ABSTRACT
A Location Based Service (LBS) is a service where knowledge of the location of an object or individual is used to personalise the service. Typical examples include the E911 emergency location service in the US and 'Where is the nearest xx' type of services. However, since these services often may be implemented in a way that exposes sensitive personal information, there are several privacy issues to consider. A key question is: "Who should have access to what location information under which circumstances?It is our view that individuals should be equipped with tools to become in the position to formulate their own personal location privacy policies, subject to applicable rules and regulations.This paper identifies concepts that may be useful when formulating such policies. The key concept is that of an observation of a located object. An observation typically includes the location, the identity of the object, the time the observation was made and the speed of the object. The idea is that the individual should be able to adjust the accuracy at which these observations are released depending on parameters such as the intended use and the identity of the recipient.We provide fragments of a language for formulating personal location privacy policies and give some small examples illustrating the kind of policies that we have in mind.
- 1.Ateniese, G., Herzberg, A., Krawczyk, H., and Tsudik, G. On Traveling Incognito. In journal of Computer Networks (31) 8, pp. 871-884, 1999.]] Google ScholarDigital Library
- 2.Ateniese, G., Herzberg, A., Krawczyk, H., and Tsudikc, G. Untraceable Mobility: On Travelling Incognito. Computer Networks and ISDN Systems, April 1999]] Google ScholarDigital Library
- 3.Bahl, P., and Padmanabhan, V. N. "Radar: An in-building rfbased user location and tracking system," In Proceedings of the IEEE Infocom 2000, Tel-Aviv, Israel, vol. 2, Mar. 2000, pp. 775--784.]]Google Scholar
- 4.Berthold, O., and K~hntopp, M. Identity Management Based On P3P. In proceedings of "Workshop on Design Issues in Anonymity and Unobservability", july 2000. Also available at http://www.koehntopp.de/marit/publikationen/idmanage/BeK oe_00IdmanageBasedOnP3P.pdf]] Google ScholarDigital Library
- 5.Fox, S. The Internet Life Report. Trust and Privacy Online: Why Americans Want to Rewrite the Rules. The Pew Internet & American Life Project. August 20, 2000. http://www.pewinternet.org/reports/pdfs/PIP_Trust_Privacy_ Report.pdf]]Google Scholar
- 6.Lee, C., Hwang M., and Yang W. Enhanced privacy and authentication for the global system for mobile communications. Wireless Networks Volume 5, No. 4 (Aug. 1999). Pages 231 - 243]] Google ScholarDigital Library
- 7.Leonhardt, U., and Magee, J. Security considerations for a Distributed Location Service. Journal of Network and Systems Management, 6(1):51-70, March 1998]] Google ScholarDigital Library
- 8.Norwegian parliament. 'Act of 14. April 2000 No. 31 relating to the processing of personal data (Personal Data Act)'. http://www.personvern.uio.no/regler/peol_engelsk.pdf]]Google Scholar
- 9.Rannenberg, K. How much negotiation and detail can users handle? Experience with security negotiations and the granularity of access control in communications. In "Proceedings of 6 th European Symposium on Research in Computer Security, France, October 2000", LNCS 1895, Springer, Editors F. Cuppens, F., Deswarte, Y., Gollmann, D., and Waidner, M.]] Google ScholarDigital Library
- 10.Reservasjonsregisteret. The Br~nn~ysund Register Centre. http://www.brreg.no/oppslag/reservasjon/index.html]]Google Scholar
- 11.Robinson, T. Location is everything. Internet week online, tuesday September 12, 2000. http://www.internetwk.com/lead/lead091200.htm]]Google Scholar
- 12.Spreitzer, M., and Theimer, M. Providing location information in a ubiquitous computing environment. In Proceedings of the 14th ACM Symposium on Operating System Principles, volume 27 of ACM SIGOPS, pages 270- 283, 1993.]] Google ScholarDigital Library
- 13.Spreitzer, M., and Theimer, M. Scalable, secure, mobile computing with location information. Communications of the ACM, 36(7):27, 1993.]] Google ScholarDigital Library
- 14.Sun Microsystems. JAVA Location Services. Java- Location Services: The New Standard for Location-enabled e-Business. http://www.mapinfo.com/community/free/library/java_locati on_svcs_whitepaper.pdf http://www.jlocationservices.com/company/ImageMatters/jav alocationServices.html]]Google Scholar
- 15.W3C. P3P and Privacy on the Web FAQ. http://www.w3.org/P3P/P3FAQ]]Google Scholar
- 16.W3C. Platform for Privacy Preferences (P3P) Project. http://www.w3.org/P3P/]]Google Scholar
- 17.XMARC INC., WISE 2.0, http://www.xmarc.com/news_events/2001/press_air-xmarc. htm]]Google Scholar
Index Terms
- Concepts for personal location privacy policies
Recommendations
Mobility management across hybrid wireless networks: Trends and challenges
Future generation wireless networks are envisioned to be a combination of diverse but complementary access technologies. Internetworking these types of networks will provide mobile users with ubiquitous connectivity across a wide range of networking ...
Location management for wireless networks: issues and directions
Location management is an important part of current and emerging wireless and mobile networks. Location management involves maintaining location information as mobiles power-on, move or power-off. This can be broadly divided into two steps location ...
Protecting location privacy using location semantics
KDD '11: Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data miningAs the use of mobile devices increases, a location-based service (LBS) becomes increasingly popular because it provides more convenient context-aware services. However, LBS introduces problematic issues for location privacy due to the nature of the ...
Comments