FORM 2
THE PATENTS ACT, 1970 (39 of 1970) & THE PATENTS RULES, 2003
COMPLETE SPECIFICATION (See sec t io n 10, ru le 13) 1. Title of the invention: METHODS AND SYSTEMS FOR PRIVACY MANAGEMENT
BETWEEN DIGITAL DEVICES
2. Applicant(s)
NAME NATIONALITY ADDRESS
TATA CONSULTANCY Indian Nirmal Building, 9th Floor,
SERVICES LI MITED Nariman Point, Mumbai-400021,
Maharashtra, India
3. Preamble to the description
COMPLETE SPECIFICATION
The following specification particularly describes the invention and the manner in which it
is to be performed.

TECHNICAL FIELD
[0001] The embodiments herein generally relate to privacy in digital devices and more particularly to methods and systems for privacy management between digital devices.
BACKGROUND
[0002] Mobile devices typically comprise a lot of personal information stored in it. The personal information may be the users’ or his contacts’ personal information saved on the mobile devices, for example name, phone number, email address, home address, bank account number, personal photographs, photographs of important documents or cards etc. This personal information may be of confidential nature and due to advancement in digital communication such personal information may be shared without any authorization from the person to whom the personal information belongs. Due to this there arises the problem of person to person privacy breach. The problem of person to person privacy breach is ever growing since dissemination of personal information has been facilitated by ubiquitous internet and instant messaging applications, social network applications, email, Short Messaging Service (SMS) etc. Thus it is very easy for people to share the personal information of other people using these dissemination mediums. A privacy breach occurs when the personal information of a person is shared without their consent, however severity of the privacy breach may differ depending upon who is the recipient of the personal information. For example, the recipient to whom the personal information is being shared is known to the person to whom the personal information belongs, in such a case, the severity of the privacy breach would be low. It is a challenge to prevent unauthorized dissemination of personal information and also to categorize the severity of the breach of the privacy especially in the wake of advanced digital communication tools.
SUMMARY
[0003] This summary is provided to introduce concepts related to privacy in digital devices and more particularly to methods and systems for privacy management between digital devices. This summary is neither intended to identify essential features

of the claimed subject matter nor is it intended for use in determining or limiting the scope of the present disclosure.
[0004] In an aspect there is provided a method for privacy management between digital devices, the method comprising: registering details corresponding to a plurality of users of digital devices; generating a plurality of acquaintance graphs based on contact lists of the registered plurality of users, wherein at least one of the plurality of acquaintance graphs is a merged acquaintance graph having common contacts; categorizing severity of privacy breach based on the generated plurality of acquaintance graphs; obtaining privacy preferences based on personal information from the registered plurality of users, the personal information being tagged to a unique identifier associated with the associated digital device; screening communication being transmitted between the digital devices for identifying the personal information in the communication based on a pre-defined pattern of personal information; and permitting communication between the digital devices based on the obtained privacy preferences associated with the identified personal information in the communication.
[0005] In an embodiment, the step of generating a plurality of acquaintance graphs is preceded by accessing the contact lists of the registered plurality of users.
[0006] In an embodiment, the step of accessing the contact lists of the registered plurality of users is followed by hashing of contact details in the contact lists.
[0007] In an embodiment, the step of obtaining privacy preferences further comprises obtaining pre-determined modes of intimating the registered plurality of users in case of breach of each of the obtained privacy preferences.
[0008] In an embodiment, the pre-determined modes are (i) real-time consent mode (ii) immediate For Your Information (FYI) mode and (iii) lazy For Your Information (FYI) mode.
[0009] In an embodiment, the step of obtaining privacy preferences further comprises hashing the personal information and transmitting the hashed personal information along with registered details, type of personal information and predetermined intimation modes.
[0010] In an embodiment, the step of obtaining privacy preferences further comprises of segregating the hashed personal information, registered details, type of personal information and the pre-determined intimation modes.
[0011] In an embodiment, the segregated hashed personal information is further key hashed.

