They must reduce the precision of the users input not the reported distances precision.
That's an interesting idea: randomly perturbing a user's reported location.
I've been developing a social network app that, in v1 (development was outsourced to someone else), sent the distance to a particular profile (I'm not sure how accurately). In v2, I wasn't sure what to do so I've left it out, but it's currently at number 3 on my TODO list.
In our case, it's pretty important to be able to do location sorting client side. We have the geo extensions for SQLite and are intending on using that.
So, question: if I randomly perturbed user's locations reported to the server by anywhere from 1-5 miles, would that be sufficient to ensure privacy, while also enabling the app feature, which only needs precision at the level of a few miles?
UPDATE: I thought about this some more, and what I'd do is the following:
1. Take the location of the device and make it imprecise, but accurate. For example, it could be anywhere within a five square mile radius, but it really would be within that radius.
2. On a per-user basis, pseudo-randomly but deterministically perturb the imprecise location for that user, to generate the stored location.
The second requirement is to prevent averaging multiple location updates for the same person over time, to pinpoint a location. Each user would have a different random, but deterministic offset for each five square mile area on the globe.
The perturbed location for that device in that area would be the same for everyone, so you wouldn't be able to merge the output of multiple users "view" of that device's location to increase accuracy, either.
It really depends on what your trying to do - you might be overthinking it. I think rounding all inputs to the nearest minute or two of latitude and longitude is probably sufficient for most cases... Basically, treating the world as a grid of some sort, and dealing in exact points at that level.
That's an interesting idea: randomly perturbing a user's reported location.
I've been developing a social network app that, in v1 (development was outsourced to someone else), sent the distance to a particular profile (I'm not sure how accurately). In v2, I wasn't sure what to do so I've left it out, but it's currently at number 3 on my TODO list.
In our case, it's pretty important to be able to do location sorting client side. We have the geo extensions for SQLite and are intending on using that.
So, question: if I randomly perturbed user's locations reported to the server by anywhere from 1-5 miles, would that be sufficient to ensure privacy, while also enabling the app feature, which only needs precision at the level of a few miles?
UPDATE: I thought about this some more, and what I'd do is the following:
1. Take the location of the device and make it imprecise, but accurate. For example, it could be anywhere within a five square mile radius, but it really would be within that radius.
2. On a per-user basis, pseudo-randomly but deterministically perturb the imprecise location for that user, to generate the stored location.
The second requirement is to prevent averaging multiple location updates for the same person over time, to pinpoint a location. Each user would have a different random, but deterministic offset for each five square mile area on the globe.
The perturbed location for that device in that area would be the same for everyone, so you wouldn't be able to merge the output of multiple users "view" of that device's location to increase accuracy, either.
I'd appreciate any and all feedback. Thanks.