Add to collection(s) Add to saved
  1. Arts & Humanities
  2. Communications

An Overview of Location Privacy for Mobile Computing Jason Hong

advertisement 
©2009 Carnegie Mellon University : 1
An Overview of Location
Privacy for Mobile Computing
Jason Hong
jasonh@cs.cmu.edu
•2009: 150 million GPSequipped phones shipped
•2014: 770 million GPSequipped phones expected
to ship (~ 5x increase!)
•Future: Every mobile device
will be location-enabled
[Berg Insight ‘10]
2
©2011 Carnegie Mellon University : 2
Ubiquity of Location-Enabled
Devices
©2011 Carnegie Mellon University : 3
Location-Based Services Growing
3
©2011 Carnegie Mellon University : 4
Lots of Location-Based Services
Claims over 5 million users
4
• Okayness checking
• Micro-coordination
• Games
– Exploring a city
• Info retrieval / filtering
– Ex. geotagging of photos
• Activity recognition
– Ex. walking, driving, bus
• Improving trust
– Co-locations to infer tie strength and trust
©2011 Carnegie Mellon University : 5
Potential Benefits of Location
• Little sister
• Undesired
obligations
Failing to social
address
accidents and
• Wrong
inferences
legitimate
concerns could blunt
• adoption
Over-monitoring
by employers
of a promising
technology
©2011 Carnegie Mellon University : 6
Potential Risks
• System architecture
– How you get location
– Where and how data stored and used
• User interface and policies
– When is it shared
– How is it displayed
• User studies
– How do people manage in practice
©2011 Carnegie Mellon University : 7
Protecting Location Privacy
• System architecture
– How you get location
– Where and how data stored and used
• User interface and policies
– When is it shared
– How is it displayed
• User studies
– How do people manage in practice
©2011 Carnegie Mellon University : 8
Protecting Location Privacy
• Some location-based content,
even if old, still useful
• Different time-to-live
Real-time
Traffic, Parking spots, Friend Finder
Daily
Weather, Social events, Coupons
Weekly
Movie schedules, Ads, Yelp!
Monthly
Geocaches, Bus schedules
Yearly
Maps, Store locations, Restaurants
Shah Amini et al, Caché: Caching Location-Enhanced Content
to Improve User Privacy. (Under Review)
©2011 Carnegie Mellon University : 9
How You Get and Use Location
• Pre-fetch all the content you might
need for a geographic area in advance
– SELECT * from DB where City=‘Pittsburgh’
• Then, use it locally on your device only
– We assume that you determine your
location locally using WiFi or GPS
– So a content provider would only know
you are in Pittsburgh
©2011 Carnegie Mellon University : 10
How You Get and Use Location
• Are people’s mobility patterns regular?
– Pre-fetching useful only if we can
predict where people will be
– Locaccino: Top 20 of 4000, 460k traces
– Place naming: 26 people, 118k traces
• For each person, 5mi radius around two
most common places (home + work)
accounts for what % of mobility data?
©2011 Carnegie Mellon University : 11
Feasibility of Pre-Fetching
Home
5mi
Work
©2011 Carnegie Mellon University : 12
Feasibility of Pre-Fetching
Radius
Locaccino
Place Naming
5mi
86%
79%
10mi
87%
84%
15mi
87%
86%
©2011 Carnegie Mellon University : 13
Feasibility of Pre-Fetching
• Content doesn’t change that often
– Average amount of change per day
(over 5 months)
• Downloading it doesn’t take long
– NYC has 250k POI = 100MB, 65MB for map
©2011 Carnegie Mellon University : 14
Feasibility of Pre-Fetching
• Android background service for apps
– Apps modified to make requests to service
– User specifies home and work locations
– Caché service pre-fetches content in
background when plugged in and WiFi
– Caché also gets content for your
region if you spend night there
©2011 Carnegie Mellon University : 15
Caché Toolkit
• System architecture
– How you get location
– Where and how data stored and used
• User interface and policies
– When is it shared
– How is it displayed
• User studies
– How do people manage in practice
©2011 Carnegie Mellon University : 16
Protecting Location Privacy
• Started in Mar 2009, 5 million users
• After two decades of research,
finally a LBS beyond navigation
– Large graveyard of location apps
– Critical mass of devices and developers
• Opportunity to study value proposition
and how people manage privacy
Janne Lindqvist et al, I’m the Mayor of My House: Examining Why
People Use a Social-Driven Location Sharing Application, CHI 2011
©2011 Carnegie Mellon University : 17
Why People Use Foursquare
• “Foursquare is a mobile application
that makes cities easier to use and
more interesting to explore. It is a
friend-finder, a social city guide
and a game that challenges users to
experience new things, and rewards
them for doing so. Foursquare lets
users "check in" to a place when
they're there, tell friends where they
are and track the history of where
they've been and who they've been
there with.”
