Location Intelligence. Privacy Augsburg 2020 Anto Aasa - - PowerPoint PPT Presentation

Location Intelligence. Privacy

Augsburg 2020 Anto Aasa

http://aasa.ut.ee/augsburg

Location intelligence (LI)

• or spatial intelligence
• process of deriving meaningful insight from geospatial data

relationships to solve a particular problem.

• It involves layering multiple data sets spatially and/or

chronologically, for easy reference on a map.

• John Snow (London 1854)

http://aasa.ut.ee/augsburg

• Using IT services

– Collecting of the personal information

• Sensitive data
• Preferences
• Behaviour, attitudes, social situation
• Tracking

– Recording – Processing – Communicating

http://aasa.ut.ee/augsburg

• Acceptance of IT services strongly depends on

the existence of technical mechanisms for protecting the user’s privacy

– Data protection law

2011

Data protection law 2014

http://aasa.ut.ee/augsburg

6

https://static.ftitechnology.com/docs/third-party/forrester- 2015-data-privacy.pdf

www.privacyinternational.org

http://aasa.ut.ee/augsburg

• Cloud computing
• Server parks
• Who’s law?

http://aasa.ut.ee/augsburg

http://aasa.ut.ee/augsburg

http://aasa.ut.ee/augsburg

Game of drones

http://aasa.ut.ee/augsburg

• Compared to conventional IT services LBSs impose

much higher requirements on mechanisms for saving privacy:

– Location information passes many actors along the LBS supply chain – Tracking during everyday activities – Location information is often desired to be saved more than other personal information

http://aasa.ut.ee/augsburg

dilemma in privacy protection for LBSs

• Positioning and tracking represent inherent key functions

without which LBSs will not work and even make any sense at all.

• The same functions represent a potential source for misuse

and are therefore the reason LBSs are often exposed to distrust in public, which may prevent the success of LBSs in general. Desired function Misuse

http://aasa.ut.ee/augsburg

What is privacy?

http://aasa.ut.ee/augsburg

Different meaning

http://aasa.ut.ee/augsburg

Google Street View Land Board orthophoto

http://aasa.ut.ee/augsburg

Google Street View

http://ring24.positium.com

Privacy

• Many definitions
• Privacy is often equated with confidentiality or anonymity
• „Privacy is the claim of individuals, groups, and institutions to

determine for themselves, when, how, and to what extent information about them is communicated to others“ (Westin, 1970)

http://aasa.ut.ee/augsburg

Privacy principles

• Collection limitation
• Data Quality
• Purpose specification
• Use limitation
• Security safeguards
• Openness
• Individual participation
• Accountability

Personal data is

• any information relating to an identified or identifiable natural

person ('data subject');

• an identifiable person is one who can be identified, directly or

indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity

– (Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data) – link

Surveillance process

• Content

– Interception, reading SMS messages, bank operations, internet preferences, …

• Dynamics

– Regularities in movement, behaviour

Guidelines for Location-Based Services

• to promote and protect user privacy as new and exciting LBSs

are developed and deployed.

http://files.ctia.org/pdf/CTIA_LBS_Best_Practices_Adopted_03_10.pdf

Fundamental principles:

• LBS Providers must ensure that users receive meaningful

notice about how location information will be used, disclosed and protected so that users can make informed decisions whether or not to use the LBS and thus will have control over their location information.

• LBS Providers must ensure that users consent to the use or

disclosure of location information, and LBS Providers bear the burden of demonstrating such consent. Users must have the right to revoke consent or terminate the LBS at any time.

Guidelines for Location-Based Services

Notice

• Potential users must be informed about how their location

information will be used, disclosed and protected.

• If, LBS Providers want to use location information for a new

purpose not disclosed in the original notice, they must provide users with further notice and obtain consent to the new or

• ther use.

Guidelines for Location-Based Services

Notice

• how long any location information will be retained, if at all
• LBS Providers that share location information with third parties

must disclose what information will be provided

• LBS Providers must inform users how they may terminate the

LBS

Guidelines for Location-Based Services

Consent

• LBS Providers must obtain user consent to the use or disclosure
• f location information before initiating an LBS
• LBS Providers must allow users to revoke their prior consent

Guidelines for Location-Based Services

Safeguards

• 1. Security of Location Information
• 2. Storage of Location Information
• 3. Reporting Abuse
• 4. Compliance with Laws
• 5. Compliance with Guidelines

Guidelines for Location-Based Services

Four states of privacy:

• Anonymity permits the engagement and interaction with
• thers without being identified
• Solitude is the right of being alone and secure from intrusion,

interruption, and observation.

• Intimacy is the right to decide with whom, how much, and

when to interact.

• Reserve is the freedom to withhold a personal information or

the option to choose when to express it

http://aasa.ut.ee/augsburg

Concepts and Mechanisms for Privacy Protection

• Secure communications
• Privacy policies
• Anonymization
• Identifier abstraction
• Information content abstraction

http://aasa.ut.ee/augsburg

Secure Communications

• Location dissemination
• Negotiating and enforcing privacy policies
• Managing anonymity
• Identifier abstraction

http://aasa.ut.ee/augsburg

Privacy Policies

• 1. Actor constraints
• 2. Service constraints
• 3. Time constraints
• 4. Location constraints
• 5. Notification constraints
• 6. Accuracy constraints
• 7. Identity constraints

http://aasa.ut.ee/augsburg

Target must have full control on how location information is treated. 1) the target must be able to identify LBS users and providers that have access to its location information; 2) target may identify a set of LBSs or types of LBSs for which it either grants

