Locational privacy a new challenge for geographic information science
This presentation is the property of its rightful owner.
Sponsored Links
1 / 22

Locational privacy: a new challenge for geographic information science PowerPoint PPT Presentation


  • 64 Views
  • Uploaded on
  • Presentation posted in: General

Locational privacy: a new challenge for geographic information science. Jonathan Raper http://www.soi.city.ac.uk/~raper [email protected] The impact of LBS on GIS. GIS make LBS functionally possible LBS are a rapidly growing part of GIS BUT, LBS and GIS are qualitatively different

Download Presentation

Locational privacy: a new challenge for geographic information science

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Locational privacy a new challenge for geographic information science

Locational privacy: a new challenge for geographic information science

Jonathan Raper

http://www.soi.city.ac.uk/~raper

[email protected]


The impact of lbs on gis

The impact of LBS on GIS

  • GIS make LBS functionally possible

  • LBS are a rapidly growing part of GIS

  • BUT, LBS and GIS are qualitatively different

  • The experience of Hypergeo and Webpark IST projects demonstrates this


Lbs will be personal gis

LBS will be personal GIS

  • Individual mapping in real time

  • Interactive guide adapted to your preferences

  • Geographic information retrieval

  • Tracking service?

  • Geographic diary linked to e.g. your camera


Our day sailing tracked

Our day sailing, tracked


Streams of data

Streams of data

  • Current position

  • Location, time of transactions

  • Movement trends

A 10km car journey at 1 minute sampling interval


Challenge

Challenge

  • Lots of GIS functionality to offer LBS

    • Context-aware mapping

    • Proximity searches

    • Routing

    • Spatio-temporal data mining

  • Must persuade users to allow us to provide it

  • Must also persuade users to allow us to collect data

  • Need to demonstrate that we are responsible with LBS data


User power

User power

  • Need to put the users in control

  • Webpark study of 1200 potential LBS users:

    • 31% would like to get all information by request (pull)

    • 26% want to define the way they get information (pull+controlled push)

    • 18% would be prepared to have safety info pushed

    • 6% prepared to have all kinds of information pushed

  • Providing and managing push and pull modes at user discretion makes new demands on GIS

  • LBS and GIS are different functionally and in terms of the relationship between user and producer


Gis vs lbs

GISvsLBS

collected datagenerated data

offlinereal time

analysis orientedtransaction oriented

b2bb2c

professionalspublic

aggregated datapersonal data

LBS can only develop within a privacy framework


Privacy

Privacy

  • What is privacy?

    • an individual human right preventing intrusion, appropriation, breach of confidence

  • ECHR: Article 8: right to respect for private/family life

    • 1. Everyone has the right to respect for their private and family life, their home and their correspondence

    • 2. There shall be no interference by a public authority with the exercise of this right except ... in accordance with the law and (as) is necessary in a democratic society

  • Data protection

    • European Directive (95/46/EC)


Information privacy

Information privacy

  • What is privacy in information?

  • Human rights (EHCR)

    • Private communication (needs encyption?)

    • Authentication of identity/ right to anonymity

  • Data protection (EU Directive 95/46/EC)

    • Fairly and lawfully processed

    • Processed for limited purposes and according to rights

    • Adequate, relevant and not excessive

    • Accurate and secure

    • Not kept longer than necessary

    • Not transferred to third countries without protection


Information privacy provisions

Information privacy provisions

  • Dutch Constitution Article 10 (2):

    • Rules to protect privacy shall be laid down by Act of Parliament in connection with the recording and dissemination of personal data

  • Spanish Constitution Article 18 (4):

    • The law shall limit the use of data processing in order to guarantee the honour and personal and family privacy of citizens and the full exercise of their rights

  • Canadian Personal Information Protection and Electronic Documents Act 2001

  • US Bill of Rights- privacy ‘implicit’: Supreme Court


Sensitive data

Sensitive data

  • Data Protection Directive as implemented in all EU states gives extra protection to ‘sensitive data’ requiring explicit informed consent to release

    • Racial

    • Political

    • Health

    • Religious

    • Trade union affiliation

  • BUT: Location ‘traffic’ data is not defined ‘sensitive’

    • Can be used in compliance with general principles


Use of location traffic data

Use of location ‘traffic’ data

  • More than half the population of the UK carries a tracking device. Its records can be accessed by police officers, intelligence authorities, customs officials and Inland Revenue inspectors. Crimes, unpaid taxes or government dues can be investigated using this information. The data is held for several months: in some cases, for several years. We carry these devices voluntarily. They are called mobile phones.

  • Guardian, London, November 29th, 2001


How sensitive is location

How sensitive is location?

  • For some, very:

    • Those in fear of harassment

  • For some, not at all

    • Exhibitionists e.g. gpsdrawing.com

  • There is though a natural suspicion of services

    • A survey at personalisation.org suggested that <50% of people were prepared to give personal information to service providers

  • There is tolerance of mobile phone location data

    • At current levels of accuracy (between 50m & 20km)

    • At future levels of accuracy (5-20m), then perhaps not?


Jonathan s weekly movement

Jonathan’s weekly movement

1km

Each colour= 1 day

Darker= later in the day


Implications for lbs data

Implications for LBS data

  • Security- how is identity verified? Who has device?

  • Consent- to who can streams of data be given?

  • Usage- how can the data be processed?

  • Linkage- with what can this data be linked

  • Inference- what can be stored in the profile?

  • Limits on transfers of data

  • Privacy issues must be addressed by LBS


Spatio temporal data mining

Spatio-temporal data mining

Processing location data:

Location trends knowledge discovery tool from Hypergeo


Locational behaviour analysis

Locational behaviour analysis

  • Where you are usually (envelopes)

  • Guess current activity (movement styles)

  • Locational profile defines geographic relevance

    • Movement- direction, minimum effort direction

    • Constraint- path options, accessibility, perspective

    • Association- contiguity, place

    • Setting- what has influence over, focus

  • Geographic relevance defines spatial privacy as the inverse?


Transaction logging example

Transaction logging example

Subscription

database

Transaction log

Transaction profile

Georeferenced

Postcodes

Electoral roll

Location/household

profile

Neighbourhood

characterisation

Socio-economic

profile


Locational profiling

Locational profiling

Linkage:

Location data

Plotted over

Poverty map


Locational privacy

Locational privacy

  • Locational persona- identity defined by location?

    • GIS/LBS should explore this hypothesis

  • Access to tracking- only for applications + consent?

    • Which applications are compelling enough?

  • Resolution- how much resolution is sensitive?

    • Once resolution reaches ‘street level’

  • Locational profiling

    • Home range distinction, conjectured activity by movement?

  • Information needs

    • geographic patterns in requests revealed?


Agenda for gi lbs research

Agenda for GI/LBS research

  • LBS require personal data safeguards

  • Need to engage with consumer world view

  • Browsing, retrieving and analysing GI

  • (locational) privacy pragmatism?

  • How to sell GIS functionality for micropayments?


  • Login