chevron-down Created with Sketch Beta.

Law Practice Magazine

The Big Ideas Issue

New Dimensions: Preparing for the Spatial Computing Era

Melissa Heidrick

Summary

  • Spatial computing is revolutionizing how clients conduct business, necessitating updates in privacy and information governance protocols.
  • Attorneys must proactively address the legal implications of this emerging tech, including concerns regarding security, biometric data and the complexities of e-discovery.
  • Attorneys must embrace these advancements with diligent curiosity to enhance competency, client service and practice efficiency.
New Dimensions: Preparing for the Spatial Computing Era
iStock.com/DragonImages

Jump to:

Spatial computing technology is evolving at hyper speed. Rapid advancements in generative artificial intelligence (Gen AI) are driving development, and with the increasing availability of sleek wearables and powerful spatial apps, it should come as no surprise that organizations are quickly integrating virtual reality tools into their business workflows.

Forward-thinking attorneys find ourselves wondering how these tools will affect our clients and their interests. What do we need to be on the lookout for, and how will problems manifest? When it comes to privacy, security, information governance and e-discovery frameworks, what updates should we be making now?

By exploring spatial computing technology with an eye toward spotting and mitigating risks, attorneys can help their clients implement processes that support early adoption, while also balancing the need for protection from unforeseen risks.

What Is Spatial Computing?

Spatial computing technologies enable users to interact with virtual elements through their physical space. They accomplish this by leveraging sensors, cameras, optics and advanced algorithms to perceive and understand a user’s environment. This understanding allows digital objects to coexist with a user’s physical space. Integrating physical space into computing environments creates massive opportunities for innovation, opening the door for technologies previously confined to pages of science fiction.

In virtual communities, the terms “VR” and “spatial computing” are used somewhat interchangeably right now––with spatial computing serving as the fancy new tech term. To introduce even more lexical fuzziness, there are several other flavors and terms of which to be aware.

  • Extended reality (XR) is an umbrella term used to refer to virtual, augmented and mixed reality technologies.
  • Virtual reality (VR) applications tend to immerse users completely in digital environments.
  • Augmented reality (AR) systems overlay digital information onto a twin of the physical world.
  • Mixed reality (MR) tools merge real and virtual worlds to produce new environments where physical and digital objects can interact in real time.

How Does It Work?

Spatial computing tools capture data about the physical environment, such as dimensions, distances and interactions between objects. Devices like VR headsets process this data and render 3D imagery that appears to interact seamlessly with the real world. Beyond mere visualization, these tools make it possible for users to manipulate virtual objects and control applications with their eyes, hand gestures and body movements, making computing both interactive and immersive. Movements are interpreted as input commands, turning physical space into a digital interface.

The implications are astounding, with the potential to affect nearly every industry. Today, these tools are being used in ways both effective and inspiring. In health care, there are therapeutic uses for patients with impaired mobility, and even surgical professionals are getting in on the action; using headsets to access critical information, hands-free, from within a sterile field.

From drastic leaps forward in gaming and entertainment to 3D modeling capabilities in architectural design, this technology will meet a bevy of complex needs. And, with a significant volume of the workforce working either remotely or in a hybrid role, there is a need for remote meeting tools that feel more like real world interactions. Enterprise-oriented productivity and meeting tools are entering the VR market to meet this need, and we should anticipate rapid corporate adoption. As tools and applications continue evolving, we may be challenged to predict how business practices will shift.

Protecting Data Privacy

Spatial computing devices are specifically designed to capture a user’s actions, behaviors, appearance and biometric markers. They access, manipulate and may store this sensitive personal data to use for other purposes. In addition to capturing a user’s data, the tools create unique user footprints that can contain complex profiles and more personal information. This makes data privacy considerations exceedingly important.

Headsets use facial recognition and iris scanning technology for identification and vision-based navigation. Using biometric data in this fashion highlights the need for careful planning and protection. A thorough review and assessment of privacy policies and data handling practices should be undertaken before spatial computing devices and software applications are considered for business use. If you find that clients have already adopted VR tools without taking this into consideration, it’s critical to undertake privacy and security assessments as quickly as possible.

Different tools will have different ways of handling, processing and storing data, which means that data privacy vulnerabilities must be assessed individually for hardware tools and software applications. It’s time to ask important data privacy questions including whether any of our data is being collected and stored, which data is being targeted, where it is being stored and for how long. Additionally we must understand and document who has access and how the data is being used.

