Organizations are increasingly developing or deploying “immersive technologies,” a collection of hardware and software products that substitute, enhance, or alter users’ individual, physical-world experiences. These emerging technologies—which include tools like extended reality (XR), virtual worlds, and brain-computer interfaces (BCIs)—have the potential to transform healthcare, education, entertainment, advertising, and other sectors. However, because they often rely on large amounts and kinds of personal, potentially sensitive data, they also raise important privacy and data protection questions. Without safeguards, data about people’s bodies, behaviors, and surrounding environments could be inferred and used to manipulate, discriminate against, or otherwise harm both users and bystanders. FPF works with experts from industry, academia, and civil society to identify the unique privacy and data protection risks in this nascent field, analyze how existing and emerging regulations implicate immersive technologies, and develop best practices and policy recommendations.
Youth Privacy in Immersive Technologies: Regulatory Guidance, Lessons Learned, and Remaining Uncertainties
As young people adopt immersive technologies like extended reality (XR) and virtual world applications, companies are expanding their presence in digital spaces, launching brand experiences, advertisements, and digital products. While virtual worlds may in some ways resemble traditional social media and gaming experiences, they may also collect more data and raise potential manipulation risks, particularly […]
Privacy and the Rise of “Neurorights” in Latin America
Authors: Beth Do, Maria Badillo, Randy Cantz, Jameson Spivack “Neurorights,” a set of proposed rights that specifically protect mental freedom and privacy, have captured the interest of many governments, scholars, and advocates. Nowhere is that more apparent than in Latin America, where several countries are actively seeking to enshrine these rights in law, and some […]
Identifying Privacy Risks and Implementing Best Practices for Body-Related Data in Immersive Technologies
As organizations develop more immersive technologies, and rely on the collection, use, and transferring of body-related data, they need to ensure their data practices not only maintain legal compliance, but also more fulsomely protect people’s privacy. To guide organizations as they develop their body-related data practices, the Future of Privacy Forum created the Risk Framework […]
Understanding Body-Related Data Practices and Ensuring Legal Compliance in Immersive Technologies
Organizations are increasingly incorporating immersive technologies like extended reality (XR) and virtual worlds into their products and services, blurring the boundaries between the physical and digital worlds. Immersive technologies hold the potential to transform the way people learn, work, play, travel, and take care of their health, but may create new privacy risks as well. […]
Risk Framework for Body-Related Data in Immersive Technologies
Today, the Future of Privacy Forum (FPF) released its Risk Framework for Body-Related Data in Immersive Technologies for organizations to structure the collection, use, and onward transfer of body-related data. Organizations building immersive technologies like extended reality and virtual worlds often rely on large amounts of data about individuals’ bodies and behaviors. While body-related data […]
Old Laws & New Tech: As Courts Wrestle with Tough Questions under US Biometric Laws, Immersive Tech Raises New Challenges
Extended reality (XR) technologies often rely on users’ body-based data, particularly information about their eyes, hands, and body position, to create realistic, interactive experiences. However, data derived from individuals’ bodies can pose serious privacy and data protection risks for people. It can also create substantial liability risks for organizations, given the growing volume of lawsuits […]
Understanding Extended Reality Technology & Data Flows: Privacy and Data Protection Risks and Mitigation Strategies
This post is the second in a two-part series. Click here for FPF’s XR infographic. The first post in this series focuses on the key functions that XR devices may feature, and analyzes the kinds of sensors, data types, data processing, and transfers to other parties that power these functions. I. Introduction Today’s virtual (VR), […]
Understanding Extended Reality Technology & Data Flows: XR Functions
This post is the first in a two-part series on extended reality (XR) technology, providing an overview of the technology and associated privacy and data protection risks. Click here for FPF’s infographic, “Understanding Extended Reality Technology & Data Flows.” I. Introduction Today’s virtual (VR), mixed (MR), and augmented (AR) reality environments, collectively known as extended […]
New Infographic Highlights XR Technology Data Flows and Privacy Risks
As businesses increasingly develop and adopt extended reality (XR) technologies, including virtual (VR), mixed (MR), and augmented (AR) reality, the urgency to consider potential privacy and data protection risks to users and bystanders grows. Lawmakers, regulators, and other experts are increasingly interested in how XR technologies work, what data protection risks they pose, and what […]
FPF and Singapore PDPC Event: “Data Sovereignty, Data Transfers and Data Protection – Impact on AI and Immersive Tech”
On July 21, the Future of Privacy Forum (FPF) and Singapore’s Personal Data Protection Commission (PDPC) co-hosted a workshop as part of Singapore’s Personal Data Protection Week, titled “Data Sovereignty, Data Transfers and Data Protection – Impact on AI and Immersive Tech” at Marina Bay Sands Expo and Convention Center in Singapore. The event focused […]