Editing Location-based service (section)

==Privacy issues==
{{see also|GPS tracking unit#Legislation}}

The Location Privacy Protection Act of 2012 (S.1223)<ref>{{cite web|title=Location Privacy Protection Act of 2012|date=17 December 2012|url=https://www.congress.gov/bill/112th-congress/senate-bill/1223}}</ref> was introduced by Senator [[Al Franken]] (D-MN) in order to regulate the transmission and sharing of user location data in the United States. It is based on the individual's one time consent to participate in these services (Opt In). The bill specifies the collecting entities, the collectable data and its usage. The bill does not specify, however, the period of time that the data collecting entity can hold on to the user data (a limit of 24 hours seems appropriate since most of the services use the data for immediate searches, communications, etc.), and the bill does not include location data stored locally on the device (the user should be able to delete the contents of the location data document periodically just as he would delete a log document). The bill which was approved by the [[Senate Judiciary Committee]], would also require mobile services to disclose the names of the advertising networks or other third parties with which they share consumers' locations.<ref>{{cite news|title=Their Apps Track You. Will Congress Track Them?|url=https://www.nytimes.com/2013/01/06/technology/legislation-would-regulate-tracking-of-cellphone-users.html?_r=0|newspaper=New York Times|date=January 5, 2013}}</ref>

With the passing of the [[CAN-SPAM Act of 2003|CAN-SPAM Act]] in 2003, it became illegal in the United States to send any message to the end user without the end user specifically opting-in. This put an additional challenge on LBS applications as far as "carrier-centric" services were concerned. As a result, there has been a focus on user-centric location-based services and applications which give the user control of the experience, typically by opting in first via a website or mobile interface (such as [[Text messaging|SMS]], mobile Web, and [[Java (Sun)|Java]]/[[Binary Runtime Environment for Wireless|BREW]] applications).

The [[European Union]] also provides a legal framework for data protection that may be applied for location-based services, and more particularly several European directives such as: (1) Personal data: Directive 95/46/EC; (2) Personal data in electronic communications: Directive 2002/58/EC; (3) Data Retention: [[Data Retention Directive|Directive 2006/24/EC]]. However the applicability of legal provisions to varying forms of LBS and of processing location data is unclear.<ref>{{cite journal
 | last1=Cuijpers | first1=Colette
 | last2=Roosendaal | first2=Arnold
 | last3=Koops| first3=Bert-Jaap
 | year=2007
 | title=Del 11.5: The legal framework for location-based services in Europe
 | journal=FIDIS Deliverables
 | volume=11 | issue=5
 | url=http://www.fidis.net/resources/deliverables/mobility-and-identity/
}}</ref>

One implication of this technology is that data about a subscriber's location and historical movements is owned and controlled by the network operators, including mobile carriers and mobile content providers.<ref name="whygeoQ">[http://whygeo.com/questions/26/what-are-the-downsides-of-using-location-based-services "WhyGeo"], What are the downsides of using location-based services? (2010)</ref> Mobile content providers and app developers are a concern. Indeed, a 2013 MIT study<ref>{{cite journal|last=de Montjoye|first=Yves-Alexandre|author2=César A. Hidalgo |author3=Michel Verleysen |author4=Vincent D. Blondel |title=Unique in the Crowd: The privacy bounds of human mobility|journal=Scientific Reports|volume=3|page=1376|date=March 25, 2013|doi=10.1038/srep01376|pmid=23524645|pmc=3607247|bibcode=2013NatSR...3.1376D}}</ref><ref>{{cite news|last=Palmer|first=Jason|title=Mobile location data 'present anonymity risk'|url=https://www.bbc.co.uk/news/science-environment-21923360|access-date=12 April 2013|newspaper=BBC News|date=March 25, 2013}}</ref>  by de Montjoye et al. showed that 4 spatio-temporal points, approximate places and times, are enough to uniquely identify 95% of 1.5M people in a mobility database. The study further shows that these constraints hold even when the resolution of the dataset is low. Therefore, even coarse or blurred datasets provide little anonymity. A critical article by Dobson and Fisher<ref name="dandf">{{cite journal|url=http://dusk.geo.orst.edu/virtual/2005/geoslavery.pdf |title=Geoslavery|author1=J.E. Dobson  |author2=P.F. Fisher |name-list-style=amp |journal= IEEE Technology and Society Magazine|year= 2003|pages=47–52|doi=10.1109/MTAS.2003.1188276|volume=22  }}</ref> discusses the possibilities for misuse of location information.

