Temporal Limits of Privacy in Human Behavior
Vedran Sekara, Enys Mones, H{\aa}kan Jonsson
TL;DR
This paper demonstrates that human behavior data from smartphones is highly unique, enabling re-identification of users with minimal app data, and reveals seasonal and temporal variability in this uniqueness.
Contribution
It provides the first large-scale analysis of behavioral re-identification risks over time using smartphone app data, highlighting privacy vulnerabilities.
Findings
91.2% of users can be re-identified with four apps
Behavioral fingerprints drift over time at a constant rate
Seasonal variability affects the uniqueness of behavioral data
Abstract
Large-scale collection of human behavioral data by companies raises serious privacy concerns. We show that behavior captured in the form of application usage data collected from smartphones is highly unique even in very large datasets encompassing millions of individuals. This makes behavior-based re-identification of users across datasets possible. We study 12 months of data from 3.5 million users and show that four apps are enough to uniquely re-identify 91.2% of users using a simple strategy based on public information. Furthermore, we show that there is seasonal variability in uniqueness and that application usage fingerprints drift over time at an average constant rate.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.