 Okay so the first bit is just to welcome everyone back because it's been a little while since we all got together and thanks for your activity in the Google group. So the idea is that yeah everyone now who might have been invited here is in that Google group. There are some people who originally joined and then haven't since joined the Google group so hopefully that's just because they don't want to. I hope we're not leaving anyone out but anyway whenever if you want to pass on this link that's totally fine people can join in and but to be in the Google group is best for people to be invited to the subsequent meetings and to be able to have some conversations. So we've got if you've clicked on to the agenda and the web page in the meeting invitation otherwise I'll just put it here in the chat. Just following this along today so there's a link to the meeting notes for the previous ones if you're interested for subsequent crucial or if you want to have a look at the meeting notes today I'll put that link in the chat too and then that's where we'll just be keeping notes going there so feel free to contribute to that. I can see a few people in there already and just make sure that people have edit access. Yeah everyone in this Google group has edit access so let me know if you want to access it and you can't for any reason. Okay so we have Adam one of our chairs who's going to be kind of taking this is our new format now so we just got the main agenda framework and then our chair a nominated chair does the middle bit with and organizes invites presenters who like to share information and we're very happy to have had presenters lined up so I'll hand over to Adam to take care of that bit. Hi everyone. Welcome to this discussion which we're going to talk about geo-privacy. I'm just going to paste the document that I've been assembling in chat you can go and have a look at if you can't get to it let us know in chat somewhere and we can work on the permissions for that but it more or less just provides an abstract for each of the three speakers that we have today so just by way of background I thought this would be a good topic to raise in a at the moment because we're seeing a lot of discussion in public around what means privacy and what means location privacy or geo privacy in the context of public safety and public health and data sharing and it is something that I've had a fairly long-term interested in interested in having worked a long time ago for the Australian Library and Information Association and covered a lot of more general internet privacy ground there and then a couple of years ago co-authoring a book chapter on what means good data and the idea of geo privacy popped up there as well in terms of what data do we want to keep private about ourselves and where we are and how can that be used or misused and also about a natural world like what what parts of what natural and cultural assets are worth keeping private it's going to refer to the notes that I've written out I was going to say there's a long document but from my point of view is I'm not an active researcher in the field so through this group I figured it was best to to get people along who work full-time on this stuff and talk about what means geo privacy and what what means how we can put frameworks around it some applications where we might or may not know our location data is being used and finally some active research projects so our first speaker today is Michael Reedy who's a coach here for this group is a spatial scientist and project manager with a background in design engineering managing the data and applications teams at the Oran network based at the uni of Melbourne and he's going to spend some time giving us key concepts around geo privacy and privacy frameworks and next speaker is John Smilly he's not here yet hopefully he turns up to talk about a commercialised use case for our location data that we may or may not know exists John's an e-research systems analyst at the RODC with a history as a developer and technical manager with the national computational infrastructure in UQ and Sira and finally our last talk today is from Peter Mitchell a researcher in Queensland University of Technology's Digital Media Research Centre with colleagues Marcus Froth and Marcus Rittenbrush were also here from QUT's design lab is leading an ASC funded project on location data geo privacy and everyday use of digital media so Peter will talk to us about their work and I only found this project very recently so it's really interesting to have these people have Peter and team come and talk to us about it so we've got a little less time pressure than I thought we'd have so what I thought we'd do is have our three presenters talk end to end and there'll be a little little bit of time switching over and swapping screens and stuff and while people are talking please feel free to use the chat window for asking questions and once our speakers are done I'll try and keep them to their their respective self-identified time limits we can have a chat and try and walk through all of the questions that we give all of the questions that we get in chat so and if you don't get time to answer all of them we'll try and follow up by email later on and just a final note people sometimes get passionate about geo privacy issues please try to respect it everyone has different viewpoints and there's plenty of space offline to have robust discussions especially once coffee shops and other things open up so Michael are you ready to share your screen and and Wade right in yeah thanks Adam I'll just get that up and running in a sec fantastic if you can all see the screen background I did my PhD years ago looking at intelligent mobility and demand I came across geo privacy when I was looking at the movements of people through cities and particularly around their pickup of locations so I guess I'm applying this at the moment really through our in a number of different ways or as being my day job but you're looking at well what are some of the sensitivities around data and what are some