[HN Gopher] Meta will start collecting "anonymized" data about Q...
___________________________________________________________________
Meta will start collecting "anonymized" data about Quest headset
usage
Author : laurent123456
Score : 35 points
Date : 2024-02-27 17:46 UTC (5 hours ago)
(HTM) web link (arstechnica.com)
(TXT) w3m dump (arstechnica.com)
| KomoD wrote:
| > These policies only seem to apply to users who make use of a
| Meta account to access their Quest headsets
|
| Didn't they make it a requirement to use the Quest headsets?
| kotaKat wrote:
| Yeah, but "It's Not A Facebook Account! :)"
|
| Everyone basically went with that line and called it "good"
| when I still thought it "a disaster" and the only response that
| typically comes after that is "well then just don't use it!"
| when there's no real good other alternatives on the market.
| ewzimm wrote:
| Apparently people using old Oculus accounts are exempt. The
| strange thing here is the apparent lack of ability to opt out.
| It's pretty standard practice among data collection devices to
| at least have an option to turn it off, and since most people
| don't do so, it doesn't seem to have a large impact on
| analytics, but omitting an opt out except if using an account
| type that can no longer be created seems like a great way to
| alienate power users.
|
| I commented here just recently that I found the privacy options
| on the Quest to be fine as they were implemented, and here they
| go and immediately change the terms just at the moment when
| Apple came in and made the Quest look like a great value for
| people who want to get into XR but don't want to pay $4k.
|
| I'm not certain that Ars is right here about there being no
| opt-out, and even they don't seem to be sure, but I hope
| they're mistaken.
| KomoD wrote:
| Even if you're able to opt out I'm sure they'll screw you
| over by disabling some features if you opt out
| ewzimm wrote:
| In previous versions, the features that were disabled had
| to do mostly with disabling multiplayer coordination if you
| choose not to share precise location information, in other
| words, just the things that would need that data to
| function. My Quest is currently updating, so I'll see soon
| if there's really no opt-out, but I wouldn't expect any
| change in function for removing analytics if their past is
| any indication.
| ewzimm wrote:
| I don't see much difference in the current version, and
| the anonymized data that you can't opt out of seems
| mostly to do with crash reports. It's laid out in this
| article, and although I'd prefer a full off option, it's
| not any worse than Windows and does respect choices after
| updates.
|
| https://www.meta.com/en-us/help_app/614185856801362/
|
| I don't even disable everything, but the option should
| always be there.
| laurent123456 wrote:
| > "Your audio data"
|
| > "Certain data" about hand, body, and eye tracking
|
| > Fitness-related information
|
| > "Information about your physical environment and its
| dimensions"
|
| > "Voice interactions"
|
| That kind of data can 100% be matched back to a Facebook profile.
| There should be a legal definition of "anonymous data" so that
| companies like Facebook cannot have the opportunity to pretend
| they care about their user's privacy.
| JohnFen wrote:
| Considering that the legal definitions of "PII" exclude quite a
| lot of actual PII, I don't have any faith that a legal
| definition of "anonymous data" would be any more accurate.
| HeatrayEnjoyer wrote:
| Laws are not immutable.
| waffleiron wrote:
| Recital 26 of the GDPR has a quite good definition
|
| >To determine whether a natural person is identifiable, account
| should be taken of all the means reasonably likely to be used,
| such as singling out, either by the controller or by another
| person to identify the natural person directly or indirectly.
| To ascertain whether means are reasonably likely to be used to
| identify the natural person, account should be taken of all
| objective factors, such as the costs of and the amount of time
| required for identification, taking into consideration the
| available technology at the time of the processing and
| technological developments. The principles of data protection
| should therefore not apply to anonymous information, namely
| information which does not relate to an identified or
| identifiable natural person or to personal data rendered
| anonymous in such a manner that the data subject is not or no
| longer identifiable.
|
| Which of course relies on threat modelling as technology
| doesn't stand still. However it's quite clear that if you can
| link the data in any way to an individual, it's not anonymous.
|
| I work in privacy and I'd even argue that collecting anonymous
| data is likely not possible unless using something like
| differential privacy. It's more likely they are collecting
| personal data (because even your IP would link this data to
| you) and then anonymise it afterwards (i.e. store it without
| your IP address).
| JohnFen wrote:
| > I'd even argue that collecting anonymous data is likely not
| possible unless using something like differential privacy.
|
| I think this is undeniably true.
|
| Aside from differential privacy (which is pretty weak sauce
| itself), the only way there can be "anonymous data" about
| people is if that data is aggregated and only the aggregation
| is kept. The collected raw data must be deleted.
|
| The problem with that is that there's no way to know if a
| company is actually doing that. All we have to go by is what
| they say, and I think a strong argument can be made that we
| shouldn't believe what companies say just because they say
| it. Especially if those companies are the likes of Facebook.
|
| So, as things currently stand, "anonymous data collection" is
| a misnomer and any time I see a company asserting they're
| doing such a thing, I think that company is lying. Or, maybe
| worse, deluding themselves.
| tweetle_beetle wrote:
| Probably goes without saying, but Quest users are obliged to
| have a Facebook account. So that can't even be qualified with
| "if they have a Facebook account", the vast majority of users
| do.
|
| As far as I know, the original workaround of using a developer
| registered account now requires an invite and it's hard to see
| that not quietly being dropped at some point and all users
| requiring a "real" account.
|
| It's a shame looking in from the outside at how good the
| pricepoint is for the hardware, but can't bring myself to get
| involved with Meta. Just about the only aspect of a user (they
| aren't even 'just a user' if they've spent hundreds on Quest
| and apps, they're a fully blown customer) they aren't
| collecting data on is their DNA.
| crtified wrote:
| From ~late 2022 onwards, Quest users were no longer obliged
| to have a Facebook account, but rather a (non social-media)
| 'Meta account'.
|
| Not defending them. Merely anecdoting that, as one of that
| small minority who never cultivated a Facebook account,
| getting and using a Quest unit had no special or far-reaching
| implications for me or my private information.
| erellsworth wrote:
| I'm shocked by this. Shocked I tell you.
| xetplan wrote:
| It is a toss up what is more shocking between this and one of
| those "Giant pet alligator kills owner" type stories.
| ChrisLTD wrote:
| I'm actually shocked Meta doesn't already do this. I wonder what
| anonymous usage data Apple is collecting on the Vision Pro.
| penjelly wrote:
| its nuts how much these devices will be able to learn about us.
| User privacy will have to change if they can spatially map out
| your bedroom, your body and your movements.
| sdzgs wrote:
| If its like the iPhone situation, not much is collected
| hruzgar wrote:
| This is very concerning!
___________________________________________________________________
(page generated 2024-02-27 23:02 UTC)