Skip to main content
SpringerLink
Log in

Privacy in Location-Sensing Technologies

  • Chapter
  • First Online:
Handbook of Mobile Data Privacy

Abstract

Data analysis is becoming a popular tool to gain marketing insights from heterogeneous and often unstructured sensor data. Online stores make use of click stream analysis to understand customer intentions. Meanwhile, retail companies transition to locating technologies like RFID to gain better control and visibility of the inventory in a store. To further exploit the potential of these technologies, retail companies invest in novel services for their customers, such as smart fitting rooms or location of items in real time. In such a setting, a company can not only get insights similar to online stores, but can potentially also monitor customers. In this chapter, we discuss various location-sensing technologies used in retail and identify possible direct and indirect privacy threats that arise with their use. Subsequently, we present technological and organizational privacy controls that can help to minimize the identified privacy threats without losing on relevant marketing insights.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 109.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 139.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    In the context of fashion retail, these interaction points can be inside the fitting room. Typically the users can interact there with a touch screen or also a smart mirror [7].

References

  1. ISO/IEC 29100:2011 - Information technology – Security techniques – Privacy framework. 2011.

    Google Scholar 

  2. G. D. Abowd, A. K. Dey, P. J. Brown, N. Davies, M. Smith, and P. Steggles. Towards a better understanding of context and context-awareness. In International Symposium on Handheld and Ubiquitous Computing, pages 304–307. Springer, 1999.

    Google Scholar 

  3. S. Adler, S. Schmitt, K. Wolter, and M. Kyas. A survey of experimental evaluation in indoor localization research. In Indoor Positioning and Indoor Navigation (IPIN), 2015 International Conference on, pages 1–10. IEEE, 2015.

    Google Scholar 

  4. G. Adomavicius and A. Tuzhilin. Toward the next generation of recommender systems: A survey of the state-of-the-art and possible extensions. IEEE transactions on knowledge and data engineering, 17(6):734–749, 2005.

    Article  Google Scholar 

  5. M. Afanasyev, T. Chen, G. M. Voelker, and A. C. Snoeren. Usage patterns in an urban WiFi network. IEEE/ACM Trans. Netw., 18(5):1359–1372, 2010.

    Article  Google Scholar 

  6. K. Albrecht and L. C. McIntyre. Scandal: Wal-mart, p &g involved in secret RFID testing, consumers against supermarket privacy invasion and numbering (caspian). Retreived on 10-01-2017 from http://www.spychips.com/press-releases/broken-arrow.html.

  7. Y. Andreu-Cabedo, P. Castellano, S. Colantonio, G. Coppini, R. Favilla, D. Germanese, G. Giannakakis, D. Giorgi, M. Larsson, P. Marraccini, et al. Mirror mirror on the wall an intelligent multisensory mirror for well-being self-assessment. In 2015 IEEE International Conference on Multimedia and Expo (ICME), pages 1–6. IEEE, 2015.

    Google Scholar 

  8. Anonymous. Silverpush launches cross-device ad targeting with unique audio beacon technology. Retrieved on 14-01-2017 from http://www.steamfeed.com/silverpush-launches-cross-device-ad-targeting-with-unique-audio-beacon-technology/.

  9. Article 29 Data Protection Working Party. Opinion 05/2014 on Anonymisation Techniques, 2014.

    Google Scholar 

  10. Article 29 Data Protection Working Party. Opinion 06/2014 on Notion of legitimate interests of the data controller under Article 7 of Directive 95/46/EC, 2014.

    Google Scholar 

  11. J. Ayoade. Roadmap to solving security and privacy concerns in rfid systems. Computer Law & Security Review, 23(6):555–561, 2007.

    Article  Google Scholar 

  12. M. Azizyan, I. Constandache, and R. Roy Choudhury. Surroundsense: mobile phone localization via ambience fingerprinting. In Proceedings of the 15th annual international conference on Mobile computing and networking, pages 261–272. ACM, 2009.

    Google Scholar 

  13. R. Bajaj, S. L. Ranaweera, and D. P. Agrawal. GPS: location-tracking technology. Computer, 35(4):92–94, 2002.

    Article  Google Scholar 

  14. M. Baldauf, S. Dustdar, and F. Rosenberg. A survey on context-aware systems. International Journal of Ad Hoc and Ubiquitous Computing, 2(4):263–277, 2007.

