About Our Project

The integration of VR/AR/MR technology into shopping brings numerous benefits. Customers enjoy heightened convenience and a richer shopping experience, while retailers benefit from cost reductions and increased sales. However, alongside these advantages, concerns regarding privacy and security in VR/AR/MR shopping environments also emerge. To address this, we conducted an extensive technical and experimental investigation into the VR/AR e-commerce and retail apps/websites ecosystem, with particular emphasis on virtual try-on (VTO) services. After our analysis, it's evident that there are significant concerns regarding the privacy management of users' images on websites and apps that incorporate Virtual Try-On (VTO) technology. Most of the tested platforms not only transmit users' images to their own servers but also to third-party entities. Additionally, these images are often stored, and VTO providers may extract facial geometry data from them. Many VTO-enabled websites and apps either breach their own privacy policies or engage with VTO providers that do so.



VR/AR apps have the capability to capture a wide range of data beyond what is typically collected by standard applications. This includes not only traditional user data such as location and browsing history but also biometric information, spatial mapping data, and interactions within virtual environments. As such, shoppers, merchants using shopping AR/VR technology, and privacy regulators must be mindful of the unique privacy implications associated with these technologies and take proactive steps to protect users’ personal information. We therefore provide the following recommendations.