Jump to ContentJump to Main Navigation
Show Summary Details

Proceedings on Privacy Enhancing Technologies

2 Issues per year

Open Access
See all formats and pricing

Privacy vs. Reward in Indoor Location-Based Services

Kassem Fawaz
  • University of Michigan
  • :
/ Kyu-Han Kim
  • Hewlett Packard Labs
  • :
/ Kang G. Shin
  • University of Michigan
  • :
Published Online: 2016-07-14 | DOI: https://doi.org/10.1515/popets-2016-0031


With the advance of indoor localization technology, indoor location-based services (ILBS) are gaining popularity. They, however, accompany privacy concerns. ILBS providers track the users’ mobility to learn more about their behavior, and then provide them with improved and personalized services. Our survey of 200 individuals highlighted their concerns about this tracking for potential leakage of their personal/private traits, but also showed their willingness to accept reduced tracking for improved service. In this paper, we propose PR-LBS (Privacy vs. Reward for Location-Based Service), a system that addresses these seemingly conflicting requirements by balancing the users’ privacy concerns and the benefits of sharing location information in indoor location tracking environments. PR-LBS relies on a novel location-privacy criterion to quantify the privacy risks pertaining to sharing indoor location information. It also employs a repeated play model to ensure that the received service is proportionate to the privacy risk. We implement and evaluate PR-LBS extensively with various real-world user mobility traces. Results show that PR-LBS has low overhead, protects the users’ privacy, and makes a good tradeoff between the quality of service for the users and the utility of shared location data for service providers.

Keywords: Location Privacy; Indoor localization; Differential Privacy


  • [1] S. Sen, J. Lee, K.-H. Kim, and P. Congdon, “Avoiding multipath to revive inbuilding wifi localization,” in Proceeding of MobiSys ’13, 2013, pp. 249-262. [Online]. Available: http://doi.acm.org/10.1145/2462456.2464463 [Crossref]

  • [2] A. Martin, “Nordstrom no longer tracking customer phones,” http://cbsloc.al/1JIYNlR, May 2013.

  • [3] Future of Privacy Forum, “Mobile Location Analytics Code of Conduct,” http://www.futureofprivacy.org/wpcontent/uploads/10.22.13-FINAL-MLA-Code.pdf.

  • [4] L. Privat, “U.S. consumers reject in-store tracking said survey,” http://www.opinionlab.com/media_coverage/u-sconsumers-reject-in-store-tracking-said-survey/.

  • [5] H. Xu, H.-H. Teo, B. Tan, and R. Agarwal, “The role of push-pull technology in privacy calculus: The case of location-based services,” J. Manage. Inf. Syst., vol. 26, no. 3, pp. 135-174, Dec. 2009. [Online]. Available: http://dx.doi.org/10.2753/MIS0742-1222260305 [Crossref]

  • [6] J. Hannan, “Approximation to Bayes risk in repeated plays,” Contributions to the Theory of Games, vol. 3, pp. 97-139, 1957.

  • [7] D. P. D. Farias and N. Megiddo, “Combining expert advice in reactive environments,” J. ACM, vol. 53, no. 5, pp. 762-799, Sep. 2006. [Online]. Available: http://doi.acm.org/10.1145/1183907.1183911 [Crossref]

  • [8] Apple Support, “iOS: Understanding iBeacon,” https://support.apple.com/en-gb/HT202880, Feb. 2015.

  • [9] R. Rodrigues, D. Barnard-Wills, D. Wright, P. De Hert, V. Papakonstantinou, L. Beslay, E. JRC-IPSC, N. Dubois, and E. JUST, “EU privacy seals project,” Publications Office of the European Union, 2013.

  • [10] P. Higgins and L. Tien, “Mobile tracking code of conduct falls short of protecting consumers,” https://www.eff.org/deeplinks/2013/10/mobile-tracking-code-conduct-falls\-short-protecting-consumers, October 2013.

  • [11] L. Demir, M. Cunche, and C. Lauradoux, “Analysing the privacy policies of Wi-Fi trackers,” in Workshop on Physical Analytics, Bretton Woods, USA, Jun. 2014. [Online]. Available: http://hal.inria.fr/hal-00983363

  • [12] , “Apple - privacy built in,” https://www.apple.com/privacy/privacy-built-in/.

