Category: vr privacy

Posted on

Latest Quest 2 Update Brings Encrypted Messenger, Parental App Locks & More

Meta rolled out a new Quest update that brings to the headset some previously revealed stuff, such as app-based locks and tracking support for more keyboards, but also some new features too which the company hopes will instill more confidence in user privacy, including encryption for text and voice chats through Messenger and in-headset 3D Secure payments.

In the Quest v40 update, Meta is testing end-to-end encryption for Messenger’s one-on-one messages and calls in VR, which is now offered as an opt-in feature. The company initially rolled out encryption for Messenger on non-VR devices as far back as 2016, however this is the first time it’s offered on Quest headsets.

“Keeping your information secure is one of our top priorities, not just in VR but across Meta apps and technologies. When people trust that their conversations are truly private, they feel safe to express themselves and build stronger online connections,” the company says in a blog post.

Image courtesy Meta

Meta says you can check the privacy of your communication by comparing keys with someone. “If the keys match, messages and calls are secured with end-to-end encryption,” says a description of the feature.

Quest v40 also includes the app-based lock feature which was previously announced as a part of the company’s growing suite of parental controls. This lets parents restrict access to certain apps, requiring them to input a pattern to unlock content that might otherwise be unsuitable for their kid’s age. Meta calls it a “starting point for parents as we begin rolling out our parental supervision tools in the coming months.”

The update brings a new spin on how users enter 3D Secure info when using a credit card too. Before the update, users would have to input 3D Secure directly on the Oculus mobile app, however now you can manage the extra authorization layer whilst in VR.

And keeping users in VR seems to be the major theme with v40, as the update also now includes keyboard tracking support for the Apple Magic Keyboard with numeric keypad, and both the Logitech K375s and Logitech MX Keys.

First introduced last year, keyboard tracking lets you see a virtual version of a keyboard inside your headset to make typing easier. Until now, the only two supported keyboards were Logitech K830 and Apple Magic Keyboard (sans keypad).

Lastly, Meta has added two new options to its Accessibility menu which it aims to make Quest more comfortable for people who are hard of hearing: Mono Audio option, which disables spatial audio by projecting the same audio from both the left and right speakers, and the ability to adjust balance of the left and right audio channels.

To see if you already have v40, simply pop on your Quest 2, go to Quick Settings> Settings –> System –> Software Update. There you can see the software version running on your headset and whether an update is available or not.

The post Latest Quest 2 Update Brings Encrypted Messenger, Parental App Locks & More appeared first on Road to VR.

Posted on

Facebook Announces $50M Research & Partnership Fund to “build the metaverse responsibly”

Back in July Facebook announced that it had spun up a new organization internally to begin building part of the metaverse, a series of interconnected virtual experiences and worlds that the company believes is the next step for human communication and interaction. As part of that effort Facebook this week announced that it’s earmarking $50 million to spend on external research and partnerships to help the company “ensure [our metaverse] products are developed responsibly.”

Although AR and VR technology is already here and available to consumers, most of what you can do with that immersive technology today is discrete experiences that aren’t related to each other. Contrast that with the internet, where you can seamlessly jump from one web page to another, even if those web pages belong to different companies and are hosted in different places.

The metaverse loosely defined as a sort of immersive internet where virtual experiences and worlds share some level of connectivity, interoperability, and identity (ie: a shared avatar across experiences). Facebook believes that the metaverse, alongside AR and VR, is core to what it often calls the “next computing platform,” which it has been aiming to get an early grip on ever since it acquired Oculus back in 2014.

Now that the company has formally begun efforts to actually create the metaverse (or at least a portion of it), it has announced a $50 million “XR Programs and Research Fund” to help guide the company toward “building the metaverse responsibly.” The announcement was co-signed by Andrew “Boz” Bosworth, VP of Facebook Reality Labs, and Nick Clegg, VP of Global Affairs.

The metaverse isn’t a single product one company can build alone. Just like the internet, the metaverse exists whether Facebook is there or not. And it won’t be built overnight. Many of these products will only be fully realized in the next 10-15 years. While that’s frustrating for those of us eager to dive right in, it gives us time to ask the difficult questions about how they should be built.

