Title: Virtual Curtain: A Communicative Fine-grained Privacy Control Framework for Augmented Reality
Program: Master of Science in Computer Science
Advisor: Dr. Yantian Hou, Computer Science
Committee Members: Dr. Jerry Alan Fails, Computer Science; and Dr. Jyh-haw Yeh, Computer Science
“AR technologies have advanced significantly due to continuous sensing technology and ongoing advancements in mobile technologies such as device portability, camera quality, and system performance. Continuous sensing technology is the key to enabling an AR experience. However, untrusted applications leverage continued access to these sensor data, posing significant privacy concerns for AR users and bystanders. The rapid growth of AR devices has resulted in broad commercialization and daily use. As a newer field, many users are unaware of the potential privacy risks these AR devices pose due to unintended information leakage. As a result, a privacy control framework is needed to allow users to maintain their privacy while being aware of and educated about other people’s privacy concerns.
This work aims to develop a privacy control framework with a communicative user interface that allows AR users to configure and communicate privacy social norm cues integrated with privacy policies. We created: (1) a policy configuration module that allows users to embed their privacy needs using a virtual object, (2) a policy capture and registration module to store privacy policies, and (3) a policy enforcement module to enforce privacy policies to limit data leaks caused by continuous-sensing cameras. We have created an interactive policy configuration interface to help users understand the intent behind configuring the policy and its implications, to alert users to the presence of the configured policy based on context information, and to alert users about probable privacy threats. We developed and tested our system using a Samsung S9 Plus, Google’s ARCore platform, TensorFlow, OpenCV, and Unity. Experiments were carried out to evaluate our system’s functionality, efficacy, and performance. Our findings reveal various challenges and opportunities for further research into the privacy regulation of AR systems. We have highlighted the limitations of this research and the possibility of integrating this work with other research to expand toward multi-user scenarios and future directions to broaden the scope and effectiveness of the work. Our framework provides a platform for conducting user studies of communicative and fine-grained privacy control. As a future work, we want to conduct a user study to review users’ perception of the threat, their awareness response to the AR privacy threat, and the impact of communicative policies. We want to test our framework’s effectiveness in improving user awareness of privacy threats.”