Document Region Protection: Technical But Obvious

Whether the control of access is by password or on the basis of the identity of the user is a consequence of a non-technical requirement with regard to the type of document protection desired by the document owner.

Whether the status information in the form of a message is to be distinguished from visual indication is not relevant; such a difference constitutes a minor detail and relates in any case to the non-technical question of how to present the information.

Claim 1 (main request)

A method for protecting regions within an electronic document, the method comprising:

executing a word processing application program (30) on a computer, the word processing application program operative to provide an administrative mode (1506; 1602; 1720) and an enforcement mode (1510; 1608; 1702), wherein

in the administrative mode the word processing application program is operative

to receive the selection of a region (62; 90; 92) within the electronic document and the identities of one or more users (68A; 68B) authorized to freely edit the selected region,

and to receive the selection of a protection scheme to be applied to the entire electronic document, wherein said protection scheme comprises one of rendering the entire electronic document read-only; allowing only comments to be inserted into the electronic document; allowing users to only freely edit form fields contained in the electronic document; and allowing tracked edits to be freely made to the entire document;

and wherein, in the enforcement mode, the word processing application program is operative

to apply the selected protection scheme to the document,

to receive requests to edit regions of the electronic document and to deny (1708) requests to edit regions of the electronic document made by users not authorized to freely edit the regions,

and to dynamically displaying a message (104) to the user depending on the location of the insertion point (110), wherein, if the insertion point is located within a region that may be freely edited by the user, the message indicates that the user may freely edit within the region, whereas, if the insertion point is within a region of the electronic document that the user is not authorized to freely edit, the message indicates that the user is not permitted to edit in the region.

6. Document D2 discloses a GUI-based word-processing application extended with some collaboration functionality for the editing or reviewing of a document by multiple users. It supports the insertion of comments to a document, and tracking of changes by multiple identified users (see title, pages 129 to 131, 135). Document D2 is hence an adequate starting point for discussing inventive step.

7. The system of document D2 supports both read-only and password-based protection of documents (page 129, second paragraph). It also allows the creation of forms and "protecting the form so that users can interact only with the fields, not change the form itself", optionally in combination with password protection (page 216, third paragraph).

From the above, it follows that the system of document D2 supports protection schemes similar to those mentioned in the claim, namely rendering the document read-only, allowing comments to be inserted, allowing only editing of form fields, or allowing tracked edits. Only one of the protection schemes mentioned in the claim (see (a) above), i.e. allowing only comments to be inserted, is not disclosed in document D2.

In the opinion of the Board, the support for access control to parts of the document (e.g. a form field) means that the system of D2 also authorises or denies user operations on a document or on a region of a document in accordance with the protection scheme and authorisation settings for the document, similarly to feature (c) (see point 3 above). It also means that the method of document D2 includes a step of receiving the selection of a region with access permission within the electronic document.

Two modes of operation, corresponding to the administrative and enforcement modes specified in the claim, are also implicit in the system of document D2, which allows the definition and enforcement of access permissions.

8. The subject-matter of claim 1 of the main request therefore differs from the method for protecting regions within a document by the system of document D2 in that

(a') the selected and applied protection scheme may also be that of allowing only comments to be inserted according to (a) above,

(b') for a selected region the identities of the users authorised to freely edit the region (see step (b) above) are received and, in the enforcement mode, requests to edit regions made by non-authorised users are denied,

and in that a dynamically displayed message indicates whether the user may freely edit the current region, as recited in (d) above.

9. Steps (a) and (b) relate to non-technical administrative constraints reflecting the types of policies required by an authority, or an owner or administrator of a document, with respect to certain operations to be allowed or denied for particular users of the document, for instance co-authors, collaborators or clients. Establishing such policy types does not involve any technical considerations.

The problem underlying the subject-matter of the distinguishing features (a') and (b') is therefore the implementation of the non-technical administrative steps (a) and (b) on a method performed by the system of document D2.

Steps (a') and (b') follow directly from the administrative scheme. As explained above, feature (a') is actually a minor modification of features of document D2. Taking into account that the system of D2 knows the user name, and supports user-based functions (see e.g. first paragraph of page 135) and control of access to parts of the document (page 216), it would be obvious for the skilled person to add the distinguishing features (a') and (b') to a method performed by the word-processing system of D2, in order to arrive at a method carrying out administrative steps (a) and (b).

In its reply to the Board's communication, the appellant argued that, even if defining regions within a document and identifying authorised users for a region were merely an administrative activity, enforcing the protection schemes of the invention in the system of document D2 would be done by protecting regions by passwords. The Board, however, finds that whether the control of access is by password or on the basis of the identity of the user is a consequence of a non-technical requirement with regard to the type of document protection desired by the document owner. Since the system of document D2 supports both user-based functions and password-based access control, it would be obvious to support control of access based on the user names to meet user requirements. Furthermore, the claim does not specify further technical implementation details of the control of access based on the user's identity.

10. In the grounds of appeal the former appellant argued that features (d) rendered the subject-matter of claim 1 inventive over the cited prior art. By displaying the message indicating whether the user was permitted to freely edit the region in which the insertion point was currently located in the enforcement mode, the system let the user instantly recognise his status with regard to the protection applied to the respective region. As a consequence, the user did not waste time and effort by trying in vain to edit a region, possibly assuming that the computer was malfunctioning when his changes were not reflected by the electronic document as seen on screen. None of the cited prior-art documents suggested a related feature. As in T 643/00 of 16 October 2003, these features had the technical effect of improving efficiency of the user's task when working with possibly complex and extensive data.

The subject-matter discussed in T 643/00, which related to a user interface for searching and retrieving images, is very different from that of the present application, as pointed out by the Examining Division. The two cases can be considered to have in common the improvement of user interaction. Feature (d) can be seen as solving the problem of improving user interaction during editing of a document with protected regions.

11. Improving user interaction by means of status information was standard practice before the date of priority of the present application. As the Board explained at the oral proceedings, it was common in well-known word-processors to show editing, styling or formatting modes for the current region of the document. The Board cited the example of the Microsoft word-processor of document D2, which displayed such status information in the horizontal ruler on top of the edited document and in the toolbars shown in the figures of pages 131, 137 and 139. The horizontal ruler showed the indentation of the current paragraph or line, whereas the toolbars displayed the text alignment of the current paragraph (e.g. left, right, centred or justified), or settings relating to font, character formatting (e.g. bold, italic), text style, or other options.

In its letter of reply to the Board's communication, the appellant argued that it was difficult to imagine how, with the password-based protection scheme of document D2, it would be straightforward to dynamically display a message indicating whether or not the user could freely edit the region, since the document did not know whether or not the user knew the password and was allowed to edit the region or not. The Board does not find this argument persuasive, because the system of document D2 is at any time aware of whether the user has already entered the password or not, and whether the current region (for example, an input field in a form) is read-only or editable.

Taking the above into account, the Board is of the opinion that it would be an obvious option for the skilled person to improve the user interface of a system with protected regions by adding further status information similar to that known from the prior art. In the context of editing documents with protected regions, it would be an immediate option to add, to a word-processing system with the functionality of document D2, status information regarding whether the user is allowed to edit the current region. Whether the status information in the form of a message, as specified in the claim, is to be distinguished from the type of visual indication mentioned above is not relevant; such a difference constitutes a minor detail and relates in any case to the non-technical question of how to present the information.

In the Board's opinion, the problem solved by feature (d), related to editing the document in the enforcement mode, is independent of that solved by features (a') and (b') above, directed to the protection and authorisation scheme. No synergistic effect is recognised from combining feature (d) with features (a') and (b').