We’ll work with experts in government, industry and academia to think through issues and opportunities in the metaverse. For instance, its success depends on building robust interoperability across services, so different companies’ experiences can work together. We also need to involve the human rights and civil rights communities from the start to ensure these technologies are built in a way that’s inclusive and empowering.

Here are a few key areas where we’ll work with others to anticipate the risks and get it right:

  • Economic opportunity: how we can give people more choice, encourage competition and maintain a thriving digital economy
  • Privacy: how we can minimize the amount of data that’s used, build technology to enable privacy-protective data uses and give people transparency and control over their data
  • Safety and integrity: how we can keep people safe online and give them tools to take action or get help if they see something they’re not comfortable with
  • Equity and inclusion: how we can make sure these technologies are designed inclusively and in a way that’s accessible

The company says that through its $50 million fund it will “collaborate with industry partners, civil rights groups, governments, nonprofits and academic institutions to determine how to build these technologies responsibly.”

They also gave some examples of partners they are already working with through the program.

As of now there’s no clear way to reach out to the company with a proposal to access the announced funding. It seems likely that they will keep access largely restricted to select partners.

It’s good to know that Facebook is at least thinking about and committing money to soliciting external input on how it might responsibly build the metaverse. However, the company has been at the center of many controversies over the years involving privacy violations, user manipulation, political misinformation, and more.

In 2019 the Facebook was fined $5 billion by the US Federal Trade Commission for its handling of user privacy. At the time CEO Mark Zuckerberg said “we’re going to make some major structural changes to how we build products and run this company.” While this new fund focused on responsibly building the metaverse seems related to that new outlook, it remains to be seen how much the fund’s findings will actually influence the roadmap of Facebook’s metaverse products.

The post Facebook Announces $50M Research & Partnership Fund to “build the metaverse responsibly” appeared first on Road to VR.

Posted on

Facebook’s AR/VR Head Calls for “Big Shift” in How It Deals with User Privacy

Facebook Reality Labs head Andrew Bosworth released an internal memo, entitled “The Big Shift,” which underlines why the company needs to start building products now that better balance user privacy and user experience.

Even before Facebook moved to require all new Oculus users to sign in with Facebook, Oculus headset users were rightfully worried about the company’s treatment of user privacy. Facebook has a long track record of privacy scandals, including the Cambridge Analytic debacle, mass surveillance, and the amplification of misinformation (aka ‘fake news’). There’s more, but the list is comically long.

Virtual and augmented reality opens new, more intimate windows into user behavior though, with biometrical data obtained from VR/AR devices offering important vectors for understanding what makes each individual tick. It’s a treasure trove of user data which has largely gone untapped (and unleaked, as far as we know), but it won’t always be that way.

Now, Andrew Bosworth, the head of Facebook’s AR/VR Reality Labs team, is calling on his colleagues to put user privacy at the core of its products. The ‘Big Shift’ memo, seen in part below, was obtained by Big Technology, and first reported by OneZero.

“Starting in January we are changing the way we approach product development in FRL. Instead of imagining a product and trimming it down to fit modern standards of data privacy and security we are going to invert our process. We will start with the assumption that we can’t collect, use, or store any data. The burden is on us to demonstrate why certain data is truly required for the product to work. Even then I want us to scope it as aggressively as we can, holding a higher bar for sending data to the server than we do for processing it locally. I have no problem with us giving users options to share more if they choose (opt-in) but by default we shouldn’t expect it.”

In the memo, which was released December 22nd, Bosworth says he doesn’t simply aim to meet today’s expectations for user privacy, but wants to “differentiate our products on the basis of privacy. Let other companies scramble to keep up with us.”

Andrew Bosworth | Image courtesy Facebook

Bosworth, a 15-year Facebook veteran, first joined Microsoft in 2004; it wasn’t the same Microsoft we know today, but it was changing to prioritize user security in the face of a long history of ostensibly leaving virus and malware protection for third parties to sort out. Bosworth says in the memo it was due to “decades of buffer overruns and unchecked dereferences in a sprawling code base.”