[0012] In an embodiment, the step of screening communication comprises screening at least one of audio, video, image and textual communication.
[0013] In an embodiment, the step of permitting communication further comprises transmitting one or more of (i) the registered details of the sender and the recipient from the plurality of registered users, (ii) the hashed personal information associated with the communication, (iii) the type of personal information and (iv) timestamp of the communication
[0014] In an embodiment, the method described herein above further comprises the step of updating at least one server system with one or more of registered details, plurality of acquaintance graphs, the hashed personal information, the type of personal information and the pre-determined intimation modes.
[0015] In an embodiment, permitting communication is preceded by further seeking consent from a registered user for permitting the communication based on the pre-determined intimation modes.
[0016] In an embodiment, the step of categorizing severity of privacy breach based on the plurality of acquaintance graphs further comprises intimating the severity of a breach associated with the communication.
[0017] In an aspect there is provided a system for privacy management between digital devices, the system comprising: one or more processors; a communication interface device; one or more internal data storage devices operatively coupled to the one or more processors for storing: a registration module configured to register details corresponding to a plurality of users of digital devices and generate a plurality of acquaintance graphs based on contact lists of the registered plurality of users, wherein at least one of the plurality of acquaintance graphs is a merged acquaintance graph having common contacts; a severity categorizer module configured to categorize severity of privacy breach based on the generated plurality of acquaintance graphs; a selector and collector module configured to obtain privacy preferences based on personal information obtained from the registered plurality of users, selector and collector module further configured to tag the personal information to a unique identifier associated with the associated digital device; a communication analyzer and personal information extractor configured to screen communication being transmitted between the digital devices for identifying the personal information based on a pre-defined pattern of personal information; the communication analyzer and personal information extractor further permits communication between the digital

devices based on the obtained privacy preferences associated with the identified personal information and a communication module configured to establish a connection between the digital devices based on the obtained privacy preferences associated with the identified personal information.
[0018] In an embodiment, the system comprises at least one client system and at least one server system.
[0019] In an embodiment, the selector and collector module is comprised in the at least one client system and is further configured to obtain pre-determined modes of intimating the registered plurality of users in case of breach of each of the obtained privacy preferences, the pre-determined modes being one of (i) real-time consent mode (ii) immediate For Your Information (FYI) mode and (iii) lazy For Your Information (FYI) mode.
[0020] In an embodiment, the communication analyzer and personal information extractor is comprised in the at least one client system and is further configured to screen at least one of audio, video, images and textual outgoing communication constituting the communication being transmitted between the digital devices.
[0021] In an embodiment, the at least one client system comprises a hashing engine configured to hash (i) contact details in the contact lists (ii) the obtained personal information and (iii) the personal information associated with the communication; the hashing engine is further configured to transmit hashed personal information along with registered details, type of personal information and pre-determined intimation modes.
[0022] In an embodiment, the one or more internal storage devices of the at least one server system is configured to receive from the at least one client system via the communication module and store one or more of the registered details, the hashed personal information, the plurality of acquaintance graphs, the type of personal information and the obtained privacy preferences.
[0023] In an embodiment, the communication module is comprised in at least one client system and in at least one server system and is further configured to transmit one or more of (i) the registered details of the sender and the recipient from the plurality of registered users, (ii) the hashed personal information (iii) type of personal information (iv) timestamp of the communication, and (v) generated plurality of acquaintance graphs.
[0024] In an embodiment, the client system is configured to update at least

one server system with one or more of the registered details, the generated plurality of acquaintance graphs, the hashed personal information, the type of personal information, the pre-determined intimation modes, the timestamp of the communication.
[0025] In an embodiment, an information segregation module is comprised in the at least one server system and is configured to segregate the hashed personal information, registered details, timestamp of the communication, type of personal information and the pre-determined intimation modes.
[0026] In an embodiment, a key hash engine is comprised in the at least one server system and is further configured to key hash the hashed personal information.
[0027] In an embodiment, the information segregation module is updated with the key hashed personal information.
[0028] In an embodiment, a consent seeker module is comprised in the at least one server system and is further configured to seek consent from a consent responder module comprised in the at least one client system, the consent responder module being configured to give consent to the communication being transmitted.
[0029] In yet another aspect, there is provided a computer program product for processing data, comprising a non-transitory computer readable medium having program instructions embodied therein for registering details corresponding to a plurality of users of digital devices; generating a plurality of acquaintance graphs based on contact lists of the registered plurality of users, wherein at least one of the plurality of acquaintance graphs is a merged acquaintance graph having common contacts; categorizing severity of privacy breach based on the generated plurality of acquaintance graphs; obtaining privacy preferences based on personal information from the registered plurality of users, the personal information being tagged to a unique identifier associated with the associated digital device; screening communication being transmitted between the digital devices for identifying the personal information in the communication based on a pre-defined pattern of personal information; and permitting communication between the digital devices based on the obtained privacy preferences associated with the identified personal information in the communication.
BRIEF DESCRIPTION OF THE DRAWINGS [0030] The embodiments herein will be better understood from the following detailed description with reference to the drawings, in which:

