Where Trust Fails: Mapping Location-Data Provenance Risks in Europe

Computer Science > Cryptography and Security [Submitted on 15 Apr 2026] Where Trust Fails: Mapping Location-Data Provenance Risks in Europe Eduardo Brito, Liina Kamm European digital sovereignty and security increasingly depends on whether high-impact decisions can be grounded in location evidence that remains credible under adversarial pressure. This paper frames a cross-sector analysis as a location-data provenance problem: not merely what a device or service reports as location, but whether there is contestable evidence about where and when an asserted event occurred, who or what produced the assertion, and under which audit and retention guarantees. There are observable patterns across democratic processes and the information environment, trade and origin-sensitive supply chains, finance and illicit shipping flows, critical infrastructure and mobility, and harms targeting individuals' private and social domains. In these patterns we see a recurring asymmetry in which locality, presence, routing, or jurisdiction can be asserted cheaply while institutions and affected parties face costly reconstruction when disputes arise. To make this challenge actionable, this paper introduces a compact risk taxonomy that decomposes provenance failures into integrity axes and recurring failure modes, and derives design expectations for next-generation digital trust infrastructure centered on contestability under dispute, while remaining privacy- and rights-compatible. It argues for treating location as a digital primitive that should be represented as evidence-bearing claims rather than self-asserted coordinates, and positions proof-of-location (PoL) mechanisms as a candidate capability layer for producing verifiable presence claims under explicit threat and privacy assumptions. The outcome is a sector-neutral foundation for future architectural work on a next-generation digital trust infrastructure for Europe. Comments: Accepted for publication at CPDP 2026, the 19th International Conference on Computers, Privacy and Data Protection Subjects: Cryptography and Security (cs.CR) Cite as: arXiv:2604.13668 [cs.CR]   (or arXiv:2604.13668v1 [cs.CR] for this version)   https://doi.org/10.48550/arXiv.2604.13668 Focus to learn more Submission history From: Eduardo Ribas Brito [view email] [v1] Wed, 15 Apr 2026 09:36:50 UTC (3,424 KB) Access Paper: HTML (experimental) view license Current browse context: cs.CR < prev   |   next > new | recent | 2026-04 Change to browse by: cs References & Citations NASA ADS Google Scholar Semantic Scholar Export BibTeX Citation Bookmark Bibliographic Tools Bibliographic and Citation Tools Bibliographic Explorer Toggle Bibliographic Explorer (What is the Explorer?) Connected Papers Toggle Connected Papers (What is Connected Papers?) Litmaps Toggle Litmaps (What is Litmaps?) scite.ai Toggle scite Smart Citations (What are Smart Citations?) Code, Data, Media Demos Related Papers About arXivLabs Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)