of the techniques that are out there to you know protect privacy in different ways in the way protect it I use very loosely and I'll sort of touch on this stuff during the presentation okay so I thought I start today with this question of why are people increasingly sharing their personal location information now I guess the reason I start off with this is because a lot of the the geo privacy literature has quite a long history but it's really become a lot more potent as people are actually downloading a lot more apps particularly for on-demand services whether that's things like it's things like Uber itself or other on-demand mobility applications and people really starting to think about well you know I do really want to have access to services on demand I want things to come to me or I want to have better efficiency around different things and a lot of the new apps being developed they're really trying to minimize I guess the number of clicks or buttons pressed I guess or touches on the screen to really improve the user experience in that user experience process what we're seeing is that typically the location information is something which is provided upfront in your agreement in the terms of use and offers information may not be I guess aware to the user but obviously it's in it's in there in terms of the terms of use so I guess we can we can think of a number of different questions in this space such as you know do you think about what you're giving away when you sign up to apps do you think about some of the trade-offs like the information that you're providing when signing up to an app versus the benefit that you're receiving from that and then why do we care so much about the data that's about us and our privacy so I guess I'm gonna have a number of different questions throughout this quick presentation to sort of get people thinking about some of the different things because we're going to touch on this stuff later on so I guess the Australian government's been aware of online privacy in a number of different ways for quite a while more recently through the office the Australian office the information commissioner in Canberra but also the state-based commissioners around information and data so this is the privacy awareness week which was actually done earlier this week so early this month which really sort of tried to educate people around the plethora of different devices that are out there which are connected to accounts and I guess a lot of this privacy does deal with every sort of day-to-day information which is shared in apps or some of this actually may have a location component as well and I hope some of the slides which I'll share in a moment will also hopefully sort of unpack a little bit of brown mat so I guess we starting off with the definition like what is privacy now this is an old definition and I'm hoping that maybe Peta can actually improve on this one later on but privacy being the claim of an individual or groups or institutions to determine for themselves when how and to what extent information about them is communicated to others and we're looking at privacy there are it's great that we have commissioners in Australia now and doing lots of different things this also does sort of come back to a lot of human rights aspects as well and when we're looking at facts of geo privacy I'll try to put definition around this which is actually you know quite contentious geo location privacy is the type of information privacy that is in concerned with the actual location information of an individual which I sort of pointed here as the app user which may flow through a number of channels to third parties understanding that information does flow from a device through to an internet provider through a whole bunch of different infrastructure out to other applications or third parties which may fit under other different things I guess the the chain or supply chain and on-demand services are quite long and I guess this this last thing I say what location information is is personal related to an individual it may or may not be deemed sensitive sensitive or not for an on-demand application to actually deliver something to you for example the location information is pretty critical so in some aspects we need to think about obviously what is the purpose of sharing the location information so I've got some what's the question today so a further question that's like do you use methods to protect your identity when you're using some of these apps such as do you route apps through some extra services to hide I guess the source or do you employ other methods to hide your location information using these apps some people do like using a neighbor's address or one further down the street in my research I was looking at maybe you might put down the street intersection nearby to you because that street intersection allows I guess multiple potential areas you could live in within I guess a neighborhood and I guess these methods of I guess we get come to a bit later on is more relating to a geo privacy model some of the the aspects we may use to hide things but really this question of what is a geo privacy model is really big and researcher Maria Maria Louisa Damiani who I spoke to during my thesis was looking at dividing this into three different areas the privacy goal the privacy mechanism and the privacy metric now the privacy goal is looking at well okay in an app this may refer to the level of protection of a user's anonymity whereas a geo privacy goal may relate to the protection of the user's true location so we have this distinction between the privacy goal and the geo privacy goal and the further goal may relate to the user's movement behavior as well over time and space so I guess when we start to unpack I guess the different dimensions here there's quite a lot going on we then move on to look at some of the privacy mechanisms employed by some of these apps there are a number of different techniques and if we were to consider such a thing as location obfuscation or actually hiding your location behind something