New Technology Gives Users Control over Sharing of Cell-Phone Location Information

Researchers from Lucent Technologies' Bell Labs have developed new software technologies that would enable users to tightly control how their location information is shared when using location-enabled mobile devices such as cell phones and personal digital assistants. In a paper to be presented here at the 2004 IEEE International Conference on Mobile Data Management going on this week in Berkeley, Calif., Bell Labs researchers will describe a method for users to specify what location information is shared, and when, with whom, how and under what circumstances.

Today's location-based services promise incredible access in an ever increasingly connected world, but they do not support the possibility that a user's willingness to share location data may depend on a range of factors including recent and current activities, time of day and who is requesting the data -- in other words, an individual's context. Bell Labs' newly developed Privacy-Conscious Personalization (PCP) framework relies on user preferences to intelligently infer context such as working or shopping, and then determines with whom location information should be shared.

When a user's location or other information is requested, it is analogous to someone making a query of a database. In this case, the request is checked against the user's preferences and filtered through a high-performance rules engine, known within Bell Labs as "Houdini," before any action is taken. Since location and other mobile services require near-real-time performance, this entire process can take a few milliseconds or less.

"The Bell Labs PCP framework promises to give mobile users the benefits they want from sharing location information without having to buy into a wholesale surveillance mechanism," said Jason Catlett, president of Junkbusters Corp., a privacy advocacy firm. "The fine-grained options, allowing the user to consent to disclosure of location according to place, time and person are important to avoid being monitored 24/7."

Bell Labs' current research is based on the belief that privacy isn't a "yes or no" question, but rather a spectrum of possible answers based on a wide range of factors and user situations. Today's location-based services are limited in capability -- mobile users can choose to show their location to everyone, to an explicitly selected group of buddies, or only to authorized officials in emergency situations using government-mandated Enhanced 911, known as E911. Currently available location tracking services are essentially "one size fits all" -- users do not have the ability to tailor this capability to meet their individual preferences.

How it works
The PCP framework would enable consumer and business users to specify which individuals, groups or businesses can see where they are based on the users' preferences. For example, during working hours, field salespeople may opt to have their presence visible to their boss, no matter where they are, but come 5:30 p.m., location sharing with their boss can be disabled. However, a salesperson may enable important customers to see his or her presence at anytime, but only with an accuracy of up to 10 miles. This is especially helpful when that salesperson is visiting an important customer's competitor, for example.

As for the problem of unsolicited pitches from retailers, whether in the form of coupon spamming or Short Message Service advertisements, this technology enables users to specify which kinds of businesses are allowed to see their location in a particular context, if at all. For example, users may be interested in receiving a coupon from their favorite coffee retailer only when shopping, or on weekends before 9:00 a.m., or when within one mile of a golfing buddy. If none of these conditions holds, those users and their locations would not appear to that retailer.

A key challenge in personalization of telecommunications services is that different kinds of factors and preferences are relevant to different applications (e.g., sharing location information vs. call-forwarding) and different classes of users (e.g., office workers vs. students, basic users vs. power users). Bell Labs' PCP framework would enable network operators to pre-configure and offer different preference "palettes" tailored to these different applications and classes of users. As an example, these palettes could have drop-down menus pre-populated with the kinds of rules most relevant for specific classes of users, so they can quickly set their own preferences on personal computers, or cell phones.

"Bell Labs' technology would give end-users more explicit control over how their network data is interpreted and shared with different requestors of location information in near real time," said Rick Hull, director of Network Data and Services Research at Bell Labs. "By offering powerful personalization capabilities, network operators can roll out new revenue-generating location services that also cater to the varying privacy needs and desires of different classes of users."

Service providers around the world have acknowledged that having a policy engine to enforce privacy of user location information is a must-have capability, and commercial trials of Bell Labs' technology are currently being discussed. The Houdini rules engine is already being used by Lucent in prototype demonstrations of context-aware location-based services on mobile devices, as well as in preferences-driven call forwarding and blocking using both circuit-based and session initiation protocol phones. The commercially available version of Houdini, known as Vortex, forms the policy management part of Lucent's MiLife Intelligent Services Gateway, a product that allows Internet- and Web-based applications to access data and services in wireline and wireless telephony networks.