Techsauce Global has spoken to Ginka Hristova, the founder of Ilac (International legal advice center) network collective of NGOs, experts, advocates, and academics working in the field of privacy, cybersecurity, and FinTech. Along with Bruce Whitfield, business transactional attorney and the CEO of Teach Me, with over 20 years of international experience in the practice of law and intellectual property.

Find out from both experts on how defining cyber regulations to lay a legislative framework that allows for more freedom of data is paramount to ushering the Metaverse and Digital environment to its fullest potential. 

Metaverse might be one of the most used buzzwords of the decade despite being coined since the 1990s. Its modern popularization is credited to the development of WEB3 along with the demand for increasing virtual immersion. Despite all of that, its territories for regulation are yet still uncharted. 

Understanding the Metaverse; What distinguishes it from other types of internet usage?

In such a case, Whitfield believed before setting regulations to unlock Metaverse's potential of being the decentralized iteration of the internet, it is best to clarify its definition precisely first. He shared that what defines Metaverse and not the typical internet experience needs to have three qualities (1) immersive, (2) persistent, and (3) highly interoperable.

1. Immersive Experience – consisting of one of three activities from Augmented reality, mixed reality, or virtual reality
2. Persistent – a platform that doesn't go away or have an event that continues to transpire and persist, even when all its users are logged out
3. Highly Interoperable – a platform that can cross-function with other products or systems, ex. Buying something on Facebook with cryptocurrency and displaying it in the Metaverse

Charting the course of Regulation in the Metaverse

Now, there is no unified or specific legislative act that is regulating the Metaverse. Though Whitfield shared that both US Congress and the European Commission are formulating the framework dedicated to this Meta universe.

"We are already having a regulation in the EU regarding cryptocurrencies where we have a clear definition of NFTs. But this is only the beginning"

The US Congress paper was issued earlier this year and examples of the metaverse as a business model can be seen for quite some time. It can be imagined that expectation for the regulation is catching up with real life as Whitfield and Hristova shared.

"It depends on the business and the stakeholders because they are the defining and they're developing the metaphors. And it's always pretty much difficult for the legislation to go and follow up with the same spirit"

Besides Europe and the US, other parts of the world still are very grayish in terms of their definition and regulations concerning the Metaverse.

Concerns for Privacy and Ownership in WEB3 and Metaverse

Privacy is a big issue in the WEB3 not only in the digital environment. One of the main problems is that privacy is defined as a fundamental right, thus it is difficult to apply some of the main characteristics of data privacy in a project to create metaphors. 

"If we are having a normal data privacy subject of a person, one of his main rights regarding the privacy is to ask for deletion of his data from the controller from the company which is operating with his data privacy in the metaverse, it cannot be done in such a manner. Because we always have an exchange of information exchange of data"

In the virtual reality where biometric data is constantly collected, this is to be regarded with greater concern and with a lot more caution in the metaverse. It is what it is to operate because it collects all this data. Hristova believes that there will be some legal issues regarding this.

The Future of Data Ownership in the Metaverse

What defines the interaction with Metaverse is feeding its AI with data, but that is difficult given the current personal data legislation around the world, its uncertain to know which direction the legislation is going to lead as shared by Hristova, 

"If we want to have a better meta-universe, we need to feed it with personal data. And at the same time, the personal data legislation is forcing the business to restrict this usage"

In Europe, nothing is an exception to data privacy regulation, not even Metaverse or AI. Though the governing commission, however, understands that it is quite difficult for the business, Hristova is optimistic that the plan for regulation amendment could be happening soon

"But for the moment, this is only a good idea. And knowing the speed the European institutions doing with it is going to take years"

She also believed that the US is going to be leading the legislative forefront given that its Congress has already made some proposals about the bills and is thoroughly applying legislation regarding the protection of children, and minors in the metaverse – the framework is taking proper shape.

How will data and privacy work with NFT?

NFT is the evidence of ownership. It's not the digital asset itself.

While known NFTs are mostly known for digital assets like a piece of artwork, music, or item, technically it is a token that shows ownership, describes, and points to the unique asset – essentially a crypto asset as Whitfield described. 

As for the data privacy aspect of NFT, one main issue is that it is practically impossible to delete any information of ownership to the NFT – since it exists on the blockchain. As blockchain's ability to prevent data from being erased or modified is yet another crucial characteristic. At the same time, each network participant receives a copy of the whole history of all transactions made on the blockchain

It is the concept of decentralization—being kept out of one central location. And this is progressive with the conscious structure, which means that once one has an NFT, their ownership is obvious to everyone, and it stays there forever. 

For both Whitfield and Hristova this present a little problem, with one of the main rights of the data subjects, they should give their explicit consent for distributing their data.

Owning an NFT ≠ Owning Intellectual Property 

There's also a crucial aspect that people are often confused about, owning an NFT doesn't mean owning an Intellectual property right. It's an unfortunate mishap that is happening in the Metaverse as Whitfield shared. 

“People are buying NFTs, making derivative products, they display the things for profit, and chances are they don't have the right to do that they've only purchased the underlying artwork, not the intellectual property rights with it"

Though this doesn't mean that one cannot acquire intellectual property rights when purchasing an NFT, Whitfield gives an example,

"Let's say the Creator when they transfer you the NFT, also transfer you a license to use the intellectual property rights. But there are a lot of restrictions on those, you can only earn up to $100,000 a year in profit"

So, make sure when purchasing an NFT, it should include the intellectual property rights to use that digital asset.

Navigating through the issues of data privacy and intellectual property rights with NFTs and the Metaverse

Ending the Podcast, when it comes to entering the realm of Metaverse and owning a digital asset, both Hristova and Whitfield stressed two things that are of paramount importance.

Know how your digital asset is maintained and who is maintaining it 

In any purchase of digital assets that are created by someone and stored on a particular server, ensure that the contract requires that they maintain the server that the digital asset is in or give you the right to maintain it. Otherwise, if that person goes out of business or lets the server go poof, there goes the digital asset. 

Be sure of what right you're getting

Read privacy notices, terms and conditions and know what is going to happen when purchasing a digital asset. In addition to that, you need to know who created it, who holds the copyright on it, and that they have transferred the rights in that copyright to you or at least licensed some of those rights to the ones you want to use.

In the end, most people don't mind their data privacy being shared or used for deep learning of the AI, but knowing the rights to ownership is the prerequisite to the having least troublesome path in the Metaverse.

Check out our podcast to get more insight!