References (36)



The Risks and Regulation of Location

Dirk Grunwald

University of Colorado at Boulder

Aaron Beach

affiliation not provided to SSRN

Kevin Bauer

University of Waterloo

Qin Lv

affiliation not provided to SSRN

Douglas Sicker

Carnegie Mellon University; University of Colorado at Boulder - Department of Computer Science

August 15, 2010

TPRC 2010

In the last ten years, concerns about location privacy have evolved from an academic topic that struggled to justify concerns about security to a mainstream issue that is affecting consumers, businesses and the legal system. Much of this proliferation of concerns arises from telecommunication and mobile computing platforms. Smart phones and GPS-assisted devices play an increasing role in people’s lives, and the technology of precise and easily obtained location information has imbued mobile and social media with location in advance of the public knowing how that information will be used and fully grasping the implication of pervasive location information. Furthermore, social media sites such as Twitter, Facebook, Foursquare, Buzz and many others have adopted location as a key part of the information they communicate. While social networks are not critical parts of the communication landscape, they are used by hundreds of millions of people who are only beginning to understand the potential problems with providing easily accessible location information to an industry with a checkered history of transparent privacy policies. At the same time, telecommunication networks use GPS, assisted GPS and other location technologies to enhance localization as a necessary part of the Emergency-911 services. On an increasing basis, consumers’ location information is being distributed with and without their knowledge. To what extent are users of these new technologies exposing themselves to identity attacks through sharing location information?

How can consumers understand and control how and when their information is being used or distributed and who has access to it?

In this paper, we briefly describe the technologies that underlie location-based services, their access and the notion of how location can be linked or inferred from multiple sources. We then survey common visible and hidden uses of location services, including social networks and emergency services. The technical community has developed a number of methods to hide or mask locations to provide a degree of anonymity while still preserving the benefit of location services. We briefly survey those methods and the “threat models” they seek to counter. We then describe threat models, or disclosures of location information, not commonly considered by the research community and their implications.

We lastly turn our attention to the policy implications of these technologies and the potential concerns that they present in terms of user privacy and safety. The technical community has long used automated policy descriptions to inform users about how their data will be used, but these mechanisms do not address location privacy. We theorize that it may be possible to enhance these methods to support location services based on some of the threat models that researchers have specified, but that broader concerns about location privacy can not rely on technical solutions and will need to rely on both education, good corporate citizenship and regulation.

Number of Pages in PDF File: 24

Open PDF in Browser Download This Paper

Date posted: January 22, 2012  

Suggested Citation

Grunwald, Dirk and Beach, Aaron and Bauer, Kevin and Lv, Qin and Sicker, Douglas, The Risks and Regulation of Location (August 15, 2010). TPRC 2010. Available at SSRN: https://ssrn.com/abstract=1989200

Contact Information

Dirk Grunwald (Contact Author)
University of Colorado at Boulder ( email )
1070 Edinboro Drive
Boulder, CO 80309
United States
Aaron Beach
affiliation not provided to SSRN
Kevin Bauer
University of Waterloo ( email )
Waterloo, Ontario N2L 3G1
Qin Lv
affiliation not provided to SSRN
Douglas Sicker
Carnegie Mellon University ( email )
Pittsburgh, PA 15213-3890
United States
University of Colorado at Boulder - Department of Computer Science ( email )
Boulder, CO
United States
Feedback to SSRN

Paper statistics
Abstract Views: 967
Downloads: 75
Download Rank: 253,895
References:  36
Paper comments
No comments have been made on this paper