After his one and a half year-stint as a software designer at Microsoft, Bosworth says public criticism pushed the company to reprioritize security, which helped make it the trusted leader in the field as it is today.

“Today Microsoft is considered perhaps the most trustworthy software vendor in the world. It is trusted by an overwhelming majority of enterprise companies. Having been on the outside since 2005 it was impressive to watch their persistence yield a gradual but definitive shift in their reputation. I think this is a model for us at Facebook. We should become the undisputed leaders in providing privacy aware software.”

Bosworth disagrees with the view that Facebook doesn’t care about balancing privacy and user experience, but he says that due to a recent shift in public sentiment, the company must “consider the consumer experience holistically rather than at optimizing for each individual feature.”

Facebook now offers a new set of privacy functions which reveals what data the company is collecting when you use its VR devices. That’s moving in the right direction, however it’s clear the company as a whole still isn’t working on the same wavelength. This month alone Facebook has faced a major backlash due to its mishandling of WhatsApp user privacy.

“The next step is for the priority of privacy to permeate the entirety of our culture, we’ve made inroads here but we have a long ways to go. Privacy Review should become a simple housekeeping exercise unless we detect further shifts in public attitudes towards privacy.”

Whether it was intentional or not, Bosworth’s memo strikes at the heart of the matter: companies of size simply don’t act in your best interests when given free reign, and users need to prioritize privacy over user experience if they want to push entities like Facebook in that direction. It’s supposed to be a ‘Big Shift’ in the way Facebook currently operates, and we can see why.

“With new culture and new tools, [and] a concerted effort to revisit old products, we are on a long road to redemption. We shouldn’t expect any credit before it is due and perhaps not even until a good while afterwards. But we should nonetheless feel proud of the shift we are undertaking and confident in our ability to see it through.”

Facebook declined OneZero’s request to comment on the contents of the memo.

We’ve included the majority of ‘The Big Shift’ in this piece. You can check out the whole, unedited version here.

The post Facebook’s AR/VR Head Calls for “Big Shift” in How It Deals with User Privacy appeared first on Road to VR.

Posted on

Stanford Research Shows VR Users Can Be Identified Using Only 5 Minutes of Motion Data

Privacy in VR is an ever growing issue, especially now that all new Oculus accounts must login to Facebook with their real identity, which includes anyone who wants to use a Quest 2. Now researchers at Stanford University have shown they’re able to reliably identify individuals after only a five minute session in a standard consumer VR headset.

As reported by MIXED (German), researchers at Stanford devised a system that identifies users under “typical VR viewing circumstances, with no specially designed identifying task,” the team says in the research paper.

Using a pool of 511 participants, their system is said to be capable of identifying 95% of users correctly “when trained on less than 5 min of tracking data per person.”

Wearing an HTC Vive headset and given two Vive wand controllers, participants watched five 20-second clips from a randomized set of 360-degree videos, and then answered questionnaires in VR.

Image courtesy Stanford University

Notably, the answers to the questionnaires weren’t figured into the researchers’ dataset, but rather investigated in a separate paper examining head movements, arousal, presence, simulator sickness, and individual preferences.

Instead, VR videos were designed to see how users would react and move, with some including strong focal points such as animals, and others with no discernible focal point at all like the middle of a forest.

All of this nonverbal tracking data (both head and hands) was then plugged into three machine learning algorithms, which created a profile of a participant’s height, posture, head rotation speed, distance from VR content, position of controllers at rest, and how they move—a treasure trove of data points from just wearing a standard consumer VR headset.

“In both the privacy policy of Oculus and HTC, makers of two of the most popular VR headsets in 2020, the companies are permitted to share any de-identified data,” the paper notes. “If the tracking data is shared according to rules for de-identified data, then regardless of what is promised in principle, in practice taking one’s name off a dataset accomplishes very little.”

