Imagine sitting at your desk during a normal workday. You log into your computer, unaware that a built-in sensing system could be tracking your heart rate.
By measuring subtle signals from your body, it might estimate how stressed, tired, or focused you are.
It sounds like science fiction, but researchers say the technology to do this already exists.
Radar-based sensing systems, including millimeter-wave radar, are becoming more common in everyday devices.
These systems are used for things like facial recognition, motion detection, and even gesture control.
Wearable devices already track heart rate and sleep patterns. While these tools are designed to make life easier and safer, they also raise concerns about privacy.
Millimeter-wave radar can detect extremely small movements, including the tiny chest motions caused by breathing and heartbeats.
Off-the-shelf radar devices have been shown to pick up sensitive information such as a person’s presence in a room, their daily movement patterns, and even subtle physical signals that could reveal stress or emotional state.
Researchers at Rice University recently explored how this type of radar could potentially be misused. In their study, published in the journal Computer Communications, they described a fictional scenario involving two characters.
“Trudy” represents a malicious intruder using radar to monitor someone, while “Alice” is the unsuspecting target. The researchers demonstrated that radar systems operating at high frequencies, such as 77 gigahertz, can accurately detect a person’s heartbeat without any physical contact.
Tracking heart rate remotely could allow someone to infer whether a person is present, alert, fatigued, or stressed. While this capability might have helpful uses in healthcare or safety, it could also be used without consent.
To address this privacy concern, the researchers developed a countermeasure called MetaHeart. This system uses a programmable metasurface—a specially engineered material that can control how electromagnetic waves reflect. Instead of allowing the radar to detect a real heartbeat, MetaHeart sends back a fabricated signal. In other words, it creates a false heartbeat pattern that tricks the radar system.
In laboratory tests using a 77-gigahertz radar, MetaHeart successfully spoofed heartbeat signals with more than 98% accuracy. The system can even create the illusion that someone is present when the room is actually empty.
By manipulating the electromagnetic signals themselves, the device blocks the radar from extracting accurate biometric information. The researchers say this approach highlights both the power of modern sensing technologies and the need to think carefully about privacy protections.
As radar and sensing systems become more advanced and widespread, concerns about how personal data might be collected are growing. The study shows that while technology can be used to monitor people in increasingly subtle ways, it can also be designed to defend personal privacy.
