The Metaverse Will Blur the Lines Between Physical and Online Privacy
October 26, 2022
The metaverse is still a bit of a mystery. Though it will soon begin to integrate physical and virtual worlds, no one has the answers as to exactly what that merge will look like.
On this episode of Privacy Abbreviated, hosts Dona and Catherine are joined by Tracy Shapiro, a privacy expert, and partner at Wilson, Sonsini, Goodrich, & Rosati. Together, they discuss the many questions related to how virtual reality will force privacy standards to evolve in the coming years. Though no one has concrete answers yet, Tracy offers her predictions on the most likely outcomes.
Listen now to learn what to expect in the metaverse. Will you have more privacy or less?
0:00-0:40 In episode three of Privacy Abbreviated, hosts Dona Fraser, Senior Vice President of Privacy Initiatives at BBB National Programs, and Catherine Dawson, General Counsel and Chief Privacy Officer of Osano, sit down to discuss the privacy concerns of the metaverse.
0:41-1:57 This episode features Tracy Shapiro, a partner at Wilson, Sonsini, Goodrich, and Rosati. Tracy has been with the firm in their privacy group for nearly a decade. Her role is to advise companies on how they can process consumer data. She also works with clients to spot red flags in project launches and help them with compliance issues and privacy laws.
1:58-4:39 To start the episode, Dona asks Tracy to describe the metaverse and what she believes it entails. She shares that the metaverse is a term used to describe the virtual world that exists online. It’s a place where you can interact with other people in various ways, including through social media, gaming, and even shopping. While the metaverse offers many benefits, it also raises some significant privacy concerns. For example, when you share information in the metaverse, you may not be aware of who else can access it. Additionally, your interactions in the metaverse can be tracked and used to create a profile of you without your consent. As the metaverse continues to grow and become more popular, it’s important to be mindful of these privacy issues and take steps to protect yourself.
4:40-5:12 Dona then asks Tracy what she foresees to be some of the biggest privacy challenges for companies whose primary business operations are intended to be in the metaverse. Tracy says she thinks the challenges exist in two categories: logistical compliance challenges and philosophical privacy challenges.
5:13-7:02 Tracy explains that she feels the world will be able to adjust existing laws as everyone did when mobile apps or IoT devices became a thing. She notes that lawyers have always had a “moment of panic” around how they will apply existing privacy laws to our clients’ new technologies. Tracy provides two examples of situations involving privacy notices and how to obtain consent from users properly. She ends her first point by stating that she feels one challenging question and one unknown is whether there will be interoperability in the metaverse moving forward.
7:03-7:55 Regarding the high-level privacy challenges, Tracy says one of the more complex issues is that the metaverse seems to straddle this space between an online experience and an experience that’s like the physical world. She feels that figuring out which rules of the road apply—the online or offline rules—will be one of the big challenges. Tracy uses the example of location tracking, for instance. There are privacy laws and industry standards that apply to the collection of an individual’s precise geolocation information. She says there’ll be a looming question of whether or not people’s precise location will be revealed or if it will be similar to visiting a website where your location information is coded.
7:56-8:54 She exacerbates her concerns by providing an example of virtually bank visits, doctor visits, yoga, or visiting a rally. With our current state of technology, it could be ascertained that these are four unique visits in four separate and distinct locations. She is concerned about whether movements in the metaverse will be akin to tracking real-world physical movement patterns. Tracy then brings up a valuable point about consumer expectations and the user experience. She asks whether the consumer expectations of how privacy is managed in the metaverse are more aligned with the real world or more akin to your traditional online experience.
8:55-29:41 Catherine shares that she agrees with the multiple concerns brought about by Tracy’s questions in conjunction with the logistical uncertainty of how the metaverse will tackle these issues in the coming future.
29:42-30:11 To close the interview, Dona asks if there are any areas or issues that Tracy thinks we should be paying extra attention to and what changes does she expect to see in the next year?
30:12-31:12 Tracy answers by saying that she believes government surveillance in the metaverse will be an essential issue to consider. She circles back to her original points regarding whether or not a person has the reasonable expectation of privacy in the metaverse. Tracy drives her point home by bringing up the topic of terrorism. “If the government suspects I’m hosting a meeting with suspected terrorists in my (virtual) living room, would coming into my home constitute a search? Does the fourth amendment apply? Maybe courts will conclude there’s no reasonable expectation of privacy at all.”
31:13-32:27 With virtual properties being an intangible yet accessible form of property, Tracy states that there is a very real issue regarding the expectation of privacy that a person has in their home—extending to a virtual or digital home. She leaves listeners with an important question, “Will I have that same right to privacy when I exist in this online world, or is that only going to exist when I am in my actual physical body?”
Subscribe to Privacy Abbreviated to receive and email notification when new episodes air.
The Government Purchase of Private Data
In this episode of Privacy Abbreviated, professor Matthew Tokson joins our hosts to discuss how the collection and sale of private data may help government agencies circumvent legal requirements.
Ad Watchers: What is the appeal of an appeal? Getting to Know NARB
In this episode of Ad Watchers, your hosts discuss a critical link in the chain of advertising industry self-regulation: the National Advertising Review Board, or NARB, the appellate body for National Advertising Division cases.
Filling Privacy Gaps with Soft Law Solutions
In this episode of Privacy Abbreviated, our hosts are joined by the Future of Privacy Forum’s Jameson Spivack to discuss how industry-developed standards and best practices can guide policymaking allowing hard law to adopt the lessons learned from soft law.
Ad Watchers: The NAD Top 10 — Did you know?
In this episode of Ad Watchers, hosts Dan and Annie take you behind the scenes of the U.S. system of self-regulation in the advertising industry and discuss some of the myths, misconceptions, and misunderstandings advertisers have.