Abstract
Location privacy in mobile, location-aware applications is a prominent research topic spanning across different disciplines and with strong societal implications and expectations. The tumultuous growth of the mobile applications market over the past few years has however hindered the development of a systematic organization and classification of location privacy concepts. In this paper we focus on one of the key concepts, i.e. location privacy metric. We survey existing approaches to the measurement of location privacy and propose a classification framework. The notion of location privacy metric, however, cannot be fully understood without describing the context in which these metrics are used. To that extent we elaborate on the notions of application model and privacy model. The ultimate goal is to contribute to the specification of a conceptual framework for location privacy.
Similar content being viewed by others
Notes
Directive 2002/58/EC-Article 9. See: http://eur-lex.europa.eu
European Data Protection Directive (95/46/EC)
The scenario is realistic. For example one of the pioneering location sharing applications, i.e. Google Latitude, was coupled with the geo-location services provided by Google itself
References
Agir B, Papaioannou TG, Narendula R, Aberer K, Hubaux JP (2013) User-side adaptive protection of location privacy in participatory sensing. Geoinformatica, to appear
Andrienko G, Gkoulalas-Divanis A, Gruteser M, Kopp C, Liebig T, Rechert K (2013) Report from Dagstuhl: the liberation of mobile location data and its implications for privacy research. ACM SIGMOBILE Mob Comput Commun Rev 17(2):7–18
Ardagna CA, Cremonini M, Damiani E, di Vimercati S, Samarati P (2007) Location privacy protection through obfuscation-based techniques. In: 21st annual IFIP WG 11.3 working conference on data and applications security
Article_29_Data_Protection_Working_Party (2011) WP185 Opinion 13/2011 on Geolocation services on smart mobile devices. http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2011/wp185_en.pdf. Accessed Feb 2014
Bamba B, Liu L, Pesti P, Wang T (2008) Supporting anonymous location queries in mobile environments with PrivacyGrid. In: Proceedings of WWW
Beresford AR, Stajano F (2003) Location privacy in pervasive computing. IEEE Pervasive Comput 2(1):46–55
Beresford AR, Stajano F (2004) Mix zones: user privacy in location-aware services. In: Proceedings of the 2nd IEEE annual conference on pervasive computing and communications workshops
Brown J, Ohrimenko O, Tamassia R (2013) Haze: privacy-preserving real-time traffic statistics. arXiv:1309.3515v1 [cs.CR] 13
Chatzikokolakis K, Andrés ME, Bordenabe NE, Palamidessi C (2013) Broadening the scope of differential privacy using metrics. In: Symposium HotPets 2013. OnLine version: http://freehaven.net/anonbib/papers/pets2013/paper_57.pdf
Cheng R, Zhang Y, Bertino E, Prabhakar S (2006) Preserving user location privacy in mobile data management infrastructures. In: Proceedings of the 6th workshop on privacy enhancing technologies
Chow C, Mokbel MF, Aref WG (2009) Casper*: query processing for location services without compromising privacy. ACM Trans Database Syst (34)4
Chow CY, Mokbel MF, Liu X (2006) A peer-to-peer spatial cloaking algorithm for anonymous location-based service. In: Proceedings of ACM GIS
Cornelius C, Kapadia A, Kotz D, Peebles D, Shin M, Triandopoulos N (2008) Anonysense: privacy-aware people-centric sensing. In: Proceedings of ACM MobiSys
Damiani ML (2011) Third party geolocation services in LBS: privacy requirements and research issues. Trans Data Priv 4(2):55–72
Damiani ML (2013) European data protection: coming of age? In: Privacy enhancing techniques for the protection of mobility patterns in LBS: research issues and trends. Springer
Damiani ML, Bertino E, Silvestri C (2008) Protecting location privacy through semantics-aware obfuscation techniques. In: Proceedings of IFIPTM
Damiani ML, Bertino E, Silvestri C (2010) The PROBE framework for the personalized cloaking of private locations. Trans Data Priv 3(2):123–148
Damiani ML, Cuijpers C (2012) Privacy-aware geolocation interfaces for volunteered geography: a case study. In: Proceedings of ACM GEOCROWD
Damiani ML, Galbiati M (2012) Handling user-defined private contexts for location privacy in LBS. In: Proceedings of ACM GIS
Damiani ML, Silvestri C, Bertino E (2011) Fine-grained cloaking of sensitive positions in location-sharing applications. IEEE Pervasive Comput 10(4):64–72
Deng M, Wuyts K, Scandariato R, Preneel B, Joosen W (2011) A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements. J Requir Eng Spec Issue Digit Priv Theory Policies Technol 16(1):3–32
Duckham M, Kulik L (2006) Location privacy and location aware computing. In: Drummond J (ed) Dynamic & mobile GIS: investigating change in space and time. CRC Press, Boca Rator
Gedik B, Liu L (2005) Location privacy in mobile systems: a personalized anonymization model. In: Proceedings of ICDCS
GEOPRIV. http://www.ietf.org/html.charters/geopriv-charter.html
Ghinita G (2013) Privacy for location-based services. Morgan & Claypool Publishers, San Rafael
Ghinita G, Damiani ML, Silvestri C, Bertino E (2009) Preventing velocity-based linkage attacks in location-aware applications. In: Proceedings of ACM GIS
