Identifying Privacy Risks and Implementing Best Practices for Body-Related Data in Immersive Technologies

As organizations develop more immersive technologies, and rely on the collection, use, and transferring of body-related data, they need to ensure their data practices not only maintain legal compliance, but also more fulsomely protect people’s privacy. To guide organizations as they develop their body-related data practices, the Future of Privacy Forum created the Risk Framework for Body-Related Data in Immersive Technologies. This framework serves as a straightforward, practical guide for organizations to analyze the unique risks associated with body-related data, particularly in immersive environments, and to institute data practices that earn the public’s trust. Developed in consultation with privacy experts and grounded in the experiences of organizations working in the immersive technology space, the framework is also useful for organizations that handle body-related data in other contexts. This post will build on our previous blog post where we discussed the importance of understanding an organization’s data practices and evaluating legal obligations. In this post we will focus on identifying the risks data practices raise and implementing best practices to mitigate these risks.

I. Identifying and assessing risk to individuals, communities, and society

Beyond legal compliance, leading organizations also should seek to ensure their products, services, and other uses of body-related data are fair, ethical, and responsible. Body-related data, and particularly the aggregation of this data, can give those with access to it significant insight into an individual’s personal life and thoughts. These insights include not just an individual’s unique ID, but potentially their emotions, characteristics, behaviors, desires, and more. As such, it is important for safeguards to prevent harmful uses of body-related data. Proactively identifying the risks their data handling raises will help organizations determine which best practices are most appropriate. 

As demonstrated in the chart below, privacy harms may stem from particular types of data being used or handled in particular ways, or transferred to particular parties. Organizations should consider the factors related to data type and data handling that impact the risks associated with their data practices.

When assessing the risks their data practices raise, organizations should ask themselves questions including:

• What are the harms that each risk may create, and how severe might they be?
• Who is likely to be the most significantly harmed by the realization of any given risk?
• What organizational goal or objective is a given data practice serving?
• Are there any public policy or legal considerations impacting an organization’s analysis of their data practices?
• Might technology change in the near future in a way that makes certain data practices more or less likely to result in harm, or more or less harmful?
• Are there any alternatives to a given data practice that are more privacy-friendly, while still allowing the organization to achieve its objectives?
• Does a given data practice raise risks that are too significant or implicate sufficiently serious harms such that it should be abandoned altogether?

II. Implementing relevant best practices

There are a number of legal, technical, and policy safeguards that can help organizations maintain statutory and regulatory compliance, minimize privacy risks, and ensure that immersive technologies are used fairly, ethically, and responsibly. These best practices should be implemented in a way that is intentional—adopted as appropriate given an organization’s data practices and associated risks; comprehensive—touching all parts of the data lifecycle and addressing all relevant risks; and collaborative—developed in consultation with multidisciplinary teams within an organization including stakeholders from legal, product, engineering, privacy, and trust and safety.

The chart below summarizes some of the major best practices organizations can apply to body-related data, as well as specific recommendations for each.

It is critical to note that no single best practice stands alone, and instead the contemplation of best practices should be considered comprehensively and implemented together as part of a coherent strategy. In addition, any strategy and practices must be evaluated on an ongoing basis as technology, data practices, and regulations change.

As organizations grapple with the privacy risks that body-related data raises, risk-based approaches to evaluating data practices can help organizations ensure they are not just compliant but also that they value privacy. FPF’s Risk Framework for Body-Related Data in Immersive Technologies serves as a starting point for organizations that collect, use, or transfer body-related data to develop best practices that prioritize user privacy. As technologies become more immersive, the unique considerations raised in this framework will be relevant for a growing number of organizations and the virtual experiences they create. Organizations can use this framework as a guide as they examine, develop, and refine their data practices.