Privacy and the City: User Identification and Location Semantics in Location-Based Social Networks

TL;DR

This paper examines how location semantics in LBSNs can be exploited to identify users, revealing that certain venue types like residences are highly discriminative and that collective user behavior impacts re-identification risk.

Contribution

It introduces a simulation framework for user re-identification in LBSNs based on location semantics and analyzes the discriminative power of different venue types across multiple urban regions.

Findings

Residence venues offer high re-identification success.

User entropy does not necessarily correlate with identification difficulty.

Collective behavior influences user re-identification complexity.

Abstract

With the advent of GPS enabled smartphones, an increasing number of users is actively sharing their location through a variety of applications and services. Along with the continuing growth of Location-Based Social Networks (LBSNs), security experts have increasingly warned the public of the dangers of exposing sensitive information such as personal location data. Most importantly, in addition to the geographical coordinates of the user's location, LBSNs allow easy access to an additional set of characteristics of that location, such as the venue type or popularity. In this paper, we investigate the role of location semantics in the identification of LBSN users. We simulate a scenario in which the attacker's goal is to reveal the identity of a set of LBSN users by observing their check-in activity. We then propose to answer the following question: what are the types of venues that a malicious user has to monitor to maximize the probability of success? Conversely, when should a user decide whether to make his/her check-in to a location public or not? We perform our study on more than 1 million check-ins distributed over 17 urban regions of the United States. Our analysis shows that different types of venues display different discriminative power in terms of user identity, with most of the venues in the "Residence" category providing the highest re-identification success across the urban regions. Interestingly, we also find that users with a high entropy of their check-ins distribution are not necessarily the hardest to identify, suggesting that it is the collective behaviour of the users' population that determines the complexity of the identification task, rather than the individual behaviour.