Challenges of keyword-based location disclosure

A practical solution to location privacy should be incrementally deployable. We claim it should hence reconcile the economic value of location to aggregators, usually ignored by prior works, with a user's control over her information. Location information indeed is being collected and used by many mobile services to improve revenues, and this gives rise to a heated debate: Privacy advocates ask for stricter regulation on information collection, while companies argue that it would jeopardize the thriving economy of the mobile web. We describe a system that gives users control over their information and does not degrade the data given to aggregators. Recognizing that the first challenge is to express locations in a way that is meaningful for advertisers and users, we propose a keyword-based design. Keywords characterize locations, let the users inform the system about their sensitivity to disclosure, and build information directly usable by an advertiser's targeting campaign. Our work makes two main contributions: we design a market of location information based on keywords and we analyze its robustness to attacks using data from ad-networks, geo-located services, and cell networks.

[1]  Hamed Haddadi,et al.  Fighting online click-fraud using bluff ads , 2010, CCRV.

[2]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[3]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[4]  Saikat Guha,et al.  Privad: Practical Privacy in Online Advertising , 2011, NSDI.

[5]  César A. Hidalgo,et al.  Unique in the Crowd: The privacy bounds of human mobility , 2013, Scientific Reports.

[6]  Saikat Guha,et al.  Koi: A Location-Privacy Platform for Smartphone Apps , 2012, NSDI.

[7]  Dan Boneh,et al.  Location Privacy via Private Proximity Testing , 2011, NDSS.

[8]  Seungyeop Han,et al.  These aren't the droids you're looking for: retrofitting android to protect data from imperious applications , 2011, CCS '11.

[9]  Neil Daswani,et al.  The Goals and Challenges of Click Fraud Penetration Testing Systems , 2009 .

[10]  G. Loewenstein,et al.  Misplaced Confidences: Privacy and the Control Paradox. , 2010 .

[11]  Balachander Krishnamurthy,et al.  Measuring privacy loss and the impact of privacy protection in web browsing , 2007, SOUPS '07.

[12]  Lorrie Faith Cranor,et al.  When are users comfortable sharing locations with advertisers? , 2011, CHI.

[13]  Balachander Krishnamurthy,et al.  For sale : your data: by : you , 2011, HotNets-X.

[14]  Cecilia Mascolo,et al.  Don't kill my ads!: balancing privacy in an ad-supported mobile application market , 2012, HotMobile '12.

[15]  Yin Zhang,et al.  Measuring and fingerprinting click-spam in ad networks , 2012, CCRV.

[16]  Helen Nissenbaum,et al.  Adnostic: Privacy Preserving Targeted Advertising , 2010, NDSS.