DOCSLIB.ORG

Privacy-Preserving Location Distribution for Anonymous Crowd Tracking Systems

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Privacy-Preserving Location Distribution for Anonymous Crowd Tracking Systems AnonyCast: Privacy-Preserving Location Distribution for Anonymous Crowd Tracking Systems Takamasa Higuchi† Paul Martin‡ Supriyo Chakraborty⇤ Mani Srivastava‡ †Osaka University, Japan ‡University of California, Los Angeles, CA ⇤IBM Research, NY [email protected], [email protected], [email protected], [email protected] ABSTRACT Given the growing popularity of location-based services for Fusion of infrastructure-based pedestrian tracking systems mobile devices, it would be natural to expect that the pow- and embedded sensors on mobile devices holds promise erful measurement capability of such wide-spread sensor in- for providing accurate positioning in large public buildings. frastructures could also benefit individual pedestrians walk- However, privacy concerns regarding handling of sensitive ing in indoor spaces. Accurate indoor positioning for mo- user location data potentially disrupt the adoption of such sys- bile devices has been a long-standing open problem in ubiq- tems. This paper presents AnonyCast, a novel privacy-aware uitous computing. Currently, the most popular positioning mechanism for delivering precise location information mea- solution for consumer mobile products is radio fingerprint- sured by crowd-tracking systems to individual pedestrians’ ing using Wi-Fi [5, 15] and Bluetooth Low Energy (BLE) smartphones. AnonyCast uses sparsely placed Bluetooth Low radios [7, 8, 17]. However, these approaches often suffer Energy transmitters to advertise location-dependent, time- from large position errors in practical indoor environments varying keys. Using location measurements, AnonyCast esti- due to dense multi-path signal propagation and low tempo- mates a subset of keys that each pedestrian’s phone receives ral stability of radio fingerprints [4]. Furthermore, the ac- along its path. By combining a cryptography scheme called curacy of radio-based positioning systems depends consider- CP-ABE with a novel greedy algorithm for key selection, it ably on the density of anchor devices (e.g., BLE transmitters) encrypts each path before publishing, allowing users to de- [8]. Since dense anchor deployments obviously cause non- crypt only their own trajectories. The results from field exper- negligible maintenance costs, positioning accuracy is also of- iments show that AnonyCast delivers accurate locations over ten limited by operational constraints. 84% of time, bounding probability of unauthorized access to The output of crowd tracking systems is typically a set of one’s location below 1%. anonymous trajectories which are not associated with any mo- Author Keywords bile device. Therefore, these systems cannot serve alone to Location privacy; crowd tracking; trajectory identification; provide mobile devices with their own locations. Recent re- ciphertext-policy attribute-based encryption search has bridged this gap by developing trajectory identifi- cation algorithms which find trajectories of individual mobile ACM Classification Keywords users from a set of anonymous trajectories [24, 25, 26]. These C.5.3 Computer System Implementation: Portable devices; approaches assume that the crowd tracking system publishes E.3 Data Encryption: Public key cryptosystems all of the anonymous trajectories obtained by crowd track- ing sensors via a Wi-Fi network. Each mobile device con- INTRODUCTION nects to Wi-Fi access points to obtain the published trajecto- Recent evolution of crowd tracking technologies has en- ries and then identifies its own location based on the consis- abled accurate measurement of occupancy and trajectories for tency between the trajectories and local measurements from pedestrians in indoor spaces using vision [6], radio tomogra- phone-embedded sensors (e.g., accelerometers, gyroscopes, phy [18, 27], and laser range scanners [9, 29]. This in turn has etc.). While these efforts have established an effective way motivated research communities in both academia and indus- of utilizing the crowd tracking infrastructure for indoor local- try to leverage them for marketing [14], crowd management ization, growing awareness of and concern for privacy makes [12], and even optimizing energy expenditures in buildings such unrestricted release of trajectory information a difficult [1, 23]. As a result, an increasing number of public buildings proposition. These systems publish pedestrians’ trajectories are equipped with sensors like cameras or laser range scan- without consent and, although the trajectories themselves are ners and capable of fine-grained crowd behavior analyses. anonymous, it is possible for a malicious user to combine these trajectories with external information (e.g., collected by following an individual for a short period) to deanonymize a Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed desired trajectory. This trajectory can then be used to infer for profit or commercial advantage and that copies bear this notice and the full cita- potentially private information about an individual. tion on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or re- In this paper we present AnonyCast, a privacy preserving lo- publish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]. cation distribution mechanism for crowd tracking systems. UbiComp ’15, September 7–11, 2015, Osaka, Japan. We assume that sensors capable of accurate trajectory mea- Copyright 2015 c ACM 978-1-4503-3574-4/15/09...