Exploring the Uncoordinated Privacy Protections of Eye Tracking and VR Motion Data for Unauthorized User Identification
Samantha Aziz, Oleg Komogortsev
TL;DR
This paper investigates how unprotected VR motion and eye tracking data can be exploited to identify users, revealing privacy vulnerabilities and emphasizing the need for comprehensive privacy protections in VR systems.
Contribution
It uncovers the privacy risks posed by unprotected VR motion and eye tracking data and highlights the necessity for integrated privacy safeguards.
Findings
Unprotected motion data can identify users without consent.
Eye tracking data alone may be insufficient for identification.
Combined data increases privacy leakage risk.
Abstract
Virtual reality (VR) sensors capture large amounts of user data, including body motion and eye tracking, that contain personally identifying information. While privacy-enhancing techniques can obfuscate this data, incomplete privacy protections risk privacy leakage, which may allow adversaries to leverage unprotected data to identify users without consent. This work examines the extent to which unprotected body motion data can undermine privacy protections for eye tracking data, and vice versa, to enable user identification in VR. These findings highlight a privacy consideration at the intersection of eye tracking and VR, and emphasize the need for privacy protections that address these technologies comprehensively.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsPrivacy, Security, and Data Protection