Data collected can be used for evil, rather than good, if it falls into the wrong hands. (Photo: REUTERS/Andrew Cullen)
Popular predictions for the future of technology have included flying cars and virtual reality for home use for many years. At least one of those predictions seems to have come true at last.
Computing technology has evolved far enough that truly immersive VR is now possible and affordable. The two driving technological forces behind mass market VR are the Internet and smart phones. Anyone even remotely familiar with either of those technologies knows that while they both provide a lot of information and entertainment, they are fraught with security concerns. Do those concerns carry over to connected VR devices?
The real threats of virtual worlds
New technologies bring with them new problems, some of which may be unforeseeable. VR headset owners likely think only that they have a great new toy to play with and do not consider how the device interacts with the rest of the digital world. Like all connected devices, however, a VR headset is part of what tech people call the “Internet of things.”
Savvy individuals make sure to protect their privacy online with security measures on their computers, by providing as little personal information as possible online and actually putting thought into their passwords. These same people, however, may be forgetting about their ‘net-connected fridge, home security cameras or even Wi-Fi enabled printer. All of these items are potential portals for hackers.
While the headset itself does not connect directly to the Internet, as is the case with Google Cardboard and other VR devices that use smartphones, the phone is. Same with PC and game console based sets. Any device connected to the Internet has the potential to be a security risk.
Take my data. Please!
Companies can gather plenty of personal data from a VR user. They get feedback about what apps you use, what websites you visit and even where your eyes focus on a particular scene. While most of the information gathered is innocuous and generally used to tailor the user experience, personal data can have value. Let’s face it, identity theft happens for a reason.
All data collected can be used for evil, rather than good, if it falls into the wrong hands. Part of the concern over VR security is the quantity of data collected and where it is stored. Companies routinely share information with partners and affiliates for marketing purposes. Before long, your data may have travelled around the world and ended up in databases that are far less secure than is ideal. That’s where hackers tend to strike.
VR devices collect information, not unlike a smartphone but some of the information is unique due to the nature of the device. You can safely assume data about your IP address, location, user preferences and more is collected continually and then shared. You may be able to limit access to certain data, so read the manufacturer’s privacy statement and check through settings to see what data flow, if any, can be limited or stopped entirely.
New tech, same problems
Ultimately, it seems the issue of VR security differs little from concerns surrounding all devices that connect to the Internet. Consumers should exercise caution any time they are asked to provide personal information online and are advised to read and understand privacy policies and end-user licensing agreements. These items aren’t exciting reading but they can help you keep virtual world fun from becoming a real world problem.