Ladies and gentlemen, we have entered the age of the metaverse. For anyone that hasn’t been paying attention, that means a new layer of the internet that includes an all-encompassing virtual reality. In 2021, Mark Zuckerberg announced that the company formerly known as Facebook will now be called Meta, with a pivot to focus on building the metaverse.

The idea is that people can live a parallel reality in cyberspace, aided by headset devices that facilitate the illusion of other realms and allow users to share experiences no matter where they physically reside. That could include workspaces such as meeting rooms or leisure activities like concerts, shopping, travel, enhanced TV and movies, and sports.

Meta is not alone in its soaring vision for the future. Google, Microsoft, and many gaming companies are already investing their own research and development money in the concept. These companies, particularly Meta, already profit from harvested personal data. Now they will be building and in essence owning the spaces in which all of these virtual reality interactions and transactions will take place.

That adds a strong element of concern when we take a closer look at what the metaverse is. By definition, it will require and encompass more data collection. Consider that the required headset can gather and transmit biometric data, including physical size, heart rate, movements of your eyes, and other gestures.

Then you should consider the inferred data that can be generated from analytics and AI. Imagine a virtual assistant such as Alexa times ten, with its sensors constantly tracking your every move, registering your location, sexuality, politics and health status, even when you have not explicitly consented to share that information. Imagine the kind of profile Big Data can put together on people with all of these data points.

Whistleblower Frances Haugen also expressed worry that it would put workers of metaverse-participating companies in a bind—play along and give up your personal data or lose your job. Insiders have also stated that they fear the virtual reality world will be addictive, especially to younger people, a key audience Meta is trying to court.

Add to that all of the concerns of the current dimension of the internet: data breaches, deep fakes, ransomware, DDoS attacks, spoofing, social engineering scams, malware, third party risks, cloud security and the list goes on. I have little confidence that these same companies who have made billions from our data in the 2D internet realm, will start implementing privacy by design when thrusting into the 3D internet.

Never mind the sketchy timing in which Meta announced itself—exactly when the media narrative was fixed on its legion of privacy violations, unethical business practices and history of rebuffing regulators and critics. Even a utopian virtual reality can’t obscure the deeply rooted flaws in the current one.

Anticipating the criticism from privacy advocates, Meta has publicly declared that it will be built responsibly, with data security concerns a top priority. But the proof will be in the product. Given that Meta’s vision was inspired by a dystopian science fiction novel, the outlook does not seem promising.

In theory, virtual reality is an exciting technological development with much potential to enhance our lives. As we have seen, though, when controlled by the wrong hands, new technologies or platforms rarely serve our best interests. Since it seems like we cannot avoid this next frontier, we need to make sure we do it right. I think there will be a market for businesses that care about individuals to champion privacy as a differentiator.

But the big players will likely acquire them along the way, and frankly that hasn’t been a major selling point in the current Internet of Things. As far as regulation goes, it will likely be a few years before we even get a feel for what needs to be regulated and how. But standardizing definitions is key. Making sure the big players are using terms that users and legislators all agree upon and understand will make it easier to make sure everyone is on the same field.

Privacy hasn’t been handled well to date so, naturally, there is little consumer confidence that privacy will be handled well moving forward. It is most likely that the greatest uptake of the metaverse will be with younger users, those with less foresight and fewer worries. They will be groomed into lifetime users. I don’t anticipate that uptake for older demographics will be too high, but with pandemic-like circumstances, the remote meeting in VR or AR is more appealing than just a phone call—assuming that the older people in question are tech-savvy.

In the grand scheme of things, playing tennis or calling your friend in the metaverse as we envision is really no bigger deal than having internet connectivity today. The real challenge comes a decade or more down the road when the real world and metaverse become indistinguishable. We need to get things right before that time is here.