Author:

Keywords:

C16/15/058#53326573

Abstract:

The Internet has fundamentally changed our society, the way we live, work and express ourselves. Improvements on information and in communication technology have created mobile devices that offer smart mobile services that keep us constantly connected and that deliver digital content. Millions of such mobile service are available today. While being inexpensive in terms of actual money, user data has become the actual currency, rewarding the company that knows the most about their users. This has created an eco-system which, invisible during normal usage, records virtually every action online. The recorded data fuels sophisticated artificial algorithms that learn our interests, desires and secrets for purposes such as behavioral advertisement and surveillance. We focus on location-based services (LBSs) to address the privacy concerns of the mobile-device eco-system. Currently deployed LBSs are designed in a privacy-invasive way, because the service provider and other third parties learn accurate location information on their users. This is a significant threat to the user’s privacy, because entities with access to accurate location data are able to infer sensitive information, such as users’ home/work address, religious beliefs, sexual orientation and income level. We understand LBSs as a new socio-technical practice and assess its implications on privacy from an interdisciplinary perspective, including the engineering, ethics, social and legal domain. We employ the concept of contextual integrity in order to evaluate how the changes of information flow, imposed by the new socio-technical practice, affect society. Furthermore, we propose a framework that allows to quantify threats towards an adversary that is able to observe app traffic. We show that this poses a threat to the user’s privacy in general, but may also pose a threat to the user’s location privacy. In order to address the privacy concerns of LBSs, we study technical solutions that allow users to keep their data confidential. Therefore, we study the design of private protocols for service providers that want to provide guarantees that they cannot learn user location information. Our design accounts for the current business model of most mobile services to monetize their investments with data that they learn about their users. Particularly, the overhead on the service provider’s infrastructure is minimal allowing for a low cost maintenance of the service. Furthermore, the service provider is able to learn, in a privacy-preserving way, statistics about the locations that the users share among each other. This may serve as a form of monetization. Since most service providers, due to their business model, are reluctant to implement privacy friendly protocols, we study the design and analysis of obfuscation-based protection mechanisms. These location-privacy preserving mechanisms (LPPMs) allow users to protect their whereabouts when engaging in privacy-invasive protocols. We propose a framework that allows the computation of the optimal LPPM for users that engage sporadically in LBSs and that is tailored to a user’s mobility profile and the user’s constraints. We furthermore propose a framework that allows for a first-order location privacy approximation for users that employ LPPMs. Finally, we conclude the research results of this thesis and outline paths of future work. Here we put particular emphasis on studying quantification frameworks that take a middle ground between complexity and simplicity. Furthermore, we suggest to study how our framework can be applied for the purpose of privacy visualization. This may serve as a practical tool for the visualization of both the user’s current location privacy as well as an assessment on how the privacy level changes for the next query to the LBS and thus contribute for users to better understand the privacy implications of their actions. Finally, possibilistic thinking should also be applied to the design of LPPMs.