What Are Perceptual Human Rights?
An emerging concern in augmented reality (AR) and virtual reality (VR) is “perceptual human rights.” This refers to how the widespread use of these technologies can affect how users perceive reality. It also raises questions about the responsibilities content creators and developers have toward users.
According to IEEE Senior Member Aiyappan Pillai, “In some virtual environments, users don’t always have full control over their digital experiences.” He believes that essential rights in these virtual spaces include privacy, security, the freedom to choose your avatar, and the ability to select your preferred virtual environment. Users should be able to control who sees them, restrict access from others, and shape their online identity according to the rules of each virtual world. Additionally, they should have the freedom to choose which virtual worlds they want to engage with.
These risks differ from how many users imagine using the metaverse—a space where they can explore freely and anonymously through avatars and online personas. However, the data collected in these virtual environments can potentially reveal users’ real identities. According to IEEE Member Ralf Ma, “AR and VR devices gather a significant amount of information during use.” This data can be classified into two types: environmental and biological. Both categories are highly sensitive and closely tied to personal privacy. If this information is leaked, it can lead to breaches of privacy and even pose threats to personal safety. The most significant risk related to this data collection is the potential for data leaks.
**Key Privacy Concerns**
1. **Bystander Privacy:** When augmented reality devices are used in public, they may unintentionally gather data about bystanders, who may not be aware they are being recorded or haven’t given consent.
2. **Pervasive Data Collection:** AR and VR sensors can collect a wide range of personal data, including voice recordings, contact lists, activity within AR/VR services, and even what a user focuses on visually. The level of data collected is so extensive that it raises concerns about users being identifiable by their unique movements within virtual environments, potentially compromising anonymity.
This article explores the risks linked to virtual reality (VR) and the metaverse, focusing on the dangers of interacting with strangers and emphasizing the need for strong cybersecurity measures. By analyzing behavioral data, we aim to offer practical advice for CISOs and cybersecurity leaders to better protect their stakeholders.
**Why is Virtual Reality a Target?**
Cybercriminals are increasingly focusing on virtual reality because it provides a deeper level of connection compared to other digital platforms. This allows for more invasive social engineering attacks and more severe cases of identity theft.
**Key Statistics on VR and Metaverse Cybersecurity**
Millions of people are already active on metaverse platforms, and this number is rapidly growing. Many brands are jumping into the metaverse without fully understanding the security risks involved, creating a vast pool of potential phishing victims. These users often enter the platform without proper training or knowledge on how to stay safe.
The metaverse also introduces new security challenges, as traditional anti-phishing methods may no longer be effective in this virtual space.
