Metaverse privacy maturity lags enthusiasm for new virtual worlds

Let's dive in and do it anyway, because that worked so well for social media

The metaverse already has privacy problems, and efforts to address them are disconcertingly hard to find, argued panelists at a Singapore conference yesterday.

Many metaverse technologies – think AR, VR, NLP AI, and 3D graphics – have been around a while but are coming together for the first time, explained Pankit Desai, CEO of cloud security company Sequretek on Tuesday at the Asia Tech x Singapore (ATxSG).

"These technologies were built at different points of time by different sets of people without an understanding of what the end use would be," said Desai, adding "to me the security risk is a big risk."

Desai illustrated his concerns by suggesting that in the metaverse, a man in the middle attack could be replaced by a a "man in the room attack" that sees unwanted intruders join supposedly private virtual conversations.

Another panelist, surgeon Yujia Gao who spearheads various projects in Holomedicine at Singapore's National University Health System, explained the goal of Holomedicine isto make healthcare accessible to anyone on Earth by "holoporting" someone from one location to another.

But Gao also had security concerns, which he explained as follows:

Data security is a huge problem that we are trying to solve. We are now talking about real-time transfer data – it is not a data package that is being sent that can by anonymized easily. So how do you prevent outsiders or hackers from entering?

How do you prevent a person from mimicking on the other end? How do you govern patient data moving across the public cloud and internet while maintaining security? These are some of the real issues we are facing and trying to solve.

And the problems don't stop there. As panelist and director of the National University of Singapore Ripple FinTech Lab Keith Carter pointed out, questions will arise about which legal jurisdictions apply in the metaverse.

"This introduces a whole new set of security requirements and frameworks," said Carter.

"Big tech is quite naïve in not understanding the impact of the technology they created. Hindsight is 20/20," argued Sequretek's Desai, who compared metaverse regulations to law enforcement in movies.

"Cops in movies turn up last," he observed. "In this case, regulators need to turn up sooner be part of the ecosystem, to guide it and put it to a greater use."

Carter seemed to agree, offering that citizens of governments that hold a strong IT policy will see the metaverse expand and transform their lives – for example through education.

The youngest member of the panel, student and CEO of metaverse technology company Finute, Winston Ng, described how experiences in the metaverse already replace ads, by letting users wear virtual clothes or test drive virtual cars.

The kicker? All the data – who wore what, who saw what, who drove what, and for how long – is recorded and will probably be sold.

If anyone thought that idea scary, Winston and Carter offered up a different perspective: that perhaps one could just flip the script and not think of it in a bad way.

"Privacy is fake news and that's a good thing," said Carter. "We are very happy to go on Google Maps and see if the road is clogged, and we are all crowdsourcing that data. If you are in an environment like [the metaverse], every move you make will be captured." ®

Send us news

Google Chrome coders really, truly, absolutely ready to cull third-party cookies from 2024

Bonfire of the web trackers is coming, industry ready or not

Google, Amazon, Microsoft make the Mozilla naughty list for Christmas shopping

Big Tech's toys have privacy problems. Why not buy utterly unconnected dead-tree books instead?

Singapore to deter crypto investors with tactics like those used on smokers, gamblers

Buying on credit forbidden, affordability tests imposed, and accreditation required for big bets

Net privacy wars will be with us always. Let's set some rules

Size matters, and what you do with it. But keep it safe

Meta sued by privacy group over pay up or click OK model

Scrolling through endless humblebrags without targeted ads is a fundamental right, according to privacy expert

US govt pays AT&T to let cops search Americans' phone records – 'usually' without a warrant

At least get a court order before mining Hemisphere Project data, says Senator

Rights warriors claim online ad auction data a danger to national security

'The industry can not be allowed to put elected leaders, military personnel at risk'

UK's cookie crumble: Data watchdog serves up tougher recipe for consent banners

30 days to get compliant with tracking rules or face enforcement action

MOVEit victim count latest: 2.6K+ orgs hit, 77M+ people's data stolen

Real-life impact of buggy software laid bare – plus: Avast tries to profit from being caught up in attacks

Use AI to accelerate adoption of central bank digital currencies, says IMF head

No turning back for cash replacement tokens, especially if they make credit more accessible

What's really going on with Chrome's June crackdown on extensions – and why your ad blocker may or may not work

Manifest V3 transition deemed 'far from terrible' and yet not great for content filters

Meta's fix for teen online mental health? Hold Apple and Google responsible

Facebook: If only we had a national law to ensure kids get parental permission to indulge in damaging social media