The Vision Pro tracks your eyes 60 times per second. Apple says the data stays on-device. Then researchers proved they could watch your Persona avatar in a FaceTime call and reconstruct what you typed — passwords at 92% accuracy. Your eyes betray your keystrokes. Apple patched that specific attack, but the underlying reality cannot be patched: eye tracking encodes what you think, what you want, and what you're about to do. It reveals which word you paused on, which product you lingered over, which face you looked at longest. No other Apple device has ever recorded where your attention goes 60 times per second. This one does. Vision Pro has 12 cameras and 5 sensors strapped to your face. It builds a 3D model of your room — furniture, walls, doorways, objects, people. It scans your face to create a digital replica. It tracks your hands. It watches your eyes. Apple says most of this stays on-device, and that's probably true today. But you're wearing the most sophisticated sensor array ever built for consumers. It knows the layout of your home, the expressions on your face, where your eyes go, and what your hands do. The question isn't what Apple does with this data now. The question is what any company would do with this data ever.
What they claim: Apple states Vision Pro processes eye tracking data on-device and does not share it with apps.
What we found: Vision Pro tracks your eyes 60 times per second. Apple says this data stays on-device and apps only receive "where you looked" after a tap gesture — not continuous gaze data. However, researchers from the University of Florida, Texas A&M, and NYU demonstrated GAZEploit (CVE-2024-40865): by analysing the Persona avatar's eye movements during a FaceTime call, they could reconstruct what the user typed on the virtual keyboard with up to 92% accuracy for passwords and 77% for messages. Eye tracking reveals not just what you looked at, but what you typed, what you read, what you lingered on, and what you avoided. Apple patched the specific vulnerability but the fundamental problem — that eye tracking encodes intent — cannot be patched.
What they claim: Apple markets Vision Pro as a "revolutionary spatial computer" for work, entertainment, and connection.
What we found: Vision Pro maps your entire room using LiDAR and cameras — creating a 3D model of your space including furniture dimensions, wall positions, doorways, windows, and objects. Apple says room maps stay on-device. But the 12 cameras and 5 sensors continuously capture your environment, the people in it, and your hand movements. Apps that use ARKit can request spatial awareness data. A $3,500 device that builds a centimetre-accurate 3D model of your home, tracks your hands, scans your face for a digital avatar, and monitors your eye movements — strapped to your face for hours at a time.
What they claim: Apple positions Vision Pro as the future of computing for everyone.
What we found: Vision Pro costs $3,499. Sales fell dramatically after launch — Bloomberg reported Apple cut production forecasts by half within months. The device weighs 600-650 grams and causes discomfort after extended use. Apple discontinued the first-generation model in 2025. The privacy implications of spatial computing — room mapping, eye tracking, face scanning, hand tracking — have been normalised by a product that most people can't afford and won't use. But the technology is being pushed downstream: ARKit is on every iPhone, LiDAR is on iPad Pro, and eye tracking is coming to future devices. Vision Pro is the prototype. The privacy precedents it sets will apply to devices everyone uses.