Massive personal and bodily data collection required by the metaverse poses a significant data privacy risk, which could only be addressed through substantial efforts from both technology providers and lawmakers, according to The Record, a news site by cybersecurity firm Recorded Future.
Tech firms interested in the metaverse should not only develop privacy, cybersecurity, and security-by-design best practices before introducing their products and guarantee transparency regarding the technology's impact on data privacy but also ensure the deletion of "raw and derived bodily data" once such information once unneeded and provide user control on risk exposure, a report from the New York University's Stern Center for Business and Human Rights said.
On the other hand, Congress has been urged to approve a revised American Data Privacy and Protection Act that ensures body-based data protections and strengthens user consent.
Such legislation should also prohibit psychographic profiling usage of consumer bodily data, said the report.
