《ITIF-在增强现实和虚拟现实之间平衡用户隐私和创新(英文)-2021.03正式版.doc》由会员分享,可在线阅读,更多相关《ITIF-在增强现实和虚拟现实之间平衡用户隐私和创新(英文)-2021.03正式版.doc(28页珍藏版)》请在taowenge.com淘文阁网|工程机械CAD图纸|机械工程制图|CAD装配图下载|SolidWorks_CaTia_CAD_UG_PROE_设计图分享下载上搜索。
1、Balancing User Privacy and Innovation in Augmented and Virtual RealityELLYSSE DICK | MARCH 2021AR/VR devices create novel issues for user privacy due to the scope, scale, and sensitivity of the information they collect. To mitigate harms, policymakers should reform the current patchwork regulatory l
2、andscape for data privacy, which fails to address some risks while over-regulating in response to others.KEY TAKEAWAYS AR/VR devices collect similar data as other consumer technologies but raise new privacy issues due to the variety of technologies involved, the sensitivity of the information they c
3、ollectand because the data is what makes the devices function. AR/VR devices collect extensive biometric data, which can identify individuals and infer additional information. This data can create better immersive experiencesbut also exacerbate privacy risks. The immersive nature of AR/VR makes it d
4、ifficult to mitigate risks by applying existing privacy policies and practices from other digital media. It requires innovative new approaches to transparency, choice, and security. The current regulatory landscape for AR/VR consists of a patchwork of state and national policies, which leaves critic
5、al gaps for some privacy risks while over-regulating in response to others. Regulating AR/VR or individual technologies they use to deliver immersive experiences will leave policy a step behind innovation as the technology evolves. Policymakers should instead regulate based on actual harms tied to u
6、ser data. Policymakers should create an innovation-friendly regulatory environment for user privacy in AR/VR by clarifying, updating, and harmonizing existing rules and introducing comprehensive national privacy legislation.INFORMATION TECHNOLOGY & INNOVATION FOUNDATION|MARCH 2021INTRODUCTIONIn an i
7、ncreasingly digital world, the old saying that “your reputation precedes you” may or may not hold truebut some sort of information about you usually does. User data enables dynamic, personalized experiences with technologies from digital communications platforms to smart devices. But without necessa
8、ry safeguards, widespread collection and processing of this information, especially by less careful or scrupulous organizations, can expose individuals to privacy risks. Devices and applications for augmented and virtual reality (AR/VR)immersive technologies that enable users to experience digitally
9、 rendered content in both physical and virtual spaceare a growing part of this ecosystem.AR/VR includes applications on mobile devices that combine digital elements with images from external-facing cameras; heads-up displays that overlay digital elements on a users view of the physical world; and he
10、adsets that allow users to navigate fully virtual spaces. In order to deliver these experiences, AR/VR devices and applications gather significant amounts of personal data, including information provided by users, information generated by users, and information inferred about users.AR/VR raises new
11、user privacy considerations for three reasons:1. AR/VR devices are composed of a number of different information-gathering technologies, each presenting unique privacy risks and mitigation approaches;2. Much of the information AR/VR devices collect is sensitive data not used in most other consumer t
12、echnology devices; and3. This comprehensive information gathering is critical to the core functions of AR/VR devices.1When broken down, AR/VR technologies are essentially a collection of sensors and displays that work in concert to create an immersive experience for the user. To create the illusion
13、of virtual elements in three-dimensional physical space, or even entirely virtual worlds, these technologies require certain basic user-provided information as a starting point, and then a constant stream of new feedback data that users generate while interacting with their virtual environments. Thi
14、s baseline and ongoing feedback information could include biographical and demographic details, location and movement, and biometrics. Advanced functions, such as gaze-tracking and even brain-computer interface (BCI) technologies that interpret neural signals, continue to introduce new consumer data
15、 collection practices largely unique to AR/VR devices and applications. Not only might these data streams contain multiple forms of personal, identifying, or otherwise sensitive information, AR/VR devices also might combine this information to reveal or infer additional details about individual user
