Abstract

Location-based social networking services are becoming increasingly popular among the multitude of mobile applications. The new location sharing functionalities made possible by GPS-based mobile phones, however, also raise two main privacy issues: users are typically limited to a only few built-in options that do not support fine-granular or even changing privacy preferences, and location data are often implicitly shared with service providers in the process. This paper argues for a new group- based architecture for privacy-aware location sharing, developed starting from a use-case analysis of sharing patterns and a brief review of existing privacy options in today’s popular location-sharing applications. This is complemented by a stakeholder discussion with a view towards identifying the various location privacy threats. Based on this analysis, we present a decentralized architecture for location sharing, based on the popular XMPP instant messaging platform, which supports sharing location information at different granularities directly with different sets of contcts. This gives more flexibility to users in terms of sharing patterns, thus providing more privacy as users can decide in detail what kind of location data to share with whom. The system also avoid the central disclosure of all user location data to the service provider, by either employing private servers or relying on end-to-end encryption between contacts.