Metaverse privacy maturity lags enthusiasm for new virtual worlds
Let's dive in and do it anyway, because that worked so well for social media
The metaverse already has privacy problems, and efforts to address them are disconcertingly hard to find, argued panelists at a Singapore conference yesterday.
Many metaverse technologies – think AR, VR, NLP AI, and 3D graphics – have been around a while but are coming together for the first time, explained Pankit Desai, CEO of cloud security company Sequretek on Tuesday at the Asia Tech x Singapore (ATxSG).
"These technologies were built at different points of time by different sets of people without an understanding of what the end use would be," said Desai, adding "to me the security risk is a big risk."
Desai illustrated his concerns by suggesting that in the metaverse, a man in the middle attack could be replaced by a a "man in the room attack" that sees unwanted intruders join supposedly private virtual conversations.
Another panelist, surgeon Yujia Gao who spearheads various projects in Holomedicine at Singapore's National University Health System, explained the goal of Holomedicine isto make healthcare accessible to anyone on Earth by "holoporting" someone from one location to another.
But Gao also had security concerns, which he explained as follows:
Data security is a huge problem that we are trying to solve. We are now talking about real-time transfer data – it is not a data package that is being sent that can by anonymized easily. So how do you prevent outsiders or hackers from entering?
How do you prevent a person from mimicking on the other end? How do you govern patient data moving across the public cloud and internet while maintaining security? These are some of the real issues we are facing and trying to solve.
- Sick of Windows but can't afford a Mac? Consult our cynic's guide to desktop Linux
- France levels up local video game slang with list of French terms to replace foreign words
- Fusion won't avert need for climate change 'sacrifice', says nuclear energy expert
- UK opens up 'high-potential individual route' for tech worker immigration
- Australian digital driving licenses can be defaced in minutes
And the problems don't stop there. As panelist and director of the National University of Singapore Ripple FinTech Lab Keith Carter pointed out, questions will arise about which legal jurisdictions apply in the metaverse.
"This introduces a whole new set of security requirements and frameworks," said Carter.
"Big tech is quite naïve in not understanding the impact of the technology they created. Hindsight is 20/20," argued Sequretek's Desai, who compared metaverse regulations to law enforcement in movies.
"Cops in movies turn up last," he observed. "In this case, regulators need to turn up sooner be part of the ecosystem, to guide it and put it to a greater use."
Carter seemed to agree, offering that citizens of governments that hold a strong IT policy will see the metaverse expand and transform their lives – for example through education.
The youngest member of the panel, student and CEO of metaverse technology company Finute, Winston Ng, described how experiences in the metaverse already replace ads, by letting users wear virtual clothes or test drive virtual cars.
The kicker? All the data – who wore what, who saw what, who drove what, and for how long – is recorded and will probably be sold.
If anyone thought that idea scary, Winston and Carter offered up a different perspective: that perhaps one could just flip the script and not think of it in a bad way.
"Privacy is fake news and that's a good thing," said Carter. "We are very happy to go on Google Maps and see if the road is clogged, and we are all crowdsourcing that data. If you are in an environment like [the metaverse], every move you make will be captured." ®