VR tech has recently been making a big push into your day to day lives, and the most recent installment is Facebook’s Oculus Quest 2. This VR headset is a contained, all-in-one experience that doesn’t require any outside powerful PC to run. Not only that, but it’s also cheaper than the previous headset. Put all that together and you get a VR headset that is much more digestible to the wallet and to the average consumer.

This is in contrast to something like the Vive Index, which not only requires a powerful computer but also lighthouses and a good space to move around in. It also comes with a whopping $1000 price tag, so not only are you spending several thousand on the powerful gaming PC, but you’re also spending another thousand on the headset itself. Therefore it’s no wonder that Oculus Quest 2 is likely to be big.

The Problem with VR & Privacy

Ok, so why is this an issue?

Well, the problem lies in the fact that VR technology actually tracks a lot of very private very intimate information. For example, VR headsets tend to track the way your body moves, which can not only identify your gait but also identify you personally in a crowd. Then there are the images they take of your space around you which are required for things like the AR aspects of the headsets (after all, they do have front-facing cameras). 

Altogether told, VR is one of the most detailed surveillance devices we have in our home. This is problematic for a variety of issues, but namely for privacy and security, and that’s an issue that not only Canadians have, but people all around the world as well. 

Even more annoyingly, Facebook now requires you to login with your Facebook account when using the Oculus Quest 2, and who knows what privacy that is going to violate. Putting aside the possibility that all this intimate information is going to be shared with 3rd-party marketing sites, is a new timeline item going to be shared every time you watch a movie? Will it tell people the exact details of what you’re doing in the privacy of your own home?

Another equally big issue is how it’s going to affect people with mental illnesses who might not know better and who are easily manipulated. Some people tend to severe compulsions and this data gathering can ultimately be used to manipulate them, most likely for bleeding them dry of money, but very possibly for more nefarious reasons. This is why we have to start looking at ways Canadian law can deal with the data issues.

The Law on Data Privacy

To some extent, privacy, as it pertains to entertainment in Canada, is already somewhat covered in things such as the Broadcasting Act of 1991 and the Telecommunications Act of 1993. Of course, these tend to be very general and really only focus on the specific duties that companies have in terms of providing a Canadian civil service, rather than any real impact on privacy and security.

No, for that you need to look at is something like PIPEDA, otherwise known as the Personal Information Protection and Electronic Documents Act. Unfortunately, PIPEDA does have quite a few specific issues, mainly that it only really covers a very specific subset of data, usually data that is handled by entities such as banks and airlines. Sadly, it doesn’t really cover things such as data collected by entertainment companies, and especially ones like Facebook.

This actually leaves a pretty massive gap in Canadian privacy law that requires individual provinces to fill in with their own data privacy laws. This leads to an even wider problem where there is a lack of standardization and where corporations have a big grey area they can choose to operate in. In fact, the problem is big enough that we covered this very topic in a recent news article on a private sector privacy law.

Dealing with VR

Alright, so where does this realistically leave Canadian citizens? If we don’t have specific laws to cover VR data that is pushed to Facebook and other companies, how do we fix the issue?

Well, probably the most important first step is to have an open discussion across the Canadian sphere between politicians and citizens. We can’t very well fix the issue if we don’t talk about it, and more importantly, we could hamper legitimate uses of VR and AR, such as use with surgery or in the courtroom. Not only that, but having a public conversation means more people will be informed of the potential pitfalls of dealing with VR and the data it collects.

Once we’ve done that, implementing a strong privacy regulation is paramount. It must not only cover general protections to the average Canadian, but it also needs to protect people who are vulnerable to this type of data breach. In this way, we can ensure all Canadians are secure in their VR use without having to worry about data privacy . . . or at least, not have to worry about it as much.

Finally, it’s important that we keep on looking out for any potential issues in the long term. Interestingly there is something called the ‘Collingridge dilemma’, wherein it’s nearly impossible to predict the long-term effects without impacting the technology adversely. Similarly, without any oversight, the issue will become so big that it’s impossible to regulate it properly, as we are seeing now with companies like Samsung and Google.

Conclusion  

So where does that leave the average Canadian citizen? Not in a great place we’re afraid. For the time being, you can follow an online privacy guide to at least mitigate some of these issues. There are also things like private search engines and secure browsers you can use that can offer you a little bit more privacy. 

At the end of the day though, the best thing you can do is impress upon your political representative the importance of strong data privacy laws. This is especially the case with new emerging technologies like VR that have the potential to be exceedingly problematic.