Abstract
The significance of the metaverse has been growing rapidly within the online realm. However, several challenges remain, including privacy, ethics, and governance. Extended reality (XR) devices used to access the metaverse are equipped with high-quality sensors that can collect large amounts of sensitive user data, including biometric data and spatial data. Such considerations raise major concerns about the extent and nature of user data that this massive platform could accumulate, the data collection awareness and transparency it will provide to its users, and the ethical nature of the informed user consent it will request. This research aims to document and analyze the privacy challenges that arise from a prevalent metaverse application, align them with the related literature, and present an initial set of ethical design suggestions that can mitigate these privacy challenges. To do so, a case study shapes and informs a set of ethical design suggestions. The user onboarding of a prev alent multi-user/remote working metaverse application, Meta Horizon Workrooms, was documented and modeled through a user journey modeling language, CJML. The walkthrough revealed certain challenges regarding data privacy awareness, such as long, legally worded privacy policies, a hard-to-use user interface that can affect privacy awareness, and ambiguous wording in data-collection notices. Several best practices regarding user privacy were examined to tackle these issues, and certain ethical design solutions (e.g., informed user interface, design privacy icons, anonymization, logging, revising all consent) are suggested.
