With Facebook recently launching the Oculus Quest and Rift S—both of which rely on always-on cameras during use—we reached out to the company to learn more about what data is captured by the cameras and how it’s used.

There’s never a bad time to be skeptical about how your private information is being used by products and companies which gather information about you, but an especially good time is when using products that rely on always-on cameras during use. That’s the case with both the Oculus Quest and Rift S, both of which use an array of cameras for tracking the movement of your head and hands, and to offer a pass-through view of your surroundings.

While the cameras used with the original Rift present similar privacy concerns, it uses simple point-matching for tracking and does not map and store information about your physical playspace like Quest and Rift S.

By our reading, neither Oculus’ Privacy Policy nor Terms of Service specifically address how data captured or derived from the headsets’ cameras is used, stored, or transmitted, so we reached out to Facebook to get more insight. An Oculus spokesperson offered the following:

The sensors on Quest and Rift S are primarily used to create a 3D map of your environment, which helps locate your headset and controllers in a known space so Quest/Rift S can work and keep you safe. This data is processed on the headsets. The only information we keep on our servers today consists of performance metrics that don’t contain any recognizable detail about your environment. These metrics help us improve [the inside-out tracking system]. We don’t collect and store images or 3D maps of your environment on our servers today—raw images are not stored anywhere, and 3D maps are stored locally on the headset for Quest, and on your local PC (where you have access to delete it) for Rift S. This makes it possible for Quest/ Rift S to remember the playspaces you’ve already set up in multiple rooms. We’ll notify users if collecting this information on our servers is required for future VR experiences we provide on Quest and Rift S, for example, co-located multiplayer experiences. (That said, it’s worth noting there are a few scenarios when users can opt-in to providing this information today: For example, when livestreaming, a user can choose to stream passthrough footage and thus that footage may be stored off platform/on their streaming surface—similarly, when submitting a bug report to Oculus a user can elect to include passthrough footage if it’s relevant to the report).

Update (August 6th, 2019): Oculus offered some additional information on Quest and Rift S camera privacy: Like the white LED on Quest, the blue LED on Rift S indicates when the headset’s cameras are active; this is a hardware function which can’t be circumvented with software.

If a hacker gains root access to Quest or the Rift S host system, it would be possible to access the cameras on the headsets (similar to a camera on a compromised smartphone or PC).

Third-party developers cannot access the headsets’ cameras in any way.

The spokesperson also noted that Oculus hosts a ‘My Privacy Center‘ where users can find more information about their privacy settings, including what information is currently stored about them [both links here require you to be logged into your Oculus account].

The key takeaways from Oculus’ statement is that the data captured by the cameras is being processed locally for tracking, and that 3D maps of your environment are not being transmitted or stored on a server. They explicitly say that raw images (camera footage) is not stored anywhere (even on the local headset or host machine).

Oculus has also told us previously that cameras on Quest cannot be active without the white LED at the top of the headset being illuminated, so at a minimum it would be easy to see at a glance if the cameras were activating surreptitiously.

While it’s good to have these confirmations from Facebook on the record, the use of the word “today,” makes it clear that the company is not ruling out anything in the future. Indeed, Facebook’s privacy strategy for Oculus generally seems to be to commit to as little as possible in order to not limit what might be done in the future, and to be as broad as possible to maximize legal wiggle room. That means that that VR community needs to be diligent about analyzing privacy policy updates in order to ensure that privacy is not eroded over time.