Currently location privacy settings of mobile operating systems are limited to the option of enabling or disabling the use of location completely or on a per-app basis. When location use is allowed, users always reveal their location in full precision even to apps that do not need it. For instance, weather forecast apps and navigation apps both get the most exact location a device can determine. Up to now, mobile privacy research was focused on the recognition and prevention of disclosure of private data. This includes location data, but does not extend to privacy in use cases where users do want to disclose their location — but not in full detail. However, the increasing adoption of smartphones entails the increasing use of location-based services as well. Users want to use these services, but have privacy concerns. As many location-based services do not require exact locations, user privacy can be increased by only disclosing location in such detail as required for the respective service to function. To enable users to restrict the accuracy of location data that is revealed to apps, we created a location privacy framework that allows per-app location obfuscation. The framework allows easy integration of different obfuscation algorithms into the Android system. We present both on-device obfuscation and service-based obfuscation and evaluate our framework.
展开▼