The Year Ahead in Digital Policy: Regulating the Metaverse

The metaverse creates an immersive space for interactions that were previously only physical or only digital. This will disrupt how people live, work and socialise, making the metaverse key to the next wave of digital transformation. Industry players and investors are jumping on the bandwagon, looking for new use cases and monetisation opportunities. In 2023, we expect to see more regulatory attention towards the metaverse. There will be consultations, proposals and regulatory sandbox experimentation on regulating the metaverse, including how to apply existing rules to the evolving digital environment. Policymakers will try to avoid the mistakes of the web 2.0 era, where regulatory safeguards were implemented late and reactively.

Why does it matter?

With the biggest players in tech recognising the enormous potential of the metaverse, it has become a policy issue, too, with the safety, privacy and well-being of (potentially) billions of users at stake. Given that the metaverse is premised on the idea that users will own their personal data and digital assets, regulators will be keen to ensure users are in control and established regulatory principles transfer appropriately to new kinds of interactions and transactions.

This matters because if trust and transparency are not designed into the metaverse, this next digital wave could face a massive barrier to adoption. Also, governments that get on board sooner, putting in place necessary guidance or frameworks fit for the web 3.0 era, will be more likely to see the economic benefits across the economy and society.

What are the policy considerations?

There is a general consensus around the principles by which metaverse will operate- decentralised, interoperable, safe and trustworthy -despite the fact that the policy issues are yet to be clearly defined.

To achieve these principles, policymakers will focus on the following policy challenges:


A primary challenge to the effective functioning of the metaverse is guaranteeing interoperability between different virtual worlds to provide a seamless user experience. Promoting interoperability may require operating systems architects to work closely together to safeguard against closed systems and implement common standards.

Safety and wellbeing

Safety issues, such as abuse, bullying and exploitation, can potentially worsen as the metaverse blurs the real and digital worlds. The well-being of users is a multi-faceted issue, which requires a safety-by-design approach and potential standards and protocols along with public discourse and education about how to keep safe in the metaverse.

Data privacy

The granularity of behavioural data available through immersive technologies in the metaverse is a key reason many companies are interested in this space. The rise of the metaverse may require new privacy considerations, particularly regarding data portability between digital platforms and collecting personal information, such as physiological responses.


Current cybersecurity challenges, including phishing, malware and hacking, will persist and could expose vulnerabilities of VR headsets or avatars to misrepresentation or theft of sensitive information. Further, criminals may buy and sell fake NFTs and malicious smart contracts. Integrating security measures will empower brands and users to engage without concerns.  


Social media platforms and governments are already struggling with the ‘fake news’ challenge, which is set to grow further and see delivery mechanisms change as technology evolves. The metaverse could risk exacerbating the spread of mis/disinformation on various themes, such as politics and democracy, climate change, religion and health.


Ecosystem lock-ins are a popular way to force continued engagement while isolating the competition – especially regarding technology and operating systems. However, with interoperability being crucial to the metaverse, there could be regulatory challenges relating to intellectual property rights and responsibilities for owning, controlling and processing the massive amount of data the metaverse will generate. Policy approaches may therefore need to address the risk of a corporate land grab in the metaverse, where one firm sets the terms of the game and diminishes users’ rights and control.

What we expect to see in the year ahead

In Asia-Pacific, countries such as Singapore, Indonesia and South Korea are already starting to experiment with the metaverse and will likely develop their regulatory approach in collaboration with industry. South Korea’s Ministry of Science and ICT (MSIT) signed an MoU with GSMA in February 2022 at MWC Barcelona to cooperate and develop Metaverse strategies nationally and internationally and to identify opportunities and issues related to policies, standards and commercially sustainable business models. In 2022, Indonesia tasked the state carrier, PT Telecom, with creating a metaverse to promote local firms that compete with foreign services.

China is likely to take a firmer stance on the metaverse. In October 2021, CICIR, a think tank affiliated with the Ministry of State Security, published a research note that the metaverse could pose problems for national security. In addition, cryptocurrencies have been banned in China since September 2021, with concerns over their potential impact on China’s financial markets and currency stability. Instead, we are more likely to see the metaverse used for facilitating public services.

The EU Commission will likely join the race in 2023. In a Letter of Intent published in September 2022, the EU President, Ursula von der Leyen, confirmed that the Commission will put forward an “initiative on virtual worlds, such as metaverse.” This could take two primary forms – an update on the existing Digital Markets Act (DMA) and Digital Services Act (DSA) or an entirely new piece of legislation explicitly focused on the metaverse.

After passing the CHIPS and Science Act in 2022, which will see billions of dollars in emerging technologies research funding, the US Congress is more likely to take a ‘wait and see’ approach to metaverse regulation. The initial focus of Congress will be ensuring US companies’ competitiveness in the field and exploring the enabling technologies of the metaverse, such as blockchain, VR and AR.

Across multilateral organisations, there are efforts to establish governance frameworks for immersive environments, including the Defining and Building the Metaverse multistakeholder initiative by the World Economic Forum (WEF). The OECD is also gathering initial consultation on the metaverse and are likely the launch a formal initiative in 2023.

Ultimately, industry collaboration will be crucial to ensure open standards. In June 2022, technology companies have jointly launched the Metaverse Standards Forum to develop industry guidelines that ensure immersive VR worlds are compatible. The group will explore coordination and interoperability standards via consistent terminology, deployment guidelines, testing and adoption of standards to deliver an open and inclusive metaverse.

Learn more about the metaverse and web 3.0 here.

Policy Case Study: South Korea’s Metaverse Strategy In January 2022, South Korea’s Ministry of Science and ICT (MSIT) announced a pan-government strategy on metaverse. In an effort to become the fifth largest metaverse market by 2026, South Korea’s Metaverse Strategy, focuses on collaborative public-private partnerships and consists of four main pillars:
1. Developing a platform ecosystem that leverages Korean cultural content and fosters core technologies and devices.
2. Developing talent to build and operate the metaverse by providing greater practical business participation opportunities.
3. Nurturing and subsidising enterprises catering to the metaverse to achieve international competitiveness.
4. Developing a safe and reliable metaverse, by establishing ethical principles and community values and eliminating the digital divide.