Consumer Data Privacy in the Metaverse 

Today, data protection and privacy policies that have been developed for the Internet and social media are being extended and applied into the metaverse. But, it won’t hold good for long because the kind of data AR, VR and MR technologies are collecting in the metaverse is potentially a lot more personal. It requires absolute consent from the user, and it requires that they understand what data they are sharing and how it is being used.  

If you have an email account, a social media account and a smartphone (and/or laptop), it’s likely that your browsing and purchase patterns, preferences, and location are already available to brands and companies globally. It’s with this data that they send you personalised ads and recommendations on every site that you visit.  

But, imagine a world where brands can track not just your browsing or purchase behavior, but also anticipate your response or thought process to products, services or campaigns? That’s what the metaverse is building up to be. 

Like we’ve seen in the earlier blogs, the metaverse is no longer a concept that will unfold in the future. It is already here. It began largely in the gaming industry, with platforms like Fornite, Roblox, and The Sandbox transporting its players to a virtual world. But now, retail brands like Louis Vuitton, Nike and NBA, and tech companies like Microsoft and Google have started embracing the metaverse too by creating products for avatars in the virtual world. For example, in late 2021, Nike acquired RTFKT Studios to make NFTs and virtual shoes for avatars in the metaverse. Similarly, Balenciaga partnered with Fortnite to create signature accessories for avatars in the game.  

But, how do brands play in the metaverse? Do they create campaigns based on the same set of data they capture from social and search platforms? Or, is there something more? Let’s find out. 

How Data Aggregation Works in the Metaverse 

While on social media platforms, we portray ourselves the way we want to be seen, in the metaverse, creating our avatar works a little differently. The virtual reality and augmented reality devices that we use, to plug into the metaverse and create our avatars, observe minute details in us, like our body movements, pupil dilation, the way we walk, talk and more.  

In fact, in 2021 Future of Privacy Forum policy council’s Jeremy Greenberg, and Common Sense Media’s Joseph Jerome authored a report in which they revealed that “in a single recommended 20-minute session in VR, a headset can generate approximately two million data points and unique recordings of body language.” 

At a time when the world is still grappling with consumer data protection laws on the Internet, one wonders how privacy and data security will work in the metaverse. Is our data really safe in the metaverse? Who uses this data and how? Let’s find out. 

The Current State of Data Privacy in the Metaverse 

The truth is, there aren’t any solid privacy measures in place because metaverse is still in its nascent stages. One of the biggest advocates of the metaverse, Meta (earlier Facebook), has indicated that it will be working with civil rights organisations to ensure that the data will be used fairly. It has allocated US $50 million to research privacy in the metaverse. But, there’s no saying how effective it will be. This is because, even a simple WhatsApp conversation uses two-way encryption to protect data.  

An expert from Merit adds: “A metaverse which collects minute personal data such as biometrics and fingerprints will require more advanced security and encryption to ensure that it doesn’t fall prey to phishing attacks, malware or scams.” 

So, what can companies and the government do to ensure data privacy in the metaverse right from get-go? 

• Developers should build privacy and security features into the metaverse architecture right from the beginning, rather than waiting for consumers to adopt the technology, share the data, and then find ways to protect the data.  

• Developers should encrypt and anonymise the data, segment them into groups, and create a digital identification system in place to protect vital user information. 
• Brands should tell consumers what data they are collecting, and how they are going to use that data. In other words, consumers should have control over what data they choose to share, and they need to know how it will be used. This will build consumer trust.  
• Data from different sources should be segregated in the metaverse. In a report titled User Privacy Protection in the Emerging World of Metaverse, TCS talks about how a metaverse can potentially breach user identity. For example, if a youngster in the EU creates his avatar as one similar to a popular Hollywood star, and later if the Hollywood star promotes a perfume brand, the perfume shouldn’t be linked to the youngster, and neither should the Hollywood star’s personal information be revealed or linked to the youngster in the EU. 

While there are many free metaverse platforms emerging, typically those which require the purchase of digital assets require transacting through blockchain technology and cryptocurrencies. As of now, blockchain is said to be unhackable and immutable. But, should a user’s crypto account be hacked, they face the threat of exposing very personal data. Securing and double-encrypting crypto accounts is also something developers should be wary of.  

In conclusion, while the metaverse is still in its developing stages, the amount of data it requires for a user to live in the virtual world is immense. 

As our marketing data expert as Merit says, “Unlike in the social media era – where it took years for companies and the Government to develop data privacy policies – it would be wise for them to build security and privacy into the metaverse right from day one.”  

Merit Group’s expertise in Marketing Data   

At Merit Group, we partner with some of the world’s leading B2B companies. Our data teams work closely with our clients to build comprehensive B2B marketing contact lists that provide a direct line to their target audience.  

If you’d like to learn more about our service offerings or speak to a marketing data consultant, please contact us here: https://www.meritdata-tech.com/contact-us