So whether you login to a platform holder’s account or not may already be a fairly minor issue in contrast to the wealth of information. Companies could harvest that de-identified biometrical data not only to figure out who you are, but predict your habits, understand your vulnerabilities, and create marketing profiles intent on grabbing your attention with a new level of granularity. We’re still not there yet, but as the number of VR consumers grows, so do the rewards for companies looking to buy data they simply never had access to before.

“With the rise of virtual reality, body tracking data has never been more accurate and more plentiful. There are many good uses of this tracking data, but it can also be abused,” the research paper concludes. “This work suggests that tracking data during an everyday VR experience is an effective identifier even in large samples. We encourage the research community to explore methods to protect VR tracking data.”

Granted, 500 users is a relatively small dataset in the face of what may soon be multiple millions of VR users. And when that number grows, it will undoubtedly become more difficult based on the data points alone the researchers were able to capture. The study however didn’t include a load of other burgeoning VR technologies that could be used to fill out personal profiles in the near future. Eye-tracking, optical mouth tracking, and integrated wearables such as fitness bands and smartwatches may be a part of the next step to filling out that remaining 5 percent—and all of those technologies are on the horizon for the next generation of consumer VR headsets.

The post Stanford Research Shows VR Users Can Be Identified Using Only 5 Minutes of Motion Data appeared first on Road to VR.

Posted on

Where to Change Quest 2 Privacy Settings and See What VR Data Meta Collects

In late 2020 Meta began requiring the use of Facebook accounts for all new users of its Oculus headsets, the culmination of a trend of deeper integration between Oculus products and Facebook services. Though the company has said it plans to eventually reverse this decision to some extent, for the time being it’s worth knowing what privacy settings are offered to you and what data Meta collects on your VR usage. Here’s the overview.

Updated – February 3rd, 2022

Where to Find Oculus Quest 2 Privacy Settings

Although there’s not a lot of customization of privacy settings available right now, at least Meta makes them easy to change. In fact, you can do it right now from your web browser by checking out the Oculus Privacy Center and then scrolling down to Privacy Settings.

Here what you can control and what each option does:

Who will see your activity on Oculus?

This controls how your current activity in VR is displayed on your profile (like which app you’re using). If you don’t want anyone to know what you’re currently up to in VR, change this to ‘Only Me’.

Who can see your friends list on Oculus?

This controls who can see your list of VR friends through your Oculus profile. If you don’t want anyone to see who your VR friends are, change this to ‘Only Me’.

Who will see your Facebook name on Oculus?

This controls which name people will see associated with your Oculus profile. Depending upon your setting, people may see your Oculus username or the first and last name of your Facebook profile. This also controls whether or not people can search for your Oculus profile by your Facebook name. If you don’t want anyone to see your real name in VR or be able to find your Oculus profile with your real name, change this to ‘Only Me’.

Who can receive push notifications to know when you’re active in VR and your activity?

This controls whether your friends can get notifications about what you’ve done recently in VR, like whether you tried a new game for the first time or got a new achievement. If you don’t want anyone to be able to get notifications about you regarding these kinds of activities, change this to ‘Only Me.’

There’s one other key setting you can change: whether or not Meta stores recordings of your voice captured by the Voice Commands feature; by default any time you use Voice Commands, a voice recording of the command will be stored on Meta’s servers.

You can only disable this option from within your headset, here’s how:

  1. In your headset, click on the clock in the Oculus menu bar to open Quick Actions. Click the Settings button at the top right (gear icon).
  2. On the left of the Settings section select ‘Device’
  3. In the Device menu, select ‘Voice Commands’
  4. In the Voice Commands menu, select ‘Voice Storage’
  5. In the Voice Storage menu, switch off the ‘Store Voice Commands’ and ‘Store Transcripts’ options

How to See What Data Meta Has Collected About Your VR Usage

Image courtesy Meta

Meta stores information about what you do in VR for various purposes, including basic account functionality (like knowing which games you’ve purchased), and advertising (like showing you an ad in your Facebook feed for Oculus games you recently searched for in your headset).

