Game Theoretic Approach to Location Sharing with Privacy in a Community-based Mobile Safety Application * Hua Liu Computer Science Department University of Southern California Los Angeles, CA hual@usc.edu Bhaskar Krishnamachari Ming Hsieh Department of Electrical Engineering University of Southern California Los Angeles, CA bkrishna@usc.edu Murali Annavaram Ming Hsieh Department of Electrical Engineering University of Southern California Los Angeles, CA annavara@usc.edu ABSTRACT A new generation of community-based social networking mo- bile applications is emerging. In these applications, there is often a fundamental tension between users’ desire for pre- serving the privacy of their own data and their need for fine-grained information about others. Our work is moti- vated by a community-based mobile application called Aegis, a personal safety enhancement service based on sharing lo- cation information with trusted nearby friends. We model the privacy-participation tradeoffs in this application using a game theoretic formulation. Users in this game are assumed to be self-interested. They prefer to obtain more fine-grained knowledge from others while limiting their own privacy leak (i.e. their own contributions to the game) as much as pos- sible. We design a tit-for-tat mechanism to give user in- centives to contribute to the application. We investigate the convergence of two best response dynamics to achieve a non- trivial Nash equilibrium for this game. Further, we propose an algorithm that yields a Pareto optimal Nash equilibrium. We show that this algorithm guarantees polynomial time con- vergence and can be executed in a distributed manner. Categories and Subject Descriptors I.6.8 [Computing Methodologies]: Simulation And Mod- elingModel Development; F.2.0 [Theory of Computation]: Analysis Of Algorithms And Problem Complexity—General General Terms Algorithms, Design, Human Factors, Theory * We’d like to acknowledge partial support for this work from Nokia Inc and National Science Foundation, numbered NSF CNS-0831545. This work has been also supported in part by a CAREER grant from the National Science Foundation, numbered CNS-0347621. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. MSWiM’08, October 27–31, 2008, Vancouver, BC, Canada. Copyright 2008 ACM 978-1-60558-235-1/08/10 ...$5.00. 1. INTRODUCTION In today’s society the penetration of hand-held mobile de- vices is substantially higher than any other compute or com- munication device. There are roughly 3.3 billion devices be- ing used in the world as of November 2007 [1]. Till date most mobile applications are based on a simple client-server model, where a mobile device requests for a service from a single service provider. As mobile devices enter a new era with high speed connectivity and increasing compute capa- bilities, a new class of community-based social networking mobile applications are being showcased as the next revolu- tion in mobile computing. In this class of applications each user in a social group contributes their knowledge about their surrounding environments and the collective knowl- edge can then be exploited by the community members for a personal or social benefit. One example of such an appli- cation has been developed to obtain real time information about traffic congestion on roads [3]. The primary difference between these new mobile social networking applications and prior mobile applications is that the information provided by the service provider is an ag- gregation of the data provided by multiple users. In their quest to increase relevancy of information to a specific user in a social networking scenario, however, mobile applications are beginning to aggressively collect information pertaining to a user. As the popularity of mobile social networks in- creases there is a growing realization that information col- lected about an individual user can compromise one’s pri- vacy and potentially security [9] [12] [17]. The information collected from a user include location and contact logs and hence when privacy is compromised it may lead to serious security concerns. There is therefore a need for technological solutions for providing privacy in mobile social networking applications. In these applications there is a fundamental tension between a user’s desire to protect privacy and their desire to take advantage of the community knowledge. On the one hand if everyone shares their information freely, the community as a whole will get a better experience; on the other hand, users prefer not to reveal too much personal information to protect their privacy. We take a new perspective on this problem that is based on game theory [15]. Originally developed by economists to model strategic interactions between rational agents in market settings, game theory has been applied to many dis- tributed network settings where users must interact while