Ant Club Trails: Privacy in Ubiquitous Computer World

Collaboration and information-sharing are among the most important applications of computing. Privacy is a basic human need.
Information-sharing and privacy are fundamentally in tension, and it is important to study the trade-off from both technical and social-contextual perspectives. The emergence of ubiquitous computing opens up radical new possibilities for acquiring and sharing information. However, privacy will be severely compromised without new approaches to information-sharing. This proposal explores a new methodology that provides much finer control over information exchange: only the information needed for the collaboration is shared, everything else is protected, and protection is provably strong. It is then possible to explore collaborative applications in ubicomp settings that are exciting but which would be impossible without the techniques we propose. Specifically, a class of collaborative applications called "Ant Club Trails" (ACT) will be developed. The idea behind Ant Club Trails is to combine information from the "trails" left by individual users, and to share it with other users by collaborative filtering in a way which protects individual privacy.
Several aspects of this work have been guided by sociological theory or critique:
(i) preserving privacy and understanding the risks imposed by several of today's technologies;
(ii) information-sharing is community-based, supporting heterophilous diffusion;
(iii) the proposed implementation is peer-to-peer, which allows all individuals to create and maintain communities, not just those with access to servers.
ACT allows users to share within communities that they create themselves (hence the extension of the ant trail metaphor to "clubs"). Within a community, people automatically share (no user action is needed) a variety of information about their location, purchases, and certain other activities. In turn, they receive recommendations about places, products, and services from their own communities and from others communities that allow such access. Information is gathered by location-sensing devices like cell-phones and GPS-enabled portable devices, as well as electronic wallets and other records of user purchases. This information is pooled with other users from the community to generate recommendations.
This proposal explores the tension between collaboration and privacy, and seeks to move this exploration to ubiquitous computing settings. Techniques will be outlined to handle a rich variety of everyday collaborative queries, based on information about purchases, location, and time. As well as infrastructure to deal with these data, it describes a general framework for "localizing" data. That is, to allow users to query the collaborative database with terms such as "near here," "about this time," or "like this item." This general framework will be defined abstractly so it can be generalized to other kinds of metric. The algorithms will be implemented on two testbeds: GPS-enabled cell-phones and PDAs. The ACT system will be deployed at the scale of at least 50 users, and user studies of it will be conducted.
The Ant Club Trails work will help increase individual privacy (cryptographic and information-theoretic) in everyday collaborative settings. It could serve as a replacement for server-based collaborative filtering systems on e-commerce sites, and move control of information from vendors to individuals through its peer-to-peer design. The techniques for collaboration with privacy open up other new possibilities such as surveys, questionnaires, and logging of user activity with provable privacy protections.