$15.00. http://dx.doi.org/10.1145/2750858.2805827 surement (e.g., laser range scanners) are already installed and RELATED WORK operated in a target building for crowd behavior analysis. One of the most popular approaches to crowd tracking uses AnonyCast extends this system to feed the precise trajectory image sensors (i.e., cameras). The current mainstream in measurements to individual mobile phone users in a privacy- vision-based pedestrian tracking systems is to extract the fea- preserving manner. The extension is enabled by a small num- tures that best distinguish pedestrians from images in a train- ber of BLE transmitters, which are sparsely deployed in the ing data set and then to use a pattern matching algorithm to environment and periodically advertise location-dependent, detect human bodies [10, 19, 30]. However, the ethics and time-varying keys. Based on the trajectories measured by acceptability of using images from surveillance cameras in the crowd tracking sensors, the AnonyCast server estimates public spaces for such purposes remains controversial [21], as a set of keys that each pedestrian’s device is likely to have personal identities (e.g., faces) can easily be associated with received. The server then uses these keys to encrypt each tra- trajectories, potentially infringing user privacy. jectory prior to publishing them, ensuring that mobile phone users can gain access to only their own trajectories. As alternative solutions, there have been a variety of ap- proaches that track pedestrian locations in an anonymous Although the proposed mechanism follows as a natural pri- manner. Radio tomography [18, 27, 28] employs received vacy extension, the following aspects present challenges in signal strength between multiple radio stations to detect hu- its implementation as a practical system: (1) Mobile devices man locations, assuming that movement of pedestrians in the may fail to receive advertised keys due to packet loss, even environment causes temporal variations in the signal strength. if they are in close proximity to a BLE transmitter. En- Laser range scanners (LRS) have also been explored as a rea- suring that the system provides reasonable accessibility to sonable option for accurate and anonymous pedestrian track- trajectory information even with such frequent packet loss ing [9, 29]. This sensor provides precise distance measure- is difficult. (2) Decryption keys are publicly broadcasted, ments to surrounding objects, allowing robust crowd tracking making it non-trivial to prevent potential privacy leaks by with sub-meter accuracy. Previous literature has shown that ensuring that people other than true owners cannot decrypt capacitive sensor arrays [24] and low-resolution image sen- the published trajectories. As a solution to these issues, we sors [25] are also suitable for anonymous pedestrian tracking. base our system on the emerging public key cryptography scheme called Ciphertext-Policy Attribute-Based Encryption Trajectory identification technology has bridged the gap (CP-ABE). This allows the sender to specify an access policy between the crowd tracking systems described above and on the secret data in the form of a logical expression over pri- location-dependent mobile applications. Teixeila et al. [25] vate keys, so that users can decrypt the data only if they have effectively combine a vision-based pedestrian tracking sys- a set of keys that satisfy the policy. Upon this scheme, we tem with MEMS inertial sensors in mobile phones to enable build a framework that probabilistically ensures a desired pri- accurate indoor positioning. They find the corresponding tra- vacy level. Finally, we build and deploy a prototype system jectory of each mobile user based on the consistency between upon which we conduct field experiments using real crowd shapes of the anonymous trajectories and measurements from
Load more

Recommended publications
  • Tied up in Knotts? Gps Technology and the Fourth Amendment
