Analysis on Potential Threats to Privacy in Metaverse
In the last article, we distinguished three different kinds of privacy in metaverse, named informational privacy, physical privacy, and associational privacy. Based on this distinction, we attempt to identify three kinds of threats to privacy in metaverse.
There are several threats to informational privacy. As we know, VRSNs (Virtual Reality Social Network) will be the backbone technology of metaverse, in order for VRSN to function, we would need personal information to expand functionality and create a better user-experience. For example, medical information would be required for virtual meetings with doctors (either fully artificial doctors or the avatars of real-life doctors). There are two threats related to information privacy when VRSNs become a reality.
Increased Vulnerability of Data
The first such threat is that digital data becomes more accessible to public. Some threats to informational privacy come from hackers, government agencies, malware and criminal organisations that are able to use electronic media to access information about an individual. Widespread use of VRSNs will mean that more information about an individual will be potentially available to these groups than ever before.
The fact that information is being stored electronically makes it accessible to people irrespective of geographical location. For instance, bank details, medical records, personal correspondence are all stored online. This is obviously a very useful feature, but it means that personal information is at risk of being used in ways that are inappropriate or unjust, e.g. being stolen by hackers, criminal organisations, or used by government agencies. In the VRSN scenario, these sorts of data will need to be protected [1].
The discovery of the Heartbleed bug — which enabled people to steal data, eavesdrop, and impersonate users and servers by accessing sites thought to be secured by OpenSSL (used to encrypt communication between a user’s computer and the server) without the possibility of detection, illustrates the risks of online information [2].
This affected a huge number of sites, including Internet behemoths such as Google as well as smartphones running Android, Amazon Web Services and Pinterest. Prior to the digital era it was possible to steal this information too, but now it can be potentially stolen from anywhere in the world, very quickly, and the theft might go unnoticed. These threats exist currently, prior to the widespread adoption of VRSNs.
However, as mentioned above, the extra information that a VRSN will gather (eye-movements, emotions, real-time reactions), will mean that even more data about the individual is digitized and potentially available to those who would misuse it. Furthermore, in metaverse, VRSNs would be used for more than gaming — people might meet virtual doctors, virtual accountants, virtual teachers and so on [3]. As such, more people are likely to make use of VRSNs than currently partake in either VRs or SNs and they are likely to reveal more intimate and personal information in online scenarios, placing it at risk.
Furthermore, individuals are often unaware of the amount of personal data that they are making available online. Therefore, although a person might be extremely careful regarding certain information (e.g. medical records) and might be content to reveal a certain degree of information, they may find that they are revealing more than they intended.
Companies arguably purposefully use overly complicated and convoluted terms and conditions so that individuals might not be aware of the amount of information about themselves that they are “agreeing” to make available. Websites gather huge amounts of data about the individual, e.g. via “cookies” or other user-tracking activities [4].
There is little reason to assume that VRSNs, were they to become popular, would not also gather data about their users. The business model of Internet firms such as Google and Facebook is predicated on gathering information about their users and selling these data on to others — take for example Facebook’s aforementioned acquisition of WhatsApp, which provided it with the phone numbers, locations, user names and contact lists of the 465 million users.
Increasingly websites and Internet features request users to create profiles or to sign up to membership, which involves providing real personal information and submitting to legally binding contracts, in order to use the service [5].
Misuse of Data
The use of these data can have undesirable consequences. The erosion of informational privacy will have significant effects. Many individuals will have an interest in certain information remaining private, i.e. information about health, financial status and sexual preferences.
If this sort of information were no longer private individuals might face discrimination as a result of what is known about them. For example, someone who has previously had mental health issues might find their job opportunities reduced or their social life affected.
An example is information about a gay person’s sexual preferences; in certain countries they would face time in prison, were these to be made public. As more socialising moves online, this sort of information will be accessible to more people. A VRSN may give the illusion of greater privacy in these matters than is actually the case, e.g. a person may act with fewer inhibitions in a VRSN than in the real world, forgetting that their actions might become known to many more people than expected — both within and outside of the VRSN. This is more likely the more immersive the VRSN. Users are going to be immersed in the moment and may be tempted to abandon caution about their actions more so than they would be in the offline world.
Threats to Physical Privacy
These threats are likely to arise from the proliferation of devices that can record people in their physical surroundings and the ease with which recordings can be shared and made public. Indeed, it is reported that there exists one CCTV camera for every 11 people in the UK [6].
For example, it is likely that new smartphones will be able to continuously record sounds around them without the consent of the user. Recordings of people’s faces and emotional states, and possibly bodily movements might be required to create virtual avatars and can be considered a threat to physical privacy. We will access VRSNs via devices, be they on mobile phones, tablets, laptops, computers, TVs, or even in every day objects. These devices will be able to record us and send that data to the VRSN.
There are three main threats from VRSNs to physical privacy.
