ZipPhone: Protecting user location privacy from cellular service providers

TL;DR

ZipPhone is a privacy-preserving method that uses strategic connection timing and identifier renewal to significantly reduce user location identifiability in cellular networks, balancing privacy and utility.

Contribution

It introduces ZipPhone, a novel approach leveraging existing cellular infrastructure to enhance user privacy through connection timing and identifier management.

Findings

Users can reduce their identifiability by up to 45%

Renewing identifiers every ten minutes improves privacy

Minimal utility loss with strategic offline periods

Abstract

Wireless service providers track the time and location of all user connections. Location inference attacks have been effective in revealing the identity of anonymous users of wireless services. In this paper, we propose ZipPhone, a solution that leverages existing cellular infrastructure to improve user privacy. Spartacus allows a community of users to strategically time their connections to remain anonymous while incurring a minimal loss of utility. We evaluate ZipPhone from the perspective of a cell service provider and a community of privacy-seeking users, and quantify the privacy/utility trade-off of ZipPhone using two datasets containing cell tower logs of hundreds of users. We present and assess a deanonymization algorithm that uses both location profiling and trajectory linking. We find that by renewing identifiers every ten minutes and remaining offline for 30 seconds, users can reduce their identifiability by up to 45%.