Ten years from now you may pick up your augmented reality glasses automatically, exactly as you pick up your phone today. The glasses will do many of the same things, plus they’ll offer new ways to communicate or obtain information or entertain yourself.
They also have the potential to invade your privacy in exactly the same ways that your phone does, plus new ways that remove any remaining vestige of personal privacy.
The question is: Will lawmakers change the rules about unfettered data collection? Maybe we’ll get new rules to slow or prevent surveillance capitalism. Are we approaching a tipping point that will cause consumers to push back? Maybe there will be a consumer revolt that prevents AR from ever taking off.
Or maybe we’ll go over the cliff and give up the idea of privacy – period, end of story, full stop. We’re nearly there already.
Practical uses for AR glasses and implications for privacy
Your AR glasses could show you a digital arrow on the sidewalk indicating which direction to walk.
They would do that by tracking your location continuously, and sending your location to online servers, which store the info about your travels in your constantly growing profile.
If they can’t track your location . . . no helpful arrow.
Your phone does that today. You literally carry a tracking device everywhere you go. We trade that part of our privacy in exchange for Google Maps.
You could look at a store sign with your glasses and helpful information would appear. A flyout could show the hours of the business, ratings, perhaps a link to a menu or the phone number. A coupon might appear for a discount, good for one hour.
The glasses would obtain that information by sending the business name to the online servers. They return the useful info – and make a note that you are interested in that business, storing that fact in your profile to become part of what is known about you for packaging to advertisers.
You do the same thing with your phone every time you do a web search. The glasses will make some searches easier and faster – you’ll just look at something and perhaps make a tapping motion with one finger. Your phone takes a slightly greater intention; you have to pull it out and tap in what you’re interested in. AR glasses will be more convenient but they’ll give up more information about what crosses your mind.
A reminder could appear in your field of vision with the name of the person approaching you.
The online server would have been recording everything you see with continuously running cameras and microphones, and storing every visual and auditory detail of your every interaction. It now also will have recorded the location of the person near you, whether they have AR glasses or not.
Your phone can’t do that. It will be another tradeoff of privacy for convenience. The online servers will know who you interact with, for how long, your location – and they’ll know the same thing about the person you’re talking to.
Is the convenience worth it? You gave up any privacy about your location when you started carrying a phone, regardless of the dangers of location tracking. Maybe we’ll give up any privacy about our interactions with others if AR glasses can remind us of people’s names.
This is the textbook definition of a slippery slope. We’re a long way down the slope and sliding fast.
Augmented reality glasses create a new level of surveillance
Google Maps focuses on objects and fixed places. It blurs out people’s faces. It tracks your movements but doesn’t combine that in your individual profile with what it knows from tracking anyone else. As far as we know.
AR glasses will have cameras and microphones that run continuously. They will be focused on human interactions. That changes the scope and the scale of big company observation. They will have audio-visual coverage of the entire world. Our phones bring us closer to that than we realize already but AR takes surveillance to a whole new level.
A few years ago I wrote a series of articles about privacy. The premise was that data collection has become the central mission of the large tech companies. Today the data is primarily assembled from our interactions with our phones and computers. As The Guardian put it, the big companies are dealing in “how far and where your morning run takes you, the conditions of your commute, the contents of your text messages, the words you speak in your own home and your actions beneath all-seeing cameras, the contents of your shopping basket, your impulse purchases, your speculative searches and choices of dates and mates – all recorded, rendered as data, processed, analysed, bought, bundled and resold like sub-prime mortgages.”
The giant tech companies obtain hundreds of thousands of data points about you every day. Their computers compare your behavior to millions of other people. They are able to predict your behavior in very fine-grained detail. Over time, they are discovering ways to influence your behavior.
You resist that conclusion. “No, no!” you cry. “I am special. I cannot be reduced to an algorithm. I am unpredictable. I am not a stereotype!”
Look at that picture. Each and every starling in that picture is thinking, “I don’t have to fly this direction! I could fly any direction I want. I am unique. I am special. I am choosing to fly with everyone else because it pleases me but no one could have predicted that.”
Sure. Keep believing, you snowflake.
Technical reasons that AR glasses get more data than phones
AR glasses will be designed to be always looking and always listening.
The advantage of AR glasses will be their ease and ubiquity. They will provide useful, fun, interesting information without any friction. For at least some purposes, you make a conscious decision to engage with your phone. AR glasses will work without needing to be unlocked.
That is also why they are dangerous.
Here is the conclusion of a deep and well thought-out article about new privacy concerns raised by AR and VR.
AR/VR raises new user privacy considerations for three reasons:
(1) AR/VR devices are composed of a number of different information-gathering technologies, each presenting unique privacy risks and mitigation approaches;
(2) Much of the information AR/VR devices collect is sensitive data not used in most other consumer technology devices; and
(3) This comprehensive information gathering is critical to the core functions of AR/VR devices.
AR devices may someday be following your gaze to identify what direction you’re looking. It’s not impossible to imagine brain/computer interfaces. There is already a flow of data about you; the new biometric and other information from your interactions with AR/VR devices will turn that flow into a river. Eye-tracking details can serve as an indicator of age, gender, and race. Motion or hand-tracking can uniquely identify individuals with up to 95 percent accuracy. From the same paper: “Applications can also use biometric data to infer details about a user’s physical and emotional responses to stimuli, as well as sensitive health information. Motion and eye tracking can capture a user’s subconscious reactions, such as pupil dilation, which can in turn reveal inferred information about their interests and preferences—from favorite foods to sexual orientation.”
It is already nearly impossible to guarantee anonymization, even when you believe you have an anonymous profile on some service. The additional information obtained with AR interactions may make it effectively impossible to de-identify data.
Not worried about yourself? Think about vulnerable users including children, older adults, and marginalized and vulnerable populations. Think of participants in health care research or therapy for mental illness who might face discrimination in health care or employment. Think of . . . well, there are a lot of potentially bad things to think about if no one has any privacy.
We do not currently have any consistent legal or regulatory framework for privacy and data collection. The EU has taken the lead in developing regulations for online privacy, but their efforts are only marginally more effective than the patchwork of state and federal regulation in the US. The partisan politics of the US do not lend themselves to careful improvement of our existing laws.
A quick recap to be clear.
Your privacy is already mostly gone. AR potentially deepens the problem, but it’s just the next step in a process that is already well underway.
If AR becomes popular, it will be because it offers convenience, excitement, and improvements in our quality of life. We will adopt it for the same reasons we adopted smartphones.
But at some point, we may revolt at the thought of losing any more privacy. Consumers may say, we have a line and this new tech crosses it. Enough! We’re done. In that case, AR may never take off.
I have an idea for privacy regulation that might cut through the partisan divide. I’ll tell you about that next time.