Privacy challenges of open APIs: Case location based services

Location coordinates provide interesting context data for various purposes. In the early days location data was mainly connected to emergency services, but nowadays several social and commercial applications can benefit from users' position information. Smartphones may reveal location data directly to application developers, but due to the latest developments any mobile can be traced using operators' infrastructure. However, there are several technology, business, usability and privacy challenges to be solved before successful and widespread location based services (LBS) can be offered. This paper focuses on the usability and privacy challenges, utilizing both operator and internet location services. The LBS challenges are evaluated and then followed by a definition of a location broker model. The implementation of the corresponding proof of concept is described in detail. Finally the conclusions with future research proposals are presented.

[1]  Axel Küpper,et al.  TraX: a device-centric middleware framework for location-based services , 2006, IEEE Communications Magazine.

[2]  Lorrie Faith Cranor,et al.  Locaccino: a privacy-centric location sharing application , 2010, UbiComp '10 Adjunct.

[3]  Marc Langheinrich,et al.  I'm Here! Privacy Challenges in Mobile Location Sharing , 2010 .

[4]  David Evans,et al.  Privacy Protection for Social Networking Platforms , 2008 .

[5]  Vesa Suikkola Open Exposure of Telco Capabilities - Identification of Critical Success Factors for Location-Based Services in Open Telco , 2010, 2010 6th International Conference on Wireless and Mobile Communications.

[6]  Yrjö Raivio,et al.  Open Telco: a new business potential , 2009, Mobility Conference.

[7]  Yrjö Raivio,et al.  Towards Open Telco - Business Models of API Management Providers , 2011, 2011 44th Hawaii International Conference on System Sciences.

[8]  Lorrie Faith Cranor,et al.  Capturing location-privacy preferences: quantifying accuracy and user-burden tradeoffs , 2011, Personal and Ubiquitous Computing.

[9]  Francesco Parisi-Presicce,et al.  Blind Custodians: A Database Service Architecture That Supports Privacy Without Encryption , 2005, DBSec.

[10]  Lorrie Faith Cranor,et al.  Location-Sharing Technologies: Privacy Risks and Controls , 2009 .

[11]  Georg Treu,et al.  Implicit Authorization for Accessing Location Data in a Social Context , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[12]  Balachander Krishnamurthy,et al.  On the leakage of personally identifiable information via online social networks , 2009, CCRV.

[13]  Gerald Friedland,et al.  Cybercasing the Joint: On the Privacy Implications of Geo-Tagging , 2010, HotSec.