Preserving Location Privacy in Geo-Social Applications

Using geo-social applications, such as FourSquare, millions of people interact with their surroundings through their friends and their recommendations. Without adequate privacy protection, however, these systems can be easily misused, e.g., to track users or target them for home invasion. In this paper, we introduce LocX, a system that provides significantly-improved location privacy without adding uncertainty into query results or making strong assumptions about server security. Our key insight is to apply secure user-specific, distance-preserving coordinate transformations to all location data shared with the server. The users share their transformation secrets with their friends so they can apply the same transformation. This transformation allows all location queries to be evaluated correctly by the server, but guarantees that the server is unable to see or infer the actual locations from the transformed data or from the data access. We show that LocX provides privacy even against a powerful adversary model, and use prototype measurements to show that it provides privacy with very little performance overhead, making it suitable for use in today's mobile devices.