Beside the legal framework there exist several technical approaches to protect privacy using [[privacy-enhancing technologies]] (PETs). Such PETs range from simplistic on/off switches<ref>{{cite journal
 | last1=Barkhuus
 | last2=Dey|pages= 709–712
 | year=2003
 | title=Location-based services for mobile telephony: A study of users' privacy concerns
 | journal=Intellectual Property |url=http://citeseer.ist.psu.edu/viewdoc/summary?doi=10.1.1.1.3689
}}</ref> to sophisticated PETs using anonymization techniques (e.g. providing k-anonymity),<ref>{{cite journal
 |last1        = Mokbel
 |last2       = Chow
 |last3       = Aref
 |year        = 2006
 |title       = The new casper: query processing for location services without compromising privacy
 |journal     = VLDB
 |url         = http://infolab.usc.edu/csci587/Fall2010/papers/The%20New%20Casper%20Query%20Processing%20for%20Location%20Services%20without%20Compromising%20Privacy.pdf
 |archive-url  = https://web.archive.org/web/20130525094804/http://infolab.usc.edu/csci587/Fall2010/papers/The%20New%20Casper%20Query%20Processing%20for%20Location%20Services%20without%20Compromising%20Privacy.pdf
 |archive-date = 2013-05-25
}}</ref> or cryptograpic protocols.<ref>{{citation
 | last1 = Palmieri| first1 = Paolo
 | last2 = Calderoni | first2 = Luca
 | last3 = Maio | first3 = Dario
 | contribution = Spatial Bloom Filters: Enabling Privacy in Location-Aware Applications
 | title = Proc. 10th International Conference on Information Security and Cryptology (Inscrypt 2014)
 | publisher = Springer-Verlag, Lecture Notes in Computer Science
 | pages = 16–36
 | volume = 8957
 | year = 2014
 | doi = 10.1007/978-3-319-16745-9_2
 | isbn = 978-3-319-16744-2
 | citeseerx = 10.1.1.471.4759
 }}</ref> Only few LBS offer such PETs, e.g., [[Google Latitude]] offered an on/off switch and allows to stick one's position to a free definable location. Additionally, it is an open question how users perceive and trust in different PETs. The only study that addresses user perception of state of the art PETs is.<ref>{{cite book
 | last1=Burghardt | first1=Thorben
 | last2=Buchmann | first2=Erik
 | last3=Mueller | first3=Jens
 | last4=Boehm | first4=Klemens
 | title=On the Move to Meaningful Internet Systems: OTM 2009
 | chapter=Understanding User Preferences and Awareness: Privacy Mechanisms in Location-Based Services
 | year=2009
 | series=Lecture Notes in Computer Science
 | volume=5870
 | page=304
 | doi=10.1007/978-3-642-05148-7_21
 | bibcode=2009LNCS.5870..304B
 | isbn=978-3-642-05147-0
 }}</ref> Another set of techniques included in the PETs are the [[location obfuscation]] techniques, which slightly alter the location of the users in order to hide their real location while still being able to represent their position and receive services from their LBS provider.

Recent research has shown that [[Crowdsourcing software development|crowdsourcing]] is also an effective approach at locating lost objects while still upholding the privacy of users. This is done by ensuring a limited level of interactions between users.<ref>{{Cite journal |title=Clustered Crowd GPS for Privacy Valuing Active Localization  |doi=10.1109/ACCESS.2018.2830300 |date=2018 |last1=Yucel |first1=Fatih |last2=Bulut |first2=Eyuphan |journal=IEEE Access |volume=6 |pages=23213–23221 |s2cid=21716708 |doi-access=free |bibcode=2018IEEEA...623213Y }}</ref>