OVRseen: Auditing Network Traffic and Privacy Policies in Oculus VR

Trimananda, Rahmadi; Le, Hieu Van; Chen, Hao; Ho, Janice Tran; Shuba, Anastasia; Markopoulou, Athina

doi:10.48550/arxiv.2106.05407

Cited by 1 publication

(1 citation statement)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The FTC could institutionalize mechanisms for constant input from academics, privacy risk professionals, civil society organizations, and community leaders who are capable of highlighting surveillance risks the FTC is yet to be familiar with. The information-gathering process can potentially flag new market practices that are currently unregulated and highlight new avenues for consumer surveillance (See for instance Trimananda et al, 2021 about the privacy implications of VR technologies). The FTC will be committed to act upon the new knowledge, potentially update its rules, or at least publicly distribute alarms for consumers to be aware of potential new harms.…”

Section: Creating New Regulations Upon New Risksmentioning

confidence: 99%

Public Comment for FTC's Commercial Surveillance ANPR

Sivan‐Sevilla¹,

Nissenbaum²,

Parham³

2022

Preprint

View full text Add to dashboard Cite

These comments, respectfully submitted in response to the Federal Trade Commission’s (FTC) advanced notice of proposed rulemaking (ANPR) on the prevalence of commercial surveillance and data security practices that harm consumers, are based on selected research findings – our own and others. They are organized into four Parts. Part I drives a stake through the heart of direct-to-consumer consent-based approaches, arguing that notice and consent, transparency and choice, and privacy policies are not only ineffective; they may constitute “unfair and deceptive” practices. Part II addresses questions about data minimization, purpose limitations and sectoral approaches, vulnerable populations, and costs and benefits by drawing on the theory of privacy as contextual integrity (CI) (Nissenbaum, 2009). Part III discusses questions on the role of third party intermediaries in the enforcement process and facilitation of new disclosure rules, mechanisms to require/incentivize companies to be forthcoming about their data practices, and the role of civil rights agencies. Part IV suggests an adaptive regulatory model for the FTC through three regulatory learning cycles that can help the Commission account for changes in business models of surveillance-based industries.

show abstract

Section: Creating New Regulations Upon New Risksmentioning

confidence: 99%