The integration of VR/AR/MR technology into shopping brings numerous benefits.
Customers enjoy heightened convenience and a richer shopping experience, while retailers benefit
from cost reductions and increased sales. However, alongside these advantages, concerns regarding
privacy and security in VR/AR/MR shopping environments also emerge. To address this, we conducted
an extensive technical and experimental investigation into the VR/AR e-commerce and retail apps/websites
ecosystem, with particular emphasis on virtual try-on (VTO) services. After our analysis, it's evident
that there are significant concerns regarding the privacy management of users' images on websites and
apps that incorporate Virtual Try-On (VTO) technology. Most of the tested platforms not only transmit
users' images to their own servers but also to third-party entities. Additionally, these images are
often stored, and VTO providers may extract facial geometry data from them. Many VTO-enabled websites
and apps either breach their own privacy policies or engage with VTO providers that do so.
RESULTS OVERVIEW
RECOMMENDATIONS
VR/AR apps have the capability to capture a wide range of data beyond what
is typically collected by standard applications. This includes not only traditional
user data such as location and browsing history but also biometric information,
spatial mapping data, and interactions within virtual environments. As such,
shoppers, merchants using shopping AR/VR technology, and privacy regulators must
be mindful of the unique privacy implications associated with these technologies
and take proactive steps to protect users’ personal information. We therefore
provide the following recommendations.