    TIED UP IN KNOTTS? GPS TECHNOLOGY AND THE FOURTH AMENDMENT * Renée McDonald Hutchins Judicial and scholarly assessment of emerging technology seems poised to drive the Fourth Amendment down one of three paths. The first would simply relegate the amendment to a footnote in history books by limiting its reach to harms that the framers specifically envisioned. A modified version of this first approach would dispense with expansive constitutional notions of privacy and replace them with legislative fixes. A third path offers the amendment continued vitality but requires the U.S. Supreme Court to overhaul its Fourth Amendment analysis. Fortunately, a fourth alternative is available to cabin emerging tech- nologies within the existing doctrinal framework. Analysis of satellite-based tracking illustrates this last approach. The Global Positioning System (GPS) allows law enforcement officials to monitor an individual’s precise movements for weeks or months at a time. GPS technology not only is substantially different than anything the Court has previously considered, but also is a substantial threat to fundamental notions of privacy. By illustrating how, with only minor tweaking, existing Fourth Amendment law can effectively rein in intrusive applications of this one emerging technology, this Article begins to construct an analytical framework that can be applied more broadly to future technological enhancements. This Article begins by reviewing the science and capabilities of GPS- enhanced surveillance. It concludes that satellite-based tracking is a powerful investigative tool that enables authorities to monitor the movements (both indoors and out) of an unlimited number of people for weeks or months at a time. This Article then examines the Court’s historical treatment of techno- logically enhanced surveillance, and shows that the intrusiveness of an emerging technology is critical to its constitutional treatment.
    [Show full text]
  • Bill Analysis and Fiscal Impact Statement
    The Florida Senate BILL ANALYSIS AND FISCAL IMPACT STATEMENT (This document is based on the provisions contained in the legislation as of the latest date listed below.) Prepared By: The Professional Staff of the Committee on Judiciary BILL: SB 144 INTRODUCER: Senators Brandes and Rodrigues SUBJECT: Searches of Cellular Phones and Other Electronic Devices DATE: March 1, 2021 REVISED: ANALYST STAFF DIRECTOR REFERENCE ACTION 1. Cellon Jones CJ Favorable 2. Bond Cibula JU Pre-meeting 3. RC I. Summary: SB 144 amends chs. 933 and 934, F.S., relating to search warrants and the security of communications, to address privacy issues related to the use of communication technology and the contents of stored electronic communications. The bill amends ch. 933, F.S., by: Codifying the state constitutional provision that extends the security against unreasonable searches or seizures to the interception of private communications by any means; and Expanding the grounds for issuance of a search warrant to include that the content within certain communication devices constitutes evidence relevant to proving a felony. The bill amends ch. 934, F.S., by: Providing legislative intent; Defining the terms “historical location data,” “microphone-enabled household device,” “mobile tracking device,” “real-time location tracking,” and “portable electronic communication device”; Amending the definition of oral communication to include the use of a microphone-enabled household device; Amending the definition of electronic communication, adding the terms “communication
    [Show full text]
  • Privacy-Preserving Location Tracking of Lost Or Stolen Devices: Cryptographic Techniques and Replacing Trusted Third Parties with Dhts
    Privacy-Preserving Location Tracking of Lost or Stolen Devices: Cryptographic Techniques and Replacing Trusted Third Parties with DHTs Thomas Ristenpart∗ Gabriel Maganis† Arvind Krishnamurthy† Tadayoshi Kohno† ∗University of California, San Diego †University of Washington [email protected] {gym,arvind,yoshi}@cs.washington.edu Abstract recover the device itself. The number of companies of- We tackle the problem of building privacy-preserving fering such services, e.g., [1, 9, 21, 29, 34, 37, 38], attests device-tracking systems — or private methods to assist in to the large and growing market for device tracking. the recovery of lost or stolen Internet-connected mobile Unfortunately, these systems are incompatible with devices. The main goals of such systems are seemingly the oft-cited goal of location privacy [17, 22, 23] since contradictory: to hide the device’s legitimately-visited the device-tracking services can always monitor the lo- locations from third-party services and other parties (lo- cation of an Internet-enabled device — even while the cation privacy) while simultaneously using those same device is in its owner’s possession. This presents a signif- services to help recover the device’s location(s) after it icant barrier to the psychological acceptability of track- goes missing (device-tracking). We propose a system, ing services. To paraphrase one industry representative: named Adeona, that nevertheless meets both goals. It companies will deploy these systems in order to track provides strong guarantees of location privacy while pre- their devices, but they won’t like it. The current situation serving the ability to efficiently track missing devices. leaves users of mobile devices in the awkward position of We build a version of Adeona that uses OpenDHT as the either using tracking services or protecting their location third party service, resulting in an immediately deploy- privacy.
