06 April 2017

Geoprivacy

‘Geoprivacy’ by Agnieszka Leszczynski in R Kitchin, M. W. Wilson and T. Lauriault (eds) Understanding Spatial Media (SAGE, Forthcoming) examines
the ways in which the rapid proliferation and resulting pervasiveness of spatial media are radically reconfiguring norms and expectations around locational privacy. 
Leszczynski  comments
Over the last decade, there has been an extensive commercialization of all things ‘geo’ (Leszczynski 2014; Wilson 2012). This may be evidenced in the current ubiquity and ordinariness of locationally-enabled devices, mapping platforms, spatial interfaces, geosocial applications, and myriad location-based services in the spaces and practices of the everyday. Many of our quotidian digital media practices are spatially oriented. They depend on the availability of geocoded information as functional inputs to the applications and services that we regularly use. We generate spatial content as intended outputs or byproducts of our interactions with spatial media, at times unbeknownst to us. Locational affordances such as GPS, WiFi, Bluetooth, and gyroscopes are now standard features of most digital devices. Our mobile devices, operating systems, and applications log and transmit our personal spatial information as data, sometimes unencrypted and passed in the clear. Many of the applications and services we use on a daily basis ask for permission to access these locational affordances upon installation, or harness them in the background without our knowledge. Much of the digital content we produce and share is or may easily be geocoded. The rise of crowdsourcing allows us to generate geodata not only about ourselves but also about others, with or without their consent (Ricker et al 2014). Simultaneously, as we move through the urban fabric, we and the devices we carry on our persons register our time-stamped presences as data events against myriad sensors distributed across the extensively monitored landscapes of the smart city (Kitchin 2015). Elsewhere, our presences are captured as temporally decontextualized visual elements of commercial spatial fabrics assembled by corporate giants such as Google (Street View) and Microsoft (Bing StreetSide) (Elwood and Leszczynski 2011).
Locational privacy has until quite recently been defined in terms of societal norms latent in the presumption that as we move through the material spaces of our daily lives, our locations are not being surreptitiously and systematically monitored, recorded, stored and later repurposed in ways that are compromising of our safety, security, and/or confidentiality (Blumberg and Eckersley 2009). Yet in the networked locational data and device ecologies of spatial media and the parallel realities of living under conditions of continuous geosurveillance (Kitchin 2015), these presumptions no longer hold. With spatial media, our movements, behaviors, and actions in, through, and across space are easily and seamlessly digitally generated, captured, registered, leaked, intercepted, transmitted, disclosed, dis/assembled across data streams, repurposed by ourselves and others. Our personal spatial data flows freely and without friction across and between interoperable and synergistic geo-enabled devices, platforms, services, applications, and analytics engines.
Existing definitions of locational privacy such as the one offered above are individualistic, emphasizing a negatively defined rights oriented approach to privacy – for example, the right to not have one’s location monitored and recorded when going about quotidian activities in space. Privacy, however, is being relocated from the individual to the network, where privacy violations and harms increasingly occur beyond the site of the individual. For example, privacy harms arise not only from the capture of an individual’s movements as data, but also their disclosure, sale, repurposing and analytics by subsequent parties (Marwick and boyd 2014). In the networked ecologies of digital practice, controlling the flow of one’s personal data is difficult, impractical, and arguable unfeasible (Marwick and boyd 2014; The White House 2014).
Privacy harms and violations do not arise solely from the disclosure of individuals’ locations, or from their being placed on a map. New possibilities for privacy harm and violation are presented by the inherent relationality of spatial data as well as the spatio-temporal nature of geodata events. Spatio-temporal data – data that includes spatial as well as temporal referents - allows for the tracking and reconstruction of not only position but also movement of individuals. The intrinsic relationality of big data phenomena (boyd and Crawford 2012) means that individuals’ spatial information may be easily correlated with other kinds of personally identifying information (PII). For example, it may be used to infer political, social, and/or religious affiliation based on co-proximity and co-movement with others, revealing membership in particular groups (Soltani and Gellman 2013). The relational nature of geodata furthermore presents new possibilities for privacy violation stemming from the ways in which location is functionally synonymous with, and a data proxy for, identity (de Montjoye et al 2013). Simultaneously, individuals’ locations may be algorithmically inferred to a high degree of accuracy from other digital metadata (for example, temporal referents), removing the necessity of direct locational data disclosure on the part of individuals themselves (Priedhorsky et al 2014).
Encompassing more than solely location, then, a broadened concept of ‘geoprivacy’ must account for the emergent complex of potential privacy harm and violation that may arise from a number of nascent realities of living in a (spatial) big data present: i) from the spatial-media enabled pervasive capture and repurposing of individuals’ personal spatial-relational and spatio-temporal data; ii) from the ways in which individuals cast digital footprints as they move across the numerous sensor networks of smart cities; iii) from the circulation and analytics of these data, which position individuals as spatially vulnerable in various and unprecedented ways; and, iv) from the inability of individuals to control highly personal flows of spatial information about themselves in networked device and data ecologies.
Networked data and device ecologies are not unique to spatial media but characterize much of mundane everyday digital practices and digitally-mediated interactions with others (persons, content, and hardware/software objects). As compared to other kinds of personally identifying information (PII), however, geolocation is uniquely sensitive in terms of the kinds of information it can reveal about individuals, and the ways in which those disclosures are made. Moreover, the contexts of the capture, circulation, and repurposing of individuals’ spatial data are i) distributed (occur across multiple devices, applications, and services), ii) platform independent (data flows easily across platform, services, and devices), and iii) indiscriminate (involve potentially all individuals). This makes the fashioning of practices and strategies for evading geosurveillance or for seeking obscurity and anonymity within data flows far more difficult when compared to other forms of digital strategies, particularly those that coalesce around dominant social platforms such as Facebook or Twitter.
The particular sensitivity of individuals’ personal spatial information, and the complexity of exerting control over flows of these data, make geoprivacy uniquely deserving of attention. In the sections that follow, I account for some of the multiple ways in which individuals become abstracted as data events into spatial big data flows by virtue of simply going about their daily lives. I subsequently identify why spatial data is uniquely sensitive in terms of the kinds of things that it can be used to reveal about individuals as well as the ways in which such disclosures are made. This sensitivity as well as the ways in which personal spatial data capture and repurposing positions individuals as spatially vulnerable in different ways makes geoprivacy a prominent concern within broader societal debates about privacy and digitality. Yet the continuous, extensive, cross-platform and non-selective nature of geodata capture, collection, mining, interception, and analytics presents particular challenges for controlling flows of personal spatial information in networked data and device ecologies, a point that I pick up on in the last section.