16、s.Policymakers should address privacy in AR/VR by considering the different types of information these devices collect and establishing appropriate safeguards to protect users against actual harms that may arise from this data collection.Taken together, the scope and scale of the user data collectio
17、n necessary to the core functions of AR/VR distinguish these technologies from other consumer devices and applications. Even so,INFORMATION TECHNOLOGY & INNOVATION FOUNDATION|MARCH 2021PAGE 1the types of information collected, the privacy risks, and the potential for direct harms in the absence of s
18、afeguards mirror those of other digital technologies and connected devicesmany of which have already gained widespread consumer adoption. The unique challenges AR/VR technologies present, therefore, arise from the risks of aggregating sensitive information and the challenge of adapting mitigation me
19、asures that were designed for other consumer technologies into immersive, three-dimensional environments.Because of the wide range of information AR/VR devices collect, policy responses that approach AR/VR as a monolith will almost certainly result in overregulation of certain types of data collecti
20、on, while also leaving critical gaps in protections for others. At the same time, regulating the individual technologies that are used to deliver immersive experiences will leave policy a step behind innovation as new capabilities and use cases continue to emerge. Instead, policymakers should addres
21、s privacy in AR/VR by considering the different types of information these devices collect and establishing appropriate safeguards to protect users against actual harms that may arise from this data collection. The goal should be to ensure a comprehensive and technology-neutral regulatory framework
22、that allows space for companies building AR/VR devices to continue to innovate, while mitigating harms. Specifically, this report proposes: Relevant federal regulatory bodies should provide guidance and clarification on the ways existing laws, such as the Health Information Portability and Accountab
23、ility Act (HIPAA) and the Childrens Online Privacy Protection Act (COPPA), apply to AR/VR devices and applications; Congress should reform privacy laws, such as COPPA and HIPAA, that would unnecessarily limit the use of AR/VR technologies in certain sectors or by certain users; Congress and relevant
24、 rulemaking bodies should create rules to safeguard against the potential for harm that arises from new forms of data collection, such as biometric identification and personal information inferred from biometric data, through transparency and choice requirements; Lawmakers should enact federal priva
25、cy legislation to harmonize compliance requirements at the national level rather than rely on state-by-state and sector-specific regulations; and Government agencies and industry should develop voluntary guidelines for AR/VR developers to secure users privacy through transparency and disclosure prac
26、tices, user privacy controls (including opt-out mechanics), information security standards, and considerations for the unique risks presented by biometric identifying and biometrically derived data.This report provides a foundational overview of user data collection in AR/VR as it relates to the bro
27、ader landscape of information-gathering and privacy protections in digital technologies. It reviews the four types of personal data these technologies gather (observable, observed, computed, and associated), the AR/VR data collection practices that fall within these categories, and the privacy conce
28、rns and established mitigation approaches for each data type. It then considers the unique challenges immersive technologies present to user privacy protections beyond those present in more established digital technologies, including the role of biometric data, limits to established mitigation appro
29、aches, and the potential for vulnerable users toINFORMATION TECHNOLOGY & INNOVATION FOUNDATION|MARCH 2021PAGE 2experience exacerbated harms. Finally, it examines the existing regulatory framework for user privacy, identifying laws and regulations that apply to AR/VR as well as policy gaps, and it co
30、ncludes with recommendations to address the unique challenges AR/VR technologies present to user privacy.USER INFORMATION COLLECTED IN AR/VRAR/VR devices rely on information from multiple sources to deliver an optimal user experience and achieve functions other consumer devices cannot. In AR/VR and
31、other information-driven technologies, user information collection can be broadly categorized as one of four types of data: Observable: information about an individual that AR/VR technologies as well as other third parties can both observe and replicate, such as digital media the individual produces
