market competition and investment analysis
US6393484B1 (en) * 1999-04-12 2002-05-21 International Business Machines Corp. System and method for controlled access to shared-medium public and semi-public internet protocol (IP) networks
US20020095298A1 (en) * 1999-04-19 2002-07-18 Frogmagic, Inc. Blind Gift Method and System

Cited By (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7051006B2 (en) * 2001-02-09 2006-05-23 International Business Machines Corporation System and method for maintaining customer privacy
US20020111920A1 (en) * 2001-02-09 2002-08-15 International Business Machines Corporation System and method for maintaining customer privacy
US20030225860A1 (en) * 2001-06-04 2003-12-04 Courtemanche Paul R. Life-event server
US7346665B2 (en) * 2001-06-04 2008-03-18 United States Postal Service System and method for multilevel government information accessing kiosk with uniform display
US20050280502A1 (en) * 2002-09-24 2005-12-22 Bell David A Image recognition
US7930555B2 (en) * 2002-09-24 2011-04-19 Koninklijke Philips Electronics N.V. Image recognition
KR101520109B1 (en) * 2007-03-15 2015-05-18 마이크로소프트 코포레이션 Private sheets in shared spreadsheets
US20080229184A1 (en) * 2007-03-15 2008-09-18 Microsoft Corporation Private sheets in shared spreadsheets
WO2008112442A1 (en) * 2007-03-15 2008-09-18 Microsoft Corporation Private sheets in shared spreadsheets
US20090112805A1 (en) * 2007-10-31 2009-04-30 Zachary Adam Garbow Method, system, and computer program product for implementing search query privacy
US20100262837A1 (en) * 2009-04-14 2010-10-14 Haluk Kulin Systems And Methods For Personal Digital Data Ownership And Vaulting
US9043358B2 (en) * 2011-03-09 2015-05-26 Microsoft Technology Licensing, Llc Enterprise search over private and public data
US20120233209A1 (en) * 2011-03-09 2012-09-13 Microsoft Corporation Enterprise search over private and public data
US20200234287A1 (en) * 2011-04-15 2020-07-23 Shift4 Corporation Method and system for utilizing authorization factor pools
US11538026B2 (en) 2011-04-15 2022-12-27 Shift4 Corporation Method and system for enabling merchants to share tokens
US8869286B1 (en) * 2012-05-22 2014-10-21 Symantec Corporation Systems and methods for analyzing client-side storage security for internet applications
US20140173747A1 (en) * 2012-12-13 2014-06-19 Apple Inc. Disabling access to applications and content in a privacy mode
US10713669B2 (en) 2013-03-15 2020-07-14 Commerce Signals, Inc. Methods and systems for signals management
US11222346B2 (en) 2013-03-15 2022-01-11 Commerce Signals, Inc. Method and systems for distributed signals for use with advertising
US10275785B2 (en) 2013-03-15 2019-04-30 Commerce Signals, Inc. Methods and systems for signal construction for distribution and monetization by signal sellers
US10489797B2 (en) * 2013-03-15 2019-11-26 Commerce Signals, Inc. Methods and systems for a virtual marketplace or exchange for distributed signals including data correlation engines
US11558191B2 (en) 2013-03-15 2023-01-17 Commerce Signals, Inc. Key pair platform and system to manage federated trust networks in distributed advertising
US20140278764A1 (en) * 2013-03-15 2014-09-18 Commerce Signals, Inc. Methods and systems for a virtual marketplace or exchange for distributed signals including data correlation engines
US9799042B2 (en) 2013-03-15 2017-10-24 Commerce Signals, Inc. Method and systems for distributed signals for use with advertising
US10771247B2 (en) 2013-03-15 2020-09-08 Commerce Signals, Inc. Key pair platform and system to manage federated trust networks in distributed advertising
US10769646B2 (en) 2013-03-15 2020-09-08 Commerce Signals, Inc. Method and systems for distributed signals for use with advertising
US10803512B2 (en) 2013-03-15 2020-10-13 Commerce Signals, Inc. Graphical user interface for object discovery and mapping in open systems
US10157390B2 (en) 2013-03-15 2018-12-18 Commerce Signals, Inc. Methods and systems for a virtual marketplace or exchange for distributed signals
US20150135327A1 (en) * 2013-11-08 2015-05-14 Symcor Inc. Method of obfuscating relationships between data in database tables
US10515231B2 (en) * 2013-11-08 2019-12-24 Symcor Inc. Method of obfuscating relationships between data in database tables
US11822610B2 (en) 2016-06-20 2023-11-21 International Business Machines Corporation System, method, and recording medium for data mining between private and public domains
US11899632B1 (en) * 2017-04-28 2024-02-13 Verato, Inc. System and method for secure linking and matching of data elements across independent data systems
US11907187B1 (en) * 2017-04-28 2024-02-20 Verato, Inc. Methods and systems for facilitating data stewardship tasks

Also Published As

Publication number Publication date
GB0108668D0 (en) 2001-05-30
US8996508B2 (en) 2015-03-31
US20030233357A1 (en) 2003-12-18
GB2366051B (en) 2005-01-05
GB2366051A (en) 2002-02-27

Similar Documents

Publication Publication Date Title
US8996508B2 (en) Sending advertisements to customers
US8630938B2 (en) Method and apparatus to detect fraudulent activities within a network-based auction facility
Cranor Web privacy with P3P
US6938021B2 (en) Methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information
Miyazaki et al. Internet privacy and security: An examination of online retailer disclosures
US7937486B2 (en) Information processing system, information providing apparatus, information providing method, information processing apparatus, information processing method, and program
US6112181A (en) Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information
US7483871B2 (en) Customized electronic newspapers and advertisements
US20040176995A1 (en) Method and apparatus for anonymous data profiling
US20040068477A1 (en) Method and system to publish the results of a search of descriptive profiles based on respective publication policies specified by owners of the descriptive profiles, and a profile service provider
US8856177B2 (en) Personal profile data repository
US20030167250A1 (en) Information delivery system
Head et al. Privacy protection in electronic commerce–a theoretical framework
Martin et al. An alternative to government regulation and censorship: Content advisory systems for the Internet
JPWO2001095186A1 (en) Information providing method, information providing system, and electronic bulletin board system
Leonard Self-Regulatory Principles for Online Behavioral Advertising
Sato Privacy on the internet: Investigation into corporate privacy policy of Australian large private sector organisations on the internet
Sonntag et al. Personalization of Web-based interfaces for humans and agents
HORMOZI EDPACS

Legal Events

Date Code Title Description
STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION