MIT Technology Review

Tuesday, March 26, 2013

How Access to Location Data Could Trample Your Privacy

The smartphone revolution will include unprecedented surveillance by companies hoping to make money from user data.


Location, location: These images show the movements of a particular user over time. The colored areas shown in B and C represent the approximate resolution offered by mobile antenna.

In addition to making it easier to stay connected, the smartphone boom seems likely to bring with it another, less welcome, result: unprecedented surveillance by companies hoping to make money off of your whereabouts and behavior.

A new research paper shows how easily supposedly anonymous location data can be used to identify individuals; the findings promise to have profound importance as businesses seek new ways to make money from mobile users.

A team of researchers from Louvain University in Belgium, Harvard and MIT, published the paper, Unique in the Crowd: The privacy bounds of human mobilityin the latest issue of Nature'sopen-access journal Scientific Reports. With access to data spanning 15 months of mobile phone use by 1.5 million people, and a similar-sized dataset from Foursquare, the researchers found that they could identify 90 percent of users with just four data points and 50 percent of users with just two. They also show a methematical relationship between the resolution of locational information and the ease with which a user can be identified by his or her movements. 

Although the users' identies were still unknown, other work has shown how easily such data can be de-anonymized by cross referencing it with another source. The "anonymous" data released by Netflix as part of its challenge to find a better recommendation algorithm, for instance, was de-anonymized using data from the Internet Movie Database. 

The work could perhaps provide a way for advertisers to ensure that ads are shown to a particular user even if tracking that user is not explicitly permitted. More importantly, it could also help us develop safeguards against overly aggressive consumer tracking. 

The researchers conclude:

Given the amount of information that can be inferred from mobility data, as well as the potentially large number of simply anonymized mobility datasets available, this is a growing concern. […] These results should inform future thinking in the collection, use, and protection of mobility data. Going forward, the importance of location data will only increase and knowing the bounds of individual's privacy will be crucial in the design of both future policies and information technologies.