skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Daily activity locations k-anonymity for the evaluation of disclosure risk of individual GPS datasets
Abstract Background Personal privacy is a significant concern in the era of big data. In the field of health geography, personal health data are collected with geographic location information which may increase disclosure risk and threaten personal geoprivacy. Geomasking is used to protect individuals’ geoprivacy by masking the geographic location information, and spatial k-anonymity is widely used to measure the disclosure risk after geomasking is applied. With the emergence of individual GPS trajectory datasets that contains large volumes of confidential geospatial information, disclosure risk can no longer be comprehensively assessed by the spatial k-anonymity method. Methods This study proposes and develops daily activity locations (DAL) k-anonymity as a new method for evaluating the disclosure risk of GPS data. Instead of calculating disclosure risk based on only one geographic location (e.g., home) of an individual, the new DAL k-anonymity is a composite evaluation of disclosure risk based on all activity locations of an individual and the time he/she spends at each location abstracted from GPS datasets. With a simulated individual GPS dataset, we present case studies of applying DAL k-anonymity in various scenarios to investigate its performance. The results of applying DAL k-anonymity are also compared with those obtained with spatial k-anonymity under these scenarios. Results The results of this study indicate that DAL k-anonymity provides a better estimation of the disclosure risk than does spatial k-anonymity. In various case-study scenarios of individual GPS data, DAL k-anonymity provides a more effective method for evaluating the disclosure risk by considering the probability of re-identifying an individual’s home and all the other daily activity locations. Conclusions This new method provides a quantitative means for understanding the disclosure risk of sharing or publishing GPS data. It also helps shed new light on the development of new geomasking methods for GPS datasets. Ultimately, the findings of this study will help to protect individual geoprivacy while benefiting the research community by promoting and facilitating geospatial data sharing.  more » « less
Award ID(s):
2025783
PAR ID:
10250074
Author(s) / Creator(s):
;
Date Published:
Journal Name:
International Journal of Health Geographics
Volume:
19
Issue:
1
ISSN:
1476-072X
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; (, 27th USENIX Security Symposium)
    Mobile fitness tracking apps allow users to track their workouts and share them with friends through online social networks. Although the sharing of personal data is an inherent risk in all social networks, the dangers presented by sharing personal workouts comprised of geospatial and health data may prove especially grave. While fitness apps offer a variety of privacy features, at present it is unclear if these countermeasures are sufficient to thwart a determined attacker, nor is it clear how many of these services’ users are at risk. In this work, we perform a systematic analysis of privacy behaviors and threats in fitness tracking social networks. Collecting a month-long snapshot of public posts of a popular fitness tracking service (21 million posts, 3 million users), we observe that 16.5% of users make use of Endpoint Privacy Zones (EPZs), which conceal fitness activity near user-designated sensitive locations (e.g., home, office). We go on to develop an attack against EPZs that infers users’ protected locations from the remaining available information in public posts, discovering that 95.1% of moderately active users are at risk of having their protected locations extracted by an attacker. Finally, we consider the efficacy of state-of-the-art privacy mechanisms through adapting geo-indistinguishability techniques as well as developing a novel EPZ fuzzing technique. The affected companies have been notified of the discovered vulnerabilities and at the time of publication have incorporated our proposed countermeasures into their production systems. 
    more » « less
  2. ; ; ; ; ; ; (, Schloss Dagstuhl – Leibniz-Zentrum für Informatik)
    Adams, Benjamin; Griffin, Amy L; Scheider, Simon; McKenzie, Grant (Ed.)