[0031] FIG. 1 illustrates an exemplary schematic diagram of a client-server network architecture in a distributed enterprise network, in accordance with one or more embodiments of the present disclosure;
[0032] FIG. 2 illustrates an exemplary block diagram of a client-server system with functional modules in accordance with an embodiment of the present disclosure; and
[0033] FIG. 3 is an exemplary flow diagram illustrating a method for privacy management between digital devices using the system of FIG. 2 in accordance with an embodiment of the present disclosure.
[0034] It should be appreciated by those skilled in the art that any block diagram herein represent conceptual views of illustrative systems embodying the principles of the present subject matter. Similarly, it will be appreciated that any flow charts, flow diagrams, state transition diagrams, pseudo code, and the like represent various processes which may be substantially represented in computer readable medium and so executed by a computing device or processor, whether or not such computing device or processor is explicitly shown.
DETAILED DESCRIPTION
[0035] The embodiments herein and the various features and advantageous details thereof are explained more fully with reference to the non-limiting embodiments that are illustrated in the accompanying drawings and detailed in the following description. The examples used herein are intended merely to facilitate an understanding of ways in which the embodiments herein may be practiced and to further enable those of skill in the art to practice the embodiments herein. Accordingly, the examples should not be construed as limiting the scope of the embodiments herein.
[0036] The words "comprising," "having," "containing," and "including," and other forms thereof, are intended to be equivalent in meaning and be open ended in that an item or items following any one of these words is not meant to be an exhaustive listing of such item or items, or meant to be limited to only the listed item or items.
[0037] It must also be noted that as used herein and in the appended claims, the singular forms "a," "an," and "the" include plural references unless the context clearly dictates otherwise. Although any systems and methods similar or equivalent to

those described herein can be used in the practice or testing of embodiments of the present disclosure, the preferred, systems and methods are now described.
[0038] Some embodiments of this disclosure, illustrating all its features, will now be discussed in detail. The disclosed embodiments are merely exemplary of the disclosure, which may be embodied in various forms.
[0039] Before setting forth the detailed explanation, it is noted that all of the discussion below, regardless of the particular implementation being described, is exemplary in nature, rather than limiting.
[0040] Referring now to the drawings, and more particularly to FIGS. 1 through 3, where similar reference characters denote corresponding features consistently throughout the figures, there are shown preferred embodiments and these embodiments are described in the context of the following exemplary system and method.
[0041] Methods and systems for privacy management in digital devices, in accordance with the present disclosure, ensure that there is no unauthorized dissemination of personal information from one digital device user to another.
[0042] In the context of the present disclosure, the expression ‘digital devices’ refers to any device capable of communicating information to other such devices. For example any mobile device, a smartphone, a Personal Digital Assistant, a computer or any other device of such nature. Further, the expression ‘personal information’ refers to any personal information for example mobile number, bank account number, residence address, election identity card number or any other personal details.
[0043] FIG. 1 illustrates an exemplary schematic diagram of client-server network architecture 100 in a distributed enterprise network, in accordance with an embodiment of the present disclosure and FIG. 2 illustrates an exemplary block diagram of a client-server system 200 with functional modules in accordance with an embodiment of the present disclosure. In an embodiment, system 200 can reside on one or more computers and include one or more processors (not shown), communication interface device or input/output (I/O) interface (not shown), and memory or one or more internal data storage devices (not shown) operatively coupled to the one or more processors. The one or more internal data storage devices may be interchangeably referred to as memory or database (client database / server database) in the context of the present disclosure. The one or more processors can be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central

