Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
Worldcoin, a cryptocurrency-focused biometrics initiative co-founded by Sam Altman of OpenAI, has been determined to have breached European Union (EU) data protection laws, leading to data deletion orders from German authorities.
The Bavarian State Office for Data Protection Supervision (BayLDA) has implemented a corrective action against the organization, citing failure to comply with the General Data Protection Regulation (GDPR).
Worldcoin Confronts German Regulator Over GDPR Breaches: What Data Is Worldcoin Gathering?
Worldcoin, now referred to as World, generates digital identities through iris and facial recognition scans. These identities are intended to verify that users are human rather than artificial intelligence bots.
The technology is developed by Tools for Humanity, a company based in San Francisco. World’s devices, known as “Orbs,” scan users’ irises and produce unique identification codes.
Although Tools for Humanity, a San Francisco-based firm, created World’s technology, its European headquarters and manufacturing facilities are situated in Bavaria, Germany.
The BayLDA’s investigation into World, which lasted several months, concluded that its practices presented “fundamental data protection risks” to numerous individuals.
The authority determined that World’s previous identification methods did not comply with GDPR requirements and instructed the company to initiate a GDPR-compliant data deletion process.
Source: Bavarian State Office for Data Protection Supervision (BayLDA)
Michael Will, president of BayLDA, highlighted the importance of the ruling.
He stated:
“We are enforcing European fundamental rights standards in a technologically demanding and legally complex case.”
The regulator has mandated that World delete all data collected in accordance with GDPR. It also required that users must have the unrestricted right to request the deletion of their data.
World has contested the ruling and sought judicial clarification regarding its utilization of Privacy Enhancing Technologies (PETs). These technologies anonymize user data, which World asserts complies with EU legal standards.
Related Posts
A report indicated that Tools for Humanity’s chief privacy officer, Damien Kieran, defended the company’s practices, asserting that World had addressed previous issues by modifying its data management procedures.
Kieran noted that the company no longer retains personal iris data. Instead, it employs a cryptographic protocol that divides iris codes into three encrypted segments.
These segments are stored in distinct databases overseen by third parties, including universities in Berkeley, Zurich, and Erlangen-Nürnberg.
Kieran contended that data anonymization is crucial for identity verification while maintaining privacy.
“Without a clear definition around anonymisation, however, we lose perhaps our most powerful tool in the fight to protect privacy in the age of AI.”
Some Nations Have Prohibited World’s Technology Due to Ongoing Privacy Issues
The BayLDA’s investigation centered on the period when World stored iris codes in a centralized database. The authority deemed this practice non-compliant with GDPR.
World has since abandoned this method and erased all personal data associated with iris codes. The company stressed that the current system guarantees privacy through sophisticated cryptographic techniques.
World operates in multiple countries, including Germany, Japan, the US, and South Korea. It intends to further expand into Ireland, the UK, France, and Italy.
However, earlier this year, Spain and Portugal temporarily suspended the technology following concerns regarding data privacy.
World, previously known as Worldcoin, launched World Chain, an Ethereum layer-2 blockchain, on Oct. 17. The network caters to its 15 million verified users with a “World ID” obtained through iris scanning.
The rebranding includes a new Orb biometric device powered by Nvidia hardware, enhancing efficiency.
World also announced collaborations with applications such as FaceTime and Zoom to broaden identity verification options.
The post German Watchdog Orders Worldcoin to Delete Non-Compliant Data, Citing GDPR Violations appeared first on Cryptonews.
