Designing location services for privacy and security  <ul><li>Rakkhi Samarasekera </li></ul><ul><li>Twitter: @rakkhis </li...
Step 1 – risks with location data Step 2 – mistakes made by Google and Apple Step 3 – designing location systems properly ...
Step 1: It is a problem for some Presentation Identifier. Information Classification as Needed Step 1 >  Step 2 > Step 3 S...
Does he know where you live? Presentation Identifier. Information Classification as Needed Step 1 >  Step 2 > Step 3 Socia...
Some people should not be found Presentation Identifier. Information Classification as Needed Step 1 >  Step 2 > Step 3 So...
If you aren't doing anything wrong, what do you have to hide?  Presentation Identifier. Information Classification as Need...
“ If I'm not doing anything wrong, then you have no cause to watch me”  Presentation Identifier. Information Classificatio...
Watch someone long enough, and you'll find something to arrest -- or just blackmail with  Presentation Identifier. Informa...
Quis custodiet custodes ipsos?   Presentation Identifier. Information Classification as Needed Step 1 >  Step 2 > Step 3 S...
Maybe some people should not know where you are….. Presentation Identifier. Information Classification as Needed Step 1 > ...
Maybe your boss shouldn’t either… Presentation Identifier. Information Classification as Needed Step 1 >  Step 2 > Step 3 ...
Comfortable with location based advertising? Presentation Identifier. Information Classification as Needed Step 1 >  Step ...
Step 1 – risks with location data Step 2 – mistakes made by Google and Apple Step 3 – designing location systems properly ...
Step 2: clearly some mistakes were made Presentation Identifier. Information Classification as Needed Step 1 >  Step 2  > ...
Consent buried in terms and conditions Presentation Identifier. Information Classification as Needed Step 1 >  Step 2  > S...
Better… Presentation Identifier. Information Classification as Needed Step 1 >  Step 2  > Step 3 Social location privacy
“ Apple is not tracking the location of your iPhone” Presentation Identifier. Information Classification as Needed “ it’s ...
Unique identifiers are the enemy of anonymity Presentation Identifier. Information Classification as Needed Step 1 >  Step...
Why upload data in real time? Presentation Identifier. Information Classification as Needed Step 1 >  Step 2  > Step 3 Soc...
Apple “bug”: location tracking that won't stop… Step 1 >  Step 2  > Step 3 Social location privacy
No encryption Android v2.3  historical location data not deleted Step 1 >  Step 2  > Step 3 security Social location privacy
Too much historical data Step 1 >  Step 2  > Step 3 Social location privacy
Step 1 – risks with location data Step 2 – mistakes made by Google and Apple Step 3 – designing location systems properly ...
Consent and notice in context Presentation Identifier. Information Classification as Needed Step 1 >   Step 2 >  Step 3 So...
Use only for approved purpose Presentation Identifier. Information Classification as Needed Step 1 >   Step 2 >  Step 3 So...
Encrypt personal data in storage, transit and backup #bettersafethansony Presentation Identifier. Information Classificati...
Presentation Identifier. Information Classification as Needed Step 1 >   Step 2 >  Step 3 Provide opt-out and disable Soci...
Presentation Identifier. Information Classification as Needed Step 1 >   Step 2 >  Step 3 Simple access to update and dele...
Presentation Identifier. Information Classification as Needed Step 1 >   Step 2 >  Step 3 Careful of onward transfer and t...
Recap Presentation Identifier. Information Classification as Needed Step 1 >   Step 2 >  Step 3 <ul><li>Notice consent and...
Designing location services for privacy and security  <ul><li>Rakkhi Samarasekera </li></ul><ul><li>Twitter: @rakkhis </li...
Upcoming SlideShare
Loading in …5
×

Designing location services for privacy

405 views
354 views

Published on

Privacy and security considerations for location aware services.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
405
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Designing location services for privacy

  1. 1. Designing location services for privacy and security <ul><li>Rakkhi Samarasekera </li></ul><ul><li>Twitter: @rakkhis </li></ul><ul><li>Linkedin.com/in/rakkhi </li></ul><ul><li>rakkhis.com </li></ul>
  2. 2. Step 1 – risks with location data Step 2 – mistakes made by Google and Apple Step 3 – designing location systems properly Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  3. 3. Step 1: It is a problem for some Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  4. 4. Does he know where you live? Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  5. 5. Some people should not be found Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  6. 6. If you aren't doing anything wrong, what do you have to hide? Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  7. 7. “ If I'm not doing anything wrong, then you have no cause to watch me” Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  8. 8. Watch someone long enough, and you'll find something to arrest -- or just blackmail with Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  9. 9. Quis custodiet custodes ipsos? Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  10. 10. Maybe some people should not know where you are….. Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  11. 11. Maybe your boss shouldn’t either… Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  12. 12. Comfortable with location based advertising? Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  13. 13. Step 1 – risks with location data Step 2 – mistakes made by Google and Apple Step 3 – designing location systems properly Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  14. 14. Step 2: clearly some mistakes were made Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  15. 15. Consent buried in terms and conditions Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  16. 16. Better… Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  17. 17. “ Apple is not tracking the location of your iPhone” Presentation Identifier. Information Classification as Needed “ it’s maintaining a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than one hundred miles (or just one) away from your iPhone,” Lack of clear communication on WHAT and PURPOSE Step 1 > Step 2 > Step 3 Social location privacy
  18. 18. Unique identifiers are the enemy of anonymity Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  19. 19. Why upload data in real time? Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  20. 20. Apple “bug”: location tracking that won't stop… Step 1 > Step 2 > Step 3 Social location privacy
  21. 21. No encryption Android v2.3 historical location data not deleted Step 1 > Step 2 > Step 3 security Social location privacy
  22. 22. Too much historical data Step 1 > Step 2 > Step 3 Social location privacy
  23. 23. Step 1 – risks with location data Step 2 – mistakes made by Google and Apple Step 3 – designing location systems properly Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  24. 24. Consent and notice in context Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  25. 25. Use only for approved purpose Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  26. 26. Encrypt personal data in storage, transit and backup #bettersafethansony Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Social location privacy
  27. 27. Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Provide opt-out and disable Social location privacy
  28. 28. Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Simple access to update and delete Social location privacy
  29. 29. Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 Careful of onward transfer and third party access Social location privacy
  30. 30. Recap Presentation Identifier. Information Classification as Needed Step 1 > Step 2 > Step 3 <ul><li>Notice consent and purpose </li></ul><ul><li>Security </li></ul><ul><li>Access and onward transfer </li></ul>Social location privacy
  31. 31. Designing location services for privacy and security <ul><li>Rakkhi Samarasekera </li></ul><ul><li>Twitter: @rakkhis </li></ul><ul><li>Linkedin.com/in/rakkhi </li></ul><ul><li>rakkhis.com </li></ul>

×