	US 12,190,330 B2
	Data processing systems for identity validation for consumer rights requests and related methods
Jonathan Blake Brannon, Smyrna, GA (US); Steven W. Finch, Kennesaw, GA (US); Prashanth Sharma, Atlanta, GA (US); Jeremy Turk, Atlanta, GA (US); Priya Malhotra, Atlanta, GA (US); Kevin Jones, Atlanta, GA (US); Himanshu Arora, Atlanta, GA (US); Mahashankar Sarangapani, Atlanta, GA (US); and Atul Gupta, Atlanta, GA (US)
Assigned to OneTrust, LLC, Atlanta, GA (US)
Filed by OneTrust, LLC, Atlanta, GA (US)
Filed on Mar. 31, 2022, as Appl. No. 17/710,653.
Application 17/710,653 is a continuation of application No. 17/383,889, filed on Jul. 23, 2021, granted, now 11,295,316.
Application 17/383,889 is a continuation in part of application No. 17/149,380, filed on Jan. 14, 2021, granted, now 11,074,367, issued on Jul. 27, 2021.
Application 17/149,380 is a continuation in part of application No. 16/410,336, filed on May 13, 2019, granted, now 10,997,315, issued on May 4, 2021.
Application 16/410,336 is a continuation in part of application No. 16/055,083, filed on Aug. 4, 2018, granted, now 10,289,870, issued on May 14, 2019.
Application 16/055,083 is a continuation in part of application No. 15/996,208, filed on Jun. 1, 2018, granted, now 10,181,051, issued on Jan. 15, 2019.
Application 15/996,208 is a continuation in part of application No. 15/853,674, filed on Dec. 22, 2017, granted, now 10,019,597, issued on Jul. 10, 2018.
Application 15/853,674 is a continuation in part of application No. 15/619,455, filed on Jun. 10, 2017, granted, now 9,851,966, issued on Dec. 26, 2017.
Application 15/619,455 is a continuation in part of application No. 15/254,901, filed on Sep. 1, 2016, granted, now 9,729,583, issued on Aug. 8, 2017.
Claims priority of provisional application 62/961,054, filed on Jan. 14, 2020.
Claims priority of provisional application 62/547,530, filed on Aug. 18, 2017.
Claims priority of provisional application 62/541,613, filed on Aug. 4, 2017.
Claims priority of provisional application 62/537,839, filed on Jul. 27, 2017.
Claims priority of provisional application 62/360,123, filed on Jul. 8, 2016.
Claims priority of provisional application 62/353,802, filed on Jun. 23, 2016.
Claims priority of provisional application 62/348,695, filed on Jun. 10, 2016.
Prior Publication US 2022/0222682 A1, Jul. 14, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 29/06 (2006.01); G06Q 30/018 (2023.01); G06Q 50/18 (2012.01); H04L 9/40 (2022.01)

CPC G06Q 30/018 (2013.01) [G06Q 50/184 (2013.01); H04L 63/107 (2013.01)]

20 Claims

1. A method comprising:

receiving, by computing hardware, a personal data request originating from a computing device that is not a data owner of personal data of a data subject and the personal data request is related to collecting, storing, or processing the personal data of the data subject, wherein the personal data request is for a particular entity that is the data owner of the personal data of the data subject to perform an action with regard to the personal data associated with the data subject;

detecting, by the computing hardware, a state of a browser application executing on the computing device indicating a location of the computing device;

determining, by the computing hardware and based on the location of the computing device, identity verification levels comprising a first type of identity verification and a second type of identity verification;

determining, by the computing hardware, that the first type of identity verification requires first user-provided input to verify an identity of the data subject that contains fewer identity verification steps than second user-provided input required by the second type of identity verification to verify the identity of the data subject;

transmitting, by the computing hardware, an instruction to the computing device to dynamically display a prompt for the first user-provided input to verify the identity of the data subject in connection with the personal data request originating from the computing device;

receiving, by the computing hardware, the first user-provided input via the prompt;

verifying, by the computing hardware, the identity of the data subject based on the first user-provided input by:

providing first information included in the personal data request to an external system;

receiving second information from the external system based on the first information; and

verifying the identity of the data subject based on the first user-provided input and the second information; and

responsive to verifying the identity of the data subject in connection with the personal data request originating from the computing device, causing, by the computing hardware, performance of the action with regard to the personal data associated with the data subject.