The Risks and Regulation of Location

24 Pages Posted: 22 Jan 2012

See all articles by Dirk Grunwald

Dirk Grunwald

University of Colorado at Boulder

Aaron Beach

affiliation not provided to SSRN

Kevin Bauer

University of Waterloo

Qin Lv

affiliation not provided to SSRN

Douglas Sicker

University of Colorado at Boulder - Department of Computer Science; University of Colorado at Denver

Date Written: August 15, 2010

Abstract

In the last ten years, concerns about location privacy have evolved from an academic topic that struggled to justify concerns about security to a mainstream issue that is affecting consumers, businesses and the legal system. Much of this proliferation of concerns arises from telecommunication and mobile computing platforms. Smart phones and GPS-assisted devices play an increasing role in people’s lives, and the technology of precise and easily obtained location information has imbued mobile and social media with location in advance of the public knowing how that information will be used and fully grasping the implication of pervasive location information. Furthermore, social media sites such as Twitter, Facebook, Foursquare, Buzz and many others have adopted location as a key part of the information they communicate. While social networks are not critical parts of the communication landscape, they are used by hundreds of millions of people who are only beginning to understand the potential problems with providing easily accessible location information to an industry with a checkered history of transparent privacy policies. At the same time, telecommunication networks use GPS, assisted GPS and other location technologies to enhance localization as a necessary part of the Emergency-911 services. On an increasing basis, consumers’ location information is being distributed with and without their knowledge. To what extent are users of these new technologies exposing themselves to identity attacks through sharing location information?

How can consumers understand and control how and when their information is being used or distributed and who has access to it?

In this paper, we briefly describe the technologies that underlie location-based services, their access and the notion of how location can be linked or inferred from multiple sources. We then survey common visible and hidden uses of location services, including social networks and emergency services. The technical community has developed a number of methods to hide or mask locations to provide a degree of anonymity while still preserving the benefit of location services. We briefly survey those methods and the “threat models” they seek to counter. We then describe threat models, or disclosures of location information, not commonly considered by the research community and their implications.

We lastly turn our attention to the policy implications of these technologies and the potential concerns that they present in terms of user privacy and safety. The technical community has long used automated policy descriptions to inform users about how their data will be used, but these mechanisms do not address location privacy. We theorize that it may be possible to enhance these methods to support location services based on some of the threat models that researchers have specified, but that broader concerns about location privacy can not rely on technical solutions and will need to rely on both education, good corporate citizenship and regulation.

Suggested Citation

Grunwald, Dirk and Beach, Aaron and Bauer, Kevin and Lv, Qin and Sicker, Douglas and Sicker, Douglas, The Risks and Regulation of Location (August 15, 2010). TPRC 2010, Available at SSRN: https://ssrn.com/abstract=1989200

Dirk Grunwald (Contact Author)

University of Colorado at Boulder ( email )

1070 Edinboro Drive
Boulder, CO 80309
United States

Aaron Beach

affiliation not provided to SSRN

Kevin Bauer

University of Waterloo ( email )

Waterloo, Ontario N2L 3G1
Canada

Qin Lv

affiliation not provided to SSRN

Douglas Sicker

University of Colorado at Denver ( email )

Box 173364
1250 14th Street
Denver, CO 80217
United States

University of Colorado at Boulder - Department of Computer Science ( email )

Boulder, CO
United States

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
121
Abstract Views
1,841
Rank
417,254
PlumX Metrics