Forrester Report: Data Privacy Standards Must Safeguard Users of Immersive Experiences

Highlights:

• The firm talked in detail about how the demand and the collection of an individual’s data will advance as digital experiences such as the metaverse become more immersive and intelligent.
• According to Forrester, future immersive digital experiences will rely heavily on essential pillars such as protecting an individual’s data, trusted identities, and qualities.

At the Security and Risk Summit hosted by Forrester, the research firm talked in detail about how the demand and the collection of an individual’s data will advance as digital experiences such as the metaverse become more immersive and intelligent.

Immersive platforms are now driving company investments, altering customer expectations, and influencing the development of new interaction models. Although many businesses have plans to utilize personal data, just a few know how to protect it.

According to Forrester, future immersive digital experiences will rely heavily on essential pillars such as protecting an individual’s data, trusted identities, and qualities.

An interactive future

Enza Iannopollo, a principal analyst at Forrester, estimates that the metaverse industry will be worth USD 800 billion. Still, not much has progressed in terms of security and privacy.

Enza Iannopollo shared, “With the onset of digital avatars, users will be able to interact and express themselves more efficiently through audio and text. But privacy within these immersive platforms is complex and challenging for many. Therefore, it is vital to establish privacy practices and safeguard the users.”

According to Iannopollo, advancements within the metaverse domain must follow the progressive route of digital experiences’ to establish concrete privacy rules.

Iannopollo said, “Existing privacy rules show no enforcement on virtual experiences. We found that although privacy concerns many users, it is yet to be completely understood and generalized. Hence, it is important for developers and organizations not to take the human-centric development approach for granted.”

Data privacy concerns loom large

Iannopollo noted that while virtual and augmented reality may produce next-generation experiences for industries such as healthcare, education, and retail, it can also allow for unprecedented psychological and emotional manipulation of its consumers.

Recent research from Cornell University demonstrates how Virtual Reality (VR) attackers may get hundreds of personal data traits from ostensibly anonymous users of popular metaverse applications, providing light on the metaverse’s unique privacy vulnerabilities.

In the study, 30 individuals examined what they believed to be a VR escape room game. Behind the scenes, a malicious application incorporating a Monte Carlo diagnostic model could deduce more than 25 personal data elements, ranging from physical traits like height and wingspan to demographics like age and gender. Additionally, the algorithm accurately recorded emotional qualities such as player despair levels.

In light of this, Iannopollo stated that addressing privacy gaps and adopting new data privacy best practices will be crucial. She further stated, “Following a privacy-enhancing UX design practice that acknowledges cognitive biases and human errors, respects user autonomy, and prioritizes choices that preserve user privacy would play a critical role in human-centric metaverse development.”

The future of immersive experiences

Forrester forecasts that digital and physical experiences will be totally integrated with physical experiences in the next 10 years, with digital identities having privacy meanings in a highly contextual paradigm of embedded governance.

“In the next 10 years, data governance is expected to be embedded within the design principles of mainstream environments. As a result, we believe that embedded privacy will become a crucial part of the DNA of digitally immersive experiences in the future,” said Iannopollo.