"Location & Privacy; from OMG! to WTF?"; presented on March 12th. 2010 at WhereCamp EU 2010 at wallacespace King's Cross in London.
This is a recapped version of a talk of the same name I gave at Embedded Connectivity in January 2010 (http://www.slideshare.net/vicchi/location-privacy-from-omg-to-wtf)
9. 9 Patrick Ng on Flickr : http://www.flickr.com/photos/moleskineart/3517295211/
10. 2010 – the year of location? Location-Based Online Advertising Location-Based IPhone Apps GPS-Enabled Phones Community Mapping Location Device Sales Source: Borrell Associates, May 2008 “What Local Media Sites Earn – Annual Report.”
13. 13 David Armano on Flickr : http://www.flickr.com/photos/7855449@N02/3158864420/
14. the ability of an individual to seclude themselves or information about themselves and thereby reveal themselves selectively http://en.wikipedia.org/wiki/Privacy
15. 15 Technology hurdles … Tommy on Flickr : http://www.flickr.com/photos/28946649@N02/3790596718/
16. 16 GPS chip … Grudnick on Flickr : http://www.flickr.com/photos/9716802@N02/2636730052/
17. 17 GPS satellite … John_dulaney on Flickr : http://www.flickr.com/photos/15046584@N08/1562794445/
18. 18 Cell tower … Mist Dog on Flickr : http://www.flickr.com/photos/mistdog/770903199/
19. 19 Wifi access point … Travellin’ Librarian on Flickr : http://www.flickr.com/photos/travelinlibrarian/311646165/
20. 20 Ethernet or Wifi network card … Goobimam on Flickr : http://www.flickr.com/photos/goobi/4021009835/
47. ~45% of all mobile queries are local Sources: comScore, iConsumer, data.yahoo.com
48. Local Search Query Volume Is Growing Source: Borrell Associates, May 2008 “What Local Media Sites Earn – Annual Report.”
49. 4.45 Ad Spend is Moving Online … 2007-12 Projected Local Ad Spend CAGR 21.0% Internet Newspaper -2.5% 0.4% Radio 0.8% Yellow Pages 4.9% Broadcast TV 8.8% Cable TV 4.3% Magazine Source: VSS, Borrell Associates
50. … At the Expense of Other Media Sources Source: VeronisSuhler Stevenson
51. (the location market) … will nearly triple in revenue this year, to $1.3 billion from $485 million in 2007, and will reach $8 billion in 2011– Gartner, 2008
52. Do we actually care about this? Don Moyer on Flickr : http://www.flickr.com/photos/36106576@N05/3895590793/
53. How much is your privacy worth? How much would you ask for tracking you, 24x7, for 28 days? Paolo Margari on Flickr : http://www.flickr.com/photos/paolomargari/3177203902/
54. “about £30.00” Danezis, George, Lewis, Stephen, Anderson, Ross: How Much is Location Privacy Worth? 2005 Numismatic Bibliomania Society on Flickr : http://www.flickr.com/photos/coinbooks/3397288448/
55. the ability of an individual to seclude themselves or information about themselves and thereby reveal themselves selectively http://en.wikipedia.org/wiki/Privacy
56. Statutory Instrument 2003 No. 2426 The Privacy and Electronic Communications (EC Directive) Regulations 2003 http://www.opsi.gov.uk/si/si2003/20032426.htm
57. You should … control your location Regolate on Flickr : http://www.flickr.com/photos/regolare/791385521/
58. You should … control your data Billy V on Flickr : http://www.flickr.com/photos/billyv/352560572/
59. You should … control your location data Devyver 4 on Flickr : http://www.flickr.com/photos/71072750@N00/4101781347/
60. Final thought # 1 Ian on Flickr : http://www.flickr.com/photos/ianaberle/4185095125/
61. It’s not about where you are … Alwaysordinary on Flickr : http://www.flickr.com/photos/sempre_ordinario/3492703820/
62. … it’s about where you’ve been Jrusbatch on Flickr : http://www.flickr.com/photos/jrusbatch/3626348821/
63. Final thought # 2 Ian on Flickr : http://www.flickr.com/photos/ianaberle/4185095125/
64. There comes a point where you realise that you’re not on the web, you’re in the web Jemimahknight on Flickr : http://www.flickr.com/photos/10294984@N08/2747495411/
65. Not taking notes? selva on Flickr : http://www.flickr.com/photos/selva/24604141/
66. WhereCamp EU, London, March 2010 Location & Privacy; from OMG! to WTF? Gary Gale, Yahoo! Geo Technologies http://slideshare.net/vicchi
67. Thanks for Listening Paul Keleher on Flickr : http://www.flickr.com/photos/pkeleher/1658311814/
Computers like numeric identifiers; coordinates such as long/latIP addressesCell tower IDsPublic WiFi MAC addresses
… in a mail-shot marketing database
… your entry in the Phone Book
… on the local electoral roll
In a cold call marketing database
… in a mail-shot marketing database
… or in the whois entry for your domain.
