A. Contribution

  1. Problem addressed by the paper

Protecting location privacy with ease of use for general users.

  1. Solution proposed in the paper. Why is it better than previous work?

Previous works are less feasible for general users. They usually require OS modification thus makes it difficult for general users. This paper (LP-Doctor) contributes:

  1. providing users with privacy model that maps each app’s location access to a privacy metric.
  2. making decision on behalf of the users to avoid interrupting their tasks and makes privacy protection more usable.
  3. employing per session location access granularity to provide better trade-off based on users’ choice.
  4. The major results.

It provides easy to use location privacy protection successfully with low overhead (less than 10% energy overhead, less than 50ms delay).

B. Basic idea and approach. How does the solution work?

They study location access by apps and analyzed their privacy metrics. Then they develop an app, LP-Doctor, which is easy to use and provide location access protection by giving per-place prompts and notifications. It also gives granularity options that makes it easier for the user to choose better trade-off.

Anatomization_and_Protection_of_Mobile_Apps’_Location_Privacy_Threats_pdf

C. Strengths

  1. The idea is quite novel and feasible for general users compared to previous works.

D. Weaknesses

  1. LP-Doctor is inapplicable to navigation apps that require precise location to work.
  2. LP-Doctor cannot protect users against apps that acquire user’s location from other sources, such as scanning for WiFi access points. Giving users an option to turn off WiFi is not feasible because most users would need to use WiFi.
  3. LP-Doctor does not apply privacy protection to apps continuously accessing location in the background. This is understandable since it needs operating system feature currently not available in Android.

E. Future work, Open issues, possible improvements

  1. Further research to protect users from being located by WiFi access points scanning should be done. Turning off WiFi should not be the only option to protect user’s location while accessing the WiFi. Perhaps we could introduce some location noise/obfuscation while using WiFi. We could also provide fake WiFi access point location.