Understanding Extended Reality Technology & Data Flows: Privacy and Data Protection Risks and Mitigation Strategies

This post is the second in a two-part series. Click here for FPF’s XR infographic. The first post in this series focuses on the key functions that XR devices may feature, and analyzes the kinds of sensors, data types, data processing, and transfers to other parties that power these functions. 

I. Introduction

Today’s virtual (VR), mixed (MR), and augmented (AR) reality environments, collectively known as extended reality (XR), are powered by the interplay of multiple sensors, large volumes and varieties of data, and various algorithms and automated systems, such as machine learning (ML). These complex relationships enable functions like gesture-based controls and eye tracking, without which XR experiences would be less immersive or unable to function at all. However, these technologies often depend on sensitive personal information, and the collection, processing, and transfer of this data to other parties may pose privacy and data protection risks to both users and bystanders. 

This post examines the XR data flows that are featured in FPF’s infographic, and analyzes some of the data protection, privacy, and equity issues raised by the data that is processed by these devices, as well as strategies for mitigating these risks.

Key risks include:

Sensitive inferences: XR devices collect, process, and share large quantities of data about users’ bodies and environments. This data could be used to make inferences—whether accurate or not—about sensitive aspects of peoples’ lives, such as their sexual orientation or health conditions.Digital fingerprinting: Tracking users’ and bystanders’ bodies could allow for digital fingerprinting

Read more

Explore the site

More from the blog

Latest News