Re: [w3ctag/design-reviews] WebXR Raw Camera Access API (#652)

Discussing again in our virtual f2f with @kenchris and @atanassov. @kenchris also pointed out that it's not great having 2 different ways to get access to the camera with totally different areas.

On the privacy topic, some other factors:

People who are bystanders don't have a way to opt out of being part of this scenario.  The fact that you can be logged into a service and through the use of this API expose other people to privacy threats is problematic. 

If people allow access to camera image currently - it's because they want to do a specific thing - usually video call or take a picture or scan a QR code.  In AR you are using the camera more freely around you and for a longer period of time thereby exposing more information. It feels more privacy infringing and therefore worthy of greater protection than purely camera access.  Also one benetit or **Web**AR is that anyone can pick up their phone and start using it without additional software download. That lower barrier to entry also calls for a stronger system of privacy protection. It feels like there needs to be some additional mitigation designed into the API - not part of the permissions request but intrinsic to how the API works - tha makes it more privacy-protecting than a similar approach on native platforms would be.  Maybe that means fuzzing - maybe it means turning off access to something else.  There must be privacy diffentiators for WebXR that alings with the [ethical approach](https://w3ctag.github.io/ethical-web-principles/) of the web - even if that means it's less powerful than a native equivelant.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/652#issuecomment-920101955