Augmented reality (AR) gained much public attention after the success of Pokémon Go in 2016, and has found application in online games, social media, interior design, and other services since then. AR is highly dependent on various different sensors gathering real time context-specific personal information about the users causing more severe and new privacy threats compared to other technologies. These threats have to be investigated as long as AR is still shapeable in order to ensure users’ privacy and foster market adoption of privacy-friendly AR systems.

To provide viable recommendations regarding the design of privacy-friendly AR systems, we follow a user-centric approach and investigate the role and causes of privacy concerns within the context of mobile AR (MAR) apps. We design a vignette-based online experiment adapting ideas from the framework of contextual integrity to analyze drivers of privacy concerns related to MAR apps, such as characteristics of permissions, trust-evoking signals, and AR-related contextual factors. The results of the large-scale experiment with 1,100 participants indicate that privacy concerns are mainly determined by the sensitivity of app permissions (i.e., whether sensitive resources on the smartphone are accessed) and the number of prior app downloads. Furthermore, we devise detailed practical and theoretical implications for developers, regulatory authorities and future research.

自2016年《神奇宝贝Go》获得成功以来，增强现实（AR）受到了公众的广泛关注，并从那时起已在在线游戏，社交媒体，室内设计和其他服务中得到应用。与其他技术相比，AR高度依赖于各种不同的传感器，这些传感器收集有关用户的特定于上下文的实时个人信息，从而引起更严重和新的隐私威胁。只要AR仍然可以成形，就必须对这些威胁进行调查，以确保用户的隐私并促进对隐私友好的AR系统的市场采用。

为了提供有关隐私友好型AR系统设计的可行建议，我们遵循以用户为中心的方法，并在移动AR（MAR）应用程序的上下文中调查隐私问题的作用和原因。我们设计了一个基于小插图的在线实验，该实验将从上下文完整性的框架中吸取灵感，以分析与MAR应用相关的隐私问题驱动因素，例如权限特征，引发信任的信号以及与AR相关的上下文因素。1100名参与者的大规模实验结果表明，隐私问题主要取决于应用程序权限的敏感度（即，是否访问了智能手机上的敏感资源）和以前的应用程序下载次数。此外，我们为开发人员设计了详细的实践和理论意义，