# Protecting Spatiotemporal Event Privacy in Continuous Location-Based   Services

**Authors:** Yang Cao, Yonghui Xiao, Li Xiong, Liquan Bai, and Masatoshi Yoshikawa

arXiv: 1907.10814 · 2020-05-20

## TL;DR

This paper introduces a formal framework for protecting spatiotemporal event privacy in continuous location-based services, revealing limitations of existing methods and proposing a new privacy-preserving framework called PriSTE.

## Contribution

The paper formally defines spatiotemporal event privacy, analyzes the privacy leakage of current LPPMs, and proposes PriSTE to enhance privacy protection against any prior knowledge.

## Key findings

- Existing LPPMs do not adequately protect spatiotemporal event privacy.
- The PriSTE framework effectively enhances privacy protection.
- Experimental results show PriSTE's efficiency and effectiveness.

## Abstract

Location privacy-preserving mechanisms (LPPMs) have been extensively studied for protecting users' location privacy by releasing a perturbed location to third parties such as location-based service providers. However, when a user's perturbed locations are released continuously, existing LPPMs may not protect the sensitive information about the user's spatiotemporal activities, such as "visited hospital in the last week" or "regularly commuting between Address 1 and Address 2" (it is easy to infer that Addresses 1 and 2 may be home and office), which we call it \textit{spatiotemporal event}. In this paper, we first formally define {spatiotemporal event} as Boolean expressions between location and time predicates, and then we define $ \epsilon $-\textit{spatiotemporal event privacy} by extending the notion of differential privacy. Second, to understand how much spatiotemporal event privacy that existing LPPMs can provide, we design computationally efficient algorithms to quantify the privacy leakage of state-of-the-art LPPMs when an adversary has prior knowledge of the user's initial probability over possible locations. It turns out that the existing LPPMs cannot adequately protect spatiotemporal event privacy. Third, we propose a framework, PriSTE, to transform an existing LPPM into one protecting spatiotemporal event privacy against adversaries with \textit{any} prior knowledge. Our experiments on real-life and synthetic data verified that the proposed method is effective and efficient.

---
Source: https://tomesphere.com/paper/1907.10814