INTERPOL exploring how to police the Metaverse
"The Metaverse isn't coming soon. It's already here." These were the words uttered last year by INTERPOL, the policing organisation that cooperates with countries across the globe to tackle crime that crosses borders.
They have been a cross-country police bureau since 1923, yet now in 2023, they are looking to expand their policing from the real world to the virtual world. Yes, the Metaverse could soon be policed. But why are organisations like INTERPOL interested in this sphere? And do any laws or security features exist there already?
"Whenever new technology crops up, there is unfortunately always someone waiting to take advantage of it and manipulate its uses for their own gain - whether financial, political or much darker than that," ConsultMyApp CEO Mike Rhodes tells Electronic Specifier. The Metaverse is poised to be the next iteration of the Internet, so like the Internet, threats can come from threatening the structure of the system and by taking advantage of the users within it.
Cybersecurity OF the Metaverse
Currently, INTERPOL has been in talks with both Meta and blockchain and Web3 names such Animoca Brands and Decentraland about security within the space. Both Meta and Decentraland offer similar user experience but differ due to the first being touted as a centralised system and the latter being decentralised.
Due to the centralisation of Meta's Metaverse, it in some ways could suffer greater cybersecurity risks. If hackers were to breach the servers of Meta, then they could potentially obtain data of its users. This proves increasingly worrying as Meta's Metaverse is aiming to integrate financial details of its users to enable seamless paying into the platform with its Meta Pay. Yet, being a massive organisation like Meta means hacking it is hard, and should a hack occur on its server, then users could get recourse from fallout lawsuits from the company over the issue.
Decentraland has in the past been hit by data breeches as it uses external software for things like its mailing list. Yet, its main feature it touts is security of transactions through things like the blockchain. All transactions are stored on the Ethereum blockchain, which uses external validators, to give proof of ownership once a transaction is completed.
So despite these concerns, it looks like the internal security features of the systems are the least likely to face security issues, and any crime involving the Metaverse is likely to occur on the user side of the space.
Cybersecurity IN the Metaverse
Like our current iteration of the Internet, many of the risks come from individual users being targeted by crime. "It's a very possible threat actors could wreak havoc during its infancy, and Big Tech and regulators of the Metaverse will need to get ahead of this, ensuring verification of Metaverse users and protection against these forms of fraud," explains Rhodes. With the creation of the Internet, identity theft skyrocketed as great amounts of personal information was made available to those looking to exploit it. Yet imagine the added ramification of identity theft in a virtual world where your access to it, your avatar, contains within it a wealth of your personal information.
"An avatar will be full of personal information, from financial accounts, personal health details, employment, location and workplace information. Any hacker that gains access to your avatar can in theory open the door to your entire life which takes identity theft to an unprecedented level. This has the capacity to not only ruin virtual reputations online, but can put offline safety at risk too," Rhodes continues.
Barbados is going ahead with plans of opening an embassy in the digital space, which will "work with traditional partners and new allies to deepen engagement in the diplomatic arena, and the investment, business, tourism and cultural sectors and people-to-people interaction." The country has even pledged to begin issuing e-visas from its virtual embassy, therefore creating a potential real-life security risk arising from a rogue actor using a hacked account to access this service from the virtual sphere.
Wild, wild Metaverse?
Currently, there are few rules and laws that govern the Metaverse. In a judgement from the European Court of Justice, the court stated that creations in the Metaverse - buildings, marketplaces or even the avatars - can be considered as artistic works, thus be protectable by copyright.
Yet it seems the law has not yet been extended to inter-personal interactions within the sphere. In 2022, a woman claimed she experienced sexual assault by a stranger in Meta's virtual reality space, Horizon's World. Meta in response added a 'personal boundary' mode into its virtual reality platforms, setting an 'almost four-foot distance' between one user and another. Yet a crime of this nature in the real world would likely result in something more serious, especially seeing as how the person described the act as 'non-consensual' 'disorienting' and 'confusing'.
Seeing a plethora for potential crimes being able to be facilitated on the virtual space, INTERPOL have already created its own internal Metaverse to prepare its staff for potential operations within it.
But Rhodes believes: "It is up to the creators of the Metaverse to work hand in hand with governments and law enforcers to protect and educate private citizens on guarding against these dangers."