Geoprivacy: Location Masking Strategies and Personal Identification Ris

Geoprivacy grants individuals freedom from undesired sharing of their location data. This dissertation examines and evaluates attempts to protect geoprivacy by both researchers and the public. This work begins with a discussion of geomasking, traditionally conceived as a set of procedures applied by researchers who wish to share sensitive georeferenced data with others. Geomasking aims to balance between preserving spatial distributions and preventing the disclosure of individual identities. The shortcomings of established geomasking methods are discussed, and a new technique, Voronoi masking, is introduced and evaluated in Chapter 1. Household privacy is calculated using a nearest neighbor analysis, and spatial divergence is measured by a cross-k function and cluster analysis. Voronoi masking is demonstrated to be distinctively equipped to balance between protecting both household privacy and spatial distribution, compared to three established techniques.;In response to the shortcomings of geomasking techniques to consider auxiliary identifying data, as well as the ethical implications of moving point data to new households, Chapter 2 introduces a topology-based framework for evaluating both correct and false household identification risk. The risk of false identification is examined in four masking techniques: random perturbation, donut masking, and the newer Voronoi and MGRS masking techniques. Voronoi masking is the most dissimilar to the others in that it results in 90% of cases being displaced to the boundaries between correct and incorrect parcels. Using a map-based experiment with participants of varying education levels, Chapter 3 tests the topological framework of Chapter 2, finding that the privacy risks of correct and false household identification are substantially lowered when masked points are situated equidistantly between residential parcels, compared to other topologies. Despite initial notifications that data are masked, map users often report confidence in assigning masked points to specific households. Only map users who receive frequent notifications that the points are masked have reduced confidence in associating them with particular households, thereby lowering both correct and false identification risk.;In Chapter 4, the predictors of individual-level location masking are examined. Using a probability-based sample and an open online sample in California, this study finds that in situ masking behavior by internet users is higher with an online recruiting method, but is consistent across demographic groups. A key attitude influencing whether or not participants choose to mask location is trust in websites to protect personal data. Overall, high knowledge about how location is transmitted electronically and concern for privacy are positively correlated with masking behavior. Collectively, these studies add to a growing body of literature on geoprivacy and introduce new means to protect it.