Privacy Manifesto for AR Cloud Solutions
DRAFT v 0.1.3, October 18th at AWE EU Münich
The next era of computing is upon us. New technology to capture and combine physical spaces with digital content has the potential to profoundly improve the way we see and interact with the world and each other.
As the world’s largest companies and organizations race to create the required “AR Cloud” infrastructure to build and fuel these systems, we face unprecedented new challenges and risks to privacy and individual’s rights and freedom if we do not actively and mindfully seek to avoid them.
We who stand behind this manifesto are conscious of the risks involved and will strive to create positive outcomes that balance the risks and rewards ahead, while prioritizing an individual’s right to privacy, dignity and security.
This manifesto describes the principles we insist every actor operating within the AR sector stand behind and uphold.
The extent of the risk:
As organizations worldwide see the benefits from collecting real world data, their efforts will increase in detail, scope and frequency until near real time multi-dimensional maps of public and private spaces are routinely captured, processed, analyzed and shared with others. Sensitive personal and private information will be knowingly and unknowingly conveyed that has great potential to do harm. We seek to identify and mitigate these potential risks to personal freedom and violations of privacy that AR Cloud systems could pose to individuals, communities, and society.
We understand that it is probable that that sensor data used to power AR Cloud systems could be able to sense the identity, location, physical context, and behaviors of users in public and sensitive areas.
We also recognize the risk that such data could be collected, analyzed, transmitted and stored in databases or distributed and sold to third parties without the explicit consent of users or worse, unsuspecting citizens that happen to be within sensor range of mixed reality enabled devices.
It is also a technically plausible that such systems could be used to power real-time 3D visual and auditory surveillance of every individual on the planet, controlled by one or more large organizations that could use automated methods to analyze and use the data for any purpose they might conceive. We hope and believe through our common efforts we will avoid a slide towards such a scenario.
We believe that organizations using sensor-rich spatially-immersive technologies required to power AR Cloud platforms must work diligently to earn and preserve the trust of individuals and communities in order to succeed. Companies building AR Cloud systems and software, will find that those who respect and protect user privacy, security and intentions with open systems and transparent data handling practices will gain a distinct competitive advantage over those who do not.
We insist that everyone who develops and maintains AR cloud solutions should stand behind this manifesto and do what is in their power to safeguard the rights and privacy of one and all.
We uphold and follow these principles:
1 For the good of mankind:
The highest priority is that the data collected for AR can enable as much benefit as possible to as many people as possible while always protecting the individual’s right to privacy and personal freedom.
2 Freedom from being identified:
We refrain from and condemn capturing and storing data in the cloud that can be used to identify individuals without the explicit consent of everyone within the sensor range of any AR-device.
For example, solutions that offer AR Cloud services such as location determination or geometric capture of physical spaces using cameras, can and should be designed and used in ways that preserves the anonymity of individuals in that space.
An exception to this rule would be during an emergency, such as a natural disaster where collecting and conveying such data would assist in preserving the health and welfare of others.
3 Consent must be limited by context:
When consent is given for such data to be collected then the consent is limited to a specific place, use case, group of people and time-frame. If the situation changes from what the consent was provided for, consent must be provided again. Asking users for wide reaching and general consent should be avoided.
4 Protecting the privacy of homes, property of organizations and authority of places:
When an AR-device captures data about a place that is not public, such as inside the private homes of people, inside the private property of an organization or in facilities that are not open to the public, the residents, owners or the authorities of the places that should be given control over the usage of the data and only through their explicit consent should such data be sent to the cloud.
5 Awareness and Consent of Private Data Collection and Access:
Users have a right to know what data is being collected, have options and ability to control who can access their data and remove their data as desired while complying with applicable regional legislation.
We advice against basing a business on distributing private data to third parties even when users provide consent. Because of the possibility that sensor data from an AR-context might be of significantly more invasive nature we recommend that users has a direct connection with each business that has access to such forms of private data about them.
6 Respecting the privacy of third parties:
When we use AR cloud solutions ourselves we intend to show the greatest care possible we do not violate the privacy of other people by enabling our solutions to capture data about them without their consent.
7 Taking personal responsibility when capturing data at locations you don’t control:
When we use AR cloud solutions ourselves we intend not to capture data about places that are not public when we have not been given explicit consent by the residents, owners or authorities of those places to do that.
While the threats to privacy from AR Cloud technologies that rely upon billions of cameras and other sensors to feed a never ending need for real time data are daunting, we believe there are many practical ways to create solutions that safeguard the privacy of citizens, giving appropriate levels of protection and control over personal, private and restricted data and still realize the full potential of these platforms. A first and important step in this direction is to take this manifesto to heart, upholding and following the core values and principles set forth herein.