You can see a fairly comprehensive list of the data associated with your Oculus account by accessing the View Your Information section of the Oculus Privacy Center. Here’s the overview of what’s shown there:

  • Profile Information
    • Real Name
    • First Name
    • Last Name
    • Username
    • Email Address
    • Avatar 2D Image
    • Profile Photo
  • Other Information About You
    • Language
    • Current and Past Profile Photos
  • Information About Your Account
    • Account Creation Time
    • Account Creation Source
    • Account Status
  • Your Apps and Content
    • Subscribed Events
    • Apps
    • Recently Viewed Items
    • In-app Entitlements
    • Sent application invites
    • Achievements
    • Named Rooms
    • Cloud Saves
    • Cloud Saves v2
    • Challenges Admined
    • Challenges Participated In
  • Your Ratings and Reviews
  • Information About Your Devices
    • Online status history
    • Oculus Home Status
    • Device Sharing (setting)
    • Devices
    • VR Device Sync Data
  • Your Settings and Preferences
    • Who can see your Facebook name on Oculus (setting)
    • Who can receive push notifications to see when you’re available in VR (setting)
    • Who can see your friends list (setting)
    • Who can see your activity (setting)
    • Notification preferences (setting)
    • Allow non-Oculus apps (setting)
    • Incognito Mode (setting)
    • Email Subscriptions
    • Interests
    • Single sign-on developers
  • Friends
  • Security and Login Information
    • Active Sessions
    • Location History
    • Login History
    • App Presence Activity
  • Rift Home Information
    • Last Login
    • Total Homes
    • Active Homes
    • Item Uploads
    • Place Uploads
    • Your Items
  • Your Voice Activities

Can Facebook See Video From Quest’s Cameras?

As for what’s seen through Quest’s on-board cameras, Meta has told us previously that it does not send any video or scans from the camera to its servers, though it didn’t rule out the possibility in the future. Indeed, Meta doesn’t show any camera-related information in its list of information that it has about your account.

Your VR Data and Facebook Data May Be Cross-referenced

The list further above is the data Meta captures about your VR use, but if you’re using Quest 2, your VR data is inherently associated with data collected by Meta on your non-VR activity via Facebook. Thus it’s also worth looking over that information to know what kind of data will potentially be used to influence your activity in VR.

You can find the data Meta has collected on your non-VR activities by visiting the Access Your Information page on Facebook.

The Fine Print

If you want to dig in deeper to understand what Facebook legally says about its collection and usage of your data, here are the key documents that lay out the company’s position:

The post Where to Change Quest 2 Privacy Settings and See What VR Data Meta Collects appeared first on Road to VR.

Posted on

Where to Change Quest 2 Privacy Settings and See Your VR Data Collected by Facebook

Oculus Quest 2 is the first Facebook headset to require a Facebook account. It’s the culmination of a trend of deeper integration between Oculus products and Facebook services. That means it’s worth knowing what privacy settings are offered to you and what data Facebook collects on your VR usage. Here’s the overview.

Where to Find Oculus Quest 2 Privacy Settings

Although there’s not a lot of customization of privacy settings available right now, at least Facebook makes them easy to change. In fact, you can do it right now from your web browser by checking out the Oculus Privacy Center and then scrolling down to Privacy Settings.

Here what you can control and what each option does:

Who will see your activity on Oculus?

This controls how your current activity in VR is displayed on your profile (like which app you’re using). If you don’t want anyone to know what you’re currently up to in VR, change this to ‘Only Me’.

Who can see your friends list on Oculus?

This controls who can see the people your VR friends are through your Oculus profile. If you don’t want anyone to see who your VR friends are, change this to ‘Only Me’.

Who will see your Facebook name on Oculus?

This controls which name people will see associated with your Oculus profile. Depending upon your setting, people may see your Oculus username or the first and last name of your Facebook profile. This also controls whether or not people can search for your Oculus profile by your Facebook name. If you don’t want anyone to see your real name in VR or be able to find your Oculus profile with your real name, change this to ‘Only Me’.

