Metaverse skeptics fear the prospect of unprotected data and large-scale user surveillance on a scale never seen before. Ironically, the largest company pushing the Metaverse, Meta (previously known as Facebook), has faced its own fair share of privacy scandals in the internet’s current iteration, culminating in Mark Zuckerberg being infamously hauled before the United States Congress to answer for Facebook's inability to combat hate speech and data privacy violations.
In a U.S. Senate committee hearing, whistleblower Frances Haugen accused Meta of prioritizing “profit over the well-being of children and all users” when it came to creating manipulative algorithms that tap behavioral data to persuade users into spending more time on the platform.
The controversy hasn’t weakened Facebook’s popularity, but the public zeitgeist against surveillance offers lessons for Metaverse developers looking to fix many of Web2’s problems. The fledgling space can implement systems that give users full transparency on how the systems collect and utilize user data, as well as what data is collected. By emphasizing privacy and assuring users that their data won’t be used against them, smaller Metaverse companies gain a unique selling point and even an edge over any Big Tech company looking to move into the Metaverse, including Meta.
Related: A letter to Zuckerberg: The Metaverse is not what you think it is
Data privacy issues in the Metaverse
Metaverse avatars are a conglomeration of all issues relating to privacy in the digital realm. As a user’s gateway to all Metaverse interactions, they can also offer platforms a lot of personal data to collect, especially if their tech stack involves biometric data, like tracking users’ facial features and expressions for the avatar’s own emotes.
The risk of someone hacking biometric data is far scarier than hacking shopping preferences. Biometrics are often used as an extra security precaution, such as when you authorize payment on your phone using your fingerprint. Imagine someone stealing your fingerprints and draining your card with a bunch of transfers. Such breaches are not unheard of: In 2019, hackers got their hands on the biometric data of 28 million people.
It’s scary to think about how traditional digital marketing might look in the Metaverse. Have you ever shopped for shoes online and then suddenly noticed your Facebook is filled with ads for similar footwear? That’s a result of advertisers using both cookies and your IP address to personalize your ads. Imagine if advertisers had access not just to your shopping preferences, but to your biological data as well. Marketers would pay a lot for an array of your facial expressions captured throughout a visit to a Metaverse shopping mall, and Big Tech knows that all too well.
Related: Browser cookies are not consent: The new path to privacy after EU data regulation fail
And this is exactly where smaller Metaverse developers have an edge over huge corporations like Meta. Data privacy will be a huge worry for anyone seeking to join the Metaverse, and when facing off with Meta, with its history of bad data usage, newer developers need to emphasize privacy as their main selling point. But how?
Ensuring privacy for vulnerable consumers
The Metaverse is our chance to build a better, more private digital reality that protects individuals against government and corporate misuse. As such, developers should approach constructing the architecture of the Metaverse with that in mind. Built into that architecture should be clear communication with users regarding data policies and preferences, ensuring they only share their data when they truly want to rather than when they are tricked into it through disclaimers buried in pages of legal jargon.
Just as many websites today have more effective controls that empower users to opt out of data sharing, Metaverse projects should have clear-cut ways for users to protect their data, whether biometric or not. And the key is to emphasize those elements from the get-go.
Biometric data, whether face tracking for avatar emotes or fingerprints used as the basis for a cryptographic key pair, need special protections. Access to such data isn’t the same as Meta knowing someone's food preferences — it’s literally the key to everyone’s biological information. To protect this information on the Metaverse, developers should normalize the use of digital biometry-based IDs powered by blockchain. Biometric data can work as the cryptographic foundation for generating a pair of public and private keys. These keys would work as a proof of identity on a network, enabling its holders to sign off and receive transactions. Enabling a digital ID rooted in a key pair makes for a safer and more protected identity that’s nearly impossible to hack.
Another key way to protect consumers is ensuring their data is encrypted and anonymized. Don’t cut corners. Make sure to effectively communicate to customers that their privacy is the number one priority and that they are in control of what is being shared. The Metaverse can be a scary place for users if they don’t know what their data is being used for.
They say the journey of a thousand miles starts with a single step, and for Metaverse developers, that first step will be crucial. In order for the Metaverse to reach mainstream audiences, people need to feel comfortable sharing their data. The privacy issue is no joke for Metaverse users, and Metaverse developers must keep this in mind in order to have an edge over big companies — and, more importantly, shape the internet of the future. The state of everyone’s privacy depends on it.
This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.
The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.