    [Show full text]
  • Evaluation of Real-Time Location Systems in Their Hospital Contexts
    Author's personal copy i n t e r n a t i o n a l j o u r n a l o f m e d i c a l i n f o r m a t i c s 8 1 ( 2 0 1 2 ) 705–712 j ournal homepage: www.ijmijournal.com Evaluation of real-time location systems in their hospital contexts a,∗ b Jill A. Fisher , Torin Monahan a Center for Biomedical Ethics and Society, Vanderbilt University, Nashville, TN, USA b Department of Human and Organizational Development, Vanderbilt University, Nashville, TN, USA a r t i c l e i n f o a b s t r a c t Article history: Objective: The purpose of the research was to assess real-time location systems (RTLS) that Received 9 November 2011 have been implemented in U.S. hospitals. We examined the type of uses to which RTLS Received in revised form have been put, the degree of functionality of the various technologies and software, and the 14 May 2012 organizational effects of implementing RTLS. Accepted 3 July 2012 Methods: The project was a 3-year qualitative study of 23 U.S. hospitals that had imple- mented RTLS for the purpose of tracking assets, personnel, and/or patients. We observed the systems in use and conducted 80 semi-structured interviews with hospital personnel Keywords: and vendors. In order to protect the confidentiality of the hospitals and vendors in our sam- Real-time location systems (RTLS) ple, we conducted an aggregate analysis of our findings rather than providing evaluations RFID of specific technologies or hospital case studies.
    [Show full text]
  • The Limits of Location Tracking in an Epidemic
    The Limits of Location Tracking in an Epidemic By Jay Stanley and Jennifer Stisa Granick April 8, 2020 As Americans struggle to confront the COVID-19 outbreak, some have suggested that cell phone location tracking technology can help in the effort to contain the disease. The tech industry and the White House are reportedly having conversations over how information technology might be deployed, and there is increasing discussion about how foreign countries are using technology. The governor of Florida has even floated the idea of using an app to track visitors from COVID-19 hotspot New York. However, policymakers must have a realistic understanding of what data produced by individuals’ mobile phones can and cannot do. As always, there is a danger that simplistic understandings of how technology works will lead to investments that do little good, or are actually counterproductive, and that invade privacy without producing commensurate benefits. As we write this white paper, public health experts say that the nation has three urgent needs: strong social distancing measures, widespread testing capability, and material support for hospitals being overwhelmed by victims. However, once our hospitals reach a point where they’re able to handle the stream of new patients, experts say that indiscriminate population- wide social distancing measures may give way to a new phase: chronic, lower-level waves of infection in which a combination of widespread testing, individualized quarantine orders, and traditional epidemiological contact tracing once again become a principal means of combatting the disease. It would be in such a period — the window between the end of the initial wave and the development of a vaccine — that using certain forms of data generated by cell phones — such as location histories or records of proximity to other devices — might make sense.
