Updated May 23, 2017: We've added information about Daydream and PlayStation VR to ensure you're up to date on how the most popular VR companies are treating your privacy.
Let's focus on the big players right now: HTC Vive, Oculus Rift, PlayStation VR, Google Daydream, and Samsung Gear VR. All of them have privacy policies available to users on their websites, and not surprisingly, all have pretty similar clauses. The language may change a little from one brand to the next, but they essentially say the same thing.
Here's what the privacy policies for these brands have in common
Cookies are small files that store things like login information and ads you've already been exposed to on various sites. Beacons are a means for your device to communicate with a server and they're embedded in online content. That's not unique to VR; your laptop, desktop, phone, and tablet do it, too.
All will collect location-based information.
This includes things like your timezone and the country you live in; these have to do with apps and content availability, ensuring that user experiences are relevant for your part of the world with proper language availability and time-sensitive software upgrades. Those are necessities, so you can't mind them knowing where in the world you are.
All will share aggregate data with third-party companies.
This generally doesn't include your specific or personal data; it's more like the statistics of when people are actively playing and the numbers of regional users. That's not terrible, and most non-VR games and apps do that anyway.
With Google, you can opt in and allow your personal data to be shared with "companies, organizations or individuals outside of Google," otherwise it's the usual sharing with affiliates or for legal reasons.
All will take data about your IP address, the browser you're using, and your device.
Each will also ask for details like your name, an email address, and your date of birth. Depending on how much you want to honestly volunteer, you can falsify a handful of those "facts". Plenty of people do, but plenty of people provide their real information, and the choice is yours.
All will the use information they collect about you to guide their marketing strategies.
Sony does give you a choice, but it's whether you want your information shared with Sony Interactive Entertainment America (SIEA) or SIEA's third-party partners; either way, you're receiving direct marketing.
Part of the reason for this is, as always, unforeseen security breaches, but there is something else you need to be aware of. Your data may be transferred to servers throughout the US and around the world at each company's discretion since they're all international companies. Once your data is "over there", it's subject to the laws of that land, and those laws may be far less stable or enforceable. That's a little scary, but VR isn't the only industry doing it.
All communication via the social features of your VR is stored.
Your messages are generally saved in a temporary cache if they're between users, but more permanently if they're forum posts, like in the Oculus support community. However, there will always be a record that some form of communication happened between you and a friend or another user. Again, that kind of permanent digital trail of breadcrumbs isn't unique to VR, but it's good to be reminded that it's there.
No matter which VR you're using, your data will be shared with network affiliates and business partners.
All of these companies are large with many affiliates and partners. Full lists can be found on the official websites.
- HTC Vive affiliates
- Oculus Rift affiliates
- PlayStation VR affiliates
- Google Daydream affiliates
- Samsung Gear VR affiliates
So how are the privacy policies different?
The basic differences are pretty simple:
Let's add to that the fact that Facebook bought Oculus Rift in 2014. This means that whatever Oculus knows, Facebook knows, and that's unnerving for lots of people. Remember the whole mess with the Facebook Messenger app a few years back? People were up in arms about privacy concerns, but what was really done about it? Over time, the worries faded for that app, but they seem to be making a comeback with VR's connection to social media.
Just don't think for a second that there will be a separate clause for porn.
One of the things that's come to the top of the concern list with the Oculus Rift policy is the potential for people to be tracked while they're viewing adult content; call it like it is, because the VR porn industry is growing, and if that's your thing, that's nobody's business but your own. Just don't think for a second that there will be a separate clause for porn. And if you haven't been paying attention to a policy like Oculus Rift's, don't act surprised when you later find out that you're being watched, and there are many sets of corporate eyes on you.
Here are a few noteworthy affiliates gleaned from each website:
- Samsung has affiliates like Cheil (a Korea-based company that markets for GM, numerous coffee brands, and bath and body products).
- HTC counts Facebook developers as an affiliate organization.
- Oculus Rift, in addition to Facebook, is affiliated with Parse (open source API software), Moves (a fitness tracking app), and Liverail (a monetization platform for publishers like A&E and CBS).
The bottom line
Remember, none of this is new. Some people call it spying, others call in necessary, and the companies that are producing top-notch VR call it business. Data makes companies a lot of money, and ignoring that stream when there is no legal reason to doesn't make sense.
What is your opinion on privacy in VR? What about the eroding privacy in our everyday lives? Let us know in the comments section!
We may earn a commission for purchases using our links. Learn more.