PRIVACY AND SECURITY WITH WORKPLACE AR

For better or worse, we have become a self-documenting society.  To illustrate this point, simply watch the evening news.  How many stories are supported by amateur footage because someone near the event was quick with their smart phone?   

Amateur cinematography in the workplace is a serious concern.  Regardless of intent, workplace images can reveal proprietary information or invade the privacy of the human workforce.

In addition to consumer devices like smart phones, more workplace devices are now equipped with camera / video capabilities.  Tablets, high-end handheld computers and wearable technology, such as our own VIEW devices, all boast video imaging as a core feature.

This post considers some implications of vision-based technology in a working environment.
It is usually easy to tell when someone is taking a video with their smart phone.  They are holding the device up, arm partially extended, and with an engrossed expression that screams, "I'm completely oblivious to the world around me!"  In the typical workplace, this posture would stand out like a sore thumb, so it's generally only a matter of policy and vigilance to prevent this behavior.  Of course, the nefarious actor will take steps to remain covert, but most employees do not fall into this category.

Smart glasses, such as those offered by LogistiVIEW, aren’t quite so obvious.  The very design of the device is to enable hands-free, line-of-sight visual interaction with the system.  Viewing an augmented video feed is indeed supposed to be effortless.

Therefore, one practical safeguard against illicit camera operation, the obvious physical giveaway, goes away with smart glasses.

A good AR solution will offset this with safeguards of its own.  When evaluating such a technology for your workplace, consider the following features.

  1. Captive application.  Smart glass technology has not pervaded the consumer market the way smart phones have.  Therefore, we are not likely to see a BYOD ("bring your own device") approach to AR applications in the workplace soon.  Corporate-owned AR devices, then, should boot to a specific application or menu. They must simply not allow escape to generic applications such as camera apps, browsers, etc.

  2. Fire and forget.  Our application is almost always streaming a live view of the wearer's line-of-sight into the display.  Bysuperimposing instructions and visual information on this display, we create an augmented reality experience for the human worker.  In such applications, the retention and accessibility of the video must be known and controlled.  When no longer needed for streaming, how long is an image or video frame retained?  How much is kept on the device?  How much is shipped off to a server or the cloud?  In our case, "fire and forget" (or "view and vanish?") is the norm.

    There are many legitimate reasons to retain images based on the business context of the application.  However, these decisions should be by design in the application and not by ad hoc request of the wearer.

  3. Accountability.  Security policies must require an individual login for every human (including temp workers).  The application must attribute every legitimately retained image, video or audio clip to a known human worker and an explainable business context.  

  4. Storage Management.  If images are stored off-device (in a corporate server or cloud service), adequate security is required.  Corporate security policies regarding both document management and security camera footage are both good reference points.

  5. Beacons.  Electronic beacons, which are most frequently Bluetooth devices, are used to "fence" specific areas of a facility.  While our application can operate equally with or without beacons, we do recommend them for our customers.  Various strategies exist, but the most common for us are:
    1. Allow device usage only in the presence of "white-list" beacons, effective if the AR application is only used in specific, small areas.
    2. Disallow device usage in the presence of "black-list" beacons, commonly used to disable devices in locker rooms, restrooms and near proprietary operations / equipment.
    3. Used in combination, privacy areas can be protected by black-list beacons, operations enabled in white-list areas, and the device becomes inoperable when taken off-site.

Security teams will attest that a motivated, nefarious actor can find holes to exploit in most facilities.  Any security investment or policy must be weighed in terms of its loss prevention potential vs. its impact on tangibles, like productivity, and intangibles, such as morale.

At LogistiVIEW, we are only part of this picture, and cannot make these decisions for our customers.  We can, however, make sure our VIEW devices are never the "easy choice" for illicit imaging, that any image we take is done for legitimate business reasons, and any image retained is properly cataloged.
David Erickson

David Erickson

Supply Chain Software Development Veteran, Efficiency Expert, Ergonomy Fanatic

Subscribe to our mailing list