European Regulator Demands Worldcoin Delete Iris Codes
European Regulator Demands Worldcoin Delete Iris Codes; Company Responds Forcefully
The controversy surrounding Worldcoin has intensified as the Bavarian Data Protection Authority (BayLDA) has demanded the deletion of iris codes used for user verification. In response, Worldcoin has claimed that iris codes are no longer stored and that previously collected data was “voluntarily deleted” in May 2024.
Transition to New Technology
Worldcoin attributes this change to the adoption of Advanced Modular Privacy Control (AMPC), a technology that ensures iris codes are no longer retained. The company now relies on anonymized data to enable its World ID system, emphasizing that these changes make the system operate anonymously.
When questioned about why this approach wasn’t implemented earlier, Worldcoin pointed to technological advancements achieved over the past year. They argued that BayLDA’s findings primarily focus on outdated processes that have since been replaced.
A Call for Clearer Anonymization Standards
In its defense, the World Foundation urged the European Union to establish a standardized definition of “anonymization” to address the challenges of data protection in the AI era. The organization criticized the GDPR, claiming it falls short in providing robust privacy protections for individuals.
Ongoing Regulatory Scrutiny
While Worldcoin asserts compliance with some regulatory requirements, the company plans to appeal BayLDA’s decision. The investigation has also highlighted concerns over inadequate measures for processing minors’ data, which could lead to further inquiries. Non-compliance with EU privacy regulations often results in hefty fines, as seen in recent cases involving Meta and Amazon.
Worldcoin’s Legal Battles in Europe
Worldcoin’s entry into the European Union in July 2023 sparked immediate regulatory scrutiny. In March 2024, Spain’s Data Protection Agency (AEPD) flagged potential GDPR violations, leading to a temporary suspension of data collection and processing. Worldcoin’s appeal of this decision to Spain’s National Court was unsuccessful. Meanwhile, AEPD and BayLDA worked collaboratively under Article 60 of the GDPR, with their joint efforts culminating in BayLDA’s resolution.
This latest ruling supports AEPD’s initial cautionary measures. With Worldcoin’s European headquarters in Bavaria, the legal battle between the company and regulators is far from over, leaving its future operations in the region uncertain.
