Cities in the Metaverse: from smart to virtual

As immersive and interoperable virtual cities are created in the metaverse, either with no physical parallel or as digital twins of current cities, legal and regulatory challenges need to be addressed to ensure not only legal compliance but also a seamless meta-experience.

How meta-cities will revolutionize the cities of today and help shape the laws of tomorrow

I. The metaverse and cities

The metaverse is not a new concept: coined by Neal Stephenson in his 1992 science fiction novel Snow Crash, there is no single description of what the metaverse is.

In broad terms, the metaverse can be described as a world beyond our own physical world, where people exist in a virtual space through avatars, access it through Extended Reality (virtual (VR), augmented (AR) and mixed reality (MR)) – or, in more traditional ways, through computers, game consoles and smartphones – and engage in a digital economy by creating and exchanging virtual assets. It does not seem something new: indeed, platforms such as Second Life, or games such as Fortnite, could be considered, also, metaversal. It has been considered, however, that they are proto-metaverses closed in themselves. Indeed, the “actual” metaverse would be interoperable and interconnected (thus requiring standardised technical specifications), allowing virtual identities, items and assets to exist and keep their features along several platforms, instead of them being tied up to a single platform.

The metaverse still requires physical components, of course, from servers, computers and smartphones, to new extended reality devices (including, for instance, wearable devices for motion-sensing). And still resorts to such core components such as software including cloud infrastructure, platforms and applications, as well as user-generated content. But, in the metaverse, people are (immersed) in the virtual world, instead of only accessing the online world.

Cities, on their turn, are human settlements, geographically defined, comprising housing, transportation, businesses and public services. Cities are becoming increasingly technological and digitised, resorting to technologies – sensors and devices connected to the Internet of Thinks (IoT) – to collect, process and use Big Data in operating and managing cities’ assets and activities, from buildings, roads, traffic, to utilities and government services, in an adaptative, interactive and more efficient manner.  These smart cities are still physical cities, but they make use of networks and digital technologies to improve sustainable economic development and quality of life.

Metaverse cities are a next step of cities’ evolution. No longer (only) cities in physical form, cities in the metaverse exist in the virtual world – with embedment with the physical reality allowing interactive city experiences, such so that along immersive VR cities, AR/MR metaverse cities may also be envisaged.

Yet, two different approaches can be foreseen in this regard: on the one hand, the creation of new cities with no physical parallel – in this instance, new cities arise in the metaverse, created by private companies, decentralised autonomous organisations (DAO) based on DLT/blockchain, communities of people or even local governments (individually or jointly). For convenience, these cities will be referred as “meta-single cities”. On the other hand, the virtualisation of current cities, where the metaverse city would be the digital twin of the physical one, replicating in the virtual world the city itself, in whole or in part. For convenience, these cities will be referred as “meta-twin cities”.

In both cases, the metaverse cities would include all the main aspects of a city. They would bring people together through their avatars and make available virtual property and virtual housing. They would make available virtual public services, such as education, healthcare, information, culture, (e.g. museums), tourism, police and courts for solving disputes, and general operation and management of the city. And they would make available businesses through the digital economy, where users could create, buy and sell virtual assets.

But there would of course be clear differences in each type of metaverse city. Indeed, in the first case, virtual property and housing would have no physical counterpart. Public services would be provided by the entities governing the city through governance mechanisms defined and set up autonomously, and “public” would have a new meaning, as referring to services originating from the “governors” of the city, and not necessarily by a city government democratically elected (or based on a social consensus).

In the second case, differently, metaverse cities are digital twins of the physical city and, as such, virtual property and housing in the metaverse have their counterpart in the physical city. And the public services therein provided are, in practice, a new (digital) means of providing the traditional services, facilitating access to public agencies and servants now also in the metaverse. Such is so that one can envisage the existence of public services in the meta-twin cities that would make little sense in meta-single cities, such as for instance fire department, waste management or water supply – in meta-twin cities, these services are made available in the metaverse not as services to serve the metaverse city, but as services in the metaverse to serve the physical city.

