Commercially available position tracking systems sense, communicate, and record the location of people and objects. Safety, quality, and productivity gains are being unlocked using these systems.
However, the explicit or implicit recording of peoples’ movements and activities has security and privacy implications. In the future, this sensitive information about workers and enterprise operations must be better protected from external and internal threats. Technology developed by Data61 promises the necessary security and privacy uplift without sacrificing tracking system functionality.
Differential privacy technology for tracking systems
Differential Privacy (DP) is a mathematically rigorous approach to guaranteeing the privacy of individual-specific data within larger datasets. The privacy is achieved through deliberately and carefully making specific minor changes to the data.
CSIRO has developed DP methods for movement data collected from industrial tracking systems that use video cameras and/or Industrial Internet of Things (IIoT) technologies. These methods are the subject of a provisional patent (details).
In parallel, CSIRO has developed new data analytics methods for extracting valuable information from tracking system data. These interoperate with the DP methods. We have already applied our DP methods to a homegrown IIoT tracking system in our own facilities. This has proven the approach and is a testbed for ongoing R&D.
How does privacy-preserving technology work?
There are two aspects to the privacy-preserving technology: classification and prediction. These are two different, multi-step methodologies that yield different information. Classification is the detection of patterns or signals (clusters) within the various IoT data parameters (location (Lat/Long/Alt), acceleration (x, y, z), temperature, humidity, etc.), whilst prediction is the ability to infer something about those same parameters at a future point in time based on a series of previous data points.
For privacy preservation, the IoT location and other data are perturbed mathematically such that the guaranteed level of privacy is designed as a best trade-off between accuracy and utility. Generally, these two aspects need to be balanced, yielding good levels of privacy protection whilst maintaining a sufficient level of accuracy for classification and prediction.
Protecting enterprise security
Tracking data sheds light on what is happening, where it is happening, and (implicitly or explicitly) who is involved. This is crucial information for ensuring safety and traceability, for operations management, and for systems improvement. The data could also reveal much about an enterprise to commercial and criminal adversaries.
Avoiding information leakage from tracking systems, due to once-off or ongoing cyber intrusion, must become a priority. DP technology helps by assuring against reidentification of individual workers and specific mobile plant in centrally stored movement datasets. By enabling privacy-preserving analytics at the edge, on premises, and/or in the cloud, DP also assures privacy and confidentiality in analysis results, while simultaneously reducing or avoiding the need to communicate raw movement data.
Inter-enterprise data
Tracking systems implemented by transport companies and other physical service providers collect revealing information at the interface of their customers. The misuse of this data can have major commercial and security consequences.
For example, delivery vehicles that are tracked might reveal sensitive data about customers’ operations. This data includes:
- Where certain goods are stored
- When and where certain activities take place
- The demand at specific locations, such as at competing retail shopfronts
DP can be tuned to obscure specific details in a provably private way, without destroying the signal in the data. This provides resilience not only to malicious actions but also to unintended disclosures that can result from the communication of data reports and analyses.
DP enables the transformation of multi-enterprise tracking data into a valuable resource for cross-industry collaboration, process improvement, and benchmarking:
- Measuring industry performance and making peer comparisons
- Sharing data between industry and government
- Analysing data relating to shared and/or public services (shared facility use, transport networks, etc.)
A differentially private dataset can be formulated and shared between collaborators without betraying individuals’ privacy and without revealing information regarded as commercially sensitive to enterprises.
Personal privacy, fairness, and security
Personal data privacy and confidentiality is a growing concern for individuals, workplaces, and regulators. Tracking systems can convey person-identifying information even if individuals are not directly tracked. The reputational and legal implications of data custodianship errors and breaches involving personal data are steadily increasing.
DP can address these risks at the source by guaranteeing non-identifiability within stored data that has been made differentially private. Additionally, DP enables provably private analytics, where the results cannot be manipulated to reveal an individual’s or other sensitive data.
The potential for unauthorized intra-enterprise use of tracking systems increases negative perceptions and risks relating to workplace intimidation, spying, and personal security. When combined with secure data access control techniques, DP can guard against a range of unauthorized surveillance scenarios while preserving the operational utility of the tracking data.
Partner with us
We are seeking first-to-market partners who can work with us to adapt our patented DP methods to their tracking systems, evaluate them, and make plans for their adoption in future products. These products would then be able to offer the privacy and security guarantees demanded by future customers.
