In their list of privacy concerns and cyber threats for 2023, cyber security vendor Kaspersky says that the metaverse raises some concerns. For example, the researchers are worried about the amount of data vendors collect from VR headsets. But there are also concerns about the universal experience of the metaverse, creating complex conflicts between requirements of the regulations regarding data breach notification.
In their privacy trends for 2023, Kaspersky says to be concerned about metaverse privacy. Especially VR headsets are reason to be worried: one of the latest VR headsets feature four front-facing cameras, three cameras on each controller and several cameras to track eyes and facial expressions. This creates a “nightmare scenario” where vendors can get deep insight into, for example, the interior of your home, as well as tracking emotional reactions.
Privacy concern: the smartphone
But at the same time Kaspersky wonders if smartphones and IoT devices aren’t already too invasive. They write: “The amount of data we generate just by using cashless payments and carrying a mobile phone around during the day is enough to make the most sensitive inferences. Smart home devices, smart cities with ubiquitous video surveillance, cars equipped with multiple cameras and further adoption of IT, as well as continuous digitalization of services will make personal privacy, at least in cities, a thing of the past.”
As if this privacy concern isn’t worrying enough, Kaspersky identified four other privacy trends for 2023:
- Internet balkanization will lead to more diverse (and localized) behavior.
- Smartphones will replace more paper documents.
- Companies will fight the human factor in cybersecurity to curb insider threat and social engineering to protect user data.
- Desperate to stop data leaks, people will insure against them.
Kaspersky’s cyber threats
Apart from privacy threats, Kaspersky also identified cyber threats, in which the metaverse plays a significant role as well. This is mainly because there is a lack of regulation and moderation rules. Virtual abuse and sexual assault will spill over into metaverses, according to Kaspersky. They report about the cases of avatar rape and abuse, despite the efforts to build a protection mechanism into metaverses.
But also, the universality of the metaverse raises concerns since the metaverse cannot obey regional data protection laws, such as GDPR. This might create complex conflicts between the requirements of the regulations regarding data breach notification. Even though the metaverse are currently limited to a few spaces and a few industrial and business use cases, the trend is scary, according to Kaspersky.
Find the report on privacy predictions here: https://securelist.com/privacy-predictions-2023/108068/
And check out the other consumer cyber threats here: https://securelist.com/consumer-threats-2023/108112/