VR ProfiLens: User Profiling Risks in Consumer Virtual Reality Apps
Ismat Jarin, Olivia Figueira, Yu Duan, Tu Le, Athina Markopoulou
TL;DR
VR ProfiLens introduces a top-down, law-grounded taxonomy and an empirical framework to quantify how much user attributes can be inferred from abstracted VR sensor data across consumer apps. By collecting multi-sensor streams (BM, EG, HJ, FE) from 20 participants across 10 popular VR apps and ground-truth surveys, the study demonstrates moderately high to high inference capability (up to $F1$ ≈ $90\%$) for a broad set of attributes, including demographics, anthropometrics, health, and interests. It shows that profiling risk varies by sensor type and app group, with multi-sensor adversaries amplifying exposure, and highlights design and regulatory implications such as sensor-level permissions, data minimization, obfuscation, and privacy-assistance tools. The work provides actionable guidance for developers and regulators to enhance transparency, user control, and privacy protections in VR environments, and proposes a framework that can be extended to evolving VR ecosystems. Overall, VR ProfiLens foregrounds substantial privacy risks in consumer VR and offers concrete avenues for mitigations and policy alignment.
Abstract
Virtual reality (VR) platforms and apps collect user sensor data, including motion, facial, eye, and hand data, in abstracted form. These data may expose users to unique privacy risks without their knowledge or meaningful awareness, yet the extent of these risks remains understudied. To address this gap, we propose VR ProfiLens, a framework to study user profiling based on VR sensor data and the resulting privacy risks across consumer VR apps. To systematically study this problem, we first develop a taxonomy rooted in the CCPA definition of personal information and expand it by sensor, app, and threat contexts to identify user attributes at risk. Then, we conduct a user study in which we collect VR sensor data from four sensor groups from real users interacting with 10 popular consumer VR apps, followed by a survey. We design and apply an analysis pipeline to demonstrate the feasibility of inferring user attributes using these data. Our results show that sensitive personal information can be inferred with moderately high to high risk (up to 90% F1 score) from abstracted sensor data. Through feature analysis, we further identify correlations among app groups and sensor groups in inferring user attributes. Our findings highlight risks to users, including privacy loss, tracking, targeted advertising, and safety threats. Finally, we discuss design implications and regulatory recommendations to enhance transparency and better protect users' privacy in VR.
