Virtual reality (VR) telepresence applications and the so-called "metaverse" promise to be the next major medium of interaction with the internet. However, with numerous recent studies showing the ease at which VR users can be profiled, deanonymized, and data harvested, metaverse platforms carry all the privacy risks of the current internet and more while at present having none of the defensive privacy tools we are accustomed to using on the web. To remedy this, we present the first known method of implementing an "incognito mode" for VR. Our technique leverages local differential privacy to quantifiably obscure sensitive user data attributes, with a focus on intelligently adding noise when and where it is needed most to maximize privacy while minimizing usability impact. Moreover, our system is capable of flexibly adapting to the unique needs of each metaverse application to further optimize this trade-off. We implement our solution as a universal Unity (C#) plugin that we then evaluate using several popular VR applications. Upon faithfully replicating the most well-known VR privacy attack studies, we show a significant degradation of attacker capabilities when using our proposed solution.

翻译：虚拟现实（VR）远程呈现应用及所谓的“元宇宙”有望成为下一代主要的互联网交互媒介。然而，近期大量研究表明，VR用户极易被画像、去匿名化以及数据采集，这使得元宇宙平台不仅继承了当前互联网的所有隐私风险，甚至面临更多威胁，而目前却缺乏我们在网络上习惯使用的防御性隐私工具。为解决这一问题，我们提出了首个已知的为VR实现“隐身模式”的方法。该技术利用本地差分隐私，可量化地混淆敏感用户数据属性，重点是在最需要时智能地添加噪声，以最大化隐私保护的同时最小化可用性影响。此外，我们的系统能够灵活适应每个元宇宙应用的独特需求，进一步优化这一权衡。我们将该解决方案实现为一个通用的Unity（C#）插件，并通过多个流行的VR应用进行评估。在忠实复现最著名的VR隐私攻击研究后，我们证明使用所提方案能显著削弱攻击者的能力。