Fernando Pérez-González
Keynote Talk at First EAI International Conference on Security and Privacy in New Computing Environments, Guanzghou, China
Thursday, December 15, 2016

Over time, users have become accustomed to sharing personal data when they install new apps in their smartphones. Declining to do so, normally aborts the installation process. Sadly, users have convinced themselves that the value of their data is much lower than that of the apps they install, “after all, they have nothing to hide”. And thus, in redefining their business models many companies have touted better services and applications which even come for free, in exchange for some loss of privacy. However, as we will argue, privacy and utility do not necessarily make up a zero-sum game.

In the case of space-time location, a kind of information that should be considered private, there are a number of alternatives for adversaries to learn it, ranging from the triangulation of cellular phone signals to the metadata of pictures shared in social networks. Using the powerful inference capabilities of data mining, some companies are even promising to combine all the available inputs to predict what will be the location of a person in the near future. A recent MIT study showed that with only four approximate space-time points, it was possible to univocally de-anonymize a user in a database with 1.5 million of them. And this might be only the beginning, as ever more intrusive applications step in. Even putting such Orwellian perspective aside, it is easy to understand the immense value of location data. But there is more that users can do than giving up...

In this talk we will revisit the techniques, some of them little known, that can be applied to find out where we are, and the potential threats that they entail when combined with data mining. Guaranteeing location privacy turns out to be an elusive problem, starting with the lack of one-fits-all definitions. We will describe the technologies that have been proposed during the last decade to protect location privacy, including anonymization, obfuscation, mixes, and processing with encrypted signals. Those technologies stand at the crossroads of several disciplines such as signal processing, information theory, software engineering, database management, game theory and cryptography. But we will also adopt a critical point of view: in complicating the setups and definitions, researchers have failed to answer some fundamental questions that we will single out. To conclude, we will discuss the challenges that lie ahead and their practical and societal impact.