From Data Privacy to Location Privacy

  • Ting Wang
  • Ling Liu

Over the past decade, the research on data privacy has achieved considerable advancement in the following two aspects: First, a variety of privacy threat models and privacy principles have been proposed, aiming at providing sufficient protection against different types of inference attacks; Second, a plethora of algorithms and methods have been developed to implement the proposed privacy principles, while attempting to optimize the utility of the resulting data. The first part of the chapter presents an overview of data privacy research by taking a close examination at the achievements from the above two aspects, with the objective of pinpointing individual research efforts on the grand map of data privacy protection. As a special form of data privacy, location privacy possesses its unique characteristics. In the second part of the chapter, we examine the research challenges and opportunities of location privacy protection, in a perspective analogous to data privacy. Our discussion attempts to answer the following three questions: (1) Is it sufficient to apply the data privacy models and algorithms developed to date for protecting location privacy? (2) What is the current state of the research on location privacy? (3) What are the open issues and technical challenges that demand further investigation? Through answering these questions, we intend to provide a comprehensive review of the state of the art in location privacy research.


Mobile User Privacy Protection Data Privacy Location Privacy Mobile Client 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    N. Adam, and J. Wortman. Security-control methods for statistical databases. ACM Computing Surveys, 21(4), 1989.Google Scholar
  2. [2]
    C. Aggarwal. On k-anonymity and the curse of dimensionality. In VLDB, 2005.Google Scholar
  3. [3]
    G. Aggarwal, T. Feder, K. Kenthapadi, R. Motwani, R. Panigraphy, D. Thomas, and A. Zhu. Anonymizing tables. In ICDT, 2005.Google Scholar
  4. [4]
    R. Agrawal, and R. Srikant. Fast algorithms for mining association rules. In VLDB, 1994.Google Scholar
  5. [5]
    B. Bamba, L. Liu, P. Pesti, and T. Wang. Supporting anonymous location queries in mobile environments with PrivacyGrid. In WWW, 2008.Google Scholar
  6. [6]
    R. Bayardo, and R. Agrawal. Data privacy through optimal k-anonymization. In ICDE, 2005.Google Scholar
  7. [7]
    A. Beresford. Location privacy in ubiquitous computing. PhD thesis, University of Cambridge, 2005.Google Scholar
  8. [8]
    B. Chen, R. Ramakrishnan, and K. LeFevre. Privacy skyline: privacy with multidimensional adversial knowledge”. In VLDB, 2007.Google Scholar
  9. [9]
    K. Chen, and L. Liu. A random rotation perturbation approach to privacy preserving data classification. In ICDM, 2005.Google Scholar
  10. [10]
    K. Chen, and L.Liu. Towards attack-resilient geometric data perturbation. In SDM, 2007.Google Scholar
  11. [11]
    F. Chin, and G. Ozsoyoglu. Auditing and inference control in statistical databases. IEEE Trans. Softw. Eng., SE-8(6), 1982.Google Scholar
  12. [12]
    C. Chow, and M. Mokbel. Enabling private continuous queries for revealed user locations. In SSTD, 2007.Google Scholar
  13. [13]
    L. Cox. Suppression methodology and statistical disclosure control. J. Am. Stat. Assoc., 75(370), 1980.Google Scholar
  14. [14]
    T. Dalenius, and S. Reisss. Data swapping: a technique for disclosure control. J. Stat. Plan. Infer., 6, 1982.Google Scholar
  15. [15]
    D. Denning. Secure statistical databases with random sample queries. ACM TODS, 5(3), 1980.Google Scholar
