1. Field of Invention
This invention relates to an Internet-based traveler safety notification system which allows users to record details of planned travel and specify an alert time, thereby arming a monitoring system, and a notification process in which a trusted person is alerted and provided with the user's travel plan if the user fails to disarm the system before his/her specified alert time or sends an emergency activation message.
2. Prior Art
Many people travel the world alone, often to hazardous places or places where few others travel. A responsible traveler would take the time to let someone know where they are going and when they expect to get back, as a minimum safety precaution before setting out on a higher risk outing. This can present difficulties, especially if the traveler is traveling in a foreign country far from home, friends and relatives. There also a privacy consideration, where the traveler may not to wish to concern a friend or relative if elevated-risk travel is contemplated and thus may be disinclined to take such a precaution.
In the absence of definite advice regarding when a traveler may contact them next, the first inkling a family or friend may have that a traveler is missing may be an extended period since their last contact. For example, the traveler may have been sending occasional emails outlining his or her travel, but may not have sent one for awhile. Upon taking these concerns to the authorities for help in locating the missing traveler their concerns may well be dismissed as the “unreliability of youth”. In the absence of any actual evidence that the traveler is at risk, enlisting the help of the authorities can be difficult or delayed. Also, in the absence of specific details of the traveler's planned travel the authorities will have little to go on and a poorly defined starting point for their search.
U.S. Pat. No. 7,047,203 to Johnson (2006) discloses a system in which users can advise of their itinerary and initiate an automatic monitoring process which will notify a selected person if the participant fails to cancel his or her itinerary before a specified time. Johnson's system relies on notifying selected people via telephone call, a method which does not give those people a written record of the missing traveler's itinerary and has problems with expense in the global context, and of inability to provide notification at all if the selected contact person is not currently contactable via telephone. Also, in the high-stress situation of a parent being advised that their son or daughter may be missing a verbal transcript of details would be prone to error and omission when relayed to the authorities, highlighting the problem of a lack of written notification.
Johnson's system is also unnecessarily complex in that it requires a participant to remember a unique “cancellation code” every time a travel plan is entered, without which the participant is unable to cancel the monitoring process. Remembering any password or code is difficult if not used regularly so the requirement to remember an additional unique code over and above the normal login password will increase the level of false alarms, due to a user's inability to cancel monitoring because they cannot remember today's cancellation code.
U.S. Pat. No. 7,026,928 to Lane (2006) discloses a system which also monitors the safety of a mobile user. In that disclosure Lane's system is programmed with a list of locations and time frames in which the user will be in those locations, and then monitors safety by sending signals to a mobile communication device to which the mobile user must respond. If the user fails to respond the system will initiate a security response including the notification of specified people that the user may be at risk. Lane's system thus requires the user to be in continual telecommunications contact (such as remaining within mobile phone coverage areas for the entire period of monitoring) and thus is unsuitable for people wishing to travel to remote areas in which continuous telecommunications coverage may be unreliable or non-existent.
U.S. patent application Ser. No. 10/028,901 by Gallant, published as US2002/0107927 describes an Internet-based safety system in which a notification to a contact is also made after a defined time if the user does not cancel monitoring. Gallant's claims include a means whereby, upon activation of an alert, the system interrogates a wireless network for its position and sends the position data to the user's specified emergency contact. The technique for achieving this position interrogation is not described and may require hardware or telecommunications system characteristics not widely available.
Gallant describes, although does not claim, several embodiments in which some kind of notification is made to the emergency contact after the “end time” specified by the user. Notable for its absence in the operation of his system or in its notifications is an actual description by the user of the user's plans or intentions. The user can specify an “event name” for the event being monitored, and a “return date and time” which defines monitoring expiry, and a range of fixed personal information such as name, address, phone number, HIV status etc., although nowhere in his system does the user describe his/her intentions or plan. Gallant presumably does not feel that plan or intention information is useful as he relies in his notifications on positional data being retrieved from the user's mobile device on alert activation. His system, therefore, relies on an unknown position determination technique which will require the user to be in telecommunications contact at the time of the alert for any useful data to be provided to the emergency contact in the event of an alert.
