Please Forget Where I Was Last Summer: The Privacy Risks of Public Location (Meta)Data

by   Kostas Drakonakis, et al.

The exposure of location data constitutes a significant privacy risk to users as it can lead to de-anonymization, the inference of sensitive information, and even physical threats. In this paper we present LPAuditor, a tool that conducts a comprehensive evaluation of the privacy loss caused by publicly available location metadata. First, we demonstrate how our system can pinpoint users' key locations at an unprecedented granularity by identifying their actual postal addresses. Our experimental evaluation on Twitter data highlights the effectiveness of our techniques which outperform prior approaches by 18.9 exploration of automated private information inference that uncovers "sensitive" locations that users have visited (pertaining to health, religion, and sex/nightlife). We find that location metadata can provide additional context to tweets and thus lead to the exposure of private information that might not match the users' intentions. We further explore the mismatch between user actions and information exposure and find that older versions of the official Twitter apps follow a privacy-invasive policy of including precise GPS coordinates in the metadata of tweets that users have geotagged at a coarse-grained level (e.g., city). The implications of this exposure are further exacerbated by our finding that users are considerably privacy-cautious in regards to exposing precise location data. When users can explicitly select what location data is published, there is a 94.6 give users more control over their data, LPAuditor can be adopted by major services and offered as an auditing tool that informs users about sensitive information they (indirectly) expose through location metadata.


NEXUS: Using Geo-fencing Services without revealing your Location

While becoming more and more present in our every day lives, services th...

On the Importance of Location Privacy for Users of Location Based Applications

Do people care about their location privacy while using location-based s...

Large-Scale-Exploit of GitHub Repository Metadata and Preventive Measures

When working with Git, a popular version-control system, email addresses...

The Privacy Exposure Problem in Mobile Location-based Services

Mobile location-based services (LBSs) empowered by mobile crowdsourcing ...

Customizable and Rigorous Location Privacy through Policy Graph

Location privacy has been extensively studied in the literature. However...

Analyzing 'Near Me' Services: Potential for Exposure Bias in Location-based Retrieval

The proliferation of smartphones has led to the increased popularity of ...

Resilient Privacy Protection for Location-Based Services through Decentralization

Location-based Services (LBSs) provide valuable features but can also re...

Please sign up or login with your details

Forgot password? Click here to reset