a little bit larger from a I guess a spatial perspective we may look at okay let's map a point location to a region such as an essay to when looking at something like location perturbation this is more about taking that point and shifting it randomly in X and Y and sometimes it I guess is moving towards 3D cadastra we may look at the z dimension a bit more location confusion is a bit more abstract but this is where we actually do create a dummy location and you may have multiple dummy locations attached to you and the actual app would bounce around between those locations but only one of those is true and the third one here is actually full location suppression and this is where the location is actually blocked for some period of time when I guess the user is entering some sort of area or the zone where the area zone is everything or something specific this is related to what they call zone based privacy where you actually may not share your location if it's around something sensitive so with those ideas in I guess in the back of our lines we then come to I guess questions around well you know what are the legal aspects in Australia relating to privacy location privacy and there are a number of these and the app developers that are out there or people who are releasing data or information they're obviously looking at well okay the privacy act from 1988 which is a federal government commons law at the top and then underneath that there's the state based legislation in the Victoria it's the Privacy and Data Protection Act and there are other versions of these across the country so I guess the legal aspects of this hopefully we'll get into a bit later on we can sort of start to unpack some of the different things here and how we may I guess look at how all this privacy model and some of the mechanisms and whether or not that actually do satisfy some of the actual you know things in the act I don't probably have enough time to get onto the examples today because just consciously moving forward but there have been a number of different I guess big I guess examples of data privacy issues particularly around geo privacy issues in recent history the most notable was the Medicare Benefit Scheme or the NBS data release where the government actually released 10% of the NBS data set and researchers at the University of Melbourne actually were able to dive into that and re-identify individuals from that so whilst that may have employed some sort of location obfuscation or de-identification of of you of actually individuals they're actually able to re-identify that and the same researchers did the same thing with the Mikey data set the Mikey data set from Victoria was actually a data set which was released for a hackathon and they were able to go into that and say well actually I can see myself in this data and based on seeing myself I can then find someone else and in these first two examples what we actually saw was that if you had the primary I guess the primary de-identified data set the one up out there first there are a number of different points that can be added I guess into the data mix in a particular geographic area which allows re-identification to happen and I guess here we're looking at I guess what is the risk within privacy and also in this case we're looking at what is the risk and we're looking at risk of re-identification there may be risks associated with say physical harm or something like that if someone is actually tracking you which does come to the last item here which I just put up on the slide which is a recent one where there is quite a lot of research going into actually tracking people more around their behavior in cars now obviously initially I spoke about the trade-offs of location privacy and the benefit telematics in cars is presenting to you what a really big one which is just happening at the moment which is within the auto insurance industry which uses artificial intelligence and machine learning to really collect and analyze the data about an individual to see the way they drive so this isn't there I guess their privacy their job privacy we're now looking at the behavior within that as well their movement behavior and once again in order to sign up for I guess the discounted insurance or the better insurance you actually have to do some sort of trading off between things so I guess this leads to I guess some some questions around well how might geo-privacy hinder the creation and open sharing of data and how might geo-privacy impact on ethics and the way mobile apps are designed and in the google doc you'll see something in there about the our triple ethically aligned design version two document which is actually one of the leading ethical I guess design guides out there for mobile apps when it does touch on things like geo-privacy so that's pretty much it for me I will be to take some questions offline but hopefully enjoy that it's a bit of a primer for the rest of the discussion. Thanks Adam. Yeah thanks Marco that was really great I've just dumped a couple of questions in chat there and I'm feel free to keep adding more and we'll get to them all later just a quick question before we move on to John is everyone able to see the geo-privacy document containing all the speaker abstracts or topic discussions for today anyone not able to see it great okay John I saw you pop up earlier there you are you're able to show your screen and get going. I'll give it a go. Great thanks Feel free to reintroduce yourself as well. Yep so you can see a single slide there hopefully. Yep so I'd like to introduce myself John Smiley from ARDC so I'm a systems analyst with ARDC working across around the different projects that ARDC invests in on by now I'm in the GIS specialist or a privacy specialist that matter but I see a lot of services that are both produced and consumed by projects across the whole sector that ARDC is involved in and this particular service kind of process particular service around the time Adam was putting together this geo-privacy session and it seemed like it'd be a relevant example