  16. [16]
    D. Dobkin, A. Jones, and R. Lipton. Secure databases: Protection against user influence”. ACM TODS, 4(1), 1979.Google Scholar
  17. [17]
    J. Du, J. Xu, X. Tang, and H. Hu. iPDA: enabling privacy-preserving location-based services”. In MDM, 2007.Google Scholar
  18. [18]
    M. Duckham, and L. Kulik. A formal model of obfuscation and negotiation for location privacy. In Pervasive, 2005.Google Scholar
  19. [19]
    G. Duncan, S. Fienberg, R. Krishnan, R. Padman, and S. Roehrig. Disclosure limitation methods and information loss for tabular data. Confidentiality, Disclosure, and Data Access: Theory and Practical Applications for Statistical Agencies, pp 135-166, Elsevier, 2001.Google Scholar
  20. [20]
    C. Farkas, and S. Jajodia. The inference problem: a survey. SIGKDD Explor. Newsl., 4(2), 2002.Google Scholar
  21. [21]
    I. Fellegi. On the question of statistical confidentiality. J. Am. Stat. Assoc., 67(337), 1972.Google Scholar
  22. [22]
    Foxs News. Man accused of stalking ex-grilfriend with gps.
  23. [23]
    B. Fung, K. Wang, and P. Yu. Top-down specialization for information and privacy preservation. In ICDE, 2005.Google Scholar
  24. [24]
    B. Gedik, and L. Liu. Location privacy in mobile systems: a personalized anonymization model”. In ICDCS, 2005.Google Scholar
  25. [25]
    B. Gedik, and L. Liu. Protecting location privacy with personalized k-anonymity architecture and algorithms. IEEE Transactions on Mobile Computing.Google Scholar
  26. [26]
    G. Ghinita, P. Kalnis, and S. Skiadopoulos. MOBIHIDE: a mobile peer-to-peer system for anonymous location-based queries. In SSTD, 2007.Google Scholar
  27. [27]
    G. Ghinita, P. Kalnis, and S. Skiadopoulos. PRIVE: anonymous location based queries in distributed mobile systems. In WWW, 2007.Google Scholar
  28. [28]
    M. Gruteser, and D. Grunwald. Anonymous usage of location-based services through spatial and temporal cloaking. In MobiSys, 2003.Google Scholar
  29. [29]
    J. Hong, and J. Landay. An architecture for privacy-sensitive ubiquitous computing. In MobiSys, 2004.Google Scholar
  30. [30]
    P. Indyk, and D. Woodruff, Polylogarithmic private approximations and efficient matching. In TCC, 2006.Google Scholar
  31. [31]
    V. Iyengar. Transforming data to satisfy privacy constraints. In KDD, 2002.Google Scholar
  32. [32]
    H. Kido, Y. Yanagisawa, and T. Satoh. An anonymous communication technique using dummies for location-based Services. In ICPS, 2005.Google Scholar
  33. [33]
    D. Kifer, and J. Gehrke. Injecting utility into anonymization databases. In SIGMOD, 2006.Google Scholar
  34. [34]
    A. Khoshgozaran, and C. Shahabi. Blind evaluation of nearest neighbor queries using space transformation to preserve location privacy. In SSTD, 2007.Google Scholar
  35. [35]
    K. LeFevre, D. Dewitt, and R. Ramakrishnan. Incognito: efficient full-domain k-anonymity. In SIGMOD, 2005.Google Scholar
  36. [36]
    K. LeFevre, D. DeWitt, and R. Ramakrishnan. Mondrian multidimensional k-anonymity. In ICDE, 2006.Google Scholar
  37. [37]
    K. LeFevre, D. DeWitt, and R. Ramakrishnan. Workload aware anonymization. In SIGKDD, 2006.Google Scholar
  38. [38]
    J. Li, Y. Tao, and X. Xiao. Preservation of proximity privacy in publishing numerical sensitive data. In SIGMOD, 2008.Google Scholar
  39. [39]
    N. Li, T. Li, and S. Venkatasubramanian. t-closeness: privacy beyond k-anonymity and l-diversity. In ICDE, 2007.Google Scholar
  40. [40]
    L. Liu. From data privacy to location privacy. In VLDB, 2007.Google Scholar
  41. [41]
