Location-based services and the privacy-security dichotomy (original) (raw)
Related papers
Privacy-friendly LBS: a prototype-supported case study
AMCIS 2007 Proceedings, 2007
The development of new products in the mobile data services market poses severe challenges for service providers and mobile network operators. Short-lived products, lack of knowledge about acceptance by users, and the requirement to embed new products in existing infrastructures lead to difficulties on several levels. Data protection, potentially ambiguous regulation of telecommunication and the existence of a wide range of communication and localization technologies confront product developers with new challenges. Modeling and balancing business interests, data protection requirements, and user preferences while implementing new products on existing infrastructures are some of them. This paper presents the concept and implementation of a prototype that was developed by an international research project with participation of industry partners
Enabling Privacy of Real-Life LBS
IFIP International Federation for Information Processing, 2007
Privacy in computerized environments is perceived very differently depending on the respective point of view. Often "privacy enhancing technologies"-initiated by the user, as a measure of self-defense-are seen as conflicting with business goals such as cost-efficiency, revenue assurance, and options for further business development based on existing data. This paper presents the design and implementation of an architecture and prototype for privacy-friendly, interoperable location-based services (LBS), based on intermediation of location data via a location middleware component. The aim is to combine privacy-friendliness, efficiency, and market potential. Therefore the security interests of the stakeholders are analyzed and an architecture solution including an intermediary is introduced. Then the prototype implementation (at a mobile operator) is described and the usage of the prototype for a commercial service and product offer by the operator involved in the development is discussed.
A LBS middleware with privacy protection from inference attacks (Atena Editora)
A LBS middleware with privacy protection from inference attacks (Atena Editora), 2023
In today's digitally interconnected world, the proliferation of computational mobile devices has brought about a transformative shift in how we interact with technology. The advent of Location-Based Services (LBS) represents a groundbreaking development in the realm of computer programs. LBS programs harness the power of user spatial location information to deliver services tailored to the user's specific whereabouts. For instance, think of a mobile app that displays a map with nearby restaurants or a GPS navigation system guiding you through unfamiliar streets. However, as convenience and innovation continue to intertwine, so do concerns about the privacy of our personal information. The very essence of LBS - utilizing your location - poses potential threats to your privacy. Unauthorized access to this sensitive information can lead to unwelcome consequences. LBS providers typically offer users some control over their privacy, allowing them to dictate who can access their location data, particularly in sensitive locations. While this approach may seem reassuring, it often falls short in providing robust protection. Crafty attackers can pose as trusted entities and exploit vulnerabilities to gain access to your location information. Additionally, your whereabouts can be inferred from your past movements or a history of places visited, further compromising your privacy. This is where our journey begins. In this meticulously researched and expertly crafted book, we delve into the heart of this privacy conundrum. The foundation of our exploration lies in a Master's thesis in Informatics from the Libera Università di Bolzano/Bozen. Here, the author introduces a LBS middleware, underpinned by a novel approach to safeguarding user privacy. Central to this innovative solution is the concept of user empowerment. With this middleware, users have the ability to proactively determine the probability of being tracked in a particular location. In essence, you have the power to tune the privacy protection mechanism to your precise requirements, thus thwarting potential attackers. This approach, when implemented, reshapes the landscape of location-based services by ensuring that users can partake in the benefits without the nagging fear of their privacy being compromised. Real-world testing and assessment, complemented by the use of authentic data, solidify the effectiveness of this pioneering technique. This book not only elucidates the intricacies of the LBS middleware but also provides valuable insights into its practical application in real-world scenarios. In a world where location-based services are omnipresent, this book emerges as a guiding light for those who value their privacy. It offers an indispensable roadmap for individuals seeking to harness the convenience and functionality of LBS while safeguarding their personal information. Welcome to the future of privacy in Location-Based Services - a future where you remain in control.
IATBR Conference, 2009
Location-based services (LBS) are dependent on a knowledge of a real time location, knowledge of the environment, and integrated with communications. An ideal specification for travel data collection. LBS has become pervasive very swiftly, but the implications are not yet widely recognised. The addition of realtime information, response and service providers to the now familiar combination of GPS, and data recording is the focus of the present paper. The business development path to LBS is outlined, and the implications for data gathering, matching and response considered. The privacy and surveillance aspects are of varying sensitivity in different cultures, even within a single country, but the addition of intelligence methods of data gathering add a further layer to existing concerns. The substantial potential of LBS to enable improved understanding, monitoring and management of transport provision and movements are clear, but barriers to its wide adoption are outlined in terms of the cultures of authorities collecting data and those of the subjects of that collection.
LBS System Architecture with Privacy
In this paper, we present results of a research work on architectural and implementation issues related to location-based services (LBS). The architecture provides mechanisms for protecting privacy of actors involved, especially the privacy of the consumers of services provided by an LBS system. This work focuses on an LBS system architecture and investigates its scalability, performance, and security mechanisms by analyzing, designing, and simulating the architecture. Based on the results obtained, we propose adaptation to the architecture and specify communication protocols that satisfy the security requirements.
