The Role of Trust and the Future of Augmented Reality

On March 26, I spoke to the Augmented Reality Community meeting held in conjunction with the Open Geospatial Consortium (OGC) Technical and Planning Committee meeting held in Arlington, Virginia.  Quite understandably, the subject of trust and Augmented Reality (A/R) quickly turned to privacy. 

I had a hard time coming up with what to say on this subject.  First, because Augmented Reality can /and will involve many diverse technologies and applications. Second, because concerns over A/R technologies often drown out discussions regarding the value of many A/R applications.  

So I began my talk at the beginning - by breaking down the elements of A/R.  Augmented  Reality  is defined on Wikipedia as "a live, copy or view of a physical, real-world environment whose elements are augmented (or supplemented) by computer-generated sensory input such as sound, video, graphics or GPS data."

Breaking it down, what are the privacy concerns in "reality"? I would suggest there are two primary issues for the A/R community to consider in this area:

1.    Historically there have been different expectation of privacy when a person is in public then when they are are in a private place.  However those expectations are beginning to change; more and more courts, regulators, policymakers, academics, privacy advocates and even technologists are redefining the what expectations of privacy in public should be reasonable give new technological capabilities. 

2.    What are the privacy expectations with respect to an object? Increasingly there have been growing expectations of privacy with objects, such as mobile phones.  How will this translate to other objects, such as automobiles, or the outside of homes. 

.        Next, what are the privacy concerns associated with augmentation - "the elements are augmented (or supplemented) by computer-generated sensory input such as sound, video, graphics or GPS data."  I would suggest there are two primary issues for the A/R community to consider with respect to augmentation. 

1.    Are you augmenting with public input (data) or private input (data)? Obviously there is a greater private concern associated with private data. However, there are increasingly concerns with public data as well. For example, the New York newspaper that posted a controversial interactive map of publicly available names and addresses of registered gun owners. 

2.    What is the definition of “public” data?     Social media is pushing the limits of what has is considered public and what is private. However, do people appreciate how available the posted information will be become and how it might be used? Are some types of social media more “public”?

Based upon this analysis, I came up with three questions that I believe the A/R community should consider when building applications and use cases.   These questions can help define the framework in which to determine the potential impact of A/R in a market/jurisdiction. Also, should expect that the answers will change over time, and in some cases will be “individual”-specific, such as when a minor is involved.

1.    If/when does the display of augmented public data of someone who is in the public violate that individual’s privacy?

2.    If/when does the use or sharing of augmented public data of someone who is in public violate that individual’s privacy?

3.    Is there ever a time when the display and/or use of augmented private data of someone who is in private worth the potential/perceived violation of that individual’s privacy?   If the answer is yes, when is it appropriate by whom?

ICYMI Five Spatial Law and Policy Links From Around the World

German DPAs issue guidelines on CCTV use  (Hunton &Williams)  Link to Germany's policy (in German). 

Offshoring Data  (Coors, Chambers, Westgarth)  Impact of new Australian privacy laws on companies that offshore data processing. 

Turkey bans Twitter to uphold 'privacy of citizens'  (allvoices) Protecting privacy is often cited as the reason to limit the collection/use/sharing of information. 

Malaysia plane search: China checks new 'debris' image  (BBC) The search for the missing Malaysian airline has shown both the power of geospatial technology and the challenges in sharing data among nations. 

India to promote geospatial technologies with BRICS partners   (Geospatial World)

In addition, I encourage you to read Privacy Pragmatism in the current issue of Foreign Affairs. Craig Mundie does an excellent job of highlighting what I believe to be some of the challenges to protecting location privacy under existing constructs and suggest an alternative approach. 

The Role of "Oversight" In Today's World

There has been a great deal written recently regarding the need for increased oversight of the Intelligence Community's growing use of new and innovative technology. However, I question whether increased oversight is the answer. The problem as I see it is that the legal/policy communities have shown that they are unable to keep up with advancements in technology and its impact on society. In my role as Executive Director of the Centre for Spatial Law and Policy I see people struggle daily with how to address important issues associated with the internet, Big Data, mobile devices and UAVs. Very soon these issues will also include Intelligent Transportation Systems and Autonomous Vehicles, Smart Grids, Augmented Reality, Smart Cities and the Internet of Things. (As an aside, many of these issues involve the power of location information.)  Increased oversight without an accompanying legal and and policy framework to address these issues is unlikely to do more than score a few political points.  The ability to conduct oversight is limited if you don't know the questions to ask and/or you don't know what the answers truly mean.  However, it is effectively eviscerated if the laws and policies are either so outdated or vague that they can quite honestly be interpreted in numerous ways.  

UAVs in the US: My Perspective

A number of people have been asking me  for my thoughts on the legal issues associated with the use of UAVs in the United States in light of a couple of recent articles. (See e.g , FAA Says Commercial Drone Operations are Illegal . . Public Says So What? and Busting the FAA's "Myth Busting Document".) Clearly, there are a number of what I would deem technical/safety issues associated with integrating UAVs into the existing legal and policy framework surrounding aircraft. These include issues such as licensing, spectrum, training, etc. I don't mean do downgrade the importance of these issues in order to facilitate the broad adoption of UAV use in the U.S., however my sense is that the Federal Aviation Administration (FAA) is quite capable of coming up with regulations and policies that although not perfect, will be something that will satisfy many - if not most - stakeholders.  Moreover, it will almost certainly be a national standard that will provide for predictability and uniformity, which are important to most stakeholders (businesses and government agencies that wish for greater use of UAVs in the U.S.)

I believe the more troublesome issues are, and will be for some time, associated with UAVs that are used to collect information (of any kind).  First, because it is unclear whether the FAA has the authority or the internal capability to develop regulations around such issues as privacy, data ownership and data protection. Second, because the existing laws and policies on these issues in the U.S.are outdated, in a state of flux and/or often misunderstood. Third, because the issue is a  sensitive topic across the political spectrum; the left and the right are both concerned about who will collect the information and how it will be used. Finally, because there are so many other government authorities that have, or hope to have a say on these issues, including the Federal Trade Commission, state authorities and the courts (federal and state).

The result in the near term is likely to be a patchwork of inconsistent and in some cases conflicting laws and regulations as to what is required in order to begin collecting information, what information can be collected and how it can be used. The challenge for organizations that wish to collect such information will be to work through this legal and regulatory minefield in a manner that maximizes the benefits while minimizing the legal risks. Unfortunately for the FAA, it will sit in the middle of that likely mess and will continue to take much of the blame. 

I am not surprised to hear that there are those who question the FAA's ability (or willingness) to restrict some commercial use of UAVs. I imagine that the FAA is unlikely to challenge the use of very small UAV's, flown at low altitudes, over private property, for limited purposes, with the informed consent of the owner, even for "commercial purposes".  However, I do believe that in the near term the further one moves away from those set of conditions, the more likely you are to run up against some legal or regulatory authority.