{"title":"虚拟现实中的隐私政策审查:数据最小化原则视角","authors":"Yuxia Zhan, Yan Meng, Lu Zhou, Haojin Zhu","doi":"10.1109/INFOCOMWKSHPS57453.2023.10225937","DOIUrl":null,"url":null,"abstract":"Virtual Reality is thought to be the prototype of the next-generation Internet, consisting of more I/O devices and interactive methods than traditional mobile systems. Hence VR developers need to inform users what data is collected and shared, which is generally conveyed by privacy policies. Existing research has examined the consistency between the VR app's privacy policy and its corresponding actual behaviors. However, few studies paid attention to the data minimization principle, i.e., whether a privacy policy claims to collect no more data than it practically needs to implement the app's functionalities. In this poster, we targeted a mainstream VR platform and analyzed the data minimization principle compliance of privacy policies for all 1,726 VR apps in this platform. Experiment results show that 48.1 % VR apps potentially violate the data minimization principle. Moreover, the comparative experiments reveal significant differences in the distribution of data collection between VR and non-VR apps.","PeriodicalId":354290,"journal":{"name":"IEEE INFOCOM 2023 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Vetting Privacy Policies in VR: A Data Minimization Principle Perspective\",\"authors\":\"Yuxia Zhan, Yan Meng, Lu Zhou, Haojin Zhu\",\"doi\":\"10.1109/INFOCOMWKSHPS57453.2023.10225937\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Virtual Reality is thought to be the prototype of the next-generation Internet, consisting of more I/O devices and interactive methods than traditional mobile systems. Hence VR developers need to inform users what data is collected and shared, which is generally conveyed by privacy policies. Existing research has examined the consistency between the VR app's privacy policy and its corresponding actual behaviors. However, few studies paid attention to the data minimization principle, i.e., whether a privacy policy claims to collect no more data than it practically needs to implement the app's functionalities. In this poster, we targeted a mainstream VR platform and analyzed the data minimization principle compliance of privacy policies for all 1,726 VR apps in this platform. Experiment results show that 48.1 % VR apps potentially violate the data minimization principle. Moreover, the comparative experiments reveal significant differences in the distribution of data collection between VR and non-VR apps.\",\"PeriodicalId\":354290,\"journal\":{\"name\":\"IEEE INFOCOM 2023 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-05-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE INFOCOM 2023 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INFOCOMWKSHPS57453.2023.10225937\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE INFOCOM 2023 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INFOCOMWKSHPS57453.2023.10225937","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Vetting Privacy Policies in VR: A Data Minimization Principle Perspective
Virtual Reality is thought to be the prototype of the next-generation Internet, consisting of more I/O devices and interactive methods than traditional mobile systems. Hence VR developers need to inform users what data is collected and shared, which is generally conveyed by privacy policies. Existing research has examined the consistency between the VR app's privacy policy and its corresponding actual behaviors. However, few studies paid attention to the data minimization principle, i.e., whether a privacy policy claims to collect no more data than it practically needs to implement the app's functionalities. In this poster, we targeted a mainstream VR platform and analyzed the data minimization principle compliance of privacy policies for all 1,726 VR apps in this platform. Experiment results show that 48.1 % VR apps potentially violate the data minimization principle. Moreover, the comparative experiments reveal significant differences in the distribution of data collection between VR and non-VR apps.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
