Under natural viewing conditions in virtual reality, there are significant possibilities for violating user privacy, according to a recent paper by doctoral student and lead author Brendan David-John at the University of Florida Department of Computer & Information Science & Engineering (CISE). The paper was written by David-John, Diane Hosfelt, who was a staff research engineer at Mozilla while collaborating on this paper; Kevin R.B. Butler, Ph.D., a professor at CISE; and Eakta Jain, Ph.D., an associate professor at CISE.
Their paper, titled, “A Privacy-Preserving Approach to Streaming Eye-Tracking Data,” was selected as a best paper nominee for accepted journal papers at the 2021 IEEE VR conference, an international event for the presentation of research results in the broad areas of virtual, augmented, and mixed reality.
The paper describes how eye-tracking technology is being increasingly integrated into mixed reality devices and that there are significant possibilities for violating user privacy expectations. David-John said the team’s research is targeted at identifying and raising awareness of privacy and security concerns of future technologies, and what the implications could be for new forms of data and sensors that will be made available.
“Future mixed-reality devices could replace mobile phones as always-on devices that sense the environment around the user and track how the user responds and then interacts with both real and virtual realities,” David-John said. “While we are used to mobile phones that track our location, we as a society are not used to devices that can implicitly track personal information like age, gender, medical conditions, sexual orientation, and emotional responses that could then be used for targeted advertisements, or even more nefarious attacks if data falls into the wrong hands.”
In the paper, the team describes how they are exploring initial solutions for enhancing the privacy of eye-tracking data by reducing the risk of being identified from shared data.
“There is a lot of work to be done in this space before mixed-reality devices and sensors become commonplace in society,” David-John said.
To mitigate such risks, the authors suggest a framework that incorporates gatekeeping via the design of the application programming interface and via software-implemented privacy mechanisms. Their results indicate that these mechanisms can reduce the rate of identification from as much as 85% to as low as 30%.
“The method falls under the principle of data minimization, which means the platform should only stream data that is relevant for the application. Sharing additional data beyond what is necessary would enable external applications to ask for more than is needed for their application and violate privacy,” David-John said. “The key to designing an application then is balancing the applications of data with the privacy risks they introduce. Our approach in this work recommends providing developers with an interface where we process the data with a trusted platform, and then provide only the metrics and insights that are needed for the specific application.”
If processes like this aren’t implemented, there is potential for applications colluding with each other to identify a user.
“Say an employee shares raw data with their employer as part of a required training environment. Then, the employee uses a VR device to anonymously attend a virtual labor union meeting outside of work to discuss forming a union,” David-John said. “If the application that provided the virtual meeting were to share their anonymous eye-tracking data with nearby employers, the employee in question may be ‘outed’ to their employer.”
What does the future hold? For David-John, the answer is twofold. Dr. Jain’s team is working to build collaborations between researchers in mixed reality with those from security and privacy to create better solutions at the intersection of both fields.
“We started this process through a workshop that we conducted at IEEE VR 2021 and we have also presented our insights and perspectives at SOUPS 2021, which is a top security/privacy conference,” he said.
David-John also plans to “continue the line of establishing privacy for eye-tracking data with my dissertation work by investigating more sophisticated methods for reducing the ability to recognize a user from their eye movements. ”David-John’s research area is at the intersection of applied perception and computer graphics, using eye-tracking to record and understand human behavior with a focus on augmented and virtual reality (AR/VR).
Allison Logan
Marketing & Communications Specialist
Herbert Wertheim College of Engineering