Futurist Ray Kurzweil has predicted that by the 2030s the majority of us will be spending most of our time in virtual reality. While this may be somewhat hyperbolic, the VR market is undoubtedly growing at a considerable rate – by 2020 it is expected to be worth $14.5billion, eight times what it was worth only two years ago. A new technological landscape is emerging, and it comes with new legal issues.

Tell any lawyer that a product you are using is causing headaches, disorientation and dizziness, and the majority will reach for their product liability toolkit. Using virtual reality (VR) headsets is known to cause all of these symptoms, as the realistic computer-generated surroundings place a strain on the human visual system. While the symptoms are well-documented, the technology is too new for the long-term consequences of such side-effects to be known. Technology-producing businesses are put under commercial pressure to release their products ahead of their competitors, which, in extreme circumstances, could potentially lead to inadequate assessment of the risks the products present to the public. Furthermore, the practicalities of VR headsets can generate their own set of risks. By their very nature, headsets must cover the eyes and ears of the user in order for the VR experience to give full sensory immersion. This design puts the user in a particularly vulnerable position, as they are intentionally deprived of sensory data.

It is an open secret that the personal data we put online is a valuable commodity, used for targeted advertising. Many companies know personal details such as consumers' location. But knowing how you react to situations? What your eyes dart to and what you ignore? That would be uniquely intrusive. VR involves the user giving considerable amounts of personal data, far beyond what social media has the capacity to collect. The system could even monitor your health through tracking movement and reaction times. For many companies, the chance to learn their customers' behaviour patterns would be invaluable. As these new, more complex privacy and data collection issues develop, legislators will have to take steps to ensure that the law can keep pace.

It is easy to demand legislation which covers the risks of VR but, taking a step back, what laws would apply to the virtual world that users enter? Every place has its own laws, are virtual places any different? Of course, VR users are operating in real-world jurisdictions. Would that mean that each user must abide by the laws of its own country? In the virtual world, this means that each user could be abiding by different laws. While this problem may seem largely academic, these issues are arising in reality; for instance, in the Netherlands, two people were found guilty of theft after forcing another player to access his RuneScape account and hand over some of his virtual items. While some may see the virtual items as merely a collection of pixels, there is often real money and time spent on acquiring the items. That isn't virtual, nor is the victim's sense of being robbed. But the ruling would not necessarily be the same if the question was heard by a court in a different country. Would some players be able to 'steal', while others are unable to get away with that behaviour? All this remains to be decided.

So do we have all the answers for the legal questions which will inevitably arise? Are we at least aware of all the issues which might present themselves? Unsatisfyingly, the answer is “not yet”. The law can be a slow-moving instrument at times and this may cause difficulties when technology advances rapidly – the rise of cyber-crime demonstrates this delay. In the next few years, it is likely that we will see improvements in VR software, hardware and content, and with it more widespread use of VR technology. We must move quickly now to lay down a legal framework for VR to exist in, before the use of VR becomes a day-to-day reality.