There’s one other key setting you can change: whether or not Facebook stores recordings of your voice captured by the Voice Commands feature; by default any time you use Voice Commands, a voice recording of the command will be stored on Facebook’s servers.

You can only disable this option from within your headset, here’s how:

  1. In your headset, bring up the Quest menu by pressing the Oculus button on your right controller. Find the Settings section (gear icon).
  2. On the left of the Settings section select ‘Device’
  3. In the Device menu, select ‘Voice Commands’
  4. In the Voice Commands menu, switch off the ‘Store Voice Commands’ option

How to See What Data Facebook Has Collected About Your VR Usage

Image courtesy Facebook

Facebook stores information about what you do in VR for various purposes, including basic account functionality (like knowing which games you’ve purchased), and advertising (like showing you an ad in your Facebook feed for Oculus games you recently searched for in your headset).

You can see a fairly comprehensive list of the data associated with your Oculus account by accessing the View Your Information section of the Oculus Privacy Center. Here’s the overview of what’s shown there:

  • Profile Information
    • Real name
    • First name
    • Last name
    • Username
    • Email address
    • Profile photo
    • Avatar 2D image
  • Other Information About You
    • Current and past profile photos
    • Language selection
  • Information About Your Account
    • Account creation time
    • Account creation source
    • Account status
  • Your Apps and Content
    • Apps you own
    • Recently viewed apps
    • Bundles you own
    • In-app entitlements
    • Achievements
    • Subscribed events
    • Named rooms
    • Cloud saves
    • Chat threads
  • Your Ratings and Reviews
  • Information About Your Devices
    • Which Oculus devices are registered with your account
    • Associated devices (names of computers or phones used with Oculus headsets)
    • Online status history
    • Oculus Home status
    • Device sharing
    • Users you are sharing with
  • Your Settings and Preferences
    • Who can see your real name (setting)
    • Who can search for you by your real name (setting)
    • Who can see your friends list (setting)
    • Who can see your activity (setting)
    • Notification preferences
    • Email subscriptions
    • Interests (based on Oculus Explore Feed)
    • Allow Non-Oculus apps (setting)
    • Incognito mode (setting)
    • App activity privacy
  • Friends
  • Security and Login Information
    • Login history
    • Active sessions
    • Location history
  • Rift Home Information
    • Last login
    • Total homes
    • Active homes
    • Item uploads
    • Place uploads
    • Unlocked home items
  • Your Voice Activities

The above is the data that Facebook captures about your VR use, but if you’re using Quest 2, your VR usage data is inherently associated with data collected by Facebook on your non-VR activity. Thus it’s also worth looking over that information to know what kind of data will potentially be used to influence your activity in VR.

You can find the data Facebook has collected on your non-VR activities by visiting the Access Your Information page on Facebook.

The Fine Print

If you want to dig in deeper to understand what Facebook legally says about its collection and usage of your data, here are the key documents that lay out the company’s position:

The post Where to Change Quest 2 Privacy Settings and See Your VR Data Collected by Facebook appeared first on Road to VR.

Posted on

Facebook’s Expanded VR Policies Disallow “invading personal space” and “sexual gestures”

As Facebook moved to require Facebook accounts to be used with Oculus headsets, the company also updated and expanded its VR policies which now dictate rules around “personal space” and “sexual gestures”.

Facebook’s expanded VR policies, updated this week just ahead of the launch of Oculus Quest 2, make it clear: behavioral etiquette in VR is not up to the community, it’s up to Facebook. And that means that doing something like intentionally invading someone’s personal space or making rude gestures may result in platform-level punishment that limits or disables the use of your headset.

Facebook’s newly updated ‘Conduct in VR Policy‘ highlights that you should not “harass or bully other users” by “invading personal space without consent,” nor should you “conduct yourself in an offensive or abusive way,” including making “sexual gestures.”

Repeated of flagrant abuses of the rules can result in suspensions or outright bans, which fully revoke your ability to use your headset. These rules apply in everything you do in the headset, whether you’re playing a social VR experience, a competitive multiplayer VR game, or even streaming a single player experience for others to watch on Facebook Live.

