Comments
yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Expo on Google News
SYS-CON.TV
Cloud Expo & Virtualization 2009 East
PLATINUM SPONSORS:
IBM
Smarter Business Solutions Through Dynamic Infrastructure
IBM
Smarter Insights: How the CIO Becomes a Hero Again
Microsoft
Windows Azure
GOLD SPONSORS:
Appsense
Why VDI?
CA
Maximizing the Business Value of Virtualization in Enterprise and Cloud Computing Environments
ExactTarget
Messaging in the Cloud - Email, SMS and Voice
Freedom OSS
Stairway to the Cloud
Sun
Sun's Incubation Platform: Helping Startups Serve the Enterprise
POWER PANELS:
Cloud Computing & Enterprise IT: Cost & Operational Benefits
How and Why is a Flexible IT Infrastructure the Key To the Future?
Click For 2008 West
Event Webcasts
Who Owns a User's Location?
Who Owns a User's Location?

As location-based wireless Internet services become more advanced, so does end-user security and privacy technology. The notion that an application or business can "track" a mobile user is creating major privacy concerns.

The wireless Web, labeled by many as "The First Big Market Opportunity of the 21st Century," has driven developers and businesses to "mobilize" their services, implementing new ideas for the delivery of content to wireless devices and generating additional revenues. However, today's wireless Web applications are simple ports of utility-based Internet applications (e-mail, headlines, and skinny stock quotes) that do not leverage the differentiating factor between one mobile user and another - location. Neither do these applications capitalize on what wired networks will never possess - mobility.

Rendered possible by the convergence of technologies, including wireless, Internet, and mobile locating technologies, a new world of applications is poised to enamor consumers and businesses: location-based services. To enable such services, the actual physical location of a user has to be revealed and the risk of misuse and abuse has the industry and federal regulatory bodies seriously looking at concerns over users' location privacy. At the same time technology providers are anticipating the regulatory requirements and are developing state-of-the-art systems to bring visionary perspectives to real-world hurdles.

This article explores the current market conditions as they relate to location-based services (technology and perspective), provides a brief overview of the current legislative initiatives and, most important, offers an explanation of the technology solutions being deployed to put users in control of their location information.

Location-Based Services Defined
Current market conditions recognize two basic forms of location-based services: location-blind, where a user is pulling wireless content from the Internet, and location-aware, where a user has to input location to receive information relevant to his or her surroundings. A third form of location-based services is poised to emerge from the convergence of the Internet, wireless communications, and mobile positioning technologies. These locating technologies are being deployed as a result of the Federal Communications Commission's (FCC) E911 mandate that requires carriers to be able to locate their wireless users with a reasonable level of precision.

This new generation of applications, labeled Location Precise Services (LPS), is now emerging as one of the most exciting topics in mobile communications. LPS involves a software process that utilizes the geophysical location of the mobile device as part of its algorithm for generating presentation content. The software and mobile network infrastructure requirements of LPS are fundamentally different from those required to support traditional mobile applications.

The first element to consider in LPS is the locating technologies used to identify the location of the user. The most basic level of user location capabilities is to simply extract from a carrier's network the cell tower identification that's routing the call, then geocode that cell tower location and provide a relative precise location of the user. Depending on density and number of cell towers, the level of service accuracy may vary widely.

Because the response time to emergency police and fire department calls is critical, the FCC has mandated that carriers implement more precise technology than cell tower ID for locating their wireless customers. To meet these precision requirements, a multitude of technologies are being tested and deployed.

The E911 mandate makes a distinction between embedded GPS solutions and network-based locating methods whereby GPS solutions must be accurate to 50 meters while network-based methods have a less stringent requirement of 150 meters. GPS methods use signals generated from 24 government satellites orbiting the Earth to determine the position of the mobile device. While accurate to a few meters, GPS signals are difficult to receive indoors. Another disadvantage to GPS solutions, from a carrier's perspective, is that the user is required to purchase a new mobile phone equipped with GPS technology. Many carriers may be averse to risking "churn," as a customer purchasing a new phone might switch carriers.

Network-based methods present an alternative to GPS. At a very high level, network-based solutions involve triangulating the radio emission of the phone or using radio frequency multipath "fingerprinting" to identify the most likely position of the radiating source. Providers of multipath method solutions offer significant performance advantages over triangulation, particularly in urban environments, with reported accuracy of 30 meters being quoted by major manufacturers of multipath systems. While still less accurate than GPS, and perhaps more expensive for the carrier to deploy, network-based methods work on existing wireless phones, which means a massive locatable user base and reduced churn for the carrier.

With the development of locating technology, it's clear that the critical attribute in the wireless value chain will be the ability to pinpoint, in real time, the location of users so as to create this new world of offers, services, and mobile-commerce (m-commerce) and location-commerce (l-commerce) opportunities. Many analysts are forecasting that LPS will be the "killer app" of the wireless Internet.