- Prevalence of Recording Devices. The first threat is that we might lose control over being observed in our physical environment. Recording devices will be essential in order to access VRSNs, particularly if persons are to be realistically represented as themselves in real-time. That recording devices might be both ubiquitous and practically invisible, or embedded in furniture or clothing, will make physical privacy even more difficult to protect. Ideally if a person is alone in a room, they can be confident that they have a degree of physical privacy. They can check if someone is hidden somewhere, they can ensure that no one can look in through a window or an open door. However, the convergence of VR and SNs makes this type of privacy less certain. Physical privacy can even be compromised for those that are aware of the existence of these recording devices. The fact that these devices are often accessible and possibly activated through the Internet makes it in theory possible that a third party would activate the device outside the control of its legal owner. If VRSNs were to become hugely popular — as in our scenario — these threats would be exacerbated.
- Unintended revelation of physical information. A second threat is that we might lose control over what information is revealed when using these devices required to enter a VRSN, i.e. these devices will record not only what we intend to reveal but also many things we did not intend to reveal. When a person is watching something online they will react in numerous, unconscious ways — their eyes will flicker, their position will shift, their face will react and so on. The incorporation of eye-tracking devices or emotion-capture technologies into immersive worlds, games, SNs and the web in general, will make it possible to track these physical reactions to online stimuli. As such, data can be gathered about a person that they might not be aware of, such as the length of time they looked at a particular product and their physical reaction to what they’re seeing. Indeed, it will be possible to record and track reactions that the user is unconscious of and is unable to mask. New facial recognition technology, in particular a newly developed algorithm known as “GaussianFace” exceeds the ability of humans to identify matching faces [7]. Previously, it was possible to obtain physical information of people’s facial reactions and eye-movements, but it generally required obtrusive and obvious close observation or the employment of experts. Eye-tracking and emotion capture software — likely to play a major role in VRSNs — make obtaining this type of information far easier, more accessible to a wider number of people, and more precise.
- Loss of anonymity. A third threat is that we might become increasingly unable to choose anonymity or to hide ourselves. The development of avatars designed to realistically represent the user (for reasons of transparency) would mean that there is a digital representation of their physical self on the web. Facebook, the most popular SN at the time of writing tries to get its members to use their real names; it is plausible that if there were a convergence of VR and SNs led by Facebook, they would want avatars to represent the real users. This would have the benefit of ensuring that people would know the age of the person they are interacting with in a virtual environment.
Threats to Associational Privacy
These will come from the greater ability of people to record and make widely available interactions amongst people as these will take place or be publicised in metaverse, as well as from the greater difficulty in controlling who finds out about upcoming events.
The main threat is that important public and private places in which we communicate suffer from a lack of privacy. The threat to associational privacy has implications beyond birthday parties ending in riots, of course. Being able to socialise, share experiences with others, and debate and argue with others is instrumentally important for the individual’s growth as a moral agent and for society. Individuals may wish for their activities with others, even if it is something as simple as eating a meal, to remain private.
If VRSNs become significant platforms for discourse and social interaction, huge amounts of data will be created about people. The fact that much of our social activities could take place on VRSNs might mean that many of our conversations about trivial and important matters are potentially available to third parties. Even people who are not members of any SN are likely to have some presence on such networks via their friends and associates. Indeed, depending on the sophistication of the VRSN, individuals could find avatars of themselves being created in a VRSN without their permission.
Individuals lose much of their ability to control who shares experiences with them once it becomes possible for any one of those directly involved in the experience to release a video of that experience online. Furthermore, depending on the prevalence and security of the devices used to access VRSNs, a person might not even have to be in the VRSN for this to be a problem.
As mentioned, if the device can be hacked, a person might not be aware that their activities are being recorded. This could be called the “global village” problem [8]. In villages, everyone knew everyone else’s business. This could lead to smallmindedness, conformity, and a stifling social atmosphere. With the development of SNs and recording devices, this aspect of village life — the ability to pry and see what others are doing — is becoming a feature of the global village. It is now harder to control who can hear your conversations, see your actions, and find out about your life in general.
About Zecrey
Zecrey official website: Zecrey
Welcome to join our communities and follow us on twitter:
Twitter: https://twitter.com/zecreyprotocol
Discord: https://discord.com/invite/U98ghQsJE5
Telegram: https://t.me/zecrey
Medium:https://medium.com/@zecrey
References
[1] FPF Report: Mitigate the Privacy Risks of AR & VR Tech
[2] Wakefield, J. (2014). Heartbleed: Do you need to worry? BBC News. Retrieved April 11, 2014, from http://www.bbc.com/news/technology-26969629
[3] https://medium.com/building-the-metaverse/the-experiences-of-the-metaverse-2126a7899020
[4] https://www.vox.com/recode/2019/12/10/18656519/what-are-cookies-website-tracking-gdpr-privacy
[5] O’Brolcháin F, Jacquemard T, Monaghan D, et al. The convergence of virtual reality and social networks: threats to privacy and autonomy[J]. Science and engineering ethics, 2016, 22(1): 1–29.
[6] Barrett, D. (2013). One surveillance camera for every 11 people in Britain, says CCTV survey. Retrieved from http://www.telegraph.co.uk/technology/10172298/One-surveillance-camera-for-every-11-people-inBritain-says-CCTV-survey.html
[7] Tomkins, M. (2014). New face recognition algorithm knows you better than you know yourself. Retrieved from http://www.imaging-resource.com/news/2014/04/23/new-face-recognition-algorithm-knows-youbetter-than-you-know-yourself
[8] https://edupliance.blog/2018/10/24/challenges-of-the-global-village-in-business/
