According to the Worldcoin team, the project was fully compliant with European data rules and was supervised by the Bavarian State Office for Data Protection Supervision.
Last week, OpenAI CEO Sam Altman announced the launch of Worldcoin (WLD) – a crypto project that aims to establish universal access to the global economy regardless of country or background. Following the release, a few countries have raised concerns about the data collection methods employed by Worldcoin. Among them are Germany, France, and Spain. Moreover, it has turned out that back in November 2022, the German regulator – The Bavarian State Office for Data Protection Supervision – initiated an investigation into Worldcoin.
To understand why the project is facing scrutiny, let’s first dive into its principles of functioning.
How Does Worldcoin Work?
Designed to become the world’s largest human identity and financial network, Worldcoin revolves around World ID, a privacy-preserving global identity network. Using World ID, individuals will be able to prove that they are a real, unique human to any platform that integrates with the protocol.
First, users have to download the World App. Next, signing up for World ID begins. To sign up for World ID, users must verify their unique personhood at an Orb – a biometric imaging device that confirms an individual’s unique personhood. And here is a trick: not everyone is willing to have their eyes scanned to get registered.
Similar to fingerprints, every person’s iris pattern is different. The Orb scans a user’s iris and uses its structure to create a unique identification code called an IrisCode. Rather than being associated with a user’s personal information, the code exists solely to prevent people from acquiring more than one World ID.
Once unique personhood is verified, users can explore their World ID options within the World App, learn more about digital currencies, and even receive free airdrops of Bitcoin (BTC), Ethereum (ETH), and more.
Criticism of the Worldcoin Project
According to the Worldcoin team, the project was fully compliant with European data rules and was supervised by the Bavarian State Office for Data Protection Supervision. Now, seems that Worldcoin is unaware of the ongoing investigation by the German regulator.
As the Bavarian State Office for Data Protection Supervision has explained, processing of sensitive biometric data by Worldcoin is “questionable” and is leading to a potential risk for Worldcoin users. Despite being described as “privacy-preserving” on its website, Worldcoin’s methods of collecting data might lead to an increase in surveillance or targeted actions against specific demographic groups.
The Bavarian State Office for Data Protection Supervision President Michael Will said:
“These technologies are at first sight neither established nor well analyzed for the specific core purpose of the processing in the field of transferring financial information.”
The UK’s data watchdog, the Information Commission Office (ICO), has also scrutinized the project. In particular, the Office has started deep research on Worldcoin, explaining its move to privacy concerns.
ICO representative said:
“We note the launch of WorldCoin in the UK and will be making further enquiries. Organizations need to have a clear lawful basis to process personal data. Where they are relying on consent, this needs to be freely given and capable of being withdrawn without detriment.”
France’s privacy watchdog, CNIL, is also doubting Worldcoin’s legality over the use of biometric data for Worldcoin ID.