research-article

PDVLoc: A Personal Data Vault for Controlled Location Data Sharing

Authors:

Deborah Estrin,

Ramesh GovindanAuthors Info & Claims

ACM Transactions on Sensor Networks (TOSN), Volume 10, Issue 4

Article No.: 58, Pages 1 - 29

https://doi.org/10.1145/2523820

Published: 01 June 2014 Publication History

Abstract

Location-Based Mobile Service (LBMS) is one of the most popular smartphone services. LBMS enables people to more easily connect with each other and analyze the aspects of their lives. However, sharing location data can leak people's privacy. We present PDVLoc, a controlled location data-sharing framework based on selectively sharing data through a Personal Data Vault (PDV). A PDV is a privacy architecture in which individuals retain ownership of their data. Data are routinely filtered before being shared with content-service providers, and users or data custodian services can participate in making controlled data-sharing decisions. Introducing PDVLoc gives users flexible and granular access control over their location data. We have implemented a prototype of PDVLoc and evaluated it using real location-sharing social networking applications, Google Latitude and Foursquare. Our user study of 19 participants over 20 days shows that most users find that PDVLoc is useful to manage and control their location data, and are willing to continue using PDVLoc.

References

[1]

A. Acquisti and J. Grossklags. 2008. What can behavioral economics teach us about privacy= In Digital Privacy: Theory, Technologies, and Practices. Taylor and Francis Group. http://www.heinz.cmu.edu/&sim;acquisti/papers/Acquisti-Grossklags-Chapter-Etrics.pdf.

[2]

D. Anthony, D. Korz, and T. Henderson. 2007. Privacy in location aware computing environments. IEEE Pervas. Comput. 6, 4, 64--72.

Digital Library

[3]

R. Baden, A. Bender, N. Spring, B. Bhattacharjee, and D. Starin. 2009. Persona: An online social network with user-defined privacy. In Proceedings of the ACM SIGCOMM Conference on Data Communication.

Digital Library

[4]

R. Balebako, P. Leon, H. Almuhimedi, P. Kelley, J. Mugan, A. Acquisti, L. Cranor, and N. Sadeh. 2011. Nudging users towards privacy on mobile devices. In Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems.

[5]

G. Bigwood, F. B. Abdesslem, and T. Henderson. 2012. Predicting location-sharing privacy preferences in social network applications. In Proceedings of the 1^st Workshop on Recent Advances in Behavior Prediction and Pro-Active Pervasive Computing.

[6]

M. Breunig, H.-P. Kriegel, R. T. Ng, and J. Sander. 2000. Lof: Identifying density-based local outliers. In Proceedings of the ACM SIGMOD International Conference on Management of Data.

Digital Library

[7]

A. J. B. Brush, J. Krumm, and J. Scott. 2010. Exploring end user preferences for location obfuscation, location-based services, and the value of location. In Proceedings of the 12^th ACM International Conference on Ubiquitous Computing.

Digital Library

[8]

R. Caceres, L. Cox, H. Lim, A. Shakimov, and A. Varshavsky. 2009. Virtual individual servers as privacy-preserving proxies for mobile devices. In Proceedings of the 1^st ACM SIGCOMM Workshop on Networking, Systems, and Applications on Mobile Handhelds (MobiHeld'09).

Digital Library

[9]

C. Cornelius, A. Kapadia, D. Kotz, D. Peebles, M. Shin, and N. Triandopoulos. 2008. Anonysense: Privacy-aware people-centric sensing. In Proceedings of the 6^th International Conference on Mobile Systems, Applications, and Services (MobiSys'08). ACM Press, New York, 211--224.

Digital Library

[10]

E. D. Cristofaro and C. Soriente. 2011. Pepsi: Privacy enhancing participatory sensing infrastructure. In Proceedings of the 4^th ACM Conference on Wireless Network Security.

Digital Library

[11]

M. Csikszentmihalyi and R. Larson. 1987. Validity and reliability of the experience-sampling method. J. Nervous Mental Disease 175, 9, 526--536.

[12]

C. Elsmore, A. Madhavapeddy, I. Leslie, and A. Chaudhry. 2012. Confidential carbon commuting: Exploring a privacy architecture for incentivising greener commuting. In Proceedings of the 1^st Workshop on Measurement, Privacy, and Mobility.

