[WG-PEMC] Re: A location-based service scheme with attribute information privacy | PLOS ONE

Hi, This takes me back to my military cryptography days and secure comms. We would need pinpoint accuracy to locate an injured soldier for instance. Or in other disaster scenarios use concentric cells for location accuracy. In either event what we always knew was the lag time danger of any server computing coordinates. There should always be a resistance to data in the cloud. Sessions would need to be culled instantly or legacy dta is available. What seems to be lacking here is something like a formal methods approach, Z, or something like that to mathematically prove the instances and the risks. Just my two penneth as well. Carol On Fri, Sep 13, 2024 at 12:50 AM Tom Jones wrote:

It took me a while to understand the concept of LBS and when I did I decided that putting that data in the cloud was a really bad idea. I know that the information junkies want the data, but I would prefer that my data just get wiped. I agree w/ Irene.

eg - i recently did some street level scans in western russia and southern France based on some reading i was doing. That data does not need to be stored on any server anywhere, thank you very much.

Peace ..tom jones

On Thu, Sep 12, 2024 at 12:31 PM Irene Graff via Wg-pemc < wg-pemc@kantarainitiative.org> wrote:

...

Interesting idea.

Basically using privacy preserving capacities like differential privacy to help location services obfuscate the user requests specifically? Unless I am getting this wrong seems like the strategy.

This is sort of a hamlet problem—to be or not to be that is the question. The issue with location services is most humans want very specific information down to feet. So naturally that bucks up against privacy.

The first order would be to make the device do the processing based on mapping data it receives and then provide the user the information about where they are located and only send signal to others about the user location if permitted or consented. Really things don’t move around too much that this can’t be the 80 v. 20. So what do about the 20 mostly traffic.

Without that a similar thing could be achieved if the user connection to the map but the history of that information is either removed every time, or if the service is keeping it for other problem solving look for ways to disassociate the user specifically from the information needed to problem solve. I think that is what they are attempting to do but it is not very efficient and smart systems can reverse this and the fuzzy piece adds errors and location is not forgiving of such things. This also adds processing on all fronts on the collection and also in the sort of re query of the same user asking similar question.

Truthfully, pushing more to the device is the answer, the more the computer in the person’s hand does the work the better. The query comes and is answered, the device does the computing and the server drops the request from the device to protect privacy. Only when the server needs information to provide information does it keep some data that can be aggregated to note what is going on in the area, but not tie that back to the user.

Anyway, short amount of time reading, my 2 pennies.



Irene Graff

Apple One Apple Park Way, 306-3WPE Cupertino, California, 95014 iPhone 1.408.806.2137 igraff@apple.com

On Sep 12, 2024, at 5:40 AM, John Wunderlich wrote:

Is this a practicable solution? Asking for a friend.

https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0309919

Have a better than expected day, John Wunderlich

LinkedIn: https://www.linkedin.com/in/privacycdn/ Twitter: https://twitter.com/PrivacyCDN

This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. _______________________________________________ A Community Group mailing list of KantaraInitiative.org Wg-pemc mailing list -- wg-pemc@kantarainitiative.org To unsubscribe send an email to staff@kantarainitiative.org List archives -- https://mailman.kantarainitiative.org/hyperkitty/list/wg-pemc@kantarainitiat... ______ Group wiki -- https://kantara.atlassian.net/wiki/spaces/Wg-pemc

_______________________________________________ A Community Group mailing list of KantaraInitiative.org Wg-pemc mailing list -- wg-pemc@kantarainitiative.org To unsubscribe send an email to staff@kantarainitiative.org List archives -- https://mailman.kantarainitiative.org/hyperkitty/list/wg-pemc@kantarainitiat... ______ Group wiki -- https://kantara.atlassian.net/wiki/spaces/Wg-pemc

_______________________________________________ A Community Group mailing list of KantaraInitiative.org Wg-pemc mailing list -- wg-pemc@kantarainitiative.org To unsubscribe send an email to staff@kantarainitiative.org List archives -- https://mailman.kantarainitiative.org/hyperkitty/list/wg-pemc@kantarainitiat...

---

Group wiki -- https://kantara.atlassian.net/wiki/spaces/Wg-pemc