Software

Metaverse privacy maturity lags enthusiasm for new virtual worlds

Let's dive in and do it anyway, because that worked so well for social media


The metaverse already has privacy problems, and efforts to address them are disconcertingly hard to find, argued panelists at a Singapore conference yesterday.

Many metaverse technologies – think AR, VR, NLP AI, and 3D graphics – have been around a while but are coming together for the first time, explained Pankit Desai, CEO of cloud security company Sequretek on Tuesday at the Asia Tech x Singapore (ATxSG).

"These technologies were built at different points of time by different sets of people without an understanding of what the end use would be," said Desai, adding "to me the security risk is a big risk."

Desai illustrated his concerns by suggesting that in the metaverse, a man in the middle attack could be replaced by a a "man in the room attack" that sees unwanted intruders join supposedly private virtual conversations.

Another panelist, surgeon Yujia Gao who spearheads various projects in Holomedicine at Singapore's National University Health System, explained the goal of Holomedicine isto make healthcare accessible to anyone on Earth by "holoporting" someone from one location to another.

But Gao also had security concerns, which he explained as follows:

Data security is a huge problem that we are trying to solve. We are now talking about real-time transfer data – it is not a data package that is being sent that can by anonymized easily. So how do you prevent outsiders or hackers from entering?

How do you prevent a person from mimicking on the other end? How do you govern patient data moving across the public cloud and internet while maintaining security? These are some of the real issues we are facing and trying to solve.

And the problems don't stop there. As panelist and director of the National University of Singapore Ripple FinTech Lab Keith Carter pointed out, questions will arise about which legal jurisdictions apply in the metaverse.

"This introduces a whole new set of security requirements and frameworks," said Carter.

"Big tech is quite naïve in not understanding the impact of the technology they created. Hindsight is 20/20," argued Sequretek's Desai, who compared metaverse regulations to law enforcement in movies.

"Cops in movies turn up last," he observed. "In this case, regulators need to turn up sooner be part of the ecosystem, to guide it and put it to a greater use."

Carter seemed to agree, offering that citizens of governments that hold a strong IT policy will see the metaverse expand and transform their lives – for example through education.

The youngest member of the panel, student and CEO of metaverse technology company Finute, Winston Ng, described how experiences in the metaverse already replace ads, by letting users wear virtual clothes or test drive virtual cars.

The kicker? All the data – who wore what, who saw what, who drove what, and for how long – is recorded and will probably be sold.

If anyone thought that idea scary, Winston and Carter offered up a different perspective: that perhaps one could just flip the script and not think of it in a bad way.

"Privacy is fake news and that's a good thing," said Carter. "We are very happy to go on Google Maps and see if the road is clogged, and we are all crowdsourcing that data. If you are in an environment like [the metaverse], every move you make will be captured." ®

Send us news
11 Comments

Google taps Fastly to make cookie-free adtech FLEDGE fly

Online ad colossus hopes it can still make money when users want privacy

Infosys president leaves to join rival Tech Mahindra as CEO

PLUS: Singapore tests AWS quantum network; Honda bulks autonomous truck; India tightens crypto laws; and more

Dems offer ban on Feds using facial, voice recognition

Second time before Congress a charm?

Privacy fail: Pictures cropped, redacted by Google Pixel phones can be recovered

aCropalypse Now, starring any 2018-or-later device

UK spy agency: Don't feed LLMs with sensitive corporate data

Oh gosh. Looks like that bot just spilled that you plan to fire 20k staffers in Q4

Microsoft dips Teams in the metaverse vat with avatars ahead

Can't be bothered with cam? Replace yourself with a 3D diligent worker

Singapore admits it should have explained COVID app data could be used by cops

Island nation reworks digital infrastructure found to have slowed down pandemic response

Catholic clergy surveillance org 'outs gay priests'

Religious non-profit allegedly hoovered up location data from dating apps to ID clerics

BBC to staff: Uninstall TikTok from our corporate kit unless you can 'justify' having it

Those with 'sensitive' work-related information told to contact Beeb's security team

Eufy security cams 'ignore cloud opt-out, store unique IDs' of anyone who walks by

Gadget maker accused of 'corporate voyeurism' by gathering up footage against your wishes

Pair accused of breaking into US law enforcement database, posing as cops

Teen arrested yesterday while another man suspected of being a ViLE crime group member still 'at large'

Electronics market shows US-China decoupling will hike inflation and slow growth

Singapore's central bank has a gloomy vision of the future