©2011 Carnegie Mellon University : 18
What is Foursquare?
• Check-in
–
–
–
–
–
See list of nearby places
Manually select a place
“Off the grid” option
Can create new places
Facebook + Twitter too
• Can see check-ins of
friends, plus who else
is at your location
©2011 Carnegie Mellon University : 19
How Does Foursquare Work?
©2011 Carnegie Mellon University : 20
How Does Foursquare Work?
Leave tips for others
©2011 Carnegie Mellon University : 21
How Does Foursquare Work?
Earn badges for activities
©2011 Carnegie Mellon University : 22
How Does Foursquare Work?
Become mayor of a place if you
have most check-ins in past 60 days
Wean Hall http://foursquare.com/venue/209221
Gates http://foursquare.com/venue/174205
©2011 Carnegie Mellon University : 23
How Does Foursquare Work?
• People fighting to be mayors of a place
– One pair eventually got engaged
• Some people mayor of 30+ places
• Some businesses offering discounts to
mayors
©2011 Carnegie Mellon University : 24
News of the Weird
• Why do people use foursquare?
– How do they manage privacy concerns?
– Surprising uses?
• Interviews with early adopters of LBS
(N=6)
• First survey to understand range of
uses of foursquare (N=18)
• Second survey to understand details
of use, especially privacy (N=219)
©2011 Carnegie Mellon University : 25
Three-Part Study of Foursquare
• Principal components analysis based
on survey data
– See paper for details
• Foursquare’s mission statement quite
accurate
–
–
–
–
Fun (mayorships, badges)
Keep in touch with friends
Explore a city
Personal history
©2011 Carnegie Mellon University : 26
Why People Check-In
Why people don’t check-in
• Presentation of Self issues
– Didn’t want to be seen
in McDonalds or fast food
– Boring places, or at Doctor’s
• Didn’t want to spam friends
– Facebook and Twitter
• Didn’t want to reveal
location of home
– Tension: “Home” to signal availability
– Tension: Some checked-in everywhere
©2011 Carnegie Mellon University : 27
Privacy Issues
©2011 Carnegie Mellon University : 28
Privacy Issues
©2011 Carnegie Mellon University : 29
Privacy Issues
• Surprisingly few concerns about stalkers
– Only 9/219 participants (but early adopters)
• Checking in when leaving (safety)
– Surprising use, 29 people said they did this
– 71 people (32%) used for okayness checking
• Over half of participants had a stranger
on their friends list
– Want to know where interesting people go
– Perceived like Twitter followers
– Suggests separating Friends from friends
• System architecture
– How you get location
– Where and how data stored and used
• User interface and policies
– When is it shared
– How is it displayed
• User studies
– How do people manage in practice
©2011 Carnegie Mellon University : 30
Protecting Location Privacy
• Place naming
– “Hey mom, I am at 55.66N 12.59E.”
vs “Home”
• User study + machine learning to
model how people name places
– Semantic: business, function, personal
– Geographic: city, street, building
Jialiu Lin et al, Modeling People’s Place Naming Preferences
in Location Sharing, Ubicomp 2010
©2011 Carnegie Mellon University : 31
Sharing One’s Location
• Location abstractions
share nothing
&
no social benefits
share precise location (GPS)
&
max social benefits
©2011 Carnegie Mellon University : 32
Sharing One’s Location
• Location abstractions
use location
abstractions to
scaffold privacy
concerns
share nothing
&
no social benefits
share precise location (GPS)
&
max social benefits
©2011 Carnegie Mellon University : 33
Sharing One’s Location
• Location abstractions
©2011 Carnegie Mellon University : 34
Sharing One’s Location
type of description
example
geographic
100 Art Rooney Ave
Near Golden
Triangle
Downtown
Pittsburgh
semantic
Heinz Field
Steelers vs. Bengals
Steelers’ home
Football field
• Place entropy
©2011 Carnegie Mellon University : 35
Sharing One’s Location
• Capabilities of today’s mobile devices
– Location, sound, proximity, motion
– Call logs, SMS logs, pictures
• We can now analyze real-world social
networks and human behaviors at
unprecedented fidelity and scale
• 2.8m location sightings
of 489 volunteers in Pittsburgh
©2011 Carnegie Mellon University : 36
Understanding Human Behavior
at Large Scales
©2011 Carnegie Mellon University : 37
• Insert graph here
• Describe entropy
• Can predict Facebook friendships
based on co-location patterns
– 67 different features
•
•
•
•
•
Intensity and Duration
