Users Can Deduce Sensitive Locations Protected by Privacy Zones on Fitness Tracking Apps

要旨

Fitness tracking applications allow athletes to record and share their exercises online, including GPS routes of their activities. However, sharing mobility data potentially raises real-world privacy and safety risks. One strategy to mitigate that risk is a “Privacy Zone,” which conceals portions of the exercise routes that fall within a certain radius of a user-designated sensitive location. A pressing concern is whether privacy zones are an effective deterrent against common attackers, such as a bike thief that carefully scrutinizes online exercise activities in search of their next target. Further, little is known about user perceptions of privacy zones or how they fit into the broader landscape of available privacy precautions. This work presents an online user study (N=603) that investigates the privacy concerns of fitness tracking users and evaluates the efficacy of privacy zones. Participants were first asked about their privacy behaviors with respect to fitness tracking applications. Next, participants completed an interactive task in which they attempted to deduce hidden locations protected by a privacy zone; we manipulated the number of displayed exercise activities that interacted with the privacy zone, as well as its size. Finally, participants were asked further questions about their impressions of privacy zones and use of other privacy precautions. We found that participants successfully inferred protected locations; for the most common privacy zone size, 68% of guesses fell within 50 meters of the hidden location when participants were shown just 3 activities. Further, we found that participants who viewed 3 activities were more confident about their success in the task compared to participants who viewed 1 activity. Combined, these results indicate that users’ privacy-sensitive locations are at risk even when using a privacy zone. We conclude by considering the implications of our findings on related privacy features and discuss recommendations to fitness tracking users and services to improve the privacy and safety of fitness trackers.

著者
Jaron Mink
University of Illinois at Urbana-Champaign, Champaign, Illinois, United States
Amanda Rose Yuile
University of Illinois at Urbana-Champaign, Champaign, Illinois, United States
Uma Pal
University of Massachusetts Amherst, Amherst, Massachusetts, United States
Adam J. Aviv
The George Washington University, Washington, District of Columbia, United States
Adam Bates
University of Illinois at Urbana-Champaign, Urbana, Illinois, United States
論文URL

https://dl.acm.org/doi/abs/10.1145/3491102.3502136

動画

会議: CHI 2022

The ACM CHI Conference on Human Factors in Computing Systems (https://chi2022.acm.org/)

セッション: The Privacy of Everyday Smart Things

297
4 件の発表
2022-05-04 01:15:00
2022-05-04 02:30:00