Source: Xiao Sa lawyer
A certain fruit company held a press conference at the Global Developers Conference on June 6, 2023 It released its latest flagship product - MR headset. Experiencers of this headset call it "the most outstanding fused reality device currently available." Its CEO Tim Cook bluntly stated the revolutionary product status of MR headsets at the beginning of the conference: "Mac brought us into the era of personal computers, iPhone brought us into the era of mobile computing, and Vision Pro brought us into the era of mobile computing. Entering the era of spatial computing."
Just a month ago, this "epoch-making" MR headset launched pre-sale in North America, and around February 2 this year, the first batch of players around the world began to receive it. When the goods arrive, according to the official purchase policy of Guoguo, players who received the goods on February 2nd have a total of 14 days to experience it, which means that they can return it unconditionally before February 16th. Sure enough, just two days ago, news that "Vision Pro suffered a large number of returns" was spread all over the major self-media. The biggest drawbacks were that Vision Pro was bulky, uncomfortable to wear, and related applications were incomplete. In fact, recent self-media news pointed out that 50% of the applications pre-installed on the Vision Pro headset have not been optimized. Snazzy Labs quoted people familiar with the matter as saying that only about half of the applications pre-installed on the Vision Pro have been optimized around Vision Pro. There are even several apps that just run as windowed iPadOS apps.
Of course, market investors are currently cautious about Vision Pro. In addition to the above-mentioned problems such as bulkiness, discomfort when wearing, and incomplete related applications, there is another possibility: A more serious problem is Vision Pro's compliance issues in other countries. In fact, Vision Pro is very likely to have privacy issues such as infringement of citizens' personal information.
01 Privacy risks from outside
Vision Pro is a new hardware platform that is very different from mobile phones, smart watches and computers. It is equipped with more sensors and cameras. For example, under normal circumstances, such as Macbook Pro and Thinkpad Laptops are equipped with at most one or two cameras on the screen, one of which is used for applications such as video conferencing, and the other is used for facial recognition in Windows systems. Mobile phones have more cameras. The rear may be equipped with 1-3 cameras depending on the focal length, and then equipped with a front camera with lower pixels. But Vision Pro is equipped with 12 cameras, two depth sensors and 6 microphones! More cameras, microphones, and depth sensors can certainly provide users with a more realistic sensory interaction experience, but they also provide attackers with more attack dimensions. It is not uncommon to see reports of hackers attacking device cameras, causing the risk of privacy leaks. As early as 2014, CCTV specifically reported that "home monitors have security risks." Hackers used system vulnerabilities to hack cameras and invade privacy. It is no longer news that hackers attack laptop cameras and violate user privacy. In fact, some hackers have admitted that "it is too easy to hack a laptop's camera. Scan some IP ranges, find the web login interface of the networked camera, and crack the password to completely hack the camera." Compared with traditional mobile phones, PCs and other devices, MR devices such as Vision Pro have more cameras and higher dimensions for attackers to attack. Naturally, the privacy risks faced by external attacks are greater.
In addition to privacy risks from external attackers, Vision Pro also has risks from media sharing between players. For example, when we encounter a passenger holding a mobile phone on the opposite side of the subway , you will naturally feel uncomfortable and worry about whether the passenger is invading privacy by taking photos with his mobile phone. MR devices such as Vision Pro have more cameras, and the images are captured more secretly. Just imagine this scenario, when we are riding the subway and encounter a passenger wearing a Vision Pro helmet opposite us, we are likely to be distracted by him. Use Vision Pro to take photos without even realizing it. Of course, a certain company has considered corresponding solutions when designing the Vision Pro product. The strategy given by a certain company is that when the Vision Pro takes photos or videos, the device screen will light up. Indicator light to let people around you know that Vision Pro players are taking space photos or videos to prompt corresponding privacy risks. However, there are still doubts whether this strategy can play a role in privacy protection. In fact, it may not be technically difficult to crack the screen prompts during shooting through "jailbreaking" or similar means. And with the development of XR devices, this problem is not only a problem that Vision Pro needs to face, but other MR manufacturers also need to solve the privacy risks caused by the media sharing process.
02 Personal information protection compliance risks from internal
In addition to the above-mentioned attack risks from attackers outside Vision Pro and the risks caused by user media sharing Privacy risks: Vision Pro MR devices also face compliance risks in personal information collection in my country. As early as in the article "MR headset: Vision Pro, the "Legal Risk Pro" in the virtual reality industry? " has shown that some VR helmets currently collect and scan the user's facial contours, iris, retina and other biological information during the wearing process. Litigation cases regarding the collection of sensitive information by VR equipment have appeared abroad. According to my country's "Personal Information Protection Law", relevant biological information may be sensitive personal information, which involves the risk of collecting sensitive information. Practitioners must pay attention to the compliance settings of related issues.
In fact, information such as iris, facial recognition features, eye movement dwell time, etc. has extremely high commercial value, which is likely to cause compliance risks. Take eye movement dwell time as an example, when the device collects user information When eye movement dwell time data is collected, the user's attention concentration problem in a specific environment can be analyzed. This method can be widely used in personalized advertising. For example, MR equipment can collect the user's eye movement dwell time and analyze The content that MR is playing when the user's eye movement stays the longest, and similar advertisements will be placed based on this content, thereby increasing the customer acquisition rate of the advertisement. Such information with commercial value is likely to cause user privacy risks to be leaked. In addition to the issue of eye movement dwell time, Optic ID, a security authentication system based on iris recognition developed by Guoguo based on Vision Pro, can directly analyze the user's iris information under various non-visible LED lights to determine the user's identity. Although the official website of Guoguo stated that the iris information is completely encrypted and stored, it is difficult for users to know whether the information is authentic. At the same time, the compliance risks of such devices that collect iris information are also very high.
03 Written at the end
In addition to the above privacy risks, in fact, the MR system It is also faced with multiple compliance issues such as content governance compliance and intellectual property anti-fraud compliance. my country's "Network Information Content Ecological Governance Regulations" requires that online information content service platforms should fulfill the main responsibilities of information content management and strengthen the information content of this platform. Management, developers and operators of XR devices and applications should pay attention to fulfilling the content governance obligations in the above regulations and achieve content governance compliance.
At the same time, XR device and application developers are also facing important intellectual property protection issues. For example, under virtual reality technologies such as digital twins, should buildings in digital twin cities be protected by copyright? Does virtualizing a copyrighted object constitute corresponding infringement? This requires practitioners to conduct detailed demonstrations to avoid the risk of infringement. Anti-fraud and anti-misleading obligations are also another major legal risk faced by the virtual reality industry. In recent years, virtual reality and artificial intelligence, especially AIGC technology, have been integrating. AIGC technology is likely to produce a lot of "false and real" information. The empowerment of virtual reality technology will produce huge destructive power. Relevant practitioners must pay attention to such legal risks, carry out anti-fraud and anti-misleading obligations, and enhance their own compliance.
The "spatial computing era" opened by Vision Pro will not only usher in a new round of smart software and hardware changes, but also bring privacy risks, content risks and intellectual property risks. Related compliance issues are likely to not only It is not only a compliance issue for Vision Pro, but also a compliance issue for the entire XR market. Every compliance point should be treated with caution.