The Need for Inherently Privacy-Preserving Vision in Trustworthy Autonomous Systems
This addresses privacy concerns for users and society in autonomous systems using vision sensors, but it is a first step and incremental in proposing specific principles and a case study.
The paper tackles the problem of privacy in robotic vision by proposing a system where no images are captured or reconstructable, even with full remote access, and demonstrates through a simulation case study in localization that it can deliver robotic capabilities while preserving privacy inherently.
Vision is a popular and effective sensor for robotics from which we can derive rich information about the environment: the geometry and semantics of the scene, as well as the age, gender, identity, activity and even emotional state of humans within that scene. This raises important questions about the reach, lifespan, and potential misuse of this information. This paper is a call to action to consider privacy in the context of robotic vision. We propose a specific form privacy preservation in which no images are captured or could be reconstructed by an attacker even with full remote access. We present a set of principles by which such systems can be designed, and through a case study in localisation demonstrate in simulation a specific implementation that delivers an important robotic capability in an inherently privacy-preserving manner. This is a first step, and we hope to inspire future works that expand the range of applications open to sighted robotic systems.