    A. Machanavajjhala, J. Gehrke, D. Kifer, and M. Venkitasubramaniam. l-diversity: privacy beyond k-anonymity. In ICDE, 2006.Google Scholar
  42. [42]
    D. Martin, D. Kifer, A. Machanavajjhala, J. Gehrke, and J. Halpern. Worst-case background knowledge in privacy. In ICDE, 2007.Google Scholar
  43. [43]
    A. Meyerson, and R. Williams. On the complexity of optimal k-anonymity. In PODS, 2004.Google Scholar
  44. [44]
    M. Mokbel, C. Chow, and W. Aref. The new casper: query processing for location services without compromising privacy. In VLDB, 2006.Google Scholar
  45. [45]
    M. Mokbel. Privacy in location-based services: state of art and research directions. In MDM, 2007.Google Scholar
  46. [46]
    M. Nergiz, M. Atzori, and C. Clifton. Hiding the presence of individuals from shared databases. In SIGMOD, 2007.Google Scholar
  47. [47]
    H. Park, and K. Shim. Approximate algorithm for k-anonymity. In SIGMOD, 2007.Google Scholar
  48. [48]
    S. Saltenis, C. Jensen, S. Leutenegger, and M. Lopez. Indexing the positions of continuously moving objects. In SIGMOD, 2000.Google Scholar
  49. [49]
    P. Samarati, and L. Sweeney. Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression. Technical Report SRI-CSL-98-04, SRI Computer Science Laboratory, 1998.Google Scholar
  50. [50]
    P. Samarati. Protecting respondents’ identities in microdata release. IEEE Trans. Knowl. Data Eng., 13(6), 2001.Google Scholar
  51. [51]
    L. Sweeney. K-anonymity: a model for protecting privacy. Int. J. Uncertain. Fuzz., 10(5), 2002.Google Scholar
  52. [52]
    Y. Tao, D. Papadias, and Q. Shen. Continuous nearest neighbor search. In VLDB, 2002.Google Scholar
  53. [53]
    J. Traub, Y. Yemini, and H. Woznaikowski. The statistical security of a statistical database.. ACM TODS, 9(4), 1984.Google Scholar
  54. [54]
    USA Today. Authorities: Gps systems used to stalk woman.\_x.htm.
  55. [55]
    K. Wang, and B. Fung. Anonymizing sequential releases. In KDD, 2006.Google Scholar
  56. [56]
    K. Wang, P. Yu, and S. Chakraborty. Bottom-up generalization: a data mining solution to privacy protection”. In ICDM, 2004.Google Scholar
  57. [57]
    T. Wang, and L. Liu. Butterfly: protecting output privacy in stream mining. In ICDE, 2008.Google Scholar
  58. [58]
    T. Wang, and L. Liu. Location privacy protection for road network basedmobile computing system. CS Technical Report, Georgia Tech, 2008.Google Scholar
  59. [59]
    R. Wong, J. Li, A. Fu, and K. Wang. (alpha, k)-anonymity: an enhanced k-anonymity model for privacy preserving data publishing. In SIGKDD, 2006.Google Scholar
  60. [60]
    R. Wong, A. Fu, K. Wang, and J. Pei. Minimality attack in privacy preserving data publishing. In VLDB, 2007.Google Scholar
  61. [61]
    X. Xiao, and Y. Tao. Anatomy: simple and effective privacy preservation. In VLDB, 2006.Google Scholar
  62. [62]
    X. Xiao, and Y. Tao. m-invariance: towards privacy preserving re-publication of dynamic datasets. In SIGMOD, 2007.Google Scholar
  63. [63]
    J. Xu, W. Wang, J. Pei, X. Wang, B. Shi, and A. Fu. Utility based anonymization using local recording. In KDD, 2006.Google Scholar
  64. [64]
    M. Yiu, C. Jensen, X. Huang, and H. Lu. SpaceTwist: managing the trade-offs among location privacy, query performance, and query accuracy in mobile services. In ICDE, 2008.Google Scholar
  65. [65]
    Q. Zhang, N. Koudas, D. Srivastava, and T. Yu. Aggregate query answering on anonymized tables. In ICDE, 2007.Google Scholar

Copyright information

© Springer-Verlag US 2009

Authors and Affiliations

  1. 1.Distributed Data Intensive System Lab, College of Computing, Georgia TechAtlantaUSA

Personalised recommendations