    Article  Google Scholar 

  15. A. R. Beresford and F. Stajano. Location privacy in pervasive computing. IEEE Pervasive computing, 2(1):46–55, 2003.

    Article  Google Scholar 

  16. A. Bibby. Invasion of the privacy snatchers. Financial Times, January, 9, 2006.

    Google Scholar 

  17. R. R. Burke. The third wave of marketing intelligence. In Retailing in the 21st Century, pages 113–125. Springer, 2006.

    Google Scholar 

  18. J. D. Cai. Business intelligence by connecting real-time indoor location to sales records. In International Conference on Web-Age Information Management, pages 817–823. Springer, 2014.

    Google Scholar 

  19. M. T. Capizzi and R. Ferguson. Loyalty trends for the twenty–first century. Journal of Consumer Marketing, 22(2):72–80, 2005.

    Article  Google Scholar 

  20. G. Castelli, A. Rosi, M. Mamei, and F. Zambonelli. A simple model and infrastructure for context-aware browsing of the world. In Fifth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom’07), pages 229–238. IEEE, 2007.

    Google Scholar 

  21. A. Cavoukian. Privacy guidelines for RFID information systems (RFID privacy guidelines), 2006. Information and Privacy Comissioner/Ontario, Toronto.

    Google Scholar 

  22. A. Chattopadhyay and A. R. Harish. Analysis of low range indoor location tracking techniques using passive UHF RFID tags. In 2008 IEEE Radio and Wireless Symposium, 2008.

    Google Scholar 

  23. I. Cil. Consumption universes based supermarket layout through association rule mining and multidimensional scaling. Expert Systems with Applications, 39(10):8611–8625, 2012.

    Article  Google Scholar 

  24. P. Cohan. How nordstrom uses WiFi to spy on shoppers. Retreived on 13-01-2017 from http://www.forbes.com/sites/petercohan/2013/05/09/how-nordstrom-and-home-depot-use-wifi-to-spy-on-shoppers/#2421d0ec3bf9.

  25. M. Cunche. I know your MAC address: Targeted tracking of individual using Wi-Fi. Journal of Computer Virology and Hacking Techniques, 10(4):219–227, 2014.

    Article  Google Scholar 

  26. Y.-A. De Montjoye, C. A. Hidalgo, M. Verleysen, and V. D. Blondel. Unique in the crowd: The privacy bounds of human mobility. Scientific reports, 3, 2013.

    Google Scholar 

  27. D. Delen, B. C. Hardgrave, and R. Sharda. Rfid for better supply-chain management through enhanced information visibility. Production and Operations Management, 16(5):613–624, 2007.

    Article  Google Scholar 

  28. L. Demir. Wi-Fi tracking : what about privacy. Master’s thesis, M2 SCCI Security, Cryptologyand Coding of Information - UFR IMAG, Sept. 2013. https://hal.inria.fr/hal-00859013.

  29. A. K. Dey. Understanding and using context. Personal Ubiquitous Comput., 5(1):4–7, Jan. 2001.

    Article  Google Scholar 

  30. M. Duckham and L. Kulik. A formal model of obfuscation and negotiation for location privacy. In International Conference on Pervasive Computing, pages 152–170. Springer, 2005.

    Google Scholar 

  31. C. Dwork. Differential privacy: A survey of results. In International Conference on Theory and Applications of Models of Computation, pages 1–19. Springer, 2008.

    Google Scholar 

  32. C. Dwork, F. McSherry, K. Nissim, and A. Smith. Calibrating noise to sensitivity in private data analysis. In Theory of Cryptography Conference, pages 265–284. Springer, 2006.

    Google Scholar 

  33. Eileen P. Kelly G. Scott Erickson. RFID tags: commercial applications v. privacy rights. Industrial Management & Data Systems, 105(6):703–713, 2005.

    Article  Google Scholar 

  34. European Emergency Number Association. Caller location in support of emergency services. EENA Operations Document, (2), 2014.

    Google Scholar 

  35. Z. Farid, R. Nordin, and M. Ismail. Recent advances in wireless indoor localization techniques and system. Journal of Computer Networks and Communications, 2013, 2013.