And Privacy in All of That?
The notion that an application or business can "track" a mobile user is creating major privacy concerns. The major reason for such concerns about user privacy is the fear of a Big Brother threat - the idea that users' location information could be used for reasons they don't understand or can't control, or even to harm them. Privacy is thus at the center of active discussions at the FCC, Federal Trade Commission (FTC), and the Congressional level, and is being actively addressed, from a regulatory perspective, by numerous organizations such as the Direct Marketing Association (DMA), the Wireless Advertising Association (WAA), and the Cellular Telecommunications & Internet Association (CTIA). Examples of the burgeoning activity related to privacy concerns include:

  • One of the first bills introduced in Congress this year would make it a criminal act to send a solicitation to a wireless device without that individual's express permission. Rep. Rush Holt (D-NJ) has been one of the most vocal opponents of "spamming" and first introduced this bill at the end of the last Congress last fall.
  • The 1999 Wireless Communications and Public Safety Act permits release of location data in emergencies, for wireless telephones specifically, but the FCC's definition of what constitutes a phone is still legally unclear.
  • The UK Data Protection Commission's interpretation of the European Commission's (EC) Directive on Data Protection in the Telecommunications Sector may make it illegal to use wireless location technology for advertising purposes, even if customers have opted to receive location-based marketing.
With these concerns floating at the surface of an emerging and revenue-generating industry, all concerned industry bodies have been extremely proactive to ensure and demonstrate their positive stance toward protecting user privacy and eliminating, from the get-go, issues that have plagued some Internet initiatives.

The CTIA adopted the following wireless privacy guidelines in October to be presented to the FCC and the FTC:

  • Consumers need to be informed that information on their location is being collected.
  • Consumers need a meaningful opportunity to proactively opt in for location services, provide consent to the collection of location information before the data is used, and be made aware of exactly what is being collected.
  • Service providers must ensure the security and integrity of any data collected and must permit the customer reasonable access to it to ensure its accuracy.
  • These guidelines apply across the country, across all types of platforms, whether they be handhelds, wireless phones, or PDAs, and across all the businesses involved, whether they be carriers, handset manufacturers, or third parties.
Similarly, the WAA is seeking to establish voluntary guidelines for member organizations that set acceptable standards for using Personally Identifiable Information (PII) and for responsible advertising, marketing, and m-commerce in this emerging wireless medium. These guidelines address the creation of a privacy policy, notification of data collection and usage, choice and consent, wireless spam, data security, and access. Specifically, "the WAA does not condone wireless targeted advertising or content (push messaging) intentionally or negligently sent to any subscriber's wireless mobile device without explicit subscriber permission and clear identification of the sender," according to the organization's mission statement. While the WAA guidelines are often similar to those created by other organizations, in some cases the WAA requires a higher level of permission from consumers, particularly for wireless "push" marketing.

Pull vs Push Services
The concern of push marketing is quite different from what we are currently experiencing on the wireless Internet. Virtually all location-based services that exist today are "pull" services, meaning that the mobile user must initiate a request for location-based information. Services such as Vindigo, AvantGo, and the more recently announced Yahoo! Local Information are good examples of pull services. In most instances, pull applications are designed to provide a mobile user with information relative to a static point of interest. For example, a mobile user may request the location of movie theaters or restaurants within a particular zip code. While pulling information from the wired Internet is a relatively simple process, initiating a similar request from a mobile device can be comparatively time-consuming and frustrating, given the inherent user interface (UI) limitations of mobile devices.

These limitations have driven applications developers and businesses to explore proactive push services, whereby content is delivered automatically to the mobile user. These solutions afford the mobile user the continued convenience of a small and familiar device without the inconvenience of inputting information each time a location-based service is requested. We can also easily envision a future in which the mobile user is also a point of interest, thus enabling the dynamic creation of location-based communities of interest. An application of this concept is a dating service whereby users with compatible attributes are notified of one another's profiles, particularly when these two individuals are near each another.

Third-generation LPS has the capability to proactively initiate services without the user making an explicit request. Such self-initiating services are said to operate in push or "trigger" mode. A trigger is therefore a condition arising in part from the geophysical location of the mobile device and in part as a result of conditions that are met to fire an action based on user-defined rules.

Trigger mode services will overcome many of the current problems with mobile applications, which include general user aversion to making even a simple request via keypad or stylus. These services have the beauty of providing the user with relevant information and services when and where the user needs them without the user having to ask.

Inherent to proactive systems is the risk of mobile users being spammed with information that's not of interest to them, quickly raising privacy issues and concerns. Therefore, combining present regulatory concerns and a visionary perspective is critical for any software process development to ensure compliance and user satisfaction.

To address privacy issues, providers of services will have to go well beyond the simple posting and mandatory obedience of privacy policies. The first step in the process is to clearly understand the audience and the needs of that audience. We can easily envision three types of LPS users with specific attitudes toward their location information, either as a general rule or as a function of specific applications, including (1) "never-on location information," (2) "never-off location information," and (3) "let-me-choose how to disclose my location information." This latter category will further be divided into a "user initiated" versus "user programmed" (let-me-choose how to disclose my location information) scenario.

