Smart phones and other portable devices are increasingly hooking us into location-based systems so that we can find local services, check in at events, connect with friends and businesses and much more. But, there is a downside to allowing a third party to know your GPS co-ordinates or access your cell phone location – privacy and security breaches and inadvertent sharing of the information.

Ali Khoshgozaran and Cyrus Shahabi of the Information Laboratory (InfoLab), in the Department of Computer Science, at the University of Southern California Los Angeles, point out that the plethora of location services that might access your device now means that it is almost impossible to verify the trustworthiness of any given system and the ways personal location information is being used by such systems. Indeed, there have been several security breaches reported over the last few years when users have naively shared their details with a malicious server or when an adversarial entity has hooked into their location with malicious intent. As such, the concept of “location privacy” is increasingly important to users and trustworthy organizations offering services.

“The most widely used industry practices to provide user privacy rely on policy-based systems where the service provider discloses its intent on how it is handling/sharing user location data,” explains Khoshgozaran. “While susceptible to security breaches, tampering, theft and data loss, such approaches also assume users would trade-off their private location information with various services they receive from location-based service providers.” He adds that the proliferation of such services makes it impossible for normal users to regain control of their location traces. “Aggregating these “bread crumbs” left on various data centers reveals surprising details about the personal lives of individuals ranging from their political affiliations, religious views and personal health to their work schedule, life habits and even what times their residence is vacant (and hence a good target for robbery),” he told Sciencetext

The USC team has reviewed the various approaches to location privacy, such as anonymization and location-cloaking that blur a user’s precise location by merging data with other anonymous users in a wider region. You still find a nearby restaurant to meet at, but the system providing the data doesn’t get to verify whether you’re actually there nor does it learn your identity. With such techniques, to achieve privacy, location queries find places of interest near a cloaked region likely to include several other users rather than a user’s precise location. A decentralized approach to such cloaking makes the system more secure against malicious attackers or curious eavesdroppers.

An alternative method is to employ cryptographic techniques that allow Bob and Alice to post queries tailored to their location to each other or an untrusted server in a secure way. With such protocols, for instance, two parties can determine who is the older (or richer) without disclosing their exact age (wealth) to each other (This problem is known as the “Yao’s Millionaires’ problem”). Khoshgozaran and Shahabi along with other scientists have employed similar techniques for secure evaluation of location-based queries. Solutions to such problems, however, build on cryptographic protocols such as key exchange, secure matching and comparison that require a lot of computing power, something that smart phone users don’t necessarily have at their disposal while browsing for a place to eat.

The above methods suffer from privacy and quality issues. Cloaking means the precision of the information you get isn’t perfect and it can also lead to privacy leaks, whereas cryptography is costly in computing terms, which means slow in real terms and also generally requires a trusted server to bear the load. A third technique relies on the theory of private information retrieval to disguise the actual records a user retrieves from a server as a result to his location query. With private information retrieval, Bob can receive from Alice a certain element from a list owned by her without letting Alice know which record Bob has retrieved. Khoshgozaran and Shahabi have developed techniques that use this theory to create a privacy-aware location-server.

Ali Khoshgozaran, & Cyrus Shahabi (2010). A taxonomy of approaches to preserve location privacy in location-based services Int. J. Comput. Sci. Eng., 5 (2), 86-96