• r denies acces to its location information and allows or not to process it

for service operation; 3) target must be able to restrict positioning to a certain period of time; 4) must be possible to limit positioning and location information access to predefined locations; 5) target can specify whether or not it wishes to be informed about positioning attempts. Upon arrival of such notification, it can authorize or deny positioning; 6) target can degrade the accuracy of location information; 7) target can determine to pass location informatin to other actors either by using a pseudonym insted of its true identity or without any identity at all.

http://aasa.ut.ee/augsburg

Anonymization

• Policies are efficient if all actors are trustworthy
• LBS actor may „talk about the target behind its back“

– Misbehavior or negligence of an actor – Attacks from hackers – Unauthorized access from insiders – Technical & human errors

• Pseudonymization

http://aasa.ut.ee/augsburg

Identifier abstraction

• Identifier is replaced by a pseudonym

– Permanent pseudonym – Temporary pseudonym

http://aasa.ut.ee/augsburg

Information content abstraction

• Degrading the the resolution of location information in space,

time, or both

• To make a certain target’s location data indistinguishable from
• ther persons staying close
• K-anonymity

http://aasa.ut.ee/augsburg

K-anonymity

http://aasa.ut.ee/augsburg

LBS privacy protection

Secure communication Authentication Integrity Confidentiality Policies Specification Enforcement Anonymization Identifier abstraction Content astraction

http://aasa.ut.ee/augsburg

• Communication
• Location
• Habits
• Identification

http://aasa.ut.ee/augsburg

Location intelligence

• Spatial intelligence
• Meaningful insight from geospatial data relationships to solve

a particular problem

• Layering multiple datasets
• London 1854, John Snow

http://aasa.ut.ee/augsburg

https://www.forbes.com/sites/louiscolumbus/2018/02/11/what-new-in-location- intelligence-for-2018/#679b157f14b5

Crowd sensing

• Evacuation plan

– Real time emergency GIS

• Mass events
• Commuting
• Transportation

http://aasa.ut.ee/augsburg

Evacuation plan?

http://aasa.ut.ee/augsburg

Mobile Positioning Data for the Mobility Studies

http://aasa.ut.ee/augsburg

• Call detail records (CDR) – location, time of

call and user id.

• Database: 2006 … today.

Passive Mobile Positioning: Memory files of mobile operators

Spatial resolution of CDR

100km

Data processing & Modelling…

Anchor points model:

• Home
• Work
• Other
• leisure,
• household,
• second home
• etc

Mobile Census

Distribution of mobile calls

http://aasa.ut.ee/augsburg

Commuting

Routing, OD-matrix

Central places & hinterlands

Commuters

Central place Urban region

Migration patterns

http://aasa.ut.ee/augsburg

Movement during Christmas Eve

Metallica concert in Tallinn

http://aasa.ut.ee/augsburg

Tourism: Estonians abroad

Latvian fishermen on lake Peipsi

Behavioural rhythms, physiology

Diurnal Weekly Seasonal

Chronotypes

Weekday Time, h

Seasonality of mobile calls

http://aasa.ut.ee/augsburg

Social networks

Mirror of wealthy world?

GPS-data

– App MobilityLog – Agreement with user – Different sensors – Algorithms detect:

• Stop
• Move
• Mode
• Regularity
• …

What mobility? Boring life…

Individual tracking

• LBS
• Location bank

http://aasa.ut.ee/augsburg

http://aasa.ut.ee/augsburg

Activity space

Tracing E-mail location

http://aasa.ut.ee/augsburg

Street cameras

http://aasa.ut.ee/augsburg

Face detection

http://aasa.ut.ee/augsburg

Google Street View

http://aasa.ut.ee/augsburg

Phone tracking

http://aasa.ut.ee/augsburg

Flickr

http://www.girardin.org/fabien/tracing/

http://aasa.ut.ee/augsburg

Identification of photocamera

http://www.geek.com/news/facebook-developing-way-to-fingerprint-the-camera-you-used-to-take-a-photo-1634542/

http://aasa.ut.ee/augsburg

Self exposure

http://aasa.ut.ee/augsburg

Location intelligence application areas

• Location-based advertising;
• Mobility of people;
• Transportation and traffic;
• Urban and rural planning;
• Tourism;
• Marketing;
• Social-media;
• Participatory democracy;
• Safety and security;
• Scientific research;

http://aasa.ut.ee/augsburg

10 20 30 40 50 60 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 kell (h) hulk mehed naised

Differences of visiting dating portals between gender.

ICT records everything

Male Female Time Number of visits

http://aasa.ut.ee/augsburg

Diurnal patterns of visiting gender-oriented portals

5 10 15 20 25 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 auto24 perekool

Car Family

http://aasa.ut.ee/augsburg

Time when people start to move

0% 5% 10% 15% 20% 25% 30% 35% 40% 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 mees naine

Mobile positioning data Male Female

http://aasa.ut.ee/augsburg

Diurnal rhythm of bank card usage

5 10 15 20 25 30 35 40 45 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

http://aasa.ut.ee/augsburg

Weekly rhythm of bank card usage

10 20 30 40 50 60 70 80 1 2 3 4 5 6 7

http://aasa.ut.ee/augsburg

http://aasa.ut.ee/augsburg

https://www.r-bloggers.com/what-programming-languages-are-used-most-on-weekends/

http://aasa.ut.ee/augsburg

http://aasa.ut.ee/augsburg

http://aasa.ut.ee/augsburg/literature