A new report from New York University says the immersive internet experience known as the Metaverse will violate user privacy unless significant steps are taken to improve and regulate how this technology captures and stores personal data. He claims to do so.

Metaverse relies on augmented reality (XR) technology, a collective term that refers to augmented reality, virtual reality, and mixed reality.of report Researchers at New York University’s Stern Center for Business and Human Rights warn that the technology poses significant privacy risks because it requires collecting and processing vast amounts of personal and physical data in order to function.

According to the report, an individual’s behavioral and psychological information can be estimated using physical data alone.

“Traditional XR hardware is equipped with sensors that continuously track at least three types of user data: head movements, eye movements, and spatial maps of the physical environment,” the report states. .

The report says that when this data is collected over time, it can reveal “highly sensitive information” about users, including their physical and mental conditions, and can be exploited for commercial or political gain. It is argued that there is a possibility that

Companies with deep interest in Metaverse technology include major technology companies such as: meta and microsoftlike hardware manufacturers Nvidiagame developers, etc. epic games and software platforms such as: unity.

Companies must establish “known best practices” for privacy, safety by design, and cybersecurity before launching products, and be transparent with the public about how technology may impact their privacy. The report states that there is a need to have gender in mind.

In addition, companies must erase all “raw body data” and “derived body data” as soon as it is no longer needed for the operation of their products, and implement various measures to control how much risk users are exposed to. options should be provided. Report finds that given the potential dangers of XR technology, Congress should pass comprehensive privacy legislation that includes language protecting against body-based data used to profile users and strengthen user consent models. argues that it is necessary to do so.

Please note the version. US Data Privacy and Protection Law (ADPPA) passed the House Energy and Commerce Committee in July 2022, but ultimately did not reach a floor vote, by banning companies from collecting location and health data. provided a good foundation on which to build.

The House Energy and Commerce Committee is currently negotiating an updated version of the ADPPA, but it has not yet been released.

The report says the revised bill needs to take into account the harm that the potential use of body-based data could cause. Improve notice and consent standards. Prohibits the use of consumers’ physical data for psychological profiling.