processing units, state machines, logic circuitries, and/or any devices that manipulate signals based on operational instructions. Among other capabilities, the processor(s) is configured to fetch and execute computer-readable instructions stored in the memory.
[0044] In an embodiment, system 200 can be implemented involving a variety of computing systems, such as a laptop computer, a desktop computer, a notebook, a workstation, a mainframe computer, a server, a network server, cloud, hand-held device and the like. Computing systems constituting client 120 are in communication with computing systems constituting server 130 via any type of network 110. The I/O interface can include a variety of software and hardware interfaces, for example, a web interface, a graphical user interface, and the like and can facilitate multiple communications within a wide variety of networks 110 and protocol types, including wired networks, for example, LAN, cable, etc., and wireless networks, such as WLAN, cellular, or satellite. In an embodiment, the I/O interface can include one or more ports for connecting a number of devices to one another or to another server. The memory may include any computer-readable medium known in the art including, for example, volatile memory, such as static random access memory (SRAM) and dynamic random access memory (DRAM), and/or non-volatile memory, such as read only memory (ROM), erasable programmable ROM, flash memories, hard disks, optical disks, and magnetic tapes. In an embodiment, the memory can include local memory employed during actual execution of program code, bulk storage, and cache memories which provide temporary storage of at least some program code in order to reduce the number of times code must be retrieved from bulk storage during execution. In an embodiment, the various modules of system 200 can be stored in the memory.
[0045] In accordance with an embodiment, client 120 is an application on a digital device that provides privacy management between digital devices. Although system 200 of FIG. 2 represents a single client 120 and a single server 130, it may be understood by a person skilled in the art, as illustrated in FIG. 1, that there may be one or more clients 120 and servers 130 in a distributed enterprise network under consideration in the present disclosure.
[0046] Systems and methods of the present disclosure will now be explained with reference to FIG.2 and FIG. 3 wherein FIG 3 is a flow chart illustrating process flow involved in accordance with the method of the present disclosure. In an embodiment, the client-server system 200 includes client 120 in communication with server 130 via network 110. In an embodiment, client 120 can work independently with

limited capabilities without taking advantage of the distributed nature of data in an enterprise.
[0047] At step 302, registration module 210 registers details corresponding to a plurality of users of digital devices. The registration details can include name, email address, mobile number and the like of the user. At step 304, registration module 210 generates a plurality of acquaintance graphs based on contact lists of the registered plurality of users, wherein at least one of the plurality of acquaintance graphs is a merged acquaintance graph having common contacts. The contact lists of the registered plurality of users is accessed for generating acquaintance graphs at client 120. Th e acquaintance graphs are generated based on the contact list in the digital device of a user. Mathematically the generation of the acquaintance graph can be exemplified as: Let G = (V, E) be a directed graph. The set V = (P1, Pn) is a set of users (represented by the mobile numbers of the users). The elements of the set V represent the vertices or nodes of the directed graph. The set E is the ordered pair of vertices called arcs or directed edges which represent the acquaintance between the two users. An arc e = (Pi, Pj) is a directed edge from Pi to Pj thus showing that Pi is acquainted or knows the user Pj. The user Pi is said to be acquainted with the user Pj if the mobile number of Pj exists in the contact list of mobile device of Pi. In an embodiment, the acquaintance graph is a weighted directed graph. Each edge of the acquaintance graph is assigned a weighted vector based on factors like recency of interaction, length of the interaction, frequency of interaction. These factors are computed and assigned a value by analyzing the digital device communication logs. For instance most recent interaction, greater length of interaction, more frequency of interaction are assigned a higher weight. Each weight can be assigned on a scale of 1-10. The acquaintance graph on each digital device is reconstructed periodically and sent to the server 130 where it is merged with a consolidated acquaintance graph. The contacts accessed in the contact list for generating the acquaintance graphs are further hashed by a hashing engine 212.
[0048] At step 306, the severity categorizer 214, categorizes severity of privacy breach based on the plurality of acquaintance graphs. In an embodiment the severity categorizer 214 categorizes the severity of privacy breach based on the merged acquaintance graph at the server 130. In another embodiment, a merged acquaintance graph may be an isolated acquaintance graph as a user’s contact may not be present in the digital device of any other user. In an embodiment, while categorizing the privacy breach severity, the weighted vector for each edge is computed into a scalar quantity by