    Google Scholar 

  36. B. Friedman, E. Felten, and L. I. Millett. Informed consent online: A conceptual model and design principles. University of Washington Computer Science & Engineering Technical Report 00–12–2, 2000.

    Google Scholar 

  37. B. Friedman, P. Lin, and J. K. Miller. Informed consent by design. Security and Usability, (2001):503–530, 2005.

    Google Scholar 

  38. S. L. Garfinkel, A. Juels, and R. Pappu. RFID privacy: An overview of problems and proposed solutions. IEEE Security & Privacy, 3(3):34–43, 2005.

    Article  Google Scholar 

  39. A. Ghosh, T. Roughgarden, and M. Sundararajan. Universally utility-maximizing privacy mechanisms. SIAM Journal on Computing, 41(6):1673–1693, 2012.

    Article  MathSciNet  Google Scholar 

  40. M. Gruteser and D. Grunwald. Anonymous usage of location-based services through spatial and temporal cloaking. In Proceedings of the 1st international conference on Mobile systems, applications and services, pages 31–42. ACM, 2003.

    Google Scholar 

  41. Y. Gu, A. Lo, and I. Niemegeers. A survey of indoor positioning systems for wireless personal networks. IEEE Communications surveys & tutorials, 11(1):13–32, 2009.

    Article  Google Scholar 

  42. M. Hazas, J. Scott, and J. Krumm. Location-aware computing comes of age. IEEE Computer, 37(2):95–97, 2004.

    Article  Google Scholar 

  43. M. Hazas, J. Scott, and J. Krumm. Location-aware computing comes of age. Computer, 37(2):95–97, 2004.

    Article  Google Scholar 

  44. Information technology – Security techniques-Information security risk management. Standard, International Organization for Standardization, Geneva, CH, 2008.

    Google Scholar 

  45. A. Juels. RFID security and privacy: A research survey. IEEE journal on selected areas in communications, 24(2):381–394, 2006.

    Article  MathSciNet  Google Scholar 

  46. Kalyan S. Pasupathy, Thomas R. Hellmich. How RFID technology improves hospital care, 31-12-2015. Retreived on 14-01-2017 from https://hbr.org/2015/12/how-rfid-technology-improves-hospital-care.

  47. G. Karjoth and P. A. Moskowitz. Disabling RFID tags with visible confirmation: clipped tags are silenced. In Proceedings of the 2005 ACM workshop on Privacy in the electronic society, pages 27–30. ACM, 2005.

    Google Scholar 

  48. V. Kopytoff. For retailers, tracking shoppers brings new insights. Retreived on 13-01-2017 from https://www.technologyreview.com/s/520811/stores-sniff-out-smartphones-to-follow-shoppers/.

  49. D. Kravets. Tracking school children with RFID tags? it’s all about the benjamins. Retreived on 14-01-2017 from https://www.wired.com/2012/09/rfid-chip-student-monitoring/.

  50. J. Krumm, editor. Ubiquitous computing fundamentals. CRC Press, 2016.

    Google Scholar 

  51. P. Kumar, M. U. Kalwani, and M. Dada. The impact of waiting time guarantees on customers’ waiting experiences. Marketing science, 16(4):295–314, 1997.

    Article  Google Scholar 

  52. A. LaMarca, Y. Chawathe, S. Consolvo, J. Hightower, I. E. Smith, J. Scott, T. Sohn, J. Howard, J. Hughes, F. Potter, J. Tabert, P. Powledge, G. Borriello, and B. N. Schilit. Place lab: Device positioning using radio beacons in the wild. In Pervasive Computing, Third International Conference, PERVASIVE 2005, Munich, Germany, May 8-13, 2005, Proceedings, pages 116–133, 2005.

    Google Scholar 

  53. M. Langheinrich. A survey of RFID privacy approaches. Personal and Ubiquitous Computing, 13(6):413–421, 2009.

    Article  Google Scholar 

  54. J. S. Larson, E. T. Bradlow, and P. S. Fader. An exploratory look at supermarket shopping paths. International Journal of research in Marketing, 22(4):395–414, 2005.

    Article  Google Scholar 

  55. M. Levy, B. A. Weitz, and D. Grewal. Retailing management. Irwin/McGraw-Hill New York, 1998.

    Google Scholar 

  56. H. Liu, H. Darabi, P. Banerjee, and J. Liu. Survey of wireless indoor positioning techniques and systems. IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews), 37(6):1067–1080, Nov 2007.

