On (The Lack Of) Location Privacy in Crowdsourcing Applications

Crowdsourcing enables application developers to benefit from large and diverse datasets at a low cost. Specifically, mobile crowdsourcing (MCS) leverages users' devices as sensors to perform geo-located data collection. The collection of geo-located data though, raises serious privacy concerns for users. Yet, despite the large research body on location privacy-preserving mechanisms (LPPMs), MCS developers implement little to no protection for data collection or publication. To understand this mismatch, we study the performance of existing LPPMs on publicly available data from two mobile crowdsourcing projects. Our results show that well-established defenses are either not applicable or offer little protection in the MCS setting. Furthermore, they have a much stronger impact on applications' utility than foreseen in the literature. This is because existing LPPMs, designed with location-based services (LBSs) in mind, are optimized for utility functions based on users' locations, while MCS utility functions depend on the values (e.g., measurements) associated with those locations. We finally outline possible research avenues to facilitate the development of new location privacy solutions that fit the needs of MCS so that the increasing number of such applications do not jeopardize their users' privacy.

[1]  Sébastien Gambs,et al.  Show me how you move and I will tell you who you are , 2010, SPRINGL '10.

[2]  John Krumm,et al.  Inference Attacks on Location Tracks , 2007, Pervasive.

[3]  Emiliano De Cristofaro,et al.  What Does The Crowd Say About You? Evaluating Aggregation-based Location Privacy , 2017, Proc. Priv. Enhancing Technol..

[4]  Henry A. Kautz,et al.  Learning and inferring transportation routines , 2004, Artif. Intell..

[5]  Rui Zhang,et al.  PriSense: Privacy-Preserving Data Aggregation in People-Centric Urban Sensing Systems , 2010, 2010 Proceedings IEEE INFOCOM.

[6]  Manolis Terrovitis,et al.  Privacy preservation in the dissemination of location data , 2011, SKDD.

[7]  Jean-Pierre Hubaux,et al.  Quantifying Interdependent Privacy Risks with Location Data , 2017, IEEE Transactions on Mobile Computing.

[8]  Bruno Martins,et al.  Predicting future locations with hidden Markov models , 2012, UbiComp.

[9]  Yang Zhang,et al.  walk2friends: Inferring Social Links from Mobility Profiles , 2017, CCS.

[10]  Marc-Olivier Killijian,et al.  Next place prediction using mobility Markov chains , 2012, MPM '12.

[11]  Jean-Pierre Hubaux,et al.  The (Co-)Location Sharing Game , 2019, Proc. Priv. Enhancing Technol..

[12]  Reza Shokri,et al.  Synthesizing Plausible Privacy-Preserving Location Traces , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[13]  Claude Castelluccia,et al.  Differentially private sequential data publication via variable-length n-grams , 2012, CCS.

[14]  Wajih Ul Hassan,et al.  Analysis of Privacy Protections in Fitness Tracking Social Networks -or- You can run, but can you hide? , 2018, USENIX Security Symposium.

[15]  Dieter Fox,et al.  Location-Based Activity Recognition , 2005, KI.

[16]  Jing Yang,et al.  Assessing the Influence of Spatio-Temporal Context for Next Place Prediction using Different Machine Learning Approaches , 2018, ISPRS Int. J. Geo Inf..

[17]  Marios D. Dikaiakos,et al.  Identification of key locations based on online social network activity , 2015, 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM).

[18]  Byoung-Tak Zhang,et al.  Real-time Route Inference and Learning for Smartphone Users using Probabilistic Graphical Models , 2012 .

[19]  Jean-Yves Le Boudec,et al.  Quantifying Location Privacy , 2011, 2011 IEEE Symposium on Security and Privacy.

[20]  Catuscia Palamidessi,et al.  Efficient Utility Improvement for Location Privacy , 2017, Proc. Priv. Enhancing Technol..

[21]  Fernando González-Ladrón-de-Guevara,et al.  Towards an integrated crowdsourcing definition , 2012, J. Inf. Sci..

[22]  Hui Zang,et al.  Anonymization of location data does not work: a large-scale measurement study , 2011, MobiCom.

[23]  Michael Zohner,et al.  ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation , 2015, NDSS.

[24]  Kaoru Sezaki,et al.  Silent Cascade: Enhancing Location Privacy Without Communication QoS Degradation , 2006, SPC.

[25]  Reza Shokri,et al.  A distortion-based metric for location privacy , 2009, WPES '09.

[26]  Sébastien Gambs,et al.  De-anonymization attack on geolocated data , 2014, J. Comput. Syst. Sci..

