| Title | Rethinking Location Privacy for Unknown Mobility Behaviors |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Oya, Simon, Troncoso, Carmela, Pèrez-Gonzàlez, Fernando |
| Conference Name | 2019 IEEE European Symposium on Security and Privacy (EuroS P) |
| Keywords | blank-slate approach, blank-slate models, Computing Theory and Privacy, Data models, data privacy, data protection, design phase, Human Behavior, location privacy, location privacy protections, location privacy service, location privacy-preserving mechanisms, LPPM design, mechanism design, mobile computing, Mobility Models, mobility patterns, nonsporadic location privacy scenarios, privacy, privacy properties, profile estimation-based LPPM, pubcrawl, Quantifying privacy, Resiliency, Scalability, sporadic hardwired models, Testing, Training, Training data, unknown mobility, Zirconium |
| Abstract | Location Privacy-Preserving Mechanisms (LPPMs) in the literature largely consider that users' data available for training wholly characterizes their mobility patterns. Thus, they hardwire this information in their designs and evaluate their privacy properties with these same data. In this paper, we aim to understand the impact of this decision on the level of privacy these LPPMs may offer in real life when the users' mobility data may be different from the data used in the design phase. Our results show that, in many cases, training data does not capture users' behavior accurately and, thus, the level of privacy provided by the LPPM is often overestimated. To address this gap between theory and practice, we propose to use blank-slate models for LPPM design. Contrary to the hardwired approach, that assumes known users' behavior, blank-slate models learn the users' behavior from the queries to the service provider. We leverage this blank-slate approach to develop a new family of LPPMs, that we call Profile Estimation-Based LPPMs. Using real data, we empirically show that our proposal outperforms optimal state-of-the-art mechanisms designed on sporadic hardwired models. On non-sporadic location privacy scenarios, our method is only better if the usage of the location privacy service is not continuous. It is our hope that eliminating the need to bootstrap the mechanisms with training data and ensuring that the mechanisms are lightweight and easy to compute help fostering the integration of location privacy protections in deployed systems. |
| DOI | 10.1109/EuroSP.2019.00038 |
| Citation Key | oya_rethinking_2019 |
Rethinking Location Privacy for Unknown Mobility Behaviors