Despite the above clear distinction between meta-single and meta-twin cities, more often than not, metaverse cities will be a mix of both: digital twins of current cities that may also provide virtual property, housing and services with no counterpart in the physical city. Or a virtual re-enactment of historical cities set-up by the current city government. Or a meta-single city created jointly by different physical cities, thus making available property, housing and public services from them all and containing governance rules that need, at least to a certain extent, to reflect the existing ones (e.g., for access to tax services).

Yet, the distinction made has the benefit of facilitating, to a certain degree, the assessment of the multiple legal issues that arise with metaverse cities.

II. Legal issues of meta-cities

Meta-users and meta-citizens

The first legal issue relates with the users of the metaverse cities. Metaverse cities will have to determine who can access them, and for what purposes. 

In the meta-twin cities, users would in principle be the citizens / residents / recipients of services of the physical city. This would include not only residents (e.g., to access a public service for payment of a city tax, or to access a healthcare service of the city) but also other users (e.g., for access to a museum, or a concert), all of which are now virtualised in the metaverse. Differently, in the meta-single cities, users could be strictly selected based on the rules governing such city, with no regard to citizens or residents of a physical city – users would be meta-citizens of a new virtual city.

In both cases, however, the process for accessing and “using” the metaverse city would have to be carefully designed to ensure compliance with privacy and data protection rules.

For instance, determination of which data would have to be provided to access each service of a city would have to be done. The definition of a registration model, whereas users could register once to the city and then access the city and services (with different access levels possible) could be envisaged. This would be similar to the once-only principle, which aims at ensuring citizens and organisations only provide certain information to the public administration once, which can then be re-used and exchanged, all with the consent of the user (see, for instance, the EU Single Digital Gateway Regulation, which also addresses this principle).

Yet, assessment of possible legal limitations should be carefully done: for instance, in the EU, there are limitations arising from the proposed Digital Markets Act, which require core platforms that qualify as “gatekeepers” to refrain from requiring business users to use, offer or interoperate with an identification service of such platform.

Digital identity mechanisms issued by the government could also be used, thus further facilitating access: see, for instance, the EU Proposal for a Regulation amending eIDAS Regulation as regards establishing a framework for a European Digital Identity, which provides for EU digital identity wallets that can be used for identification in online services.

In all cases, the determination of the data controllers, the data processors, the conditions for sharing of data, the locations of data storage, among others, would have to be carefully addressed given the different stakeholders of a metaverse city: the “governors” of the city, the providers of the public services, the private entities providing services and marketplaces, other meta-users in general and, also, the providers of the infrastructure and underlying software. In this last case, the possibility that meta-cities can communicate with each other may also raise challenges for sharing the data (including the avatars) through different virtual cities.

All these legal challenges arise not only with relation to the process for “accessing” the metaverse city. Indeed, one of the main relevant aspects when it comes to users and their data relates with motion-tracking of the meta-citizens through VR and AR devices. These wearable devices will collect biometric data and determine the movements of people, from where they are looking to their gestures and reactions, providing a gargantuan amount of information that needs further to be processed in compliance with applicable law – including, once again, when it comes to data controllers and processors (e.g., the devices manufacturer, the city “governor”, others), and the lawful collection, storage, usage, sharing and international transfer of such data.

How to ensure a seamless metaverse experience whilst complying with very demanding data protection obligations (such as the ones arising from the EU General Data Protection Regulation or even from the proposed EU Digital Markets Act) raises clear difficulties that will have to be further addressed.

Sharing of data among different meta-cities may also trigger the application of specific provisions relating to data sharing, such as the ones established in the proposed EU Data Governance Act and the proposed Data Act.

Meta-estate and housing

A second aspect when it comes to meta-cities relates with virtual property and housing.