  • [13] M. Gruteser and D. Grunwald, “Enhancing location privacy in wireless LAN through disposable interface identifiers: A quantitative analysis,” Mob. Netw. Appl., vol. 10, no. 3, pp. 315-325, Jun. 2005.

  • [14] T. Jiang, H. J. Wang, and Y.-C. Hu, “Preserving location privacy in wireless LANs,” in Proceedings of MobiSys ’07, 2007, pp. 246-257. [Online]. Available: http://doi.acm.org/10.1145/1247660.1247689 [Crossref]

  • [15] M. Li, K. Sampigethaya, L. Huang, and R. Poovendran, “Swing & swap: User-centric approaches towards maximizing location privacy,” in Proceedings of WPES ’06, 2006, pp. 19-28. [Online]. Available: http://doi.acm.org/10.1145/1179601.1179605 [Crossref]

  • [16] C. Riederer, V. Erramilli, A. Chaintreau, B. Krishnamurthy, and P. Rodriguez, “For sale : Your data: By : You,” in Proceedings of HotNets-X. New York, NY, USA: ACM, 2011, pp. 13:1-13:6. [Online]. Available: http://doi.acm.org/10.1145/2070562.2070575 [Crossref]

  • [17] A. Ghosh and A. Roth, “Selling privacy at auction,” in Proceedings of EC ’11, 2011, pp. 199-208. [Online]. Available: http://doi.acm.org/10.1145/1993574.1993605 [Crossref]

  • [18] R. Shokri, “Privacy games: Optimal user-centric data obfuscation,” Proceedings on Privacy Enhancing Technologies, vol. 2015, no. 2, pp. 1-17, 2015.

  • [19] P. Kumaraguru and L. F. Cranor, “Privacy Indexes: A Survey of Westin’s Studies,” Carnegie Mellon University, Institute for Software Research International, Tech. Rep., 12 2005.

  • [20] V. Rastogi and S. Nath, “Differentially private aggregation of distributed time-series with transformation and encryption,” in Proceedings of the 2010 ACM SIGMOD International Conference on Management of Data, ser. SIGMOD ’10. New York, NY, USA: ACM, 2010, pp. 735-746. [Online]. Available: http://doi.acm.org/10.1145/1807167.1807247 [Crossref]

  • [21] O. Abul, F. Bonchi, and M. Nanni, “Never walk alone: Uncertainty for anonymity in moving objects databases,” in Proceedings of the 2008 IEEE 24th International Conference on Data Engineering, ser. ICDE ’08. Washington, DC, USA: IEEE Computer Society, 2008, pp. 376-385. [Online]. Available: http://dx.doi.org/10.1109/ICDE.2008.4497446 [Crossref]

  • [22] M. Terrovitis and N. Mamoulis, “Privacy preservation in the publication of trajectories,” in Proceedings of the The Ninth International Conference on Mobile Data Management, ser. MDM ’08. Washington, DC, USA: IEEE Computer Society, 2008, pp. 65-72. [Online]. Available: http://dx.doi.org/10.1109/MDM.2008.29 [Crossref]

  • [23] R. Chen, G. Acs, and C. Castelluccia, “Differentially private sequential data publication via variable-length n-grams,” in Proceedings of the 2012 ACM Conference on Computer and Communications Security, ser. CCS ’12. New York, NY, USA: ACM, 2012, pp. 638-649. [Online]. Available: http://doi.acm.org/10.1145/2382196.2382263 [Crossref]

  • [24] M. E. Andrés, N. E. Bordenabe, K. Chatzikokolakis, and C. Palamidessi, “Geo-indistinguishability: Differential privacy for location-based systems,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, ser. CCS ’13. New York, NY, USA: ACM, 2013, pp. 901-914. [Online]. Available: http://doi.acm.org/10.1145/2508859.2516735 [Crossref]

  • [25] K. Chatzikokolakis, C. Palamidessi, and M. Stronati, “A predictive differentially-private mechanism for mobility traces,” in Privacy Enhancing Technologies. Springer, 2014, pp. 21-41.