    [Show full text]
  • Reasonable Expectations of Privacy and Novel Search Technologies: an Economic Approach Steven Penney
    Journal of Criminal Law and Criminology Volume 97 Article 3 Issue 2 Winter Winter 2007 Reasonable Expectations of Privacy and Novel Search Technologies: An Economic Approach Steven Penney Follow this and additional works at: https://scholarlycommons.law.northwestern.edu/jclc Part of the Criminal Law Commons, Criminology Commons, and the Criminology and Criminal Justice Commons Recommended Citation Steven Penney, Reasonable Expectations of Privacy and Novel Search Technologies: An Economic Approach, 97 J. Crim. L. & Criminology 477 (2006-2007) This Symposium is brought to you for free and open access by Northwestern University School of Law Scholarly Commons. It has been accepted for inclusion in Journal of Criminal Law and Criminology by an authorized editor of Northwestern University School of Law Scholarly Commons. 0091-4169/07/9702-0477 THEJOURNAL OF CRIMINAL LAW & CRIMINOLOGY Vol. 97, No. 2 Copyright © 2007 by NorthwesternUniversity, Schoolof Law Printed in U.S.A. REASONABLE EXPECTATIONS OF PRIVACY AND NOVEL SEARCH TECHNOLOGIES: AN ECONOMIC APPROACH STEVEN PENNEY* The "reasonable expectation of privacy" test, which defines the scope of constitutionalprotection from governmental privacy intrusions in both the United States and Canada, is notoriously indeterminate. This indeterminacy stems in large measure from the tendency ofjudges to think ofprivacy in non-instrumentalistterms. This "moral" approach to privacy is normatively questionable, and it does a poor job of identifying the circumstances in which privacy should prevail over countervailing interests, such as the deterrence of crime. In this Article, I develop an alternative,economically-informed approach to the reasonable expectation of privacy test. In contrast to the moral approach, which treatsprivacy as a fundamental right, the economic approach views it as an (normatively neutral) aspect of self-interest: the desire to conceal and control potentially damagingpersonal information.
    [Show full text]
  • Study on the Effects of New Information Technologies on the Abuse and Exploitation of Children
    Study on the Effects of New Information Technologies on the Abuse and Exploitation of Children on the Technologies of New Information Study on the Effects Study on the Effects of New Information Technologies on the Abuse and Exploitation of Children UNITED NATIONS OFFICE ON DRUGS AND CRIME Vienna Study on the Effects of New Information Technologies on the Abuse and Exploitation of Children UNITED NATIONS New York, 2015 © United Nations, May 2015. All rights reserved, worldwide. This report has not been formally edited and remains subject to editorial changes. The contents of this report do not necessarily reflect the views or policies of UNODC or contributory organizations and neither do they imply any endorsement. The designations employed and the presentation of material in this publication do not imply the expression of any opinion whatsoever on the part of the Secretariat of the United Nations concerning the legal status of any country, territory, city or area, or of its authorities, or concerning the delimitation of its frontiers or boundaries. Information on uniform resource locators and links to Internet sites contained in the present publication are provided for the convenience of the reader and are correct at the time of issue. The United Nations takes no responsibility for the continued accuracy of that information or for the content of any external website. Publishing production: English, Publishing and Library Section, United Nations Office at Vienna. Acknowledgements This report was prepared pursuant to ECOSOC resolution 2011/33 on Prevention, protection and international cooperation against the use of new information technologies to abuse and/or exploit children by Conference Support Section, Organized Crime Branch, Division for Treaty Affairs, UNODC, under the supervision of John Sandage (former Director, Division for Treaty Affairs), Sara Greenblatt and Loide Lungameni (former and current Chief, Organized Crime Branch, respectively), and Gillian Murray (former Chief, Conference Support Section).