To the extent the virtual property / housing does not have a physical-city parallel, the legal issue at stake relates with determining which type of “property” is involved. Because no physical real estate / immovable assets exist, the traditional concept of property does not apply. However, a concept of ownership alike intellectual property is increasingly applied through the use of DLT / blockchain, where “ownership” of digital items / tokens is proven through certificates of ownership. As non-fungible tokens (NFT), virtual property / housing can thus be “owned” and sold (or, more correctly, licensed), whilst their double-ownership or sale is thus avoided.

Differently, to the extent the virtual property / housing is a digital twin of physical real-estate, the main issue relates with assessing whether ownership and sale of the token proves or effects the ownership and sale of the underlying asset. In jurisdictions where sale of real estate requires public deed and ownership needs to be registered in central registries, it seems that such a possibility would only be feasible if public deeds could be digital and central registries would also be digitised in the DLT / blockchain / platform of the meta-city. Not an impossible future, but one that would require legal changes in many jurisdictions. In any case, it seems that a more formal ownership and sale process would still be required (even if in digital format) and that the simpler approach of owning and selling NFTs (through a meeting of wills – offer and acceptance – and payment) would not be enough.

Two other points would also have to be assessed when it comes to property/ housing in the meta-city. On the one hand, the creation and sale of “virtual estate” could require compliance with legal provisions on issuance of crypto-assets (in the EU, to be addressed in the future Regulation on Markets in Crypto-assets – MiCA). On the other hand, the tokenisation of real estate by a city government for the creation of a meta-twin city could potentially also raise issues connected with private property and privacy rights, notably with assessing what arrangements would be required for a city to tokenise building / houses / estate belonging to third-parties. 

Meta-city administration and public services

A third aspect when it comes to meta-cities relates with public services.

Above a distinction was already made between the public services of the meta-single cities and those of the meta-twin cities: whilst those aim to serve the meta-city, these aim to serve the physical city. Some services may exist in both types of cities, such as education, healthcare, information, culture – but, whilst in the meta-single city, these services have no parallel in a specific city (i.e., they are not the virtualisation of a specific city public service), in the meta-twin city they are (e.g., virtualisation of a public school, a public hospital, a public museum or library). Other services only seem to make sense in meta-twin cities, such as civil protection, waste management or water supply.

A central topic in this matter relates with the general administration and management of the city, including when it comes to police and dispute resolution.

In our concept of meta-twin cities, the management of the virtual city is most likely undertaken by the local government itself, replicating the rules applicable in the physical city and its public services and, where necessary, adding new rules to reflect the specific virtual nature of the city.

The process for approval of such new rules, and their legal nature, may also have to be assessed, notably the extent to which they can or should be considered an administrative rule from the city council – now applied to the meta-city – or only “terms of service” with a private contractual nature.

With relation to the police and court system in the meta-twin city, these replicate the ones of the physical city, with users being able to contact police through city virtual means and solve disputes through the now virtualised courts. It is likely, however, that these possibilities require also changes in applicable law and regulations, as well as coordination with relevant authorities especially if the virtualised police includes national-police (and not only city-police) and given that courts are managed at national level.

Another important topic relates with the scope of competence of such virtualised police and courts: in principle, as a mere virtualisation of traditional police and courts, they would be competent to address all issues giving rise to civil, administrative and criminal liability (as applicable). This competence would (or could) exist not only for “real-life problems” but also for issues arising only in the metaverse, to the extent the underlying behaviours were already reflected in law – which is, of course, a growing concern and trend as seen, for instance, through the criminalisation of many cyber-behaviours –, or reflected in city regulations or through “terms of service”.

In the meta-single city, differently, management is done through the governance models adopted (as above mentioned), which most likely would be expressed through contractual terms of service (especially in the case of cities by private stakeholders / communities). The police would most likely be essentially moderation / oversight tools and the court system would be nothing else that internal dispute resolution mechanisms (both can of course also exist in meta-twin cities), aimed to ensure compliance with the city rules and solving metaverse disputes. Hence, it would be similar to what already exists for digital and online services, through naturally the complexity and scope of issues that could arise would be broader. Once again, resort to “actual” police and courts would remain possible according to the national and city-wide legal and regulatory provisions (e.g., a dispute in the acquisition of an NFT).

