3 Questions: The price of privacy in ride-sharing app performance

This post was originally published on this site

Ride-sharing applications such as Uber and Lyft collect information about a user’s location to improve service and efficiency, but as data breaches and misuse become more frequent, the exposure of user data is of increasing concern. M. Elena Renda, a visiting research scientist in MIT’s JTL Urban Mobility Lab; Francesca Martelli, a researcher at the National Research Council in Pisa, Italy; and Jinhua Zhao, the director of the JTL Urban Mobility Lab; discuss findings from their recent article in the Journal of Urban Technology about the impacts of different degrees of locational privacy protection on the quality of ride-sharing, or “mobility-sharing,” services. Zhao is also director of the MIT Mobility Initiative, co-director of the MIT Energy Initiative’s (MITEI) Mobility Systems Center, and an associate professor of urban studies and planning. This research was supported by the Mobility Systems Center, one of MITEI’s Low-Carbon Energy Centers.

Q: What does your research tell us about the trade-offs in protecting a user’s locational privacy and the performance of ride-sharing applications?

A: By providing mobility-sharing applications with both spatial and temporal data on their activities, users could reveal personal habits, preferences, and behaviors. Masking location data in order to avoid the identification of users in case of data leakage, misusage, and/or security breaches increases user privacy. However, the loss of information can decrease data utility and lead to poorer quality of service, or lower efficiency, in a location-based system.

Our research focuses on mobility-sharing applications that hold promise for improving the efficiency of transportation and reducing vehicle miles traveled (VMT). In our study, we ask: How would location privacy-preserving techniques affect the performance of such applications, and more importantly, the aspects that most impact passengers, such as waiting time, VMT, and so on? The study compares different methods for masking data and different levels of location data anonymization, and provides useful insights into the trade-off between user privacy and the performance of mobility-sharing applications.

We specifically analyzed the case of carpooling between home and work, which is the largest contributor to traffic congestion and air pollution. The analyses allow a careful quantification of the effects of different privacy-preservation techniques on total saved mileage, showing that better savings can be obtained if users agree to trade convenience for privacy — more in terms of travel time than waiting time. For instance, by masking locations within a 200-meter radius, the total saved mileage decreases on average by 15 percent over the optimal solution with exact location information, while travel time for users increases by five minutes on average. Thus, by compromising on convenience, it is possible to preserve privacy while only minimally impacting total traveled mileage. This observation might be especially useful for city authorities and policy makers seeking a good compromise between their citizens’ individual right to privacy and the societal need to reduce VMT and energy consumption. For instance, introducing more flexibility in working hours could facilitate the above compromise in urban contexts.

Q: How does the cost of privacy affect a mobility-sharing system’s carbon footprint?

A: In our study, we compared the number of shared miles that would be obtained by optimally matching trips using exact location information with those obtained through increasingly anonymized data. We found that the higher the level of privacy that is granted to users, the fewer the shared miles: The percentage of shared miles decreases from 10 percent with minimal privacy preservation, up to 60 percent with the stricter privacy preservation policies. The values in between depend not only on the levels of location data anonymization considered, but also on the amount of discomfort we are giving to users (for example, longer riding and waiting times). In a nutshell, the cost of privacy in terms of increased carbon footprint might be very high, and it should be carefully balanced with city-level and societal-level sustainability targets.

Q: What next steps are you considering for your research, and how does your research support the decarbonization of the transportation sector?

A: Currently, users grant whole-data ownership and rights to these application companies, since otherwise they would not be able to use their services. If this scenario changes (for example, in response to new regulations), companies might start offering users benefits and rewards (for example, lower cost, higher priority, or higher score) to nudge them to fully or partially opt out from a “privacy option.” This would allow the system to fully access their location data or reduce the level of privacy users were initially granted. If the user could set a desired level of privacy or decide not to require any privacy at all, this would lead to different levels of data privacy within the same privacy-preserving system. Performing tests on the sensitivity of the system efficiency and quality of service with respect to the percentage of riders requesting privacy controls and the geographical distribution of those riders could be an interesting research direction to investigate.

Furthermore, the extent to which data privacy is perceived as a concern by shared mobility users is still largely unknown. Would users accept rewards and benefits from the companies to totally or partially relinquish their privacy rights?

Recently, another major factor potentially disrupting the shared mobility market has appeared and spread worldwide: the Covid-19 pandemic. How could this impact shared mobility? What if people keep social distancing in the long term and drastically change their mobility patterns? What if citizens worldwide adopt the view that owning a car and driving alone (or at most, with family members) is the safest way for their health to move within and among cities, to the detriment of shared mobility modes, such as carpooling, ride-hailing, ride-sharing, or car-sharing? Failing to anticipate and address these worst-case scenarios could lead to rising traffic and congestion, which in turn will harm the environment and public health. Our plan is to investigate to what extent people are willing to use smart mobility systems post-Covid-19, and to what extent health concerns and location data privacy could be an issue.