employing different functions such as the weighted sum, product etc. Based on this score the severity levels are further subdivided into different sub levels. For example let there be a first user to whom the personal information belongs and another second user receiving the same personal information from another third user who holds this personal information belonging to the first user in their digital devices, the severity levels can be categorized into four levels. Severity One [Lowest]: A privacy breach is categorized as severity one breach when the first user to whom the personal information belongs knows the second user who is receiving the personal information, that is a directed graph exists between the first user and the second user from both sides. Severity Two: A privacy breach is categorized as severity two breach when the first user to whom the personal information belongs knows the second user receiving the personal information but the vice versa is not true. Severity Three: A privacy breach is categorized as severity three breach when the first user to whom the personal information belongs do not know each the second user receiving the personal information but there exists a path in the directed graph between the first user and the second user via some other users. Severity Four [Highest] : A privacy breach is categorized as severity four breach when the first user do not know the second user and there exists no path in the directed graph between the first user and the second user even via some other users.
[0049] At step 308, the selector and collector module 216 obtains privacy preferences based on personal information obtained from the registered plurality of users, the selector and collector module 216 further tags the personal information to a unique identifier associated with the associated digital device. The unique identifier can be retrieved from the registration details of the user. For example the unique identifier can be a mobile number associated with the user. The step of obtaining privacy preferences further comprises obtaining pre-determined modes of intimating the registered plurality of users in case of breach of each of the obtained privacy preferences. The pre-determined modes are (i) real-time consent mode (ii) immediate For Your Information (FYI) mode and (iii) lazy For Your Information (FYI) mode. In case a sensitive personal information is being communicated by a registered user sender to a registered user recipient the user whose personal information is being communicated may like to be intimated with a real time consent option and receive a real time consent notification. In some cases immediate For Your Information (FYI) may be opted for. In certain cases a lazy FYI may be opted wherein a delayed and a consolidated For Your Information (FYI) intimation listing all the instances where the

user’s personal information has been communicated.
[0050] The personal information can be in the form of audio, images, video or textual form. In an embodiment, where the personal information is of the nature of images, the selector and collector module 216 module applies face recognition algorithms to detect a face present in the image. It computes a feature vector which captures the different attributes of the face in it. In case the image provided by the user is faulty that is it doesn’t contain any face or is not readable, it is not accepted by the selector and collector module 216. In another embodiment, where the personal information is of the nature of audio, the audio is first converted into text and then further analysis is done. In an embodiment, where the personal information is of the nature of video, it is analysed as a sequence of image frames. Each of these frames are considered as a separate image and analysed as is done for the images. The personal information is hashed and the hashed personal information is transmitted securely along with registered details and pre-determined intimation modes via a communication module (not shown) at the client 120 to a communication module (not shown) at the server 130. The communication module is configured to establish a connection between the digital devices based on the obtained privacy preferences associated with the identified personal information. The personal information that are of the nature of feature vectors are not hashed. An information segregation module 218 receives the personal information, registered details, type of personal information and predetermined modes from the communication module at the server 130 and segregates the hashed personal information, registered details, type of personal information and the pre-determined intimation modes. The hashed personal information is further key hashed by a key hash engine 220. The information segregation module 218 stores the unique identifier, key hashed personal information and type of personal information in the server database. Type of personal information can be denoted by the nature of the personal information for example phone number, residence address, bank account number etc. In case the personal information is an image, the feature vector is stored, whereas in case the personal information is an image but not a picture of a person, the image of the number or text is converted to a textual form for further processing.
[0051] At step 310, the communication analyzer and personal information (PI) extractor 222, screens communication being transmitted between the digital devices for identifying the personal information based on a pre-defined pattern of personal information. The step of screening communication comprises screening at least one of