Commercially available position tracking systems sense, communicate, and record the location of people and objects. Safety, quality, and productivity gains are being unlocked using these systems.
However, the explicit or implicit recording of peoples’ movements and activities has security and privacy implications. In the future, this sensitive information about workers and enterprise operations must be better protected from external and internal threats. Technology developed by Data61 promises the necessary security and privacy uplift without sacrificing tracking system functionality.
Differential privacy technology for tracking systems
Differential Privacy (DP) is a mathematically rigorous approach to guaranteeing the privacy of individual-specific data within larger datasets. The privacy is achieved through deliberately and carefully making specific minor changes to the data.
CSIRO has developed DP methods for movement data collected from industrial tracking systems that use video cameras and/or Industrial Internet of Things (IIoT) technologies. These methods are the subject of a provisional patent (details).
In parallel, CSIRO has developed new data analytics methods for extracting valuable information from tracking system data. These interoperate with the DP methods. We have already applied our DP methods to a homegrown IIoT tracking system in our own facilities. This has proven the approach and is a testbed for ongoing R&D.
How does privacy-preserving technology work?
There are two aspects to the privacy-preserving technology: classification and prediction. These are two different, multi-step methodologies that yield different information. Classification is the detection of patterns or signals (clusters) within the various IoT data parameters (location (Lat/Long/Alt), acceleration (x, y, z), temperature, humidity, etc.), whilst prediction is the ability to infer something about those same parameters at a future point in time based on a series of previous data points.
For privacy preservation, the IoT location and other data are perturbed mathematically such that the guaranteed level of privacy is designed as a best trade-off between accuracy and utility. Generally, these two aspects need to be balanced, yielding good levels of privacy protection whilst maintaining a sufficient level of accuracy for classification and prediction.
Protecting enterprise security
Tracking data sheds light on what is happening, where it is happening, and (implicitly or explicitly) who is involved. This is crucial information for ensuring safety and traceability, for operations management, and for systems improvement. The data could also reveal much about an enterprise to commercial and criminal adversaries.
Avoiding information leakage from tracking systems, due to once-off or ongoing cyber intrusion, must become a priority. DP technology helps by assuring against reidentification of individual workers and specific mobile plant in centrally stored movement datasets. By enabling privacy-preserving analytics at the edge, on premises, and/or in the cloud, DP also assures privacy and confidentiality in analysis results, while simultaneously reducing or avoiding the need to communicate raw movement data.
Inter-enterprise data
Tracking systems implemented by transport companies and other physical service providers collect revealing information at the interface of their customers. The misuse of this data can have major commercial and security consequences.
For example, delivery vehicles that are tracked might reveal sensitive data about customers’ operations. This data includes:
- Where certain goods are stored
- When and where certain activities take place
- The demand at specific locations, such as at competing retail shopfronts
DP can be tuned to obscure specific details in a provably private way, without destroying the signal in the data. This provides resilience not only to malicious actions but also to unintended disclosures that can result from the communication of data reports and analyses.
DP enables the transformation of multi-enterprise tracking data into a valuable resource for cross-industry collaboration, process improvement, and benchmarking:
- Measuring industry performance and making peer comparisons
- Sharing data between industry and government
- Analysing data relating to shared and/or public services (shared facility use, transport networks, etc.)
A differentially private dataset can be formulated and shared between collaborators without betraying individuals’ privacy and without revealing information regarded as commercially sensitive to enterprises.
Personal privacy, fairness, and security
Personal data privacy and confidentiality is a growing concern for individuals, workplaces, and regulators. Tracking systems can convey person-identifying information even if individuals are not directly tracked. The reputational and legal implications of data custodianship errors and breaches involving personal data are steadily increasing.
DP can address these risks at the source by guaranteeing non-identifiability within stored data that has been made differentially private. Additionally, DP enables provably private analytics, where the results cannot be manipulated to reveal an individual’s or other sensitive data.
The potential for unauthorized intra-enterprise use of tracking systems increases negative perceptions and risks relating to workplace intimidation, spying, and personal security. When combined with secure data access control techniques, DP can guard against a range of unauthorized surveillance scenarios while preserving the operational utility of the tracking data.
Partner with us
We are seeking first-to-market partners who can work with us to adapt our patented DP methods to their tracking systems, evaluate them, and make plans for their adoption in future products. These products would then be able to offer the privacy and security guarantees demanded by future customers.