The automatic operation of customized information delivery services depends on the availability of stored profiles about an end-user's needs and wants. These profiles contain information about end-user demographics, interests, history of information delivered, and specific viewing habits. A large number of end-users desire to have the privacy of their profile information protected. In addition, a large number of end-users want the actual information delivered by the information delivery services to be private and untraceable. If end-user privacy is protected, such information delivery service are likely to be attractive to a larger number of potential users. Therefore, personalized information delivery service providers and the networks which transmit the actual information can be expected to have a larger customer base if end-user privacy is protected. It is an object of the present invention to provide a method for operating customized information services so as to protect end-user privacy.
Typically, a network which provides such customized information services includes a filter which serves to compare descriptions of information made available by the service provider with individual profiles of information desired by end-users. Such a filter serves to control the transmission of information via the network between the service provider and the end-user. To make filtering services cost effective, it is desirable to place the information filter in a single centralized location rather than at the information source (service provider) or at the information sink (end-user). A centrally accessible filtering facility lowers the storage and bandwidth requirements of the Customer Premises Equipment used by the end-user. Furthermore, it prevents the delivery to the end-user of redundant information which may arise if a plurality of service providers independently filter and deliver information. Providing the filtering service in a centralized facility vastly reduces the complexity of the hardware and software maintenance involved in running and updating the filtering service. In addition, as users become more mobile, with the rapid introduction of cellular communications, for example, centralized filtering helps provide customers with personalized information access anywhere.
Centralization of filtering poses a privacy threat because a very detailed profile of each end-user has to be stored at the filter.
Accordingly, it is a further object of the present invention to provide a method for operating customized information services in which the privacy of both end-user profiles maintained at a central filter and transmitted information is protected.