    Article  Google Scholar 

  57. H. Liu, H. Darabi, P. P. Banerjee, and J. Liu. Survey of wireless indoor positioning techniques and systems. IEEE Trans. Systems, Man, and Cybernetics, Part C, 37(6):1067–1080, 2007.

    Article  Google Scholar 

  58. H. Liu, Y. Gan, J. Yang, S. Sidhom, Y. Wang, Y. Chen, and F. Ye. Push the limit of WiFi based localization for smartphones. In The 18th Annual International Conference on Mobile Computing and Networking, Mobicom’12, Istanbul, Turkey, August 22–26, 2012, pages 305–316, 2012.

    Google Scholar 

  59. A. Machanavajjhala, D. Kifer, J. Gehrke, and M. Venkitasubramaniam. l-diversity: Privacy beyond k-anonymity. ACM Transactions on Knowledge Discovery from Data (TKDD), 1(1):3, 2007.

    Article  Google Scholar 

  60. C. Martin. How beacons are changing the shopping experience. Harvard Bus. Rev, 2014.

    Google Scholar 

  61. A. S. Mattila and J. Wirtz. Congruency of scent and music as a driver of in-store evaluations and behavior. Journal of retailing, 77(2):273–289, 2001.

    Article  Google Scholar 

  62. A. Moore. Defining privacy. Journal of Social Philosophy, 39(3):411–428, 2008.

    Article  Google Scholar 

  63. D. Namiot. Context-aware browsing–a practical approach. In 2012 Sixth International Conference on Next Generation Mobile Applications, Services and Technologies, pages 18–23. IEEE, 2012.

    Google Scholar 

  64. A. Narayanan and V. Shmatikov. Robust de-anonymization of large sparse datasets. In 2008 IEEE Symposium on Security and Privacy (sp 2008), pages 111–125. IEEE, 2008.

    Google Scholar 

  65. P. V. Nikitin, K. Rao, and S. Lazar. An overview of near field UHF RFID. In IEEE international Conference on RFID, volume 167. Citeseer, 2007.

    Google Scholar 

  66. A. Novotny and S. Spiekermann. Personal information markets and privacy: a new model to solve the controversy. 2012.

    Google Scholar 

  67. P. Ohm. Broken promises of privacy: Responding to the surprising failure of anonymization. UCLA law review, 57:1701, 2010.

    Google Scholar 

  68. R. Prasad and M. Ruggieri. Applied satellite navigation-using GPS, GALILEO and augmentation systems. 2005.

    Google Scholar 

  69. N. M. Puccinelli, R. C. Goodstein, D. Grewal, R. Price, P. Raghubir, and D. Stewart. Customer experience management in retailing: Understanding the buying process. Journal of Retailing, 85(1):15–30, 2009. Enhancing the Retail Customer Experience.

    Article  Google Scholar 

  70. V. Rastogi, D. Suciu, and S. Hong. The boundary between privacy and utility in data publishing. In Proceedings of the 33rd international conference on Very large data bases, pages 531–542. VLDB Endowment, 2007.

    Google Scholar 

  71. F. Ricci, L. Rokach, and B. Shapira. Introduction to recommender systems handbook. Springer, 2011.

    Book  Google Scholar 

  72. D. Y. Sha and L. Guo-Liang. Improving service quality of retail store by innovative digital content technology. In 2012 IEEE International Conference on Computer Science and Automation Engineering, pages 655–660, June 2012.

    Google Scholar 

  73. D. J. Solove. A taxonomy of privacy. University of Pennsylvania law review, pages 477–564, 2006.

    Google Scholar 

  74. D. J. Solove. Understanding privacy. Harvard University Press, GWU Law School Public Law Research Paper, (420), May 2008.

    Google Scholar 

  75. J. Song, C. T. Haas, and C. H. Caldas. A proximity-based method for locating RFID tagged objects. Advanced Engineering Informatics, 21(4):367–376, 2007.