it's certainly raised some questions in my mind so this is a service called talk to location insights so it's offered up by a subsidiary of a software called Retify which is a company that's um software bought in 2016 an analytics and development firm um so what they're doing is offering up services offering up um dashboards to clients which give them an analytics platform into Telstra's uh broadband mobile broadband sorry mobile phone network so just um a bit of googling depending what statistics you believe certainly looks like you could believe that Telstra has a lot of data to draw on in this area so um something around the centre of the mobile phone market is stitched up by Telstra and then the point in Telstra's own figures they're covering more than 99% of the population by area and something around two or nothing in the square of the country but certainly you'd expect the you could believe they've got a lot of data to draw on in terms of tracking individuals mobile phone movements um in real time um so this is it's not something that you can access just on the plugs it's something with your approach to company and and from a like we got it from the website um uh you know put your needs to them and they'll come up with a platform or a set of services which which they identify and aggregate the um data around Telstra's mobile phone um database so just straight off their website they're offering up metrics like the origin and destinations of individual uh of accounts of phones moving and now particular origins and destinations they're offering up home locations uh drill durations now in time in a particular kind of just spending in a particular place um and they're suggesting that you have that example analysis you might be looking for is obviously things like infrastructure planning, transport infrastructure would be relevant in things like large events but also they've got one there tagged as behaving and i'm not exactly sure what that means but if you want why are you interested in uh you know doing analysis of how people's behavior um they offer up they'll offer up something to you um and this is all down to 15 minute resolutions so it's fairly um fairly fine growing in the scheme of things in terms of individual movements so um that's what i was able to dig up about this this particular services you know 20 minutes or so googling around and looking at the website um but i thought um there's some interesting things in there some interesting points in there certainly it's there's it seems to be a right to the center of your spatial privacy issues so um hopefully that's if you want to investigate more i can i can pass on some some links what i found so that's that's what i've got on that one all right um thanks thanks john as a telstra customer i'm pretty interested in checking out my tnc's to see if there's anything about that yeah yeah i don't know yeah i have a couple of questions which i'll i'll put in chat around that as well later for um michael and peter to to have a look at if they want um i think let's let's get peter talking are you happy to show your screen and get going fantastic thank you news as well can everyone see that okay yep great um yeah so thanks to everyone uh who's talked so far to michael and john it's been really really fascinating um so it's and it's really kind of set the uh the the context for the the project i'm i'm going to give a quick introduction to now which is very much focused on geo privacy but very much coming from the perspective of everyday digital media users how they use location based services and how they feel about sharing their location and the kinds of privacy trade-offs they make every day and so the setting this within a more i guess a political economy approach to understanding that location monetization industry and emerging policy and governance drivers around geo privacy so the project it's an australian research council funded discovery project that started in late 2018 and um and all the australian based members of the team are here at this meeting that's myself marcus ford and marcus rittenbrook we also have international collaborators in the uk in canada and the us and these collaborators are across media studies geography and human computer attraction or hci which is the sort of disciplinary spread of the project so in this quick overview of the project i'm just going to outline our findings so far so coming out of a survey we conducted in the first year of the project last year and i'll explain how we're starting to articulate these findings into a participatory approach for designing for embodied location awareness um just keeping our time um so here's just a you know no surprises here just a representative sample of location-based apps and media showing how just how pervasive location-based services and geo-media have become to everyday kind of navigation of our environment and the growth of smartphone ownership has seen rapid developments in location based services and it's got to a point where it's not actually hard to find a recently developed app that doesn't request access to your location in some form whether it's via gps or it might be through bluetooth as well and even though as we know um users must explicitly give consent for their location to be collected particularly through gps they may not understand fully understand what data is being accessed with these permissions how it's being used or who has access to it um also even though location monetization companies and i'll talk briefly about these as well that that buy and on sell location data from apps will regularly announce that they're only ever working with de-identified location data or or anonymous location data as we've already heard there's something from michael as well there's something eminently reidentifiable about location data uh so whether or not location data is directly connected to your your personal name it's not hard to identify habitual and personally identifying sites from this data such as a home or a workplace uh so um as i said in the abstract it's made location