DEPERSONALIZING LOCATION TRACES
First Claim
1. One or more computer-readable media comprising computer-executable instructions for removing personally identifiable information from user trails, the computer-executable instructions directed to steps comprising:
- receiving a first user trail comprising a first set of discrete locations of a first computing device, the first user trail having personally identifiable information;
modifying the first user trail to generate a new first user trail without the personally identifiable information by removing the personally identifiable information by performing at least one of;
replacing a turn in the first user trail with a sequence of equivalent turns, each of which differs from the identified turn;
replacing at least one segment of the first user trail with one or more segments differing from the replaced at least one segment, the one or more segments having a same starting point as the replaced at least one segment and a same ending point as the replaced at least one segment;
dividing the first user trail into two or more sub-trails by identifying segments of the first user trail that are to be part of one of the two or more sub-trails as having been generated by a different computing device; and
exchanging a portion of the first user trail with a portion of a second user trail intersecting with the first user trail, the exchanged portions of the first and second user trails having the intersection as an endpoint.
2 Assignments
0 Petitions
Accused Products
Abstract
Positional information is provided while minimizing the possibility that personally identifiable information can be derived therefrom. Positional information is received in the form of trails that can be aggregated. Individual cells of a grid reflect a quantity of aggregated trails through those cells, an average intensity and direction of movement through those cells, or a more detailed distribution thereof. Alternatively, individual trails are aggregated to an aggregated trail in the form of a line. Further obfuscation of personally identifiable information occurs by resampling aggregated positional information, by introducing false positional information, or by falsely modifying existing positional information, in a manner that does not impact the overall aggregations, and by pruning, or deleting, positional information, especially around sensitive locations, such as a user'"'"'s home, place of business, or other location that users typically would seek to keep private. Provision of positional information is delayed until a sufficient amount is received.
-
Citations
20 Claims
-
1. One or more computer-readable media comprising computer-executable instructions for removing personally identifiable information from user trails, the computer-executable instructions directed to steps comprising:
-
receiving a first user trail comprising a first set of discrete locations of a first computing device, the first user trail having personally identifiable information; modifying the first user trail to generate a new first user trail without the personally identifiable information by removing the personally identifiable information by performing at least one of; replacing a turn in the first user trail with a sequence of equivalent turns, each of which differs from the identified turn; replacing at least one segment of the first user trail with one or more segments differing from the replaced at least one segment, the one or more segments having a same starting point as the replaced at least one segment and a same ending point as the replaced at least one segment; dividing the first user trail into two or more sub-trails by identifying segments of the first user trail that are to be part of one of the two or more sub-trails as having been generated by a different computing device; and exchanging a portion of the first user trail with a portion of a second user trail intersecting with the first user trail, the exchanged portions of the first and second user trails having the intersection as an endpoint. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. One or more computer-readable media comprising computer-executable instructions for removing personally identifiable information from user trails, the computer-executable instructions directed to steps comprising:
-
receiving a first user trail comprising a first set of discrete locations of a first computing device, the first user trail having personally identifiable information; receiving at least two other user trails; and generating an aggregated trail by aggregating the first user trail with the at least two other user trails by performing at least one of; defining a grid comprising grid cells through which the first user trail and the at least two other user trails pass and generating an indicator for individual ones of the grid cells signifying a quantity of the first user trail and the at least two other user trails that pass through the individual ones of the grid cells; and generating a segment between a first point on the first user trail and a second point on a first aggregated trail comprising an aggregation of the at least two other user trails, identifying an average point on the generated segment representing a weighted average between the first point and the second point; and
modifying the first aggregated trail to pass through the average point. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A method for removing personally identifiable information from user trails, the method comprising the steps of:
-
receiving a first user trail comprising a first set of discrete locations of a first computing device, the first user trail having personally identifiable information; modifying the first user trail to generate a new first user trail without the personally identifiable information by removing the personally identifiable information by performing at least one of; replacing a turn in the first user trail with a sequence of equivalent turns, each of which differs from the identified turn; replacing at least one segment of the first user trail with one or more segments differing from the replaced at least one segment, the one or more segments having a same starting point as the replaced at least one segment and a same ending point as the replaced at least one segment; dividing the first user trail into two or more sub-trails by identifying segments of the first user trail that are to be part of one of the two or more sub-trails as having been generated by a different computing device; and exchanging a portion of the first user trail with a portion of a second user trail intersecting with the first user trail, the exchanged portions of the first and second user trails having the intersection as an endpoint.
-
Specification