U.S. Patent Application 20040220841 by Fairweather (2004) discloses a traveler itinerary alerting system which does allow the entry of travel itinerary data into his system and the delivery of that information if the user has not canceled the itinerary by a specified period after planned arrival time at destination. Fairweather recognizes the dangers associated with sending personal information via email, suggesting that system emails can have a digital signature applied to them to ensure their authenticity. This approach allows a recipient of a certain skill level or using certain email programs to confirm the identity of the sender and detect any modifications to the message contents.
However, the use of digital signatures in emails has several problems. To properly utilize a digital signature the recipient of the email message must install a “digital certificate public key” provided by Fairweather's system or an independent certificating authority into their email program. This is a task which many would not know how to do, and which adds a level of complexity to the process which may deter those people who are only moderately comfortable with computers, email and the Internet. While the contents of digitally signed email message will be readable without the installation of such a certificate, in this circumstance some email programs (for example, the common Microsoft Outlook Express) may display a “security alert” message, thus causing a suspicion where perhaps none had previously existed. Further, web-based email programs, such as “Hotmail” and “Yahoo Mail”, do not allow for digital signatures, so the provision of the signature in these cases is moot.
Furthermore, a digital signature only has value if the recipient expects to see one. If a recipient receives an email without one, such as is the case with most emails we receive, most people would think nothing of it. Thus, should a malicious third party create and send to a recipient an email purporting to be from the safety system (which would presumably be without a digital signature) there is every possibility that it would be believed. This is clearly unacceptable.
A further problem with the sending emails is that they are not secure. They are not encrypted in any way and, by the nature of the Internet itself, pass through several unidentified and uncontrolled computers on their way to you. Thus any personal information included is available for inspection by various third parties of unknown intent. The low security level of such messages may act as a deterrent to the user of a safety system from providing a full detailed range of information out of fear that it may be intercepted by unknown persons if sent in an alert message.
U.S. Patent Application 20040198315 by Vellotti (2004) discloses a system very similar to Fairweather's, in which a user can enter trip/alert information, including an expected time of return from a trip and contact information for an emergency contact person. If the user has not returned from the trip by the expected time of return Vellotti's system transmits an “alert message” to the emergency contact message. Vellotti also provides for deactivation of his system using voice recognition via a telephone, and the transmittal of a voice message to the emergency contact person.
The only contact methods described by Vellotti for the transmittal of information to the emergency contact person are via email message, telephone message and pager message. My previous comments regarding Fairweather's email notification, and the security issues involved apply equally to Vellotti. Similarly, my comments regarding telephone notification have the problem of not providing a written record of the alert, although it is possible that Vellotti would also provide this in a low-security email. His pager message requires the contact person to ring up to hear the recorded voice message mentioned earlier, again presenting problems with the lack of a written copy of the call. Vellotti does not teach or suggest the provision of notification via a secure website, or other secure transmission means.
While Vellotti does discuss the use of a telephone to setup or modify trip/alert information and deactivate the system after returning from a trip he does not suggest or describe the use of mobile messaging techniques, such as SMS messaging, to solve this problem. His usage of the telephone is quite specifically directed at voice recognition techniques. As such, the user would be presented with increase cost of usage (voice calls generally costing more than SMS messages), increased phone battery requirements (an SMS message is power-efficient compared to a voice message), and possible misinterpretation of voice activation commands.
All of the cited prior art described notification methods which deliver basic information as it is known at the time of the alert. There is no provision to provide enhanced information which may provide additional assistance to the contact person and which may be updated as time progresses, such as search area weather, governmental travel alerts, news items involving vehicle accidents, or any other data relevant to the search area. Thus, there is no active involvement by their systems with the contact person once they have delivered their message.
Against this background of prior art, there exists a need for a traveler safety notification system which:                1. provides a means to receive and retain information about a traveler's plans or itinerary;        2. is simple to use, with no unnecessarily complicated steps or actions required;        3. reliably provides alert notifications to trusted contact people in a written form;        4. does not rely on the traveler being in continuous telecommunications contact;        5. does not require the traveler to be in telecommunications contact at the time of the alert;        6. does not rely on technology not commonly available;        7. provides a secure means of providing personal and travel plan information to a contact person which is simple and will work on all systems with all levels of recipient experience;        8. may be operated remotely without Internet access, using a commonly available mobile device such as a mobile phone or cellphone in an efficient, easy to use way which minimizes opportunities for error; and        9. provides enhanced information relevant to the likely search area, thereby being of continued assistance to the contact person after being notified of an alert.My described embodiments address these issues and meet this need.        