Digital Library

[13]

Y. L. Gall, A. J. Lee, and A. Kapadia. 2012. Plexc: A policy language for exposure control. In Proceedings of the 17^th ACM Symposium on Access Control Models and Technologies.

Digital Library

[14]

R. K. Ganti, N. Pham, Y. Tsai, and T. F. Abdelzaher. 2008. Poolview: Stream privacy for grassroots participatory sensing. In Proceedings of the 6^th ACM Conference on Embedded Network Sensor Systems.

Digital Library

[15]

S. Guha, K. Tang, and P. Francis. 2009. Noyb: Privacy in online social networks. In Proceedings of the 1^st Workshop on Online Social Networks.

Digital Library

[16]

G. R. Hayes, E. S. Poole, G. Iachello, S. N. Patel, A. Grimes, G. D. Abowd, and K. N. Truong. 2007. Physical, social and experiential knowledge in pervasive computing environments. IEEE Pervas. Comput. 6, 4, 56--63.

Digital Library

[17]

B. Hoh, M. Gruteser, R. Herring, J. Ban, D. Work, J. Herrera, A. M. Bayen, M. Annavaram, and Q. Jacobson. 2008. Virtual trip lines for distributed privacy-preserving traffic monitoring. In Proceedings of the 6^th International Conference on Mobile Systems, Applications, and Services.

Digital Library

[18]

B. Hoh, M. Gruteser, H. Xiong, and A. Alrabady. 2006. Enhancing security and privacy in traffic monitoring systems. IEEE Pervas. Comput. 5, 4, 38--46.

Digital Library

[19]

J. I. Hong and J. A. Landay. 2004. An architecture for privacy-sensitive ubiquitous computing. In Proceedings of the 6^th International Conference on Mobile Systems, Applications, and Services.

Digital Library

[20]

J. Horey, M. M. Groat, S. Forrest, and F. Esponda. 2007. Anonymous data collection in sensor networks. In Proceedings of the 4^th Annual International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services.

Digital Library

[21]

J. Kang, K. Shilton, J. Burke, D. Estrin, and M. Hansen. 2012. Self-surveillance privacy. Iowa Law Review. http://www.uiowa.edu/&sim;ilr/issues/ILR_97-3_Kang.pdf.

[22]

J. Kang, W. Welbourne, B. Stewart, and G. Borriello. 2005. Extracting places from traces of locations. In Proceedings of the ACM International Workshop on Wireless Mobile Applications and Services on WLAN Hotspots.

Digital Library

[23]

A. Kapadia, T. Henderson, J. J. Fielding, and D. Kotz. 2007. Virtual walls: Protecting digital privacy in pervasive environments. In Proceedings of the 5^th International Conference on Pervasive Computing.

Digital Library

[24]

L. Kazemi and C. Shahabi. 2011. Exploring end user preferences for location obfuscation, location-based services, and the value of location. In Proceedings of the IEEE International Pervasive Computing and Communication.

[25]

D. H. Kim, K. Han, and D. Estrin. 2011. Employing user feedback for semantic location services. In Proceedings of the 13^th International Conference on Ubiquitous Computing.

Digital Library

[26]

J. Kincaid. 2009a. SXSW: Foursquare scores despite its flaws. The Washington Post.

[27]

J. Kincaid. 2009b. The architecture and implementation of a decentralized social networking platform. The Washington Post.

[28]

J. Krumm. 2007. Inference attacks on location tracks. In Proceedings of the 5^th International Conference on Pervasive Computing.

Digital Library

[29]

L. Mazurek, P. F. Klemperer, R. Shay, H. Takabi, L. Bauer, and L. F. Cranor. 2011. Exploring reactive access control. In Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems.

Digital Library

[30]

E. Miluzzo, N. D. Lane, S. B. Eisenman, and A. T. Campbell. 2007. Cenceme injecting sensing presence into social networking applications. In Proceedings of the 2^nd European Conference on Smart Sensing and Context.

Digital Library

[31]

M. Y. Mun, S. Hao, N. Mishra, K. Shilton, Burke, E. D. Jeff, M. Hansen, and R. Govindan. 2010. Personal data vault: A locus of control for personal data streams. In Proceedings of the 6^th International Conference on emerging Networking Experiments and Technologies.