As the users in the never-on category will only benefit from location-based services in a pull mode request, it can easily be assumed that privacy concerns will less likely affect those users as they'll be required to initiate a location request when and where they need it.

Therefore, the major privacy concern with regard to LPS revolves around the notion of push services rather than pull services.

As experienced in the Internet world, a category of users will elect a never-off location information as they will trade that functionality for perceived added benefits such as free-services (be it voice and or data minutes, access to applications, etc.). Also, certain demographic studies tend to show that Gen-X and Gen-Y users are less concerned about privacy issues, valuing the never-off access capabilities far more than the perceived risk of location-information abuse.

However, it seems that the overwhelming majority of users will maximize their wireless experience by selecting option (3), let-me-choose how to disclose my location information. Operating under an overall umbrella of "opt-in" conditions, these users will find added relevance and personalization from the ability to influence how their location information is accessed by various applications.

Put Users in Control
To meet these challenges, innovative companies have made it their mission to ensure such functionalities. My company, Gravitate, Inc., of South San Francisco, for example, offers a complete end-to-end solution to carriers and applications developers to integrate a total privacy solution. The combination of three core technologies will ensure the privacy protection of users as mandated by current governing bodies:

  1. Location Publisher: Using a sophisticated, Java-based publish and subscribe model, a user's location is published into the Gravitate Platform. To access the location information of the user, each application is required to subscribe to the location publisher, using the Gravitate GXpert Time and Location Privacy Filter.
  2. GXpert: Offers carriers, applications developers, and users a state-of-the-art time and location privacy filter to control who, when, and how location information is being used and accessed. In addition, GXpert also allows users to create facts and rules to allow for the delivery of opt-in trigger-based services.
  3. Personalization: At a deeper level, applications developers and users are provided with the capability to define specific profiles so they can receive more relevant content when and where they need it most.
Technologies such as these help eliminate the risk of spam and misuse of location information while still allowing the triggering of LPS. GXpert, for example, acts as the mobile user's personal secretary or agent, providing a filter between location-based services and the user's applications. GXpert knows what LPS a user has subscribed to, which ones are available, and how to manage a user's preferences.

For example, each time a user's location has been updated, either because the user moved to a new location or the user requested a location update, GXpert assesses and decides which services can "see the user." After learning the user's preferences and privacy parameters, GXpert can become a valuable assistant to the mobile user. When the user is commuting to work, GXpert checks the traffic and allows the traffic application to contact the user only when there's a traffic jam ahead. The traffic application is automatically invoked by GXpert when the user begins the commute. At no other time will the traffic be checked unless the user gives GXpert instructions to do so. Under another scenario or application, when a user is out on the town on a Saturday night, other members of his or her "opt-in" dating service can "view" the user's location, but only because the user has given permission to GXpert to do so. GXpert invokes LPS according to the user's best interests.

When new services become available and users subscribe, GXpert will ask if users want their location disclosed to these new services and in which manner, allowing them to define the rules.

How Does It Work?
GXpert enables users to build simple or complex rules regarding their time and location privacy. Location bookmarks are used by GXpert to recognize venues that are important to the user. Users can tell the system to share their location with an application only in certain places and at certain times. For example, users might tell GXpert that they're invisible to a location-based dating service when they're at work or home. The expert system also allows users to specify how an application can deliver information to them. In this case, GXpert can allow the dating service to deliver notifications to users by SMS only.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

Just checking in to see what type of feedback if any you had on the article I wrote some time ago.

Pascal


Your Feedback
Pascal Stolz wrote: Just checking in to see what type of feedback if any you had on the article I wrote some time ago. Pascal
Latest Cloud Developer Stories
"ZeroStack is a startup in Silicon Valley. We're solving a very interesting problem around bringing public cloud convenience with private cloud control for enterprises and mid-size companies," explained Kamesh Pemmaraju, VP of Product Management at ZeroStack, in this SYS-CON.tv i...
In his session at 21st Cloud Expo, Carl J. Levine, Senior Technical Evangelist for NS1, will objectively discuss how DNS is used to solve Digital Transformation challenges in large SaaS applications, CDNs, AdTech platforms, and other demanding use cases. Carl J. Levine is the Sen...
"Codigm is based on the cloud and we are here to explore marketing opportunities in America. Our mission is to make an ecosystem of the SW environment that anyone can understand, learn, teach, and develop the SW on the cloud," explained Sung Tae Ryu, CEO of Codigm, in this SYS-CO...
High-velocity engineering teams are applying not only continuous delivery processes, but also lessons in experimentation from established leaders like Amazon, Netflix, and Facebook. These companies have made experimentation a foundation for their release processes, allowing them ...
"There's plenty of bandwidth out there but it's never in the right place. So what Cedexis does is uses data to work out the best pathways to get data from the origin to the person who wants to get it," explained Simon Jones, Evangelist and Head of Marketing at Cedexis, in this SY...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021



SYS-CON Featured Whitepapers
ADS BY GOOGLE