The metaverse is a concept straight out of a 70s science fiction movie. It’s the interconnection of experiences and identities within a digital universe where people can log in and live. Originally coined as a term in the 1992 novel ‘Snow Crash’ by Neal Stephenson, it came into sharp hype relief in the last quarter of 2021 when Facebook announced its new name –Meta –and intent –building the metaverse. The idea is interesting, and certainly the CEO’s vision is dynamic, but aside from being painted with a faintly dystopian brush, the metaverse itself introduces safeguarding and privacy concerns that have already risen to the top of the social media pool.
Guidelines adopted by the European Data Protection Board(EPB)in April 2021 highlighted many of the risks inherent in social media. These platforms have evolved from simple engagement platforms to spaces where users are tracked and targeted on the basis of their personal data, with third-parties collecting information and using it to serve up content and messages that are curated and customised. For marketers, this is a delicious dream. For individuals, this scraping of personal data and information within this rich metaverse is potentially invasive and insidious. This is one of the reasons why the EPB’s guidelines plus legislation like the General Data Protection Regulation(GDPR) are invaluable guardians of personal information.
The reality is that these social media worlds are filled with data about people of all ages and incomes. Data that can be used to drive sales, build empires and gain legions of fans. It’s also changing fast, adapting to shifting market and consumer needs, and is incredibly dynamic and exciting for those that are willing to brave its depths. While there have been plenty of shots taken at the minds behind the metaverse, with the Guardian describing it as the ‘new utopian boondoggle’ for tech billionaires, but there is value in the idea.
The challenge, however, is how can regulations such as the GDPR legislate information protection and the safeguarding of personal data in a universe where the rules haven’t even been defined as yet? Legislation can’t be made around things that may or may not happen –this will only create further complexities and may create problems, not solve them.
However, there’s little doubt that, if the metaverse explodes into being, it will need protections put in place. Guidelines around the use of artificial intelligence (AI) and machine learning. Regulations that ensure user privacy and protect vulnerable people. These regulations and protections aren’t taking away the fun, they’re making sure that the fun doesn’t have unintended consequences.
"As organisations, social media giants, users and innovators eye up the metaverse and its potential, they need to continuously assess how they’re tackling user privacy and data,” concludes Ambrose. “For companies specifically, they need to take the guidelines already outlined in legislation and apply these to the virtual realm and the solutions they offer within it. This will not only minimise the risk to users, but the risk of over-regulation that may stifle innovation.”
The future of the metaverse is still up for debate, its potential up for grabs, but it’s evolution should be monitored and managed with a clear eye on the protection of personal information. Users must remain wary of individual companies taking their information and dig deep into who will own that information and where it will be used. Companies need to temper innovation with regulation and consideration, keeping compliance at the forefront of engagements. Then, perhaps, the metaverse will be less a boondoggle and more a truly digital experience.
Get in touch with Atvance Intellect, experts in data privacy, data law, compliance and global best practice to ensure that your business doesn’t just survive compliance, it leverages it for growth.
to connect with our expert