audio, video, image and textual communication. At step 312, the communication analyzer and PI extractor 222 permits communication between the digital devices based on the obtained privacy preferences associated with the identified personal information comprises.
[0052] In case the communication is an audio, in an embodiment, the audio is first converted into text and then further analysis is done. In case the communication is of a textual nature, in an embodiment, based on pre-defined patterns, the communication is put on hold and the text or personal information is extracted. The text or personal information associated with the communication is further hashed by the hashing engine 212. The step of permitting communication 312, comprises transmitting a consolidated information including registered details of the sender and the recipient from the plurality of registered users, the hashed text or personal information associated with the communication, a type of personal information and timestamp of the communication via a communication module of the client to the communication module of the server. In an embodiment the registered details can be the unique identifier of the user. The consolidated information is received by the information segregation module 218 and the hashed personal information is segregated to be sent further for key hashing by the key hash engine 220. The key hashed personal information is received by the information segregation module 218. The consolidated information now comprises registered details or the unique identifier of the sender and the recipient from the plurality of registered users, a type of personal information, the key hashed text or personal information associated with the communication, and timestamp of the communication. The consolidated information is sent to a search engine 224 and the search engine 224 forms a query with the key hashed personal information to search the server database to identify a record having maximum similarity.
[0053] In an embodiment, where the communication is of the nature of a video, it is analyzed as a sequence of image frames. Each of these frames are considered as a separate image and further analysis is done. In case the communication is an image that contains textual data, the communication analyzer and personal information extractor analyses the image and extracts the textual data which is then screened based on pre-defined pattern as mentioned above. In case the communication image is a picture of one or more persons the image is intercepted by the communication analyzer and the PI extractor since it is form of data like any other data. It processes the image, employs the face recognition algorithm to compute feature vector for each of the faces

in the image. The feature vectors, registration details of the sender and the receiver and timestamp of the communication and nature or type of personal information are sent to the communication module in the client. The client communication module sends the data securely to the server communication module. The server communication module on receiving the data sends it to the information segregation module 218. On identifying the personal information being communicated is of the image type, it sends the data to the search engine 224. For the images the search engine 224 forms a query and searches the server database to identify the record having feature vector with maximum similarity.
[0054] The server database returns a response for each query along with the intimation mode for each query found in the server database to the search engine 224. In an embodiment, the response comprises registration details of the user to whom the personal information belongs. In case the intimation mode was found to be real-time consent the search engine 224 communicates these responses to a consent seeker module 226. Consent seeker module 226 communicates with a consent responder module 228 asking the user for consent for his/her PI being shared by the sender name and unique identifier, receiver name and unique identifier, type of personal information and timestamp of the communication. In an embodiment, the user responds back with a decision to allow the sharing of his/her PI by the sender with the recipient. The consent seeker module 226 communicates the response of the user to whom the personal information belongs to the search engine 224. When a match is found between the queries and the record of the server database a breach is hence confirmed, and the search engine 224 performs an insert operation on the server database and appends the consent decision either YES or NO to the consolidated information. In an embodiment, the communication analyser and PI extractor operates in the privacy layer 230 of an operating system of the digital devices of the registered users. If an intimation mode associated with a PI is “real-time consent” the consent seeker module communicates the response of the user to whom the personal information belongs securely to the privacy layer 230 in the sender’s digital device. If the user provides consent (YES) the communication that was put on hold by the communication analyzer 216 and PI extractor 218 is delivered to the recipient or else the communication from the sender’s digital device is declined.
[0055] In an embodiment, where the intimation mode associated with a PI is “immediate FYI” the consent seeker module 226 delivers a FYI notice to the user to

whom the personal information belongs. Thereafter the module communicates with the communication analyzer and PI extractor 222 in the client 120 of the sender’s digital device thus permitting the communication (which was put on hold) from the sender’s digital device to the recipient’s digital device.
[0056] In an embodiment, where the intimation mode associated with a PI is lazy FYI the consent seeker module 226 communicates with the communication analyzer and PI extractor 222 in the sender’s digital device to allow the communication (which was put on hold) from the sender’s digital device to the recipient’s digital device. By default a lazy FYI is sent to all the registered users to whom the personal information belongs by a privacy report generator 232. In an embodiment, the privacy report generator 232 queries the server database at regular intervals as well as on demand to generate the breach alert report for each user. In an embodiment, the breach alert report is delivered to the users via the registered Email ID. In an embodiment, the digital devices being used have an underlying Android Operating System. The Android Operating System relies on heavy use of message passing between user applications and user space based system servers that serve, in turn, as a bridge to a min imalist kernel. In order to intercept the communication being transmitted between Android based devices, the present method intercepts the communication at a kernel level. The information which the client 120 is trying to exchange with other clients is screened for the presence of personal information. In an embodiment, the client 120 comprises the application layer 234 and privacy layer 230, wherein the registration module 210, selector and collector 214, consent responder 228, hashing engine 216 are implemented in the application layer 232 while the information segregation module 218, key hash engine 220, search engine 224, consent seeker 226, severity categorizer 212 and privacy report generator 232 are implemented on the server 130.
[0057] Th e wr itten description describes the subject matter herein to enable any person skilled in the art to make and use the embodiments of the instant disclosure. The scope of the subject matter embodiments defined here may include other modifications that occur to those skilled in the art. Such other modifications are intended to be within the scope if they have similar elements that do not differ from the literal language of the claims or if they include equivalent elements with insubstantial differences from the literal language.
[0058] It is to be understood that the scope of the protection is extended to such a program and in addition to a computer-readable means having a message therein;

