1. Comment
September 28, 2021

Data privacy: A block in the road for Facebook’s metaverse ambitions

By GlobalData Thematic Research

Developed with Ray-Ban parent company EssilorLuxottica, Mark Zuckerberg sees Ray-Ban Stories as “one milestone on the path” to augmented reality (AR) glasses – a glimpse into Facebook’s metaverse-filled future. However, these ambitions will fail to materialize until Facebook has cleaned up its act regarding data privacy.

The metaverse – a virtual world where users share experiences and interact in real-time within simulated scenarios – is becoming one of the most talked-about technologies of 2021. Once confined to science fiction and gaming, big tech is gambling on the virtual world of the metaverse to change the way we socialize, consume entertainment, and work. Facebook is setting the pace. Mark Zuckerberg has said that Facebook will become a “metaverse company” in five years and branded the metaverse as the “successor to the mobile internet”.

Facebook has a checkered past with data privacy

Ireland’s Data Protection Commission (DPC) and Italy’s privacy regulator, the Garante per la protezione dei dati personali, have raised concerns over data privacy, and potential violations of the General Data Protection Regulation (GDPR) and issue of minors being filmed. The regulators question the effectiveness of the LED indicator mounted on the glasses, which lights up to notify people when they are being filmed. Both believe that Facebook and Ray-Ban have not demonstrated that comprehensive in-field testing has been conducted to ensure the LED light is an effective means of giving notice.

The ability of smart glasses to collect audio and visual data can infringe on the privacy of users and those nearby, often without their knowledge. GDPR states that consent to the collection of personal data should be explicitly asked. Consequently, companies worldwide, like Facebook, necessitate the adoption of privacy by design for smart glasses vendors.

Public trust towards Facebook and other tech giants has never been lower. Big Tech companies have persistently evaded any form of accountability for data breaches, and regulators are becoming increasingly concerned about the tech giant’s influence. According to GlobalData’s social media Thematic Scorecard, Facebook is ranked 28th out of 35, performing poorly in data privacy and antitrust areas.

The teething problems Facebook is having with data privacy will only be exacerbated when it takes on the metaverse, which requires significant amounts of personal data. Facebook already knows everything about your online habits, and has access to biometric data through VR headsets but in the metaverse we can imagine the flow of this data to be more pervasive and systematic. All of which can potentially be targeted by hackers through data breaches and sophisticated deepfakes – which use AI and deep learning to make images and videos of people and events – to threaten individuals’ privacy and reputation.

Data privacy in the metaverse

Zuckerberg suggested that advertising would probably be an important part of the metaverse and we can imagine an ad-funded business model would underpin the metaverse similarly to a social media platform.

However, ad-funded business models which rely on consumer data to deliver targeted advertising is highly scrutinized by regulators and this scrutiny will continue to persist in the metaverse.In a statement, Facebook announced that it would work with experts in government, industry, and academia to explore issues and opportunities in the metaverse. It has also announced the XR Programs and Research Fund, a two-year $50m investment in programs and external research.

In the announcement, Facebook affirmed its commitment to data privacy, saying that it will minimize the amount of data collected, build technology to enable privacy-protective data uses, and give people transparency and control over their data. These promises will do little to instil confidence in regulators and metaverse users without firm action. Facebook has claimed many times that it will be building in privacy by design on its products yet still has ongoing issues around data privacy. Moving away from advertising, the bulk of its revenues and primary source of its regulatory problems will send a strong message.