[This piece has been authored by Shrestha Srivastava, a student at the Symbiosis Law School, Noida.]
In the past few years, both public and corporate interest in the Metaverse has skyrocketed. In 2021, Facebook spent over $10 billion on Metaverse technology development and made it clear that it will increase its commitment to the same. Current projections from research firm Gartner Corporation indicate that by 2026, 25% of consumers will spend at least an hour per day in the Metaverse, and that by the same year, 30% of enterprises worldwide will have products and services ready for the Metaverse. As businesses make more efforts to enter the Metaverse, policymakers should do the same so that the government can better utilise the Metaverse to enhance public services. In reaction to the growth of Information and Communication Technology, governments were among the first to see the benefits of Web 2.0 and move toward providing more services via the internet. Similar opportunities exist for the government in Web 3.0.
Legal Issues Surrounding the Metaverse
Monitoring,Manipulation and Monetization are the three Ms that accurately sum up the danger Metaverse will expose us to. Personal information, such as biometric data from eye-tracking and body-tracking technology, will be generated and processed by AR and VR devices in large quantities. Historically, EU regulators have fined businesses, particularly Big Tech, for violations of data privacy. As a result, the Metaverse will likely be subjected to rigorous scrutiny. Platforms using the Metaverse will be pressurised by global regulators to fix the already-known privacy flaws in Metaverses’ enabling technology. However, data privacy standards vary by geography, therefore it is up to platform developers to make sure their products follow all local laws. A law can be implemented effectively only if it has been framed keeping in mind the economical, social and political systems of the country as they play a vital role in law-making and are bound to be different in different countries.
However, privacy remains a major concern for 41% user globally. 55% of American internet users are concerned that their personal information may be tracked and misused. Such concerns remain legitimate in the Indian context as well, more so after the Personal Data Protection Bill, 2019 has been withdrawn. The Apex Court, while examining the provisions of the Aadhaar Act, 2016[i] in the Puttaswamy judgment[ii] held Right to Privacy as sacrosanct. The recent case of Manohar Lal vs Union of India reiterates the same. To “ensure the security sovereignty, or integrity of the State” , the Indian government is vested with the power to intercept and decrypt any information under Section 69 of the IT Act. . The government can not only withhold data if it violates public policy but also penalise the corporation for noncompliance. In the era of Metaverse, the challenge would be to frame law in such a way that it balances the freedom of expression and public interest, however the success of this practice would be interesting to see. . In the metaverse, we’ll meet computer-generated personas who seem and act like other users but can read our facial expressions and verbal inflections making them much more capable than present day human salesmen. With the database of our ideas, interests, preferences, and previous contacts with similar artificial agents, these agenda-driven conversational agents powered by AI algorithms will be quite convincing. Technology will be capable of personalising everything from their gender to their hair and eye colour, dress, speech, and mannerisms in an effort to sway an individual’s opinion. Platform providers require viable ways to support their employees and shareholders. Since consumers refuse to pay subscriptions, the firm gives free access in exchange for intrusive advertising. Modern social media sites spend so much time tracking user behaviour and interests. The public prefers to be advertised on social media rather than the client who pays the bills. Customers should pay for metaverse platforms instead of selling access to themselves to third-party advertisers to reduce metaverse societal challenges. Any sustainable financial regulation in the Metaverse requires close integration of both online and offline identities and a commitment to many of the same safeguards that exist in the real world’s financial system. As virtual reality develops, it will be subject to regulations like Know Your Customer (KYC) rules, tax laws, risk management techniques, and so on.
Due to the ease with which virtual products can be copied, the Metaverse has seen a surge in trademark infringement charges. Companies are increasingly worried that consumers may associate their trademarks with their virtual products. The Rogers v. Grimaldi 875 F.2d 994 (2d Cir. 1989) case established a standard(known as Rogers Test) for determining when trademark clearance is required. The first part which makes it up asks whether or not the trademark’s use is “artistically relevant to the defendant’s work,” and the second asks whether or not the usage is “explicitly misleading.”According to the Rogers test, trademark infringement in a creative work only occurs when the trademark: (1) serves no artistic purpose, or (2) intentionally misleads the audience as to the origin or nature of the work. AM General LLC, the maker of the Humvee military vehicle, sued Activision in 2017 for exploiting the Humvee’s design and trademark in the game Call of Duty. The US District Court of the Southern District of New York decided that Activision’s use of the vehicle and trademarks had artistic value and passed the Rogers test[iii], since the business wanted to create a realistic video game simulating modern warfare.
Way Forward
While there is currently no Metaverse law in place, existing legislation can be applied to the Metaverse, raising new concerns for businesses. The EU’s General Data Protection Regulation (GDPR)[iv] is a prime example because it addresses the security of Personally Identifiable Information (PII), which includes biometric data. China’s rejection of decentralised currencies is reflected in its ban on cryptocurrency. Thus, customers are compelled to use fiat currencies to trade Non-Fungible Tokens (NFTs), enabling the government to monitor these exchanges. Finally, China safeguards the psyches of its young people and the cultural traditions of the nation. This has led to rules that have affected China’s gaming and ‘virtual idols’ industries. As new Metaverse experiences become available, authorities will act to mitigate the potential harm that could be caused to children and the public. Safe spaces for mental health and artificial intelligence tools to track addiction and post-traumatic stress disorder may be a part of the Metaverse’s future regulation, as may the option to opt into and frequently confirm specific levels of content, and the maintenance of a cross-industry database of bad actors and their real-world identities. The financial risks associated with the Metaverse should be managed according to established procedures. For instance, when transferring autonomous currencies in the metaverse, the corresponding exchange fees should be made public, and real-world collateral should be recorded, for substantial loans or transactions.
Regulators need to step in while the Metaverse is still developing, rather than waiting until the technology has matured and become more difficult to oversee. Virtual and augmented reality have the potential to transform our lives, unleashing creativity and perhaps redefining what it means to be human. However, substantial and aggressive regulation by government and industry is needed to avert issues. In addition, any legislation should be considered quickly before the problems become so firmly embedded in the metaverse’s infrastructure and economic models that they are impossible to disentangle.
[i] The Aadhaar (Targeted Delivery Of Financial And Other Subsidies, Benefits And Services) Act, 2016 (2016 March 26) Unique Identification Authority of India
[ii] K.S. Puttaswamy and Anr. vs. Union of India ((2017) 10 SCC 1)
[iii] Rogers v Grimaldi 875 F.2d 994 (2d Cir. 1989)
[iv] EU General Data Protection Regulation (GDPR): Regulation (EU) 2016/679 of the European Parliament