Systems and methods for periodically modifying data privacy elements are provided. The systems and methods may identify a set of data privacy elements. A data privacy element can characterizes a feature of a computing device and can be detectable by a network host. A first artificial profile can be generated by modifying a first data privacy element based on an artificial profile model that defines a relationship associated with one or more constraints between the set of data privacy elements. Subsequent to generating the first artificial profile, a second artificial profile can be generated by periodically modifying a second data privacy element in accordance with the relationship defined by the artificial profile model. The computer device can be masked from being identified by the network host by sending the second artificial profile including the second data privacy element to a requested network location.

A computer system is provided. The computer system includes a memory and a processor coupled to the memory. The processor is configured to receive a first message from an identity provider, the first message including an arbitrary identifier generated by the identity provider, the arbitrary identifier being incompatible with a dependent process that is reliant upon the identity provider; encode, in response to reception of the first message, the arbitrary identifier into an encoded identifier that is compatible with the dependent process; and transmit a second message including the encoded identifier to the dependent process.

A system for collecting and managing vehicle-generated data from multiple vehicles are provided. The vehicle-generated data is pseudonymized by pseudonymized identifiers, and the pseudonymized vehicle-generated data is collected and managed by a neutral data server operated by an operator who is independent of vehicle manufacturers. Vehicle manufacturers can reestablish the link of the pseudonymized event data with the vehicle that had generated the event data and the vehicle driver.

Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for allowing suitable digital components to be automatically selected and provided to a client device. Methods can include generating a universal identifier for a digital component that is presented in the application. The application updates a set of universal identifiers that has been created for digital components presented by the application over a specified time period. The application identifies digital components and the corresponding universal identifiers that are blocked and generates a probabilistic data structure representing the set of blocked universal identifiers. The application creates multiple shares of the probabilistic data structure and transmits different shares to different servers. The application receives a separate response generated by each of the different servers based on the multiple shares and identifies a digital component to present in the application based on a combination of the separate responses.

In one aspect, the present disclosure relates to a method including: receiving, by a client device, a request to access content stored on a remote server; determining, by the client device, that the requested content includes sensitive information based on a user profile associated with the client device; modifying, by the client device, the requested content in response to the determination that the content includes sensitive information; and providing, by client device, access to the modified content in place of the requested content that includes the sensitive information.

This server having an interface connected to a first computer comprises: a coordination unit that receives a processing request, determines whether a coordination request showing a process for a first blockchain to which the first computer belongs and a process for a second blockchain to which a second computer coordinated to the first computer belongs is included in the processing request, and, if the coordination request is included, determines whether redaction of the coordination request is necessary; and a redaction unit that carries out redaction of the coordination request for which redaction is necessary on the basis of the results of the determination, wherein the coordination unit transmits, to the first computer, a processing execution request that includes the coordination request on which redaction has been carried out by the redaction unit in accordance with the results of the determination.

A method comprises receiving an ad event data including data about a plurality of ad events, and including a user ID and an ad ID for each ad event in the ad event data set, where the ad event data set has been anonymized applying a one-way encryption key for each user ID in the ad event data set, and a two-way encryption key for the ad ID in the ad event data set. The attribution processor receives a customer data set including data about a plurality of customers, including a user ID and a customer value for each customer, where the customer data set has been anonymized using the one-way encryption key for each user ID in the data, and a private encryption key for the customer value. Without decrypting the received ad event data set and the received customer data set, the processor then matches ad events for each conversion by comparing the user IDs in the encrypted ad event data set to the user IDs in the encrypted customer data set to create a set of contributing ad events, assigns a share of the customer value to each relevant ad event, sums homomorphically the encrypted customer values for contributing events, and determines a recommendation for serving advertisements.

A system and method for on-demand data cleansing is disclosed. The system includes a processor and a volatile memory including a data object having a plurality of data fields, each field having a tag and a value. The system also includes a cleansing module stored in the volatile memory and executed by the processor. The cleansing module includes a library having a plurality of tag-operation pairs. The cleansing module is configured to receive a pointer locating the data object within volatile memory, and further configured to, for each data field, look up the tag of the data field among the library tags, and execute the operation paired with the matching library tag on the value of the field, modifying the value of the data field while it is stored in volatile memory. The cleansing module is configured to execute the operation in near real-time, and at runtime.

A process of requesting and providing an anonymization service for sharing images or videos capturing identity of persons. An anonymization server receives a request including information corresponding to an identifier identifying the image or the video, a region within the image or video in which an identity of a person is captured, an encryption key used to encrypt the region of the image or the video, and contact information of the person. When the anonymization server receives a request from the second agency to share an encryption key for decrypting the region, the server transmits a request to the person to provide a permission to deanonymize the identity of the person captured in the image or video. The anonymization server transmits a response including the encryption key to the second agency when a response indicating a permission is received from the person.

The computer system includes a control computer system, a provisioning computer system and at least one user computer system. The control computer system includes control software. The user computer system includes a data store in which personal data is stored and an anonymization software. The anonymization software is configured for receiving at least one anonymization protocol; for each of said at least one anonymization protocol selecting and anonymizing a subset of the personal data in accordance with said anonymizing protocol; and transferring the anonymized subset and an identifier of the anonymization protocol to the control software. The control software is configured for receiving the at least one anonymized subset and the at least one identifier from said anonymizing software; and providing the subset and the identifier to the analysis software for performing those analysis functions to which the anonymization protocol identified by the identifier is associated, on the subset.