both an important but also particularly sensitive data point creating attention where it's necessary to share it's essential to share geodata in everyday digital media use but also extremely personal um so this is underscored by reports and surveys going back to 2016 like the european commission so commission location privacy report mentioned on this slide which sees location data as a looming privacy concern for public administrations and pure research going back to 2016 that found that location data is considered especially precious in the age of the smartphone and has a kind of special intimacy for the individual user uh at the same time location data has become big business location based marketing is one of the few advertising sectors that's witnessed growth in recent years and alongside this we've seen emergence of third party location monetization companies like sense 360 Teemo factual and cubic uh so as digital media become more location aware uh so too has the digital data economy which is increasingly built upon this substratum of of user-generated location data um so over the last two years we've also seen major international dailies uh headlining reports into location data and breaches of public trust like these from the wall street journal and the new york times in 2018 so these reports in turn have also spurred a number of legal cases including lawsuits against apps for deceptively obtaining location data a major class action against telcos like at&t and sprint for on-selling user location data and closer to home we've seen in the last six months the a triple c bringing a lawsuit against google for misleading android users about location privacy so if these lawsuits are any indication we're starting to see regulatory bodies beginning to play kind of catch up over location data and geo privacy so with that quick background then the overarching aim of our broader project is to rethink what location awareness might mean in the age of spatial media and continuous geo surveillance and our focus is on achieving this through employing design approaches to build greater public awareness of geo privacy and towards a more public a shared and public understanding of the everyday politics of geo data and locative media so while the aims of the project might generally align with the kind of digital literacy agenda we're cautious about this predominantly instrumentalist approaches to a deficit model of of location awareness so to this end the project it's now in its second year blends kind of digital methods digital ethnography and design led human computer interactional hci methods to design for location awareness so we're going to talk briefly about now the findings from our first year survey of australian smartphone users and finally speak to how this articulates to our developing participatory design phase that will engage participants across australia to to try to develop physical and digital interventions for location awareness so in um main june last year we conducted a survey of australian um smartphone users 13 years and older to kind of get a broader understanding of practices and attitudes towards location sharing across the country it blended qualitative and quantitative elements including a scenario that asks participants to choose whether or not to grant enough access to their location so we had 270 respondents to the survey and you can find the the report on our website if you're interested so we um it was it was informed by an extent expanded version of the technology acceptance model of tan so this was originally tan was originally devised in the eight 1980s and the the original formulation of it was that people would would accept a technology or start using it based on two related concepts and they were usefulness and ease of use and since then this has been expanded because people have become aware that it's more it's more than just usefulness and ease of use that means that that would encourage people to use a technology and it's it it's incorporated other um other factors such as perceived risk perceived trust risk and control as well and so this suggested a way for us to work through the kinds of privacy trade-offs people make between the usefulness of using location-based services it makes things quicker in a lot of ways but also the added risks and benefit like the the trade-off between risks and benefits so uh this is just a very like you can see at a glance the kind of demographics of the survey i'm not going to go into this but it's important to note that it was not a statistically representative survey but the purpose of the survey wasn't to get a rep a representative sample of australia but rather to try to elicit a broad range of responses to that question of location data sharing and privacy trade-offs um to just to give you our main headline findings we found that respondents overall did consider usefulness to be the most important factor followed by control privacy trust and ease of use so they were generally um more willing to trade off their privacy for usefulness and they also often suggested that sharing their location was the price they had to pay for access to these services so people would say you know the ease of use sadly outweighs possible concerns around privacy i must admit so they would see this as being a necessary trade-off uh anyone that they were willing to make um but uh they we did find that for for people there were key personal risks that overrode usefulness and these related to surveillance or intrusive or unwanted marketing um so people would find that you know loss of privacy was it was a key risk a key personal risk um as well as personal safety and security uh so and we would we would have these um these responses that really uh brought home some key issues so um this was a quote where somebody said our teenage daughter was being stalked and prior to us taking her mobile phone from her the stalker would turn up wherever she was we changed her school twice and moved three times before we realized the phone was the problem so we had some quite personal stories