San Francisco - Innovative new technologies can make it easier to pay your bridge toll or bus fare, to search for nearby businesses from your cell phone, and to get in and out of secure areas with a card instead of a key. But these systems also pose a dramatic threat to locational privacy -- your ability to move in public spaces without the systematic recording of where you are and when you are there.
In a report released today, the Electronic Frontier Foundation (EFF) documents how your location information is collected by various popular electronic devices and services, and argues for concrete technological solutions that would allow you to enjoy these systems' benefits without sacrificing your privacy in your everyday life.
"There are nifty new location-based technologies like electronic road-toll tags and cell-phone apps that alert you when your friends are nearby -- but these systems often create and store records of your movements," said EFF Staff Technologist Peter Eckersley, one of the co-writers of the white paper. "This could make it possible for others to know when you visited a health clinic, what church or bar you spend time in, or who you go to lunch with. It is essential that privacy-protecting algorithms are built into these devices and services, so we can enjoy their convenience without making our private lives into open books."
Systems that track people's movements are gaining in popularity, and over the next decade, it's likely that these technologies will be indelibly woven into the fabric of everyday life. The report tackles specific services in use today, and details encryption strategies and designs that would protect sensitive location information.
"The technical solution to preserving privacy in digital services lies in modern cryptography and careful design," said Stanford University mathematician Andrew J. Blumberg, the white paper's other co-writer. "It may seem counterintuitive, but using cryptography, these systems can function without collecting and storing personal data at all. The best way for systems to protect user data is not to collect it in the first place; then the information is not available for anyone to buy, steal, or obtain by subpoena -- it would stay truly private."
For the full white paper "On Locational Privacy, and How to Avoid Losing it Forever":
Electronic Frontier Foundation
Andrew J. Blumberg