Saturday, February 23, 2008

Data Security and Google Member Maps


I took a closer look at a few sites today that use Google Maps. Google Maps are typically used as an easy way to display geographical information. Perhaps the most popular use of GMaps for small and medium sites is the 'member map', which displays all the members of an organization geographically.



Sounds like a nifty little thing right? The problem is that most don't seem to understand that they are publishing the exact coordinates of their members to all sorts of people, most importantly mailing list data miners. Its a relatively trivial task to process the location data and feed it to a reverse geolocator service (which are more or less free). Its not only an offense to the members of your organization, it does potentially violate a number of privacy laws and could land you in court.



How To Secure A Member Map

1) Make sure that the precision of the latitude/longitude pair is sufficiently low, this will render the reverse geocoders useless.

2) Don't use Google Maps. Google Maps work in Javascript and all your information is exposed to the world. There are Flash-based and Open Source alternatives to GMaps. If you must have a Member Map, compile your members location into a raster/bitmap of some kind and display that instead. A bitmap is difficult if not impossible to data mine.

Open Source Alternatives To Google Maps

The most popular open source web mapping package is Ka-Map. Ka-Map is a mature project that offers a number of attractive features such as compatibility with ESRI, and a javascript web-interface similar to that of GMaps. There is far more flexibility with Ka-Map, but not nearly as much support as that of Google Maps. And, you have to compile your own data- no easy geocoding in Ka-Map. It is possible to Geocode with Google, and plot in Ka-map. Either way, you are not likely to get as much out of the box functionality with Ka-Map as you do with GMaps, but saving your privacy may be worth it.






1 comment:

Anonymous said...

Hi Joshua,

While I appreciate the mention of ka-Map, I think that you will find that OpenLayers [http://www.openlayers.org] has gained a lot of momentum and is now the more popular javascript mapping client for this kind of this.