PrivatePool: Privacy-Preserving Ridesharing

Paper in proceeding, 2017

Location-based services have seen tremendous developments over the recent years. These services have revolutionized transportation business, as witnessed by the success of Uber, Lyft, BlaBlaCar, and the like. Yet from the privacy point of view, the state of the art leaves much to be desired. The location of the user is typically shared with the service, opening up for privacy abuse, as in some recently publicized cases. This paper proposes PrivatePool, a model for privacy-preserving ridesharing. We develop secure multi-party computation techniques for endpoint and trajectory matching that allow dispensing with trust to third parties. At the same time, the users learn of a ride segment they can share and nothing else about other users’ location. We establish formal privacy guarantees and investigate how different riding patterns affect the privacy, utility, and performance tradeoffs between approaches based on the proximity of endpoints vs. proximity of trajectories.