The question of how XR headsets handle camera permissions is crucial, especially considering their ability to capture our surroundings. A recent look at Samsung’s Project Moohan XR headset raised concerns about third-party app access to passthrough cameras and user control over these permissions. Fortunately, it appears Google’s Android XR manages camera permissions similarly to the Android operating system.
The most effective method to protect camera privacy on Android XR involves understanding and managing app permissions directly within the operating system. This mirrors the familiar process on Android phones, giving users granular control over which apps can access camera feeds.
Android XR Camera Permissions
A Google spokesperson clarified that Android XR allows third-party applications to request camera access on XR headsets. Crucially, the system prompts users for permission before granting this access, mirroring the behavior of Android smartphones.
Step 1: When an app requests camera access, a permission dialog will appear on the screen.
Step 2: Carefully read the permission request.
Step 3: Decide whether to grant or deny the permission based on your trust in the app and its stated purpose.
Step 4: If granted, the app will be able to access the specified camera feed. If denied, the app will not be able to access the camera.
Front vs. Rear Camera Access
Android XR distinguishes between front and rear camera access. If an application requests access to rear cameras, it receives feed from “the world-facing camera”. If it requests access to front cameras, it receives “an image stream containing the user’s avatar.”
This avatar video stream is generated by avatar provider apps/services on the headset, using user tracking data from OpenXR APIs (e.g., head, hand, eye, face). This tracking data is obtained from inward-facing cameras that monitor the user’s movements and facial expressions.
In essence, camera access and permissions on Google’s Android XR and Samsung’s Project Moohan XR headset are designed to function analogously to those on Android and Galaxy smartphones. This approach provides a degree of familiarity and control for users concerned about their privacy.