    [Show full text]
  • Surveillance and Privacy – Beyond the Panopticon. an Exploration of 720-Degree Observation in Level 3 and 4 Vehicle Automation
    Technology in Society 66 (2021) 101667 Contents lists available at ScienceDirect Technology in Society journal homepage: www.elsevier.com/locate/techsoc Surveillance and privacy – Beyond the panopticon. An exploration of 720-degree observation in level 3 and 4 vehicle automation Tim Jannusch a,b,*, Florian David-Spickermann a, Darren Shannon a, Juliane Ressel a,b, Michaele Voller¨ b, Finbarr Murphy a, Irini Furxhi a, Martin Cunneen a, Martin Mullins a a Emerging Risk Group, Kemmy Business School, University of Limerick, Ireland b Institute for Insurance Studies, TH Koln,¨ Germany ARTICLE INFO ABSTRACT Keywords: On the path to high-level vehicle automation, the degree of surveillance both inside and outside the car increases Vehicle Automation significantly.Consequently, ethical considerations are becoming central to questions around surveillance regimes Surveillance and data privacy implicit in level 3 and 4 vehicle automation. In this paper, we focus on outputs from the EU Privacy Horizon 2020 project Vision Inspired Driver Assistance Systems (VI-DAS). In particular, we assess the VI-DAS Panopticon 720-degree observation technology, critical to ensuring a safe Human Machine Interaction (HMI), from multi­ Contextual Integrity 720-Degree Observation ple theoretical perspectives to contribute to a better understanding of the phenomena of privacy. As a synonym for surveillance, we started our evaluation with Bentham’s ideation of the panopticon. From there, it is a rela­ tively short step to radical Foucauldian critiques that offered more dystopian technologies of power. However, both theorems demonstrate a limited understanding of the issue of data privacy in the context of safe trans­ portation along the evolution of highly automated vehicles.
    [Show full text]
  • Electronic Tracking Devices and Privacy: See No Evil, Hear No Evil, but Beware of Trojan Horses Kara L
    Loyola University Chicago Law Journal Volume 9 Article 8 Issue 1 Fall 1977 1977 Electronic Tracking Devices and Privacy: See No Evil, Hear No Evil, But Beware of Trojan Horses Kara L. Cook Follow this and additional works at: http://lawecommons.luc.edu/luclj Part of the Fourth Amendment Commons Recommended Citation Kara L. Cook, Electronic Tracking Devices and Privacy: See No Evil, Hear No Evil, But Beware of Trojan Horses, 9 Loy. U. Chi. L. J. 227 (2015). Available at: http://lawecommons.luc.edu/luclj/vol9/iss1/8 This Note is brought to you for free and open access by LAW eCommons. It has been accepted for inclusion in Loyola University Chicago Law Journal by an authorized administrator of LAW eCommons. For more information, please contact [email protected]. Electronic Tracking Devices and Privacy: See No Evil, Hear No Evil, But Beware Of Trojan Horses The danger of unbounded liberty and the danger of bounding it have produced a problem in the science of government which human understanding seems hitherto unable to solve. Dr. Samuel Johnson INTRODUCTION In the late 1700's when Dr. Samuel Johnson wrote of the conflict between "bounded and unbounded liberty" he was unduly optimis- tic when he implied that the problem was solvable. Two hundred years later, the attainment of an equilibrium between the needs of law enforcement and the right to individual privacy continues to elude human understanding. Privacy, the right "to be let alone,"' needs to be weighed by the courts against the long-recognized maxim that "the safety of the people is the highest law."'2 However, an imbalance exists because each interest, and the importance attached to each by society, is dynamic.
    [Show full text]
  • Case Tracking and Records Retention System (Ctarrs) Privacy Impact
    U.S. Securities and Exchange Commission Case Tracking and Records Retention System (CTaRRS) - Legal Files PRIVACY IMPACT ASSESSMENT (PIA) July 2, 2021 Office of General Counsel Privacy Impact Assessment CTaRRS – Legal Files Section 1: System Overview 1.1 Name of Project or System Case Tracking and Records Retention System (CTaRRS) - Legal Files 1.2 Is the system hosted internally or externally? ☒ Internally Hosted (SEC) Office of the General Counsel Externally Hosted ☐ (Contractor or other agency/organization) 1.3 Reason for completing PIA ☐ New project or system ☒ This is an existing system undergoing an update First developed: 10/30/2017 Last updated: 5/30/2019 Description of update: Updated to Version 10.4.2 1.4 Does the system or program employ any of the following technologies? ☐ Enterprise Data Warehouse (EDW) ☐ Social Media ☐ Mobile Application (or GPS) ☐ Cloud Computing Services ☐ Web Portal ☒ None of the Above Section 2: Authority and Purpose of Collection 2.1 Describe the project and its purpose or function in the SEC’s IT environment CTaRRS is a case tracking system designed to manage electronically each Office of the General Counsel (OGC) case in a centralized location through its lifecycle. The system serves primarily as a case tracking system but also includes document repository and records management functionality for files and records related to cases in the system. CTaRRS directly supports the core OGC functions related to providing legal guidance and representation to the Commission and constituent offices. The system also facilitates basic information reporting for OGC management. The system contains information related to individual cases and matters handled by OGC staff, such as factual background about a matter, staff notes, matter status, legal research, legal memoranda, case filings, calendar and schedule information, and emails.