Ghinita G, Kalnis P, Khoshgozaran A, Shahabi C, Tan K-L (2008) Private queries in location based services: anonymizers are not necessary. In: Proceedings of ACM SIGMOD
Ghinita G, Kalnis P, Skiadopoulos S (2007) PRIVE: anonymous location-based queries in distributed mobile systems. In: Proceedings of WWW
Goetz M, Nath S, Gehrke J (2012) MASKIT: privately releasing user context streams for personalized mobile applications. In: Proceedings of ACM SIGMOD
Gruteser M, Grunwald D (2003) Anonymous usage of location-based services through spatial and temporal cloaking. In: Proceedings of ACM Mobysis
Hoh B, Gruteser M (2005) Protecting location privacy through path confusion. In: Proceedings of international conference on security and privacy for emerging areas in communications networks
Jensen CS, Lu H, Yiu ML (2009) Location privacy techniques in client-server architectures. In: Privacy in location-based applications: research issues and emerging trends. Springer
Kido H, Yanagisawa T, Satoh Y (2005) Protection of location privacy using dummies for location-based services. In: Proceedings of ICDEW
LaMarca A, de Lara E (2008) Location systems. Morgan and Claypool Publishers, San Rafael
Lane ND, Miluzzo E, Lu H, Peebles D, Choudhury T, Campbell AT (2010) A survey of mobile phone sensing. IEEE Commun Mag 48(9):140–150
Lee B, Oh J, Yu J, Kim H (2011) Protecting location privacy using location semantics. In: Proceedings of ACM SIGKDD
Lu H, Jensen CS, Yiu ML (2008) Pad: privacy-area aware, dummy-based location privacy in mobile services. In: Proceedings of ACM international workshop on data engineering for wireless and mobile access
Mascetti S, Freni D, Bettini C, Wang XS, Jajodia S (2011) Privacy in geo-social networks: proximity notification with untrusted service providers and curious buddies. VLDB J 20(4):541–566
Mokbel MF, Chow WG, Aref C-Y (2006) The new Casper: query processing for location services without compromising privacy. In: Proceedings of VLDB, pp 763–774
Mouratidis K, Yiu ML (2010) Anonymous query processing in road networks. IEEE Trans Knowl Data Eng 22(1):2–15
Myles G, Friday A, Davies N (2003) Preserving privacy in environments with location-based applications. IEEE Pervasive Comput 2:56–64
Nissembaum H (2011) A contextual approach to privacy online. Dedalus, J Am Acad Arts Sci 140(4):32–48
Palanisamy B, Liu L (2011) Mobimix: protecting location privacy with mix-zones over road networks. In: Proceedings of IEEE ICDE
Parent C, Spaccapietra S, Renso C, Andrienko G, Andrienko N, Bogorny V, Damiani ML, Gkoulalas-Divanis A, Macedo J, Pelekis N, Theodoridis Y, Yan Z (2013) Semantic trajectories modeling and analysis. ACM Comput Surv 45(4):42:1–42:32
Rechert K, Meier K, Zahoransky R, Wehrle D, von Suchodoletz D, Greschbach B, Wohlgemuth S, Echizen I (2013) Reclaiming location privacy in mobile telephony networks—effects and consequences for providers and subscribers. IEEE Syst J 7(2):211–222
Ruiz-Vicente C, Freni D, Bettini C, Jensen CS (2011) Location-related privacy in geo-social networks. IEEE Internet Computs 15:20–27
Shokri R, Theodorakopoulos G, Le Boudec JY, Hubaux JP (2011) Quantifying location privacy. In: IEEE symposium on security and privacy
Shokri R, Theodorakopoulos G, Troncoso C, Hubaux JP, Le Boudec JY (2012) Protecting location privacy: optimal strategy against localization attacks. In: Proceedings of CCS
Shokri R, Troncoso C, Diaz C, Freudiger J, Hubaux JP (2010) Unraveling an old cloak: k-anonymity for location privacy. In: Proceedings of WPES
Solove D (2013) Privacy self-management and the consent dilemma. Harv Law Rev 123:1880–1902
Sweeney L (2002) Achieving k-anonymity privacy protection using generalization and suppression. Int J Uncertain Fuzziness Knowl-Based Syst 10:571–588
Tavani HT, Moor JH (2001) Privacy protection, control of information, and privacy-enhancing technologies. ACM SIGCAS Comput Soc 31(1):6–11
Toch E, Ravichandran R, Cranor LF, Drielsma PH, Hong J, Kelley PG, Sadeh N, Tsai JY (2009) Analyzing use of privacy policy attributes in a location sharing application. In: Proceedings of symposium on usable privacy and security (SOUP)
Vicente CR, Assent I, Jensen CS (2011) Effective privacy-preserving online route planning. In: Proceedings of MDM
W3C (2012) Geolocation API specification. http://dev.w3.org/geo/api/spec-source.html
Westin A (1970) Privacy and freedom. Bodley Head
Xue M, Kalnis P, Pung HK (2009) Location diversity: enhanced privacy protection in location based services. In: Proceedings of international symposium on location and context awareness (LoCA)
Yigitoglu E, Damiani ML, Abul O, Silvestri C (2012) Privacy-preserving sharing of sensitive semantic locations under road-network constraints. In: IEEE MDM
Yiu ML, Jensen CS, Huang X, Lu H (2008) SpaceTwist: managing the trade-offs among location privacy, query performance, and query accuracy in mobile services. In: Proceedings of ICDE
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Damiani, M.L. Location privacy models in mobile applications: conceptual view and research directions. Geoinformatica 18, 819–842 (2014). https://doi.org/10.1007/s10707-014-0205-7
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10707-014-0205-7