“Police” / moderation of the meta-city, as well as dispute resolution, may also raise a new set of legal challenges for the virtual moderators and dispute resolution mechanisms. This is the case, for instance, of the scope of such moderation / dispute resolution within the complex fabric of the meta-city and their actors – for example, whether moderation and dispute resolution mechanisms of the city extend to the contractual agreements between a token seller and acquirer, or not. The determination of the extension of such moderation and dispute resolution tools needs careful assessment, taking into consideration legal rules that apply, such as to online platforms (for instance, in the EU, the proposed Digital Services Act) and consumer protection, as well as risks of liability arising from moderation and dispute resolution services including when it comes to free speech. Tackling of misinformation is one of the points that will probably require a close watch once meta-cities become also hubs for their dissemination, including through targeted advertising and propaganda relying on personal data.

Additionally, collection of evidence for investigation and dispute resolution purposes in the meta-city will most probably intensify the need to ensure appropriate e-forensics to collect and preserve evidence (see, in this respect, for instance, the proposed EU Directive on e-evidence – laying down harmonised rules on the appointment of the legal representatives for the purpose of gathering evidence in criminal proceedings; and the proposed Regulation on e-evidence – on European Production and Preservation Orders for electronic evidence in criminal matters).  

Meta-city digital economy

Finally, the provision of digital /virtual assets from private actors is another central aspect of a meta-city. Most relevant is the creation and provision of crypto-assets / tokens, which once again raise issues relating to ownership and transfer as seen above when dealing with “virtual estate”.

But, in addition, other legal topics need to be taken into consideration, for instance: the virtualisation of shops of the “physical” cities through arrangements with the respective owners; the requirements and rules allowing a company to set-up and create its services in the meta-city; the terms and conditions for the provision of the virtual assets; the potential liability of the city governance structure / the online platform for the private businesses available in the meta-city. Current provisions on digital platforms (such as, in the EU, the Platform to Business Regulation; the e-Commerce Directive, to be partially replaced by the future Digital Services Act; and the proposed Digital Markets Act), on consumer protection (for instance, Directive 2019/770 on certain aspects concerning contracts for the supply of digital content and digital services) and on liability may once again apply, but assessment of whether revisiting them is required to ensure better applicability to meta-cities may be required.

Acquisition of assets in the meta-city may be done through currency with legal tender or crypto-currency. Definition of the applicable rules shall also be done by the city governance structure, whilst issuance and trading of crypto-currency (as well as issuance and operation of crypto-wallets and exchanges) must also take into consideration applicable legal provisions (such as the future MiCA and money laundering provisions, notably the proposed 6th Anti-Money Laundering Directive, the proposed AML Regulation and the proposed Regulation on information accompanying transfers of funds and certain crypto-assets, which aims to recast Regulation 2015/847 expanding traceability requirements to crypto-assets).

Likewise, the use of smart contracts to automate functions and activities in the meta-city, and especially of smart legal contracts, will have to also take into account legal provisions applicable to contracts, including to electronic contracts, contracts concluded by automated means and contracts executed by automated means.

Other relevant legal issues for meta-cities

In meta-cities, intellectual property issues need also to be carefully addressed on all layers of the metaverse, from the underlying platforms and software on which the meta-cities are built, to the different resources, assets and elements of the city (including the avatars and potential issues that may arise with image rights, for example of celebrities). Indeed, it is essential to ensure that what is owned by whom (and what is licensed to whom) is crystal clear, a situation that may become difficult in cases of decentralised collaborative processes by avatars. To the extent IP is created by artificial intelligence, applicable rules need also to be assessed to determine who (if any) is the holder of such IP. And, to the extent meta-cities are interoperable, IP needs also to be looked at to prevent it from hindering interaction among different cities and their users.

