k-Anonymity for Location Privacy, AT&T targets K-12

All Points pointed out an interesting new development that might help us take control over our privacy: k-Anonymity.

I can’t find details on this technology, but am glad to see it being discussed. It is important. The abstract here mentions the “location protection broker”. This sounds a bit like the Identity Oracle proposed here. With a name like CliqueCloak it sure seems like I’d be able to track the paper down with Google. Apparently the authors have done a good job at cloaking their intellectual property though. The physorg article doesn’t mention the role of government, and has no mention of location protector brokers. I wonder if the paper outlines the role played by the government in regulating location protection brokers. Anyone got a link to more details on this paper?

Don’t worry, AT&T is thinking of the children.

Google, AT&T and others are rapidly deploying new LBS infrastructure with apparently little regard to location privacy issues. We in the geospatial community really need to be on top of this issue. I anticipate a school campus incident that “could have been avoided” using something similar to what AT&T announced today. See press release : AT&T Offers Network Industry-First RFID and GPS-Based Solutions for K – 12 Education Segment. This would not be good for personal freedom.

The public could just as easily over-react in the opposite direction. Suppose, for example, what might happen if Google was found archiving our every spatial move. The public would likely favor a move to ban tracking altogether. This would not be good for the LBS industry.

Neogeographers, Volunteers and Crowds

In the latest indication that Neogeography is becoming a disruptive technology, All Points quotes MapInfo CEO saying that NeoGeography is not GIS.

This is interesting considering MapInfo’s history of avoiding of the term (GIS) when describing themselves. Take a look at their brochure – lots of flashy eye candy, but no mention of “GIS”. (It’s not searchable, so I can’t say that for sure.)

The lament reminds me of Matt Dillon’s performance in Drugstore Cowboy when describing TV Babies.

Speaking of TV Babies, I guess I shouldn’t be surprised how popular Justin.tv is with voters in the Amazon Web Services challenge. If you haven’t voted yet, please do so.

War is too important to be left to the generals.
-Clemenceau

Maybe geography is too important to be left to geographers? NSGIC Blog points out a new paper by Michael Goodchild, Citizens as Sensors: The World of Volunteered Geography. It’s worth reading. My only disappointment is, while the abstract says he will discuss threats to privacy, I can’t find much discussion on that in the paper.

Nobody goes there anymore – it’s too crowded. – Yogi Berra

Note that Goodchild is not calling it Crowdsourcing, as those following Googles’ activities like to call it. Goodchild’s paper was published before My Location was released, a move which has raised even more privacy issues. CIO Today explains some of the privacy issues. I’d be interested in hearing what Goodchild might say about this.

Spatial Privacy and Identity Oracles

The launch of Google Maps with My Location yesterday has stirred up discussion of spatial privacy in the NY Times.

Privacy issues have long been discussed in other sectors, but only relatively recently in GeoData arena. Bob Blakley has been studying this for quite a while, and has promoted the concept of an “Identity Oracle”. While it has nothing to do with Oracle Corporation, private industry does play a key role.

The idea is that I should own and control my private information. Presumably this would include my location. I want to decide who does and does not have access to my location (and my children’s location).

Bob explains it this way:

The Identity Oracle is not a technology. It’s a business. Its business plan says “We allow people to enjoy the benefits of their identities while protecting them against the risks of misuse of their identities”. It charges money for its services.

While privacy issues have been discussed in context of Location Based Services (LBS), I haven’t seen any discussion of how Identity Oracle concepts might fit into the mix.

An Identity Oracle would not allow others to know where I am, but only enough information to provide the service I want from them.

Tell us, Identity Oracle, is Kirk near a gas station?

For example, maybe I want to allow Google to sell my information to advertisers, but I don’t want them to reveal my location. I want gas stations to only know that I’m near them – but not my precise coordinates.

This is not a simple concept, but one worth exploring. Google will soon likely be under greater scrutiny with respect to spatial privacy, perhaps we in the geospatial community should consider how an Identity Oracle might fit into LBS business plans.