    [Show full text]
  • A Mimicry Privacy Shield a System’S Approach to Data Privacy on Public Cloud
    Mimesis Aegis: A Mimicry Privacy Shield A System’s Approach to Data Privacy on Public Cloud Billy Lau, Simon Chung, Chengyu Song, Yeongjin Jang, Wenke Lee, and Alexandra Boldyreva College of Computing, Georgia Institute of Technology, Atlanta, GA 30332 fbilly, pchung, csong84, yeongjin.jang, wenke, [email protected] Abstract on Android: imperceptible encryption/decryption la- Users are increasingly storing, accessing, and ex- tency and a low and adjustable false positive rate when changing data through public cloud services such as searching over encrypted data. those provided by Google, Facebook, Apple, and Mi- crosoft. Although users may want to have faith in cloud 1 Introduction providers to provide good security protection, the confi- dentiality of any data in public clouds can be violated, A continuously increasing number of users now utilize and consequently, while providers may not be “doing mobile devices [2] to interact with public cloud services evil,” we can not and should not trust them with data con- (PCS) (e.g. Gmail, Outlook, and WhatsApp) as an es- fidentiality. sential part of their daily lives. While the user’s con- To better protect the privacy of user data stored in the nectivity to the Internet is improved with mobile plat- cloud, in this paper we propose a privacy-preserving sys- forms, the problem of preserving data privacy while in- tem called Mimesis Aegis (M-Aegis) that is suitable for teracting with PCS remains unsolved. In fact, news about mobile platforms. M-Aegis is a new approach to user the US government’s alleged surveillance programs re- data privacy that not only provides isolation but also pre- minds everybody about a very unsatisfactory status quo: serves the user experience through the creation of a con- while PCS are essentially part of everyday life, the de- ceptual layer called Layer 7.5 (L-7.5), which is inter- fault method of utilizing them exposes users to privacy posed between the application (OSI Layer 7) and the user breaches, because it implicitly requires the users to trust (Layer 8).
    [Show full text]
  • Self-Tracking, Datafication and the Biopolitical Prosumption of Life | 2018:10
    Vassilis Charitsis | Self-tracking, datafication and the biopolitical prosumption of life | Charitsis | Self-tracking, Vassilis Self-tracking, datafication and the biopolitical prosumption of life Self-tracking, datafication The aim of the thesis is to explore the extraction and appropriation of value and the from an increasing number of aspects of consumers’ lives. To do this, the thesis focuses on the popular consumption phenomenon of self-tracking, which allows biopolitical prosumption of life consumers to track and quantify diverse facets of their lives. Engaging with biopolitical analyses of contemporary marketing and drawing on qualitative empirical data, the thesis contests and extends previous marketing theorisations that focus primarily on consumers’ skills and knowledge while maintaining that the entirety of human existence becomes a resource for value. The thesis contributes to the critical marketing literature by advancing the Vassilis Charitsis understanding of the biopolitical nature of marketing in extracting value from consumers’ lifestyles and in the creation of consumer subjectivities. It introduces the notion of the “biopolitical prosumption of life”, which refers to the “creation of worlds” that allow and enable the development of market- 2018:10 aligned subjectivities, which can generate value for corporate interests. The notions of the “prosumed self” and the “prosuming self” are introduced to frame and elucidate these subjectivities. The empirical findings indicate that marketing interventions foster the development
    [Show full text]