  • [26] G. Barthe, B. Köpf, F. Olmedo, and S. Zanella Béguelin, “Probabilistic relational reasoning for differential privacy,” in Proceedings of the 39th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, ser. POPL ’12. New York, NY, USA: ACM, 2012, pp. 97-110. [Online]. Available: http://doi.acm.org/10.1145/2103656.2103670 [Crossref]

  • [27] J. Reed and B. C. Pierce, “Distance makes the types grow stronger: A calculus for differential privacy,” in Proceedings of the 15th ACM SIGPLAN International Conference on Functional Programming, ser. ICFP ’10. New York, NY, USA: ACM, 2010, pp. 157-168. [Online]. Available: http://doi.acm.org/10.1145/1863543.1863568 [Crossref]

  • [28] K. Chatzikokolakis, M. Andrés, N. Bordenabe, and C. Palamidessi, “Broadening the scope of differential privacy using metrics,” in Privacy Enhancing Technologies, ser. Lecture Notes in Computer Science, E. De Cristofaro and M. Wright, Eds. Springer Berlin Heidelberg, 2013, vol. 7981, pp. 82-102. [Online]. Available: http://dx.doi.org/10.1007/978-3-642-39077-7_5 [Crossref]

  • [29] C. Dwork, F. McSherry, K. Nissim, and A. Smith, “Calibrating noise to sensitivity in private data analysis,” in Proceedings of the Third Conference on Theory of Cryptography, ser. TCC’06. Berlin, Heidelberg: Springer-Verlag, 2006, pp. 265-284. [Online]. Available: http://dx.doi.org/10.1007/11681878_14 [Crossref]

  • [30] G. Miklau and D. Suciu, “A formal analysis of information disclosure in data exchange,” in Proceedings of SIGMOD ’04, 2004, pp. 575-586. [Online]. Available: http://doi.acm.org/10.1145/1007568.1007633 [Crossref]

  • [31] C. Goodwin, “A conceptualization of motives to seek privacy for nondeviant consumption,” Journal of Consumer Psychology, vol. 1, no. 3, pp. 261 - 284, 1992. [Online]. Available: http://www.sciencedirect.com/science/article/pii/S1057740808800393

  • [32] B. Huberman, E. Adar, and L. Fine, “Valuating privacy,” Security Privacy, IEEE, vol. 3, no. 5, pp. 22-25.

  • [33] L. Zadeh, “Fuzzy sets,” Information and Control, vol. 8, no. 3, pp. 338 - 353, 1965. [Online]. Available: http://www.sciencedirect.com/science/article/pii/S001999586590241X

  • [34] J. Demko-Rihter and I. t. Halle, “Revival of high street retailing - the added value of shopping apps,” The AMFITEATRU ECONOMIC journal, vol. 17, no. 39, 2015. [Online]. Available: http://EconPapers.repec.org/RePEc:aes:amfeco:v:39:y:2015:i:17:p:632

  • [35] H. Jang, I. Ko, and J. Kim, “The effect of group-buy social commerce and coupon on satisfaction and continuance intention - focusing on the expectation confirmation model (ecm),” in System Sciences (HICSS), 2013 46th Hawaii International Conference on, Jan 2013, pp. 2938-2948.

  • [36] T. Kowatsch and W. Maass, “In-store consumer behavior: How mobile recommendation agents influence usage intentions, product purchases, and store preferences,” Computers in Human Behavior, vol. 26, no. 4, pp. 697 - 704, 2010, emerging and Scripted Roles in Computer-supported Collaborative Learning. [Online]. Available: http://www.sciencedirect.com/science/article/pii/S0747563210000087

  • [37] I. M. Dinner, H. J. Van Heerde, and S. Neslin, “Creating Customer Engagement Via Mobile Apps:How App Usage Drives Purchase Behavior,” Social Science Research Network Working Paper Series, Oct. [Online]. Available: http://ssrn.com/abstract=2669817

  • [38] J.-Y. M. Kang, J. M. Mun, and K. K. Johnson, “In-store mobile usage: Downloading and usage intention toward mobile location-based retail apps,” Computers in Human Behavior, vol. 46, pp. 210 - 217, 2015. [Online]. Available: http://www.sciencedirect.com/science/article/pii/S0747563215000242

  • [39] Sales Force, “2014 Mobile Behavior Report,” https://www.exacttarget.com/sites/exacttarget/files/deliverables/etmc-2014mobilebehaviorreport.pdf, Feb. 2014.