These questions may become even more important when assessing compliance with privacy regulations, such as the General Data Protection Regulation (GDPR) in Europe or the California Consumer Privacy Act (CCPA), which require robust data protection measures and grant individuals substantial control over their personal information.

After careful vetting to determine which tools are suitable, organizations must design and implement updated security, information governance and device management policies to accompany them. Data maps and information technology (IT) infrastructure documentation will need to be updated, and new language added to information governance policies should specifically contemplate and address spatial concerns. Privacy by design principles should be followed, incorporating strong encryption methods, access controls and anonymization techniques.

Employee awareness and training surrounding how these new technologies will be integrated into existing security policies is important for responsible adoption and ongoing security.

Biometrics Regulations

The integration of facial recognition, iris scans, gait analysis and other biometrics into spatial systems presents a critical point of focus for privacy regulations. A growing number of U.S. states have adopted regulatory frameworks for biometric privacy, including Texas, Illinois, Washington and California. Interestingly, only the Illinois Biometric Information Privacy Act (BIPA) provides consumers with a private right of action. BIPA imposes stringent consent and data handling requirements on businesses that collect biometric data.

At the federal level, the newly proposed American Privacy Rights Act (APRA) seeks to establish a more unified regulatory framework across the United States. This Act builds on previous legislative efforts, like the National Biometric Privacy Act of 2020, and introduces guidelines for the handling of sensitive biometric data. APRA mandates that entities managing biometric information must not only secure affirmative express consent for collecting, retaining or sharing this data but also adhere to strict data minimization and transparency guidelines to protect individuals’ privacy.

To comply with these evolving standards, spatial computing tools and services must be equipped with clear and comprehensive data privacy policies that address the nuances of managing biometric data within spatial computing environments. We must consider a variety of factors.

Consent and transparency. Clearly informing organizations and individual users about what biometric data will be collected, how it will be used and with whom it will be shared is fundamental. Explicit consent should be obtained in a manner that complies with local and international laws.

Data minimization. Data collection should be limited to only the biometric data that is necessary for the intended purpose, keeping it no longer than necessary.

Security measures. Stable and effective security protocols must be implemented to protect biometric data from unauthorized access and data breaches. This includes encryption, secure storage solutions and regular audits of security practices and retention schedules.

Information Governance

Attorneys should encourage clients to proactively update data maps and IT infrastructure documentation. This involves detailing where an organization’s spatial data resides, how it is stored and for how long.

Depending on an organization’s compliance obligations, device management policies may be needed for headsets and other devices. Understanding and documenting the flow of data from these devices into company systems is critical, and IT infrastructure should be thoroughly assessed to assess the costs and capability to secure and store spatial data.

Extended retention of large spatial datasets may prove impractical and potentially risky, making retention schedules a must. Legal teams will need to work with clients to establish retention periods that balance operational needs with compliance and risk management, ensuring that data is kept only as long as it serves a legal or business purpose. As always, defensible deletion practices must be transparent, consistently applied and well-documented, to withstand legal scrutiny.

By acting as counselors in this area, legal teams can help ensure that policies for data capture, storage, use and deletion support business use of spatial technologies while safeguarding individual privacy and organizational integrity.

e-discovery Challenges

Spatial computing presents complex implications for litigation readiness and e-discovery. These applications generate vast amounts of diverse data, including 3D models, user interactions and biometric identifiers, all of which could potentially be relevant in litigation or regulatory investigations. This proliferation of new data types results in unique challenges for e-discovery, from scoping and collection to review and production.

Identification

The first challenge lies in recognizing and understanding new data types and sources. This includes data from AR headsets, VR equipment, mobile devices integrated with spatial computing applications and cloud storage solutions that synchronize with these devices. Legal teams must increase their awareness of these sources and update custodian surveys to appropriately identify and define the scope of data needed for potential litigation purposes.

Preservation

Preservation strategies must expand to meet the demands of spatial computing, with expectations shifting to include devices such as headsets, mobile and cloud environments used by custodians. Legal teams should be prepared to discuss and advocate for necessary preservation measures related to spatial computing data at 26(f) pretrial conferences.

Given the dynamic and often ephemeral nature of spatial data, preservation may need to be accomplished through immediate collection rather than preserving in place. And IT interview specifications and custodian questionnaires should be updated to capture information about the use and management of spatial computing technologies.

Collection

When spatial computing data is involved in a matter, legal teams should prepare for a broadened scope of collection. It is imperative to engage experts who can clearly define parameters for the export, processing and transfer of spatial data, including how to handle large datasets. Spatial metadata is critical for understanding the context and authenticity of spatial interactions, and special care must be taken that it is included in the scope of collection.