Digital Library

[32]

M. Y. Mun, S. Reddy, K. Shilton, N. Yau, J. Burke, et al. 2009. Peir, the personal environmental impact report, as a platform for participatory sensing systems research. In Proceedings of the 7^th Annual International Conference on Mobile Systems, Applications and Services.

Digital Library

[33]

R. Schlegel, A. Kapadia, and A. J. Lee. 2011. Eyeing your exposure: Quantifying and controlling information sharing for improved privacy. In Proceedings of the Symposium on Usable Privacy and Security.

Digital Library

[34]

S. Seong, J. Seo, M. Nasielski, D. Sengupta, S. Hangal, et al. 2010. PrPl: A decentralized social networking infrastructure. In Proceedings of the ACM Workshop on Mobile Cloud Computing and Services: Social Networks and Beyond.

Digital Library

[35]

A. Shakimov, H. Lim, R. Caceres, L. P. Cox, K. Li, D. Liu, and A. Varshavsky. 2011. Vis-a-vis: Privacy-preserving online social networking via virtual individual servers. In Proceedings of the International Conference on Communication Systems and Networks.

[36]

E. Shi, T.-H. H. Chan, E. Rieffel, R. Chow, and D. Song. 2011. Privacy-preserving aggregation of time-series data. In Proceedings of the 18^th Annual Network and Distributed System Security.

[37]

K. Shilton, J. Burke, D. Estrin, M. Hansen, R. Govindan, and J. Kang. 2009. Designing the personal data stream: Enabling participatory privacy in mobile personal sensing. In Proceedings of the 37^th Research Conference on Communication, Information and Internet Policy (TPRC'09).

[38]

C. Squicciarini, F. Paci, and S. Sundareswaran. 2010. Prima: An effective privacy protection mechanism for social networks. In Proceedings of the 5^th ACM Symposium on Information, Computer and Communications Security.

Digital Library

[39]

C. Squicciarini, S. Sundareswaran, D. Lin, and J. Wede. 2011. A3p: Adaptive policy prediction for shared images over popular content sharing sites. In Proceedings of the 22^nd ACM Conference on Hypertext and Hypermedia.

Digital Library

[40]

A. Thiagarajan, L. Ravindranath, K. Lacurts, S. Madden, H. Balakrishnan, S. Toledo, and J. Eriksson. 2009. Vtrack: Accurate, energy-aware road traffic delay estimation using mobile phones. In Proceedings of the 7^th ACM Conference on Embedded Networked Sensor Systems.

Digital Library

[41]

A. Tootoonchian, S. Saroiu, Y. Ganjali, and A. Wolman. 2009. Lockr: Better privacy for social networks. In Proceedings of the 5^th International Conference on emerging Networking Experiments and Technologies.

Digital Library

[42]

J. Y. Tsai, P. Kelley, P. Drielsma, L. F. Cranor, J. Hong, and N. Sadeh. 2009. Who's viewed you= The impact of feedback in a mobile location sharing application. In Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems.

Digital Library

[43]

C. Zhou, D. Frankowski, P. Ludford, S. Shekhar, and L. Terveen. 2004. Discovering personal gazetteers: An interactive clustering approach. In Proceedings of the 12^th Annual ACM International Workshop on Geographic Information Systems.

Digital Library

Cited By

Fallatah KBarhamgi MPerera C(2023)Personal Data Stores (PDS): A ReviewSensors10.3390/s2303147723:3(1477)Online publication date: 28-Jan-2023
https://doi.org/10.3390/s23031477
Veys SSerrano DStamos MHerman MReitinger NMazurek MUr BChiasson S(2021)Pursuing usable and useful data downloads under GDPR/CCPA access rights via co-designProceedings of the Seventeenth USENIX Conference on Usable Privacy and Security10.5555/3563572.3563584(217-241)Online publication date: 9-Aug-2021
https://dl.acm.org/doi/10.5555/3563572.3563584
Ribeiro-Navarrete SSaura JPalacios-Marqués D(2021)Towards a new era of mass data collection: Assessing pandemic surveillance technologies to preserve user privacyTechnological Forecasting and Social Change10.1016/j.techfore.2021.120681167(120681)Online publication date: Jun-2021
https://doi.org/10.1016/j.techfore.2021.120681
Show More Cited By

Index Terms

PDVLoc: A Personal Data Vault for Controlled Location Data Sharing
1. Information systems
  1. Information retrieval
  2. Information storage systems

