Privacy-friendly statistical counting for pedestrian dynamics

Abstract

Relying on Wi-Fi signals broadcasted by smartphones became the de-facto standard in the domain of pedestrian crowd monitoring. This method got the edge over other traditional means owing to the fact that insights are built upon data which uniquely identifies individuals and, thus, allows highly accurate crowd profiling over time. On the other hand, handling such uniquely identifying data in such a way that it does not expose the sensed individuals to potential privacy infringements proves to be a difficult task. Although several protection techniques were proposed, they yield data which, combined with other external knowledge, can still be used for tracing back to specific individuals. To address this issue, we propose a construction which protects the short-term storage and processing of privacy-sensitive Wi-Fi detections under strong cryptographic guarantees and makes available in the clear, as end results, only statistical counts of crowds. To produce these statistical counts, we make use of homomorphically encrypted Bloom filters as facilitators for oblivious set membership testing under encryption. We implement the system and perform evaluation on both simulated data and a real-world crowd-monitoring dataset, demonstrating that it is feasible to achieve highly accurate statistical counts in a privacy-friendly way.