0

I am developing an app that uses the user's location to be displayed on a map with other users.

I want to ensure that all users have a bit of privacy when it comes to their location being displayed openly to other users, so I am hoping to just set their location with a specified offset (lets say 1 mile) and display the "edited" location to all other users while still showing the "exact" location to the current user.

Example - If I am looking at the map, I want my "user location" (the blue dot) to be somewhat exact, while all other player's will see my location slightly offset from the real location.

What is the best way to achieve this?

JimmyJammed
  • 9,598
  • 19
  • 79
  • 146
  • [here you are.](http://en.wikipedia.org/wiki/Spherical_trigonometry) –  Nov 07 '12 at 19:05

2 Answers2

1

I think the question you actually want the answer to is this:

How do I convert the user's location into an "approximate location" in a way that preserves the user's privacy?

It's not an easy problem:

  • Offsetting by a specific distance doesn't work:
    • There's a trivial attack if the direction is fixed.
    • If the direction does not change often enough, then the attacker only needs to wait to identify what looks like a road.
    • If the direction changes too often, then they'll tend to form a 1-mile circle around the target's house/work.
  • Offsetting by a random distance/direction doesn't work; the attacker just needs to collect enough samples; the clusters will likely be centered on the target's home/work.
  • Quantizing to a grid naively (e.g. "X is within this grid square") will tell you when the target crosses a grid boundary. This is especially bad if the target lives on a grid boundary.

Here's something that works a little better, but wil still (eventually) give away the user's location:

  • Pick an (approximately) 1-mile grid. For a "square" grid, you could use the Pierce quincunxal projection (there are four points of infinite distortion but you can make those all at sea — it looks like you can limit distortion on land to a factor of 2). There are also projections onto cube and, for a triangular grid, an icosahedron.
  • When you first need to report the user's location, give the nearest point on the grid. Also pick a threshold distance between 1 and 2 grid "squares", or so.
    • While the user is within the threshold distance of the center of the grid square, continue to report the same grid square. Otherwise, repeat.

It'll still eventually be obvious if the user happens to live on a grid boundary. There are various ways to attempt to fix this problem (e.g. a bias to reporting grid squares you've reported before), but these will eventually fail.

This seems a lot like trying to remove a digital watermark (the user's actual location) by using lossy compression (the approximation process) while producing an output image/audio (approximate location) that sounds/looks like the original. (The analogy works a little better if you treat the "watermark" as the user's daily habits, which will be visible in the output unless you know exactly what those habits are and can remove them.)

Or in signal processing terms: A low SNR simply means you have to listen for longer to extract the signal.

tc.
  • 33,468
  • 5
  • 78
  • 96
0

Are you showing everyone else as a pin? It might be strange if you show a pin at an exact location but the other user isn't there. For example if someone was a mile north and you showed their pin at the same location as the current user. Maybe you should display the other users with an MKOVerlay circle, and then use some calculation base on a userID to shift it slightly off centre so that people don't find out that it is always shifted 500m east and thus easily see here people are.

Whether or not you change the display, the code you seek is here: Get the GPS coordinate given the current location, bearing and distance

Community
  • 1
  • 1
Craig
  • 8,093
  • 8
  • 42
  • 74