such computer-readable storage means contain program-code means for implementation of one or more steps of the method, when the program runs on a server or mobile device or any suitable programmable device. The hardware device can be any kind of device which can be programmed including e.g. any kind of computer like a server or a personal computer, or the like, or any combination thereof. The device may also include means which could be e.g. hardware means like e.g. an application-specific integrated circuit (ASIC), a field-programmable gate array (FPGA), or a combination of hardware and software means, e.g. an ASIC and an FPGA, or at least one microprocessor and at least one memory with software modules located therein. Thus, the means can include both hardware means and software means. The method embodiments described herein could be implemented in hardware and software. The device may also include software means. Alternatively, systems and methods of the present disclosure may be implemented on different hardware devices, e.g. using a plurality of CPUs.
[0059] The embodiments herein can comprise hardware and software elements. The embodiments that are implemented in software include but are not limited to, firmware, resident software, microcode, etc. The functions performed by various modules comprising the system of the present disclosure and described herein may be implemented in other modules or combinations of other modules. For the purposes of this description, a computer-usable or computer readable medium can be any apparatus that can comprise, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. The various modules described herein may be implemented as either software and/or hardware modules and may be stored in any type of non-transitory computer readable medium or other storage device. Some non-limiting examples of non-transitory computer-readable media include CDs, DVDs, BLU-RAY, flash memory, and hard disk drives.
[0060] Further, although process steps, method steps, techniques or the like may be described in a sequential order, such processes, methods and techniques may be configured to work in alternate orders. In other words, any sequence or order of steps that may be described does not necessarily indicate a requirement that the steps be performed in that order. The steps of processes described herein may be performed in any order practical. Further, some steps may be performed simultaneously.
[0061] The preceding description has been presented with reference to various embodiments. Persons having ordinary skill in the art and technology to which this

application pertains will appreciate that alterations and changes in the described structures and methods of operation can be practiced without meaningfully departing from the principle, spirit and scope.

I/We Claim:
1. A method comprising:
registering details corresponding to a plurality of users of digital devices;
generating a plurality of acquaintance graphs based on contact lists of the registered plurality of users, wherein at least one of the plurality of acquaintance graphs is a merged acquaintance graph having common contacts;
categorizing severity of privacy breach based on the generated plurality of acquaintance graphs;
obtaining privacy preferences based on personal information from the registered plurality of users, the personal information being tagged to a unique identifier associated with a digital device;
screening communication being transmitted between the digital devices for identifying the personal information in the communication based on a pre-defined pattern of personal information; and
permitting communication between the digital devices based on the obtained privacy preferences associated with the identified personal information in the communication.
2. The method of claim 1, wherein the step of generating a plurality of acquaintance graphs is preceded by accessing the contact lists of the registered plurality of users.
3. The method of claim 2, wherein accessing the contact lists of the registered plurality of users is followed by hashing of contact details in the contact lists.
4. The method of claim 1, wherein the step of obtaining privacy preferences further comprises obtaining pre-determined modes of intimating the registered plurality of users in case of breach of each of the obtained privacy preferences.
5. The method of claim 4, wherein the pre-determined modes are (i) real-time consent mode (ii) immediate For Your Information (FYI) mode and (iii) lazy For Your Information (FYI) mode.

