Ashley Diffey, Head of APAC and Japan at Ping Identity, says: “The online world amplified a lot of real world problems. Let’s not carry the same mistakes forward into the metaverse.”
We often hear governments and policymakers express a view that ‘rules that exist in the real world should exist online too.’
It’s a view that’s partially grounded on the idea that physical and online no longer represent two distinct ‘worlds’. People move between them now with enough frequency that a single set of rules make sense, rather than trying to deal with each world independently.
There’s some truth to this. If we look at the retail industry, for example, it’s been moving away from talking about bricks-and-mortar stores and online as two distinct ‘worlds’ for a while. Instead, it treats all channels in an ‘omni’ or integrated fashion. Shoppers can start a transaction online and complete it in-store, or vice versa. Everything takes place in one ‘world’ made up of physical and digital components.
That being said, online also has some complications, such as high levels of pseudonymity and anonymity, that make the need for some digital-specific rulemaking unavoidable.
This blurring of physical and digital lines will only become more pronounced as the metaverse takes shape. In 2022, the metaverse is primed to be a digital social space that is not limited to the narrow realm of physical possibilities – creating simulated digital worlds that mimic our world.
There are considerable opportunities as well as risks in this space. Most of the effort right now is being expended on exploring and understanding the opportunities side. An open discussion about the risks is needed, too.
The biggest risk is that we simply take, replicate and amplify problems we already see in the ‘real world’ and online into the new ‘digital worlds’ that collectively make up the metaverse. That is, the things we didn’t like about the real world, that were multiplied by moving them online, could multiply again in the metaverse.
Which is why we need to sit down and set up some guardrails for the metaverse’s evolution, allowing it to develop in a measured way that learns from past lessons instead of simply repeating them.
Collaboration will be required between industries, experts, governments and regulators to ensure terms of use, privacy controls and safety features are appropriate to the new technology.
The five risk areas
While the metaverse environment remains completely unpoliced, it makes it a perfect space for fraud, money laundering, child exploitation, misinformation and cyberattacks.
With multiple worlds now being created that users can move between, this freedom of travel opens up the user to new risks of hacks and exploits posed by the world you travel into. The real world consequences of users hypothetically taking the ‘blue pill’ and permanently ‘jacking-in’ to the metaverse over taking the ‘red pill’ to face reality are potentially catastrophic. The types of protections – legal and ethical – that keep our physical identities safe are not as developed in the digital world.
We’ve identified five risk areas that exist today that the metaverse could amplify.
With high-profile organizations now getting involved with the metaverse, it opens up the platforms to the spread of misinformation or fake news. Social sites such as Facebook and Instagram already have this problem, so how can this be policed within the metaverse when it is a creator-driven platform? Are there design principles that metaverse developers could adopt that would mitigate or mute the enablers for misinformation that exist in today’s worlds?
A second risk, which we’ve touched on, is lack of regulations, which could lead to serious privacy concerns or court cases over intellectual property (asset) ownership. Most global governments haven’t modernized their legal infrastructure yet to deal with the future metaverse. There is an enormous misalignment between regulation and technological innovation, which is moving faster than ever due to convergence and democratization.
The metaverse also risks multiplying issues around protecting personal privacy. Data mining has been a big concern when it comes to big players such as Facebook. With organizations such as these building the foundations for the future of the metaverse, this could intensify. Alongside this, a significant element of the metaverse is built on the sale of virtual goods, which means advertising, which will require data collection of individuals. With few government regulations on this, the metaverse threatens to continue and amplify the data mining trend for users.
A fourth risk that we’re almost certainly likely to import into the metaverse is vulnerabilities and criminals that exploit them. Cybercriminals and scammers could intercept the metaverse, hack users’ avatars to take control, hold them hostage, or create copies allowing them to extract sensitive data.
The inability of existing online platforms to enforce robust user integrity and trust raises concerns about further exploitation within the metaverse. AI-driven content moderation, identity verification, user authentication, dynamic authorization and transaction monitoring will be essential for the safety of users in metaverse worlds.
Finally, the rise in the use of smart contracts opens up the opportunity of embedding code within these contracts that can be used for illicit and illegal activity. Even developers with high knowledge levels and the best intentions can create bugs or errors that trigger undesirable results that are hard to correct. Users need to evaluate the need for smart contracts instead of regular scripts and traditional contracts.
Click below to share this article