How to have the best of location-based
services while avoiding the growing threat
to personal privacy.
By StEPhEn B. WiCkER
Privacy in the
“Our VIew Of reality is conditioned by our position in
space and time—not by our personalities as we like
to think. Thus every interpretation of reality is based
upon a unique position. Two paces east or west and
the whole picture is changed.”
—Lawrence Durrell, Balthazaar10
subsequently revealed that at least
some of the initial concerns were
groundless. Assuming Apple’s ano-nymity-preservation techniques are
adequate, Apple does not compile
location traces for individual users,
instead enlisting those users as data
collectors in a worldwide exercise in
crowdsourcing. Apple is creating a
highly precise map of cell sites and access points in an effort to improve the
speed and accuracy of its user-location
estimates, thus providing more-re-fined location-based services. However, despite Apple’s quick and thorough
response, long-term issues remain.
This article explores the evolution
of location-based services (LBS), culminating in Apple’s and Google’s use
of crowdsourced data to create a system for obtaining location fixes potentially faster and more accurate than
the global positioning system (GPS).
This article also develops an intuitive sense of the potentially revelatory
power of fine-grain location data, then
addresses the question of potential
harm. The most obvious concern is
the stalker, while others involve manipulation and threats to autonomy.
Also provided is a brief review of the
philosophy of place, focusing on the
ability of location-based advertising
(LBA) to disrupt individuals’ relationships with their surroundings. It then
turns to the potential for anonymous
LBS, with the aim of saving the benefit
while avoiding potential harm. Finally,
“…to be human is to be ‘in place’.”
—Tim Cresswell, Place: A Short Introduction7
On April 20, 2011, U.K. researchers Alasdair Allan and
Peter Warden caused a media frenzy by announcing
their discovery of an iPhone file—consolidated.dba—
that contained time-stamped user-location data. 4 A
FAQ published by Apple3 and congressional testimony
by Apple’s vice president for software technology26
a The file had already been identified in a 2010 text on iOS forensics by Sean Morrissey20 but was
largely ignored at the time.
the precision of cellular-location
estimates means service providers
are able to obtain location estimates
with address-level precision, creating
a serious privacy problem, as the estimates
can be highly revealing of user behavior,
preferences, and beliefs.
Supposedly anonymous location traces
can be de-anonymized through correlation
with publicly available databases.
Privacy-aware design makes it
possible to retain the full benefit
of LBS while preventing accumulation
of address-level location traces for
a given individual and reducing the
potential for de-anonymization.