Public release of wrist-worn motion sensor data is growing. They enable and accelerate research in developing new algorithms to passively track daily activities, resulting in improved health and wellness utilities of smartwatches and activity trackers. But, when combined with sensitive attribute inference attack and linkage attack via re-identification of the same user in multiple datasets, undisclosed sensitive attributes can be revealed to unintended organizations with potentially adverse consequences for unsuspecting data contributing users. To guide both users and data collecting researchers, we characterize the re-identification risks inherent in motion sensor data collected from wrist-worn devices in users' natural environment. For this purpose, we use an open-set formulation, train a deep learning architecture with a new loss function, and apply our model to a new data set consisting of 10 weeks of daily sensor wearing by 353 users. We find that re-identification risk increases with an increase in the activity intensity. On average, such risk is 96% for a user when sharing a full day of sensor data.
|Original language||English (US)|
|Title of host publication||CCS 2021 - Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security|
|Publisher||Association for Computing Machinery|
|Number of pages||17|
|State||Published - Nov 12 2021|
|Event||27th ACM Annual Conference on Computer and Communication Security, CCS 2021 - Virtual, Online, Korea, Republic of|
Duration: Nov 15 2021 → Nov 19 2021
|Name||Proceedings of the ACM Conference on Computer and Communications Security|
|Conference||27th ACM Annual Conference on Computer and Communication Security, CCS 2021|
|Country/Territory||Korea, Republic of|
|Period||11/15/21 → 11/19/21|
Bibliographical noteFunding Information:
This research was supported in part by the National Institutes of Health (NIH) under award P41EB028242, by the National Science Foundation (NSF) under awards ACI-1640813, CNS-1823221, CNS-1705135, and CNS-1822935, and by the Combat Capabilities Development Command (DEVCOM), Army Research Laboratory (ARL) under Cooperative Agreement Number W911NF-13-2-0045 (ARL Cyber Security CRA). The mPerf research study was supported in part by the Office of the Director of National Intelligence (ODNI), Intelligence Advanced Research Projects Activity (IARPA), via IARPA Contract No. 2017-17042800006. The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of ODNI, IARPA, DEVCOM, ARL, NSF, NIH, or the U.S. Government. The U.S. Government is authorized to reproduce and distribute reprints for Government purposes not withstanding any copyright notation therein.
© 2021 ACM.
- re-identification risk
- user re-identification
- wrist-worn accelerometers