If forensic collection of such data is necessary, this will present a significant challenge. Currently, there are no established forensic standards for collecting spatial data, and this lack has the potential to affect data’s integrity, authenticity, admissibility and even its weight in legal proceedings. Developing a standard methodology for forensic collection of spatial data may prove to be a pressing need for litigators with tight time limitations. Legal and technical experts will be developing these methodologies in real time, as they are needed in live matters. And until reliable forensic standards have settled into place, legal teams must be particularly cautious in their collection methodologies.

Review and Analysis

Interpreting spatial data in a legal context can be challenging because it includes dimensions of depth, interaction dynamics and a temporal sequence. Spatial metadata can reference the location of virtual objects, the timing of interactions and physical environment settings, all of which play a part in reconstructing events or actions within the virtual space.

Understanding and analyzing these elements requires technical expertise and an understanding of the virtual environment from which the data was generated. To add to these challenges, traditional e-discovery platforms may need significant updates to render such data in a way that is reviewable for attorneys.

To cope with these challenges, legal teams can focus on advanced e-discovery strategies such as Early Data Assessment and advanced metadata review to manage and make sense of vast amounts of spatial data efficiently. Given the potentially immense scope, it's crucial to balance the need for comprehensive production with the necessity to limit discovery to what is reasonably manageable and relevant to the case. If there is a need to review certain spatial data natively for full context, preparing this review plan is sure to uncover a variety of new and exciting issues regarding planning, staffing and review workflow design.

Production and Presentation

These datasets are large, complex and rich in detail and context that may be difficult to interpret with existing tools. Production formats will need to be discussed and expectations set. Electronically shared information protocols should be carefully updated to address spatial concerns in a way that is both flexible and broad. Special care must be taken to avoid agreeing to production formats that are technically impossible to comply with, and production formats may need to evolve right alongside the rapidly developing technology.

The presentation of spatial data to judges and juries may prove crucial. To make presentation impactful, it may be necessary to explore new visual aids and interactive technologies that can illustrate the spatial dynamics involved.

Looking Forward

While it’s impossible to predict exactly how this market will play out, VR users can’t shake the feeling that we are standing at the brink of change. And for legal professionals, this may be a pivotal moment. Europe is already leading the way, commanding about one-third of the global XR market. The convergence of chip and semiconductor advancements, edge computing and extended reality (XR) technologies is driving adoption, offering increased data rates, expanded user capacity and significantly reduced latency. These developments have the potential to broaden adoption, propelling us all toward a future where virtual and augmented realities are commonplace.

And I predict that it won’t be long before attorneys are harnessing these tools in innovative ways: from utilizing 3D models and immersive demonstratives in the courtroom to enhancing communications through VR platforms like Microsoft Mesh, Teams, Zoom and FaceTime. These tools not only allow lawyers to meet clients where they are but also offer new dimensions of engagement that people are craving in the post-pandemic era of remote work.

But there is also reason for caution. The rich data produced by spatial computing is a treasure trove for threat actors, posing significant security risks. Legal challenges abound—from navigating law enforcement issues related to virtual evidence to tackling product liability concerns related to largely untested XR devices. Furthermore, there are ethical and accessibility considerations involved in requiring employees to use such immersive technologies.

So yes, maybe it’s all kind of scary—after all, as attorneys we tend to be rather risk averse. But, if we approach spatial computing with diligent curiosity and a commitment to understanding its implications, the potential to enhance client support and the practice of law is immense. We could enable more effective training, collaboration and client service. So, we need to engage with this tech early and often to keep up with changes. By learning its capabilities and confronting its challenges, the legal profession can aim to guide clients through the inevitable risks and complexities.

The era of spatial computing is not on the horizon—it’s here. As legal professionals, our ability to adapt and embrace change will benefit our practices, but it will also benefit the clients we serve. I encourage you to move forward with a proactive stance, think about how you can leverage the full potential of these technologies. If we establish the legal industry as expert counselors in this area, we can help shape a future that reflects innovative outlooks and our highest legal and ethical standards.

I’ve been working intensively in this area for some time. And I recently had the good fortune to collaborate with three of my favorite brilliant colleagues to develop a CLE on the topic. That collaboration helped bring depth and a more faceted perspective to this piece. So, thank you, Danny Thankachan, Jerry Bui and Renji Bijoy—I’m exceedingly grateful that we had the opportunity to consider these issues together.

    Author