|
Home
The
Problem
The
Solution
Nuts
and Bolts
Applications
Advantages
Patent
Contact
|
Misc. details on the method
The area to which phones in nonpublic areas are blurred
is inversely related to the density of population/cell phones. Details.
The anonymization can be accomplished in real time, so that privacy-compromising
location data will never enter the dataset.
The value of the tracking data will be enhance where each track
comes with a demographic profile. A demographic profile can probabilistically
assigned to each track, based primarily on the neighborhood in which
the device started its day. For example, one might start with the
assumption that a device that began its day in a neighborhood that
is 70% upper income Caucasian has a 70% chance of belonging to an
upper income Caucasian.
No device should be tracked for too long because the longer the
record from a given device, the more distinctive becomes the track,
and the more easily one can identity the owner of the device. Tracking
each person for a relatively short period of time (as is necessary
to keep their track from becoming distinctive and identifiable)
does not reduce the value of the data as much as one might have
expected because “Individuals
display significant regularity, because they return to a few highly
frequented locations, such as home or work.”
The data for a given metro area will be collected over a number
of days to ease the burden, and because such a "rolling sample"
will assure that the data will contain useful variation (e.g. weekdays
and weekends; rainy days and sunny days).
Nielsen's data collection practices, and the ubiquity of reality
shows on television show that many people will be happy to give
up some privacy in exchange for compensation.
Here's one way in which recruitment and data collection might work:
- Ask selected individuals if they would be willing to carry
a smaller-than-cellphone device for 24 hours, in exchange for
compensation. Explain that the device would record their location,
but that no identifying information about them would be used,
and that no one will be able to identify them from their track
because their location will be blurred when they are not in public;
- Send the device to consenting individuals with a postage-paid
return envelope, instructions, the address of a Web site where
they can obtain additional information, and a toll-free number.
Inform them that their payment will be processed when the device
is returned, having collected data for 24 hours.
The device itself can be quite simple. It is not necessary for
the device to transmit the location data; rather,
the data can be downloaded from each device when it is returned.
So, the device need only be a GPS receiver with some memory and
a battery that can power it for 24 hours.
Such a device can be inexpensive, and will be reused.
Alternatively, cell carriers can assist with data collection. Verizon
and Nextel
now offer aGPS-tracking services. In other words, carriers are already
selling nonanomyized aGPS tracking data to consenting subscribers.
Presumably, with the subscriber's opt-in consent, they would be
willing to sell anonymized tracks to a third party.
Obtaining tracks from a statistically valid sample will make it
possible to obtain the most valuable data with a minimum of effort.
Having an independent auditor certify the anonymization regime
will:
- Give the cell phone company confidence in the system;
- Give the people being tracked confidence in the system; and,
- Give those using the data confidence that they won't get in
trouble for using privacy-violating data.
What can you do with this data?
|
|