The metaverse: Privacy and information security risks

The advent of the metaverse—a convergence of physical and virtual realities catalyzed by a spectrum of emerging technologies—heralds a new epoch in the digital era. As the metaverse unfolds its immense potential, it simultaneously reveals unprecedented privacy and information security risks. Understanding these risks is paramount, as the pose significant implications for user safety, data integrity, and the overall trustworthiness of the metaverse. Consequently, this paper conducts a Systematic Literature Review (SLR) to meticulously analyze these emerging risks. Utilizing the Population, Intervention, Comparison, Outcomes, Context (PICOC) method, the review examines 735 articles from four databases, distilling essential insights from 35 key studies. The review identifies major challenges, including vulnerabilities in AI and IoT integration, threats from surveillance capitalism, and insufficient user education on privacy risks. To address these issues, the study proposes strategies such as holistic security frameworks, privacy-first design principles, and multi-stakeholder collaboration. These findings provide actionable insights for navigating the intricate dynamics of the metaverse, fostering a secure and privacy-conscious digital ecosystem. The study’s contributions aim to guide academic discourse, inform industry practices, and influence future policy development. The contributions from this research are intended to stimulate further academic discourse and influence future practices and policy in the context of the metaverse.