[27]  Albert-László Barabási,et al.  Understanding individual human mobility patterns , 2008, Nature.

[28]  Rachel Greenstadt,et al.  Blogs, Twitter Feeds, and Reddit Comments: Cross-domain Authorship Attribution , 2016, Proc. Priv. Enhancing Technol..

[29]  Gabriel Ghinita,et al.  Privacy for Location-based Services , 2013, Privacy for Location-based Services.

[30]  Sung-Bae Cho,et al.  Exploiting machine learning techniques for location recognition and prediction with smartphone logs , 2016, Neurocomputing.

[31]  Albert-László Barabási,et al.  Limits of Predictability in Human Mobility , 2010, Science.

[32]  Reza Shokri,et al.  Evaluating the Privacy Risk of Location-Based Services , 2011, Financial Cryptography.

[33]  Kang G. Shin,et al.  Anatomization and Protection of Mobile Apps' Location Privacy Threats , 2015, USENIX Security Symposium.

[34]  Li Xiong,et al.  Protecting Locations with Differential Privacy under Temporal Correlations , 2014, CCS.

[35]  Hui Xiong,et al.  Preserving privacy in gps traces via uncertainty-aware path cloaking , 2007, CCS '07.

[36]  Vern Paxson,et al.  Identifying Products in Online Cybercrime Marketplaces: A Dataset for Fine-grained Domain Adaptation , 2017, EMNLP.

[37]  Andrew W. Moore,et al.  X-means: Extending K-means with Efficient Estimation of the Number of Clusters , 2000, ICML.

[38]  Dan Cosley,et al.  Inferring social ties from geographic coincidences , 2010, Proceedings of the National Academy of Sciences.

[39]  César A. Hidalgo,et al.  Unique in the Crowd: The privacy bounds of human mobility , 2013, Scientific Reports.

[40]  Catuscia Palamidessi,et al.  A Predictive Differentially-Private Mechanism for Mobility Traces , 2013, Privacy Enhancing Technologies.

[41]  Chang Wen Chen,et al.  Nearby Friend Discovery with Geo-indistinguishability to Stalkers , 2014, FNC/MobiSPC.

[42]  Wang-Chien Lee,et al.  PGT: Measuring Mobility Relationship Using Personal, Global and Temporal Factors , 2014, 2014 IEEE International Conference on Data Mining.

[43]  Carmela Troncoso,et al.  Back to the Drawing Board: Revisiting the Design of Optimal Location Privacy-preserving Mechanisms , 2017, CCS.

[44]  Emiliano De Cristofaro,et al.  Knock Knock, Who's There? Membership Inference on Aggregate Location Data , 2017, NDSS.

[45]  Hans-Peter Kriegel,et al.  A Density-Based Algorithm for Discovering Clusters in Large Spatial Databases with Noise , 1996, KDD.

[46]  Lorenzo Bruzzone,et al.  Domain Adaptation for the Classification of Remote Sensing Data: An Overview of Recent Advances , 2016, IEEE Geoscience and Remote Sensing Magazine.

[47]  Ling Liu,et al.  Supporting anonymous location queries in mobile environments with privacygrid , 2008, WWW.

[48]  Marco Gruteser,et al.  USENIX Association , 1992 .

[49]  Guohong Cao,et al.  Deanonymizing mobility traces with co-location information , 2017, 2017 IEEE Conference on Communications and Network Security (CNS).

[50]  Ben Mokhtar Sonia,et al.  The Long Road to Computational Location Privacy: A Survey , 2018, IEEE Communications Surveys & Tutorials.

[51]  Sotiris Ioannidis,et al.  Please Forget Where I Was Last Summer: The Privacy Risks of Public Location (Meta)Data , 2019, NDSS.

[52]  Kang G. Shin,et al.  Location Privacy Protection for Smartphone Users , 2014, CCS.

[53]  Catuscia Palamidessi,et al.  Geo-indistinguishability: differential privacy for location-based systems , 2012, CCS.

[54]  David Lazer,et al.  Inferring friendship network structure by using mobile phone data , 2009, Proceedings of the National Academy of Sciences.

[55]  John Krumm,et al.  A survey of computational location privacy , 2009, Personal and Ubiquitous Computing.

[56]  Romain Rouvoy,et al.  APISENSE: Crowd-Sensing Made Easy , 2013, ERCIM News.

[57]  Xiaofeng Xu,et al.  STAC: spatial task assignment for crowd sensing with cloaked participant locations , 2015, SIGSPATIAL/GIS.

[58]  Hui Xiong,et al.  Enhancing Security and Privacy in Traffic-Monitoring Systems , 2006, IEEE Pervasive Computing.