Suspended or investigated by many countries, can Worldcoin maintain a high growth rate? Can Worldcoin maintain its high growth rate despite being halted or investigated by multiple countries?
According to the official website, the number of World ID generated by Orb Iris Information Collector has exceeded 2.2 million, of which Orb business has expanded to more than 35 cities in over 20 countries worldwide. Especially after its issuance, the number of registered World ID has doubled.
But the rapid growth of World APP has also attracted the attention of government regulatory agencies around the world.
On August 2nd, Kenya, the country with the highest utilization rate of Orb in Africa, announced the suspension of further collection of iris information for the project. Kenya, as the first country to definitively halt Orb operations, is sounding the alarm for many countries. As of now, Germany, the UK, France, and other countries are also investigating Worldcoin:
1. Kenya government suspends Worldcoin-related activities;
2. German financial regulatory authority Bafin is investigating Worldcoin;
4. Reuters: UK data regulatory agency will further investigate Worldcoin.
Clearly, the collection of biometric data clashes with existing data protection regulations, and as a "decentralized" and borderless blockchain project, the data collected by Worldcoin is difficult to apply to the laws and regulations of a single region in terms of storage, ownership, circulation, and usage.
>To this end, Odaily has queried some relevant regulations adopted by major countries/regions:
1. Kenya: Kenya's definition of biometric technology is mainly based on its "Data Protection Act 2019" and "Identity Identification and Registration Act 2019" and other laws and regulations. According to these laws, individuals' biometric data is considered sensitive personal data and can only be collected and used with explicit consent and for lawful purposes.
2. European Union: The European Union restricts the collection and use of biometric data through the General Data Protection Regulation (GDPR). According to GDPR, individuals must give explicit consent for the collection and use of their biometric data and have the right to access, correct, delete, and limit access to their biometric data. In addition, GDPR also requires data processors to take appropriate technical and organizational measures to protect the security and privacy of biometric data.
3. United Kingdom: According to the UK's Data Protection Act 2018 and Human Rights Act, individuals' biometric data is considered sensitive data and is subject to special protection. When using biometric technology, applicable data protection principles and legal requirements must be complied with, including explicit consent, lawful purpose, and transparency.
4. China: China has enacted laws such as the Personal Information Protection Law and the Data Security Law to protect personal data privacy and data security, including biometric data.
5. Singapore: The Personal Data Protection Act of Singapore regulates the protection of biometric data. The law requires data processors to comply with specific data protection principles, such as explicit purpose limitation, reasonable use, and security protection.
Among them, the General Data Protection Regulation (GDPR) of the European Union has a higher legal effect.
It is also for this reason that Worldcoin stated in its disclosed Biometric Consent Form on its official website:
"We adhere to the GDPR principles regarding privacy matters. If the data privacy laws in your country do not meet the protection level of GDPR, we will still process your data in accordance with GDPR (protection specifications)."
Specifically, in Section 3.6 of the "Biometric Consent Form," Worldcoin provides detailed instructions on the guidelines followed and the mitigation measures taken for implicit risks when collecting and transferring data in different regions. In general, "we will not profit from users' biometric data through buying, selling, renting, or any other means."
We also discovered a detail in the "consent form" - although Worldcoin claims that the iris information collected by Orb will be deleted from the image while generating the World ID to ensure privacy protection, the relevant data is not only stored locally but also transferred to companies in the United States or European Union for model training. Worldcoin's risk control solution is to use one-way encryption to generate digital codes from the relevant data, without directly transferring the images.
From a technical perspective, in the article "What do I think about biometric proof of personhood?" by Vitalik, he mentions privacy and security issues related to iris collection:
1. Users' phones may be vulnerable to hacking, and users may be forced to scan their irises when displaying their public keys. There is also the possibility of creating "fake people" using 3D printing technology, which can scan irises and obtain other people's World IDs.
2. The iris scan registry may leak information and at least be used to check for World IDs, and iris scans may reveal more information. Privacy protection measures need to be considered when implementing such technology to prevent unauthorized access and protect user privacy.
On the positive side, Worldcoin, aiming to become the AI era's human identity card,has indeed attracted the attention of governments around the world with this radical approach. Perhaps this is an opportunity to force regions to discuss more common personal data protection standards. At the same time, from the perspective of the circle, Orb opens a new real traffic window for the Web3 world.
Conversely, at the practical level, it is not realistic for governments to allow a company to hold global identity data. The technical and moral single-point risks involved are extremely high. Moreover, Orb, as the basis for realizing universal basic income, has adopted a unified 25 WLD iris data purchase price for different regions in the real world, and will naturally encounter resistance from developed regions that value data sovereignty.
Related Readings
SharkTeam: Worldcoin Operational Data and Business Security Analysis
Can Worldcoin's Narrative Support Its Price, Which Is Equal to OpenAI's Valuation?
IOS
Android