that people shared um and so we also found that trust and trust worthiness were important in decision-making around location sharing we found this through the scenario that we that we use that um that when people felt that they'd lost trust in an app that might have been sharing their data in a way it didn't disclose uh people felt personally kind of violated by this um and finally we found people were ambivalent about location highly ambivalent about location sharing this word came up quite a bit people say i'm ambivalent i'm not always aware of what the apps are doing and ambivalent i know that there's a trade-off um while others shared stories that demonstrated this ambivalence where they'd say as a woman um location based services can make me feel safer as i can share my uber status on the other hand it can make me feel unsafe um quite a number of mainly female respondents highlighted how geolocation as a technology made them feel both at the same time both at risk and safe um so our survey respondents repeatedly pointed out the daily negotiations that these apps required to main to to balance privacy and control and as i hope some of those quotes showed uh they were often emotionally or affectively charged and this is in turn kind of mirrored by what our international co-researcher Agnieszka Lyszynski has turned platform affects so geolocation has a kind of critical function in assembling trust within platforms so when the geospatial industry talks about trust and trustworthiness it's inevitably about the trustworthiness of the location data in order to provide the critical function but at the same time geolocation works to affectively affectively invest us as digital media users in platform ecosystems by assembling these effects of trust despite the risks that we know known and perceived associated with location sharing so um because location sharing is so emotionally charged the next phase of our project works more directly with everyday users of of of location services to design for location awareness because of covid 19 we've had to rethink our approach to this since our original fieldwork design which was meant to be happening now would have had us traveling Australia right now to run co-design workshops across the country uh so what we'll be doing instead in the coming months um is digital ethnographic interviews with smartphone users around the country involving design probes that elicit engagement and reflection on location sharing and geo-privacy which will then feed into co-design workshops next year which uh when hopefully we'll be able to get people in in a room together to develop a series of design interventions for location awareness um so i'll just leave it there that's okay um thanks Peter that was really great um and thanks also Michael and John um i have a few questions dumped in the chat does there's anyone else want to ask a question of our speakers or add anything to this discussion otherwise i'm just going to scroll up and walk through the questions i've written in all right i'll go so i think uh peter's outlined some some parts of my first question which was um what do you see as risks for location data release so unintended sharing of location data and what have you seen in practice so we've had that example from people being stalked are there any other um any other impacts you've seen from location privacy being disrespected i guess uh yeah i can provide a response there's just um there's sometimes just general creepiness so uh why does my phone like why is my phone recommending me this stuff that's nearby how does it know where i am that kind of thing but also um but also unintended leaks of information as well there was one in Australia just last year that was a family family location ship kind of a family tracking app that was meant to be about keeping your family safe and secure that was basically all this data was left on an unsecured um server that you could find if you knew where to look and it had lots of information about kids in there you know and their location so yeah so it's a kind of all levels from a general sense of creepiness to um to just on selling of this data to to marketing companies to um hacks and leaks and these sorts of things whether malicious or otherwise if somebody else wants to add to that i probably missed a few things so i guess that ties neatly to my next question which Michael might be able to answer like what one starters out there what are the characteristics that lead it to be readily re-identified if there's any sort of specific things you can wrap a ball around yeah um so i guess one thing i probably should have clarified and my presentation was um i guess the the preservation or the protection of the user's identity and this relates to i guess common methods where they may be a pseudonym or some sort of code associated and this often comes up in um individual record based data um so these are the sorts of data sets the aihw put out to researchers they're not out there publicly because of the issues but essentially for if a researcher has a project and they have a certain ethics statement in line then they can actually apply for this data now individual record data usually has a code um that's sort of is there to preserve the user's identity obviously the back end that code allows it to be linked across a whole bunch of other different data sets um which is very valuable for the federal government um but i guess the the first thing is to say we have this um uh anonymity or the way that the user's identity is actually anonymized um the second thing is then around the actual um the geolocation itself um and i guess that's where i guess we've we're seeing a lot of the new app stuff that you know peta discussed as well um the examples i provided around nbs and the mickey ones they were more around i guess the risk of re-identification which is really trying to figure out what that code or who that code relates to um rather than being uh more of a location obfuscation or perturbation type process so i guess we we have the split between i guess the