Privacy

Apple to Raise Barrier Against VR, AR Websites

The next upgrade of Apple’s mobile operating system, iOS 12.2, will come with an annoying surprise for virtual and augmented reality developers.

It will block Web access to the accelerometer and gyroscope in Apple mobile devices by default, Digiday reported Monday.

That means users will have to grant permission to any Web apps or sites that need those components to function, including those with virtual reality and augmented reality components.

Apple’s move is designed to protect the privacy of its customers by giving them control over who has access to their location data.

“If you’re a developer of AR or VR mobile experiences, this is going to be something that impacts you,” said Michael Goodman, director for digital media in the Newton, Massachusetts offices of Strategy Analytics, a research, advisory and analytics firm.

“Any time you put in an additional step — force a consumer to do something as opposed to it happening automatically — that’s a roadblock that’s going to affect developers of AR and VR experiences,” he told TechNewsWorld. “It means they’re going to have a smaller audience, because their app doesn’t work out of the box anymore.”

From Sensor to Tracker

Apple’s decision to rein in access to location data on its phones may have been influenced by results of a study researchers at North Carolina State University, Princeton, the University of Illinois at Urbana-Champaign and Northeastern University released in September.

While access to some sensors on a phone will trigger a warning, that wasn’t the case with motion, proximity and lighting sensors, the researchers found.

Ordinarily, a legitimate website’s access to data from those sensors wouldn’t lead to trouble for a user, but a malicious website could use the data for mischief.

Ambient light data, for example, could be used to make inferences about a user’s browsing behavior. Motion sensor data could be fashioned into a keylogger to deduce things like personal identification numbers. The unique calibration features of motion sensors have been used to track people across the Web.

The authors of the September report found about 1,200 of the sites studied seemed to be using sensor data to help them in tracking and analytics-gathering or audience recognition.

They also discovered that 63 percent of the scripts used to access sensor data were being used to fingerprint browsers for tracking.

Staking Out Territory

“Apple is staking out its territory on privacy,” Strategy Analytics’ Goodman said.

“Supporting consumer privacy is a good message for them,” he continued. “It doesn’t hurt them with the consumer, and it doesn’t hurt their business, because it doesn’t make any money off advertising.”

Apple is driving hard for privacy, noted Victoria Petrock, a principal analyst at eMarketer, a market research company in New York City.

“They’re going out to the market and saying they’re different because — unlike these other tech giants — we’re not collecting your data and we’re going to keep it private as best we can,” she told TechNewsWorld.”Apple is putting a stake in the ground and saying, ‘We want to protect your privacy,'” Petrock added.

If sensor data were being used just for delivering VR and AR in an ad, that would be fine, noted Josh Crandall, CEO of NetPop Research, a market research and strategy consulting firm in San Francisco.

“As soon as that data is being used for any other purpose, it’s unethical, and I’m glad to see that Tim Cook is making a statement about how it’s being used,” he told TechNewsWorld.

“In today’s world, where every day there’s another privacy breach and so many gaps and so many holes, it’s nice to see that somebody is trying to close some of those holes,” Crandall said. “It’s nice to see a little momentum in that direction from a major technology company.”

Workarounds Available

Although some members of the advertising community have cried foul about Apple locking down access to location data, its likely that any impact from the move will be short-lived, suggested Michael Inouye, a principal analyst at ABI Research, a technology advisory company headquartered in Oyster Bay, New York.

“If this comes to pass and Safari’s access to the accelerometer and gyroscope are deactivated by default, then this will likely cause some early problems where ads or features may not run appropriately, but there are plenty of workarounds to make this mostly a non-issue,” he told TechNewsWorld.

“If a user is purposefully using an AR Web-based application, then the individual would likely have enabled this feature from the start, or the application could notify and prompt the user to enable it — much like we have today with permissions on phones,” Inouye observed.

“Further, if we’re looking at 360-video, users can also swipe the screen to move the camera/view,” he pointed out, “so use of an IMU (inertial measurement unit) is not necessary for all experiences.”

Resilient Advertisers

Apple’s move most likely is a way to create transparency and give users additional control of their privacy, Inouye maintained.

“Advertisers are already battling things like ad-blockers, so while this could be another thorn in their sides, it probably won’t result in too much pain,” he said.

“Advertisers could always scan a device’s settings and serve different ads, depending on access to the IMU,” Inouye noted. “Sure, one could say this does not bode well for a technology that is still trying to gain better traction among consumers — but if consumers truly want to use AR/VR I don’t imagine this causing too many problems.”

Moreover, users aren’t going to be running into many AR and VR ads yet, so advertisers have time to figure out a course of action.

“Advertisers are going to have to think about how to get around it,” eMarketer’s Petrock said.

However, the location lockdown “is very consistent with what Apple is trying to do in terms of a push for privacy,” she added.

“Apple wants to prevent unauthorized collection of different kinds of data that people don’t know is being collected or don’t want being collected,” Petrock continued, “and if they have to compromise a cool user experience in the form of a VR or AR ad, I think they’re OK with that.”

John P. Mello Jr.

John P. Mello Jr. has been an ECT News Network reportersince 2003. His areas of focus include cybersecurity, IT issues, privacy, e-commerce, social media, artificial intelligence, big data and consumer electronics. He has written and edited for numerous publications, including the Boston Business Journal, theBoston Phoenix, Megapixel.Net and GovernmentSecurity News. Email John.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by John P. Mello Jr.
More in Privacy

Technewsworld Channels