Many of the tools and applications we use today, in particular our mobile phones, record location data. This can be simple information such as someone’s home or work address through to complex trajectories pinpointing a person’s route through a city every few seconds from a mobile device.
Location data can also be implicit from other data sources. For example, by examining transactions on a customer’s payment card, it is possible to learn that they visited a particular coffee shop at 09:15 on Wednesday 25th August, and to begin to construct location trajectories for their movements that day.
Organisations and society can benefit from the rich information contained in location data. For example, during the coronavirus pandemic, the ability to reconstruct the movements of infected individuals and to trace those they came into contact with is an essential element in managing the spread. More generally, location data can be used to plan urban transport, or to join the home location of individuals with demographic data from the local area.
However location data is highly sensitive and its use can put personal information at risk. There are many things about our location traces that we would rather keep private: what time we made it home last night; how often we’ve been to the doctor this month; which church, temple, or mosque we visit regularly, and so on. Additionally, the lack of presence at a particular location can pose dangers of its own.
Location traces form patterns of behaviour that are unique to individuals. It has been shown that even the coarse location resolution recorded by a mobile carrier’s antennas is very revealing; just four points in time and space are enough to uniquely identify 95% of individuals. This means that even in a dataset where primary identifiers have been removed and locations are generalised to a large area, an adversary with background knowledge of your approximate location at four points in time is likely to be able to isolate your location trace and learn all the other locations you visited.
General solutions to provide strong privacy protection for location data are beyond what is currently possible. The data may consist of many time-location points for each individual and we must assume that an adversary could have knowledge of any of them. Moreover the data is sparse and highly unique to individuals meaning there is little chance that an individual’s data can hide in the crowd.
Instead we need to consider more specific solutions for groups of problems. For example, for use cases involving a person’s home location, it may be sufficient to generalise this to a local area rather than the exact address.
Do contact us if you’d like our help in providing privacy protection to enable processing and analytics of location data.
Looking for help? Fill the form and start a new adventure.