    Article  Google Scholar 

  76. R. A. Spinello. Privacy rights in the information economy. Business Ethics Quarterly, 8(4):723–742, 1998.

    Article  Google Scholar 

  77. steinunn. Discover a museum with BLE app for indoor location – Video from Eldheimar, 2014. Retreived on 14-01-2017 from https://locatify.com/blog/discover-a-museum-with-ble-app-for-indoor-location-video-from-eldheimar/.

  78. L. Sweeney. k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 10(05):557–570, 2002.

    Article  MathSciNet  Google Scholar 

  79. K. P. Tang, P. Keyani, J. Fogarty, and J. I. Hong. Putting people in their place: An anonymous and privacy-sensitive approach to collecting sensed data in location-based applications. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI ’06, pages 93–102, New York, NY, USA, 2006. ACM.

    Google Scholar 

  80. Z. Technologies. Analysis of iOS 8 MAC Randomization on Locationing. http://mpact.zebra.com/documents/iOS8-White-Paper.pdf, 2015. Zebra Whitepaper.

  81. The European Parliament And The Council Of The EU. Regulation (eu) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95/46/ec (general data protection regulation). Official Journal of the European Union, L119/1, 2016.

    Google Scholar 

  82. The European Parliament, the Council and the Commission. Eu directive 95/46/ec on the protection of individuals with regard to the processing of personal data and on the free movement of such data: Eu directive 95/46/ec. pages 0031–0050, 1995.

    Google Scholar 

  83. F. Thiesse. RFID, privacy and the perception of risk: A strategic framework. J. Strategic Inf. Sys., 16(2):214–232, 2007.

    Article  Google Scholar 

  84. F. Thomas and L. Ros. Revisiting trilateration for robot localization. IEEE Trans. Robotics, 21(1):93–101, 2005.

    Article  Google Scholar 

  85. J. P. Van Den Berg. A literature survey on planning and control of warehousing systems. IIE Transactions, 31(8):751–762, 1999.

    Google Scholar 

  86. R. Want. An introduction to RFID technology. IEEE Pervasive Computing, 5(1):25–33, 2006.

    Article  Google Scholar 

  87. A. Wee. A supermarket without a checkout line-Amazon go, 2016. Zing Gadget http://en.zinggadget.com/a-supermarket-without-a-checkout-line-amazon-go.

  88. S. A. Weis. Security and privacy in radio-frequency identification devices. Master’s thesis, Massachusetts Institute of Technology, 2003.

    Google Scholar 

  89. A. Yaeli, P. Bak, G. Feigenblat, S. Nadler, H. Roitman, G. Saadoun, H. J. Ship, D. Cohen, O. Fuchs, S. Ofek-Koifman, et al. Understanding customer behavior using indoor location analysis and visualization. IBM Journal of Research and Development, 58(5/6):3–1, 2014.

    Article  Google Scholar 

  90. C. Yang and H.-R. Shao. WiFi-based indoor positioning. IEEE Communications Magazine, 53(3):150–157, 2015.

    Article  Google Scholar 

  91. D. Zanetti, P. Sachs, and S. Capkun. On the practicality of UHF RFID fingerprinting: How real is the RFID tracking problem? In S. Fischer-Hübner and N. Hopper, editors, Privacy Enhancing Technologies - 11th International Symposium, PETS 2011, Waterloo, ON, Canada, July 27–29, 2011. Proceedings, volume 6794 of Lecture Notes in Computer Science, pages 97–116. Springer, 2011.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Vienna University of Economics and Business, Vienna, Austria

    Andreas Solti, Sushant Agarwal & Sarah Spiekermann-Hoff

Authors
  1. Andreas Solti
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sushant Agarwal
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sarah Spiekermann-Hoff
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sushant Agarwal .

Editor information

Editors and Affiliations

  1. IBM Watson Health Headquarters, Cambridge, MA, USA

    Aris Gkoulalas-Divanis

  2. Dipartimento di Informatica, University of Milan, Milan, Italy

    Claudio Bettini

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Solti, A., Agarwal, S., Spiekermann-Hoff, S. (2018). Privacy in Location-Sensing Technologies. In: Gkoulalas-Divanis, A., Bettini, C. (eds) Handbook of Mobile Data Privacy . Springer, Cham. https://doi.org/10.1007/978-3-319-98161-1_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-98161-1_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-98160-4

  • Online ISBN: 978-3-319-98161-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation