The
Oculus Rift has finally begun shipping to fans that have been eagerly anticipating their pre-orders. For many, the Rift is the virtual reality device beat despite the best efforts of
HTC,
Sony, and others. According to some, however, the Oculus Rift may come with a greater cost than
its $599 pricetag and we aren't talking about
the beast of a gaming machine you'll need to adequately power it. Instead, these concerns stem from
Facebook's ownership of Oculus. These concerns have been heard before, of course, back when Facebook acquired the company two years ago, but now Reddit detectives have offered up some evidence to support the suspicions.
Reddit user Woofington has posted information regarding Oculus Home -- a client that gets installed as part of the Rift's software suite -- and its relation to Oculus' privacy policy. He states,
"When you install Oculus Home a background service with full permissions is spun up and never spun down. This service is used to detect when the rift is turned on so it can automatically launch the rift, but it is also used to constantly communicate with facebook servers." The always running Home client processes in question have been identified as OVRServer_x64.exe and OVRServiceLauncher. OVRServer_x64.exe maintains a connection to the Facebook owned fbcdn domain even with Home closed.
Reddit user wite_noiz experimented with blocking the processes from network traffic and received a couple of warnings concerning the headset being unable to access Graph and 360 Photos being unable to detect any photos, although it hasn't prevented their Oculus devices from working otherwise.
So what is this process doing, and why does it need a constant connection to Facebook's servers? Short of an official statement, probes of the traffic have not revealed much beyond benign data such as
versioning information or friend list polling. This hasn't assuaged concerns, however, as many are picking apart the
Oculus privacy policy. Specifically, their policy includes a statement that they can collect information from a customer's local storage. No limitations are offered in the wording, so arguably a user's entire hard drive is fair game for Facebook to scan and/or upload. This information gathering is also fair game for third parties to use, of course, for marketing purposes. This policy, some claim, means that at any time Facebook can begin collecting whatever data they desire even if they aren't doing so now, and it can be done without disclosure because the users have already agreed to the terms of use long in advance.
Excerpt from Oculus Privacy Policy (4/2/2016), Click to Enlarge Whether this revelation gives you pause before slipping off into virtual reality land or not is up to you. Many users don't care if their information is used for marketing purposes. Still, the fact that there is no opt-out on a $600 product and that Oculus collects data even while the Rift is not in use is concerning and needs an official answer beyond
founder Palmer Luckey flatly dismissing Woofington as an Oculus hater.
But hey, it's not like Facebook has ever done anything shady without user knowledge,
right?