I’d like to be clear: I agree with the spirit of the ‘Conduct in VR Policy’. VR shouldn’t be a place where people are harassed or bullied.

But I do not agree that broad, behavioral policies handed down from on high are the right approach to creating such an environment. Corporate proclamations about people’s personal space and offensive gestures feel wrong—especially for a company which hopes to one day rule over a billion VR users, and subject them to its definition of appropriate behavior.

Etiquette in VR, like in the real world, should be guided by the community. And the majority of etiquette violations—except those that are illegal—should be handled by the community as well.

SEE ALSO
In 'Horizon' Facebook Can Invisibly Observe Users in Real-time to Spot Rule Violations

For instance, if someone comes into a social VR space and starts screaming and ruining the experience of others, the group should be able to vote to kick that users out of the space. Soon enough the offender learns that kind of behavior is unacceptable—not because Facebook said so—but because that’s what other users have deemed inappropriate in that specific setting.

A community-driven approach means that VR etiquette can be nuanced, contextual, and evolve naturally over time instead of being written in stone by a corporation which has its own interests as a top priority.

– – — – –

In addition to updating its Conduct in VR Policy, the company this week finalized changes to its policies which dictate how users can and can’t user their headset; the foundation is now the Facebook Community Standards with an addendum specific to its VR headsets called the Supplemental Oculus Terms of Service.

Similarly, the company defines its data and privacy policies for Oculus users through the Facebook Data Policy with an addendum called the Supplemental Oculus Data Policy.

The post Facebook’s Expanded VR Policies Disallow “invading personal space” and “sexual gestures” appeared first on Road to VR.

Posted on

Facebook’s Expanded VR Policies Disallow “invading personal space” and “sexual gestures”

As Facebook moved to require Facebook accounts to be used with Oculus headsets, the company also updated and expanded its VR policies which now dictate rules around “personal space” and “sexual gestures”.

Facebook’s expanded VR policies, updated this week just ahead of the launch of Oculus Quest 2, make it clear: behavioral etiquette in VR is not up to the community, it’s up to Facebook. And that means that doing something like intentionally invading someone’s personal space or making rude gestures may result in platform-level punishment that limits or disables the use of your headset.

Facebook’s newly updated ‘Conduct in VR Policy‘ highlights that you should not “harass or bully other users” by “invading personal space without consent,” nor should you “conduct yourself in an offensive or abusive way,” including making “sexual gestures.”

Repeated of flagrant abuses of the rules can result in suspensions or outright bans, which fully revoke your ability to use your headset. These rules apply in everything you do in the headset, whether you’re playing a social VR experience, a competitive multiplayer VR game, or even streaming a single player experience for others to watch on Facebook Live.

I’d like to be clear: I agree with the spirit of the ‘Conduct in VR Policy’. VR shouldn’t be a place where people are harassed or bullied.

But I do not agree that broad, behavioral policies handed down from on high are the right approach to creating such an environment. Corporate proclamations about people’s personal space and offensive gestures feel wrong—especially for a company which hopes to one day rule over a billion VR users, and subject them to its definition of appropriate behavior.

Etiquette in VR, like in the real world, should be guided by the community. And the majority of etiquette violations—except those that are illegal—should be handled by the community as well.

SEE ALSO
In 'Horizon' Facebook Can Invisibly Observe Users in Real-time to Spot Rule Violations

For instance, if someone comes into a social VR space and starts screaming and ruining the experience of others, the group should be able to vote to kick that users out of the space. Soon enough the offender learns that kind of behavior is unacceptable—not because Facebook said so—but because that’s what other users have deemed inappropriate in that specific setting.

A community-driven approach means that VR etiquette can be nuanced, contextual, and evolve naturally over time instead of being written in stone by a corporation which has its own interests as a top priority.

– – — – –

In addition to updating its Conduct in VR Policy, the company this week finalized changes to its policies which dictate how users can and can’t user their headset; the foundation is now the Facebook Community Standards with an addendum specific to its VR headsets called the Supplemental Oculus Terms of Service.