Control, trust, privacy, and security: evaluating location-based services
IEEE Technology and Society Magazine, 2000
Location-based services (LBS) are those applications that utilize the position of an end-user, animal, or thing based on a given device (handheld, wearable, or implanted), for a particular purpose. This article uses scenario planning to identify the possible risks related to location-based services in the context of security and privacy. The original contribution of this article is that the dilemma has been related specifically to LBS, under the privacy-security dichotomy. Here, each side of the dichotomy is divided into three key components that combine to greatly magnify risk. Removing one or more components for each set decreases the privacy or security risk. Where more elements are present in conjunction, the risk is increased.
The Importance of Scenarios in Evaluating the Socio-ethical Implications of Location-based Services
2006
Location-based services (LBS) are those applications that utilize the position of an end-user, animal or thing based on a given device (handheld, wearable, interwoven into fabric or implanted), executed for a particular purpose. LBS applications range from those that are mission-critical to those that are used for convenience, from those that are mandatory to those that are voluntary, from those that are targeted at the mass market to those that cater for the needs of a niche market. Location services can be implemented using a variety of access mediums including global positioning systems and radio-frequency identification, rendering approximate or precise position details. The introduction of location-based services, which are growing in sophistication and complexity, has brought with it a great deal of uncertainty. Unaddressed topics include: who is accountable for the accuracy and availability of location information, prioritization for location frequency reporting, the user's freedom to opt-in and opt-out of services, caregiver and guardian rights and responsibilities, the transparency of transactions, the duration of location information storage. Some of these controversies are the focus of court cases across the United States, usually between service providers and disgruntled end-users or law enforcement agencies and suspected criminals. While we can wait for the courts to set precedence and then take legislative action to learn about how we should act and what we should accept as morally right or wrong, this is only a small part in considering the emerging ethics of an innovation such as location-based services. Laws, similar to global technical standards take a long time to enact. A more holistic approach is required to analyze technology and social implications. This paper uses scenarios in the form of short stories to summarize and draw out, the likely issues that will arise from widespread adoption of LBS. It is a plausible future scenario, grounded in the realism of today's technological capabilities.
ISPRS International Journal of Geo-Information
An individual’s location data is very sensitive geoinformation. While its disclosure is necessary, e.g., to provide location-based services (LBS), it also facilitates deep insights into the lives of LBS users as well as various attacks on these users. Location privacy threats can be mitigated through privacy regulations such as the General Data Protection Regulation (GDPR), which was introduced recently and harmonises data privacy laws across Europe. While the GDPR is meant to protect users’ privacy, the main problem is that it does not provide explicit guidelines for designers and developers about how to build systems that comply with it. In order to bridge this gap, we systematically analysed the legal text, carried out expert interviews, and ran a nine-week-long take-home study with four developers. We particularly focused on user-facing issues, as these have received little attention compared to technical issues. Our main contributions are a list of aspects from the legal text o...
Location-Based Services and Privacy
Location-Based Services Handbook, 2018
Location-based services also raise the spectre of state surveillance of individual activity-either concurrent with an individual's movements (tracking), or retrospectively, through searching records of individual patterns of movement. 3 These are just some of the contexts in which privacy issues are raised. In this paper we begin by describing location-based services, their evolution and their future directions. We then outline privacy issues raised by such services. In Part III we consider how current Canadian data protection laws apply to location-based services, and indicate where such laws fall short of addressing the full range of issues raised by location-based services. Part IV of the paper explores some technological methods to address the privacy challenges raised by locationbased services. The paper concludes with a series of recommendations. I. LOCATION-BASED SERVICES Location-based services are proliferating largely due to the dramatic rise in the number of GPS-equipped mobile devices used by consumers. Such devices include smart phones, tablet computers and hand held Global Positioning Systems (GPS). Newer versions of internet browsers are also "location aware", facilitating the use of location information in tailoring the user's web experience. 4 Location-based services are premised on the sharing of a user's location information with a set of specified individuals within their circle of family, friends or associates. Services such as Google Latitude, 5 Glympse, 6 Foursquare 7 or Gowalla, 8 enable this kind of location sharing. Location-sharing can also have a non-consensual dimension. For example, it can be used by employers to track the location of their employees, 9 or handset vendors, operating system vendors, advertisers, advertising networks, and analytics companies may also have access to precise, sensitive information about where users are located".
Third party positioning services: novel challenges for location privacy in LBS
2011
Acommon assumption in the research community working on location privacy in locationbased services (LBS) is that the location sources are trusted. In this paper we present a different perspective. We argue that, because of the deployment of wifi-based/hybrid positioning techniques and web-based LBSs, the user's location is increasingly computed by third-party location providers which may be not fully trusted.