A new study uncovers some worrying findings about user privacy in Metaverse, Meta’s virtual reality (VR) ecosystem. More specifically, not actually having anything.
Graduate researcher Vivek Nair leads a team at the University of California, Berkeley, Largest VR research (opens in new tab) Responsible and Distributed Intelligence Center (RDI (opens in new tab)), analyzing user interactions with VR to determine the level of privacy.
Most alarmingly, the information required to identify a user’s individual identity appears to be minimal, and maintaining anonymity appears to be a real challenge.
Kinetic fingerprint
When it comes to VR and privacy, previous research (opens in new tab) It focuses on a myriad of cameras and microphones that can recognize your face, voice and surroundings. Moving forward, privacy advocates are also concerned about the emergence of advanced brain-scanning technology that could be incorporated into headsets.
But none of them are necessary to reveal an individual’s identity, as a study from the University of California, Berkeley has shown. All you need is the user’s head and hand movement data.
More than 50,000 subjects were studied, and more than 2.5 million VR data records associated with playing the VR game Beat Saber.
Using advanced AI analytics, we were able to uniquely identify an individual with a staggering 94% accuracy in just 100 seconds from this motion data. Moreover, we were able to identify more than half of them in just 2 seconds of data.
This means that like a fingerprint, a person’s movements can be used as a unique identifier. However, as some have pointed out, this movement data may actually be more accurate than fingerprints on most popular devices. (opens in new tab) It can correctly identify an individual out of less than 1500 people.
Also, such VR data Already used (opens in new tab) It determines the user’s handedness, height, and even gender with high accuracy.further combined Data commonly collected by VR systems (opens in new tab)and there is a real problem with being able to maintain any kind of privacy.
If the metaverse expands as far as meta expects, the privacy protection issue will be greatly expanded. For example, if you shop online in VR, the store can see what you’re doing just by moving around the virtual shop floor.
venture beat (opens in new tab) spoke to Nair about the issue, saying the problem is “streaming motion data is a fundamental part of how the metaverse works today.”
Several solutions have been advocated to prevent abandonment of user privacy in VR. One is to obfuscate the motion data sent to an external server. However, this means noise pick-up, which can reduce the accuracy of VR headsets and controllers in detecting user movements, and games like the aforementioned Beat Saber need these to the maximum. Now for the problem.
The other is to implement regulations that prevent Meta and others from collecting this data, but given that big tech companies are adamant about collecting user data of any kind. Achieving this is not easy.
Berkeley researchers are also looking at techniques that can be used to preserve user privacy by masking uniquely identifiable movement data without compromising the accuracy and effective operation of VR devices. .