  • [40] K. L. S. Ohri, “The New Digital Divide: Retailers, shoppers, and the digital influence factor,” http://www2.deloitte.com/content/dam/Deloitte/us/Documents/consumer-business/us-rd-thenewdigitaldivide-041814.pdf, 2014.

  • [41] D. Kosir, “Mobile apps vs. mobile web: What retailers need to know,” http://clearbridgemobile.com/mobile-apps-vs-mobileweb-what-retailers-need-to-know/, Aug. 2015.

  • [42] R. Libfrand, “Retail Mobile App Users Visit Brick-and-Mortars More Often,” http://blog.compariscope.com/retail-mobileapps-12x-the-number-of-in-store-visits, Jan. 2016.

  • [43] C. Boyle, “Mobile Messaging Trends-Tapping into SMS, Mobile Email and Push,” http://www.slideshare.net/eMarketerInc/emarketer-webinar-mobile-messaging-trendstapping-into-smsmobile-email-and-push-25068768, Aug. 2013.

  • [44] C. Shepard, A. Rahmati, C. Tossell, L. Zhong, and P. Kortum, “Livelab: Measuring wireless networks and smartphone users in the field,” SIGMETRICS Perform. Eval. Rev., vol. 38, no. 3, pp. 15-20, Jan. 2011. [Online]. Available: http://doi.acm.org/10.1145/1925019.1925023 [Crossref]

  • [45] A. Nandugudi, A. Maiti, T. Ki, F. Bulut, M. Demirbas, T. Kosar, C. Qiao, S. Y. Ko, and G. Challen, “Phonelab: A large programmable smartphone testbed,” in Proceedings of SENSEMINE’13, 2013, pp. 4:1-4:6. [Online]. Available: http://doi.acm.org/10.1145/2536714.2536718 [Crossref]

  • [46] P. Yin, P. Luo, W.-C. Lee, and M. Wang, “App recommendation: A contest between satisfaction and temptation,” in Proceedings of WSDM ’13. New York, NY, USA: ACM, 2013, pp. 395-404. [Online]. Available: http://doi.acm.org/10.1145/2433396.2433446 [Crossref]

  • [47] aestetix and C. Petro, “CRAWDAD data set hope/amd (v. 2008-08-07),” Downloaded from http://crawdad.org/hope/amd/, Aug. 2008.

  • [48] T. Goodspeed and N. Filardo, “CRAWDAD data set hope/nh_amd (v. 2010-07-18),” Downloaded from http://crawdad.org/hope/nh_amd/, Jul. 2010.

  • [49] I. Rhee, M. Shin, S. Hong, K. Lee, S. Kim, and S. Chong, “CRAWDAD data set ncsu/mobilitymodels (v. 2009-07-23),” Downloaded from http://crawdad.org/ncsu/mobilitymodels/, Jul. 2009.

  • [50] J. Little and B. O’Brien, “A technical review of cisco’s wi-fi-based location analytics,” http://www.cisco.com/c/en/us/products/collateral/wireless/mobility-services-engine/white_paper_c11-728970.pdf, July 2013.

  • [51] Derek Top, “Indoor Location Firm Nomi Faces Layoffs; Privacy Concerns To Blame?” http://t.co/e7Gp7mU1Sz, Aug. 2014.

Received: 2016-02-29

Revised: 2016-06-02

Accepted: 2016-06-02

Published Online: 2016-07-14

Published in Print: 2016-10-01

Citation Information: Proceedings on Privacy Enhancing Technologies. Volume 2016, Issue 4, Pages 102–122, ISSN (Online) 2299-0984, DOI: https://doi.org/10.1515/popets-2016-0031, July 2016

© 2016. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License. (CC BY-NC-ND 4.0)

Comments (0)

Please log in or register to comment.