Recommendations

Location privacy protection with a semi-honest anonymizer in information centric networking
ICN '18: Proceedings of the 5th ACM Conference on Information-Centric Networking

Location-based services, which provide services based on locations of consumers' interests, are becoming essential for our daily lives. Since the location of a consumer's interest contains private information, several studies propose location privacy ...
Incremental release of differentially-private check-in data

Due to the growing popularity of location-based services and geo-social networks, users communicate more and more private location traces to service providers, as well as explicit spatio-temporal data, often called "check-ins", about their presence in ...
Privacy antecedents for SNS self-disclosure

Social networking sites privacy issues and self-disclosure are examined.A research model of privacy issues and self-disclosure is built.Structural equations modeling is used to assess the model fit.Path analysis is done to analyze hypothesis whereas 11 ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Sensor Networks

ACM Transactions on Sensor Networks Volume 10, Issue 4

June 2014

480 pages

ISSN:1550-4859

EISSN:1550-4867

DOI:10.1145/2633905

Issue’s Table of Contents

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Journal Family

ACM Journals for the Design of Smart and Connected Systems

Publication History

Published: 01 June 2014

Accepted: 01 August 2013

Revised: 01 July 2013

Received: 01 July 2012

Published in TOSN Volume 10, Issue 4

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
622
Total Downloads

Downloads (Last 12 months)22
Downloads (Last 6 weeks)2

Reflects downloads up to 10 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Fallatah KBarhamgi MPerera C(2023)Personal Data Stores (PDS): A ReviewSensors10.3390/s2303147723:3(1477)Online publication date: 28-Jan-2023
https://doi.org/10.3390/s23031477
Veys SSerrano DStamos MHerman MReitinger NMazurek MUr BChiasson S(2021)Pursuing usable and useful data downloads under GDPR/CCPA access rights via co-designProceedings of the Seventeenth USENIX Conference on Usable Privacy and Security10.5555/3563572.3563584(217-241)Online publication date: 9-Aug-2021
https://dl.acm.org/doi/10.5555/3563572.3563584
Ribeiro-Navarrete SSaura JPalacios-Marqués D(2021)Towards a new era of mass data collection: Assessing pandemic surveillance technologies to preserve user privacyTechnological Forecasting and Social Change10.1016/j.techfore.2021.120681167(120681)Online publication date: Jun-2021
https://doi.org/10.1016/j.techfore.2021.120681
Estrada-Galiñanes VWac K(2019)Collecting, exploring and sharing personal data: Why, how and whereData Science10.3233/DS-190025(1-28)Online publication date: 21-Nov-2019
https://doi.org/10.3233/DS-190025
Petit JDietzel SKargl F(2018)Privacy of Connected VehiclesHandbook of Mobile Data Privacy10.1007/978-3-319-98161-1_9(229-251)Online publication date: 27-Oct-2018
https://doi.org/10.1007/978-3-319-98161-1_9
Reinhardt DDürr F(2018)Opportunities and Risks of Delegating Sensing Tasks to the CrowdHandbook of Mobile Data Privacy10.1007/978-3-319-98161-1_6(129-165)Online publication date: 27-Oct-2018
https://doi.org/10.1007/978-3-319-98161-1_6
Lin WDeng ZLi XFang QLi NWang K(2017)Multi-dimensional features models and compacted clustering for ILBD (Indoor Location Big Data)Journal of Intelligent & Fuzzy Systems10.3233/JIFS-16933033:5(2811-2822)Online publication date: 27-Oct-2017
https://doi.org/10.3233/JIFS-169330
Murmann PFischer-Hubner S(2017)Tools for Achieving Usable Ex Post Transparency: A SurveyIEEE Access10.1109/ACCESS.2017.27655395(22965-22991)Online publication date: 2017
https://doi.org/10.1109/ACCESS.2017.2765539
Radenkovic M(2016)Cognitive Privacy for Personal CloudsMobile Information Systems10.1155/2016/71071032016(1-17)Online publication date: 2016
https://doi.org/10.1155/2016/7107103
Aoki SSezaki K(2016)Democratic Privacy: A protocol-hidden perturbation scheme for pervasive computing2016 IEEE International Conference on Communications (ICC)10.1109/ICC.2016.7511227(1-6)Online publication date: May-2016
https://doi.org/10.1109/ICC.2016.7511227
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents