Interesting idea.
Basically using privacy preserving capacities like differential privacy to help location services obfuscate the user requests specifically? Unless I am getting this wrong seems like the strategy.
This is sort of a hamlet problem—to be or not to be that is the question. The issue with location services is most humans want very specific information down to feet. So naturally that bucks up against privacy.
The first order would be to make the device do the processing based on mapping data it receives and then provide the user the information about where they are located and only send signal to others about the user location if permitted or consented. Really things don’t move around too much that this can’t be the 80 v. 20. So what do about the 20 mostly traffic.
Without that a similar thing could be achieved if the user connection to the map but the history of that information is either removed every time, or if the service is keeping it for other problem solving look for ways to disassociate the user specifically from the information needed to problem solve. I think that is what they are attempting to do but it is not very efficient and smart systems can reverse this and the fuzzy piece adds errors and location is not forgiving of such things. This also adds processing on all fronts on the collection and also in the sort of re query of the same user asking similar question.
Truthfully, pushing more to the device is the answer, the more the computer in the person’s hand does the work the better. The query comes and is answered, the device does the computing and the server drops the request from the device to protect privacy. Only when the server needs information to provide information does it keep some data that can be aggregated to note what is going on in the area, but not tie that back to the user.
Anyway, short amount of time reading, my 2 pennies.
Irene Graff
Apple
One Apple Park Way, 306-3WPE
Cupertino, California, 95014
iPhone 1.408.806.2137
igraff@apple.com
Have a better than expected day,
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
_______________________________________________
A Community Group mailing list of KantaraInitiative.org
Wg-pemc mailing list --
wg-pemc@kantarainitiative.orgTo unsubscribe send an email to
staff@kantarainitiative.orgList archives --
https://mailman.kantarainitiative.org/hyperkitty/list/wg-pemc@kantarainitiative.org/______
Group wiki --
https://kantara.atlassian.net/wiki/spaces/Wg-pemc