Riding at the forefront of emerging technologies is a virtual platform called the “metaverse” where people can freely interact with each other; but to what extent is their freedom maintained? With various concerns on cybersecurity and individual safety in this rising technology, will this be the future of how we interact virtually?
Metaverse: An integrated network of 3D virtual worlds
The concept of the metaverse has been around in science fiction for decades as the term can be traced back to American writer Neal Stephenson's dystopian cyberpunk novel Snow Crash, which introduced the concept of virtual reality with most people choosing to live their lives digitally. Since its publication in 1992, the novel has been hailed as a classic genre that features future technology, alongside other works such as American-Canadian writer William Gibson's Neuromancer, which describes a virtual reality dataspace known as the matrix.
The idea of communal virtual reality is actually already decades old, but it wasn’t until Facebook, the world's largest social network, changed its name to Meta in 2021 and brought it into popular consciousness. Meta founder Mark Zuckerberg described its rebranding as “a metaverse company, building the future of social connection,” while announcing a new project in line with its creation of metaverse, which would combine augmented reality (AR), virtual reality (VR), and 3D avatars to create a one-of-a-kind interactive experience. This immersive simulated environment would allow users to participate in online games, social interaction, and commercial transactions.
Content creation in the metaverse
Online virtual communities have become more mainstream due to the rise of virtual reality devices, such as Meta’s own Oculus Quest. However, before the metaverse was popularized, there were existing communities that embodied a similar concept around early 2014, specifically Rec Room and VRChat.
Users were given the chance to create their own experiences with Rec Room and VRChat that could be shared with others in both VR and non-VR modes. These encounters can range from simple activities like minigolf to more complex ones such as large-scale roleplaying.
The metaverse, on the other hand, specifically targets businesses with dispersed workforces, allowing them to create VR workplace environments in which employees can interact with one another in real-time as embodied avatars. Collaboration softwares such as Meta's Horizon Workrooms and Microsoft Mesh are already available, allowing employees to meet in VR or participate in meetings that use AR to project photo-realistic holograms of their coworkers.
Security in the virtual world
While its concept is appealing, various concerns have been raised by global cybersecurity professionals and businesses about potential security flaws in the all-encompassing metaverse.
According to cybersecurity firm Check Point, the occurrence of cyber attacks increased by 50% in 2021, which will continue to rise as the metaverse expands. With the prevalence of the infamous non-fungible tokens (NFTs) as a means for ownership in some metaverse platforms, these communities become a main target for hackers due to their high value and the decentralized nature of the blockchain, making it difficult for authorities to track transactions.
Aside from this, identity and data theft have been linked as another metaverse vulnerability. Since its users must create their own personalized avatars, hackers can gain access to users' offline data which can then be used for unethical purposes such as harassing or spamming other users.
Furthermore, the metaverse is an entirely unrestricted platform with no universal data collection regulations in place. For data to be protected under the Republic Act No. 10173 or the Data Privacy Act, platforms, data servers, or offices of metaverse platforms would have to be located in the Philippines. This means that the more information a user gives away, the more valuable it becomes for hackers to exploit and sell in other places such as the dark web if these platforms are outside the jurisdiction of the country.
Safeguarding the metaverse
To make the metaverse a safe haven for digital escapism, a set of universal regulations should be put in place to protect each individual's data and information while still providing personalized experiences. According to software company CrowdStrike, platforms can use a zero trust policy, wherein all data is constantly authenticated and validated for security configuration.
Another way to safeguard information is to adopt the General Data Protection Regulation (GDPR), the European Union's (EU) strictest data privacy law, as a framework for data protection and ensuring user safety in the metaverse.
As of now, the metaverse is still in its early, premature stages, making it prone to cybersecurity concerns. However, once safety regulations are established, along with the implementation of Web 3.0, a new iteration of the web that uses decentralization and a zero-trust security paradigm to secure personal data, the metaverse can be a viable virtual platform for people to interact without the constraints of geolocation and also other online and social obstacles.
This article is also published in The Benildean Volume 8 Issue No. 2: Reacted.