Smartphones and other electronic devices make a research subject’s location increasingly possible to detect through now-ubiquitous GPS tracking.

Faced with the sudden emergence of this latest aspect of the tech revolution, many in bioethics initially err on the side of location data eradication. However, some researchers argue that location data can be used wisely and well, providing important information on some populations if deidentified from those with malicious intent.

“The question then becomes ‘How can we offer a service to the public of putting up deidentified location data, which potentially is a risk of privacy?’” says Daniel Goldenholz, MD, PhD, lead author of the paper1 and an epilepsy researcher and clinician at Beth Israel Deaconess Medical Center in Boston.

Interested in location tracking of seizures, Goldenholz and colleagues argue that GPS data can be used to provide valuable information to researchers if policies are in place to protect subjects.

“We tried to look at this from multiple angles,” he says. “How do you tell an IRB that is not necessarily informed on the latest and greatest thoughts on this [GPS] stuff how to deal with this problem?”

For example, location tracking of subjects raises some unusual informed consent disclosures, including warning subjects that tracking could reveal illegal activities or behaviors they do not want disclosed. (For more information, see related story in this issue.)

“People might forget that they are being tracked and their devices might record them in unwanted locations, or in some illegal activities,” Goldenholz says. “If you are wearing a tracker, suddenly someone else might know about it. These are things that we want IRBs to consider including in a consent form.”

The argument by proponents of preserving GPS data is essentially don’t throw the baby out with the bath water.

“We don’t want IRBs to tell investigators to deidentify all location data,” he says. “We want IRBs to consider the reasons to keep the location information. And if so, which aspects of the location information do we want to keep, and which aspects pose a risk for reidentification and how do we mitigate that?”

Safe Harbor

Location data, if it is to be preserved for research rather than eradicated, must be protected along multiple paths, including by the initial researchers, the IRB, data repositories, and secondary researchers that may be given access.

“There are a lot of different players in this game,” he says. “Once data exists it almost has a life of its own. You have to be careful.”

The concept of privacy in this case comes down to preventing any reidentification of the GPS location data, which could prove challenging with evolving technology.

“That is the key point,” he says. “Let’s say I post the shoe size of a thousand people. Nobody is going to care, but they are not going to put their name, phone number, and address on that. But if I provide the shoe size and the GPS location, then it may be pretty easy to figure out whose shoes those were — even if I don’t give the name and address.”

This raises the possibility that GPS data can be accessed by those with ill intentions.

“Maybe they want to know more about your medical history or how to target ads to you,” he says.

Given the risk of a location data breach, many investigators take the “safe harbor” approach and shred the GPS location information.

“Safe harbor strips away anything that you could use to possibly locate anybody,” Goldenholz says. “Yes, you can do that, but we argue that there are plenty of ways you can protect the privacy of individuals from reidentification while still maintaining some data about location.”

Investigators can glean useful information from location data without publishing a street map, he notes. For example, some researchers are tracking drug users to identify risk factors.

“They are tracking patient movements and trying to figure out if there are certain locations in the city where people are more likely to be triggered to have cravings and abuse drugs,” he says. “For their research, location is a really big deal. But if they were to publish maps of downtown showing here is where people use more drugs and here is where people use less — that might be a problem.”

For example, they can use the location data to inform if location near an ATM triggers drug cravings in subjects being tracked.

“There are many examples from investigators who have thought deeply about this already,” he says. “We have been publishing research on [epileptic] seizures using an app that allows people to record when they have seizures.”

The GPS location is being used to try to determine triggers for seizures.

“For example, could it be that weather patterns impact their seizures?” he says. “Could it be electromagnetic interference? Or could how far you are from home impact your seizures? All these kinds of things we could never ask before, because we didn’t have the trackers.”

Expert Determination

In addition to the safe harbor method of data removal, privacy laws allow for expert determination that allowing preserving data with appropriate safeguard.

“With an expert opinion approach, you could potentially use valuable [location] information, but you are still protecting privacy,” he says. “We want to let the world know about this — you are legally allowed to do this, but it just has to be done in a thoughtful way.”

The expert determination alternative accepts some element of risk, ramping up data protection as that risk of disclosure increases. For example, something benign like a psychological study about musical preferences would not seem to pose any risk if GPS data were disclosed.

“Conversely, if an HIV incidence study reported obscured GPS locations of subjects with AIDS, reidentification could result in serious personal harms,” Goldenholz and colleagues note. “Thus, the former study may wish to use less cumbersome risk mitigation techniques, while the latter may require multiple strategies and a reidentification risk assessment.”

As with other aspects of technological advance, increasing benefit may raise the corresponding risk.

“It’s amazing now that the technology, software, machine-learning capability, and internet are evolving so rapidly,” he says. “It would be a shame if we did not use this information that is becoming available. It would equally be a shame if we used it thoughtlessly.”


1. Goldenholz DM, Goldenholz SR, Krishnamurthy KB, et al. Using mobile location data in biomedical research while preserving privacy. Journal of the American Medical Informatics Association, ocy071,