identity and the geo privacy component but understand that the geolocation can be used to infer an identity as well so i guess we do have the two being linked um maybe peta would like to comment on i guess the link between the identity or the users um who they are um and their actual location and how there's a link between the two um particularly when we're looking at this i guess this concept um and i pasted a link in in um the geospatial um capabilities practice notes for today around that only two data points are enough to help spot yourself in a record and then as we start adding extra data in things start unpacking from there yeah and i think another um critical point to add with with this idea of continuous geo surveillance it's not just spatial data it's time stamps it's geo it's um spatio temporal data and once you have those two points together you can get roots right and you can track people through time and space if you've got an identifier that that links those data points uh which often you do and that's how a location based marketing works they can um so even if you're not identified by name you can be identified by your habitual roots and so if your data point goes back to a certain place it's sort of six or seven o'clock every evening you can be pretty certain that that's where somebody moves and that's so that's partly why it's so highly reidentifiable um and i don't know if this helps to segue into a question about the GDPR i i did some kind of um backwards tracing work with some of these location monetization companies looking at the um the internet archive to look at what their website said about what they did um prior to GDPR and afterwards and it was incredible how beforehand it was just like this is the new oil we've got all the data you want to after GDPR GDPR it's like it's entirely anonymized and freely given um you know with absolute consent uh this data and it was just the the shift in rhetoric uh but also knowing that that is not um that might be de-identified data but it is by no means not re-identifiable I'll probably do a link here back to the location sites stuff that John was talking about um and this idea of um aggregating data as well um which is um i guess has always been in Australia um when we're talking about health records um an easy way to take sensitive data and just aggregate to a very high geographic um unit like an SA3 or an SA4 um because obviously it's smaller units and we're looking at rural and regional areas you know you can start to sort of see things um now the Telstra location insights product from my understanding is that they will aggregate the data set to a unit which you know is obviously fit for purpose um and now as coming from the outside we don't know what aggregated units are the corporate people like getting um whether they're advertising firms or whatever it may be um we actually don't know the granularity of the aggregations um that's my understanding oh yeah thanks Peter and Michael like um I spent a a year and a bit working in a small defense-based startup that was looking at uh location-based services and wrestled with a lot of these problems and decided that most of the time it's a really bad idea um I'm seeing a few people from the earth observation community here as well so um hang on let's get to Kiran's question first so Kiran's just asked what is the thinking on how to balance between the utility of providing location details versus the reidentifiability when multiple data sources are combined so how do we balance usefulness and uh risk of reidentification I I think that's quite it can be hard to do and I think we see that with like um contact tracing apps for coronavirus right so in certain countries early on they tried to get out location tracking apps and certain countries have done that Poland Israel tried to but it got thrown out by their supreme court or something like that and so we see in that that location tracking would have sped up contact tracing radically it would have automated the process basically but it was not at all palatable to the general public and these tracing apps could only get begot through in certain jurisdictions or certain certain states and and the campaign that the Australian government did to say that that the covid safe app did not in any way track your location even though it potentially could through bluetooth uh was I think shows just how hard it is to balance those things um where contact tracing could have been sped up so rapidly uh through location tracking yeah I don't know if that kind of answers the question gives a recent um critical example okay thanks um I think I'll just add um the actual re-identification this is a lot of uncertainty around that component um what when well my perspective is that when an organization wants to take a data set and make it open um the risk of it being re-identified is actually blocking um the release of the data um because a lot of organizations don't have the capability to even look at the technicalities of re-identifying a data set or to figure out well what what are the steps involved to make a data set I guess suitable for opening up um here I'm talking about my experiences and the water and energy data space of the stuff that they were saying around well we've got this valuable data but yeah you know we can't open any of up because we you know once you throw in machine learning or AI the mix plus future data sets which may be utilized in the next five or ten years which can actually be pulled together um there's lots of risk there and John I don't know if you can speak to that that Telstra data set as as well um it's quite interesting that one of the um one of the the court or the the um one of the legal things that I was talking about was based on enhanced 911 data which was um that all of these telcos in the US were able to use and they started on selling that data to um to third party to third parties that weren't allowed to have it but we've just brought this in to Australia this um this enhanced location for emergency services and whether or not there's