Re: Geolocation: Security and Privacy

Alec wrote:
> To accomplish "Data fuzzing," I think the easiest solution is to
> randomize the lat/long values to some number of decimal places based on
> what the user is willing to give. I agree that bounding boxes and center
> points of cities makes a lot of sense, but that seems like an
> implementation nightmare - all the central points/bounding boxes would
> need to be stored in a database somewhere and accessed.

i kinda like the region box idea.

especially if the user is shown the box (in a world/regional ma)p and
given the ability to choose which box to update to next.

a box region of course also gives implicit information about the
precision the agent is offering to the service. and it of course would
need to be expressed as part of the api.

> One alternative is to only perform limited reverse geocoding (i.e. only
> give the city, state, country) for sites that the user does not trust
> and withhold the lat/long values. Then if the user gives consent (via
> UI?), the actual coordinate could be returned.

On 6/10/08, Chris Butler <cbutler@dash.net> wrote:
> The approach to provide a randomized dance around the current location
> would provide a way to potentially brute force a more approximate real
> location by accessing the data multiple times and doing the average...

> Giving back a reverse geocoded string would work as well so that the
> service doesn't need to provide that service...

Received on Tuesday, 10 June 2008 08:35:51 UTC