German regulators are increasing pressure on Worldcoin
The Bavarian State Office for Data Protection Supervision (BayLDA) has instructed the company, now rebranded as "World", to ensure its practices follow European Union (EU) data privacy rules.
BayLDA’s investigation revealed that Worldcoin’s data practices do not fully comply with the General Data Protection Regulation (GDPR), the EU’s framework for protecting personal information.
Did you know?
Subscribe - We publish new crypto explainer videos every week!
What is Algorand? ALGO Coin Explained With Animations
The regulators have set a deadline of January 19 for Worldcoin to implement a process that allows users to delete their data in line with GDPR rules.
The Worldcoin system creates a “World ID” by scanning a user’s eyeball with a device called an Orb. This unique identifier is used to confirm that the person is real and not a bot.
However, the practice of collecting and storing this biometric data raised concerns. The regulators found that in earlier stages of the project, iris codes were stored in centralized databases without adequate safeguards, violating GDPR requirements.
BayLDA also pointed out risks tied to processing sensitive data like iris scans, even with the cryptographic protocols Worldcoin implemented.
Michael Will, President of BayLDA, stated:
All users who have provided “Worldcoin” with their iris data will in future have the unrestricted opportunity to enforce their right to erasure.
In response to the investigation, Worldcoin temporarily paused some of its operations in the EU and updated its systems to improve compliance. However, the regulators insist on more robust measures to ensure the data collection and processing align with GDPR.
As Sam Altman's Worldcoin grapples with data privacy challenges, a group of artists recently leaked OpenAI's Sora tool. What led to this daring action? Read the full story.