Personal and Ubiquitous Computing

, Volume 18, Issue 1, pp 129–141 | Cite as

Crowdsourcing privacy preferences in context-aware applications

  • Eran Toch
Original Article


Developers of context-aware applications are faced with a tough challenge: powerful privacy controls are essential to maintain user trust, but they are also hard to use and not adequate in all situations. To address this tradeoff, we present Super-Ego, a crowdsourcing framework for privacy management of location information in ubiquitous environment. We study how crowdsourcing can be used to predict the user’s privacy preferences for different location on the basis of the general user population. The crowdsourcing methods are evaluated in a 2-week user study in which we tracked the locations of 30 subjects and asked them to provide privacy preferences for the locations they had visited. Our results show that by employing simple methods for semantic analysis of locations and by profiling the user’s privacy inclination, our methods can accurately predict the privacy preferences for 80 % of the user’s locations. By employing semi-automatic decision strategies, which ask the user to decide regarding the privacy of some of the locations, the accuracy rate raises to 90 %.


Context awareness Privacy Crowdsourcing Usability 


  1. 1.
    Anthony D, Kotz D, Henderson T (2007) Privacy in location-aware computing environments. IEEE Pervasive Comput 6(4):64–72CrossRefGoogle Scholar
  2. 2.
    Arthur C (2011) iPhone keeps record of everywhere you go. The Guardian, Wednesday, 20 AprilGoogle Scholar
  3. 3.
    Balebako R, Leon PG, Mugan J, Acquisti A, Cranor LF, Sadeh N (2011) Nudging users towards privacy on mobile devices, in workshop on persuasion, influence, nudge and coercion through mobile devices (PINC). In: Proceedings of the 2011 annual conference extended abstracts on Human factors in computing systems (CHI EA '11), New York, NY, USA, ACMGoogle Scholar
  4. 4.
    Barkhuus L, Brown B, Bell M, Sherwood S, Hall M, Chalmers M (2008) From awareness to repartee: sharing location within social groups. In CHI’08, pp 497–506Google Scholar
  5. 5.
    Benisch M, Kelley P, Sadeh N, Cranor L (2010) Capturing location-privacy preferences: quantifying accuracy and user-burden tradeoffs. Pers Ubiquit Comput 15(7):679–694Google Scholar
  6. 6.
    Bilton N (2010) Price of facebook privacy? Start clicking. New York Times Article, New YorkGoogle Scholar
  7. 7.
    Costa P, Almeida J, Pires L, van Sinderen M (2008) Evaluation of a rule-based approach for context-aware services. In: Global telecommunications conference, 2008. IEEE GLOBECOM 2008. IEEE, pp 1–5, 30 2008-Dec 4Google Scholar
  8. 8.
    Cranshaw J, Mugan J, Sadeh N (2011) User-controllable learning of location privacy policies with gaussian mixture models. In: Proceedings of the twenty-fifth conference on artificial intelligence (AAAI-11)Google Scholar
  9. 9.
    Dey A, Abowd G, Salber D (2001) A conceptual framework and a toolkit for supporting the rapid prototyping of context-aware applications. Human Comput Interact 16(2–4):97–166Google Scholar
  10. 10.
    Do TMT, Blom J, Gatica-Perez D (2011) Smartphone usage in the wild: a large-scale analysis of applications and context. In: Proceedings of the 13th international conference on multimodal interfaces, ICMI’11, pp 353–360. ACMGoogle Scholar
  11. 11.
    Duckham M, Kulik L (2005) A formal model of obfuscation and negotiation for location privacy. In: Gellersen H, Want R, Schmidt A (eds) Pervasive computing, (Lecture Notes in Computer Science), vol 3468. Springer, Berlin, pp 243–251Google Scholar
  12. 12.
    Gedik B, Liu L (2008) Protecting location privacy with personalized k-anonymity: architecture and algorithms. IEEE Trans Mobile Comput 7(1):1–18CrossRefGoogle Scholar
  13. 13.