Another central topic is of course cybersecurity. Specific rules on cybersecurity may need to be complied with by several actors within the meta-city (e.g., cloud computing and data centre service providers under the proposed Cybersecurity Directive – NIS 2 Directive), whilst the digitisation of public and private services (e.g., electricity and gas supply, healthcare, financial services) may raise new cyber-challenges that their providers need to take into consideration in the compliance of their legal obligations (including, specifically for the financial sector, the EU proposed Regulation on digital operational resilience – DORA). Meta-cities may also trigger new risks for critical infrastructures or entities (for instance, under the EU proposed Directive on the resilience of critical entities – CER Directive), even more relevant if virtual environments connect with physical systems, and information about facilities and plants is placed in the metaverse as digital twins of infrastructures and buildings.

Administration of the meta-city and provision of services resorting to AI will also require careful legal analysis to ensure compliance with AI legal obligations, such as the ones arising from the proposed EU AI Act. In this case, and for instance, in addition to prohibited practices (e.g., subliminal techniques) and high-risk AI systems (e.g., AI systems intended to be used for the ‘real-time’ and ‘post’ remote biometric identification of natural persons), even limited risk AI (systems intended to interact with humans, emotion recognition systems, biometric categorisation systems, systems used to generate deep fakes) will be subject to legal requirements, namely transparency obligations. 

And antitrust issues may also arise once certain (interoperable) meta-single cities become (cooperative) central hubs for services and information – which may also trigger application of legal provisions applicable to large and core platforms (for instance, in the EU, under the proposed Digital Services Act and the proposed Digital Markets Act) –, or major companies cooperate and centralise the development of metaverse infrastructure, or cooperate to provide services in the meta-city(ies), thus restricting competition.

A final aspect relates with the application of national laws to a meta-city: meta-cities are virtual, with no actual territorial borders, whilst most laws apply on the basis of territorial jurisdiction (laws apply within the territorial borders of a state) and/or personal jurisdiction (laws apply to nationals, or to foreigners for acts impacting or committed against nationals). Though the rules applicable to the meta-city may determine the applicable national jurisdiction (which, in meta-twin cities, would naturally be the jurisdiction applicable to the physical counterpart), laws often have their own personal and territorial scopes of application, and many laws contain rules the application of which is mandatory (e.g., for consumer protection). Hence, as it stands nowadays, different activities and services in a meta-city could potentially require assessing the (several) national laws that could apply taking into consideration the activity at stake and the stakeholders involved.

III. The way forward

The successful set-up and operation of a meta-city requires taking into consideration the complex web of relations – and the required underlying arrangements – among several stakeholders (hardware and software developers, suppliers and managers, city governors, meta-citizens, agencies and services, both public and private), as well as the complex patchwork of laws, regulations and contractual terms governing and applying to the meta-city and its different elements.

Revisiting current laws and regulations, or at least developing clarifications and guidelines, may be warranted to ensure their sensible application to meta-cities and for avoiding legal fragmentation in a single virtual environment. In the meanwhile, however, meta-cities shall be developed and managed in a legal compliant manner, with all the challenges and difficulties arising from laws not thought of for the metaverse. Further analyses and studies are thus required to delve deeper in the topics briefly mentioned in this article, and to further explore the necessity of revisiting or developing clarifications and guidelines for the meta-world.

Picture of Helena Correia Mendonça

Helena Correia Mendonça

Consultora Principal | Vieira de Almeida
The Insights published herein reproduce the work carried out for this purpose by the author and therefore maintain the original language in which they were written. The opinions expressed within the article are solely the author’s and do not reflect in any way the opinions and beliefs of WhatNext.Law or of its affiliates. See our Terms of Use for more information.

Leave a Comment

We'd love to hear from you

We’re open to new ideas and suggestions. If you have an idea that you’d like to share with us, use the button bellow.