Mobility became part of our personal liberty. Also the market noticed this trend in geo-development and reacted with an increasing availability of location based services that mainly run on our mobile devices. These services enrich our mobility experiences, but at the same time concern our privacy, when service providers are now capable of continuously tracking the location of a user. During a travel I recently was having an interesting discussion about internet security and privacy issues in geo-applications. Although it is not a new concern, I remained surprised hearing that every German email is read by, indeed, U.S. authorities, and not Germans. Triggered by the conversation I decided to write an article about the privacy side of the highly exploding location service sector and mainly refer to an article I found from authors of Yale University/Bell Laboratories/Texas University.
One of the core weak points of a location based service is the service itself, far before the other components of the localisation and communication that e.g. can be rendered secure by using direct signals instead of radio-based localisation or blind signature. However, a safe location based service implies the use of a trustful server. Trustful servers are undesirable for mainly three reasons: (1) many providers do not want to bear the liability that comes with a trustful server, (2) many users are not willing to trust a third party, which may deter the adoption of many location based services and (3) a single trusted server may get a single point of attack and in this case compromise many users’ privacy. We can extract two main scenarios of privacy loss derived from the previous points. In the first one, the service directly transfers the users’ location information to entities, while the second type of service executes calculations that require the input of (user) location(s) and once they are introduced into the system will reveal spatial information on the user (just think of a dating service where you introduce a desired location to find somebody). Knowing this, you can imagine that lots of information ends up in third hands, is stored, analysed (market analysis based on location related activities) and used for diverse purposes.
I wrote this article not to provoke panick, but to inform and make aware of privacy issues concerning technologies that we regularly use. When you buy something from a supermarket you might be interested what is inside your product. The same accounts for the location based services: I think we should be informed about what we frequently use and be aware of the consequences it might have, in order to finally not end up as market and money driven users.
“Privacy-Preserving Location-based Services for Mobile Users in Wireless Networks”, paper by Sheng Zhong , Li (Erran) Li , Yanbin Grace Liu , Yang Richard Yang, (2004)