    Heipke C (2010) Crowdsourcing geospatial data. ISPRS J Photogramm Remote Sens 65(6):550–557. ISPRS Centenary Celebration IssueCrossRefGoogle Scholar
  14. 14.
    Hesselman C, Eertink H, Wibbels M (2007) Privacy-aware context discovery for next generation mobile services. In: International symposium on applications and the internet workshops, 2007. SAINT workshops 2007. IEEE Computer Society 2007, Hiroshima, Japan, 15–19 January 2007. doi:
  15. 15.
    Hong JI, Landay JA (2004) An architecture for privacy-sensitive ubiquitous computing. In: Proceedings of the 2nd international conference on mobile systems, applications, and services, MobiSys ’04, pp 177–189, New York, NY, USA, ACMGoogle Scholar
  16. 16.
    Iachello G, Smith I, Consolovo S, Abowd G, Hughes J, Howard J, Potter F, Scott J, Sohn T, Hightower J, LaMarca A (2005) Control, deception, and communication: evaluating the deployment of a location-enhanced messaging service. In: Ubicomp’05, Springer, pp 213–231Google Scholar
  17. 17.
    Khalil A, Connelly K (2006) Context-aware telephony: privacy preferences and sharing patterns. In: CSCW’06Google Scholar
  18. 18.
    Machanavajjhala A, Kifer D, Gehrke J, Venkitasubramaniam M (2007) L-diversity: privacy beyond k-anonymity. ACM Trans Knowl Discov Data (TKDD) 1(1):1–52Google Scholar
  19. 19.
    Nissenbaum H (2004) Privacy as contextual integrity. Wash Law Rev Assoc 79:119–158Google Scholar
  20. 20.
    Palen L, Dourish P (2003) Unpacking "privacy" for a networked world. In: CHI’03, pp 129–136, New York, NY, USA, ACMGoogle Scholar
  21. 21.
    Priedhorsky R, Terveen L (2008) The computational geowiki: what, why, and how. In: Proceedings of the 2008 ACM conference on computer supported cooperative work, CSCW’08, pp 267–276, New York, NY, USA, ACMGoogle Scholar
  22. 22.
    Roche S, Propeck-Zimmermann E, Mericskay B (2011) Geoweb and crisis management: issues and perspectives of volunteered geographic information. GeoJournal 1–20. doi: 10.1007/s10708-011-9423-9
  23. 23.
    Sadeh N, Hong J, Cranor L, Fette I, Kelley P, Prabaker M, Rao J (2009) Understanding and capturing people’s privacy policies in a mobile social networking application. Pers Ubiquit Comput 13(16):401–412CrossRefGoogle Scholar
  24. 24.
    Toch E (2011) Super-Ego: a framework for privacy-sensitive bounded context-awareness. In: Proceedings of the 5th ACM international workshop on context-awareness for self-managing systems (CASEMANS’11), AugustGoogle Scholar
  25. 25.
    Toch E, Cranshaw J, Drielsma PH, Tsai JY, Kelley PG, Springfield J, Cranor L, Hong J, Sadeh N (2010) Empirical models of privacy in location sharing. In: Proceedings of the 12th ACM international conference on ubiquitous computing, Ubicomp’10, pp 129–138, New York, NY, USA, ACMGoogle Scholar
  26. 26.
    Tuttlies V, Schiele G, Becker C (2009) End-user configuration for pervasive computing environments. In: International conference on complex, intelligent and software intensive systems, 2009. CISIS’09, pp 487 –493, MarchGoogle Scholar
  27. 27.
    Westin A (1967) Privacy and freedom. The Bodley Head, LondonGoogle Scholar
  28. 28.
    Ye M, Yin P, Lee W-C, Lee D-L (2011) Exploiting geographical influence for collaborative point-of-interest recommendation. In: Proceedings of the 34th international ACM SIGIR conference on Research and development in Information Retrieval, SIGIR’11, pp 325–334, New York, NY, USA, ACMGoogle Scholar
  29. 29.
    Zheng VW, Zheng Y, Xie X, Yang Q (2010) Collaborative location and activity recommendations with gps history data. In: Proceedings of the 19th international conference on World wide web, WWW’10, New York, NY, USA. ACM, pp 1029–1038Google Scholar

Copyright information

© Springer-Verlag London 2012

Authors and Affiliations

  1. 1.Faculty of EngineeringTel Aviv UniversityTel AvivIsrael

Personalised recommendations