You should be able to define and control the accuracy and privacy of your location as supported within any given application, including separate levels for personal use and public use if possible. You should expect and understand how your location data may be aggregated or obfuscated to prevent ‘reverse identification’ from historical location data patterns stored in the applicationYou should have the right to remove any and all personally identifiable data from the application at any time, and suspend or stop providing location data indefinitely until re-authorized by the user. If you choose to remove personally identifiable information you should expect and understand how your data will be obfuscated or deleted from the application immediately and in it’s entirety. You should know when and how your location is being captured or used within the application, and have the ability to stop or limit access at any time. This provides transparency and trust, while giving you flexibility and control within context of the application.You should understand exactly what personal data and location information is necessary for the service or application, and prohibit access to any additional or unnecessary information unless authorized. If the application supports multiple user experiences dependent on additional information, the functionality and requirements should be clearly communicated and you should be given the option to authorize or restrict additional information as requested.
You own your data – always. You can choose to grant worldwide, non-exclusive, revocable access to their location data and it’s use within an application, but your data and any data it generates should always remains within your ownership and control. You should have the right to give or revoke permission to your personal data and any location data you generate at any time. Standard security methods for privacy and protection, such as OAuth or public/private key encryption, give the you the ability to share or remove access easily and immediately, at any time. All data collection is ‘opt-in’ and includes the ability to view, control, and delete any and all locations in the application or stop providing location data at any time, easily and without undue “hassle”.You should be able to understand how your personal data and location will be used before agreeing to any service, in unambiguous and easily understood language that is always readily available. Any changes should be proactively communicated, and cover basic areas of privacy and security such as:• Accuracy – will your location information be accurate at the street, neighborhood or city level?• Location History – will your location information be stored or tracked beyond ‘current’ location? • Public Visibility – will your location be made public or visible outside of your own personal use? • Sharing – will your location be shared with other users, applications, or services in any way? How?Your location data should be protected at all times for both privacy and personal safety, you should demand and expect encryption and authentication controls at every level. Data should never be left vulnerable or exposed to uses other than that which you have given explicit permission.
You should know exactly how your data is used and stored beyond its own use within the application, and demand security and privacy controls in place to remove any identifiable information. You should understand that aggregated and anonymous location data can be used for additional features and functionality, and will be responsibly managed by the application in compliance with local, state, and federal laws.You provide their data and consent to applications based on honesty, transparency, and trust with its owners and developers under the terms of service or legal agreements. Any transgression or violation of that honesty and transparency on the part of an application or its developers will not be tolerated, and may be subject to prosecution under local, state, or federal laws.You should have the right to provide a location as your own source of truth, separate from your actual or detected location, and have the stated location respected over the actual location. In other words, you should be able to lie about where you are.
Your location is both powerful and valuable. It’s far less about where you currently are …
Your location is both powerful and valuable. It’s far less about where you currently are …
… and much more about where you’ve been; home, school, work, holiday. Let’s call this your location stream. It’s deeply personal information. I touched on responsible, well thought out, location services but how do you tell? There’s some pretty crucial questions you should ask yourself before you start to use a location service, any location service. So here’s a list of points you should bear in mind when deciding on whether to use a location service ... call it an “opt in location manifesto”
Your location is both powerful and valuable. It’s far less about where you currently are …
These are not decisions someone can make for you. You, as an individual, need to assess whether you feel comfortable with allowing a third party access, albeit limited access, to your data and to your location.