concerns around that with Telstra being able to then on sell this this kind of data as well I don't know if you've got anything you can say about that no look I don't really know look I've only really looked at the their website and what they you know put up which is obviously more a sales brochure than anything else yeah so that is yeah it's interesting I wasn't actually even aware of that so I'm very I'm very interested to look into it too and see well they've got a contact form I mean you know I'm interested in finding out everything about my neighbors what can you do for me got a question I have a question yeah um just for clarification are we only concerned about privacy of individuals or also privacy concerns of data location data concerns of companies because in internet of things will provide a deluge of data also from companies that they might not want to disclose but just because these devices are located will give people information that the company might not want to disclose yeah uh speaking for myself that that's outside the scope of the project I'm working on but yes I mean certainly there's this all of these these devices are very leaky and there are risks both for individuals and for and for companies in mineral resources we looked at data pooling because there's a recognized benefit in pooling data that is though from a business perspective sensitive for the companies contributing the data and because of the spatial nature we could show that obfuscation and or encryption is not possible mathematically not possible so we then piloted the project to look at that from the perspective of game theory to see under which circumstances is beneficial for all stakeholders to pool the data and I thought that was an interesting approach because it then looked at the this balance that we talked about under which circumstances is it good for me or under which circumstances should I not share my data and what did you find like what was the what were the ideal conditions that's a bit too complex for the last few minutes that I have and I would have to look at it again but it was there was no easy answer and it were quite quite special conditions you see that again in precision agriculture and other um location-based services that to then it everybody has to be happy there's it's a consensus process in the context of Jens's example there's also the infamous case where I think American soldiers using Fitbit leaked enough information that people could deduce the layout of army bases overseas just by measuring where they were running the Strava data breach yeah there's a link in the chat to that one yeah yeah this unintended security breach through Strava yeah yeah so I just want to get to Rob Atkinson's question here um is there any agency functional standards available for governments to manage those risks of data being reidentifiable yes that was sort of getting back to Michael's comments about government um lacking uh the capacity to be able to make those judgments and that's holding up data access um is there any thought or movement or existing capability is there some place that's resourced for them to go to to get that specialised expertise or is it just a uh an open problem I was going to say that um I guess my experience is more working with the private sector um I guess uh looking at um government um the people are obviously the office of the Australian Information Commissioner as I mentioned before but there are connections to others so they're different the next year down different states um and technically um there's been a number of calls around how to do this and in Victoria for example there's the Victorian Centre for Data Insights um they're one of the groups in the Victorian government who actually take the data and help different groups handle it but my understanding is that they're very busy and um yeah the questions can't get through fast enough but maybe Peta has something else to add I I don't have anything um to add to that it's it's it's not something that I have it's something I do have to look more into um but I'm not um I'm not entirely over that just yet and and yeah the focus that I've had is how um you know how our how our governance bodies responding to this uh to everyday you like privacy issues around everyday users like the ACCC and um and Google Maps but we're we are seeing this kind of flexing of of um legal muscle over over location data but I'm not conscious of um of a particular agency to uh specifically around kind of reidentifiability data uh beyond um what Michael already said yeah yeah I think without that they just they just fall back to the easiest example where they obfuscate to an aggregation level which is you know very high and therefore unfortunately not that useful for researchers in different ways okay kind of makes sense but Ta. Um all right so we're we're one minute to go so thanks everyone for coming and thanks to our speakers for the great conversations and Peter and Michael for some fantastic insight into geo privacy I just want to no worries um I just want to finish by touching back on Jens's part of where Jens was going like what what about the geo privacy of things that are particularly people who have smartphones so somebody can to consider offline um in the age of continuous earth observation um you know what about the right of cultural and natural assets to stay hidden from view but um we don't have time to discuss it right now so let's maybe hit the email list if you want to keep going and Melanie are there any wrap up things we need to do uh no just a reminder too to please participate in the group group um chat on all sorts of things tangential whatever you want to say and um we do maintain that spreadsheet of resources and recommended presentations and outputs that we might want so that's linked to from the agenda as well so keep that in mind and yeah please we want to hear from you how we can um continue and grow in directions that people are interested in thanks Melanie all right thanks everyone thanks Melanie okay cheers all thank you bye thank you bye