Mozilla Mixed Reality’s Diane Hosfelt says, “The immersive web has all of the problems of the 2D web, they’re just magnified and they’re harder.” She says the the privacy challeges around biometric data privacy are even more dire because you can’t change your biometric signatures and you can’t recover it. Hosfelt’s job at Mozilla is to secure the Servo immersive web browser engine, and so she’s thinking about how to apply the last 20 years of open web security and privacy problems, risks, and potential mitigations to the broader immersive web community. She recently authored a post titled Principles of Mixed Reality Permissions where she lays out the “PACE principles” of Progressive, Accountable, Comfortable, and Expressive.
I had a chance to talk with Hosfelt after the VR Privacy Summit that happened at Stanford University on November 8th, where we talked about making comforable privacy and security workflows that avoid the existing permission fatigue for Cookie authorization, the limitations of occuluding biometric movements through random noise, how independent researchers reveal privacy risks by combining data from multiple sources, an exploration of many of the open privacy challenges on the immserive web, and the open problem of how to educate consumers about the capabilities of these new immserive sensors, their uses, and possible dire consequences of them.
LISTEN TO THIS EPISODE OF THE VOICES OF VR PODCAST
This is a listener-supported podcast through the Voices of VR Patreon.