Abstract
ISO/IEC 27504 "provides requirements for protecting personally identifiable information(PII) during interactions between user avatars and system avatars in the metaverse. This document identifies and classifies the PII generated and used by user avatars and system avatars and addresses privacy threats in the spaces where the respective avatar operates during the interactions between the user avatar and the system avatar."
Introduction
??
Scope
ISO/IEC JTC 1/SC 27/WG 5 intends to offer guidance on addressing the privacy challenges associated with the metaverse as people increasingly engage with virtual worlds through personal avatars projecting various aspects of their personality.
Structure
??
Status
The standard development project commenced in 2025.
Publication is planned for 2028.
It is currently at Working Draft stage.
Commentary
This is an innovative, forward-looking proposal to prepare privacy guidance at this early, formative stage in the lifecycle of the metaverse. There’s an opportunity to explore and address the privacy implications as an integral and supportive part of the ongoing developments in the field, from the outset, hopefully avoiding the difficulties and costs of having to retro-fit privacy controls to already-established norms later on.