Ready for handling Metaverse biometric data?
If or when the internet transitions into the Metaverse — something Facebook is already working towards — the amount of biometric data generated from users could be huge, requiring whole new categories of data protection. And if interacting with the virtual world progresses beyond current biometrics to more direct brain interfaces, this could present whole new categories of metaverse biometrics, including brain waves. First of all; what is it?
What is the Metaverse?
A flurry of coverage of the development of the Metaverse, including an interview with Mark Zuckerberg and the New York Times investigation “Are We Living in the Multiverse Yet?” suggests the concept is currently having a moment.
The term ‘metaverse’ was first used in Snow Crash, a 1992 sci-fi novel by Neal Stephenson, reports The Verge, to describe the confluence of physical, virtual and augmented realities in a shared online space.
There have been many attempts at creating virtual venues and worlds such as Second Life, but the Metaverse would link together 3D virtual settings and spaces where a user (or avatar or resident) could pass from one to another, even taking virtual possessions such as clothing or tools from one space to another.
Artificial Intelligence could accelerate its development as the Internet of Things (IoT) provides more real-world infrastructure along with massive server power it would require.
The adoption of shared virtual places now appears to be happening, particularly in the gaming world. Massively multiplayer online games connect millions of players, though they are typically only experiencing the virtual playing arena in smaller groups, together making up a ‘multiverse’. With sufficient interoperability, gaming situations could see players acquiring components in one game or world which could be compatible in other spaces.
The Metaverse eclipses the current understanding of the World Wide Web by bringing greater synchronicity, according to “The Metaverse: The Evolution of a Universal Digital Platform,” a report by Norton Rose Fulbright. It will allow vast numbers of people to gather simultaneously in virtual settings.
People will be able to transact whether by fiat currency, cryptocurrency, non-fungible tokens (NFTs) or as yet unknown ways.
Current virtual reality interaction is achieved via headsets and gloves and sometimes further sensors across the body.
These could already accumulate data on the user beyond transmitting their movement in a game or virtual meeting. Gait, eye movement and physiological responses could all be tracked.
Scanning of faces or photos to create virtual versions of a real life likeness could present further opportunities for biometric use and abuse.
Smartphone users may already have let their phone perform a 3D scan of their faces to create a Memoji of themselves – a personalized, animated emoji.
User behavior could be monitored for marketing purposes. While current internet users give away information on their interests by what their searching for online, in the metaverse, tracking could monitor what users turn their heads to look at and even just their eyes.
According to the Norton Rose Fulbright report, this type of Metaverse biometric data would class a whole new category and could not be covered in existing marketing consent or GDPR categories.
Given the metaverse’s linking of unknown numbers of spaces, it is unclear how any agreements on user data and biometrics might be shared or whether real-life biometric verification might be needed for a user to pass virtually from space to another.
The current understanding of biometrics could of course be eclipsed by interfaces moving beyond visors and external sensors. If technology progresses to implants that interface (more) directly with the brain, a whole new type of metaverse biometrics could be created with brain-specific markers providing user verification and authentication. The GDPR would need updating.