Legal issues in the metaverse / Part 4 - Expected impact of the EU Artificial Intelligence Regulation, the metaverse as a workplace

Part 4 - Expected impact of the EU Artificial Intelligence Regulation, the metaverse as a workplace

In our first article, we examined the nature of the metaverse, the shared virtual world. The emergence and use of Artificial Intelligence (AI) in the metaverse raise legal issues that the forthcoming EU AI Regulation will regulate. The metaverse will also allow the creation of fully virtual workplaces and work, which in turn will require a rethink of the application of current telework rules. In the fourth of our metaverse articles, we look at issues related to AI Regulation and employment law.

Expected impact of the EU Artificial Intelligence Regulation

Given the evolution of technology, the emergence and use of Artificial Intelligence (AI) in the metaverse is inevitable. The legal issues raised by AI will be addressed at the EU level by the AI Regulation. However, the legislation is still only a draft, and it will be at least six months before the legislator adopts its final form. Thereafter, organisations are expected to have two years to prepare their activities related to the development, marketing and use of AI to comply with the AI Regulation.

Nevertheless, it is already certain that it will be prohibited to influence users through the use of subliminal techniques or to exploit the vulnerabilities of certain special groups, such as children and people with disabilities, and cause psychological or physical harm in this context. This prohibition will have to be taken into account in particular when designing advertising. It may also be illegal under advertising law to artificially influence likes and shares in order for the underlying algorithm to make content more prominent and popular. Roblox’s terms of use already prohibit “dark or deceptive patterns”, explicitly mentioning “artificially increasing the number of likes or visits”. The question is whether organisations have the legal and technical means to enforce compliance.

Certain AI systems are classified in the AI Regulation as high-risk AI systems. In the metaverse, this could include AI systems used for biometric identification, education and training or employment. Their use will have to meet several requirements: implementing a risk management system, providing usable training, validation and testing data sets, maintaining technical documentation and records, and finally, ensuring human oversight.

It must be ensured that AI systems intended to interact with users are designed and developed in a way that users are informed that they are interacting with an AI system. For example, this may be the case if the avatar is a bot (AI-driven influencer) created by an AI specifically to advertise or sell a product or service. If the metaverse uses an emotion recognition system, the user should be informed about the functioning of the system. The unlawful use of such systems has recently led to a fine imposed by the National Authority for Data Protection and Freedom of Information on a bank in Hungary.

It is important to protect users from images, audio or video content that appear to be deceptively genuine or real (“deep fakes”). Their use is also subject to a specific information obligation under the draft AI Regulation.

Another important consideration is that the ideal AI is based on the use (input) of large amounts of data. In the world outside the metaverse, when training an AI model, it is necessary to check whether the underlying dataset (e.g. weather data, naturally occurring sounds) is protected by copyright. However, in the metaverse, each image and sound is the creation of a machine programmed by humans. So, it is necessary to ensure that the ‘output’ created by the AI (e.g. background noise of a virtual city—traffic, birdsong, etc.) is created in accordance with the laws governing intellectual works. Moreover, under current rules AI cannot be an author or inventor. The day-to-day operation of the metaverse could change this approach, allowing AI to create intellectual works in the virtual space without restrictions, along the lines of “compliance by design”, similar to the “privacy by design and default” principle enshrined in the GDPR.

The metaverse as a workplace

The use of the metaverse is also a good opportunity for employers to improve and make their telework practices more interactive. For example, it can be easier to understand colleagues’ facial expressions and body language than in “two-dimensional” video calls, making communication more personal. It can also be used to work more effectively in a group in a virtual environment, and to prepare and deliver presentations more creatively. Working in the metaverse will further reduce the importance of workers’ personal presence, helping employers to expand across borders. However, the resulting tax, social security and immigration rules will still need to be taken into account for workers who may not be physically resident in the employer’s country. A further challenge is to adapt internal rules on expected workplace behaviour to the specific characteristics of working in the metaverse. For example, metaverse-specific rules on the characteristics and appearance of employees’ avatars, the way in which they communicate in the metaverse, the employer’s representation, and the regulation of working time and health and safety measures should be adequately regulated.

Proposed actions for companies involved in the metaverse

Based on the above, the responsibilities of companies and organisations involved in the utilisation of the metaverse are:

• It is worth monitoring the adoption process of the forthcoming EU Artificial Intelligence Regulation and planning the operation of AI systems used in the metaverse in accordance with the new legislation.
• The rules governing the activities of employees involved in the operation of the metaverse should be updated to take account of the specific characteristics of the platform.

For more information on the metaverse in Hungary, contact your CMS client partner or local CMS experts.