32、 or their digital communications; Observed: information an individual provides or generates, which third parties can observe but not replicate, such as biographical information or location data; Computed: new information AR/VR technologies infer by manipulating observable and observed data, such as
33、biometric identification or advertising profiles; and Associated: information that, on its own, does not provide descriptive details about an individual, such as a username or IP address.2In some instances, particularly in complex technologies such as AR/VR, certain information could contribute to m
34、ultiple data types depending on how it is collected and processed. For example, baseline health and fitness measurements (e.g., heart rate) are observed data, but calculated health information (e.g., estimated calories burned during an activity) is computed.Each type of data contributes to the const
35、ruction of immersive, interactive virtual spaces and objects in different ways, presenting unique privacy considerations and thus a need for best practices to mitigate new and exacerbated privacy concerns. (See table 1.)Observable DataSome information can be consistently and directly observed by thi
36、rd parties. With this observable data, other individuals can perceive the same information about the user firsthand. When considering digital privacy concerns, this could include personal correspondence, media shared by the user, or media recorded by third parties.3 AR/VR devices use observable data
37、 to enable users to construct a virtual presence, whether in fully virtual spaces created in VR or physical spaces enhanced with virtual elements through AR.Observable Data in AR/VRA users avatar, or virtual representation of themselves, may be considered observable personal information, particularl
38、y if that avatar is a hyper-realistic representation. Even less-realistic avatars a user creates to reflect their physical appearance can reveal certain information such as race and gender. Unlike two-dimensional images, such as profile pictures or digital photographs, three-dimensional avatars such
39、 as those in fully immersive VR experiences are a digital embodiment of an individual, including their physical appearance, gestures, and mannerisms.4 Users experience these virtual bodies as they would their own in physical spacemaking this particular form of observable data more intimate than simi
40、lar two-dimensional information.5INFORMATION TECHNOLOGY & INNOVATION FOUNDATION|MARCH 2021PAGE 3Table 1: Types of data that AR/VR technologies rely on to create user experiencesPrivacyMitigationData TypeExamples in AR/VRUtility in AR/VRConsiderationsApproachesObservableVirtual personas orGenerates v
41、irtualUser anonymity andDisclosure and userlikenesses (i.e.,presence unique toautonomyconsent; user privacyavatars); digitalthe user and allowssettings; encryptedcommunications orthem to interact withcommunications;messages; real-timevirtual spaces andlimits on lawin-app/in-worldobjectsenforcement u
42、se;interactions;laws against personalidentifying in-app/in-autonomy privacyworld assets (e.g.,violationsscreenshots,recordings, virtualobjects)ObservedLocation and spatialCreates andUser anonymity andDisclosure and userdata (e.g.,enhances immersiveautonomy; securityconsent; accessgeolocation, lidar)
43、;experience; positionsof sensitive providedcontrols; encryptionmotion/hand/eyeuser in virtual space;information;or local storage fortracking; raw inputsenables advancedpotential forcertain data; limitsfrom BCI data; user-functions (e.g.,discriminatory use ofon law enforcementprovidedinteracting with
44、provided informationuse; laws prohibitingbiographical andvirtual objects,by third partiesdiscrimination baseddemographicgesture controls, andon certaininformation (e.g.,more realisticinformationname, age,avatars)interests); linkedsocial media profiles;user-generatedbehavioral data andactivity logsCo
45、mputedUser profiles (e.g.,Improves servicesSecurity of sensitiveDisclosure and userfor recommendationsand enablesinferred information;consent; users ableor advertising);advanced functionspotential forto contest or correctbiometricdiscriminatory use ofinformation;identification;inferred informationen
46、cryption or localbiometrically derivedby third partiesstorage for certaininformationdata; lawsprohibitingdiscrimination basedon certaininformationAssociatedLogin credentials;Associating contentFraud or maliciousUser authentication;contact information;and preferences withmisuse; harms fromdisclosure and userpayment information;specific users orcombining with otherconsent whenfriend lists; non-devices; identifyingforms of user datacombining with otheridentifying virtualdevices and allowingdata; lawsassets; device IPfor Internet-enabledestablishing