The Information Commissioner’s Office will investigate the privacy implications of Worldcoin, a crypto project that requires users to scan their irises to get a digital ID and free tokens.
About Worldcoin
Worldcoin is a cryptocurrency project founded by Sam Altman, the CEO of OpenAI, a research organization that aims to create artificial general intelligence (AGI).
The project’s core offering is its World ID, which the company describes as a “digital passport” to prove that its holder is a real human, not an AI bot.
To get a World ID, a user signs up to do an in-person iris scan using Worldcoin’s ‘orb,’ a silver ball approximately the size of a bowling ball.
Once the orb’s iris scan verifies the person is a real human, it creates a World ID and rewards the user with Worldcoin’s cryptocurrency token WLD.
The risks of Iris Scans
Worldcoin claims that World IDs will be necessary in the age of generative AI chatbots like ChatGPT, which produce remarkably humanlike language.
World IDs could be used to tell the difference between real people and AI bots online. Altman also believes that World IDs could enable new use cases and opportunities for financial inclusion.
One of them is universal basic income (UBI), a social benefits program where every individual is eligible to receive payments.
Since only real people can have World IDs, it could reduce fraud when deploying UBI.
However, Worldcoin’s iris scanning process has raised privacy and security concerns among some users and experts.
Some have questioned whether the company can protect the biometric data it collects from hackers or misuse.
Others have wondered whether the company can comply with the data protection laws and regulations in different countries and regions, particularly in Europe, where the General Data Protection Regulation (GDPR) applies.
The UK data watchdog’s investigation
The UK data watchdog, the Information Commissioner’s Office (ICO), announced on Tuesday that it would examine Worldcoin, according to CoinDesk.
“Organizations need to have a clear lawful basis to process personal data. Where they are relying on consent, this needs to be freely given and capable of being withdrawn without detriment.”
The ICO
A spokesperson for Worldcoin said that the company adheres to strict privacy guidelines and “is continuing to assess local laws and regulations to ensure compliance.”
The spokesperson also stated that
“with regard to GDPR, Worldcoin is fully compliant with all laws and regulations governing biometric data collection and data transfer, including Europe’s General Data Protection Regulation.”
