An augmented reality application typically provides an output presentation which combines information captured from the environment with some type of supplemental information. For example, one type of augmented reality application presents an image of the environment, together with labels that annotate objects within the image. Another type of augmented reality application provides a figure which duplicates the actual movement of a human user, together with a virtual object with which the user may interact.
An application that captures information from the surrounding environment raises privacy concerns. For example, the above-described augmented reality applications capture images or videos of the environment; that information, in turn, can potentially include sensitive items, such as human faces, personal writing, account numbers, etc. The “owner” of this private information will often prefer or insist that the information is not released to unauthorized parties. Such an undesirable release can occur in various circumstances. In a first case, an unauthorized application may extract the private information from data that it obtains through a computing device's sensing mechanisms (e.g., a video camera, microphone, etc.). In a second case, an unauthorized application may obtain the private information from another augmented reality application.
The above-described privacy concerns are not unique to augmented reality applications, but extend to any application which captures perceptual information from the environment. Such applications are referred to herein as environment-sensing applications.
In practice, a developer may create an augmented reality application as a “one-off” self-contained unit of code. Similarly, a computing device may execute the application as a standalone unit of functionality. If the user wishes to run another augmented reality application on the same computing device, he or she may close down the first application and start up the second application. Pursuant to this approach, each developer may address the above-described privacy concerns in a separate—typically ad hoc—manner, within the application code itself.