6. The method of claim 4, wherein the step of obtaining privacy preferences further comprises hashing the personal information and transmitting the hashed personal information along with registered details, type of personal information and predetermined intimation modes.
7. The method of claim 6, wherein the step of obtaining privacy preferences further comprises of segregating the hashed personal information, registered details, type of personal information and the pre-determined intimation modes.
8. The method of claim 7, wherein the segregated hashed personal information is further key hashed.
9. The method of claim 1, wherein the step of screening communication comprises screening at least one of audio, video, image and textual communication.
10. The method of claim 1, wherein the step of permitting communication further comprises transmitting one or more of (i) the registered details of the sender and the recipient from the plurality of registered users, (ii) the hashed personal information associated with the communication, (iii) the type of personal information and (iv) timestamp of the communication.
11. The method of claim 1, further comprising the step of updating at least one server system with one or more of registered details, plurality of acquaintance graphs, the hashed personal information, the pre-determined intimation modes, type of personal information.
12. The method of claim 1, wherein permitting communication is preceded by further seeking consent from a registered user for permitting the communication based on the pre-determined intimation modes.
13. The method of claim 1, wherein the step of categorizing severity of privacy breach based on the plurality of acquaintance graphs further comprises intimating the severity of a breach associated with the communication.

14. A system comprising:
one or more processors; a communication interface device;
one or more internal data storage devices operatively coupled to the one or more processors for storing:
a registration module configured to register details corresponding to a plurality of users of digital devices and generate a plurality of acquaintance graphs based on contact lists of the registered plurality of users, wherein at least one of the plurality of acquaintance graphs is a merged acquaintance graph having common contacts;
a severity categorizer module configured to categorize severity of privacy breach based on the generated plurality of acquaintance graphs;
a selector and collector module configured to obtain privacy preferences based on personal information obtained from the registered plurality of users, selector and collector module further configured to tag the personal information to a unique identifier associated with the associated digita l device;
a communication analyzer and personal information extractor configured to screen communication being transmitted between the digital devices for identifying the personal information based on a pre-defined pattern of personal information; the communication analyzer and personal information extractor further permits communication between the digital devices based on the obtained privacy preferences associated with the identified personal information and
a communication module configured to establish a connection between the digital devices based on the obtained privacy preferences associated with the identified personal information.
15. The system of claim 14, wherein the system comprises at least one client system and at least one server system.
16. The system of claim 15, wherein the selector and collector module is comprised in the at least one client system and is further configured to obtain pre-determined

modes of intimating the registered plurality of users in case of breach of each of the obtained privacy preferences, the pre-determined modes being one of (i) real-time consent mode (ii) immediate For Your Information (FYI) mode and (iii) lazy For Your Information (FYI) mode.
17. The system of claim 15, wherein the communication analyzer and personal information extractor is comprised in the at least one client system and is further configured to screen at least one of audio, video, images and textual outgoing communication constituting the communication being transmitted between the digita l devices.
18. The system of claim 15, wherein the at least one client system comprises a hashing engine configured to hash (i) contact details in the contact lists (ii) the obtained personal information and (iii) the personal information associated with the communication; the hashing engine is further configured to transmit the hashed personal information along with registered details, type of personal information and pre-determined intimation modes.
19. The system of claim 15, wherein the one or more internal storage devices of the at least one server system is configured to receive from the at least one client system via the communication module and store one or more of the registered details, the hashed personal information, the type of personal information, the plurality of acquaintance, graphs and the obtained privacy preferences.
20. The system of claim 15, wherein the communication module is comprised in at least one client system and in at least one server system and is further configured to transmit one or more of (i) the registered details of the sender and the recipient from the plurality of registered users, (ii) the hashed personal information, (iii) the type of personal information, (iv) timestamp of the communication, and (v) generated plurality of acquaintance graphs.
21. The system of claim 15, wherein the client system is configured to update at least one server system with one or more of the registered details, the generated plurality of acquaintance graphs, the hashed personal information, the type of personal

information, the pre-determined intimation modes, the timestamp of the communication.
22. The system of claim 15, wherein an information segregation module is comprised in the at least one server system and is configured to segregate the hashed personal information, registered details, timestamp of the communication, type of personal information and the pre-determined intimation modes.
23. The system of claim 22, wherein a key hash engine is comprised in the at least one server system and is further configured to key hash the hashed personal information.
24. The system of claim 23, wherein the information segregation module is updated with the key hashed personal information.
25. The system of claim 15, wherein a consent seeker module is comprised in the at least one server system and is further configured to seek consent from a consent responder module comprised in the at least one client system, the consent responder module being configured to give consent to the communication being transmitted.