Location diversity (entropy)
Mobility
Specificity (TF-IDF)
Graph structure (mutual neighbors, overlap)
– 92% accuracy in predicting friend/not
Justin Cranshaw et al, Bridging the Gap Between
Physical Location and Online Social Networks, Ubicomp 2010
©2011 Carnegie Mellon University : 38
Early Results
©2011 Carnegie Mellon University : 39
Using features such a
location entropy
significantly improves
performance over
shallow features such as
number of co-locations
39
40
©2011 Carnegie Mellon University : 40
• Can predict number of friends based
on mobility patterns
– People who go out often, on weekends,
and to high entropy places tend to have
more friends
– (Didn’t check age though)
Justin Cranshaw et al, Bridging the Gap Between
Physical Location and Online Social Networks, Ubicomp 2010
©2011 Carnegie Mellon University : 41
Early Results
©2011 Carnegie Mellon University : 42
Entropy Related to Location Privacy
• Managing geotagged photos
• Enhanced social graph
• Understanding real-world human
behavior at large scales
©2011 Carnegie Mellon University : 43
Ongoing Work
Wired Magazine story
• 4.3% Flickr photos, 3% YouTube,
1% Craigslist photos geotagged
• Idea: Use place entropy to
differentiate between public / private
• But need to radically scale up entropy
– 2.8m sightings, 489 volunteers, N years
©2011 Carnegie Mellon University : 44
Managing Geotagged Photos
©2011 Carnegie Mellon University : 45
Calculating Entropy from Flickr
• Viz of
566k
check-ins
in NYC
©2011 Carnegie Mellon University : 46
Foursquare Check-in Data
• Family, friends, coworkers,
acquaintances all
mixed together
• Gay friends and
12yo swimmers
• Family friends and
high school friends
• Friends and boss
• My personal use
©2011 Carnegie Mellon University : 47
Enhanced Social Graph
©2011 Carnegie Mellon University : 48
Enhanced Social Graph
• Create a more
sophisticated
graph that
captures tie
strength and
relationship
• Take call data,
SMS, FB use,
co-locations
• More appropriate
sharing
• What does me going to a place
say about me and that place?
• Scale up to thousands of people,
what does it say about people in a city?
©2011 Carnegie Mellon University : 49
Understanding Human Behavior
at Large Scales
• Utility for individuals
– Predict onset of depression
– Infer physical decline
– Predict personality type
• Utility for groups
–
–
–
–
–
–
Architecture and urban design
Use of public resources (e.g. buses)
Traffic Behavioral Inventory (TBI)
Ride-sharing estimates
What do Pittsburgher’s do?
What do Chinese people in Pittsburgh do?
©2011 Carnegie Mellon University : 50
Understanding Human Behavior
at Large Scales
©2011 Carnegie Mellon University : 51
Understanding Human Behavior
at Large Scales
• Get location from thousands of people in a city
– Or, what if we could give smart phone to every
incoming freshman?
• New metrics to describe people and places
– Churn, transience, burst
• Ways of sharing data with other researchers
while maintaining privacy of individuals?
– Very high cost in collecting data
– How to offer k-anonymity (or other) guarantees?
– Privacy server rather than sharing data
Human Phenomena We Care About
Intermediate Metrics
Characterize People and Places at Large Scale
Sensed Data
Computer Data
Location, sound,
proximity, motion
Facebook, Call Logs,
SMS logs
Privacy Models
Privacy, Health Care, Relationships,
Info Overload, Architecture, Urban Design
©2011 Carnegie Mellon University : 52
Research Angle of Attack
• 137 page article
surveying privacy
in HCI and CSCW
Iachello and Hong, End-User Privacy in Human-Computer
Interaction, Foundations and Trends in Human-Computer
Interaction
©2011 Carnegie Mellon University : 53
End-User Privacy in HCI
©2011 Carnegie Mellon University : 54
Blizzard
Random peak
Trigger happy guy
…same guy
WYEP Summer Festival
Event
Non-event
©2011 Carnegie Mellon University : 55
2010 Photos in Pittsburgh
©2011 Carnegie Mellon University : 56
Related documents
2 question eval form - Carnegie Mellon University
2 question eval form - Carnegie Mellon University
Second Carnegie Mellon Conference in Electric Power Systems:
Second Carnegie Mellon Conference in Electric Power Systems:
About Computing@Carnegie Mellon
About Computing@Carnegie Mellon
Carnegie Mellon University Application for Transfer Credit Masters
Carnegie Mellon University Application for Transfer Credit Masters
Download
advertisement