I like the idea of randomly assigning a gps track to a user ID, or even just a random track number ID. That would be the equivalent of a black box where the user hands over a gps track, the server verifies that this is a legitimate user, then disconnects the track from the user ID and assigns it to a random ID number.
One issue might be how to detect if someone is either intentionally or unintentionally uploading spurious or erroneous tracks. Previously, we had talked about comparing tracks from a user to other tracks they had uploaded to ensure data quality. We couldn't do that under this scheme.
However, we could do something like compare the tracks to reality (do they exceed 250 mph, are the points anywhere near each other, are the dates/times sequential, etc.) and rate them with a confidence factor of some type or another.
What I was talking about was giving the user the key to unlock his/her identity for the tracks.
Originally Posted by Fiberoptic
In other words, I'm given a strong key that is very difficult to break and I use it to either hide or expose my identification with the tracks. In addition, if I choose, I can use my key to remove all of my tracks from the database, if I wish.
The intended benefit is two-fold:
1. You may have gps tracks but you can't know who I am unless *I* allow you to know.
2. I may decide that at some point in the future, I don't want my passive tracks to be used as part of the database.
The downside would be that if you upload tracks to the database and some time passes before you decide to remove them, they *might* have been used or even duplicated by someone with legit access to the database. Although that pool of people is probably small, you don't really know for sure what it might be in the future.