Similarly, the company defines its data and privacy policies for Oculus users through the Facebook Data Policy with an addendum called the Supplemental Oculus Data Policy.

The post Facebook’s Expanded VR Policies Disallow “invading personal space” and “sexual gestures” appeared first on Road to VR.

Posted on

In ‘Horizon’ Facebook Can Invisibly Observe Users in Real-time to Spot Rule Violations

Facebook Horizon is shaping up to be an interesting social VR offering with powerful building tools that will allow players to create and share their own worlds. But equally powerful are tools the company has baked into Horizon for monitoring users and enforcing Facebook’s version of appropriate behavior.

While Facebook would like users to think that hanging out in Horizon is no less private than being in a public space, there’s several huge differences.

First, all the users in Horizon are involuntarily recording each other. The last few minutes of everything that users see and hear is recorded on a rolling basis. Facebook says this recording is stored on the headset itself, unless one user reports another, at which point the recording may be sent to Facebook to check for rule violations. The company says that the recording will be deleted once the report is concluded.

Second, anyone you interact with can invite an invisible observer from Facebook to come surveil you and your conversations in real-time to make sure you don’t break any rules. The company says this can happen when one user reports another or when other “signals” are detected, such as several players blocking or muting each other in quick succession. Users will not be notified when they’re being watched.

And third, everything you say, do, and build in Horizon is subject to Facebook’s Community Standards. So while in a public space you’re free to talk about anything you want, in Horizon there a many perfectly legal topics that you can’t discuss without fear of punitive action being taken against your account.

Facebook laid out these observation and moderation tools in a “Horizon Safety Video” and explained them in further detail in an interview with Road to VR.

Transparency & Authenticity

Facebook loves to throw around the word “transparent” with regard to its stand on privacy and user tracking, and they seem to have truly taken the word to heart… after all, what’s more “transparent” than an invisible stranger that may or may not be watching you at any given moment?

Facebook also loves to use the word “authentic.” And what could make a community more authentic than ensuring that all users are constantly recording each other and are just a click away from sending behavior they don’t like to a corporation for analysis?

“Unsettling” is the word that comes to my mind when I think about these features. Yes, Horizon should be a place where people can come and have fun without fear of being trolled or exposed to vile behavior, but is the introduction of another fear—potentially being monitored at any given moment without your knowledge—really the best answer? I don’t think so.

Corporate-approved Behavior

The thing about real public spaces is that what happens in them—beyond what’s outright illegal—is up to the people inhabiting the space. In Horizon it feels much more like the space is making the rules, not the people. And in this case, the space is Facebook.

Facebook’s approach to privacy in Horizon is not much different than if the company tried to police real public spaces by using the Facebook app on everyone’s phone to constantly record their conversations just on the off chance that someone breaks the corporation’s approved social guidelines.

SEE ALSO
New Oculus Users Required to Use Facebook Account Starting in October, Existing Users by 2023

Before I thought about it much, when it came to privacy, I was roughly in the camp of ‘what’s to worry about if you have nothing to hide?’. But at one point someone said something utterly simple that made me understand the naivety of that position: “If you knew you were being watched every time you searched for something on Google, would it change what you searched for?”

My answer is a definitive yes, and I think any honest person would agree. Even though I’m not searching for anything illegal, simply the act of being watched would change my behavior. And this is precisely the issue with Horizon’s privacy model… even if nobody is breaking the rules, being watched—or the possibility of unknowingly being watched—changes behavior.

Don’t Blink—This is the Start of the Metaverse

And you still might say “so what, Horizon is just a game.” But the most important thing to understand about all of this is that Horizon is Facebook’s proto-metaverse. The company has been quite public about its goal of bringing one billion people into VR; the privbacy norms Facebook is establishing now will deeply influence the way those billion people interact with each other in the future. Should Facebook get to write the guidelines for how they communicate and decide how private their conversations should be?

The post In ‘Horizon’ Facebook Can Invisibly Observe Users in Real-time to Spot Rule Violations appeared first on Road to VR.