    Geographic network visualizations often require assigning nodes to geographic coordinates, but this can be challenging when precise node locations are undefined. We explore this problem using U.S. senators as a case study. Each state has two senators, and thus it is difficult to assign clear individual locations. We devise eight different node placement strategies ranging from geometric approaches such as state centroids and longest axis midpoints to data-driven methods using population centers and home office locations. Through expert evaluation, we found that specific coordinates such as senators’ office locations and state centroids are preferred strategies, while random placements and the longest axis method are least favored. The findings also highlight the importance of aligning node placement with research goals and avoiding potentially misleading encodings. This paper contributes to future advancements in geospatial network visualization software development and aims to facilitate more effective exploratory spatial data analysis. 
    more » « less
  3. ; ; (, Journal of Geographical Systems)
    Abstract There is an on-going challenge to describe, analyse and visualise the actual and potential extent of human spatial behaviour. The concept of an activity space has been used to examine how people interact with their environment and how the actual or potential spatial extent of individual spatial behaviour can be defined. In this paper, we introduce a new method for measuring activity spaces. We first focus on the definitions and the applications of activity space measures, identifying their respective limitations. We then present our new method, which is based on the theoretical concept of significant locations, that is, places where people spent most of their time. We identify locations of significant places from GPS trajectories and define the activity space of an individual as a set of the first three significant places forming a so-called “activity triangle”. Our new method links the distances travelled for different activities to whether or not people group their activities, which is not possible using existing methods of measuring activity spaces. We test our method on data from a GPS-based travel survey across three towns is Scotland and look at the variations in size and shape of the designed activity triangle among people of different age and gender. We also compare our activity triangle with five other activity spaces and conclude by providing possible routes for improvement of activity space measures when using real human movement data (GPS data). 
    more » « less
  4. ; ; ; ; ; ; ; ; ; ; et al (, Methods in Ecology and Evolution)
    Abstract Ecologists have long been interested in linking individual behaviour with higher level processes. For motile species, this ‘upscaling’ is governed by how well any given movement strategy maximizes encounters with positive factors and minimizes encounters with negative factors. Despite the importance of encounter events for a broad range of ecological processes, encounter theory has not kept pace with developments in animal tracking or movement modelling. Furthermore, existing work has focused primarily on the relationship between animal movement and encounterrateswhile the relationship between individual movement and the spatiallocationsof encounter events in the environment has remained conspicuously understudied.Here, we bridge this gap by introducing a method for describing the long‐term encounter location probabilities for movement within home ranges, termed the conditional distribution of encounters (CDE). We then derive this distribution, as well as confidence intervals, implement its statistical estimator into open‐source software and demonstrate the broad ecological relevance of this distribution.We first use simulated data to show how our estimator provides asymptotically consistent estimates. We then demonstrate the general utility of this method for three simulation‐based scenarios that occur routinely in biological systems: (a) a population of individuals with home ranges that overlap with neighbours; (b) a pair of individuals with a hard territorial border between their home ranges; and (c) a predator with a large home range that encompassed the home ranges of multiple prey individuals. Using GPS data from white‐faced capuchinsCebus capucinus, tracked on Barro Colorado Island, Panama, and sleepy lizardsTiliqua rugosa,tracked in Bundey, South Australia, we then show how the CDE can be used to estimate the locations of territorial borders, identify key resources, quantify the potential for competitive or predatory interactions and/or identify any changes in behaviour that directly result from location‐specific encounter probability.The CDE enables researchers to better understand the dynamics of populations of interacting individuals. Notably, the general estimation framework developed in this work builds straightforwardly off of home range estimation and requires no specialized data collection protocols. This method is now openly available via thectmm Rpackage. 
    more » « less
  5. ; ; (, ACM Symposium on Eye Tracking Research and Applications (ETRA 2022))
    Eye-tracking is a critical source of information for understanding human behavior and developing future mixed-reality technology. Eye-tracking enables applications that classify user activity or predict user intent. However, eye-tracking datasets collected during common virtual reality tasks have also been shown to enable unique user identification, which creates a privacy risk. In this paper, we focus on the problem of user re-identification from eye-tracking features. We adapt standardized privacy definitions of k-anonymity and plausible deniability to protect datasets of eye-tracking features, and evaluate performance against re-identification by a standard biometric identification model on seven VR datasets. Our results demonstrate that re-identification goes down to chance levels for the privatized datasets, even as utility is preserved to levels higher than 72% accuracy in document type classification. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email