Location, Privacy, Standards and the Citizen

By Carl Reed III

"Recent inventions and business methods call attention to the next step which must be taken for the protection of the person, and for securing to the individual what Judge Cooley calls the right "to be let alone." This quote comes from Samuel Warren and Louis D. Brandeis' 1890 legal essay "The Right to Privacy," written partially in response to the "new" technology making it possible to publish a person's photograph in a newspaper. It is just as apropos today as it was over 100 years ago.

I just read a news editorial on new technology about to be deployed that integrates video surveillance with facial recognition with tracking software. And any IP-enabled device can be geo-located using logical network addresses that indicate where an Internet user is physically located (Patent 6,947,978). Maybe not a concern for some but consider that in IPv6, when a mobile device registers presence, an IP address is assigned that is persistent and stays with the device regardless of how many cellular or Wi-Fi networks the device moves through. Now throw in privacy concerns about the use of active RFID, location-enabled cell phones, the ability to monitor locations of all your financial transactions, the vision for intelligent transportation systems and location directed advertising, and pretty soon you can understand why there is a growing concern about the ability of an organization to track any individual on a fine-grained location basis and to monitor his or her daily activity.

Taken individually, each of these technologies has potential societal benefit that may outweigh specific privacy concerns. Emergency response to a 911 call, finding your "buddies" using geo-enabled cell phones, tracking patients through a hospital, security video cameras on buses - these are all excellent applications with societal benefits. However, collectively and with no legal or regulatory oversight, the potential for abuse could far outweigh the current benefits.

These applications work because the subscriber (you) has an "identity," and by "opting in" to use the desired application, your "presence" as you move through space (the network) is noted and tracked. As an individual, you are probably also concerned about your privacy. Same with many others.

In the standards world, there is the recognition that identity and privacy exist in a dialectical relationship, and that one of the great challenges we face with location-sensing technologies - and indeed, a whole host of pervasive computing technologies - is developing tools that let us be creative with the ways we project our identities in public, without accidentally eroding privacy.

The remainder of this article discusses in very general terms the work of three standards organizations related to location, the individual and the right to privacy: The Open Mobile Alliance, the Internet Engineering Task Force and the Open Geospatial Consortium. There are working collaborations between all three of these organizations such that there is significant collaboration and a strong level of harmonization of the standards work related to location between them.

The Internet Engineering Task Force (IETF)
The IETF is "a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet." The mission of the IETF is to produce engineering documents and standards that influence the way people design, use and manage the Internet. Within this context, there is an IETF Working Group dedicated to privacy, location and the Internet. The primary task of the GeoPriv Working Group is to assess the authorization, integrity and privacy requirements that must be met in order to transfer location information, or authorize the release or representation of such information through an agent.

In addition, the working group has selected standard encodings for use in representing location. A key task has been to enhance these formats and protocols to ensure that the security and privacy methods are available to diverse location-aware applications. Approaches considered include (among others) data formats incorporating fields directing the privacy handling of the location information and possible methods of specifying variable precision of location. The IETF has agreed to and approved a variety of Internet standards - what the IETF call RFCs - related to location objects and privacy, and can be found here.

The Open Mobile Alliance (OMA)
The mission of OMA is to "facilitate global user adoption of mobile data services by specifying market driven mobile service enablers that ensure service interoperability across devices, geographies, service providers, operators, and networks, while allowing businesses to compete through innovation and differentiation." In 2001, the Location Interoperability Forum (LIF), now the OMA Location Working Group, agreed on a document titled "LIF Privacy Guidelines."

In essence, the LIF recommendation is to offer location services in such a way that the controller (the person or juridical person who controls the privacy preferences) must be able to give his/her informed consent for collection and disclosure of location data. This consent is referred to as the opt-in principle, in contrast to the opt-out principle, where the controller must actively decline location data from being shared with others. Further, the controller must be able to specify that any location data will be erased when the requested service has been delivered or made.

The LIF Privacy Guidelines help frame how privacy and location are managed in all related OMA specifications. For example, consider the OMA SIP/SIMPLE Presence Service specification which references and is based on numerous IETF RFCs. The OMA SIP/SIMPLE document defines an application level specification and the presence information semantics for presence information conveyed using the Presence Information Data Format (PIDF), the Rich Presence Information Data Format (RPID), and geographical information conveyed in an IETF GEOPRIV location object (which is a GML application schema as specified in [RFC4119]).

The Open Geospatial Consortium (OGC)
The OGC is an international voluntary consensus standards consortium participating in a consensus process to develop publicly available interoperable solutions that "geo-enable" the Web, wireless and location-based services, and mainstream IT. The mission of the OGC is to make geographic information ubiquitous. Within this context, the ability to ensure trusted use and an individual's privacy is critical. There are two components to privacy and the work of the OGC: security and rights management.

The OGC membership recently started a Security Working Group (WG). It is the mission of the Security WG to establish an interoperable security framework for OpenGIS Web Services to enable protected geospatial information processing. The objectives of this Working Group are: The authentication (proof of identification) as a requirement for establishing access control and the licensing of geospatial information; access control as it regulates the availability of on-line or mobile applications of geospatial content; and use of encryption to protect the communication establishing reliable mechanisms for partners to exchange geospatial content. The Security WG members do not want to develop new standards but want to define best practices for using existing standards from the IETF, OMA, and the Organization for the Advancement of Structured Information Standards (OASIS) for ensuring trusted security of geospatial content.

A related OGC effort, begun in 2005, is the work of the GeoDRM Working Group. The work of this group is of interest to the geospatial community in that many geospatial data providers - including individuals who opt in to location-enabled consumer applications - need to control or track who has access to their data and how that data is used. The current lack of a Geospatial Digital Rights Management (GeoDRM) capability is a major barrier to broader adoption of Web-based geospatial technologies. The mission of the GeoDRM Working Group is to coordinate and mature the development and validation of work being done on digital rights management for the geospatial community.

Again, this Working Group does not want to develop new standards. Instead, it spent 18 months developing a GeoDRM Reference Model. This document will soon be a member-approved component of the OGC Abstract Specification. This document is a reference model for digital rights management (DRM) functionality for geospatial resources. As such, it is connected to the general DRM market in that geospatial resources must be treated as nearly as possible like other digital resources, such as music, text or services. It is not the intention to reinvent a market that already exists and is thriving, but to make sure that a larger market has access to geospatial resources through a mechanism that it understands and one that is similar to those already in use. The next activity of the WG will be to define implementation profiles of the GeoDRM reference model for existing standards and technology, such as the Open Digital Rights Language, the OASIS Security Assertion Markup Language and eXtensible Access Control Markup Language, and the work of the IETF.

Conclusion

According to the National Highway Traffic Safety Administration, about 64 percent of the model 2005 cars sold in the United States were equipped with event data recorders. Similar to the so-called black boxes in airplanes, these systems continuously monitor a variety of statistics, and preserve their most recent readings if the vehicle crashes. Essentially, these devices record an individual's driving habits. What if insurance companies used this information to compute insurance fees and the police used it to target speeders? How many drivers know that these devices are being installed in all new vehicles? Standards work can only address how to implement technology to protect an individual's privacy. Standards can be used to implement privacy policy. They do not set policy. Therefore, it is extremely important for the geospatial community to understand and work together to ensure that ubiquitous geospatial information is not used in other than a trusted manner and to secure an individual's right to privacy.


Published Tuesday, November 21st, 2006

Written by Carl Reed III



If you liked this article subscribe to our newsletter...stay informed on the latest geospatial technology

© 2016 Directions Media. All Rights Reserved.